Section 03: Findings Report & Write-Back

Status: In Progress Goal: Design the findings report format and implement the write-back mechanism that auto-fixes safe issues and flags issues requiring human decision. Connect the output to /continue-roadmap so cross-plan conflicts surface during active roadmap work.

Success Criteria:

Safety taxonomy (SafetyClass, ClassifiedFinding, WriteBackContext) defined and tested
Findings report format defined and implemented (JSON + markdown + console)
Frontmatter text patcher operates on raw text (regex), never PyYAML dump/reload
Auto-fix engine handles safe issues without human intervention, with concurrent-session guards
Manual-review issues are flagged with clear context and recommended actions
Integration with /continue-roadmap surfaces findings during active work

Context: Sections 01 and 02 produce raw findings (schema violations, DAG conflicts, priority inversions). This section turns those findings into actionable output: a structured report for review, an auto-fix engine for safe corrections, and integration with the existing /continue-roadmap workflow so findings surface at the right time. The distinction between auto-fixable and manual-review issues is critical — auto-fixing frontmatter field renames is safe; auto-resolving goal conflicts between plans is not.

Depends on: Section 02 (DAG Builder) — the report format depends on the classifier output structure.

Architectural decisions:

PyYAML is read-only. PyYAML safe_load is used to PARSE frontmatter. It is NEVER used to WRITE frontmatter back. PyYAML dump destroys YAML comments (which are DAG signal per Section 02’s HTML_COMMENT_CONVENTION and YAML_COMMENT source kinds), reorders keys, strips trailing whitespace, normalizes quoting style, and flattens multi-line strings. All frontmatter writes go through the targeted text patcher (03.4) which operates on the raw text slice between the --- fences using line-level regex replacements. This is the ONLY safe write path. See also: roadmap_scan.py:344 (yaml.safe_load for read) — the same constraint applies there.
Safety taxonomy lives here, not in plan_corpus. SafetyClass, ClassifiedFinding, and classify_safety are write-back policy. The plan_corpus library produces factual Finding records (no policy); this section consumes those findings and classifies them for write-back. plan_corpus must never import from this module.
Concurrent-session safety is mandatory. The user runs parallel agent sessions with uncommitted work (see MEMORY.md feedback_never_destructive_git.md). Any read-modify-write on plan files must: (a) record a preimage hash at scan time, (b) re-read and hash-compare before write, (c) write to a temp file and os.replace atomically. If the file changed between scan and write, refuse to apply and log the conflict.

03.1 Safety Taxonomy & Data Types

File(s): New module in the verify-roadmap skill (e.g. scripts/verify_roadmap/safety.py or inline in the skill’s write-back logic)

Define the safety taxonomy data types that the report format (03.2) and auto-fix engine (03.3) both consume. This subsection exists to break the circular dependency identified by tp-help: the report format needs ClassifiedFinding to serialize, and the auto-fix engine needs SafetyClass to gate writes — both need the types before either can be implemented.

03.2 Report Format

File(s): Report generation integrated into the verify-roadmap skill pipeline

Design and implement the findings report format. The report must be both human-readable (markdown) and machine-parseable (JSON) for downstream tool integration. This subsection CONSUMES the types defined in 03.1.

03.3 Auto-Fix Engine

File(s): Auto-fix logic integrated into verification pipeline

Implement automatic fixes for findings classified as SafeFix by 03.1’s classify_safety. Safety criterion: a fix is auto-fixable if it cannot change plan semantics — only metadata normalization.

03.4 Frontmatter Text Patcher

File(s): New module for targeted text-level frontmatter manipulation

This subsection implements the ONLY write path for frontmatter modifications. PyYAML is read-only; all writes go through targeted text patching on the raw frontmatter slice. This subsection also implements the concurrent-session safety guards.

Rationale (blind spot #1): PyYAML safe_load parses YAML into Python dicts (losing comments, key order, quoting style, trailing whitespace). If we were to modify the dict and yaml.dump it back, every comment in the frontmatter — including YAML comments that are DAG signal for Section 02’s YAML_COMMENT source kind — would be destroyed. Additionally, key ordering changes produce noisy git diffs. The text patcher operates on the raw text between the --- fences, using line-level regex replacements that preserve everything the fix does not explicitly target.

