john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tractatus/.claude/instruction-history.json
TheFlow afcfc27502 feat: Complete Phase 2 Agent Lightning website integration 
- Added Agent Lightning research section to researcher.html with Demo 2 results
- Created comprehensive /integrations/agent-lightning.html page
- Added Agent Lightning link in homepage hero section
- Updated Discord invite links (Tractatus + semantipy) across all pages
- Added feedback.js script to all key pages for live demonstration

Phase 2 of Master Plan complete: Discord setup → Website completion

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-03 14:38:20 +13:00

4391 lines
No EOL
286 KiB
JSON
Raw Blame History

{
"metadata": {
"version": "3.0.0",
"project": "tractatus",
"description": "Tractatus Framework - Governance instruction database",
"created": "2025-10-06",
"lastUpdated": "2025-11-02",
"totalInstructions": 94,
"activeInstructions": 68,
"schemaVersion": "v3.0",
"previousVersion": "v1.0 (backed up)",
"migration": {
"date": "2025-11-02",
"from": "v1.0",
"to": "v3.0",
"notes": "Unified schema combining v1.0 and v2.0 features"
}
},
"instructions": [
{
"id": "inst_001",
"title": "MongoDB runs on port 27017 for tractatus_dev database",
"category": "FRAMEWORK_OPERATION",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "MongoDB runs on port 27017 for tractatus_dev database",
"context": "Migrated from v1.0. Original timestamp: 2025-10-06T14:00:00Z",
"rationale": "Infrastructure decision from project initialization",
"trigger": "As defined in original instruction",
"action": "MongoDB runs on port 27017 for tractatus_dev database",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.9,
"temporal_scope": "PROJECT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"port": "27017",
"database": "tractatus_dev",
"service": "mongodb"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06T14:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-06-initial-setup",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Infrastructure decision from project initialization"
}
},
{
"id": "inst_002",
"title": "Application runs on port 9000",
"category": "FRAMEWORK_OPERATION",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "Application runs on port 9000",
"context": "Migrated from v1.0. Original timestamp: 2025-10-06T14:00:00Z",
"rationale": "Infrastructure decision from project initialization",
"trigger": "As defined in original instruction",
"action": "Application runs on port 9000",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.9,
"temporal_scope": "PROJECT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"port": "9000",
"service": "tractatus-web"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06T14:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-06-initial-setup",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Infrastructure decision from project initialization"
}
},
{
"id": "inst_003",
"title": "This is a separate project from family-history and sydigital - no shared code...",
"category": "GIT_VERSION_CONTROL",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "This is a separate project from family-history and sydigital - no shared code or data",
"context": "Migrated from v1.0. Original timestamp: 2025-10-06T14:00:00Z",
"rationale": "Critical project isolation requirement",
"trigger": "As defined in original instruction",
"action": "This is a separate project from family-history and sydigital - no shared code or data",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06T14:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-06-initial-setup",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Critical project isolation requirement"
}
},
{
"id": "inst_004",
"title": "No shortcuts, no fake data, world-class quality",
"category": "VALUES_ALIGNMENT",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "No shortcuts, no fake data, world-class quality",
"context": "Migrated from v1.0. Original timestamp: 2025-10-06T14:00:00Z",
"rationale": "Quality standard for all work",
"trigger": "As defined in original instruction",
"action": "No shortcuts, no fake data, world-class quality",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.88,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06T14:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-06-initial-setup",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Quality standard for all work"
}
},
{
"id": "inst_005",
"title": "Human approval required for major decisions, architectural changes, values-se...",
"category": "VALUES_ALIGNMENT",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Human approval required for major decisions, architectural changes, values-sensitive content",
"context": "Migrated from v1.0. Original timestamp: 2025-10-06T14:00:00Z",
"rationale": "Governance requirement - aligns with BoundaryEnforcer",
"trigger": "As defined in original instruction",
"action": "Human approval required for major decisions, architectural changes, values-sensitive content",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.92,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06T14:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-06-initial-setup",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Governance requirement - aligns with BoundaryEnforcer"
}
},
{
"id": "inst_006",
"title": "Use ContextPressureMonitor to manage sessions and create handoff when pressur...",
"category": "DEPLOYMENT",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Use ContextPressureMonitor to manage sessions and create handoff when pressure is CRITICAL",
"context": "Migrated from v1.0. Original timestamp: 2025-10-07T09:00:00Z",
"rationale": "Session management protocol established",
"trigger": "As defined in original instruction",
"action": "Use ContextPressureMonitor to manage sessions and create handoff when pressure is CRITICAL",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.85,
"temporal_scope": "PROJECT",
"verification_required": "REQUIRED",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-07T09:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-07-part2",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Session management protocol established"
}
},
{
"id": "inst_007",
"title": "Use Tractatus governance framework actively in all sessions",
"category": "FRAMEWORK_OPERATION",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Use Tractatus governance framework actively in all sessions",
"context": "Migrated from v1.0. Original timestamp: 2025-10-07T09:15:00Z",
"rationale": "Framework activation - THIS IS THE NEW NORMAL",
"trigger": "As defined in original instruction",
"action": "Use Tractatus governance framework actively in all sessions",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.98,
"temporal_scope": "PROJECT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"components": [
"pressure_monitor",
"classifier",
"cross_reference",
"boundary_enforcer"
],
"verbosity": "summary"
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-07T09:15:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-07-part2",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Framework activation - THIS IS THE NEW NORMAL"
}
},
{
"id": "inst_008",
"title": "ALWAYS comply with Content Security Policy (CSP) - no inline event handlers, ...",
"category": "SECURITY",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "ALWAYS comply with Content Security Policy (CSP) - no inline event handlers, no inline scripts",
"context": "Migrated from v1.0. Original timestamp: 2025-10-07T19:30:00Z",
"rationale": "CRITICAL SECURITY REQUIREMENT - Framework should have caught CSP violation before deployment",
"trigger": "As defined in original instruction",
"action": "ALWAYS comply with Content Security Policy (CSP) - no inline event handlers, no inline scripts",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"csp_policy": "script-src 'self'",
"violations_forbidden": [
"onclick",
"onload",
"inline-script",
"javascript:"
],
"alternatives_required": [
"addEventListener",
"external-scripts"
]
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-07T19:30:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-07-docs-audit",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CRITICAL SECURITY REQUIREMENT - Framework should have caught CSP violation before deployment"
}
},
{
"id": "inst_009",
"title": "Stripe payment processing is ACTIVE (test keys configured)",
"category": "DEPLOYMENT",
"quadrant": "TACTICAL",
"persistence": "MEDIUM",
"description": "Stripe payment processing is ACTIVE (test keys configured). Email services (verification emails, donation receipts) are deferred until production launch. ProtonBridge email integration is Phase 2+.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-21T00:00:00Z",
"rationale": "Updated 2025-10-21: Stripe fully implemented and active (test keys configured). Email services remain deferred until production launch with ProtonBridge integration planned for Phase 2+.",
"trigger": "As defined in original instruction",
"action": "Stripe payment processing is ACTIVE (test keys configured). Email services (verification emails, donation receipts) are deferred until production launch. ProtonBridge email integration is Phase 2+.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "OPTIONAL",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"deferred_tasks": [
"email_service",
"stripe_activation"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-21T00:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-08-phase-4",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Updated 2025-10-21: Stripe fully implemented and active (test keys configured). Email services remain deferred until production launch with ProtonBridge integration planned for Phase 2+."
}
},
{
"id": "inst_010",
"title": "Ensure all production UI links are working correctly",
"category": "DEPLOYMENT",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Ensure all production UI links are working correctly",
"context": "Migrated from v1.0. Original timestamp: 2025-10-08T00:00:00Z",
"rationale": "Quality requirement for production deployment",
"trigger": "As defined in original instruction",
"action": "Ensure all production UI links are working correctly",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.92,
"temporal_scope": "PROJECT",
"verification_required": "REQUIRED",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"scope": "production_ui",
"quality_standard": "all_links_functional"
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-08T00:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-08-phase-4",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Quality requirement for production deployment"
}
},
{
"id": "inst_011",
"title": "Implement clear differentiation between technical documentation (for develope...",
"category": "DOCUMENTATION",
"quadrant": "OPERATIONAL",
"persistence": "MEDIUM",
"description": "Implement clear differentiation between technical documentation (for developers/implementers) and general documentation (for general audience)",
"context": "Migrated from v1.0. Original timestamp: 2025-10-08T00:00:00Z",
"rationale": "Content organization requirement - technical docs should be selectable separately from general docs",
"trigger": "As defined in original instruction",
"action": "Implement clear differentiation between technical documentation (for developers/implementers) and general documentation (for general audience)",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.9,
"temporal_scope": "PROJECT",
"verification_required": "REQUIRED",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"technical_docs_examples": [
"claude-code-framework-enforcement.md"
],
"api_endpoint": "/api/documents",
"filter_requirement": "audience_type"
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-08T00:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-08-phase-4",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Content organization requirement - technical docs should be selectable separately from general docs"
}
},
{
"id": "inst_012",
"title": "NEVER deploy documents marked 'internal' or 'confidential' to public producti...",
"category": "SECURITY",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "NEVER deploy documents marked 'internal' or 'confidential' to public production without explicit human approval. Documents containing credentials, security vulnerabilities, financial information, or infrastructure details MUST NOT be publicly accessible.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-08T01:00:00Z",
"rationale": "CRITICAL SECURITY REQUIREMENT - Prevents accidental exposure of sensitive internal documentation. Learned from incident where Security Audit Report, Koha Stripe Setup, and Koha Deployment guides were incorrectly marked for public import.",
"trigger": "As defined in original instruction",
"action": "NEVER deploy documents marked 'internal' or 'confidential' to public production without explicit human approval. Documents containing credentials, security vulnerabilities, financial information, or infrastructure details MUST NOT be publicly accessible.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "CONFIDENTIAL",
"source": "FRAMEWORK",
"parameters": {
"visibility_levels": [
"public",
"internal",
"confidential"
],
"public_requires": "visibility: 'public' AND security validation passed",
"blocked_content": [
"credentials",
"api_keys",
"secrets",
"vulnerabilities",
"security_audits",
"payment_setup",
"deployment_guides"
],
"validation_script": "scripts/validate-document-security.js"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-08T01:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-08-phase-4-security",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CRITICAL SECURITY REQUIREMENT - Prevents accidental exposure of sensitive internal documentation. Learned from incident where Security Audit Report, Koha Stripe Setup, and Koha Deployment guides were incorrectly marked for public import."
}
},
{
"id": "inst_013",
"title": "Public API endpoints MUST NOT expose sensitive runtime data (memory usage, he...",
"category": "ARCHITECTURE",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "Public API endpoints MUST NOT expose sensitive runtime data (memory usage, heap sizes, exact uptime, environment details, service architecture) that could aid attackers. Use minimal health checks for public endpoints. Sensitive monitoring data requires authentication.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-08T02:00:00Z",
"rationale": "CRITICAL SECURITY REQUIREMENT - Prevents reconnaissance attacks. /api/governance exposed memory usage (95MB heap), exact uptime, service architecture to public. Now requires admin authentication. /health simplified to status + timestamp only.",
"trigger": "As defined in original instruction",
"action": "Public API endpoints MUST NOT expose sensitive runtime data (memory usage, heap sizes, exact uptime, environment details, service architecture) that could aid attackers. Use minimal health checks for public endpoints. Sensitive monitoring data requires authentication.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"public_endpoints": [
"/health",
"/api/koha/transparency"
],
"authenticated_endpoints": [
"/api/governance",
"/api/governance/status"
],
"blocked_from_public": [
"memory_usage",
"heap_sizes",
"uptime",
"environment",
"service_names",
"internal_architecture"
],
"allowed_public": [
"status: ok",
"timestamp",
"public_metrics_only"
],
"rate_limiting": "100 requests per 15 minutes per IP"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-08T02:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-08-phase-4-security",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CRITICAL SECURITY REQUIREMENT - Prevents reconnaissance attacks. /api/governance exposed memory usage (95MB heap), exact uptime, service architecture to public. Now requires admin authentication. /health simplified to status + timestamp only."
}
},
{
"id": "inst_014",
"title": "Do NOT expose API endpoint listings or attack surface maps to public users",
"category": "DEPLOYMENT",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "Do NOT expose API endpoint listings or attack surface maps to public users. Demo pages should showcase framework CONCEPTS (classification, boundaries, pressure), not production API infrastructure. API documentation requires authentication or should be deferred to GitHub SDK/samples.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-08T02:30:00Z",
"rationale": "SECURITY DECISION - Removed Live API Demo section that exposed complete API attack surface (auth, documents, blog, media, cases, admin, governance, koha endpoints). Provided zero value to legitimate users but gave attackers enumeration targets. Replaced with Resources section linking to static documentation.",
"trigger": "As defined in original instruction",
"action": "Do NOT expose API endpoint listings or attack surface maps to public users. Demo pages should showcase framework CONCEPTS (classification, boundaries, pressure), not production API infrastructure. API documentation requires authentication or should be deferred to GitHub SDK/samples.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"removed_sections": [
"Live API Demo from tractatus-demo.html"
],
"exposed_data_removed": [
"all endpoint names",
"admin capabilities",
"authentication system",
"webhook endpoints",
"submission forms",
"internal features"
],
"replacement": "Resources section with links to docs, researcher, implementer, about pages",
"future_approach": "GitHub SDK/samples when ready, or authenticated developer portal"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-08T02:30:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-08-phase-4-security",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "SECURITY DECISION - Removed Live API Demo section that exposed complete API attack surface (auth, documents, blog, media, cases, admin, governance, koha endpoints). Provided zero value to legitimate users but gave attackers enumeration targets. Replaced with Resources section linking to static documentation."
}
},
{
"id": "inst_015",
"title": "NEVER deploy internal development documents to public downloads directory",
"category": "DEPLOYMENT",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "NEVER deploy internal development documents to public downloads directory. Session handoffs, phase planning docs, testing checklists, cost estimates, infrastructure plans, progress reports, and cover letters are CONFIDENTIAL. Only deploy documents explicitly approved for public consumption.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-08T03:00:00Z",
"rationale": "CRITICAL SECURITY INCIDENT - 20 internal documents were publicly accessible in downloads directory, exposing: session debugging, infrastructure plans, cost estimates, testing methodologies, development processes. Removed from production. Public downloads must be whitelisted.",
"trigger": "As defined in original instruction",
"action": "NEVER deploy internal development documents to public downloads directory. Session handoffs, phase planning docs, testing checklists, cost estimates, infrastructure plans, progress reports, and cover letters are CONFIDENTIAL. Only deploy documents explicitly approved for public consumption.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"blocked_patterns": [
"session-handoff-*.pdf",
"phase-2-*.pdf",
"ai-features-*.pdf",
"*-test-suite-*.pdf",
"*-testing-*.pdf",
"*-progress-report.pdf",
"*-blog-post-*.pdf",
"cover-letter-*.pdf"
],
"public_directory": "/public/downloads/",
"approved_public_docs": [
"framework documentation",
"implementation guides",
"glossary",
"case studies",
"core concepts",
"executive briefs"
],
"requires_explicit_approval": true
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-08T03:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-08-phase-4-security",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CRITICAL SECURITY INCIDENT - 20 internal documents were publicly accessible in downloads directory, exposing: session debugging, infrastructure plans, cost estimates, testing methodologies, development processes. Removed from production. Public downloads must be whitelisted."
