Complete WP-0006 through WP-0009: registry expansion, catalog, graph, tests

Register six new capabilities (12 total), add searchable catalog UI and graph
explorer, introduce pytest suite with CI fail-on-warnings, and close gap
analysis priorities 13 and 16. WP-0010 remains backlog for network federation.

docs/catalog/index.html

@@ -15,8 +15,26 @@
 </head>
 <body>
   <h1>Capability Catalog</h1>
-  <p class="subtitle">Updated 2026-06-15 · 6 entries</p>
+  <p class="subtitle">Updated 2026-06-15 · 12 entries</p>
   <section><h2>helix_forge</h2>
+<article class="card">
+  <h3>Organizational Event Coordination</h3>
+  <p class="meta"><code>capability.activity.event-coordinate</code> · D3 / A1 / C1 / R0</p>
+  <p>Coordinate structured responses to cross-domain events through activity workflows and automation.</p>
+  <p class="path">registry/capabilities/capability.activity.event-coordinate.md</p>
+</article>
+<article class="card">
+  <h3>Audit Event Retention</h3>
+  <p class="meta"><code>capability.audit.event-retain</code> · D4 / A2 / C2 / R1</p>
+  <p>Collect, normalize, retain, and search audit events with integrity evidence across tenants.</p>
+  <p class="path">registry/capabilities/capability.audit.event-retain.md</p>
+</article>
+<article class="card">
+  <h3>Authorization Policy Evaluation</h3>
+  <p class="meta"><code>capability.authorization.policy-evaluate</code> · D4 / A2 / C2 / R1</p>
+  <p>Evaluate access decisions from policy-as-code rules for subjects, resources, and actions.</p>
+  <p class="path">registry/capabilities/capability.authorization.policy-evaluate.md</p>
+</article>
 <article class="card">
   <h3>Feature Availability Evaluation</h3>
   <p class="meta"><code>capability.feature-control.evaluate</code> · D5 / A4 / C3 / R3</p>
@@ -26,19 +44,25 @@
 <article class="card">
   <h3>Feature Rollout Control</h3>
   <p class="meta"><code>capability.feature-control.rollout</code> · D4 / A2 / C2 / R1</p>
-  <p>Gradually expose features to subjects across tenants, domains, groups, or cohorts using rollout rules and staged availability.</p>
+  <p>Gradually expose features to subjects across tenants, domains, groups, or cohorts using rollout rules.</p>
   <p class="path">registry/capabilities/capability.feature-control.rollout.md</p>
 </article>
+<article class="card">
+  <h3>Feature Visibility Control</h3>
+  <p class="meta"><code>capability.feature-control.visibility</code> · D4 / A2 / C2 / R1</p>
+  <p>Control whether features are visible or hidden for subjects without changing entitlement or authorization.</p>
+  <p class="path">registry/capabilities/capability.feature-control.visibility.md</p>
+</article>
 <article class="card">
   <h3>Identity Subject Resolution</h3>
   <p class="meta"><code>capability.identity.subject-resolution</code> · D3 / A0 / C1 / R0</p>
-  <p>Resolve who or what is acting in a context by mapping principals, accounts, actors, and identifiers to a stable subject model.</p>
+  <p>Resolve who or what is acting by mapping principals, accounts, actors, and identifiers to a stable subject model.</p>
   <p class="path">registry/capabilities/capability.identity.subject-resolution.md</p>
 </article>
 <article class="card">
   <h3>Identity Vocabulary Canonicalization</h3>
   <p class="meta"><code>capability.identity.vocabulary-canonicalize</code> · D4 / A0 / C2 / R0</p>
-  <p>Define and maintain an implementation-neutral vocabulary for identity-related concepts across overlapping domains.</p>
+  <p>Define an implementation-neutral vocabulary for identity-related concepts across overlapping domains.</p>
   <p class="path">registry/capabilities/capability.identity.vocabulary-canonicalize.md</p>
 </article>
 <article class="card">
@@ -47,10 +71,22 @@
   <p>Register a new capability so it becomes visible for planning and implementation reuse.</p>
   <p class="path">registry/capabilities/capability.registry.register.md</p>
 </article>
+<article class="card">
+  <h3>Registry Entry Validation</h3>
+  <p class="meta"><code>capability.registry.validate</code> · D4 / A3 / C3 / R2</p>
+  <p>Validate capability registry entries against schema, index consistency, and relation integrity.</p>
+  <p class="path">registry/capabilities/capability.registry.validate.md</p>
+</article>
+<article class="card">
+  <h3>Work Progress Logging</h3>
+  <p class="meta"><code>capability.statehub.progress-log</code> · D4 / A4 / C3 / R2</p>
+  <p>Record progress events, decisions, and session notes against workstreams and tasks in State Hub.</p>
+  <p class="path">registry/capabilities/capability.statehub.progress-log.md</p>
+</article>
 <article class="card">
   <h3>Workstream And Task Coordination</h3>
   <p class="meta"><code>capability.statehub.workstream-coordinate</code> · D4 / A4 / C3 / R2</p>
-  <p>Track active workstreams, tasks, progress, and consistency across domain repositories through a local-first coordination service.</p>
+  <p>Track active workstreams, tasks, progress, and consistency across domain repositories.</p>
   <p class="path">registry/capabilities/capability.statehub.workstream-coordinate.md</p>
 </article></section>
 </body>