03.5 Continue-Roadmap Integration

File(s): .claude/skills/verify-roadmap/SKILL.md, integration with roadmap-scan.sh

Integrate the findings report with /continue-roadmap so cross-plan conflicts surface during active roadmap work, not only during explicit /verify-roadmap runs.

03.R Third Party Review Findings

[TPR-03-001-codex][high] section-03:107 — Align schema-driven SafeFix rules with the schema SSOT. OverviewSchema uses plan: canonically, not name:. SPEC_FILE_NOT_FOUND needs its own handling. Resolved: Fixed on 2026-04-14. Corrected SafeFix table: plan:→name: rename restricted to PlanIndexSchema files only; OverviewSchema explicitly excluded. SPEC_FILE_NOT_FOUND reclassified to ExposureReview.
[TPR-03-002-codex][medium] section-03:330 — Make quick-mode continue-roadmap contract consistent. BLOCKED vs CONFLICT scope contradiction. Resolved: Fixed on 2026-04-14. Integration bullets now consistently specify BLOCKED + DEAD_REFERENCE only for —quick mode.
[TPR-03-003-codex][medium] section-03:286 — Propagate unapplied patch results into the report. Resolved: Fixed on 2026-04-14. Added concurrent-modification propagation to auto-fix guards (SafeFix→ExposureReview on hash mismatch), unapplied-fix report surface in 03.2, and test pin.
[TPR-03-004-codex][medium] section-03:348 — Replace roadmap_scan migration placeholder with concrete checkbox. Resolved: Fixed on 2026-04-14. Option B rejected. Concrete - [ ] added to Section 05.3 mandating Option A migration.
[TPR-03-005-codex][medium] section-03:240 — Either consume Section 02 SUPERSEDED handoff or remove it. Resolved: Fixed on 2026-04-14. Added explicit design decision: all SUPERSEDED → ExposureReview; WriteBackContext available for future SafeFix graduation.
[TPR-03-001-gemini][high] section-03:278 — Remove Option B and mandate shadow parser migration. Resolved: Fixed on 2026-04-14. Same fix as TPR-03-004-codex — Option B removed, Option A mandated, Section 05.3 item added.
[TPR-03-002-gemini][high] section-03:192 — Propagate concurrent modification failures to findings report. Resolved: Fixed on 2026-04-14. Same fix as TPR-03-003-codex — auto-fix dispatcher converts to ExposureReview, report format surfaces unapplied fixes.
[TPR-03-003-gemini][medium] section-03:253 — Explicitly require plan_corpus.parser in round-trip test. Resolved: Fixed on 2026-04-14. Test description updated to specify plan_corpus.parser, not yaml.safe_load.

Round 2 findings (iteration 2, 2026-04-14):

[TPR-03-001-codex-r2][medium] section-05:187 — Replace roadmap_scan migration with real plan_corpus API surface. References to nonexistent parse_section_file/parse_index_file. Resolved: Fixed on 2026-04-14. Updated §03.4 and §05.3 to use actual API: read_text_strict, split_frontmatter_strict, load_and_validate.
[TPR-03-002-codex-r2][high] section-02:251 — Align §02 SUPERSEDED handoff with §03’s all-ExposureReview decision. §02 still said “to route SafeFix vs ExposureReview.” Resolved: Fixed on 2026-04-14. Updated §02 handoff text: git_status enrichment is advisory/reporting, not SafeFix routing. All SUPERSEDED → ExposureReview.
[TPR-03-001-gemini-r2][high] section-03:68 — classify_safety needs parsed frontmatter for collision guard purity. Resolved: Fixed on 2026-04-14. Added frontmatter_data: dict | None = None parameter to classify_safety signature. Pre-parsed at scan time; no I/O inside classifier.
[TPR-03-002-gemini-r2][medium] section-03:71 — Paired UNKNOWN_FIELD/MISSING_REQUIRED_FIELD deduplication for plan:→name: rename. Resolved: Fixed on 2026-04-14. Added paired-finding deduplication with resolved_by_sibling field on ClassifiedFinding.
[TPR-03-003-gemini-r2][medium] section-05:46 — —quick mode must include Phase 5 for report generation. Resolved: Fixed on 2026-04-14. Updated §05.1: —quick runs Phases 1-3 and 5 (report-only, no auto-fix). Phase 4 skipped.

