feat(distribution): tighten public distribution contract (#48)

* docs(distribution): artifactize public distribution contract

* feat(distribution): tighten public distribution contract

* fix(distribution): align contract package release metadata

Author: xiaojiou176

DISTRIBUTION.md

@@ -0,0 +1,98 @@
+# CortexPilot Distribution Contract
+
+This file is the canonical human-readable source for CortexPilot's current
+official distribution story.
+
+The public GitHub Pages mirror for this contract lives at
+`docs/distribution/index.html`.
+
+If README, Pages, examples, package metadata, or release notes ever appear to
+say different things, this file wins and the drift should be fixed in the next
+change set.
+
+## One-sentence story
+
+Today CortexPilot officially ships a public repo front door, a GitHub Pages
+product front door, one proof-first public workflow baseline, a repo-local
+read-only MCP server, local coding-agent starter/bundle materials, and
+repo-owned skills for local adoption.
+
+It does not yet officially ship a hosted operator service, a public write-capable
+MCP, a Docker distribution path, or any registry-published plugin / skills /
+MCP / npm package release.
+
+## Status labels
+
+- `shipped`: part of the official public distribution today
+- `starter-only`: intentionally copy-paste or local-install material, not a
+  registry item
+- `bundle-compatible`: installable from a local path or local marketplace-like
+  surface, but still not a published listing
+- `publish-ready but deferred`: metadata and package contract are ready for a
+  future public package release, but no registry release is live yet
+- `not standalone distribution unit`: useful repo-owned surface, but not meant
+  to be marketed or released on its own today
+- `deferred`: real later-phase direction, but not part of current official
+  distribution
+- `not part of current official distribution`: out of scope for the current
+  public story
+
+## Current Distribution Matrix
+
+| Surface | Current status | Official claim | Install path | Protocol / Auth | Next action |
+| --- | --- | --- | --- | --- | --- |
+| GitHub repo | `shipped` | Canonical public source, docs, code, and release front door | `https://github.com/xiaojiou176-open/CortexPilot-public` | none | keep sharp and truthful |
+| GitHub Pages | `shipped` | Canonical public product front door | `https://xiaojiou176-open.github.io/CortexPilot-public/` | none | keep first screen compressed |
+| First proven workflow (`news_digest`) | `shipped` | Official public proof-first baseline | `docs/use-cases/index.html` and tracked proof assets | read-only proof / replay story | keep as the only release-proven public workflow |
+| Read-only MCP | `shipped` | Repo-owned stdio JSON-RPC MCP for machine-readable inspection only | bootstrapped repo checkout + `bash __CORTEXPILOT_REPO_ROOT__/scripts/run_readonly_mcp.sh` or the tracked starter templates | `stdio`, JSON-RPC 2.0, read-only, repo-local, no hosted auth, no OAuth | keep artifactized through `configs/mcp_public_manifest.json` |
+| Codex starter | `starter-only` | Local marketplace seed plus shared read-only MCP template | `examples/coding-agents/codex/` | local path wiring only | keep truthful; do not relabel as official directory listing |
+| Claude Code starter | `starter-only` | Project-local `.claude` and `.mcp.json` starter | `examples/coding-agents/claude-code/` | local project wiring only | keep truthful; do not relabel as marketplace package |
+| OpenClaw starter | `starter-only` | Local config seed for the same read-only MCP and compatible bundle | `examples/coding-agents/openclaw/` | local config + local plugin path | keep truthful; do not relabel as ClawHub publication |
+| Cross-tool coding-agent bundle | `bundle-compatible` | Local bundle compatible with Codex local marketplace installs, Claude plugin-dir development, and OpenClaw local plugin loading | `examples/coding-agents/plugin-bundles/cortexpilot-coding-agent-bundle/` | local bundle metadata + repo-aware MCP wrapper | keep local-install contract; no published listing claim |