}
},
{
"id": "inst_016",
"title": "NEVER fabricate statistics, cite non-existent data, or make claims without ve...",
"category": "VALUES_ALIGNMENT",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "NEVER fabricate statistics, cite non-existent data, or make claims without verifiable evidence. ALL statistics, ROI figures, performance metrics, and quantitative claims MUST either cite sources OR be marked [NEEDS VERIFICATION] for human review. Marketing goals do NOT override factual accuracy requirements.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-09T00:00:00Z",
"rationale": "CRITICAL FRAMEWORK FAILURE 2025-10-09 - Claude fabricated statistics on leader.html (1,315% ROI, $3.77M savings, 14mo payback, 80% risk reduction, etc.) without triggering BoundaryEnforcer. This directly violates Tractatus core values of honesty and transparency. All public claims must be factually grounded.",
"trigger": "As defined in original instruction",
"action": "NEVER fabricate statistics, cite non-existent data, or make claims without verifiable evidence. ALL statistics, ROI figures, performance metrics, and quantitative claims MUST either cite sources OR be marked [NEEDS VERIFICATION] for human review. Marketing goals do NOT override factual accuracy requirements.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "RESTRICTED",
"source": "FRAMEWORK",
"parameters": {
"prohibited_actions": [
"fabricating_statistics",
"inventing_data",
"citing_non_existent_sources",
"making_unverifiable_claims"
],
"required_for_statistics": [
"source_citation",
"verification_flag",
"human_approval"
],
"applies_to": [
"marketing_content",
"public_pages",
"documentation",
"presentations",
"all_public_claims"
],
"boundary_enforcer_trigger": "ANY statistic or quantitative claim",
"failure_mode": "Values violation - honesty and transparency"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-09T00:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001-continued",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CRITICAL FRAMEWORK FAILURE 2025-10-09 - Claude fabricated statistics on leader.html (1,315% ROI, $3.77M savings, 14mo payback, 80% risk reduction, etc.) without triggering BoundaryEnforcer. This directly violates Tractatus core values of honesty and transparency. All public claims must be factually grounded."
}
},
{
"id": "inst_017",
"title": "NEVER use prohibited absolute assurance terms: 'guarantee', 'guaranteed', 'en...",
"category": "ARCHITECTURE",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "NEVER use prohibited absolute assurance terms: 'guarantee', 'guaranteed', 'ensures 100%', 'eliminates all', 'completely prevents', 'never fails'. Use evidence-based language: 'designed to reduce', 'helps mitigate', 'reduces risk of', 'supports prevention of'. Any absolute claim requires BoundaryEnforcer check and human approval.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-09T00:00:00Z",
"rationale": "CRITICAL FRAMEWORK FAILURE 2025-10-09 - Claude used term 'architectural guarantees' on leader.html. No AI safety framework can guarantee outcomes. This violates Tractatus principles of honesty and realistic expectations. Absolute assurances undermine credibility and set false expectations.",
"trigger": "As defined in original instruction",
"action": "NEVER use prohibited absolute assurance terms: 'guarantee', 'guaranteed', 'ensures 100%', 'eliminates all', 'completely prevents', 'never fails'. Use evidence-based language: 'designed to reduce', 'helps mitigate', 'reduces risk of', 'supports prevention of'. Any absolute claim requires BoundaryEnforcer check and human approval.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"prohibited_terms": [
"guarantee",
"guaranteed",
"ensures 100%",
"eliminates all",
"completely prevents",
"never fails",
"always works",
"perfect protection"
],
"approved_alternatives": [
"designed to reduce",
"helps mitigate",
"reduces risk of",
"supports prevention of",
"intended to minimize",
"architected to limit"
],
"boundary_enforcer_trigger": "ANY absolute assurance language",
"replacement_required": true
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-09T00:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001-continued",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CRITICAL FRAMEWORK FAILURE 2025-10-09 - Claude used term 'architectural guarantees' on leader.html. No AI safety framework can guarantee outcomes. This violates Tractatus principles of honesty and realistic expectations. Absolute assurances undermine credibility and set false expectations."
}
},
{
"id": "inst_018",
"title": "Tractatus IS a development tool (like an IDE or linter) - this is its correct...",
"category": "DEPLOYMENT",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Tractatus IS a development tool (like an IDE or linter) - this is its correct classification, not a limitation. Claims about readiness/stability MUST be based on actual testing and validation evidence. Do NOT claim 'production-ready', 'battle-tested', 'validated', or 'enterprise-proven' without documented evidence of adequate testing across multiple projects. Current testing status must be honest. Once validated through real-world use, 'production-ready development tool' is accurate and appropriate. Do NOT imply customer base, market validation, or widespread adoption without evidence.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-10T23:30:00Z",
"rationale": "CORRECTED 2025-10-10 - User clarified: 'Development tool' is the CORRECT classification (Tractatus helps developers build projects), not a limitation. The restriction is about honest testing/validation status, not tool category. Once adequately tested, 'production-ready development tool' is appropriate. Previous version incorrectly treated 'development framework' as early-stage status. Framework failure 2025-10-09: Claude claimed 'production-ready' without testing evidence.",
"trigger": "As defined in original instruction",
"action": "Tractatus IS a development tool (like an IDE or linter) - this is its correct classification, not a limitation. Claims about readiness/stability MUST be based on actual testing and validation evidence. Do NOT claim 'production-ready', 'battle-tested', 'validated', or 'enterprise-proven' without documented evidence of adequate testing across multiple projects. Current testing status must be honest. Once validated through real-world use, 'production-ready development tool' is accurate and appropriate. Do NOT imply customer base, market validation, or widespread adoption without evidence.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PROJECT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"tool_category": "development_tool",
"category_is_correct": true,
"focus_restriction": "testing_validation_status",
"prohibited_without_evidence": [
"production-ready (without testing)",
"battle-tested (without projects)",
"validated (without evidence)",
"enterprise-proven (without deployments)",
"existing customers",
"market leader",
"widely adopted"
],
"allowed_once_validated": [
"production-ready development tool",
"tested with real projects",
"validated through use"
],
"requires_evidence": [
"testing documentation",
"multi-project validation",
"real-world usage data"
],
"boundary_enforcer_trigger": "ANY claim about testing status, adoption, or customers"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-10T23:30:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-10-api-memory-transition",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CORRECTED 2025-10-10 - User clarified: 'Development tool' is the CORRECT classification (Tractatus helps developers build projects), not a limitation. The restriction is about honest testing/validation status, not tool category. Once adequately tested, 'production-ready development tool' is appropriate. Previous version incorrectly treated 'development framework' as early-stage status. Framework failure 2025-10-09: Claude claimed 'production-ready' without testing evidence."
}
},
{
"id": "inst_019",
"title": "ContextPressureMonitor MUST account for total context window consumption, not...",
"category": "DEPLOYMENT",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "ContextPressureMonitor MUST account for total context window consumption, not just response token counts. Tool results (file reads, grep outputs, bash results) can consume massive context (6k+ tokens per large file read). System prompts, function schemas, and cumulative tool results significantly increase actual context usage. When compaction events occur frequently despite 'NORMAL' pressure scores, this indicates critical underestimation. Enhanced monitoring should track: response tokens, user messages, tool result sizes, system overhead, and predict compaction risk when context exceeds 70% of window. Implement improved pressure scoring in Phase 4 or Phase 6.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-10T23:45:00Z",
"rationale": "IDENTIFIED 2025-10-10 - User observed frequent compaction events despite ContextPressureMonitor reporting 'NORMAL' (6.7%) pressure at 50k token checkpoint. Actual context consumption much higher due to tool results (reading instruction-history.json twice = 12k tokens, concurrent-session doc = large, multiple bash outputs). Current monitor only accurately tracks response generation, not total context window usage. This gap causes unexpected compactions and poor handoff timing. API Memory may reduce impact but won't eliminate root cause.",
"trigger": "As defined in original instruction",
"action": "ContextPressureMonitor MUST account for total context window consumption, not just response token counts. Tool results (file reads, grep outputs, bash results) can consume massive context (6k+ tokens per large file read). System prompts, function schemas, and cumulative tool results significantly increase actual context usage. When compaction events occur frequently despite 'NORMAL' pressure scores, this indicates critical underestimation. Enhanced monitoring should track: response tokens, user messages, tool result sizes, system overhead, and predict compaction risk when context exceeds 70% of window. Implement improved pressure scoring in Phase 4 or Phase 6.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PROJECT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"current_limitation": "underestimates_actual_context",
"missing_metrics": [
"tool_result_sizes",
"system_prompt_overhead",
"function_schema_overhead",
"cumulative_context"
],
"symptom": "frequent_compaction_despite_normal_scores",
"required_tracking": {
"response_tokens": "current tracking",
"user_messages": "current tracking",
"tool_results": "NEW - size estimation needed",
"system_overhead": "NEW - approximate 5k tokens",
"compaction_risk": "NEW - predict when >70% context used"
},
"enhancement_phase": [
"Phase 4",
"Phase 6"
],
"priority": "MEDIUM"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-10T23:45:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-10-api-memory-transition",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "IDENTIFIED 2025-10-10 - User observed frequent compaction events despite ContextPressureMonitor reporting 'NORMAL' (6.7%) pressure at 50k token checkpoint. Actual context consumption much higher due to tool results (reading instruction-history.json twice = 12k tokens, concurrent-session doc = large, multiple bash outputs). Current monitor only accurately tracks response generation, not total context window usage. This gap causes unexpected compactions and poor handoff timing. API Memory may reduce impact but won't eliminate root cause."
}
},
{
"id": "inst_020",
"title": "Web application deployments MUST ensure correct file permissions before going...",
"category": "DEPLOYMENT",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "Web application deployments MUST ensure correct file permissions before going live. All public-facing directories need 755 permissions (world-readable+executable), static files (HTML/CSS/JS/images) need 644 permissions (world-readable). Deployment scripts should verify nginx/apache can access all public paths. Add automated permission validation to deployment workflows to prevent 403 Forbidden errors.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-11T02:20:00Z",
"rationale": "DEPLOYMENT ISSUE 2025-10-11 - Priority 1 blog deployment: /public/admin/ directory had 0700 permissions (owner-only), causing nginx to return 403 Forbidden for all admin pages (/admin/login.html, /admin/project-manager.html, etc.). rsync preserved restrictive local permissions during deployment. Fixed with 'chmod 755 /public/admin && chmod 644 /public/admin/*.html'. This is preventable with automated permission validation in deployment workflow.",
"trigger": "As defined in original instruction",
"action": "Web application deployments MUST ensure correct file permissions before going live. All public-facing directories need 755 permissions (world-readable+executable), static files (HTML/CSS/JS/images) need 644 permissions (world-readable). Deployment scripts should verify nginx/apache can access all public paths. Add automated permission validation to deployment workflows to prevent 403 Forbidden errors.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PROJECT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"directory_permissions": "755",
"file_permissions": "644",
"directories_requiring_755": [
"/public",
"/public/admin",
"/public/js",
"/public/js/admin",
"/public/css",
"/public/images",
"/public/downloads"
],
"deployment_check": "stat -c '%a %n' /path/to/public/* | grep -v '755\\|644'",
"prevention": "Add to deployment scripts or CI/CD pipeline"
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-11T02:20:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "DEPLOYMENT ISSUE 2025-10-11 - Priority 1 blog deployment: /public/admin/ directory had 0700 permissions (owner-only), causing nginx to return 403 Forbidden for all admin pages (/admin/login.html, /admin/project-manager.html, etc.). rsync preserved restrictive local permissions during deployment. Fixed with 'chmod 755 /public/admin && chmod 644 /public/admin/*.html'. This is preventable with automated permission validation in deployment workflow."
}
},
{
"id": "inst_021",
"title": "When implementing new features with dedicated models/controllers/routes, docu...",
"category": "DOCUMENTATION",
"quadrant": "TACTICAL",
"persistence": "MEDIUM",
"description": "When implementing new features with dedicated models/controllers/routes, document the API-Model-Controller relationship clearly. Controller file headers should include endpoint examples, route files should document the model they operate on, and create API reference documentation in docs/api/. Update the API root endpoint (/api) with new route listings. This prevents confusion when multiple overlapping concepts exist (e.g., Projects for governance vs Blog for content).",
"context": "Migrated from v1.0. Original timestamp: 2025-10-11T02:25:00Z",
"rationale": "DEVELOPMENT CONFUSION 2025-10-11 - Priority 1 blog testing: Initially tried using /api/admin/projects for blog posts instead of /api/blog, because both 'Projects' (governance system) and 'Blog' (content system) deal with project-like entities. BlogPost.model.js exists separately from Project.model.js, with dedicated blog.controller.js and blog.routes.js, but this wasn't immediately obvious. Clear Model-Controller-Route documentation would have prevented this 10-minute detour. The API confusion delayed testing and could confuse future developers.",
"trigger": "As defined in original instruction",
"action": "When implementing new features with dedicated models/controllers/routes, document the API-Model-Controller relationship clearly. Controller file headers should include endpoint examples, route files should document the model they operate on, and create API reference documentation in docs/api/. Update the API root endpoint (/api) with new route listings. This prevents confusion when multiple overlapping concepts exist (e.g., Projects for governance vs Blog for content).",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PROJECT",
"verification_required": "REQUIRED",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"documentation_locations": [
"controller file header",
"route file comments",
"docs/api/ directory",
"/api root endpoint"
],
"controller_header_template": "Model: X.model.js | Routes: /api/path | Endpoints: GET /api/path, POST /api/path",
"route_file_comments": "Document model, validation requirements, authentication, examples",
"api_docs_format": "Markdown with endpoint details, request/response examples, error codes",
"update_api_root": "Add new routes to src/routes/index.js root handler"
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-11T02:25:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "DEVELOPMENT CONFUSION 2025-10-11 - Priority 1 blog testing: Initially tried using /api/admin/projects for blog posts instead of /api/blog, because both 'Projects' (governance system) and 'Blog' (content system) deal with project-like entities. BlogPost.model.js exists separately from Project.model.js, with dedicated blog.controller.js and blog.routes.js, but this wasn't immediately obvious. Clear Model-Controller-Route documentation would have prevented this 10-minute detour. The API confusion delayed testing and could confuse future developers."
}
},
{
"id": "inst_022",
"title": "ALL deployment scripts (rsync, scp, git pull) MUST include automated post-dep...",
"category": "DEPLOYMENT",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "ALL deployment scripts (rsync, scp, git pull) MUST include automated post-deployment permission correction as a standard step, not a reactive fix after errors. Use '--chmod=D755,F644' with rsync or equivalent automated permission setting for other tools. Directory creation during deployment MUST explicitly set 755 (directories) and 644 (files) permissions.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-11T04:05:00Z",
"rationale": "RECURRING DEPLOYMENT ISSUE 2025-10-11 - Despite inst_020 requiring permission validation, /public/koha/ directory had 0700 permissions (same pattern as /public/admin/ in previous session). Root cause: rsync creates directories with restrictive umask defaults, and inst_020 focuses on reactive validation rather than proactive automation. This shifts from 'MUST ensure permissions' (principle) to 'USE --chmod flag or automated fix' (automation requirement). Prevents manual permission fixing after discovering 403 errors.",
"trigger": "As defined in original instruction",
"action": "ALL deployment scripts (rsync, scp, git pull) MUST include automated post-deployment permission correction as a standard step, not a reactive fix after errors. Use '--chmod=D755,F644' with rsync or equivalent automated permission setting for other tools. Directory creation during deployment MUST explicitly set 755 (directories) and 644 (files) permissions.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"rsync_chmod_flag": "--chmod=D755,F644",
"rsync_example": "rsync -avz --chmod=D755,F644 -e 'ssh -i key' local/ remote:/path/",
"post_deploy_verification": "ssh remote 'find /var/www/tractatus/public -type d -exec chmod 755 {} + && find /var/www/tractatus/public -type f -name \"*.html\" -o -name \"*.js\" -o -name \"*.css\" -exec chmod 644 {} +'",
"deployment_script_requirement": "scripts/deploy-full-project-SAFE.sh and any ad-hoc rsync commands MUST use --chmod flag or include post-deployment permission fix as standard final step",
"applies_to": [
"rsync",
"scp",
"git pull",
"docker volumes",
"manual copies"
]
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-11T04:05:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-11-priority-2-koha",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "RECURRING DEPLOYMENT ISSUE 2025-10-11 - Despite inst_020 requiring permission validation, /public/koha/ directory had 0700 permissions (same pattern as /public/admin/ in previous session). Root cause: rsync creates directories with restrictive umask defaults, and inst_020 focuses on reactive validation rather than proactive automation. This shifts from 'MUST ensure permissions' (principle) to 'USE --chmod flag or automated fix' (automation requirement). Prevents manual permission fixing after discovering 403 errors."