Round 3 findings (iteration 3, 2026-04-14):

[TPR-03-001-codex-r3][high] section-05:68 — Point §05 phase wiring at real plan_corpus entrypoints (python -m scripts.plan_corpus, not the legacy single-file .py path). Resolved: Fixed on 2026-04-14. Updated Phase 1/2 entrypoints to actual package API.
[TPR-03-002-codex-r3][high] section-05:113 — Realign §05 validation cases (a)/(g) with live route A/B behavior. Current corpus = MISSING_DEPENDENCY, not BLOCKED. Resolved: Fixed on 2026-04-14. Updated both test cases to expect MISSING_DEPENDENCY (route B), with note about route A migration.
[TPR-03-003-codex-r3][medium] section-05:187 — Route roadmap_scan migration through load_and_validate, not low-level split_frontmatter_strict. Resolved: Fixed on 2026-04-14. Updated migration item to use load_and_validate as sole entrypoint per §01 SSOT boundary.
[TPR-03-004-codex-r3][medium] section-05:178 — Undefined —check mode; replaced with —full —no-auto-fix. Resolved: Fixed on 2026-04-14. Changed verification step to use existing —full —no-auto-fix mode.
[TPR-03-005-codex-r3][medium] section-03:114 — Carry resolved_by_sibling through the report contract. Resolved: Fixed on 2026-04-14. Updated §03.2 JSON spec to include resolved_by_sibling field.

Round 4 findings (iteration 4, 2026-04-15 — close-out dual-source TPR):

[TPR-03-001-codex-r4][high] scripts/verify_roadmap/patcher.py:306 — Refuse patch writes that escape the reviewed plan corpus. Resolved: Fixed on 2026-04-15. Added required corpus_root: Path parameter to apply_patch(). Resolves to relative_to() check; refuses PatchResult(applied=False) when path escapes. 3 negative-pin tests added in test_patcher.py::TestApplyPatchPathEscape. Propagated to apply_fixes() + PatcherFn type + all test call sites. Agreement: [TPR-03-001-gemini-r4] (same fix resolves both)
[TPR-03-001-gemini-r4][medium] scripts/verify_roadmap/patcher.py:166 — Missing path escape check in concurrent-session guards. Resolved: Fixed on 2026-04-15. Same fix as [TPR-03-001-codex-r4] (agreement). Agreement: [TPR-03-001-codex-r4] (same fix resolves both)
[TPR-03-002-codex-r4][medium] scripts/verify_roadmap/safety.py:286 — Implement sibling dedup for plan-to-name rename findings. Resolved: Fixed on 2026-04-15. Created scripts/verify_roadmap/pairing.py (separate from safety.py per 500-line BLOAT rule). pair_resolved_by_sibling() detects UNKNOWN_FIELD(plan) SafeFix rename + MISSING_REQUIRED_FIELD(name) on same PlanIndex file and marks the dependent half with resolved_by_sibling=<rename_id>. Wired into quick.py after classify_safety list comp. 9 tests in test_pairing.py (3 positive + 6 negative pins). Exported from __init__.py. Agreement: [TPR-03-002-gemini-r4] (same pairing concern; both layers addressed)
[TPR-03-002-gemini-r4][medium] scripts/verify_roadmap/auto_fix.py:202 — Auto-fix engine does not skip resolved_by_sibling findings. Resolved: Fixed on 2026-04-15. Added if cf.resolved_by_sibling is not None: continue guard in build_fix_plans(). Regression test test_skips_resolved_by_sibling added in test_auto_fix.py::TestBuildFixPlans. Agreement: [TPR-03-002-codex-r4] (same pairing concern; both layers addressed)
[TPR-03-003-codex-r4][low] .claude/skills/continue-roadmap/roadmap_scan.py:1482 — Log verify-quick degradation failures without requiring trace mode. Resolved: Fixed on 2026-04-15. Changed exception handler from trace(...) (no-op without --trace) to sys.stderr.write(f"[verify-quick] degradation: ...") (unconditional stderr). Import-failure and banner-ordering integration tests are tracked for test_quick.py but deferred to §04/§05 implementation scope (the integration point is in roadmap_scan.py which is outside §03’s owned modules).

