Add Runtime Intelligence source traceability smoke

README.ko.md

@@ -278,7 +278,9 @@ bash scripts/smoke_runtime_intelligence_chain.sh \
 또한 `optional_aiguard_source_traceability`가 있으면 Lab bundle gate가
 `read_only_optional_source_traceability` source artifact path와 AIGuard
 재생성 명령을 검증하되, EdgeEnv가 `guard_analysis`를 생성한다는 의미로
-해석하지 않습니다.
+해석하지 않습니다. 이어서 source traceability gate가 EdgeEnv mirror와
+AIGuard optional-present fixture가 같은 source artifact와 명령을 가리키는지
+확인합니다.
 EdgeEnv나 AIGuard가 Lab의 final deployment decision을 대체하지 않습니다.
 
 ## 현재 범위와 future work

README.md

@@ -581,7 +581,7 @@ bash scripts/smoke_runtime_intelligence_chain.sh \
   --output-dir reports/runtime_intelligence_chain
 ```
 
-The smoke gates the EdgeEnv handoff history fixture for preserved device-local Orchestrator `candidate_context.producer` lineage and checks that EdgeEnv-declared external AIGuard evidence requirements are satisfied by the bundled `guard_analysis`. It also carries a precomputed AIGuard handoff-alignment artifact so the EdgeEnv handoff summary and AIGuard producer-lineage raw context agree on the same `producer_lineage_guard_alignment_run_ids`. When the handoff declares `optional_aiguard_evidence_types`, the copied AIGuard alignment artifacts preserve them as `read_only_optional_guard_context` and exercise both missing-optional and present-optional paths without turning optional evidence into required evidence. When it also declares `optional_aiguard_source_traceability`, the bundle gate validates the `read_only_optional_source_traceability` source artifact path and AIGuard reproduction command without making EdgeEnv produce `guard_analysis`. This is an artifact integrity check only; EdgeEnv still owns comparability/regression evidence, AIGuard remains an optional deterministic evidence provider, and Lab still owns the deployment decision.
+The smoke gates the EdgeEnv handoff history fixture for preserved device-local Orchestrator `candidate_context.producer` lineage and checks that EdgeEnv-declared external AIGuard evidence requirements are satisfied by the bundled `guard_analysis`. It also carries a precomputed AIGuard handoff-alignment artifact so the EdgeEnv handoff summary and AIGuard producer-lineage raw context agree on the same `producer_lineage_guard_alignment_run_ids`. When the handoff declares `optional_aiguard_evidence_types`, the copied AIGuard alignment artifacts preserve them as `read_only_optional_guard_context` and exercise both missing-optional and present-optional paths without turning optional evidence into required evidence. When it also declares `optional_aiguard_source_traceability`, the bundle gate validates the `read_only_optional_source_traceability` source artifact path and AIGuard reproduction command without making EdgeEnv produce `guard_analysis`; the source traceability gate then checks that the EdgeEnv mirror and AIGuard optional-present fixture reference the same source artifact and command. This is an artifact integrity check only; EdgeEnv still owns comparability/regression evidence, AIGuard remains an optional deterministic evidence provider, and Lab still owns the deployment decision.
 
 The committed handoff smoke is documented in
 [docs/portfolio/edgeenv_runtime_regression_lab_handoff.md](docs/portfolio/edgeenv_runtime_regression_lab_handoff.md)

ci/gitlab/runtime-intelligence-artifacts.yml

@@ -121,6 +121,9 @@ inferedge:deployment-risk-gate:
       - "$INFEREDGE_REPORT_DIR/runtime_anomaly_gate_summary.md"
       - "$INFEREDGE_REPORT_DIR/aiguard_edgeenv_handoff_alignment.json"
       - "$INFEREDGE_REPORT_DIR/aiguard_edgeenv_handoff_alignment.md"
+      - "$INFEREDGE_REPORT_DIR/aiguard_edgeenv_handoff_alignment_optional_present.json"
+      - "$INFEREDGE_REPORT_DIR/aiguard_edgeenv_handoff_alignment_optional_present.md"
+      - "$INFEREDGE_REPORT_DIR/runtime_intelligence_source_traceability_summary.md"
       - "$INFEREDGE_REPORT_DIR/runtime_intelligence_bundle_manifest_gate_summary.md"
       - "$INFEREDGE_REPORT_DIR/portfolio_demo_check.json"
       - "$INFEREDGE_REPORT_DIR/portfolio_demo_check.md"

docs/ci/runtime_intelligence_gitlab_artifacts.md

@@ -63,6 +63,7 @@ Expected artifacts are intentionally file-based and local-first:
 - deterministic Runtime Intelligence summary Markdown / HTML with precomputed AIGuard runtime operation evidence
 - remote dispatch starter runtime event summary rows derived from precomputed AIGuard evidence
 - AIGuard EdgeEnv handoff alignment JSON / Markdown summary
+- Runtime Intelligence source traceability summary
 - Runtime Intelligence artifact gate summary
 - portfolio demo check JSON / Markdown
 - deployment risk summary JSON
@@ -248,6 +249,9 @@ The final CI summary also repeats `Validated Review Path`, the `review_path`
 marker, the readable fast-path marker, and the artifact gate summary reference
 marker, so reviewers can follow the same README -> Lab report -> gate-summary
 reading order from the deployment-risk artifact.