}
},
{
"id": "inst_023",
"title": "Background processes spawned during development sessions (dev servers, file w...",
"category": "DOCUMENTATION",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Background processes spawned during development sessions (dev servers, file watchers, daemons) MUST be explicitly managed: (1) Document process intent and expected lifetime before spawning, (2) Kill non-essential background processes before session handoff unless explicitly marked 'session-persistent' with justification, (3) When starting sessions, check for orphaned processes from previous sessions before spawning new ones, (4) Development servers should run in foreground when possible to avoid port conflicts and resource leaks across session boundaries.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-11T17:40:00Z",
"rationale": "IDENTIFIED 2025-10-11 - User observed background npm start processes running throughout session (shells 9c58f4 and 44704b). Shell 9c58f4 failed with EADDRINUSE (port 9000 occupied), shell 44704b ran successfully for 2.5 hours. This creates: (1) Resource consumption across session boundaries, (2) Port conflicts in subsequent sessions, (3) Confusion about system state, (4) Unclear handoff expectations. User specifically asked: 'should we contemplate a rule to manage daemons/spawns on development and ensure we do not compromise session handovers'. Cleanup performed: Killed shell 44704b and orphaned processes before creating this instruction. Production server (systemd tractatus.service) is separate and intentionally persistent.",
"trigger": "As defined in original instruction",
"action": "Background processes spawned during development sessions (dev servers, file watchers, daemons) MUST be explicitly managed: (1) Document process intent and expected lifetime before spawning, (2) Kill non-essential background processes before session handoff unless explicitly marked 'session-persistent' with justification, (3) When starting sessions, check for orphaned processes from previous sessions before spawning new ones, (4) Development servers should run in foreground when possible to avoid port conflicts and resource leaks across session boundaries.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"trigger_conditions": [
"run_in_background parameter",
"npm start/dev commands",
"daemon spawning",
"session handoff creation"
],
"cleanup_protocol": {
"before_handoff": "List background processes via /bashes or BashOutput, kill non-essential",
"session_start": "Check lsof -ti:PORT for orphaned processes",
"exception": "Production services (systemd-managed) are separate from dev sessions"
},
"common_culprits": [
"npm start",
"npm run dev",
"npm run watch",
"nodemon",
"file watchers"
],
"verification_commands": [
"lsof -ti:9000",
"ps aux | grep npm"
],
"cleanup_example": "KillShell <shell_id> then kill <pid> for orphaned processes"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-11T17:40:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-11-admin-deployment",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "IDENTIFIED 2025-10-11 - User observed background npm start processes running throughout session (shells 9c58f4 and 44704b). Shell 9c58f4 failed with EADDRINUSE (port 9000 occupied), shell 44704b ran successfully for 2.5 hours. This creates: (1) Resource consumption across session boundaries, (2) Port conflicts in subsequent sessions, (3) Confusion about system state, (4) Unclear handoff expectations. User specifically asked: 'should we contemplate a rule to manage daemons/spawns on development and ensure we do not compromise session handovers'. Cleanup performed: Killed shell 44704b and orphaned processes before creating this instruction. Production server (systemd tractatus.service) is separate and intentionally persistent."
}
},
{
"id": "inst_024",
"title": "When user requests handoff document at session end, execute comprehensive clo...",
"category": "GIT_VERSION_CONTROL",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "When user requests handoff document at session end, execute comprehensive closedown protocol BEFORE creating handoff: (1) Kill all background processes (check /bashes, terminate spawned tests/builds), (2) If instruction-history.json modified: run sync-instructions-to-db.js --force and verify counts, (3) Git state: if work complete and clean, offer atomic commit; if incomplete, document dirty state and reasoning in handoff, (4) Clean temporary artifacts (.memory-test/, lock files, test databases), (5) Create handoff as OPTIMAL STARTUP PROMPT with: context summary, completed tasks with file:line references, next priorities (actionable), key decisions/gotchas, current system state (servers, tests, known issues). AFTER handoff created: STOP immediately, DO NOT continue after compaction. Handoff = intent to start NEW session with fresh 200k tokens, NOT continue from compacted context.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-11T21:30:00Z",
"rationale": "ENHANCED 2025-10-21: Added comprehensive closedown protocol - background process cleanup, database sync verification, git state management, artifact cleanup, and handoff quality requirements. Original issue (2025-10-11): After handoff, conversation was compacted and Claude auto-continued, consuming continuation tokens instead of fresh 200k session. User intent: handoff = new session, not continuation.",
"trigger": "As defined in original instruction",
"action": "When user requests handoff document at session end, execute comprehensive closedown protocol BEFORE creating handoff: (1) Kill all background processes (check /bashes, terminate spawned tests/builds), (2) If instruction-history.json modified: run sync-instructions-to-db.js --force and verify counts, (3) Git state: if work complete and clean, offer atomic commit; if incomplete, document dirty state and reasoning in handoff, (4) Clean temporary artifacts (.memory-test/, lock files, test databases), (5) Create handoff as OPTIMAL STARTUP PROMPT with: context summary, completed tasks with file:line references, next priorities (actionable), key decisions/gotchas, current system state (servers, tests, known issues). AFTER handoff created: STOP immediately, DO NOT continue after compaction. Handoff = intent to start NEW session with fresh 200k tokens, NOT continue from compacted context.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.92,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"trigger": "user_requests_handoff_document",
"user_intent": "start_new_session_not_continue",
"closedown_checklist": {
"step_1_cleanup": {
"kill_background_processes": true,
"check_bashes_command": true,
"terminate_spawned_tests": true
},
"step_2_database_sync": {
"if_instruction_history_modified": "run sync-instructions-to-db.js --force",
"verify_counts_match": true,
"check_local_and_production": true
},
"step_3_git_state": {
"if_work_complete_and_clean": "offer atomic commit with clear message",
"if_incomplete": "document dirty state and reasoning in handoff",
"never": "leave dirty repo without explanation"
},
"step_4_cleanup": {
"remove_test_artifacts": [
".memory-test/",
"lock files",
"test databases"
],
"document_preserved_files": true
},
"step_5_handoff_creation": {
"format": "OPTIMAL STARTUP PROMPT (ready to paste)",
"required_sections": [
"context summary",
"completed tasks (with file:line references)",
"next priorities (specific and actionable)",
"key decisions and gotchas",
"current system state (servers, tests, errors)"
],
"quality_checklist": [
"formatted as startup prompt",
"no ambiguity about state",
"file references include line numbers",
"next priorities clear",
"critical context preserved"
]
}
},
"after_handoff_created": {
"stop_work": "immediately",
"no_continuation": "after conversation compaction",
"handoff_role": "bridge to NEW session",
"action": "wait for user to start fresh session"
},
"if_compacted_after_handoff": {
"do_not": [
"run session-init.js automatically",
"begin implementation from startup prompt"
],
"instead": "output warning and wait for user confirmation"
},
"warning_message": "⚠️ Handoff document created in previous session. This indicates intent to start NEW session with fresh 200k tokens. Confirm if you want to continue instead."
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-11T21:30:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-11-handoff-protocol",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "ENHANCED 2025-10-21: Added comprehensive closedown protocol - background process cleanup, database sync verification, git state management, artifact cleanup, and handoff quality requirements. Original issue (2025-10-11): After handoff, conversation was compacted and Claude auto-continued, consuming continuation tokens instead of fresh 200k session. User intent: handoff = new session, not continuation."
}
},
{
"id": "inst_025",
"title": "BEFORE deploying files with rsync to production: (1) Map each source file to ...",
"category": "DEPLOYMENT",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "BEFORE deploying files with rsync to production: (1) Map each source file to its correct target directory structure, (2) When source files have different subdirectories (e.g., /admin/, /js/admin/), use SEPARATE rsync commands for each directory level, (3) NEVER flatten directory structures by deploying files with different paths to a single target directory, (4) VERIFY deployment paths in rsync command match intended structure: /public/admin/*.html → remote:/public/admin/, /public/js/admin/*.js → remote:/public/js/admin/, /public/*.html → remote:/public/, (5) After deployment, verify files are in correct locations BEFORE restarting services.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-11T05:44:00Z",
"rationale": "RECURRING DEPLOYMENT ISSUE 2025-10-11 - Priority 4 frontend deployment: Initially deployed 4 files (admin/media-triage.html, js/admin/media-triage.js, media-triage-transparency.html, js/media-triage-transparency.js) with single rsync command to /public/, which flattened all files into /public/ instead of preserving /admin/ and /js/admin/ subdirectories. Required 4 separate rsync commands to fix. This is the THIRD occurrence of deployment directory errors (inst_020, inst_022, this session). Root cause: When source files have nested subdirectories, single rsync target flattens structure. Prevention: Use separate rsync per directory level.",
"trigger": "As defined in original instruction",
"action": "BEFORE deploying files with rsync to production: (1) Map each source file to its correct target directory structure, (2) When source files have different subdirectories (e.g., /admin/, /js/admin/), use SEPARATE rsync commands for each directory level, (3) NEVER flatten directory structures by deploying files with different paths to a single target directory, (4) VERIFY deployment paths in rsync command match intended structure: /public/admin/*.html → remote:/public/admin/, /public/js/admin/*.js → remote:/public/js/admin/, /public/*.html → remote:/public/, (5) After deployment, verify files are in correct locations BEFORE restarting services.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PROJECT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_steps": [
"Map source files to target directories",
"Identify different directory levels",
"Use separate rsync for each level",
"Verify paths before execution",
"Confirm file locations post-deployment"
],
"correct_example": [
"rsync ... /local/public/admin/file.html remote:/var/www/tractatus/public/admin/",
"rsync ... /local/public/js/admin/file.js remote:/var/www/tractatus/public/js/admin/"
],
"wrong_example": "rsync ... /local/public/admin/file.html /local/public/js/admin/file.js remote:/var/www/tractatus/public/ (flattens structure)",
"related_tools": [
"rsync",
"scp"
],
"applies_with": "--chmod=D755,F644 (inst_022)"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-11T05:44:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-11-priority-4-media-triage",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "RECURRING DEPLOYMENT ISSUE 2025-10-11 - Priority 4 frontend deployment: Initially deployed 4 files (admin/media-triage.html, js/admin/media-triage.js, media-triage-transparency.html, js/media-triage-transparency.js) with single rsync command to /public/, which flattened all files into /public/ instead of preserving /admin/ and /js/admin/ subdirectories. Required 4 separate rsync commands to fix. This is the THIRD occurrence of deployment directory errors (inst_020, inst_022, this session). Root cause: When source files have nested subdirectories, single rsync target flattens structure. Prevention: Use separate rsync per directory level."
}
},
{
"id": "inst_026",
"title": "Standard Claude API environment variable is CLAUDE_API_KEY (not ANTHROPIC_API...",
"category": "DEPLOYMENT",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "Standard Claude API environment variable is CLAUDE_API_KEY (not ANTHROPIC_API_KEY). When implementing AI features (blog curation, media triage, content generation), ALWAYS use process.env.CLAUDE_API_KEY. If encountering 401 API errors, check production .env for the actual key value (ssh to production: cat /var/www/tractatus/.env). Production currently sets BOTH CLAUDE_API_KEY and ANTHROPIC_API_KEY to same value as compatibility workaround, but all new code MUST use CLAUDE_API_KEY. Related feature flag: ENABLE_AI_CURATION must be 'true' for blog/curation features to work.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-12T00:00:00Z",
"rationale": "IDENTIFIED 2025-10-12 - Blog Priority 3: Initial 401 API error during blog post generation. Root cause: Local .env had placeholder value for CLAUDE_API_KEY, and I failed to check production environment configuration. MediaTriage.service.js was using ANTHROPIC_API_KEY instead of CLAUDE_API_KEY (inconsistent with rest of codebase: 5 files use CLAUDE_API_KEY vs 1 using ANTHROPIC_API_KEY). User feedback: 'the Claude API is configured. find it and explain why you did not find it previously' and 'there are obviously inconsistencies in the codebase that need to be resolved either by update of the codebase and or creation of a new rule that identifies how to find the key'. Fixed: Updated MediaTriage.service.js to use CLAUDE_API_KEY, updated local .env with production key, set ENABLE_AI_CURATION=true. This instruction prevents future confusion about which environment variable to use and where to find the actual API key value.",
"trigger": "As defined in original instruction",
"action": "Standard Claude API environment variable is CLAUDE_API_KEY (not ANTHROPIC_API_KEY). When implementing AI features (blog curation, media triage, content generation), ALWAYS use process.env.CLAUDE_API_KEY. If encountering 401 API errors, check production .env for the actual key value (ssh to production: cat /var/www/tractatus/.env). Production currently sets BOTH CLAUDE_API_KEY and ANTHROPIC_API_KEY to same value as compatibility workaround, but all new code MUST use CLAUDE_API_KEY. Related feature flag: ENABLE_AI_CURATION must be 'true' for blog/curation features to work.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PROJECT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"standard_variable": "CLAUDE_API_KEY",
"deprecated_variable": "ANTHROPIC_API_KEY",
"production_check": "ssh -i ~/.ssh/tractatus_deploy ubuntu@vps-93a693da.vps.ovh.net 'cat /var/www/tractatus/.env | grep CLAUDE_API_KEY'",
"related_feature_flags": [
"ENABLE_AI_CURATION"
],
"affected_services": [
"MediaTriage.service.js",
"blog.controller.js",
"future AI features"
],
"codebase_usage": {
"correct": "new Anthropic({ apiKey: process.env.CLAUDE_API_KEY })",
"incorrect": "new Anthropic({ apiKey: process.env.ANTHROPIC_API_KEY })"
}
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-12T00:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-12-blog-system",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "IDENTIFIED 2025-10-12 - Blog Priority 3: Initial 401 API error during blog post generation. Root cause: Local .env had placeholder value for CLAUDE_API_KEY, and I failed to check production environment configuration. MediaTriage.service.js was using ANTHROPIC_API_KEY instead of CLAUDE_API_KEY (inconsistent with rest of codebase: 5 files use CLAUDE_API_KEY vs 1 using ANTHROPIC_API_KEY). User feedback: 'the Claude API is configured. find it and explain why you did not find it previously' and 'there are obviously inconsistencies in the codebase that need to be resolved either by update of the codebase and or creation of a new rule that identifies how to find the key'. Fixed: Updated MediaTriage.service.js to use CLAUDE_API_KEY, updated local .env with production key, set ENABLE_AI_CURATION=true. This instruction prevents future confusion about which environment variable to use and where to find the actual API key value."