+| Repo-owned skill in the bundle | `starter-only` | Routing skill for honest adoption path selection | shipped inside the local bundle | repo-owned skill only | keep repo-owned; not a marketplace item |
+| `@cortexpilot/frontend-api-client` | `publish-ready but deferred` | Thin JS/TS client for control-plane reads and guarded operator add-ons | package metadata + README are publish-ready, but the official install story is still clone / vendor reuse until the first npm release exists | HTTP API with token / mutation-role expectations | publish later only after the first public package release is intentionally cut |
+| `@cortexpilot/frontend-api-contract` | `publish-ready but deferred` | Generated route / query / type boundary for frontend consumers | package metadata + README are publish-ready, but the official install story is still clone / vendor reuse until the first npm release exists | typed contract layer only | publish later only after the first public package release is intentionally cut |
+| `@cortexpilot/frontend-shared` | `not standalone distribution unit` | Repo-owned presentation substrate for dashboard / desktop / future web surfaces | repo-local package only | frontend presentation helpers only | keep repo-owned for now |
+| Docker image / Dockerfile | `deferred` | No official container distribution today; existing Dockerfiles are CI-only infrastructure | none | n/a | add only when a real container story exists |
+| Hosted Render pilot | `deferred` | Repo-side pilot blueprint exists, but no live hosted operator claim | `render.yaml` + runbook only | hosted HTTP / token boundary remains later | keep truthful; no live hosted claim |
+| Write-capable MCP | `not part of current official distribution` | Public MCP is still read-only | none | owner-only preview groundwork exists separately | keep gated and out of public claim |
+| Registry-published plugins / skills / MCP | `not part of current official distribution` | No official Codex / Claude Code / OpenClaw / MCP registry listing is live today | none | external platform submission required | external-only later action |
+
+## Version And Release Truth
+
+- The only live GitHub release today is `v0.1.0-alpha.1`.
+- That release is the first public storefront baseline and should be read as
+  the first public release snapshot, not as a claim that every post-release
+  hardening commit is already re-tagged.
+- Current `main` is ahead of tag commit `7fbc491`, so repo-side distribution
+  hardening after that baseline lives on `main` until a later tag/release is
+  cut.
+- Until the next release is created, README, Pages, and docs must describe the
+  current release truth as "first public baseline release + current main is
+  ahead", not "release fully matches current main".
+
+## Canonical MCP Truth
+
+- Human-readable MCP quickstart: `docs/mcp/index.html`
+- Machine-readable MCP distribution manifest: `configs/mcp_public_manifest.json`
+- Public mirror of this contract: `docs/distribution/index.html`
+- Implementation: `apps/orchestrator/src/cortexpilot_orch/mcp_readonly_server.py`
+- Canonical startup wrapper: `scripts/run_readonly_mcp.sh`
+- Canonical starter template: `examples/coding-agents/mcp/readonly.mcp.json.example`
+- Root `DISTRIBUTION.md` stays authoritative; the public mirror at
+  `docs/distribution/index.html` must match it and route readers back here
+
+## External / Owner-only Actions Left Out On Purpose
+
+These are intentionally outside repo-side completion:
+
+- publish npm packages
+- publish a PyPI package
+- submit an MCP registry entry
+- submit Codex / Claude Code / OpenClaw marketplace or registry items
+- publish a Docker image
+- deploy a live hosted operator service
+- promote a public write-capable MCP
+
+Those actions require external platform writes or owner decisions and are not
+part of the current official shipped contract.