Round 4 iteration 2 findings (2026-04-15 — re-review after round-4 fixes):

[TPR-03-001-codex-r4i2][low] scripts/verify_roadmap/pairing.py:98 — Stop using the rationale string as pairing state. Evidence: pair_resolved_by_sibling identified the rename sibling via other.rationale.startswith(_RENAME_RATIONALE_PREFIX). Prose rationale is produced in safety.py:300; a wording edit would silently break pairing. Impact: No structural source of truth for “this is the rename half” — fragile coupling through prose. Resolved: Fixed on 2026-04-15. Added PAIRING_TAG_PLAN_TO_NAME_RENAME constant + pairing_tag: str | None field on ClassifiedFinding. Classifier sets the tag on the rename-case SafeFix. Pairing function matches other.pairing_tag == PAIRING_TAG_PLAN_TO_NAME_RENAME instead of rationale string. All 9 test_pairing.py tests updated to pass the tag. Basis: direct_file_inspection. Confidence: high.

Round 4 iteration 3 findings (2026-04-15 — re-review after pairing_tag fix):

[TPR-03-001-codex-r4i3][medium] scripts/verify_roadmap/auto_fix.py:102 — Replace rationale-string dispatch for unknown-field fixes with structural state. Evidence: _dispatch_unknown_field() still chose between REMOVE_KEY and RENAME_KEY by inspecting cf.rationale for prose fragments. Same fragile-coupling pattern just fixed in pairing.py. Resolved: Fixed on 2026-04-15. Replaced rationale-based dispatch with if cf.pairing_tag == PAIRING_TAG_PLAN_TO_NAME_RENAME: structural check. Imported the constant; updated test fixture _safe_fix() to accept pairing_tag. Basis: direct_file_inspection. Confidence: high.
[TPR-03-002-codex-r4i3][low] tests/plan-audit/test_pairing.py:77 — Add integration pin for classify_safety emitting the pairing tag. Evidence: Pairing tests hand-construct the tag; safety tests stop at asserting SafeFix. No test exercises the real classifier→pairing handoff. Resolved: Fixed on 2026-04-15. Added test_unknown_field_plan_key_rename_emits_pairing_tag in test_safety.py — calls classify_safety() directly and asserts result.pairing_tag == PAIRING_TAG_PLAN_TO_NAME_RENAME. 289 tests now pass. Basis: direct_file_inspection. Confidence: high.

Round 4 iteration 4 findings (2026-04-15 — structural target_key):

