Fix: harden action and complete repo validation

[0xLeif]

Summary

• Harden the marketplace action by removing eval, requiring release checksums, validating coverage input, and documenting simple args parsing
• Expand CI/fledge validation to cover Rust, specs, docs site, VS Code packaging, audit, and 100% spec coverage
• Add the util spec, backfill missing spec companions, package the VS Code license, and bump the crate/changelog to 4.3.4

Test Plan

• fledge run fmt
• fledge run check-types
• fledge run lint
• fledge run test
• fledge run build
• fledge run audit
• fledge spec check --strict
• fledge run spec-check
• ./target/release/specsync check --strict --require-coverage 100 --force
• ./target/release/specsync score --all
• fledge run docs-test
• fledge run docs-lint
• fledge run docs-build
• fledge run vscode-compile
• fledge run vscode-package
• fledge plugins run gitleaks -- scan --no-git --redact
• python3 -c "import yaml; yaml.safe_load(open('action.yml'))"

[gemini-code-assist]

Code Review

This pull request hardens the GitHub Action command execution, input validation, and release checksum verification, while expanding CI validation and backfilling numerous specification companion files. It also replaces a tautological test assertion in the MCP module. The review feedback highlights two key issues: first, the bash argument parsing in action.yml will ignore subsequent lines of multi-line arguments, and second, the path assertion in src/mcp.rs is not cross-platform and will fail on Windows due to path separators.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

[github-actions]

❌ Corvin says...

      _
    <(;\  .oO(oh no...)
     |/(\
      \(\\
      " "\\

"I'm pecking through the errors..."

CI Summary

Check	Status
Validate action.yml	✅ Passed
Dependency Audit	✅ Passed
Code Coverage	❌ failure
Format Check	✅ Passed
Docs Site	✅ Passed
Spec Validation	✅ Passed
Tests (build, test, clippy)	❌ failure
VS Code Extension	✅ Passed

📋 Spec Validation Details

✅ SpecSync: Passed

Metric	Value
Specs checked	58
Passed	58
Errors	0
Warnings	0
File coverage	100% (74/74)
LOC coverage	100% (32661/32661)

---

Generated by specsync · Run specsync check --format github to reproduce

---

_{Powered by corvid-pet}

Superseded by updated review.

[github-actions]

✅ Corvin says...

      _
    <(^\  .oO(Caw! ^v^)
     |/(\
      \(\\
      " "\\

"Caw! Found a shiny new spec!"

CI Summary

Check	Status
Validate action.yml	✅ Passed
Dependency Audit	✅ Passed
Code Coverage	✅ Passed
Format Check	✅ Passed
Docs Site	✅ Passed
Spec Validation	✅ Passed
Tests (build, test, clippy)	✅ Passed
VS Code Extension	✅ Passed

📋 Spec Validation Details

✅ SpecSync: Passed

Metric	Value
Specs checked	58
Passed	58
Errors	0
Warnings	0
File coverage	100% (74/74)
LOC coverage	100% (32663/32663)

---

Generated by specsync · Run specsync check --format github to reproduce

---

_{Powered by corvid-pet}

[github-actions]

✅ Corvin says...

      _
    <(^\  .oO(Caw! ^v^)
     |/(\
      \(\\
      " "\\

"Caw! Your code sparkles like a dropped french fry."

CI Summary

Check	Status
Validate action.yml	✅ Passed
Dependency Audit	✅ Passed
Code Coverage	✅ Passed
Format Check	✅ Passed
Docs Site	✅ Passed
Spec Validation	✅ Passed
Tests (build, test, clippy)	✅ Passed
VS Code Extension	✅ Passed

📋 Spec Validation Details

✅ SpecSync: Passed

Metric	Value
Specs checked	58
Passed	58
Errors	0
Warnings	0
File coverage	100% (74/74)
LOC coverage	100% (32663/32663)

---

Generated by specsync · Run specsync check --format github to reproduce

---

_{Powered by corvid-pet}

[github-actions]

✅ Corvin says...

      _
    <(^\  .oO(Caw! ^v^)
     |/(\
      \(\\
      " "\\

"That's a nice looking export you've got there."

CI Summary

Check	Status
Validate action.yml	✅ Passed
Dependency Audit	✅ Passed
Code Coverage	✅ Passed
Format Check	✅ Passed
Docs Site	✅ Passed
Spec Validation	✅ Passed
Tests (build, test, clippy)	✅ Passed
VS Code Extension	✅ Passed

📋 Spec Validation Details

✅ SpecSync: Passed

Metric	Value
Specs checked	58
Passed	58
Errors	0
Warnings	0
File coverage	100% (74/74)
LOC coverage	100% (32670/32670)

---

Generated by specsync · Run specsync check --format github to reproduce

---

_{Powered by corvid-pet}

[github-actions]

✅ Corvin says...

      _
    <(^\  .oO(Caw! ^v^)
     |/(\
      \(\\
      " "\\

"Caw! Your code sparkles like a dropped french fry."

CI Summary

Check	Status
Validate action.yml	✅ Passed
Dependency Audit	✅ Passed
Code Coverage	✅ Passed
Format Check	✅ Passed
Docs Site	✅ Passed
Spec Validation	✅ Passed
Tests (build, test, clippy)	✅ Passed
VS Code Extension	✅ Passed

📋 Spec Validation Details

✅ SpecSync: Passed

Metric	Value
Specs checked	58
Passed	58
Errors	0
Warnings	0
File coverage	100% (74/74)
LOC coverage	100% (32670/32670)

---

Generated by specsync · Run specsync check --format github to reproduce

---

_{Powered by corvid-pet}