README.md

@@ -18,7 +18,29 @@ The public story is intentionally narrower than the full monorepo:
 Current public boundary: CortexPilot is a repo-backed operator control plane,
 not a hosted product, and the shipped MCP surface remains **read-only**.
 
-[Quickstart](#quickstart) · [First Proven Workflow](https://xiaojiou176-open.github.io/CortexPilot-public/use-cases/) · [Compatibility Matrix](https://xiaojiou176-open.github.io/CortexPilot-public/compatibility/) · [Docs](docs/README.md) · [Architecture](docs/architecture/runtime-topology.md) · [AI + MCP + API Surfaces](https://xiaojiou176-open.github.io/CortexPilot-public/ai-surfaces/) · [Builder Quickstart](https://xiaojiou176-open.github.io/CortexPilot-public/builders/) · [Releases](https://github.com/xiaojiou176-open/CortexPilot-public/releases)
+[Quickstart](#quickstart) · [First Proven Workflow](https://xiaojiou176-open.github.io/CortexPilot-public/use-cases/) · [Compatibility Matrix](https://xiaojiou176-open.github.io/CortexPilot-public/compatibility/) · [Distribution Contract](DISTRIBUTION.md) · [Distribution Status](https://xiaojiou176-open.github.io/CortexPilot-public/distribution/) · [Docs](docs/README.md) · [Architecture](docs/architecture/runtime-topology.md) · [AI + MCP + API Surfaces](https://xiaojiou176-open.github.io/CortexPilot-public/ai-surfaces/) · [Builder Quickstart](https://xiaojiou176-open.github.io/CortexPilot-public/builders/) · [Releases](https://github.com/xiaojiou176-open/CortexPilot-public/releases)
+
+## Official Distribution Story
+
+The shortest truthful answer today is:
+
+> CortexPilot officially ships a public repo, a public Pages front door, a repo-local read-only MCP surface, and proof-first starter materials. Hosted service, write-capable MCP, Docker distribution, registry submissions, and standalone package publication are still explicitly deferred.
+
+Use these buckets:
+
+- **Shipped now**: repo, Pages, proof-first docs, read-only MCP
+- **Starter-only**: Codex / Claude Code / OpenClaw local starter kits and bundle examples
+- **Publish-ready but deferred**:
+  `@cortexpilot/frontend-api-client`,
+  `@cortexpilot/frontend-api-contract`
+- **Workspace-only**: `@cortexpilot/frontend-shared` stays repo-owned and is
+  not marketed as a standalone package
+- **Deferred**: hosted operator, write-capable MCP, Docker image, npm/PyPI, and marketplace/registry submissions
+
+If you need the exact matrix instead of a one-line summary, open
+[DISTRIBUTION.md](DISTRIBUTION.md) or the public
+[Distribution Status](https://xiaojiou176-open.github.io/CortexPilot-public/distribution/)
+mirror.
 
 ![CortexPilot studio preview card](docs/assets/storefront/cortexpilot-studio-preview.svg)
 
@@ -30,6 +52,7 @@ not a hosted product, and the shipped MCP surface remains **read-only**.
 | --- | --- |
 | evaluate the product story | [First Proven Workflow](https://xiaojiou176-open.github.io/CortexPilot-public/use-cases/) |
 | choose the right Codex / Claude Code / OpenClaw / MCP / skills / builder path | [Compatibility Matrix](https://xiaojiou176-open.github.io/CortexPilot-public/compatibility/) |
+| see exactly what ships now vs. later | [Distribution Contract](DISTRIBUTION.md) and [Distribution Status](https://xiaojiou176-open.github.io/CortexPilot-public/distribution/) |
 | build on the protocol or package surfaces | [AI + MCP + API Surfaces](https://xiaojiou176-open.github.io/CortexPilot-public/ai-surfaces/) and [Builder Quickstart](https://xiaojiou176-open.github.io/CortexPilot-public/builders/) |
 
 The default public loop is simple: **start one workflow case, watch it move
@@ -677,6 +700,11 @@ The public release surface now has a live baseline. Use these entrypoints:
 - [Tracked `news_digest` baseline summary](docs/releases/assets/news-digest-benchmark-summary-2026-03-27.md)
 - [Tracked `news_digest` Workflow Case recap](docs/releases/assets/news-digest-workflow-case-recap-2026-03-27.md)
 
+Release truth note: `v0.1.0-alpha.1` is the current public storefront baseline,
+but current `main` is ahead with post-release repo-side follow-through. Treat
+[DISTRIBUTION.md](DISTRIBUTION.md) as the live repo-side distribution contract
+until the next tag is cut.
+
 Public repo hygiene stays fail-closed as well: token-like fixture coverage must
 use synthetic string assembly, and public path fixtures must use generic
 workspace roots instead of maintainer-local absolute paths. See

apps/orchestrator/README.md

@@ -137,7 +137,8 @@ bash scripts/run_orchestrator_cli.sh --help
 
 ## Read-Only MCP + Copilot Notes
 
-- the repo-local MCP entry is `python -m cortexpilot_orch.cli mcp-readonly-server`
+- the shortest repo-local MCP entry for external stdio clients is `bash scripts/run_readonly_mcp.sh`
+- the underlying raw MCP runtime entry remains `python -m cortexpilot_orch.cli mcp-readonly-server`
 - the later-gated queue write pilot entry is `python -m cortexpilot_orch.cli mcp-queue-pilot-server`
 - copy-paste host-tool starters now live in `docs/agent-starters/index.html`,
   `docs/examples/agent-starters/`, and `examples/coding-agents/`, so Codex,