docs/catalog/registry.json

@@ -0,0 +1,226 @@
+{
+  "domain": "helix_forge",
+  "updated": "2026-06-15",
+  "capabilities": [
+    {
+      "id": "capability.activity.event-coordinate",
+      "name": "Organizational Event Coordination",
+      "summary": "Coordinate structured responses to cross-domain events through activity workflows and automation.",
+      "vector": "D3 / A1 / C1 / R0",
+      "domain": "helix_forge",
+      "status": "draft",
+      "owner": "activity-core",
+      "path": "registry/capabilities/capability.activity.event-coordinate.md",
+      "tags": [
+        "activity",
+        "coordination",
+        "automation"
+      ],
+      "consumption_modes": [
+        "informational"
+      ]
+    },
+    {
+      "id": "capability.audit.event-retain",
+      "name": "Audit Event Retention",
+      "summary": "Collect, normalize, retain, and search audit events with integrity evidence across tenants.",
+      "vector": "D4 / A2 / C2 / R1",
+      "domain": "helix_forge",
+      "status": "draft",
+      "owner": "audit-core",
+      "path": "registry/capabilities/capability.audit.event-retain.md",
+      "tags": [
+        "audit",
+        "retention",
+        "compliance"
+      ],
+      "consumption_modes": [
+        "source module"
+      ]
+    },
+    {
+      "id": "capability.authorization.policy-evaluate",
+      "name": "Authorization Policy Evaluation",
+      "summary": "Evaluate access decisions from policy-as-code rules for subjects, resources, and actions.",
+      "vector": "D4 / A2 / C2 / R1",
+      "domain": "helix_forge",
+      "status": "draft",
+      "owner": "flex-auth",
+      "path": "registry/capabilities/capability.authorization.policy-evaluate.md",
+      "tags": [
+        "authorization",
+        "policy",
+        "flex-auth"
+      ],
+      "consumption_modes": [
+        "source module"
+      ]
+    },
+    {
+      "id": "capability.feature-control.evaluate",
+      "name": "Feature Availability Evaluation",
+      "summary": "Evaluate whether a feature is active, hidden, disabled, or unavailable for a subject in context.",
+      "vector": "D5 / A4 / C3 / R3",
+      "domain": "helix_forge",
+      "status": "draft",
+      "owner": "feature-control",
+      "path": "registry/capabilities/capability.feature-control.evaluate.md",
+      "tags": [
+        "feature-control",
+        "evaluation",
+        "sdk"
+      ],
+      "consumption_modes": [
+        "SDK",
+        "service API"
+      ]
+    },
+    {
+      "id": "capability.feature-control.rollout",
+      "name": "Feature Rollout Control",
+      "summary": "Gradually expose features to subjects across tenants, domains, groups, or cohorts using rollout rules.",
+      "vector": "D4 / A2 / C2 / R1",
+      "domain": "helix_forge",
+      "status": "draft",
+      "owner": "feature-control",
+      "path": "registry/capabilities/capability.feature-control.rollout.md",
+      "tags": [
+        "feature-control",
+        "rollout",
+        "planning"
+      ],
+      "consumption_modes": [
+        "source module",
+        "SDK"
+      ]
+    },
+    {
+      "id": "capability.feature-control.visibility",
+      "name": "Feature Visibility Control",
+      "summary": "Control whether features are visible or hidden for subjects without changing entitlement or authorization.",
+      "vector": "D4 / A2 / C2 / R1",
+      "domain": "helix_forge",
+      "status": "draft",
+      "owner": "feature-control",
+      "path": "registry/capabilities/capability.feature-control.visibility.md",
+      "tags": [
+        "feature-control",
+        "visibility"
+      ],
+      "consumption_modes": [
+        "source module"
+      ]
+    },
+    {
+      "id": "capability.identity.subject-resolution",
+      "name": "Identity Subject Resolution",
+      "summary": "Resolve who or what is acting by mapping principals, accounts, actors, and identifiers to a stable subject model.",
+      "vector": "D3 / A0 / C1 / R0",
+      "domain": "helix_forge",
+      "status": "draft",
+      "owner": "identity-canon",
+      "path": "registry/capabilities/capability.identity.subject-resolution.md",
+      "tags": [
+        "identity",
+        "subject",
+        "architecture"
+      ],
+      "consumption_modes": [
+        "informational"
+      ]
+    },
+    {
+      "id": "capability.identity.vocabulary-canonicalize",
+      "name": "Identity Vocabulary Canonicalization",
+      "summary": "Define an implementation-neutral vocabulary for identity-related concepts across overlapping domains.",
+      "vector": "D4 / A0 / C2 / R0",
+      "domain": "helix_forge",
+      "status": "draft",
+      "owner": "identity-canon",
+      "path": "registry/capabilities/capability.identity.vocabulary-canonicalize.md",
+      "tags": [
+        "identity",
+        "terminology",
+        "research"
+      ],
+      "consumption_modes": [
+        "informational"
+      ]
+    },
+    {
+      "id": "capability.registry.register",
+      "name": "Capability Registration",
+      "summary": "Register a new capability so it becomes visible for planning and implementation reuse.",
+      "vector": "D3 / A3 / C2 / R2",
+      "domain": "helix_forge",
+      "status": "draft",
+      "owner": "reuse-surface",
+      "path": "registry/capabilities/capability.registry.register.md",
+      "tags": [
+        "registry",
+        "governance",
+        "meta"
+      ],
+      "consumption_modes": [
+        "informational",
+        "markdown authoring",
+        "cli"
+      ]
+    },
+    {
+      "id": "capability.registry.validate",
+      "name": "Registry Entry Validation",
+      "summary": "Validate capability registry entries against schema, index consistency, and relation integrity.",
+      "vector": "D4 / A3 / C3 / R2",
+      "domain": "helix_forge",
+      "status": "draft",
+      "owner": "reuse-surface",
+      "path": "registry/capabilities/capability.registry.validate.md",
+      "tags": [
+        "registry",
+        "validation",
+        "cli"
+      ],
+      "consumption_modes": [
+        "cli"
+      ]
+    },
+    {
+      "id": "capability.statehub.progress-log",
+      "name": "Work Progress Logging",
+      "summary": "Record progress events, decisions, and session notes against workstreams and tasks in State Hub.",
+      "vector": "D4 / A4 / C3 / R2",
+      "domain": "helix_forge",
+      "status": "draft",
+      "owner": "state-hub",
+      "path": "registry/capabilities/capability.statehub.progress-log.md",
+      "tags": [
+        "state-hub",
+        "progress",
+        "coordination"
+      ],
+      "consumption_modes": [
+        "service API"
+      ]
+    },
+    {
+      "id": "capability.statehub.workstream-coordinate",
+      "name": "Workstream And Task Coordination",
+      "summary": "Track active workstreams, tasks, progress, and consistency across domain repositories.",
+      "vector": "D4 / A4 / C3 / R2",
+      "domain": "helix_forge",
+      "status": "draft",
+      "owner": "state-hub",
+      "path": "registry/capabilities/capability.statehub.workstream-coordinate.md",
+      "tags": [
+        "state-hub",
+        "coordination",
+        "workplans"
+      ],
+      "consumption_modes": [
+        "service API",
+        "HTTP REST"
+      ]
+    }
+  ]
+}

