fix: address parallel code-review findings (security + quality + spec)

Three parallel review agents (security, code-quality, spec-coherence)
flagged a Critical, four Important items, and one out-of-spec scope
question. This commit addresses everything except deferred follow-ups.

CRITICAL — fixed:
CompoundingTestAI.tsx:354-356 — the inline help text under the API
key input said "Sent over HTTPS to the HuggingFace Space, which
forwards to Anthropic" — that was the PRE-refactor copy and now
contradicts the lab page's privacy disclosure. Updated to:
"Sent over HTTPS directly to api.anthropic.com from your browser —
never through mile-hi.ai or HuggingFace."

IMPORTANT — fixed:

1. engine/scripts/deploy-hf-space.sh → gradio-apps/compounding-test/deploy.sh
The spec's FR-020 reserved engine/ for the article-drafting pipeline;
a HF Space deploy helper doesn't belong there. Moved via `git mv` so
history is preserved. REPO_ROOT calculation in the script is
unchanged (still 2 levels up). engine/CLAUDE.md and engine/README.md
updated to remove the entry and point at the new location. FR-020
amended to explicitly carve out ops scripts for sibling gradio-apps.

2. Word-count constants extracted in CompoundingTestAI.tsx — 200 and
5000 were hard-coded in 5 places; now MIN_WORDS and MAX_WORDS
constants near the top of the file with a comment pinning them to
the Python defaults in app.py (with explicit note that there's no
runtime sync — the Python side is the authoritative validator).

3. Python F14 error wrapper now redacts user-supplied Anthropic keys
before surfacing the writeup. Symmetric with redactKey() in
src/lib/anthropic-direct.ts. Anthropic's SDK doesn't currently
include keys in errors, but this is defense-in-depth against a
future debug-mode override. New test
test_diagnose_redacts_user_key_from_error_messages locks it in.

4. Spec amended (post-implementation, recorded explicitly): added US5
covering the site-native AI lab + browser-direct path, with new
FR-025/026/027 for the page, the browser-direct privacy invariants,
and the inline disclosure requirement. Added SC-011 (lab
reachability + Client.connect=0 test) and SC-012 (key-leak vectors
covered by ≥10 dedicated security tests). Spec now reflects what
actually shipped, with an Amendment Rationale paragraph explaining
why this work merits keeping over reverting.

5. Spec bookkeeping: marked T001/T038/T041/T042/T043 done with
rationale; split T039 into T039a (deployed, DONE) and T039b
(latency-baseline DEFERRED to post-merge). Added Post-merge
follow-ups section to tasks.md listing remaining items.

VERIFICATION:
npm run test 943 passed, 1 skipped (Anthropic real-API opt-in)
npm run build clean
pytest gradio-apps/compounding-test/test_diagnose.py
63 passed, 1 skipped (was 62 → +1 redaction test)

Minor findings (not addressed in this commit):
- document.cookie / IndexedDB / Cache API not stubbed in tests
(defense-in-depth opportunity, no current leak)
- requirements.txt upper-bound pins on gradio/transformers/torch
(deferred to post-merge follow-up listed in tasks.md)
- ResultPane component still inline in CompoundingTestAI.tsx
(~115 LOC, extract when next substantive edit happens)
- Sample initiatives duplicated TS↔Python (already documented at
top of each file with cross-references)
- 49-commit history retained as-is — useful HF-Space-deployment
runbook in commit form per reviewer's explicit recommendation

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

app.py

@@ -732,6 +732,13 @@ def diagnose(
         # without flooding the markdown tab.
         if len(detail) > 400:
             detail = detail[:400] + "…"
+        # Defense-in-depth: if the user-supplied Anthropic key somehow
+        # appears in the exception message (no current SDK version does
+        # this, but a future debug-mode override might), redact it
+        # before surfacing the writeup. Symmetric with redactKey() in
+        # src/lib/anthropic-direct.ts.
+        if user_key_for_anthropic and len(user_key_for_anthropic) >= 8:
+            detail = detail.replace(user_key_for_anthropic, "[redacted]")
         return (
             f"⚠ The diagnostic call to {provider} ({model_label}) failed.\n\n"
             f"**{type(e).__name__}:** {detail}\n\n"

