feat(v2.1.0): wire FP suppression + remove Logtalk export

Context-aware false-positive suppression now active in all scan paths:
- WeakPoint gains suppressed: bool (serde default=false, audit-transparent)
- AssailReport gains suppressed_count: usize (skipped when 0)
- apply_suppression() wires kanren engine back to report after analysis
- Analyzer::analyze_inner() calls apply_suppression() on every scan
- Verbose output shows active/total counts with suppressed= semantics explained

10 suppression rules already in load_suppression_rules() now fire and
mark findings: test_file (0.99), null_checked (0.95), mutex_guarded (0.95),
constant_args (0.95), raii_managed (0.90), result_returning_fn (0.90),
enum_args (0.90), path_canonicalized (0.90), schema_validated (0.85),
timeout_protected (0.85). Heuristics intentionally broad (tune later).

Remove Logtalk export: --logtalk CLI flag removed, export_logtalk() and
write_logtalk_export() removed from kanren/mod.rs, all 3 completion files
updated. Hypatia now consumes JSON AssailReport via Elixir rules directly.

All docs updated: ROADMAP, EXPLAINME, CLAUDE.md, STATE.a2ml.

Tests: 289 passing, 0 failing across all suites.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: hyperpolymath

.claude/CLAUDE.md

@@ -168,7 +168,7 @@ Three self-contained modes — none requires the others:
 
 1. **verisimdb HTTP API integration**: Push hexads via REST (awaiting API stabilisation)
 2. **kanren context-facts**: ~10 rules for FP suppression (~8% -> ~2-3%)
-3. **hypatia pipeline**: Export kanren facts as Logtalk predicates via PanLL
+3. **hypatia pipeline**: JSON AssailReport consumed by Hypatia Elixir rules (Logtalk export removed 2026-04-12)
 4. **Shell completions**: bash, zsh, fish, nushell
 5. **Chapel metalayer**: Distributed `coforall` scanning across compute clusters
 

.machine_readable/6a2/STATE.a2ml

@@ -33,6 +33,6 @@ language-detection = "Skips external_corpora/, third_party/, and corpus/ directo
 [next-priorities]
 verisimdb-http = "Push hexads via REST (awaiting API stabilization)"
 kanren-fp-suppression = "~10 rules for false positive suppression (~8% -> ~2-3%)"
-hypatia-integration = "Export kanren facts as Logtalk predicates via PanLL"
+hypatia-integration = "JSON AssailReport consumed by Hypatia Elixir rules; Logtalk export removed 2026-04-12"
 shell-completions = "bash, zsh, fish, nushell"
 chapel-metalayer = "Distributed coforall scanning across compute clusters (future)"

EXPLAINME.adoc

@@ -69,7 +69,7 @@ The README makes claims. This file backs them up.
 | Project | Integration |
 | **reposystem** | Feeds weak-point scores into graph aspects (security weight)
 | **proof-of-work** | Z3-verifies that assail findings are genuine vulnerabilities
-| **hypatia** | Consumes assail facts as Logtalk predicates for rule engine
+| **hypatia** | Consumes JSON AssailReport via Elixir rules for neurosymbolic reasoning
 | **januskey** | Scans operation metadata for unsafe patterns in audit trail code
 
 == Readiness

ROADMAP.adoc

@@ -35,7 +35,7 @@ binary, panicbot (gitbot-fleet CI integration), and mass-panic (org-scale batch
 * [x] Forward chaining: derive new vulnerability facts from rules
 * [x] Backward queries: find files that could cause a vulnerability type
 * [ ] Context-facts for false-positive suppression (~10 rules, target ~8% -> ~2-3% FP rate)
-* [ ] Kanren fact export as Logtalk predicates for Hypatia pipeline
+* [ ] Context-facts for Hypatia Elixir rules: export FactDB snapshot as JSON for direct consumption by Hypatia rule engine (replaces removed Logtalk export; Hypatia now consumes JSON AssailReport via Elixir rules)
 
 == v2.2.0 -- VeriSimDB Integration
 

completions/_panic-attack

@@ -40,7 +40,6 @@ module completions {
     --verbose(-v)             # Verbose output
     --attest                  # Enable attestation chain (writes .attestation.json sidecar)
     --signing-key: path       # Path to Ed25519 private key (32-byte seed) for signing the attestation. Requires the `signing` feature
-    --logtalk: path           # Export kanren logic facts as Logtalk predicates for hypatia integration
     --report-view: string@"nu-complete panic-attack assail report_view"
     --expand-sections
     --output-format: string@"nu-complete panic-attack assail output_format"

completions/panic-attack.fish

@@ -72,7 +72,6 @@ complete -c panic-attack -n "__fish_panic_attack_needs_command" -f -a "temporal"
 complete -c panic-attack -n "__fish_panic_attack_needs_command" -f -a "completions" -d 'Generate shell completions for the specified shell'
 complete -c panic-attack -n "__fish_panic_attack_using_subcommand assail" -s o -l output -d 'Output report to file' -r -F
 complete -c panic-attack -n "__fish_panic_attack_using_subcommand assail" -l signing-key -d 'Path to Ed25519 private key (32-byte seed) for signing the attestation. Requires the `signing` feature' -r -F
-complete -c panic-attack -n "__fish_panic_attack_using_subcommand assail" -l logtalk -d 'Export kanren logic facts as Logtalk predicates for hypatia integration' -r -F
 complete -c panic-attack -n "__fish_panic_attack_using_subcommand assail" -l report-view -r -f -a "summary\t''
 accordion\t''
 dashboard\t''

completions/panic-attack.zsh

@@ -45,7 +45,6 @@ _arguments "${_arguments_options[@]}" : \
 '-o+[Output report to file]:OUTPUT:_files' \
 '--output=[Output report to file]:OUTPUT:_files' \
 '--signing-key=[Path to Ed25519 private key (32-byte seed) for signing the attestation. Requires the \`signing\` feature]:PATH:_files' \
-'--logtalk=[Export kanren logic facts as Logtalk predicates for hypatia integration]:PATH:_files' \
 '--report-view=[]:REPORT_VIEW:(summary accordion dashboard matrix)' \
 '--output-format=[]:OUTPUT_FORMAT:(json yaml nickel sarif)' \
 '--store=[]:DIR:_files' \

src/a2ml/mod.rs

@@ -832,6 +832,7 @@ mod tests {
                 severity: Severity::Medium,
                 description: "unchecked result".to_string(),
                 recommended_attack: vec![AttackAxis::Concurrency],
+                    suppressed: false,
             }],
             statistics: ProgramStatistics {
                 total_lines: 42,
@@ -856,6 +857,7 @@ mod tests {
             dependency_graph: DependencyGraph::default(),
             taint_matrix: TaintMatrix::default(),
             migration_metrics: None,
+            suppressed_count: 0,
         }
     }