docs/catalog/search.html

@@ -0,0 +1,44 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="utf-8">
+  <title>Capability Catalog Search</title>
+  <style>
+    body { font-family: system-ui, sans-serif; margin: 2rem; line-height: 1.5; }
+    input { width: 100%; max-width: 40rem; padding: 0.5rem; font-size: 1rem; }
+    .card { border: 1px solid #ddd; border-radius: 8px; padding: 1rem; margin: 1rem 0; }
+    .meta { color: #555; font-size: 0.9rem; }
+    .hidden { display: none; }
+  </style>
+</head>
+<body>
+  <h1>Capability Catalog</h1>
+  <p>Client-side search over <code>registry.json</code>. Generated by <code>reuse-surface catalog</code>.</p>
+  <input id="q" type="search" placeholder="Search name, summary, tags, vector..." autofocus>
+  <p id="count"></p>
+  <div id="results"></div>
+  <script>
+    let items = [];
+    fetch('registry.json').then(r => r.json()).then(data => {
+      items = data.capabilities || [];
+      render('');
+    });
+    document.getElementById('q').addEventListener('input', e => render(e.target.value));
+    function render(query) {
+      const q = query.trim().toLowerCase();
+      const matches = items.filter(item => {
+        const hay = [item.id, item.name, item.summary, item.vector,
+          ...(item.tags || []), ...(item.consumption_modes || [])].join(' ').toLowerCase();
+        return !q || hay.includes(q);
+      });
+      document.getElementById('count').textContent = matches.length + ' match(es)';
+      document.getElementById('results').innerHTML = matches.map(item => `
+        <article class="card">
+          <h3>${item.name}</h3>
+          <p class="meta"><code>${item.id}</code> · ${item.vector} · ${item.owner}</p>
+          <p>${item.summary}</p>
+        </article>`).join('');
+    }
+  </script>
+</body>
+</html>