deploy.sh

@@ -0,0 +1,173 @@
+#!/usr/bin/env bash
+# Deploy gradio-apps/compounding-test/ to a HuggingFace Space via
+# `git subtree push`. The monorepo stays the canonical source; the
+# Space repo holds only the contents of that one subdirectory.
+#
+# One-time setup (run by the user before first deploy):
+#   git remote add hf-compounding-test https://huggingface.co/spaces/<owner>/<space>
+#   # the remote name MUST be `hf-compounding-test` — this script looks for it
+#
+# Every deploy:
+#   ./engine/scripts/deploy-hf-space.sh           # push current branch
+#   ./engine/scripts/deploy-hf-space.sh --dry-run # sanity checks only
+
+set -euo pipefail
+
+REPO_ROOT="$(cd "$(dirname "$0")/../.." && pwd)"
+SPACE_DIR="$REPO_ROOT/gradio-apps/compounding-test"
+SPACE_PREFIX="gradio-apps/compounding-test"
+REMOTE_NAME="hf-compounding-test"
+TARGET_BRANCH="main"  # HuggingFace Spaces use `main` as the deploy branch
+
+DRY_RUN=0
+FORCE=0
+for arg in "$@"; do
+  case "$arg" in
+    --dry-run) DRY_RUN=1 ;;
+    --force)   FORCE=1 ;;
+    *) echo "Unknown flag: $arg" >&2; exit 1 ;;
+  esac
+done
+
+# ---------------------------------------------------------------------------
+# Sanity checks (fail fast with clear messages)
+# ---------------------------------------------------------------------------
+
+cd "$REPO_ROOT"
+
+# 1. Space directory exists
+if [[ ! -d "$SPACE_DIR" ]]; then
+  echo "✗ Space directory not found: $SPACE_DIR" >&2
+  exit 1
+fi
+
+# 2. Required files exist at the Space root
+for required in app.py requirements.txt README.md; do
+  if [[ ! -f "$SPACE_DIR/$required" ]]; then
+    echo "✗ Missing required file at Space root: $SPACE_PREFIX/$required" >&2
+    exit 1
+  fi
+done
+
+# 3. README.md has the YAML header HF Spaces needs (sdk, app_file).
+#    Without these, the Space won't build.
+if ! grep -q "^sdk: gradio" "$SPACE_DIR/README.md"; then
+  echo "✗ $SPACE_PREFIX/README.md is missing 'sdk: gradio' in its YAML header." >&2
+  echo "  HuggingFace Spaces require this to pick the Gradio runtime." >&2
+  exit 1
+fi
+if ! grep -q "^app_file: app.py" "$SPACE_DIR/README.md"; then
+  echo "✗ $SPACE_PREFIX/README.md is missing 'app_file: app.py' in its YAML header." >&2
+  exit 1
+fi
+
+# 4. HF remote is configured
+if ! git remote get-url "$REMOTE_NAME" >/dev/null 2>&1; then
+  echo "✗ Git remote '$REMOTE_NAME' not configured." >&2
+  echo "" >&2
+  echo "  Add it once with:" >&2
+  echo "    git remote add $REMOTE_NAME https://huggingface.co/spaces/<owner>/<space>" >&2
+  echo "" >&2
+  echo "  (Replace <owner>/<space> with your actual HF Space path, e.g." >&2
+  echo "  AshwinP/compounding-test.)" >&2
+  exit 1
+fi
+REMOTE_URL="$(git remote get-url "$REMOTE_NAME")"
+
+# 5. Working tree is clean within the Space directory. Uncommitted changes
+#    inside the prefix would be SILENTLY DROPPED by git subtree, which is
+#    a footgun — fail loud instead.
+if ! git diff --quiet -- "$SPACE_PREFIX" || ! git diff --cached --quiet -- "$SPACE_PREFIX"; then
+  echo "✗ Uncommitted changes inside $SPACE_PREFIX/:" >&2
+  git status --short -- "$SPACE_PREFIX" >&2
+  echo "" >&2
+  echo "  Commit (or stash) these before deploying — git subtree only pushes" >&2
+  echo "  what's in the commit history, so unstaged work would silently miss" >&2
+  echo "  the deploy." >&2
+  exit 1
+fi
+
+# 6. Tests pass. The parser + provider tests are the gate that protects the
+#    deployed Space's behavior — if they're red, do not deploy.
+echo "→ Running tests in $SPACE_PREFIX/..."
+if command -v python3 >/dev/null 2>&1; then
+  if ! (cd "$SPACE_DIR" && python3 -m pytest test_diagnose.py -q 2>&1 | tail -5); then
+    echo "✗ Tests failed. Fix before deploying." >&2
+    exit 1
+  fi
+else
+  echo "  (python3 not found — skipping test gate)" >&2
+fi
+
+# ---------------------------------------------------------------------------
+# Report state
+# ---------------------------------------------------------------------------
+
+CURRENT_BRANCH="$(git rev-parse --abbrev-ref HEAD)"
+CURRENT_SHA="$(git rev-parse --short HEAD)"
+
+echo ""
+echo "Ready to deploy:"
+echo "  source prefix: $SPACE_PREFIX"
+echo "  source commit: $CURRENT_SHA ($CURRENT_BRANCH)"
+echo "  HF remote:     $REMOTE_NAME ($REMOTE_URL)"
+echo "  target branch: $TARGET_BRANCH"
+echo ""
+
+if [[ "$DRY_RUN" -eq 1 ]]; then
+  echo "✓ Dry run — all sanity checks passed. No push performed."
+  exit 0
+fi
+
+# ---------------------------------------------------------------------------
+# Push to HuggingFace Space
+# ---------------------------------------------------------------------------
+#
+# Two push modes:
+#   default: `git subtree push` — fast-forward only. Works for every deploy
+#            after the first one (and for first deploys to a Space that has
+#            never been initialized server-side).
+#   --force: `git subtree split` to a temp branch, then `git push --force`
+#            that branch to the remote's main. Required for the FIRST deploy
+#            to a freshly-created HF Space, because HF auto-creates an initial
+#            commit (README placeholder) that our subtree history can't
+#            fast-forward over. `git subtree push --force` is NOT a valid flag
+#            combo — only the split+push form works.
+
+if [[ "$FORCE" -eq 1 ]]; then
+  TEMP_BRANCH="hf-deploy-$(date +%s)"
+  echo "→ Splitting $SPACE_PREFIX into temp branch $TEMP_BRANCH..."
+  git subtree split --prefix="$SPACE_PREFIX" -b "$TEMP_BRANCH" >/dev/null
+  echo "→ Force-pushing $TEMP_BRANCH → $REMOTE_NAME/$TARGET_BRANCH..."
+  if git push "$REMOTE_NAME" "$TEMP_BRANCH:$TARGET_BRANCH" --force; then
+    git branch -D "$TEMP_BRANCH" >/dev/null
+    echo ""
+    echo "✓ Force-deploy pushed. HuggingFace will rebuild the Space shortly."
+    echo "  Track build status at: ${REMOTE_URL%.git}"
+  else
+    git branch -D "$TEMP_BRANCH" >/dev/null 2>&1 || true
+    echo ""
+    echo "✗ Force-push failed. Check authentication (huggingface-cli login)" >&2
+    echo "  and Space permissions." >&2
+    exit 1
+  fi
+else
+  echo "→ Pushing subtree to $REMOTE_NAME/$TARGET_BRANCH..."
+  if git subtree push --prefix="$SPACE_PREFIX" "$REMOTE_NAME" "$TARGET_BRANCH"; then
+    echo ""
+    echo "✓ Deploy pushed. HuggingFace will rebuild the Space shortly."
+    echo "  Track build status at: ${REMOTE_URL%.git}"
+  else
+    echo ""
+    echo "✗ Push rejected (non-fast-forward). If this is the FIRST deploy to" >&2
+    echo "  a freshly-created HF Space, HuggingFace seeded the repo with a" >&2
+    echo "  placeholder README that our subtree history can't fast-forward" >&2
+    echo "  over. Re-run with --force to overwrite it:" >&2
+    echo "" >&2
+    echo "    $(basename "$0") --force" >&2
+    echo "" >&2
+    echo "  CAUTION: --force overwrites whatever is currently on the Space's" >&2
+    echo "  main branch. Safe for first deploys; review carefully otherwise." >&2
+    exit 1
+  fi
+fi