[TPR-03-001-codex-r4i4][medium] scripts/verify_roadmap/pairing.py:87 — Carry schema field identity structurally instead of parsing Finding.description. Evidence: Downstream flow still parsed prose to identify which field a finding refers to. pair_resolved_by_sibling() checked "name" in f.description.lower(); _dispatch_unknown_field() checked "plan" in desc; _classify_missing_required_field() checked "reviewed" in desc. Resolved: Fixed on 2026-04-15. Added target_key: str | None = None to Finding dataclass in plan_corpus/types.py. _check_required_fields() and _check_unknown_fields() in schema.py now populate it with the actual key name. All downstream modules (safety.py, auto_fix.py, pairing.py) now dispatch on finding.target_key — zero prose parsing for field identity. Agreement: [TPR-03-001-gemini-r4i4] (same systemic issue, different angle)
[TPR-03-001-gemini-r4i4][high] scripts/verify_roadmap/auto_fix.py:99 — Remove prose-string fragility across auto_fix, pairing, and safety modules. Resolved: Fixed on 2026-04-15. Same fix as [TPR-03-001-codex-r4i4] — structural target_key field eliminates all prose-based field dispatch. Agreement: [TPR-03-001-codex-r4i4]
[TPR-03-002-gemini-r4i4][high] scripts/verify_roadmap/auto_fix.py:165 — Remove fragile string splitting for dead reference extraction. Evidence: _dispatch_dead_reference parses f.description via rsplit(":", 1)[1].strip() to extract the dead reference value. Comment notes this is “best-effort.” Requires structural value passing from the upstream DAG validator — crosses into plan_corpus/dag.py which constructs the dead-reference findings. Impact: Prose-string fragility; any description format change breaks auto-fix. Resolved: Fixed on 2026-04-15 during §03 close-out. Scope estimate was overstated — the fix was ~30 lines across plan_corpus/types.py (new Finding.target_value: str | None field + id-hash + to_json), plan_corpus/docgen.py (2 DEAD_REFERENCE sites + _find_section_file signature), plan_corpus/dag.py (4 DEAD_REFERENCE construction sites), and verify_roadmap/auto_fix.py (structural read + defense-in-depth panic on missing target_value). 7 matrix regression tests added (test_auto_fix.py::TestBuildFixPlanDeadReference) covering positive pin, cross-plan-dep preservation, embedded-colon value preservation, description-format-change independence, None-panics defense-in-depth, and non-depends_on short-circuit — plus 1 dag-side pin in test_dag_classifiers.py verifying every classify_dead_reference finding carries target_value == evidence[0]. 616 plan-audit tests pass. §05:187 anchor item marked done.

Round 5 findings (2026-04-15 — section close-out dual-source review):

Resolution summary: all 14 round-5 findings (13 actionable + 1 informational) fixed on 2026-04-15 in commit 0bfd9e93 (“fix(verify-roadmap): apply 13 TPR-03 round-5 findings to auto-fix engine”). 15 regression tests added across test_patcher.py, test_auto_fix.py, test_plan_corpus.py, test_dag_precedence.py, and test_safety.py to pin each fix. All 493 plan-audit tests pass.

Round 5 iteration 2 findings (2026-04-15 — re-review after round-1 fixes):

