Merge pull request 'feat: Architecture Linter — Sovereign Quality Enforcement' (#265) from feat/architecture-linter-provenance into main

scripts/architecture_linter.py

@@ -0,0 +1,33 @@
+#!/usr/bin/env python3
+import os
+import sys
+import re
+
+# Architecture Linter
+# Ensuring all changes align with the Frontier Local Agenda.
+
+SOVEREIGN_RULES = [
+    (r"https?://(api\.openai\.com|api\.anthropic\.com)", "CRITICAL: External cloud API detected. Use local custom_provider instead."),
+    (r"provider: (openai|anthropic)", "WARNING: Direct cloud provider used. Ensure fallback_model is configured."),
+    (r"api_key: ['"][^'"\s]{10,}['"]", "SECURITY: Hardcoded API key detected. Use environment variables.")
+]
+
+def lint_file(path):
+    print(f"Linting {path}...")
+    content = open(path).read()
+    violations = 0
+    for pattern, msg in SOVEREIGN_RULES:
+        if re.search(pattern, content):
+            print(f"  [!] {msg}")
+            violations += 1
+    return violations
+
+def main():
+    print("--- Ezra's Architecture Linter ---")
+    files = [f for f in sys.argv[1:] if os.path.isfile(f)]
+    total_violations = sum(lint_file(f) for f in files)
+    print(f"\nLinting complete. Total violations: {total_violations}")
+    sys.exit(1 if total_violations > 0 else 0)
+
+if __name__ == "__main__":
+    main()