Add enterprise usage cost allocation guard

enterprise-usage-cost-allocation-guard/README.md

@@ -0,0 +1,34 @@
+# Enterprise Usage Cost Allocation Guard
+
+This module provides a focused Enterprise Tooling slice for SCIBASE issue #19.
+It reconciles synthetic storage, compute, submission, and AI-review usage against
+lab cost centers, grants, owner sponsorship, funding windows, and private-project
+visibility rules before those costs are published to institutional dashboards or
+grant chargeback exports.
+
+## What It Covers
+
+- Enterprise admin dashboard usage allocation readiness.
+- Grant and cost-center chargeback validation.
+- Hold decisions for missing evidence, unknown ownership, and out-of-window spend.
+- Reallocation decisions for disallowed cost centers or usage types.
+- Private-project review decisions that suppress sensitive project titles.
+- Deterministic audit digests and reviewer packets.
+
+## Run
+
+```bash
+npm run check
+npm test
+npm run demo
+```
+
+Generated artifacts are written to `reports/`:
+
+- `summary.json`
+- `reviewer-packet.md`
+- `summary.svg`
+- `demo.mp4`
+
+The data is synthetic and does not contact live billing, grant, identity, or
+provider systems.

enterprise-usage-cost-allocation-guard/acceptance-notes.md

@@ -0,0 +1,21 @@
+# Acceptance Notes
+
+The guard accepts synthetic enterprise usage records and classifies each record
+as one of:
+
+- `approved`: ready for dashboard and grant chargeback export.
+- `hold`: missing required evidence, ownership, amount, or funding-window validity.
+- `reallocate`: valid usage that must move to a permitted cost center.
+- `private_review`: valid private/restricted project usage that requires
+  aggregate-only admin handling before publication.
+
+Validation commands:
+
+```bash
+npm run check
+npm test
+npm run demo
+ffprobe -v error -show_entries format=duration,size -show_entries stream=codec_name,width,height,pix_fmt -of default=noprint_wrappers=1 reports/demo.mp4
+git diff --check
+git diff --cached --check
+```

enterprise-usage-cost-allocation-guard/demo.js

@@ -0,0 +1,31 @@
+const fs = require("node:fs");
+const path = require("node:path");
+const {
+  analyzeEnterpriseUsage,
+  renderMarkdownReport,
+  renderSvgSummary,
+} = require("./index");
+const { sampleEnterpriseUsagePacket } = require("./sample-data");
+
+const reportsDir = path.join(__dirname, "reports");
+fs.mkdirSync(reportsDir, { recursive: true });
+
+const result = analyzeEnterpriseUsage(sampleEnterpriseUsagePacket, {
+  asOf: "2026-05-22T12:00:00.000Z",
+});
+
+fs.writeFileSync(
+  path.join(reportsDir, "summary.json"),
+  `${JSON.stringify(result, null, 2)}\n`
+);
+fs.writeFileSync(
+  path.join(reportsDir, "reviewer-packet.md"),
+  renderMarkdownReport(result)
+);
+fs.writeFileSync(
+  path.join(reportsDir, "summary.svg"),
+  renderSvgSummary(result)
+);
+
+console.log("enterprise usage cost allocation guard demo artifacts written");
+console.log(`audit digest: ${result.auditDigest}`);