test_diagnose.py

@@ -430,6 +430,34 @@ def test_diagnose_premium_does_not_mutate_env_with_user_key(monkeypatch):
     assert os.environ.get("ANTHROPIC_API_KEY") is None
 
 
+def test_diagnose_redacts_user_key_from_error_messages(monkeypatch):
+    """Defense-in-depth: if a backend exception ever included the
+    user-supplied Anthropic key in its string representation, the F14
+    wrapper must redact it before surfacing the error to the UI.
+    Symmetric with redactKey() in src/lib/anthropic-direct.ts."""
+    monkeypatch.delenv("ANTHROPIC_API_KEY", raising=False)
+    user_key = "sk-ant-very-secret-12345"
+
+    class _LeakyError(Exception):
+        pass
+
+    def leaky_anthropic(system, user, *, api_key=None):
+        # Simulate the worst case: SDK echoes the key in its error
+        raise _LeakyError(f"auth fail with key {api_key} rejected")
+
+    monkeypatch.setattr(app_module, "_call_anthropic", leaky_anthropic)
+
+    writeup, _ = diagnose(
+        _LONG_DESCRIPTION, None, None, None,
+        provider="anthropic",
+        anthropic_api_key=user_key,
+    )
+    assert user_key not in writeup
+    assert "[redacted]" in writeup
+    # And the rest of the error info should still be visible
+    assert "LeakyError" in writeup
+
+
 def test_call_anthropic_passes_api_key_to_sdk_constructor(monkeypatch):
     """When _call_anthropic receives api_key=, it must be passed to the
     Anthropic() SDK constructor — not stored in os.environ, not