[TPR-03-001-codex-r5i2][medium] tests/plan-audit/test_safety.py:377 — Exercise the reroute SafeFix through the real producer and dispatcher. Evidence: The new reroute coverage only hand-constructs Finding(..., target_key="reroute") and asserts classify_safety() returns SAFE_FIX. It never proves that real schema validation produces that target_key (scripts/plan_corpus/schema.py:377-385), and it never reaches the newly added dispatcher that must emit REMOVE_KEY("reroute") (scripts/verify_roadmap/auto_fix.py:145-160). If _validate_plan_index() stopped populating target_key or _dispatch_cross_field_invariant() regressed to return (), the current 493-test suite would still pass. Impact: TPR-03-006-codex is not actually pinned end-to-end. The promised reroute: false auto-fix can regress in the real validate -> classify -> build-fix path without any failing regression test. Required plan update: Add an end-to-end regression test that starts from real plan-index frontmatter containing reroute: false, asserts the emitted finding carries target_key="reroute", then runs classify_safety() and build_fix_plan() (or dry-run apply_fixes) and checks that the planned operation is REMOVE_KEY for reroute. Basis: fresh_verification. Confidence: high. Resolved: Fixed on 2026-04-15. Added test_reroute_false_end_to_end_validate_classify_dispatch in test_safety.py — starts from real plan-index frontmatter with reroute: false, asserts _validate_plan_index emits target_key="reroute", then runs classify_safety() → SAFE_FIX and build_fix_plan() → REMOVE_KEY('reroute'). All three layers (producer/classifier/dispatcher) now pinned end-to-end.
[TPR-03-002-codex-r5i2][low] tests/plan-audit/test_report.py:152 — Pin classifier_version and target/type rendering in the report suite. Evidence: scripts/verify_roadmap/report.py now adds metadata.classifier_version (report.py:36-41,138-144), markdown Type / Reference / Target key lines (report.py:237-267), and console [category/subtype] plus source -> target output (report.py:290-331). But the report tests at tests/plan-audit/test_report.py:152-230 only assert timestamp, mode, corpus size, safety metadata, and unapplied-fix fields, and the markdown/console tests only check ordering and prefix presence. No assertion mentions classifier_version, category/subtype tags, target rendering, or target-key rendering. A revert of TPR-03-008-codex would therefore keep the suite green. Impact: The close-out claims that the report contract is pinned, but the new user-facing and machine-facing surfaces can drift silently. This weakens confidence in both the JSON contract and the human renderers. Required plan update: Extend tests/plan-audit/test_report.py with explicit JSON assertions for metadata.classifier_version and a finding carrying target/target_key, plus markdown and console assertions that category/subtype and source -> target rendering appear for a targeted finding. Basis: fresh_verification. Confidence: high. Resolved: Fixed on 2026-04-15. Added 5 pins in test_report.py: test_metadata_includes_classifier_version, test_json_finding_entry_serializes_target_key, test_markdown_renders_category_subtype_type, test_markdown_renders_source_to_target_reference, test_console_shows_category_subtype_tag, test_console_shows_source_to_target. A revert of TPR-03-008-codex would now fail the suite.
[TPR-03-001-gemini-r5i2][informational] scripts/verify_roadmap/patcher.py:1 — All 13 findings from TPR-03 round 1 verified as resolved. Evidence: Comprehensive verification pass confirmed: insert_key block-list skip; remove_list_item inline-comment regex; apply_patch CAS re-read; auto_fix working_preimages rollforward; Finding.id target_key hashing; to_json target_key serialization; demoted ExposureReview + finding_id propagation; dataclasses.replace in dag.py; structural reroute SafeFix across DAG/validator/taxonomy layers. Resolved: Verification-only informational finding — no code change required. Acknowledges the round-1 fix commit 0bfd9e93 as sound.

Round 5 iteration 3 findings (2026-04-15 — CLEAN PASS, re-review after round-2 fixes):

Dual-source verification of commit 3bccddd8. ZERO actionable findings, 3 informational acknowledgments. Both reviewers (codex + gemini) independently confirm the round-2 test-coverage fixes pin the reroute SafeFix chain and new report.py surfaces correctly. Thoroughness: both reviewers compliant (codex 12 files / 4 rules / tests rerun; gemini 7 files / 4 rules / tests rerun). TPR loop terminates clean.

[TPR-03-001-codex-r5i3][informational] tests/plan-audit/test_safety.py:394 — Keep the reroute producer/classifier/dispatcher chain pinned. Resolved: Verification-only. Acknowledges commit 3bccddd8 successfully pins all three layers end-to-end.
[TPR-03-002-codex-r5i3][informational] tests/plan-audit/test_report.py:171 — Keep the new report metadata and rendering surfaces pinned. Resolved: Verification-only. Acknowledges commit 3bccddd8 added 6 pins covering classifier_version, target_key JSON serialization, category/subtype markdown + console rendering, and source -> target rendering.
[TPR-03-001-gemini-r5i3][informational] tests/plan-audit/test_safety.py:394 — Acknowledge that commit 3bccddd8 successfully pins reroute auto-fix and report surfaces. Resolved: Verification-only. Gemini confirms the round-2 fixes are sound.

Round 6 findings (2026-04-15 — §03.N close-out TPR after commit baa01833):

Dual-source review of the structural Finding.target_value landing. Transport had infra friction (4 consecutive gemini capacity errors before attempt 5 succeeded) — semantic iteration budget untouched. Codex: 436s / 144 events / 6017-byte envelope. Gemini: 313s / 69 events / 2631-byte envelope, ran pytest as fresh_verification. 3 actionable findings, all [medium], all DRIFT:missing-regression-pin against the new target_value field. No agreements tagged by the merger, but TPR-03-002-codex-r6 and TPR-03-001-gemini-r6 target identical location and identical root cause — effectively an agreement.

