"Scientia Publication Endpoints — Ground-Truth Research & Implementation Policy (April 2026)"

Scientia Publication Endpoints — Ground-Truth Research & Implementation Policy (April 2026)

[!IMPORTANT] This is v2 of the endpoint research. It supersedes the v1 written earlier in the same session. Web searches and code audit conducted 2026-04-13. Covers all files in crates/vox-publisher/src/adapters/, crates/vox-publisher/src/scholarly/, crates/vox-publisher/src/switching.rs, crates/vox-publisher/src/syndication_outcome.rs, crates/vox-publisher/src/types.rs, crates/vox-publisher/src/gate.rs, crates/vox-publisher/src/social_retry.rs, and crates/vox-publisher/src/scientia_heuristics.rs.

How to Read This Document
Cross-Cutting Structural Audit
Platform-by-Platform Audit (Social / Community)
Platform-by-Platform Audit (Scholarly / Archival)
ResearchGate — Full Policy Analysis
New Scholarly Targets (ORCID, Figshare)
Platform Priority Matrix (Updated)
Hallucination Inventory (Updated)
Unified SSoT Data Model Requirements
Implementation Policy
Task Backlog (Updated)

1. How to Read

For each channel:

Code reality — exact file + line count + what it actually does.
True API mechanics — verified, sourced.
Gap delta — specific discrepancies numbered EP-NNN for traceability.
Maintenance burden — how much ongoing work this will require.
Recommendation — keep / fix / defer / do not implement.

2. Cross-Cutting Structural Audit

These gaps span multiple adapters and must be fixed as a baseline before any adapter-specific work.

2.1 `social_retry.rs` is Dead Code

social_retry.rs (82 lines) defines run_with_retries, budget_from_distribution_policy, and SocialRetryBudget. This is well-designed infrastructure. However, grep across the entire publisher crate reveals zero call sites for run_with_retries. The retry system exists but is never invoked.

EP-001 (Critical): Wire run_with_retries into all social adapter dispatch paths before considering any adapter "complete." Without this, a single transient 429 or network error fails the entire publication attempt and leaves persistent retry state inconsistent.

The correct pattern (to be applied uniformly):

#![allow(unused)]
fn main() {
let budget = social_retry::budget_from_distribution_policy(&item);
let result = social_retry::run_with_retries(budget, || async {
    some_adapter::post(...).await
}).await;
}

2.2 `switching.rs` Channel Registry Is Stale and Incomplete

switching.rs::apply_channel_allowlist (line 285–311) handles: rss, twitter, github, open_collective, reddit, hacker_news, youtube, crates_io.

EP-002 (High): bluesky, mastodon, linkedin, discord are present in SyndicationConfig (types.rs) and SyndicationResult (syndication_outcome.rs) but are absent from apply_channel_allowlist, failed_channels, successful_channels, and outcome_for_channel in switching.rs.

Consequence: These four channels can never be gated by the allowlist system, never appear in retry plans, and their outcomes are invisible to the retry infrastructure even though SyndicationResult tracks them.

EP-003 (High): normalize_distribution_json_value_with_warnings also omits bluesky, mastodon, linkedin, discord from the contract-shape expansion block (lines 193–211). Publishing via the channels/channel_payloads contract shape will silently ignore these four channels.

2.3 `SyndicationResult` vs `switching.rs` Channel Mismatch

SyndicationResult has fields: rss, twitter, github, open_collective, reddit, hacker_news, youtube, crates_io, bluesky, mastodon, linkedin, discord.

switching.rs::outcome_for_channel matches only: rss, twitter, github, open_collective, reddit, hacker_news, youtube, crates_io.

EP-004 (High): The four newer channels have outcomes tracked in SyndicationResult but cannot be addressed by name in retry plans. plan_publication_retry_channels will return blocked_channels with reason: "unknown_channel" for these.

2.4 OpenCollective Adapter Uses Wrong Auth Header

opencollective.rs line 46: .header("Api-Key", token).

The Open Collective GraphQL API v2 uses Personal-Token: {token} as the documented header, not Api-Key. The authenticated endpoint header is Personal-Token.

✅ UPDATE: After verifying OC's API, the header Api-Key is the legacy form which was still accepted as of the audit date, but official docs use Personal-Token. Low severity but should be updated.

EP-005 (Low): Update opencollective.rs header from Api-Key to Personal-Token to align with documented API and avoid breakage if OC deprecates the legacy header.

2.5 `makePublicOn` Hardcoded to Null in OpenCollective

opencollective.rs line 37: "makePublicOn": null — hardcoded, ignoring config.scheduled_publish_at.

EP-006 (Medium): The OpenCollectiveConfig struct (types.rs line 172) already has scheduled_publish_at: Option<DateTime<Utc>> but the adapter never uses it.

Fix: "makePublicOn": config.scheduled_publish_at.map(|dt| dt.to_rfc3339()).

2.6 `BlueskyConfig.link_facet` Field Exists But Is Unused

types.rs line 109: pub link_facet: bool in BlueskyConfig. The bluesky.rs adapter does not implement link facets (rich embed cards with thumbnails). This bool is declared but does nothing — a silent broken promise.

EP-007 (Medium): Either implement AT Protocol $type: app.bsky.embed.external facets or remove the link_facet field and document that richtext facets are deferred.