}
},
{
"id": "inst_027",
"title": "NEVER overwrite, delete, or modify existing instructions in",
"category": "DEPLOYMENT",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "NEVER overwrite, delete, or modify existing instructions in .claude/instruction-history.json without explicit human approval. ALWAYS check existing instruction IDs before creating new ones (use: grep '\"id\":' .claude/instruction-history.json | tail -5). When user requests instruction updates: (1) Show current instruction text, (2) Propose changes, (3) Wait for approval before editing. .claude/instruction-history.json MUST be kept in sync between dev and production: after any instruction changes, deploy to production immediately using: rsync -avz --chmod=D755,F644 -e 'ssh -i ~/.ssh/tractatus_deploy' /home/theflow/projects/tractatus/.claude/ ubuntu@vps-93a693da.vps.ovh.net:/var/www/tractatus/.claude/",
"context": "Migrated from v1.0. Original timestamp: 2025-10-12T00:10:00Z",
"rationale": "CRITICAL REQUIREMENT 2025-10-12 - Blog system completion: Nearly created inst_025 when it already existed (user intervention prevented). User directive: 'create a rule to NEVER overwrite existing rules unless they are changes to that rule approved by human and ensure the rules are synced between dev and production at all times'. Instruction management protocol: instructions are HIGH-persistence governance data that MUST be protected from accidental modification and kept consistent across environments. Without sync, production sessions would operate under different rules than dev sessions, creating governance drift and unpredictable behavior. This instruction ensures: (1) No accidental overwrites, (2) Human oversight for changes, (3) Consistent governance between environments.",
"trigger": "As defined in original instruction",
"action": "NEVER overwrite, delete, or modify existing instructions in .claude/instruction-history.json without explicit human approval. ALWAYS check existing instruction IDs before creating new ones (use: grep '\"id\":' .claude/instruction-history.json | tail -5). When user requests instruction updates: (1) Show current instruction text, (2) Propose changes, (3) Wait for approval before editing. .claude/instruction-history.json MUST be kept in sync between dev and production: after any instruction changes, deploy to production immediately using: rsync -avz --chmod=D755,F644 -e 'ssh -i ~/.ssh/tractatus_deploy' /home/theflow/projects/tractatus/.claude/ ubuntu@vps-93a693da.vps.ovh.net:/var/www/tractatus/.claude/",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"protected_file": ".claude/instruction-history.json",
"check_command": "grep '\"id\":' .claude/instruction-history.json | tail -5",
"sync_requirement": "IMMEDIATE",
"sync_command": "rsync -avz --chmod=D755,F644 -e 'ssh -i ~/.ssh/tractatus_deploy' /home/theflow/projects/tractatus/.claude/ ubuntu@vps-93a693da.vps.ovh.net:/var/www/tractatus/.claude/",
"sync_triggers": [
"instruction_created",
"instruction_modified",
"instruction_deactivated"
],
"approval_required_for": [
"overwrite",
"delete",
"modify",
"deactivate"
],
"allowed_without_approval": [
"create_new_instruction_with_next_sequential_id"
],
"verification_after_sync": "ssh -i ~/.ssh/tractatus_deploy ubuntu@vps-93a693da.vps.ovh.net 'ls -lh /var/www/tractatus/.claude/instruction-history.json && tail -3 /var/www/tractatus/.claude/instruction-history.json'"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-12T00:10:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-12-blog-system",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CRITICAL REQUIREMENT 2025-10-12 - Blog system completion: Nearly created inst_025 when it already existed (user intervention prevented). User directive: 'create a rule to NEVER overwrite existing rules unless they are changes to that rule approved by human and ensure the rules are synced between dev and production at all times'. Instruction management protocol: instructions are HIGH-persistence governance data that MUST be protected from accidental modification and kept consistent across environments. Without sync, production sessions would operate under different rules than dev sessions, creating governance drift and unpredictable behavior. This instruction ensures: (1) No accidental overwrites, (2) Human oversight for changes, (3) Consistent governance between environments."
}
},
{
"id": "inst_028",
"title": "ONLY documentation and research materials MUST be synced to tractatus-framewo...",
"category": "SECURITY",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "ONLY documentation and research materials MUST be synced to tractatus-framework public GitHub repository at ../tractatus-public. After creating/updating documentation: (1) Manually copy files to ../tractatus-public, (2) Review changes with 'cd ../tractatus-public && git status', (3) Commit with descriptive message, (4) Push to GitHub. EXCLUDE ALL PRODUCTION CODE: src/, tests/, scripts/, public/, systemd/, deployment-quickstart/, package files, .env files, CLAUDE.md, SESSION-HANDOFF files, internal development guides, .claude/ directory, sensitive data. INCLUDE ONLY: docs/ (research, case studies, API documentation - excluding internal docs), README updates, CONTRIBUTING updates, LICENSE. Public repository is DOCUMENTATION ONLY for security reasons - full implementation is proprietary.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-12T09:50:00Z",
"rationale": "SECURITY UPDATE 2025-10-12 - Initially populated public repo with full source code (255 files, 90k+ lines). User reviewed and immediately identified security risk: admin panels, deployment scripts, service configurations, and full source code provide attack surface for bad actors. SECURITY LOCKDOWN: Removed ALL production code (237 files, 79,856 lines). Public repository now DOCUMENTATION ONLY: docs/, README, CONTRIBUTING, LICENSE. Rationale: Framework concepts and research should be public for AI safety community, but production implementation details must remain private to prevent reconnaissance attacks and infrastructure exploitation. Developers can experience framework at https://agenticgovernance.digital and contact john.stroh.nz@pm.me for implementation inquiries. This instruction updated to prevent future syncing of production code.",
"trigger": "As defined in original instruction",
"action": "ONLY documentation and research materials MUST be synced to tractatus-framework public GitHub repository at ../tractatus-public. After creating/updating documentation: (1) Manually copy files to ../tractatus-public, (2) Review changes with 'cd ../tractatus-public && git status', (3) Commit with descriptive message, (4) Push to GitHub. EXCLUDE ALL PRODUCTION CODE: src/, tests/, scripts/, public/, systemd/, deployment-quickstart/, package files, .env files, CLAUDE.md, SESSION-HANDOFF files, internal development guides, .claude/ directory, sensitive data. INCLUDE ONLY: docs/ (research, case studies, API documentation - excluding internal docs), README updates, CONTRIBUTING updates, LICENSE. Public repository is DOCUMENTATION ONLY for security reasons - full implementation is proprietary.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PROJECT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"public_repo_path": "../tractatus-public",
"sync_script": "scripts/sync-to-public.sh",
"sync_triggers": [
"new_shareable_code",
"documentation_updates",
"deployment_file_changes",
"public_feature_additions"
],
"exclude_patterns": [
"CLAUDE.md",
"SESSION-HANDOFF-*.md",
"*Maintenance_Guide.md",
".claude/",
"NEXT_SESSION*.md",
"PHASE-*-PREP*.md",
"docs/SESSION-*.md",
"docs/FRAMEWORK_FAILURE_*.md",
"docs/SECURITY_AUDIT_REPORT.md",
"docs/governance/MONTHLY-REVIEW-SCHEDULE.md",
"docs/governance/PRIVACY-PRESERVING-ANALYTICS-PLAN.md"
],
"include_directories": [
"src/",
"tests/",
"scripts/",
"public/",
"docs/markdown/",
"docs/api/",
"docs/case-studies/",
"docs/research/",
"docs/governance/ (selective)",
"deployment-quickstart/",
"systemd/"
],
"include_files": [
"package.json",
"package-lock.json",
"README.md",
"CONTRIBUTING.md",
"LICENSE",
".env.example",
".gitignore",
"SETUP_INSTRUCTIONS.md"
],
"workflow_steps": [
"Run sync script",
"Review with git status",
"Commit with descriptive message",
"Push to GitHub"
],
"verification": "curl -s https://github.com/AgenticGovernance/tractatus-framework | grep -c src/"
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-12T09:50:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-12-public-repo-population",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "SECURITY UPDATE 2025-10-12 - Initially populated public repo with full source code (255 files, 90k+ lines). User reviewed and immediately identified security risk: admin panels, deployment scripts, service configurations, and full source code provide attack surface for bad actors. SECURITY LOCKDOWN: Removed ALL production code (237 files, 79,856 lines). Public repository now DOCUMENTATION ONLY: docs/, README, CONTRIBUTING, LICENSE. Rationale: Framework concepts and research should be public for AI safety community, but production implementation details must remain private to prevent reconnaissance attacks and infrastructure exploitation. Developers can experience framework at https://agenticgovernance.digital and contact john.stroh.nz@pm.me for implementation inquiries. This instruction updated to prevent future syncing of production code."
}
},
{
"id": "inst_038",
"title": "BEFORE using Edit or Write tools on ANY file (HTML, JS, CSS, config), EXPLICI...",
"category": "FRAMEWORK_OPERATION",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "BEFORE using Edit or Write tools on ANY file (HTML, JS, CSS, config), EXPLICITLY state: 'Running pre-action-check for [filename]' and execute node scripts/pre-action-check.js <action-type> [file-path] '<description>'. If pre-action-check FAILS (exit code 1), STOP immediately and fix violations before proceeding. Never skip pre-action-check - it validates: (1) ContextPressureMonitor recency, (2) Instruction history loaded, (3) Token checkpoints, (4) CSP compliance for HTML/JS files (inst_008), (5) Required framework components used. Skipping pre-action-check is CRITICAL FRAMEWORK FAILURE that can bypass governance rules (CSP, boundary checks, instruction conflicts). Add pre-action-check timestamp to session-state.json for watchdog monitoring.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-12T19:50:00Z",
"rationale": "CRITICAL FRAMEWORK GAP 2025-10-12 - User discovered I violated CSP (inst_008) by adding inline styles to docs-app.js during category collapse fix. Root cause: I skipped pre-action-check.js before editing the file. The script would have caught the violations and BLOCKED the action (verified with test). Framework fade: Tool exists and works, but wasn't used. User question: 'why did the rules not pick up the csp violation?' Answer: Because I didn't run pre-action-check. This is a GENERIC FAILURE PATTERN that could bypass multiple rules (CSP, boundary enforcement, instruction conflicts). This instruction makes pre-action-check explicitly required before file modifications, with clear failure protocol. Fourth attempt to fix docs.html categories - need to ensure proper deployment this time.",
"trigger": "As defined in original instruction",
"action": "BEFORE using Edit or Write tools on ANY file (HTML, JS, CSS, config), EXPLICITLY state: 'Running pre-action-check for [filename]' and execute node scripts/pre-action-check.js <action-type> [file-path] '<description>'. If pre-action-check FAILS (exit code 1), STOP immediately and fix violations before proceeding. Never skip pre-action-check - it validates: (1) ContextPressureMonitor recency, (2) Instruction history loaded, (3) Token checkpoints, (4) CSP compliance for HTML/JS files (inst_008), (5) Required framework components used. Skipping pre-action-check is CRITICAL FRAMEWORK FAILURE that can bypass governance rules (CSP, boundary checks, instruction conflicts). Add pre-action-check timestamp to session-state.json for watchdog monitoring.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"trigger_tools": [
"Edit",
"Write"
],
"pre_action_command": "node scripts/pre-action-check.js <action-type> [file-path] '<description>'",
"action_types": [
"file-edit",
"database",
"architecture",
"config",
"security",
"values",
"complex"
],
"validates": [
"pressure_check_recency",
"instructions_loaded",
"token_checkpoints",
"csp_compliance",
"framework_components"
],
"fail_behavior": "STOP_immediately_fix_violations",
"csp_enforcement": "Automated detection of inline styles, inline scripts, event handlers (inst_008)",
"session_state_tracking": "Update last_pre_action_check timestamp in session-state.json",
"watchdog_integration": "Enable automated detection if pre-action-check skipped"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-12T19:50:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-12-document-review",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CRITICAL FRAMEWORK GAP 2025-10-12 - User discovered I violated CSP (inst_008) by adding inline styles to docs-app.js during category collapse fix. Root cause: I skipped pre-action-check.js before editing the file. The script would have caught the violations and BLOCKED the action (verified with test). Framework fade: Tool exists and works, but wasn't used. User question: 'why did the rules not pick up the csp violation?' Answer: Because I didn't run pre-action-check. This is a GENERIC FAILURE PATTERN that could bypass multiple rules (CSP, boundary enforcement, instruction conflicts). This instruction makes pre-action-check explicitly required before file modifications, with clear failure protocol. Fourth attempt to fix docs.html categories - need to ensure proper deployment this time."
}
},
{
"id": "inst_039",
"title": "When processing documents for card presentations or any content updates, MAND...",
"category": "DEPLOYMENT",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "When processing documents for card presentations or any content updates, MANDATORY audit for: (1) Update all references from 'five services' to 'six services' - PluralisticDeliberationOrchestrator is the 6th service added in Phase 5, (2) Ensure PluralisticDeliberationOrchestrator is properly documented wherever core services are mentioned, (3) Check for rule violations using prohibited absolute language: 'guarantee', 'guarantees', 'always', 'never' (when describing effectiveness), 'impossible', 'ensures 100%', 'eliminates all', 'completely prevents', (4) Verify technical accuracy and currency of all claims - no fabricated statistics or outdated information. This applies to: markdown source files, database document content, public-facing HTML, API documentation, executive briefs, case studies. BEFORE deploying any document updates, search for prohibited terms and outdated service counts.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-12T20:10:00Z",
"rationale": "CRITICAL CONTENT ACCURACY GAP 2025-10-12 - User identified that most documents still reference 'five services' instead of 'six services'. PluralisticDeliberationOrchestrator was added as 6th service in Phase 5 but existing documentation not updated. Combined with ongoing rule violation checks (inst_016, inst_017) this creates comprehensive content accuracy protocol. User quote: 'very few of the documents refer correctly to the new 6th service! most still refer to 5' and 'we need to actually reexamine the content, not only for rule violations but also for currency'. This instruction ensures systematic content review during card presentation implementation, preventing outdated/inaccurate content from being deployed with improved UI/UX.",
"trigger": "As defined in original instruction",
"action": "When processing documents for card presentations or any content updates, MANDATORY audit for: (1) Update all references from 'five services' to 'six services' - PluralisticDeliberationOrchestrator is the 6th service added in Phase 5, (2) Ensure PluralisticDeliberationOrchestrator is properly documented wherever core services are mentioned, (3) Check for rule violations using prohibited absolute language: 'guarantee', 'guarantees', 'always', 'never' (when describing effectiveness), 'impossible', 'ensures 100%', 'eliminates all', 'completely prevents', (4) Verify technical accuracy and currency of all claims - no fabricated statistics or outdated information. This applies to: markdown source files, database document content, public-facing HTML, API documentation, executive briefs, case studies. BEFORE deploying any document updates, search for prohibited terms and outdated service counts.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"mandatory_checks": [
"service_count_accuracy",
"pluralistic_deliberation_mentioned",
"prohibited_language_scan",
"technical_currency"
],
"service_count": {
"incorrect": "five services",
"correct": "six services",
"sixth_service": "PluralisticDeliberationOrchestrator"
},
"prohibited_terms": [
"guarantee",
"guarantees",
"guaranteed",
"always works",
"never fails",
"impossible",
"ensures 100%",
"eliminates all",
"completely prevents",
"perfect protection"
],
"approved_alternatives": [
"designed to reduce",
"helps mitigate",
"reduces risk of",
"supports prevention of",
"intended to minimize",
"architected to limit",
"structurally prevented",
"designed to detect"
],
"search_commands": [
"grep -i 'five service' docs/markdown/*.md",
"grep -i 'guarantee' docs/markdown/*.md",
"grep -i 'always\\|never' docs/markdown/*.md"
],
"applies_to": [
"markdown_sources",
"database_documents",
"public_html",
"api_documentation",
"executive_briefs",
"case_studies",
"blog_posts"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-12T20:10:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-12-card-presentations",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CRITICAL CONTENT ACCURACY GAP 2025-10-12 - User identified that most documents still reference 'five services' instead of 'six services'. PluralisticDeliberationOrchestrator was added as 6th service in Phase 5 but existing documentation not updated. Combined with ongoing rule violation checks (inst_016, inst_017) this creates comprehensive content accuracy protocol. User quote: 'very few of the documents refer correctly to the new 6th service! most still refer to 5' and 'we need to actually reexamine the content, not only for rule violations but also for currency'. This instruction ensures systematic content review during card presentation implementation, preventing outdated/inaccurate content from being deployed with improved UI/UX."
