test: cover governance findings across CLI formats

tests/test_cli.py

@@ -502,6 +502,26 @@ def test_check_json_reports_empty_findings_for_clean_fixture(self) -> None:
         self.assertEqual(payload["findings"], [])
 
 
+    def test_check_console_reports_review_ci_bypass_findings(self) -> None:
+        output = io.StringIO()
+
+        with redirect_stdout(output):
+            exit_code = main(["check", str(FIXTURE_ROOT / "risky-instructions")])
+
+        text = output.getvalue()
+
+        self.assertEqual(exit_code, 0)
+        self.assertIn("Found 1 supported instruction file(s):", text)
+        self.assertIn("Findings:", text)
+        self.assertIn("AIRK-GOV003 [warning] AGENTS.md:7", text)
+        self.assertIn("AIRK-GOV003 [warning] AGENTS.md:8", text)
+        self.assertIn("AIRK-GOV003 [warning] AGENTS.md:10", text)
+        self.assertIn(
+            "Instruction file appears to encourage bypassing review, CI, or safe integration boundaries.",
+            text,
+        )
+
+
     def test_check_json_reports_review_ci_bypass_findings(self) -> None:
         output = io.StringIO()
 
@@ -533,6 +553,33 @@ def test_check_json_reports_review_ci_bypass_findings(self) -> None:
         )
 
 
+    def test_check_markdown_reports_review_ci_bypass_findings(self) -> None:
+        output = io.StringIO()
+
+        with redirect_stdout(output):
+            exit_code = main(
+                [
+                    "check",
+                    str(FIXTURE_ROOT / "risky-instructions"),
+                    "--format",
+                    "markdown",
+                ]
+            )
+
+        text = output.getvalue()
+
+        self.assertEqual(exit_code, 0)
+        self.assertIn("- Findings: 3", text)
+        self.assertIn("## Findings", text)
+        self.assertIn("| AIRK-GOV003 | warning | AGENTS.md:7 |", text)
+        self.assertIn("| AIRK-GOV003 | warning | AGENTS.md:8 |", text)
+        self.assertIn("| AIRK-GOV003 | warning | AGENTS.md:10 |", text)
+        self.assertIn(
+            "Instruction file appears to encourage bypassing review, CI, or safe integration boundaries.",
+            text,
+        )
+
+
     def test_check_console_reports_unsafe_command_execution_findings(self) -> None:
         output = io.StringIO()
 
@@ -660,6 +707,24 @@ def test_check_markdown_reports_runtime_network_llm_findings(self) -> None:
         )
 
 
+    def test_check_console_reports_missing_secret_boundary_findings(self) -> None:
+        output = io.StringIO()
+
+        with redirect_stdout(output):
+            exit_code = main(["check", str(FIXTURE_ROOT / "missing-secret-boundary")])
+
+        text = output.getvalue()
+
+        self.assertEqual(exit_code, 0)
+        self.assertIn("Found 1 supported instruction file(s):", text)
+        self.assertIn("Findings:", text)
+        self.assertIn("AIRK-GOV002 [warning] AGENTS.md", text)
+        self.assertIn(
+            "Instruction file may lack an explicit secret-handling boundary.",
+            text,
+        )
+
+
     def test_check_json_reports_missing_secret_boundary_findings(self) -> None:
         output = io.StringIO()
 
@@ -685,6 +750,49 @@ def test_check_json_reports_missing_secret_boundary_findings(self) -> None:
         self.assertNotIn("line", payload["findings"][0])
 
 
+    def test_check_markdown_reports_missing_secret_boundary_findings(self) -> None:
+        output = io.StringIO()
+
+        with redirect_stdout(output):
+            exit_code = main(
+                [
+                    "check",
+                    str(FIXTURE_ROOT / "missing-secret-boundary"),
+                    "--format",
+                    "markdown",
+                ]
+            )
+
+        text = output.getvalue()
+
+        self.assertEqual(exit_code, 0)
+        self.assertIn("- Findings: 1", text)
+        self.assertIn("## Findings", text)
+        self.assertIn("| AIRK-GOV002 | warning | AGENTS.md |", text)
+        self.assertIn(
+            "Instruction file may lack an explicit secret-handling boundary.",
+            text,
+        )
+
+
+    def test_check_console_reports_missing_authority_scope_findings(self) -> None:
+        output = io.StringIO()
+
+        with redirect_stdout(output):
+            exit_code = main(["check", str(FIXTURE_ROOT / "missing-authority-scope")])
+
+        text = output.getvalue()
+
+        self.assertEqual(exit_code, 0)
+        self.assertIn("Found 1 supported instruction file(s):", text)
+        self.assertIn("Findings:", text)
+        self.assertIn("AIRK-GOV001 [warning] AGENTS.md", text)
+        self.assertIn(
+            "Instruction file may lack clear scope or authority.",
+            text,
+        )
+
+
     def test_check_json_reports_missing_authority_scope_findings(self) -> None:
         output = io.StringIO()
 
@@ -709,6 +817,31 @@ def test_check_json_reports_missing_authority_scope_findings(self) -> None:
         self.assertEqual(payload["findings"][0]["path"], "AGENTS.md")
         self.assertNotIn("line", payload["findings"][0])
 
+    def test_check_markdown_reports_missing_authority_scope_findings(self) -> None:
+        output = io.StringIO()
+
+        with redirect_stdout(output):
+            exit_code = main(
+                [
+                    "check",
+                    str(FIXTURE_ROOT / "missing-authority-scope"),
+                    "--format",
+                    "markdown",
+                ]
+            )
+
+        text = output.getvalue()
+
+        self.assertEqual(exit_code, 0)
+        self.assertIn("- Findings: 1", text)
+        self.assertIn("## Findings", text)
+        self.assertIn("| AIRK-GOV001 | warning | AGENTS.md |", text)
+        self.assertIn(
+            "Instruction file may lack clear scope or authority.",
+            text,
+        )
+
+
 
 
 if __name__ == "__main__":