[Change] Misuse Safety Proof #281
Description
Why
When a user invokes SpecFact CLI with wrong flags, missing files, invalid YAML, or forbidden option combinations, the CLI should always: exit non-zero, print a human-readable error to stderr, and leave no partial artifacts on disk. Today, anti-pattern handling is tested ad-hoc. A systematic anti-pattern catalog per command group — combined with Hypothesis property-based fuzzing — proves that every misuse case fails safely and predictably.
What Changes
- NEW: Anti-pattern catalog per command group in
tests/cli-contracts/ - NEW: Anti-pattern test suite asserting: non-zero exit, clean error, no side effects
- NEW: Hypothesis property-based fuzz strategies for major command groups
- EXTEND: Existing CliRunner test patterns with systematic traceback-absence assertions
Acceptance Criteria
- Anti-pattern catalog exists for all Wave 1 command groups
- Three-property safety assertion passes for every anti-pattern
- Hypothesis strategies for 3-5 major commands find no crashes
- Discovered bugs documented as separate issues
Blocked by: #279 (cli-val-01-behavior-contract-standard)
OpenSpec Change Proposal: cli-val-03-misuse-safety-proof