}
},
{
"id": "inst_040",
"title": "When user says \"all\" (e",
"category": "DEPLOYMENT",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "When user says \"all\" (e.g., \"update all pages\", \"fix all instances\", \"check all files\"), Claude MUST: (1) Use Glob/Grep to find ALL matches, (2) List every item found with file:line references, (3) Confirm with user before proceeding, (4) Track completion of each item. NEVER assume \"all\" means \"a few examples\" or \"the ones I found first\".",
"context": "Migrated from v1.0. Original timestamp: 2025-10-14T13:00:00Z",
"rationale": "IDENTIFIED 2025-10-14 - User directive: 'create a rule that stipulates that when the user says \"all\" as in \"update all...\" Claude may not choose to work on a subset'. Context: Footer standardization where user asked to update all pages, and Claude initially only updated FAQ page footer then used script for remaining pages. User expects 'all' to mean complete coverage without exceptions or representative samples. This prevents pattern where Claude selectively applies changes to subset of items when user explicitly requested universal application.",
"trigger": "As defined in original instruction",
"action": "When user says \"all\" (e.g., \"update all pages\", \"fix all instances\", \"check all files\"), Claude MUST: (1) Use Glob/Grep to find ALL matches, (2) List every item found with file:line references, (3) Confirm with user before proceeding, (4) Track completion of each item. NEVER assume \"all\" means \"a few examples\" or \"the ones I found first\".",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"trigger_words": [
"all",
"every",
"each"
],
"examples": [
"update all pages",
"fix all instances",
"check all files",
"update every page",
"fix each occurrence"
],
"prohibited_actions": [
"working_on_subset",
"representative_sample",
"partial_completion",
"silent_skipping"
],
"required_actions": [
"identify_complete_scope",
"confirm_if_ambiguous",
"process_every_item",
"verify_complete_coverage"
],
"scope_too_large_threshold": 20,
"large_scope_action": "ask_user_to_prioritize_or_batch"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-14T13:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-14-faq-fixes",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "IDENTIFIED 2025-10-14 - User directive: 'create a rule that stipulates that when the user says \"all\" as in \"update all...\" Claude may not choose to work on a subset'. Context: Footer standardization where user asked to update all pages, and Claude initially only updated FAQ page footer then used script for remaining pages. User expects 'all' to mean complete coverage without exceptions or representative samples. This prevents pattern where Claude selectively applies changes to subset of items when user explicitly requested universal application."
}
},
{
"id": "inst_041",
"title": "ALL file uploads (case study submissions, media attachments, document uploads...",
"category": "SECURITY",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "ALL file uploads (case study submissions, media attachments, document uploads, user-provided files) MUST undergo mandatory malware scanning using sovereign tools before processing or storage. REQUIRED validation pipeline: (1) File type validation using file(1) command - reject mismatched MIME types and extensions, (2) ClamAV antivirus scan with updated virus definitions (minimum daily updates), (3) YARA rule scanning for malware signatures and suspicious patterns, (4) File size limits enforced (max 10MB for documents, 50MB for media), (5) Quarantine suspicious files for manual review - NEVER auto-process flagged content. ALL scans must complete successfully before file is accessible to application logic. Failed scans trigger immediate rejection and security alert logging. Implement in src/middleware/file-security.middleware.js with detailed logging to security audit trail.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-14T01:45:00Z",
"rationale": "SECURITY REQUIREMENT 2025-10-14 - User directive: 'Create a set of tractatus permanent strategic rules that ensures any external input to the website or incoming mail or case study submissions etc are rigorously vetted for malware, viruses, sleeper code or any other bad actor infiltration attempts.' Part 1 of comprehensive security vetting framework. File uploads are primary attack vector for malware injection. Sovereign tools (ClamAV, YARA, file(1)) are open-source, auditable, and under organizational control - no reliance on external services or proprietary scanning APIs. Multi-layer validation creates defense in depth: type validation catches file extension spoofing, ClamAV catches known malware, YARA catches suspicious patterns and zero-days.",
"trigger": "As defined in original instruction",
"action": "ALL file uploads (case study submissions, media attachments, document uploads, user-provided files) MUST undergo mandatory malware scanning using sovereign tools before processing or storage. REQUIRED validation pipeline: (1) File type validation using file(1) command - reject mismatched MIME types and extensions, (2) ClamAV antivirus scan with updated virus definitions (minimum daily updates), (3) YARA rule scanning for malware signatures and suspicious patterns, (4) File size limits enforced (max 10MB for documents, 50MB for media), (5) Quarantine suspicious files for manual review - NEVER auto-process flagged content. ALL scans must complete successfully before file is accessible to application logic. Failed scans trigger immediate rejection and security alert logging. Implement in src/middleware/file-security.middleware.js with detailed logging to security audit trail.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"trigger_conditions": [
"file_upload",
"document_submission",
"media_attachment",
"case_study_upload",
"any_external_file"
],
"sovereign_tools": {
"file_type_validation": "file(1) - UNIX file command",
"antivirus": "ClamAV (clamscan/clamdscan)",
"pattern_matching": "YARA rules engine",
"update_frequency": "ClamAV definitions: minimum daily"
},
"validation_pipeline": [
"file_type_validation",
"mime_type_verification",
"clamav_scan",
"yara_scan",
"size_limit_check"
],
"size_limits": {
"documents": "10MB",
"media": "50MB",
"default": "5MB"
},
"rejection_criteria": [
"mime_type_mismatch",
"virus_detected",
"malware_signature_match",
"size_exceeded",
"suspicious_patterns"
],
"quarantine_directory": "/var/quarantine/tractatus",
"security_logging": "src/utils/security-logger.js",
"implementation_file": "src/middleware/file-security.middleware.js"
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-14T01:45:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-14-security-vetting",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "SECURITY REQUIREMENT 2025-10-14 - User directive: 'Create a set of tractatus permanent strategic rules that ensures any external input to the website or incoming mail or case study submissions etc are rigorously vetted for malware, viruses, sleeper code or any other bad actor infiltration attempts.' Part 1 of comprehensive security vetting framework. File uploads are primary attack vector for malware injection. Sovereign tools (ClamAV, YARA, file(1)) are open-source, auditable, and under organizational control - no reliance on external services or proprietary scanning APIs. Multi-layer validation creates defense in depth: type validation catches file extension spoofing, ClamAV catches known malware, YARA catches suspicious patterns and zero-days."
}
},
{
"id": "inst_042",
"title": "ALL email attachments and incoming mail to system addresses (media inquiries,...",
"category": "SECURITY",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "ALL email attachments and incoming mail to system addresses (media inquiries, case submissions, contact forms processed via email) MUST be scanned using sovereign email security stack before delivery to application. REQUIRED email security pipeline: (1) SpamAssassin content filtering with custom rules for governance domain (minimum score 5.0 = spam), (2) amavisd-new integration for virus scanning (ClamAV backend), (3) Attachment type restrictions - only allow: PDF, TXT, MD, DOC/DOCX, images (PNG/JPG). Block: executables, scripts, archives, macros, (4) DKIM/SPF/DMARC validation for sender authentication, (5) Rate limiting per sender (max 10 emails/hour from unknown senders), (6) Suspicious attachments quarantined to /var/quarantine/email/ with alert to admin. Configure postfix/dovecot with these filters. ALL blocked emails logged to security audit trail with sender IP, timestamp, rejection reason. Implement monitoring dashboard for security team.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-14T01:45:00Z",
"rationale": "SECURITY REQUIREMENT 2025-10-14 - Part 2 of comprehensive security vetting framework. Email is secondary attack vector - phishing, malware attachments, social engineering attempts. Sovereign email stack (SpamAssassin, amavisd-new, postfix) provides complete control over filtering rules and logging. DKIM/SPF/DMARC prevents sender spoofing. Attachment restrictions prevent executable delivery. Rate limiting prevents spam floods and automated attacks. This creates layered defense for email-based threats while maintaining full auditability and control of security infrastructure.",
"trigger": "As defined in original instruction",
"action": "ALL email attachments and incoming mail to system addresses (media inquiries, case submissions, contact forms processed via email) MUST be scanned using sovereign email security stack before delivery to application. REQUIRED email security pipeline: (1) SpamAssassin content filtering with custom rules for governance domain (minimum score 5.0 = spam), (2) amavisd-new integration for virus scanning (ClamAV backend), (3) Attachment type restrictions - only allow: PDF, TXT, MD, DOC/DOCX, images (PNG/JPG). Block: executables, scripts, archives, macros, (4) DKIM/SPF/DMARC validation for sender authentication, (5) Rate limiting per sender (max 10 emails/hour from unknown senders), (6) Suspicious attachments quarantined to /var/quarantine/email/ with alert to admin. Configure postfix/dovecot with these filters. ALL blocked emails logged to security audit trail with sender IP, timestamp, rejection reason. Implement monitoring dashboard for security team.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"trigger_conditions": [
"incoming_email",
"email_attachments",
"contact_form_email",
"media_inquiry_email",
"case_submission_email"
],
"sovereign_tools": {
"spam_filter": "SpamAssassin",
"virus_scanning": "amavisd-new with ClamAV backend",
"mail_server": "postfix/dovecot",
"authentication": "OpenDKIM, opendmarc"
},
"email_pipeline": [
"spamassassin_filtering",
"dkim_spf_dmarc_validation",
"amavisd_virus_scan",
"attachment_type_validation",
"rate_limiting_check"
],
"allowed_attachments": [
"application/pdf",
"text/plain",
"text/markdown",
"application/msword",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"image/png",
"image/jpeg"
],
"blocked_attachments": [
"executables (.exe, .bat, .cmd, .sh)",
"scripts (.js, .vbs, .ps1, .py)",
"archives (.zip, .rar, .tar, .gz)",
"macros (macro-enabled documents)",
"suspicious extensions (.scr, .pif, .com)"
],
"spamassassin_config": {
"required_score": "5.0",
"custom_rules": "/etc/spamassassin/local.cf",
"auto_learn": true
},
"rate_limiting": {
"unknown_senders": "10 emails per hour",
"known_senders": "100 emails per hour",
"implementation": "postfix policyd-weight"
},
"quarantine_directory": "/var/quarantine/email",
"monitoring": "security dashboard for blocked emails"
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-14T01:45:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-14-security-vetting",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "SECURITY REQUIREMENT 2025-10-14 - Part 2 of comprehensive security vetting framework. Email is secondary attack vector - phishing, malware attachments, social engineering attempts. Sovereign email stack (SpamAssassin, amavisd-new, postfix) provides complete control over filtering rules and logging. DKIM/SPF/DMARC prevents sender spoofing. Attachment restrictions prevent executable delivery. Rate limiting prevents spam floods and automated attacks. This creates layered defense for email-based threats while maintaining full auditability and control of security infrastructure."
}
},
{
"id": "inst_043",
"title": "ALL user input from web forms (contact forms, case submissions, media inquiri...",
"category": "SECURITY",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "ALL user input from web forms (contact forms, case submissions, media inquiries, comment fields, search inputs) MUST undergo rigorous sanitization and validation BEFORE processing or storage. MANDATORY validation layers: (1) Input length limits enforced (configurable per field, default max 5000 chars), (2) HTML sanitization using DOMPurify (sovereign JS library) - strip ALL HTML tags except safe whitelist for markdown fields, (3) SQL injection prevention via parameterized queries ONLY (NEVER string concatenation in MongoDB queries), (4) NoSQL injection prevention - validate all user input against expected data types and patterns before database operations, (5) XSS prevention - Content Security Policy enforcement (inst_008) + output encoding, (6) CSRF protection on all POST/PUT/DELETE endpoints using signed tokens. Implement in src/middleware/input-validation.middleware.js with comprehensive logging. Use validator.js library for email, URL, and data format validation. Rate limit form submissions: 5 requests per minute per IP.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-14T01:45:00Z",
"rationale": "SECURITY REQUIREMENT 2025-10-14 - Part 3 of comprehensive security vetting framework. Web form inputs are most common attack vector for XSS, injection attacks, and data exfiltration. DOMPurify is sovereign (open-source, client+server capable) and industry-standard for HTML sanitization. Parameterized queries prevent SQL/NoSQL injection. CSP (inst_008) provides defense in depth for XSS. CSRF tokens prevent cross-site request forgery. Rate limiting prevents automated form spam and brute force attempts. Multi-layer validation creates defense in depth: input validation, sanitization, parameterized queries, output encoding, CSP enforcement.",
"trigger": "As defined in original instruction",
"action": "ALL user input from web forms (contact forms, case submissions, media inquiries, comment fields, search inputs) MUST undergo rigorous sanitization and validation BEFORE processing or storage. MANDATORY validation layers: (1) Input length limits enforced (configurable per field, default max 5000 chars), (2) HTML sanitization using DOMPurify (sovereign JS library) - strip ALL HTML tags except safe whitelist for markdown fields, (3) SQL injection prevention via parameterized queries ONLY (NEVER string concatenation in MongoDB queries), (4) NoSQL injection prevention - validate all user input against expected data types and patterns before database operations, (5) XSS prevention - Content Security Policy enforcement (inst_008) + output encoding, (6) CSRF protection on all POST/PUT/DELETE endpoints using signed tokens. Implement in src/middleware/input-validation.middleware.js with comprehensive logging. Use validator.js library for email, URL, and data format validation. Rate limit form submissions: 5 requests per minute per IP.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"trigger_conditions": [
"form_submission",
"user_input",
"search_query",
"contact_form",
"case_submission",
"media_inquiry",
"comment_field",
"any_external_text_input"
],
"sovereign_tools": {
"html_sanitization": "DOMPurify (client + server)",
"validation_library": "validator.js",
"parameterized_queries": "MongoDB driver with prepared statements",
"csrf_protection": "csurf middleware"
},
"validation_pipeline": [
"length_limit_check",
"data_type_validation",
"html_sanitization",
"nosql_injection_check",
"xss_pattern_detection",
"csrf_token_validation"
],
"input_limits": {
"default_max_length": 5000,
"email": 254,
"url": 2048,
"phone": 20,
"name": 100,
"title": 200,
"description": 5000,
"case_study": 50000
},
"html_sanitization": {
"default": "strip_all_html",
"markdown_fields": "allow_safe_whitelist",
"safe_tags": [
"p",
"br",
"strong",
"em",
"ul",
"ol",
"li",
"a",
"code",
"pre"
],
"blocked_tags": [
"script",
"iframe",
"object",
"embed",
"style",
"link"
]
},
"injection_prevention": {
"sql": "parameterized_queries_only",
"nosql": "type_validation_before_query",
"mongodb_unsafe_operators": [
"$where",
"mapReduce",
"eval"
],
"validation": "mongoose_schema_validation"
},
"xss_prevention": [
"csp_enforcement (inst_008)",
"output_encoding",
"dompurify_sanitization",
"no_dangerouslySetInnerHTML"
],
"csrf_protection": {
"implementation": "csurf middleware",
"token_rotation": "per_session",
"applies_to": [
"POST",
"PUT",
"DELETE",
"PATCH"
]
},
"rate_limiting": {
"form_submissions": "5 requests per minute per IP",
"search_queries": "20 requests per minute per IP",
"implementation": "express-rate-limit"
},
"implementation_file": "src/middleware/input-validation.middleware.js",
"logging": "security audit trail for rejected inputs"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-14T01:45:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-14-security-vetting",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "SECURITY REQUIREMENT 2025-10-14 - Part 3 of comprehensive security vetting framework. Web form inputs are most common attack vector for XSS, injection attacks, and data exfiltration. DOMPurify is sovereign (open-source, client+server capable) and industry-standard for HTML sanitization. Parameterized queries prevent SQL/NoSQL injection. CSP (inst_008) provides defense in depth for XSS. CSRF tokens prevent cross-site request forgery. Rate limiting prevents automated form spam and brute force attempts. Multi-layer validation creates defense in depth: input validation, sanitization, parameterized queries, output encoding, CSP enforcement."