[TPR-03-001-codex-r6][medium] tests/plan-audit/test_plan_corpus.py:488 — Add target_value sync-point regression pins. [DRIFT] Evidence: scripts/plan_corpus/types.py:296-340 now conditionally hashes and serializes target_value, parallel to target_key. But test_plan_corpus.py:488-564 pins only the four target_key cells (discriminator, legacy-None id preservation, to_json serialization, to_json null-for-legacy). No test would fail if target_value were removed from Finding.id or Finding.to_json(). Impact: The target_key/target_value symmetry rule in the rules brief is unpinned at the shared-type sync points. A future regression could silently drop target_value from id-discrimination or JSON output, reintroducing duplicate IDs for same-line dead-list findings or breaking machine-readable report consumers. Resolved: Fixed on 2026-04-15 during §03.N close-out round-6 loop. Added 4 sync-point pins in TestFindingTypeSafety parallel to the target_key quartet: test_id_discriminates_by_target_value (two DEAD_REFERENCE findings on the same line with different target_value values produce distinct ids), test_id_unchanged_when_target_value_is_none (legacy pre-extension hash preserved), test_to_json_serializes_target_value (JSON output includes the field), test_to_json_target_value_null_for_legacy_findings (legacy findings serialize as null, not absent).
[TPR-03-002-codex-r6][medium] tests/plan-audit/test_dag_classifiers.py:418 — Expand producer-side target_value matrix coverage. [GAP] Evidence: test_dead_ref_findings_carry_structural_target_value exercises only the prose-reference path (dag.py:1580 — PLAN_DIRECTORY_NOT_FOUND for truly nonexistent targets). It does NOT hit dag.py:876 (EXPLICIT_DEPENDS_ON SECTION_FILE_NOT_FOUND), dag.py:1532 (stale-annotation special-home), dag.py:1555 (stale-annotation regular slug), or any of the resolve_dep / _find_section_file producers in docgen.py:46-93. No negative pin proves non-DEAD_REFERENCE findings have target_value=None. Impact: Most of the producer surface feeding _dispatch_dead_reference structurally is unpinned. A future omission at one of those construction sites regresses real corpus findings to missing target_value while the hand-constructed auto_fix matrix continues to pass. Resolved: Fixed on 2026-04-15 during §03.N close-out round-6 loop. Added 4 new matrix cells in TestClassifyDeadReference: test_explicit_depends_on_dead_ref_carries_target_value (dag.py EXPLICIT_DEPENDS_ON path via depends_on=["99"] pointing at nonexistent section; pins target_value == dep_id), test_completed_plan_body_ref_carries_target_value (dag.py stale-annotation regular-slug path via  pointing at plans/completed/archived-plan/), test_cross_plan_unknown_name_carries_target_value (docgen.py CROSS_PLAN_NAME_NOT_FOUND producer via depends_on=["ghost-plan#03"]), and the negative pin test_non_dead_reference_finding_has_no_target_value (asserts no classifier accidentally sets target_value on non-DEAD_REFERENCE findings). 624/624 plan-audit tests pass.
[TPR-03-001-gemini-r6][medium] tests/plan-audit/test_dag_classifiers.py:418 — GAP: Missing matrix cells and negative pin for dag-side target_value population. [GAP] Evidence: Same root issue as TPR-03-002-codex-r6 — the test_dead_ref_findings_carry_structural_target_value pin covers only the body-prose PLAN_DIRECTORY_NOT_FOUND path. Other three dag.py construction sites (EXPLICIT_DEPENDS_ON, stale-annotation special-home, stale-annotation regular-slug) unpinned. No negative pin for non-DEAD_REFERENCE subtypes. Impact: Silent regression if target_value population is dropped at one of the unpinned sites — would surface later as AutoFixError panic in the dispatcher rather than a targeted test failure. Resolved: Fixed on 2026-04-15. Same fix as [TPR-03-002-codex-r6] (effective agreement — different titles, same location, same root cause). Agreement (effective): [TPR-03-002-codex-r6] — same location, same root cause, different title (merger did not auto-detect agreement due to title mismatch; manually cross-referenced).