2.7 `content_sha3_256` Includes `syndication` in Hash — Behavioral Risk

types.rs line 478: "syndication": self.syndication is included in the SHA3-256 content hash. This means changing any syndication routing config (e.g., adding a new channel, changing a dry_run flag) produces a different digest, triggering the dual-approval gate for content that did not actually change.

EP-008 (Medium): The hash should capture content (title, author, body, tags), not routing configuration. Suggest separating content_hash from routing_hash. Content identity should be stable across syndication config changes.

2.8 GitHub Adapter May Create Issues Instead of Discussions

github.rs line 95: calls provider.create_discussion_or_issue(...). The vox-forge trait method is create_discussion_or_issue — the name implies a fallback to Issue creation if Discussion creation fails or if the repo doesn't have Discussions enabled.

EP-009 (Medium): For SCIENTIA publication events, creating an Issue instead of a Discussion is a UX regression (Issues appear in the bug tracker). Verify GitForgeProvider::create_discussion_or_issue never silently falls back to Issue creation when Discussion categories exist. If it does, rename and harden.

2.9 `HackerNewsConfig` Has No `comment_draft` Field

types.rs line 211–219 defines HackerNewsConfig with only mode, title_override, url_override. No field for the first-comment draft text.

EP-010 (Low): Add comment_draft: Option<String> to HackerNewsConfig for the queued handoff workflow. Without it, the manual assist output is incomplete.

2.10 No `dry_run` Guard in YouTube Adapter

youtube.rs::upload_video (line 107): No check of any dry_run flag before calling refresh_access_token, reading the video file from disk, or initiating the resumable upload. A dry-run pass will incur disk I/O and OAuth token refresh.

EP-011 (High): Add if cfg.dry_run { return Ok(format!("dry-run-youtube-{}", ...)); } before any I/O. This requires plumbing dry_run through the adapter signature (currently missing from upload_video's parameter list).

2.11 `MastodonConfig.status` vs `status_text` Schema Inconsistency

types.rs line 114: pub status: Option<String> in MastodonConfig. This is the full toot text. However, the Mastodon API field name is also status (in the POST body). But the previous audit documentation referred to it as status_text. The code uses status — this is correct but the documentation (playbook) was inconsistent.

No code fix needed here — the types.rs field name is correct. Audit note only.

2.12 `Bluesky.rs` Requests Wrong PDS Endpoint

Confirmed in v1 audit: bsky.social is hardcoded at lines 46 and 74. AT Protocol requires resolving the user's PDS from their DID first. Additionally:

EP-012 (Critical): CreateSessionResponse at line 14 expects field access_token but the AT Protocol XRPC response returns accessJwt. This is a compilation-time silent bug — Serde will deserialize successfully but produce an empty string because the field name doesn't match. Every Bluesky post is failing silently.

2.13 `social_retry.rs` Does Not Parse `Retry-After` Headers

run_with_retries uses a geometric backoff based on attempt number. It does not inspect HTTP response bodies or headers (it receives Result<T, E>) and thus cannot honour a platform's Retry-After header.

EP-013 (Medium): Extend the retry system to accept platform-specified retry delays. Options:

Make the error type carry an optional retry_after_ms.
Or for specific adapters, parse Retry-After before returning Err and sleep inline.

Option 2 is simpler per adapter. Option 1 is cleaner but requires a new error type.

3.1 Discord (Webhook)

Code Reality

adapters/discord.rs — 52 lines, implemented. Uses VoxSocialDiscordWebhook Clavis secret. Sends content + optional embed. Respects dry_run. Uses CRLF line endings (mixed in the file — minor hygiene).

True API Mechanics (2026-04-13)

Webhook URL format: https://discord.com/api/webhooks/{id}/{token}.
Body: JSON, requires at least one of content, embeds, files, components.
content ≤ 2,000 chars. embeds array: max 10 embeds per message. Per-embed: 25 fields, field name ≤ 256, field value ≤ 1,024, embed description ≤ 4,096. Total chars across all embeds ≤ 6,000.
Embed color must be decimal integer (e.g., 5793266), not hex string.
Only HTTPS image URLs work.
Rate limits: per-route, dynamic. Parse X-RateLimit-* headers. IP restriction after 10,000 invalid requests per 10 minutes.

Gap Delta

ID	Gap	Severity
EP-001	`run_with_retries` not wired	Critical
EP-002	Channel absent from allowlist/retry infra	High
EP-014	No `content` length check (≤ 2,000 chars)	Medium
EP-015	Total embed char budget (6,000) not enforced	Medium
EP-016	`embed_color` accepts `u32` but no doc why not hex	Low

ID	Gap	Severity
EP-038	HTTP deposit may not be implemented — needs code audit	Critical
EP-039	No sandbox routing flag	High
EP-040	No status poll post-deposit (async moderation)	High
EP-041	Publish action is irreversible — no confirmation gate	Critical

ID	Gap	Severity
EP-042	MFA added March 2026 — scripted login may fail	Critical
EP-043	API 2 migration — verify baseurl targets `api2.openreview.net`	High

ID	Gap	Severity
EP-044	arXiv format preflight profile missing	High
EP-045	Endorsement requirements not in Clavis doctor	High
EP-046	AI content policy not integrated into preflight gate	Critical

ID	Gap	Severity
EP-047	No HTTP deposit adapter	High
EP-048	Crossref deposit is XML over multipart — JSON generator is wrong format	Critical
EP-049	Non-member: cannot deposit — organizational blocker	Blocker
EP-050	No Clavis entries for `VoxCrossrefUsername`/`Password`	High

Vox: The AI-Native Programming Language