Packaging size guard — #1237

The Mar-2026 Claude Code source leak shipped a 59.8MB source map via a missing .npmignore. ork's existing packaging test checked file names; this adds the missing size dimension.
Test 5 cap 3MB
largest legit file 1.8MB
suite 14/14
new script test:packaging

What already existed vs. the gap

Most of #1237 was already shipped — test-packaging-leaks.sh runs in test:security on every PR. The genuine gap was that Tests 1-4 check names/extensions, never size — exactly the leak's root cause.
CheckStatus
Test 1 — secrets / .envalready covered
Test 2 — OS / editor / node_modulesalready covered
Test 3 — stray .map (allowlist dist + mcp-server)already covered
Test 4 — extension allowlistalready covered
Test 5 — file size cap (the leak's actual cause)NEW
test:packaging standalone scriptNEW (issue ask)

Test 5 — proven both ways

$ npm run test:packaging              # default cap 3MB
  ✓ No files exceed 3MB
  Results: 5 passed, 0 failed

$ MAX_FILE_MB=1 bash tests/security/test-packaging-leaks.sh   # negative proof
  ✗ Found oversized file(s) — possible source/blob leak:
    → plugins/ork/mcp-server/server.mjs.map (1826KB)
  Results: 4 passed, 1 failed         # the guard actually fires

The set -e footgun (fixed in review)

First cut ended the size loop on [[ cond ]] && printf — false on the common (not-oversized) case. Under the script's set -euo pipefail, that made the $() subshell exit 1 and abort the whole test before the summary. Fixed with if/fi + || true. (Caught by running it, not by reading it.)