+It also repeats `Validated Source Traceability`, confirming that the EdgeEnv
+handoff mirror and AIGuard optional-present alignment fixture reference the
+same optional stale-drop source artifact and reproduction command.
 The same CI artifact gate also checks the copied
 `aiguard_edgeenv_handoff_alignment.json/.md` for Lab report marker context:
 `lab_expected_report_markers` must match the Lab-owned Runtime Intelligence

docs/portfolio/edgeenv_runtime_regression_lab_handoff.md

@@ -156,7 +156,9 @@ This second smoke uses committed lightweight artifacts to represent the cross-re
   validates the `read_only_optional_source_traceability` source artifact path
   and AIGuard reproduction command as read-only metadata. This links the
   EdgeEnv handoff to the AIGuard optional-present full-evidence fixture without
-  making EdgeEnv produce `guard_analysis`.
+  making EdgeEnv produce `guard_analysis`. The source traceability gate also
+  checks that the EdgeEnv mirror and AIGuard optional-present alignment fixture
+  reference the same source artifact and command.
 - `examples/runtime_intelligence_chain/runtime_telemetry_history.json` is the EdgeEnv producer-side telemetry history artifact referenced by the handoff manifest. It includes a missing-telemetry run as an evidence gap and preserves Orchestrator context on that entry without turning Orchestrator into a regression or deployment decision owner.
 - Orchestrator context is preserved inside the EdgeEnv regression artifact as `orchestrator_operation_context`.
 - AIGuard deterministic queue/thermal and task-event rollup evidence is passed as a precomputed `guard_analysis` artifact that mirrors the AIGuard producer-side diagnosis v1 evidence shape.

scripts/check_runtime_intelligence_ci_artifacts.py

@@ -17,6 +17,7 @@
 REQUIRED_SUMMARY_ARTIFACTS = {
     "aiguard_edgeenv_handoff_alignment.md",
     "aiguard_edgeenv_handoff_alignment_optional_present.md",
+    "runtime_intelligence_source_traceability_summary.md",
     "runtime_intelligence_bundle_manifest_gate_summary.md",
     "runtime_anomaly_gate_summary.md",
 }
@@ -163,6 +164,16 @@
     "aiguard_optional_present_reproduction_command: "
     f"{REQUIRED_AIGUARD_OPTIONAL_PRESENT_REPRODUCTION_COMMAND_MARKER}",
 )
+REQUIRED_SOURCE_TRACEABILITY_SUMMARY_MARKERS = (
+    "## Validated Source Traceability",
+    "source_traceability_alignment: EdgeEnv handoff and AIGuard optional-present fixture match",
+    "edgeenv_optional_source_traceability: read_only_optional_source_traceability preserved",
+    "aiguard_optional_present_source_artifact: "
+    f"{REQUIRED_AIGUARD_OPTIONAL_PRESENT_SOURCE_ARTIFACT_MARKER}",
+    "aiguard_optional_present_reproduction_command: "
+    f"{REQUIRED_AIGUARD_OPTIONAL_PRESENT_REPRODUCTION_COMMAND_MARKER}",
+    "ownership: edgeenv_does_not_generate_guard_analysis=true, lab_is_final_decision_owner=true",
+)
 REQUIRED_DURATION_TRACEABILITY_SUMMARY_MARKERS = (
     "## Validated Duration Traceability",
     "duration_handoff_alignment: EdgeEnv/AIGuard report context preserved",
@@ -268,6 +279,20 @@ def _validate_bundle_manifest_gate_summary(path: Path, errors: list[str]) -> Non
         )
 
 
+def _validate_source_traceability_summary(path: Path, errors: list[str]) -> None:
+    label = "Runtime Intelligence source traceability summary"
+    text = _read_text(path, errors, label)
+    if not text:
+        return
+    _record("- Status: passed" in text, errors, f"{label} must have passed status")
+    for marker in REQUIRED_SOURCE_TRACEABILITY_SUMMARY_MARKERS:
+        _record(
+            marker in text,
+            errors,
+            f"{label} missing source traceability marker: {marker}",
+        )
+
+
 def _validate_runtime_report(path: Path, errors: list[str]) -> None:
     text = _read_text(path, errors, "Runtime Intelligence Markdown report")
     if not text:
@@ -597,6 +622,14 @@ def _write_summary(path: Path, report_dir: Path, errors: list[str]) -> None:
             if not marker.startswith("## ")
         )
         lines.append("")
+        lines.append("## Validated Source Traceability")
+        lines.append("")
+        lines.extend(
+            f"- {marker}"
+            for marker in REQUIRED_SOURCE_TRACEABILITY_SUMMARY_MARKERS
+            if not marker.startswith("## ")
+        )
+        lines.append("")
     path.parent.mkdir(parents=True, exist_ok=True)
     path.write_text("\n".join(lines), encoding="utf-8")
 
@@ -611,6 +644,10 @@ def main(report_dir: str, summary_out: str = "") -> int:
             report_path / "runtime_intelligence_bundle_manifest_gate_summary.md",
             errors,
         )
+        _validate_source_traceability_summary(
+            report_path / "runtime_intelligence_source_traceability_summary.md",
+            errors,
+        )
         _validate_runtime_artifact_gate_summary(
             report_path / "runtime_anomaly_gate_summary.md",
             errors,