docs: final cleanup and accuracy pass before public push

- Fix const inference bug: wrap inferred contracts with status-code guards
- Add integration test for status-guarded contract inference
- Tighten and deduplicate docs across verify, qualify, getting-started, cli
- Fix broken cross-references and TypeScript→JavaScript conversions
- Fix factual errors: license, Date.now(), sampling defaults, cache env
- Add missing features: --workspace, --generation-profile, json-summary formats
- Move stale extension docs (AUTH-RATE-LIMIT-REVISED, HTTP-EXTENSIONS) to attic
- Update PLUGIN_CONTRACTS_SPEC status to Implemented
- Build: clean | Tests: 849 pass, 0 fail

README.md

@@ -12,6 +12,8 @@ apophis init --preset safe-ci
 apophis verify --profile quick --routes "POST /users"
 ```
 
+`x-ensures` is an OpenAPI schema extension for behavioral contracts — statements about what a route must guarantee.
+
 ## Cross-Route Failure Example
 
 Add one behavioral contract next to a route schema. APOPHIS can verify cross-route behavior, such as whether a resource created by one route is retrievable through another.
@@ -19,6 +21,8 @@ Add one behavioral contract next to a route schema. APOPHIS can verify cross-rou
 **Route:**
 
 ```javascript
+import crypto from 'crypto';
+
 app.post('/users', {
   schema: {
     'x-category': 'constructor',
@@ -29,7 +33,7 @@ app.post('/users', {
   }
 }, async (request, reply) => {
   const { name } = request.body;
-  const id = `usr-${Date.now()}`;
+  const id = `usr-${crypto.createHash('sha256').update(name).digest('hex').slice(0, 8)}`;
   reply.status(201);
   return { id, name };
 });
@@ -47,7 +51,7 @@ Expected
   response_code(GET /users/{response_body(this).id}) == 200
 
 Observed
-  GET /users/usr-123 returned 404
+  GET /users/usr-7d865e returned 404
 
 Why this matters
   The resource created by POST /users is not retrievable.
@@ -80,6 +84,9 @@ apophis init --preset safe-ci
 
 # 3. Verify
 apophis verify --profile quick --routes "POST /users"
+
+# 4. Doctor
+apophis doctor
 ```
 
 See [docs/getting-started.md](docs/getting-started.md) for the full walkthrough.
@@ -87,9 +94,12 @@ See [docs/getting-started.md](docs/getting-started.md) for the full walkthrough.
 ## Trust and Safety
 
 - **Deterministic replay**: Every failure includes a seed and a one-command replay.
+- **Generation profile aliases**: Control test budget with `--generation-profile quick|standard|deep`.
 - **CI-safe default path**: `verify` is deterministic and safe for CI pipelines.
+- **Machine-readable output**: `--format json-summary` and `--format ndjson-summary` for CI dashboards.
 - **Production-safe observe path**: `observe` is non-blocking by default. Blocking behavior requires explicit break-glass policy.
 - **Qualify path gated away from prod**: `qualify` is blocked in production by default.
+- **Monorepo workspace support**: `--workspace` fans out `verify` and `doctor` across all packages.
 - **Explicit environment boundaries**: Config rejects unknown keys and unsafe environment mixes.
 
 ## LLM-Safe
@@ -116,4 +126,4 @@ See [docs/llm-safe-adoption.md](docs/llm-safe-adoption.md) for templates and CI
 
 ## License
 
-ISC
+MIT