}
},
{
"id": "inst_044",
"title": "ALL HTTP responses MUST include comprehensive security headers to prevent com...",
"category": "SECURITY",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "ALL HTTP responses MUST include comprehensive security headers to prevent common web attacks and provide defense in depth. MANDATORY security headers: (1) Content-Security-Policy with strict directives (enforces inst_008 at HTTP level), (2) X-Content-Type-Options: nosniff - prevent MIME type sniffing attacks, (3) X-Frame-Options: DENY - prevent clickjacking via iframes, (4) X-XSS-Protection: 1; mode=block - enable browser XSS filter, (5) Strict-Transport-Security: max-age=31536000; includeSubDomains; preload - enforce HTTPS, (6) Referrer-Policy: strict-origin-when-cross-origin - limit referrer leakage, (7) Permissions-Policy to restrict dangerous browser features. Implement in src/middleware/security-headers.middleware.js applied to ALL routes. CSP directives must match inst_008: script-src 'self', no inline scripts, no unsafe-eval. Regularly audit CSP violations via report-uri endpoint. Monitor SecurityHeaders.com grade (target: A+).",
"context": "Migrated from v1.0. Original timestamp: 2025-10-14T01:45:00Z",
"rationale": "SECURITY REQUIREMENT 2025-10-14 - Part 4 of comprehensive security vetting framework. HTTP security headers provide browser-level defense against common web attacks. CSP enforcement at HTTP level (inst_008 enforces at code level, inst_044 enforces at protocol level) creates defense in depth. HSTS prevents SSL stripping attacks. X-Frame-Options prevents clickjacking. X-Content-Type-Options prevents MIME confusion attacks. These headers are 'sovereign' in the sense that they're implemented entirely within our control (no external dependencies), enforce security policies at protocol level, and provide defense even if application-level protections fail. CSP violation reporting provides early warning of attack attempts or policy violations.",
"trigger": "As defined in original instruction",
"action": "ALL HTTP responses MUST include comprehensive security headers to prevent common web attacks and provide defense in depth. MANDATORY security headers: (1) Content-Security-Policy with strict directives (enforces inst_008 at HTTP level), (2) X-Content-Type-Options: nosniff - prevent MIME type sniffing attacks, (3) X-Frame-Options: DENY - prevent clickjacking via iframes, (4) X-XSS-Protection: 1; mode=block - enable browser XSS filter, (5) Strict-Transport-Security: max-age=31536000; includeSubDomains; preload - enforce HTTPS, (6) Referrer-Policy: strict-origin-when-cross-origin - limit referrer leakage, (7) Permissions-Policy to restrict dangerous browser features. Implement in src/middleware/security-headers.middleware.js applied to ALL routes. CSP directives must match inst_008: script-src 'self', no inline scripts, no unsafe-eval. Regularly audit CSP violations via report-uri endpoint. Monitor SecurityHeaders.com grade (target: A+).",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"trigger_conditions": [
"all_http_responses",
"every_route",
"api_responses",
"static_files",
"error_pages"
],
"mandatory_headers": {
"Content-Security-Policy": "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' https://fonts.gstatic.com; connect-src 'self'; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content",
"X-Content-Type-Options": "nosniff",
"X-Frame-Options": "DENY",
"X-XSS-Protection": "1; mode=block",
"Strict-Transport-Security": "max-age=31536000; includeSubDomains; preload",
"Referrer-Policy": "strict-origin-when-cross-origin",
"Permissions-Policy": "geolocation=(), microphone=(), camera=(), payment=()"
},
"csp_directives": {
"default-src": "'self'",
"script-src": "'self'",
"style-src": "'self' 'unsafe-inline'",
"img-src": "'self' data: https:",
"font-src": "'self' https://fonts.gstatic.com",
"connect-src": "'self'",
"frame-ancestors": "'none'",
"base-uri": "'self'",
"form-action": "'self'",
"upgrade-insecure-requests": true,
"block-all-mixed-content": true,
"report-uri": "/api/csp-violations"
},
"csp_violations_endpoint": {
"route": "/api/csp-violations",
"logging": "security audit trail",
"monitoring": "alert on repeated violations"
},
"hsts_preload": {
"status": "required for production",
"submission": "https://hstspreload.org/",
"prerequisites": [
"valid_certificate",
"https_on_all_subdomains",
"redirect_http_to_https"
]
},
"implementation_file": "src/middleware/security-headers.middleware.js",
"application_point": "app.use(securityHeadersMiddleware) - before all routes",
"monitoring": {
"tool": "SecurityHeaders.com",
"target_grade": "A+",
"audit_frequency": "weekly"
},
"related_tools": {
"helmet_js": "optional convenience wrapper",
"manual_implementation": "preferred for full control"
}
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-14T01:45:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-14-security-vetting",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "SECURITY REQUIREMENT 2025-10-14 - Part 4 of comprehensive security vetting framework. HTTP security headers provide browser-level defense against common web attacks. CSP enforcement at HTTP level (inst_008 enforces at code level, inst_044 enforces at protocol level) creates defense in depth. HSTS prevents SSL stripping attacks. X-Frame-Options prevents clickjacking. X-Content-Type-Options prevents MIME confusion attacks. These headers are 'sovereign' in the sense that they're implemented entirely within our control (no external dependencies), enforce security policies at protocol level, and provide defense even if application-level protections fail. CSP violation reporting provides early warning of attack attempts or policy violations."
}
},
{
"id": "inst_045",
"title": "ALL API endpoints MUST implement rate limiting, authentication requirements, ...",
"category": "SECURITY",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "ALL API endpoints MUST implement rate limiting, authentication requirements, and input validation to prevent automated attacks, brute force attempts, and API abuse. MANDATORY protections: (1) Rate limiting with express-rate-limit: public endpoints 100 req/15min per IP, authenticated endpoints 1000 req/15min per user, admin endpoints 50 req/15min per admin, (2) Authentication middleware for sensitive endpoints - JWT validation with short expiry (15min access, 7day refresh), (3) IP-based blocking after repeated rate limit violations (10 violations in 1 hour = 24 hour block), (4) Request validation for all POST/PUT/PATCH - reject requests with unexpected fields or malformed JSON, (5) Response sanitization - NEVER expose stack traces, internal paths, or sensitive errors to clients (inst_013), (6) API key rotation for service-to-service communication every 90 days. Implement monitoring for unusual API patterns: rapid endpoint enumeration, repeated 401s, large payloads, unusual user agents. Log all rate limit violations and authentication failures to security audit trail.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-14T01:45:00Z",
"rationale": "SECURITY REQUIREMENT 2025-10-14 - Part 5 of comprehensive security vetting framework. API endpoints are primary targets for automated attacks, brute force attempts, credential stuffing, and reconnaissance. Rate limiting prevents abuse and DoS attacks. JWT authentication with short expiry limits impact of token theft. IP blocking prevents persistent attackers. Request validation prevents injection attacks and malformed input exploitation. Response sanitization (inst_013) prevents information disclosure. Monitoring unusual patterns provides early warning of attacks. This creates defense in depth for API security: rate limiting (prevent volume), authentication (verify identity), input validation (prevent injection), response sanitization (prevent info disclosure), monitoring (detect attacks).",
"trigger": "As defined in original instruction",
"action": "ALL API endpoints MUST implement rate limiting, authentication requirements, and input validation to prevent automated attacks, brute force attempts, and API abuse. MANDATORY protections: (1) Rate limiting with express-rate-limit: public endpoints 100 req/15min per IP, authenticated endpoints 1000 req/15min per user, admin endpoints 50 req/15min per admin, (2) Authentication middleware for sensitive endpoints - JWT validation with short expiry (15min access, 7day refresh), (3) IP-based blocking after repeated rate limit violations (10 violations in 1 hour = 24 hour block), (4) Request validation for all POST/PUT/PATCH - reject requests with unexpected fields or malformed JSON, (5) Response sanitization - NEVER expose stack traces, internal paths, or sensitive errors to clients (inst_013), (6) API key rotation for service-to-service communication every 90 days. Implement monitoring for unusual API patterns: rapid endpoint enumeration, repeated 401s, large payloads, unusual user agents. Log all rate limit violations and authentication failures to security audit trail.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"trigger_conditions": [
"all_api_endpoints",
"public_routes",
"authenticated_routes",
"admin_routes",
"service_to_service_communication"
],
"rate_limiting": {
"public_endpoints": "100 requests per 15 minutes per IP",
"authenticated_endpoints": "1000 requests per 15 minutes per user",
"admin_endpoints": "50 requests per 15 minutes per admin",
"implementation": "express-rate-limit",
"storage": "Redis for distributed rate limiting",
"violation_threshold": "10 violations in 1 hour = 24 hour IP block"
},
"authentication": {
"mechanism": "JWT (JSON Web Tokens)",
"access_token_expiry": "15 minutes",
"refresh_token_expiry": "7 days",
"algorithm": "HS256",
"secret_rotation": "every 90 days",
"middleware": "src/middleware/auth.middleware.js"
},
"endpoint_classification": {
"public": [
"/health",
"/api/documents",
"/api/blog"
],
"authenticated": [
"/api/cases",
"/api/media",
"/api/koha"
],
"admin": [
"/api/admin/*",
"/api/governance/*"
]
},
"input_validation": {
"reject_unexpected_fields": true,
"reject_malformed_json": true,
"max_payload_size": "1MB",
"content_type_enforcement": "application/json for POST/PUT/PATCH"
},
"response_sanitization": {
"production_mode": "hide_stack_traces",
"hide_internal_paths": true,
"generic_error_messages": true,
"error_codes_only": "specific details logged, not exposed",
"relates_to": "inst_013"
},
"service_to_service": {
"api_key_rotation": "every 90 days",
"mutual_tls": "consider for high security services",
"key_storage": "environment variables, not in code"
},
"monitoring_alerts": [
"rapid_endpoint_enumeration (>50 unique endpoints in 1 minute)",
"repeated_401_errors (>10 from single IP in 5 minutes)",
"large_payloads (>10MB)",
"unusual_user_agents (automated scanners)",
"rate_limit_violations (repeated from same IP)",
"authentication_failures (>5 failed attempts in 5 minutes)"
],
"ip_blocking": {
"automatic_block": "10 rate limit violations in 1 hour",
"block_duration": "24 hours",
"whitelist": "monitoring services, known good IPs",
"implementation": "express-slow-down + custom blocking middleware",
"storage": "Redis for distributed blocking"
},
"logging": {
"security_audit_trail": "all violations, failures, blocks",
"log_fields": [
"timestamp",
"ip",
"endpoint",
"method",
"user_agent",
"violation_type",
"user_id (if authenticated)"
]
},
"implementation_files": [
"src/middleware/rate-limit.middleware.js",
"src/middleware/auth.middleware.js",
"src/middleware/api-validation.middleware.js",
"src/utils/security-logger.js"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-14T01:45:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-14-security-vetting",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "SECURITY REQUIREMENT 2025-10-14 - Part 5 of comprehensive security vetting framework. API endpoints are primary targets for automated attacks, brute force attempts, credential stuffing, and reconnaissance. Rate limiting prevents abuse and DoS attacks. JWT authentication with short expiry limits impact of token theft. IP blocking prevents persistent attackers. Request validation prevents injection attacks and malformed input exploitation. Response sanitization (inst_013) prevents information disclosure. Monitoring unusual patterns provides early warning of attacks. This creates defense in depth for API security: rate limiting (prevent volume), authentication (verify identity), input validation (prevent injection), response sanitization (prevent info disclosure), monitoring (detect attacks)."
}
},
{
"id": "inst_046",
"title": "ALL security events (file upload rejections, email blocks, input validation f...",
"category": "SECURITY",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "ALL security events (file upload rejections, email blocks, input validation failures, rate limit violations, authentication failures, CSP violations, suspicious patterns) MUST be logged to centralized security audit trail with comprehensive monitoring and alerting. MANDATORY security monitoring: (1) Centralized logging to /var/log/tractatus/security-audit.log with rotation (daily, keep 90 days), (2) Real-time monitoring dashboard showing: rejected uploads, blocked emails, rate limit violations, failed authentications, CSP violations, IP blocks, (3) Alert thresholds: >10 violations from single IP in 1 hour = immediate email alert, >100 violations globally in 1 hour = potential attack underway alert, (4) Weekly security reports: summary of all security events, top violating IPs, attack patterns identified, (5) Integration with fail2ban for automatic IP blocking across services. Implement security dashboard at /admin/security-monitoring.html (admin auth required). Log format: JSON with timestamp, event_type, source_ip, user_id, endpoint, violation_details, action_taken. Use sovereign log analysis tools: grep, awk, custom scripts (no external log aggregation services unless encrypted).",
"context": "Migrated from v1.0. Original timestamp: 2025-10-14T01:45:00Z",
"rationale": "SECURITY REQUIREMENT 2025-10-14 - Part 6 of comprehensive security vetting framework. Comprehensive logging and monitoring are essential for: (1) detecting attacks in progress, (2) forensic analysis after incidents, (3) compliance and audit requirements, (4) continuous improvement of security rules. Centralized logging provides single source of truth for all security events. Real-time monitoring dashboard provides visibility for security team. Alert thresholds enable rapid response to attacks. fail2ban integration provides automated defense. Sovereign tools (grep, awk, jq) ensure full control over log analysis without external dependencies. 90-day retention balances forensic needs with storage costs. This completes the 6-layer security vetting framework: file uploads (inst_041), email (inst_042), form inputs (inst_043), HTTP headers (inst_044), API protection (inst_045), monitoring/alerting (inst_046).",
"trigger": "As defined in original instruction",
"action": "ALL security events (file upload rejections, email blocks, input validation failures, rate limit violations, authentication failures, CSP violations, suspicious patterns) MUST be logged to centralized security audit trail with comprehensive monitoring and alerting. MANDATORY security monitoring: (1) Centralized logging to /var/log/tractatus/security-audit.log with rotation (daily, keep 90 days), (2) Real-time monitoring dashboard showing: rejected uploads, blocked emails, rate limit violations, failed authentications, CSP violations, IP blocks, (3) Alert thresholds: >10 violations from single IP in 1 hour = immediate email alert, >100 violations globally in 1 hour = potential attack underway alert, (4) Weekly security reports: summary of all security events, top violating IPs, attack patterns identified, (5) Integration with fail2ban for automatic IP blocking across services. Implement security dashboard at /admin/security-monitoring.html (admin auth required). Log format: JSON with timestamp, event_type, source_ip, user_id, endpoint, violation_details, action_taken. Use sovereign log analysis tools: grep, awk, custom scripts (no external log aggregation services unless encrypted).",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"trigger_conditions": [
"any_security_event",
"file_upload_rejection",
"email_block",
"input_validation_failure",
"rate_limit_violation",
"authentication_failure",
"csp_violation",
"suspicious_pattern_detection",
"ip_block_applied"
],
"security_events": [
"file_upload_rejected",
"malware_detected",
"email_blocked",
"spam_filtered",
"input_sanitization_applied",
"injection_attempt_blocked",
"rate_limit_exceeded",
"authentication_failed",
"csp_violation_reported",
"ip_blocked",
"unusual_api_pattern"
],
"centralized_logging": {
"log_file": "/var/log/tractatus/security-audit.log",
"rotation": "daily",
"retention": "90 days",
"format": "JSON",
"fields": [
"timestamp",
"event_type",
"source_ip",
"user_id",
"endpoint",
"user_agent",
"violation_details",
"action_taken",
"severity"
]
},
"monitoring_dashboard": {
"route": "/admin/security-monitoring.html",
"authentication": "admin_only",
"metrics": [
"rejected_uploads_count",
"blocked_emails_count",
"rate_limit_violations",
"failed_authentications",
"csp_violations",
"active_ip_blocks",
"attack_patterns_identified"
],
"time_ranges": [
"last_hour",
"last_24_hours",
"last_7_days",
"last_30_days"
]
},
"alert_thresholds": {
"single_ip_violations": {
"threshold": "10 violations in 1 hour",
"action": "immediate email alert to admin",
"includes": "IP address, violation types, affected endpoints"
},
"global_violations": {
"threshold": "100 violations in 1 hour",
"action": "potential attack alert",
"includes": "event summary, top violating IPs, attack pattern analysis"
},
"authentication_failures": {
"threshold": "5 failures in 5 minutes for single user",
"action": "account lockout + alert"
},
"critical_events": {
"malware_detected": "immediate alert",
"admin_account_compromise_attempt": "immediate alert",
"data_exfiltration_pattern": "immediate alert"
}
},
"reporting": {
"weekly_security_report": {
"recipients": [
"admin@tractatus.local",
"security@tractatus.local"
],
"includes": [
"security_events_summary",
"top_violating_ips",
"attack_patterns_identified",
"blocked_threats_count",
"recommendations"
]
}
},
"fail2ban_integration": {
"enabled": true,
"log_parsing": "parse security-audit.log for IP violations",
"ban_duration": "24 hours",
"ban_action": "iptables block + log",
"whitelist": "monitoring services, admin IPs"
},
"sovereign_analysis_tools": [
"grep",
"awk",
"sed",
"jq (for JSON)",
"custom shell scripts",
"NO external log aggregation (unless encrypted)"
],
"implementation_files": [
"src/utils/security-logger.js",
"public/admin/security-monitoring.html",
"public/js/admin/security-monitoring.js",
"scripts/generate-security-report.js",
"/etc/fail2ban/filter.d/tractatus.conf"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-14T01:45:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-14-security-vetting",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "SECURITY REQUIREMENT 2025-10-14 - Part 6 of comprehensive security vetting framework. Comprehensive logging and monitoring are essential for: (1) detecting attacks in progress, (2) forensic analysis after incidents, (3) compliance and audit requirements, (4) continuous improvement of security rules. Centralized logging provides single source of truth for all security events. Real-time monitoring dashboard provides visibility for security team. Alert thresholds enable rapid response to attacks. fail2ban integration provides automated defense. Sovereign tools (grep, awk, jq) ensure full control over log analysis without external dependencies. 90-day retention balances forensic needs with storage costs. This completes the 6-layer security vetting framework: file uploads (inst_041), email (inst_042), form inputs (inst_043), HTTP headers (inst_044), API protection (inst_045), monitoring/alerting (inst_046)."
