utility relationships understanding of INTENT.md vs. SCOPE.md and documentation.

tests/test_candidate_graph.py

@@ -58,7 +58,7 @@ def test_candidate_generator_builds_purpose_seed_from_observed_facts():
     interface_capability = ability.capabilities[0]
     assert interface_capability.name == "Expose Repository Interface"
     assert interface_capability.primary_class == "interface"
-    assert {"surface", "api"} <= set(interface_capability.attributes)
+    assert {"surface", "api", "utility-owned"} <= set(interface_capability.attributes)
     assert interface_capability.confidence == 0.75
     assert interface_capability.inputs == ["HTTP request"]
     assert interface_capability.outputs == ["HTTP response"]
@@ -68,6 +68,76 @@ def test_candidate_generator_builds_purpose_seed_from_observed_facts():
     assert interface_capability.features[0].name == "POST /classify"
     assert interface_capability.features[0].location == "app.py"
     assert interface_capability.evidence[0].strength == "strong"
+    structure_capability = ability.capabilities[1]
+    assert structure_capability.name == "Describe Repository Structure"
+    assert {
+        "utility-dependency",
+        "review-required-structural-context",
+    } <= set(structure_capability.attributes)
+
+
+def test_candidate_generator_extracts_intended_capability_blocks_from_intent_chunks():
+    repository = Repository(
+        id=1,
+        name="KeyCape",
+        url="/tmp/key-cape",
+        description=None,
+        branch="main",
+        status="analyzed",
+    )
+    facts = [
+        fact(
+            1,
+            "intent",
+            "INTENT",
+            "INTENT.md",
+            metadata={"source_role": "intent_summary"},
+        ),
+        fact(
+            2,
+            "scope",
+            "SCOPE",
+            "SCOPE.md",
+            metadata={"source_role": "derived_scope"},
+        ),
+    ]
+    chunks = [
+        chunk(
+            1,
+            "intent",
+            "INTENT.md",
+            "# INTENT\n\n"
+            "Lightweight IAM for small deployments.\n\n"
+            "## Intended Capabilities\n\n"
+            "- Enforce OIDC PKCE profiles: reject unsafe client profiles.\n"
+            "- Validate LDAP schema migrations.\n",
+        ),
+        chunk(
+            2,
+            "scope",
+            "SCOPE.md",
+            "# SCOPE\n\n## Intended Capabilities\n\n- Route LLM provider requests.\n",
+        ),
+    ]
+
+    graph = CandidateGraphGenerator().generate(repository, facts, chunks)
+
+    capability_names = {capability.name for capability in graph[0].capabilities}
+    assert "Enforce OIDC PKCE Profiles" in capability_names
+    assert "Validate LDAP Schema Migrations" in capability_names
+    assert "Route LLM Provider Requests" not in capability_names
+    intent_capability = next(
+        capability
+        for capability in graph[0].capabilities
+        if capability.name == "Enforce OIDC PKCE Profiles"
+    )
+    assert intent_capability.primary_class == "intent-capability"
+    assert {
+        "intent-derived",
+        "utility-owned",
+        "review-required-intent",
+    } <= set(intent_capability.attributes)
+    assert [ref.path for ref in intent_capability.source_refs] == ["INTENT.md"]
 
 
 def test_candidate_generator_enriches_descriptions_from_content_chunks():

tests/test_registry_service.py

@@ -756,6 +756,15 @@ def test_analyze_repository_can_trusted_auto_approve_candidates(tmp_path):
     assert decisions[0].action == "trusted_auto_approve_candidate_graph"
     assert "deterministic candidate generation" in decisions[0].notes
     assert "Auto-approved 1 safe candidate capability(s); left 1 for review." in decisions[0].notes
+    assert (
+        "Approved: Expose Repository Interface: owned interface with sufficient confidence."
+        in decisions[0].notes
+    )
+    assert (
+        "Skipped: Describe Repository Structure: structural/dependency context "
+        "requires curator review."
+        in decisions[0].notes
+    )
 
 
 def test_rebuild_characteristics_dry_run_preserves_approved_map(tmp_path):