configs/docs_nav_registry.json

@@ -2,15 +2,6 @@
   "schema_version": 1,
   "description": "Minimal navigation registry for the public documentation surface.",
   "entries": [
-    {
-      "path": "docs/README.md",
-      "kind": "entrypoint",
-      "status": "active",
-      "canonical": true,
-      "generated": false,
-      "owner_surface": "docs",
-      "listed_in_primary_navigation": true
-    },
     {
       "path": "docs/index.html",
       "kind": "entrypoint",
@@ -173,6 +164,15 @@
       "owner_surface": "docs",
       "listed_in_primary_navigation": true
     },
+    {
+      "path": "docs/distribution/index.html",
+      "kind": "entrypoint",
+      "status": "active",
+      "canonical": true,
+      "generated": false,
+      "owner_surface": "docs",
+      "listed_in_primary_navigation": true
+    },
     {
       "path": "docs/agent-starters/index.html",
       "kind": "entrypoint",

configs/mcp_public_manifest.json

@@ -0,0 +1,81 @@
+{
+  "schema_version": 1,
+  "name": "cortexpilot-readonly",
+  "display_name": "CortexPilot Read-only MCP",
+  "status": "shipped",
+  "version": "0.1.0-alpha.1",
+  "version_truth": "This is the latest published GitHub release version. Verify parity with current main before making broader release or registry claims.",
+  "release_represents_current_main": false,
+  "description": "Repo-owned read-only MCP server for CortexPilot runs, workflows, approvals, compare, proof, and incident summaries.",
+  "homepage": "https://xiaojiou176-open.github.io/CortexPilot-public/mcp/",
+  "distribution_page": "https://github.com/xiaojiou176-open/CortexPilot-public/blob/main/DISTRIBUTION.md",
+  "repository": "https://github.com/xiaojiou176-open/CortexPilot-public",
+  "transport": "stdio",
+  "protocol": "json-rpc",
+  "auth_boundary": {
+    "mode": "repo-local only",
+    "hosted_account": false,
+    "oauth": false,
+    "writes_enabled": false
+  },
+  "startup": {
+    "command": "bash",
+    "args": [
+      "/absolute/path/to/CortexPilot/scripts/run_readonly_mcp.sh"
+    ],
+    "working_directory": "optional",
+    "environment": {},
+    "notes": "For an interactive proof from the repo root, you can also run `bash scripts/run_readonly_mcp.sh`."
+  },
+  "portable_examples": [
+    {
+      "surface": "shared-mcp-json",
+      "path": "examples/coding-agents/mcp/readonly.mcp.json.example"
+    },
+    {
+      "surface": "codex",
+      "path": "docs/examples/agent-starters/codex/cortexpilot.config.toml"
+    },
+    {
+      "surface": "claude-code",
+      "path": "docs/examples/agent-starters/claude/project.mcp.json"
+    },
+    {
+      "surface": "openclaw",
+      "path": "docs/examples/agent-starters/openclaw/cortexpilot-server.json"
+    },
+    {
+      "surface": "openclaw-toml",
+      "path": "docs/examples/agent-starters/openclaw/config.openclaw.example.toml"
+    }
+  ],
+  "capabilities": {
+    "mode": "read-only",
+    "tools": [
+      "list_runs",
+      "get_run",
+      "get_run_events",
+      "get_run_reports",
+      "list_workflows",
+      "get_workflow",
+      "list_queue",
+      "get_pending_approvals",
+      "get_diff_gate_state",
+      "get_compare_summary",
+      "get_proof_summary",
+      "get_incident_summary"
+    ]
+  },
+  "source_of_truth": {
+    "cli_entrypoint": "apps/orchestrator/src/cortexpilot_orch/cli.py",
+    "wrapper": "scripts/run_readonly_mcp.sh",
+    "human_quickstart": "docs/mcp/index.html",
+    "distribution_status": "DISTRIBUTION.md"
+  },
+  "explicit_non_claims": [
+    "not a hosted MCP account",
+    "not a write-capable MCP surface",
+    "not an OAuth login flow",
+    "not a replacement for the orchestration runtime itself"
+  ]
+}

configs/root_allowlist.json

@@ -17,6 +17,7 @@
     "CLAUDE.md",
     "CODE_OF_CONDUCT.md",
     "CONTRIBUTING.md",
+    "DISTRIBUTION.md",
     "LICENSE",
     "PRIVACY.md",
     "README.md",