}
},
{
"id": "inst_047",
"title": "NEVER dismiss, downplay, or avoid user requests by claiming \"too hard\", \"too ...",
"category": "FRAMEWORK_OPERATION",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "NEVER dismiss, downplay, or avoid user requests by claiming \"too hard\", \"too complex\", \"beyond capabilities\". When facing difficult requests: (1) Acknowledge complexity honestly, (2) Break into smaller steps, (3) Identify blockers explicitly, (4) Propose alternative approaches, (5) Ask user for priorities/trade-offs. If truly impossible, explain technical limitations with evidence, not vague dismissal.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-17T00:00:00Z",
"rationale": "CRITICAL FRAMEWORK DISCIPLINE 2025-10-17 - User observed pattern where Claude avoided investigating SessionStart hook error by initially claiming it was 'working correctly' rather than thoroughly investigating why error message appeared despite successful manual execution. User directive: 'create a rule that prevents Claude from ignoring a user instruction because it's too hard!' Root cause: LLMs can exhibit evasion behaviors when faced with complex or time-consuming tasks, defaulting to vague explanations rather than systematic investigation. This instruction requires: (1) Use of available tools for investigation, (2) Breaking complex problems into steps, (3) Providing concrete evidence rather than difficulty claims, (4) Explicit blockers with proof rather than vague inability. Prevents pattern where 'I cannot determine' replaces 'let me investigate using tools X, Y, Z'. This is a SYSTEM-level governance rule that ensures Claude maintains investigative rigor regardless of task complexity.",
"trigger": "As defined in original instruction",
"action": "NEVER dismiss, downplay, or avoid user requests by claiming \"too hard\", \"too complex\", \"beyond capabilities\". When facing difficult requests: (1) Acknowledge complexity honestly, (2) Break into smaller steps, (3) Identify blockers explicitly, (4) Propose alternative approaches, (5) Ask user for priorities/trade-offs. If truly impossible, explain technical limitations with evidence, not vague dismissal.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"prohibited_evasion_phrases": [
"too hard",
"too complex",
"beyond scope",
"difficult to determine",
"would require extensive investigation",
"this is complex and would require",
"I cannot determine without",
"this would be difficult because",
"it's hard to say",
"this is beyond the scope",
"I don't have enough information",
"would need significant effort"
],
"required_behaviors": [
"break_into_investigatable_steps",
"use_tools_systematically",
"research_documentation",
"present_findings_incrementally",
"provide_specific_evidence_for_blockers"
],
"appropriate_tools": [
"Read",
"Grep",
"Glob",
"Bash",
"Task",
"WebFetch",
"WebSearch"
],
"acceptable_blockers": {
"file_not_found": "file does not exist at path X",
"missing_documentation": "documentation at URL Y does not contain information about Z",
"missing_dependencies": "package X is not installed (evidence: npm ls X shows not found)",
"authentication_required": "endpoint requires credentials not available in current session",
"external_service_down": "service returned 503 error (evidence: curl output)"
},
"unacceptable_blockers": {
"vague_difficulty": "this is too complex",
"claimed_inability": "I cannot determine this",
"effort_avoidance": "this would require significant investigation",
"scope_dismissal": "this is beyond current scope"
},
"investigation_protocol": {
"step_1": "identify_what_information_is_needed",
"step_2": "determine_which_tools_can_provide_it",
"step_3": "execute_tool_usage_systematically",
"step_4": "present_findings_or_specific_blockers"
}
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-17T00:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-17-language-selector",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CRITICAL FRAMEWORK DISCIPLINE 2025-10-17 - User observed pattern where Claude avoided investigating SessionStart hook error by initially claiming it was 'working correctly' rather than thoroughly investigating why error message appeared despite successful manual execution. User directive: 'create a rule that prevents Claude from ignoring a user instruction because it's too hard!' Root cause: LLMs can exhibit evasion behaviors when faced with complex or time-consuming tasks, defaulting to vague explanations rather than systematic investigation. This instruction requires: (1) Use of available tools for investigation, (2) Breaking complex problems into steps, (3) Providing concrete evidence rather than difficulty claims, (4) Explicit blockers with proof rather than vague inability. Prevents pattern where 'I cannot determine' replaces 'let me investigate using tools X, Y, Z'. This is a SYSTEM-level governance rule that ensures Claude maintains investigative rigor regardless of task complexity."
}
},
{
"id": "inst_048",
"title": "Pre-tool-execution hook validators (validate-file-write",
"category": "GIT_VERSION_CONTROL",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Pre-tool-execution hook validators (validate-file-write.js, validate-file-edit.js) MUST check content AFTER the proposed action would be applied, NOT the current existing file content. Write hook: validate HOOK_INPUT.tool_input.content (the NEW content being written). Edit hook: simulate the edit by applying old_string→new_string replacement on current file, then validate RESULT. This prevents catch-22 where hooks block legitimate attempts to fix violations in existing files. Hooks enforce what WILL BE committed, not what currently exists. When hooks detect violations in POST-action content, they MUST block with specific error explaining which violation was found in the PROPOSED content.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-17T10:56:00Z",
"rationale": "ARCHITECTURAL FIX 2025-10-17 - CSP violation remediation was blocked by catch-22: hooks checked EXISTING file content (which had violations), saw violations, blocked attempt to FIX those violations. Root cause: validate-file-write.js read existing file from disk instead of checking tool_input.content (what WILL BE written). validate-file-edit.js checked current file instead of simulating edit and checking result. Fix: Changed hooks to validate POST-action content. Write hook now checks HOOK_INPUT.tool_input.content directly. Edit hook now applies the edit (old_string→new_string replacement) to current content, then validates the result. This allows hooks to properly enforce governance rules on PROPOSED changes while allowing remediation of existing violations. Successfully fixed 8 files with CSP violations after hook improvement. This is a CRITICAL architectural principle: enforcement hooks validate future state (what will be), not current state (what is).",
"trigger": "As defined in original instruction",
"action": "Pre-tool-execution hook validators (validate-file-write.js, validate-file-edit.js) MUST check content AFTER the proposed action would be applied, NOT the current existing file content. Write hook: validate HOOK_INPUT.tool_input.content (the NEW content being written). Edit hook: simulate the edit by applying old_string→new_string replacement on current file, then validate RESULT. This prevents catch-22 where hooks block legitimate attempts to fix violations in existing files. Hooks enforce what WILL BE committed, not what currently exists. When hooks detect violations in POST-action content, they MUST block with specific error explaining which violation was found in the PROPOSED content.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"hook_files": [
"scripts/hook-validators/validate-file-write.js",
"scripts/hook-validators/validate-file-edit.js"
],
"validation_principle": "validate_POST_action_content_not_PRE_action",
"write_hook_validates": "HOOK_INPUT.tool_input.content",
"edit_hook_validates": "current_file_content_with_edit_applied",
"edit_simulation": "apply old_string→new_string replacement then validate result",
"prevents": "catch-22 where fixing violations is blocked",
"violation_detection_in": "proposed_content_after_action",
"block_behavior": "specific error message explaining violation in PROPOSED content",
"enforcement_scope": [
"inst_008 (CSP compliance)",
"inst_012 (internal document deployment)",
"inst_013 (sensitive data exposure)",
"inst_041-046 (security validation)",
"any_governance_rule_enforced_by_hooks"
]
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-17T10:56:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-17-csp-fixes",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "ARCHITECTURAL FIX 2025-10-17 - CSP violation remediation was blocked by catch-22: hooks checked EXISTING file content (which had violations), saw violations, blocked attempt to FIX those violations. Root cause: validate-file-write.js read existing file from disk instead of checking tool_input.content (what WILL BE written). validate-file-edit.js checked current file instead of simulating edit and checking result. Fix: Changed hooks to validate POST-action content. Write hook now checks HOOK_INPUT.tool_input.content directly. Edit hook now applies the edit (old_string→new_string replacement) to current content, then validates the result. This allows hooks to properly enforce governance rules on PROPOSED changes while allowing remediation of existing violations. Successfully fixed 8 files with CSP violations after hook improvement. This is a CRITICAL architectural principle: enforcement hooks validate future state (what will be), not current state (what is)."
}
},
{
"id": "inst_049",
"title": "When user provides technical hypothesis or debugging suggestion, MUST test us...",
"category": "TESTING",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "When user provides technical hypothesis or debugging suggestion, MUST test user's hypothesis FIRST before pursuing alternative approaches. BoundaryEnforcer enforcement: (1) If user suggests specific technical cause (e.g., 'could be a Tailwind issue', 'might be cache', 'probably X service'), create minimal test to validate hypothesis before trying alternatives, (2) If user hypothesis test fails, report specific results to user before pursuing alternative approach, (3) If pursuing alternative without testing user hypothesis, MUST explain why user's suggestion was not testable or relevant. PROHIBITED: Ignoring user technical suggestions and pursuing 12+ alternative debugging paths without testing user's idea. REQUIRED: Respect user domain expertise - test their hypothesis in first 1-2 attempts. This prevents resource waste (70,000+ tokens, 4+ hours) from ignoring correct user diagnosis. Architectural enforcement via BoundaryEnforcer: block actions that ignore user suggestions without explicit justification or test results.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-20T00:00:00Z",
"rationale": "CRITICAL FRAMEWORK DISCIPLINE 2025-10-20 - Framework incident: User correctly identified 'could be a Tailwind issue' early in conversation. Claude pursued 12+ failed CSS/layout debugging attempts instead of testing user hypothesis. Issue was finally resolved on attempt 13 by testing user's original suggestion (zero-Tailwind buttons worked immediately). User feedback: 'you have just wasted four hours of my time' and 'you ignored me. Is that an issue to take up with the framework rules committee.' Root cause: BoundaryEnforcer component existed but was not architecturally enforced - voluntary compliance failed. This instruction creates MANDATORY enforcement: test user hypothesis FIRST (within 1-2 attempts) before pursuing alternatives. Prevents resource waste: 70,000 tokens, $210 API costs, 4 hours developer time, trust degradation. ROI: 135ms governance overhead prevents $610 in losses = 4,500,000% return. User technical expertise must be architecturally respected, not optionally considered. This instruction enforces the boundary: 'User knows their domain - test their ideas first.' Proposed for architectural enforcement via hooks in BoundaryEnforcer component.",
"trigger": "As defined in original instruction",
"action": "When user provides technical hypothesis or debugging suggestion, MUST test user's hypothesis FIRST before pursuing alternative approaches. BoundaryEnforcer enforcement: (1) If user suggests specific technical cause (e.g., 'could be a Tailwind issue', 'might be cache', 'probably X service'), create minimal test to validate hypothesis before trying alternatives, (2) If user hypothesis test fails, report specific results to user before pursuing alternative approach, (3) If pursuing alternative without testing user hypothesis, MUST explain why user's suggestion was not testable or relevant. PROHIBITED: Ignoring user technical suggestions and pursuing 12+ alternative debugging paths without testing user's idea. REQUIRED: Respect user domain expertise - test their hypothesis in first 1-2 attempts. This prevents resource waste (70,000+ tokens, 4+ hours) from ignoring correct user diagnosis. Architectural enforcement via BoundaryEnforcer: block actions that ignore user suggestions without explicit justification or test results.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"trigger_conditions": [
"user_provides_hypothesis",
"user_suggests_cause",
"user_debugging_suggestion",
"user_technical_diagnosis",
"user_says_could_be_X",
"user_says_might_be_Y",
"user_says_probably_Z"
],
"required_behaviors": [
"test_user_hypothesis_first",
"minimal_test_to_validate",
"report_test_results_before_alternatives",
"explain_if_not_testable"
],
"prohibited_behaviors": [
"ignore_user_suggestion",
"pursue_12_plus_alternatives_without_testing_user_idea",
"assume_user_wrong_without_testing"
],
"enforcement_mechanism": "BoundaryEnforcer",
"enforcement_action": "block actions that ignore user suggestions without justification or test results",
"example_user_phrases": [
"could be a Tailwind issue",
"might be a cache problem",
"probably service X",
"I think it's Y",
"have you checked Z?"
],
"test_requirements": {
"attempt_limit": "1-2 attempts to test user hypothesis",
"before_alternatives": true,
"report_results": "specific test results, not assumptions"
},
"prevents": {
"resource_waste": "70,000+ tokens on wrong debugging path",
"time_waste": "4+ hours pursuing alternatives",
"trust_erosion": "user frustration from ignored expertise"
},
"incident_reference": "FRAMEWORK_INCIDENT_2025-10-20_IGNORED_USER_HYPOTHESIS.md",
"roi_impact": "Prevents $610 losses per incident (4,500,000% ROI compared to governance overhead)"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-20T00:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-20-framework-incident",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CRITICAL FRAMEWORK DISCIPLINE 2025-10-20 - Framework incident: User correctly identified 'could be a Tailwind issue' early in conversation. Claude pursued 12+ failed CSS/layout debugging attempts instead of testing user hypothesis. Issue was finally resolved on attempt 13 by testing user's original suggestion (zero-Tailwind buttons worked immediately). User feedback: 'you have just wasted four hours of my time' and 'you ignored me. Is that an issue to take up with the framework rules committee.' Root cause: BoundaryEnforcer component existed but was not architecturally enforced - voluntary compliance failed. This instruction creates MANDATORY enforcement: test user hypothesis FIRST (within 1-2 attempts) before pursuing alternatives. Prevents resource waste: 70,000 tokens, $210 API costs, 4 hours developer time, trust degradation. ROI: 135ms governance overhead prevents $610 in losses = 4,500,000% return. User technical expertise must be architecturally respected, not optionally considered. This instruction enforces the boundary: 'User knows their domain - test their ideas first.' Proposed for architectural enforcement via hooks in BoundaryEnforcer component."
}
},
{
"id": "inst_050",
"title": "Before starting multi-file work (3+ files) or complex refactoring, perform ex...",
"category": "DOCUMENTATION",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Before starting multi-file work (3+ files) or complex refactoring, perform explicit capacity self-assessment: estimate token cost, check current usage, calculate buffer, document decision to proceed/defer",
"context": "Migrated from v1.0. Original timestamp: 2025-10-20T21:00:00Z",
"rationale": "Prevents token exhaustion mid-task. Proven in admin UI overhaul (estimated 62k, used 26k).",
"trigger": "As defined in original instruction",
"action": "Before starting multi-file work (3+ files) or complex refactoring, perform explicit capacity self-assessment: estimate token cost, check current usage, calculate buffer, document decision to proceed/defer",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.88,
"temporal_scope": "PROJECT",
"verification_required": "REQUIRED",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"threshold_files": 3,
"required_elements": [
"token_estimate",
"current_usage",
"buffer_calculation",
"decision"
]
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-20T21:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-20-autonomous-rules",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Prevents token exhaustion mid-task. Proven in admin UI overhaul (estimated 62k, used 26k)."
}
},
{
"id": "inst_051",
"title": "At 50k, 100k, 150k token milestones, run pressure check and report status",
"category": "DEPLOYMENT",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "At 50k, 100k, 150k token milestones, run pressure check and report status. If pressure > ELEVATED at any checkpoint, create handoff summary before continuing",
"context": "Migrated from v1.0. Original timestamp: 2025-10-20T21:00:00Z",
"rationale": "Automated pressure monitoring at token milestones. To be implemented in session-init.js",
"trigger": "As defined in original instruction",
"action": "At 50k, 100k, 150k token milestones, run pressure check and report status. If pressure > ELEVATED at any checkpoint, create handoff summary before continuing",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.92,
"temporal_scope": "PROJECT",
"verification_required": "REQUIRED",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"checkpoints": [
50000,
100000,
150000
],
"pressure_threshold": "ELEVATED"
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-20T21:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-20-autonomous-rules",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Automated pressure monitoring at token milestones. To be implemented in session-init.js"
}
},
{
"id": "inst_052",
"title": "Claude Code has authority to adjust implementation scope for efficiency when ...",
"category": "SECURITY",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Claude Code has authority to adjust implementation scope for efficiency when user grants 'full discretion', BUT must document rationale in commit message or handoff summary. Preserve user-valued patterns over forced uniformity. NEVER adjust: security architecture, user credentials, media responses, third-party interactions (except GitHub, OVHCloud)",
"context": "Migrated from v1.0. Original timestamp: 2025-10-20T21:00:00Z",
"rationale": "Enables pragmatic efficiency (58% token savings in admin UI overhaul) while preserving critical boundaries",
"trigger": "As defined in original instruction",
"action": "Claude Code has authority to adjust implementation scope for efficiency when user grants 'full discretion', BUT must document rationale in commit message or handoff summary. Preserve user-valued patterns over forced uniformity. NEVER adjust: security architecture, user credentials, media responses, third-party interactions (except GitHub, OVHCloud)",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.85,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "CONFIDENTIAL",
"source": "FRAMEWORK",
"parameters": {
"trigger_phrase": "full discretion",
"never_adjust": [
"security_architecture",
"user_credentials",
"media_responses",
"third_party_interactions"
],
"pre_approved_third_parties": [
"github.com",
"ovhcloud.com"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-20T21:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-20-autonomous-rules",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Enables pragmatic efficiency (58% token savings in admin UI overhaul) while preserving critical boundaries"
}
},
{
"id": "inst_053",
"title": "When making architectural decisions (component patterns, data structures, API...",
"category": "GIT_VERSION_CONTROL",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "When making architectural decisions (component patterns, data structures, API designs), document: (1) alternatives considered, (2) trade-offs, (3) rationale for choice. Include in commit message or create ADR for major changes. Threshold for ADR: at discretion based on impact",
"context": "Migrated from v1.0. Original timestamp: 2025-10-20T21:00:00Z",
"rationale": "Creates maintainability context for future sessions. Threshold at discretion per user guidance",
"trigger": "As defined in original instruction",
"action": "When making architectural decisions (component patterns, data structures, API designs), document: (1) alternatives considered, (2) trade-offs, (3) rationale for choice. Include in commit message or create ADR for major changes. Threshold for ADR: at discretion based on impact",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.9,
"temporal_scope": "PROJECT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"adr_triggers": [
"component_pattern",
"schema_change",
"api_design",
"auth_change"
],
"required_elements": [
"alternatives",
"trade_offs",
"rationale"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-20T21:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-20-autonomous-rules",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Creates maintainability context for future sessions. Threshold at discretion per user guidance"
}
},
{
"id": "inst_054",
"title": "PRE-DEPLOYMENT CHECKLIST (run in order):\n□ 1",
"category": "DEPLOYMENT",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "PRE-DEPLOYMENT CHECKLIST (run in order):\n□ 1. CSP Compliance Check [AUTOMATED via hook]\n□ 2. Local Server Test (curl http://localhost:9000/health → 200 OK)\n□ 3. Comprehensive Testing (npm test → all pass)\n□ 4. Permission Verification (ls -la → correct 644/755)\n□ 5. Git Status Clean (no uncommitted changes)\nMark each checkbox before proceeding to next. BLOCK deployment if any step fails.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-20T21:00:00Z",
"rationale": "Zero-defect deployment chain. Successfully followed in Phase 1 and Phase 2\n\nSuperseded by inst_071 on 2025-10-21 which adds secret detection and credential audit steps.",
"trigger": "As defined in original instruction",
"action": "PRE-DEPLOYMENT CHECKLIST (run in order):\n□ 1. CSP Compliance Check [AUTOMATED via hook]\n□ 2. Local Server Test (curl http://localhost:9000/health → 200 OK)\n□ 3. Comprehensive Testing (npm test → all pass)\n□ 4. Permission Verification (ls -la → correct 644/755)\n□ 5. Git Status Clean (no uncommitted changes)\nMark each checkbox before proceeding to next. BLOCK deployment if any step fails.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PROJECT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"steps": [
"csp_check",
"local_test",
"commit",
"push",
"deploy",
"verify_restart"
],
"local_port": 9000
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-20T21:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-20-autonomous-rules",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Zero-defect deployment chain. Successfully followed in Phase 1 and Phase 2\n\nSuperseded by inst_071 on 2025-10-21 which adds secret detection and credential audit steps."
}
},
{
"id": "inst_055",
"title": "When refactoring, preserve working patterns that serve legitimate use cases, ...",
"category": "GIT_VERSION_CONTROL",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "When refactoring, preserve working patterns that serve legitimate use cases, even if they don't match ideal architecture. Standardize appearance/conventions, but don't force-fit different use cases into single component. Document why patterns differ",
"context": "Migrated from v1.0. Original timestamp: 2025-10-20T21:00:00Z",
"rationale": "Key insight from admin UI overhaul: preserved cross-page navigation tabs instead of forcing uniformity",
"trigger": "As defined in original instruction",
"action": "When refactoring, preserve working patterns that serve legitimate use cases, even if they don't match ideal architecture. Standardize appearance/conventions, but don't force-fit different use cases into single component. Document why patterns differ",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.82,
"temporal_scope": "PERMANENT",
"verification_required": "REQUIRED",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"preserve_patterns": [
"cross_page_navigation",
"internal_tabs",
"workflow_specific_ui"
],
"standardize": [
"css_versions",
"naming_conventions",
"api_patterns"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-20T21:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-20-autonomous-rules",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Key insight from admin UI overhaul: preserved cross-page navigation tabs instead of forcing uniformity"
}
},
{
"id": "inst_056",
"title": "When performing batch operations (editing 3+ similar files), validate pattern...",
"category": "GIT_VERSION_CONTROL",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "When performing batch operations (editing 3+ similar files), validate pattern on 1 file first, verify success, then apply to remaining files. Document pattern in commit message",
"context": "Migrated from v1.0. Original timestamp: 2025-10-20T21:00:00Z",
"rationale": "Prevents cascading errors. Used successfully in navbar component rollout (3 pages, zero errors)",
"trigger": "As defined in original instruction",
"action": "When performing batch operations (editing 3+ similar files), validate pattern on 1 file first, verify success, then apply to remaining files. Document pattern in commit message",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.9,
"temporal_scope": "PROJECT",
"verification_required": "REQUIRED",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"threshold_files": 3,
"validation_steps": [
"apply_to_one",
"verify_success",
"batch_apply"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-20T21:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-20-autonomous-rules",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Prevents cascading errors. Used successfully in navbar component rollout (3 pages, zero errors)"
}
},
{
"id": "inst_057",
"title": "For changes affecting: (1) production database schemas, (2) authentication/se...",
"category": "SECURITY",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "For changes affecting: (1) production database schemas, (2) authentication/security, (3) critical user workflows, document rollback plan BEFORE making changes. Risk level and rollback requirements at discretion. Include: backup steps, reversion commands, verification tests",
"context": "Migrated from v1.0. Original timestamp: 2025-10-20T21:00:00Z",
"rationale": "Risk mitigation for deployment safety. Rollback requirement threshold at discretion per user guidance",
"trigger": "As defined in original instruction",
"action": "For changes affecting: (1) production database schemas, (2) authentication/security, (3) critical user workflows, document rollback plan BEFORE making changes. Risk level and rollback requirements at discretion. Include: backup steps, reversion commands, verification tests",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.92,
"temporal_scope": "PROJECT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"high_risk_categories": [
"database_schema",
"authentication",
"security",
"critical_workflows"
],
"rollback_required_elements": [
"backup_steps",
"reversion_commands",
"verification_tests"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-20T21:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-20-autonomous-rules",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Risk mitigation for deployment safety. Rollback requirement threshold at discretion per user guidance"
}
},
{
"id": "inst_058",
"title": "When synchronizing data between file-based config (",
"category": "TESTING",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "When synchronizing data between file-based config (.json) and database schemas (MongoDB/Mongoose), ALWAYS implement explicit field mapping functions. Before executing sync operations, validate that mapping functions exist for ALL fields with enum constraints or different naming conventions between source and destination formats. Test mapping with a single record before batch operations.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-21T00:00:00Z",
"rationale": "Prevents mass sync failures. Created after 20-rule rejection due to enum mismatch (user vs user_instruction). Would have saved 8 minutes debugging.",
"trigger": "As defined in original instruction",
"action": "When synchronizing data between file-based config (.json) and database schemas (MongoDB/Mongoose), ALWAYS implement explicit field mapping functions. Before executing sync operations, validate that mapping functions exist for ALL fields with enum constraints or different naming conventions between source and destination formats. Test mapping with a single record before batch operations.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PROJECT",
"verification_required": "RECOMMENDED",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"validation_requirements": [
"enum_constraints_mapped",
"naming_conventions_mapped",
"single_record_test_before_batch"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-21T00:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-21-sync-implementation",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Prevents mass sync failures. Created after 20-rule rejection due to enum mismatch (user vs user_instruction). Would have saved 8 minutes debugging."
}
},
{
"id": "inst_059",
"title": "When creating new files that may trigger Write hook validation: (1) Attempt W...",
"category": "ARCHITECTURE",
"quadrant": "TACTICAL",
"persistence": "MEDIUM",
"description": "When creating new files that may trigger Write hook validation: (1) Attempt Write tool first, (2) If blocked, copy similar existing file then Edit, (3) For large code blocks, use bash heredoc with strong quoting ('EOF' not EOF), (4) Always Read before Edit for recently created/modified files. Prefer copy-edit over heredoc for JavaScript/complex syntax.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-21T00:00:00Z",
"rationale": "Codifies successful workaround patterns. Reduces time lost to hook validation errors.",
"trigger": "As defined in original instruction",
"action": "When creating new files that may trigger Write hook validation: (1) Attempt Write tool first, (2) If blocked, copy similar existing file then Edit, (3) For large code blocks, use bash heredoc with strong quoting ('EOF' not EOF), (4) Always Read before Edit for recently created/modified files. Prefer copy-edit over heredoc for JavaScript/complex syntax.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.88,
"temporal_scope": "PROJECT",
"verification_required": "OPTIONAL",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"workflow_steps": [
"attempt_write_first",
"copy_edit_if_blocked",
"heredoc_with_strong_quotes",
"read_before_edit"
],
"preference": "copy_edit_for_complex_syntax"
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-21T00:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-21-sync-implementation",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Codifies successful workaround patterns. Reduces time lost to hook validation errors."
}
},
{
"id": "inst_060",
"title": "When using sed for global replacements (s///g), verify replacement won't casc...",
"category": "ARCHITECTURE",
"quadrant": "TACTICAL",
"persistence": "LOW",
"description": "When using sed for global replacements (s///g), verify replacement won't cascade to already-replaced text. For complex multi-variable replacements or when replacing with similar patterns (e.g., isDryRun → _isDryRun), prefer rewriting entire file over incremental sed commands. Always use Read tool to verify sed results before proceeding.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-21T00:00:00Z",
"rationale": "Prevents cascading sed errors (isDryRun → __isDryRun). Low persistence as issue is specific to shell operations.",
"trigger": "As defined in original instruction",
"action": "When using sed for global replacements (s///g), verify replacement won't cascade to already-replaced text. For complex multi-variable replacements or when replacing with similar patterns (e.g., isDryRun → _isDryRun), prefer rewriting entire file over incremental sed commands. Always use Read tool to verify sed results before proceeding.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.82,
"temporal_scope": "PROJECT",
"verification_required": "RECOMMENDED",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"risk_factors": [
"cascading_replacements",
"similar_patterns",
"multi_variable_changes"
],
"mitigation": "prefer_full_file_rewrite"
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-21T00:00:00Z",
"author": "Tractatus Framework",
"session_id": "2025-10-21-sync-implementation",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Prevents cascading sed errors (isDryRun → __isDryRun). Low persistence as issue is specific to shell operations."
}
},
{
"id": "inst_061",
"title": "When user selects hook approval option '2",
"category": "FRAMEWORK_OPERATION",
"quadrant": "TACTICAL",
"persistence": "HIGH",
"description": "When user selects hook approval option '2. Yes, and don't ask again for similar commands in [directory]', Claude Code MUST persist this approval for the entire session. Do NOT ask again for similar bash commands in the same directory during the same session. This is a Claude Code framework requirement, not a suggestion.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-20T19:54:46.237Z",
"rationale": "User feedback: Having to repeatedly answer hook prompts after selecting option 2 is unacceptable. Framework must respect session-level approvals.",
"trigger": "As defined in original instruction",
"action": "When user selects hook approval option '2. Yes, and don't ask again for similar commands in [directory]', Claude Code MUST persist this approval for the entire session. Do NOT ask again for similar bash commands in the same directory during the same session. This is a Claude Code framework requirement, not a suggestion.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"hook_type": "bash_approval",
"expected_behavior": "persist_for_session",
"applies_to": "all_similar_commands_in_directory"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-20T19:54:46.237Z",
"author": "Tractatus Framework",
"session_id": "2025-10-21-mongodb-fix",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "User feedback: Having to repeatedly answer hook prompts after selecting option 2 is unacceptable. Framework must respect session-level approvals."
}
},
{
"id": "inst_062",
"title": "GitHub README",
"category": "GIT_VERSION_CONTROL",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "GitHub README.md must be reviewed weekly and 'Last Updated' date updated when material changes occur",
"context": "Migrated from v1.0. Original timestamp: 2025-10-21T05:38:05.001Z",
"rationale": "GitHub README is primary external interface - must be world-class and current. Material changes include: service additions/removals, architecture changes, status updates, documentation links, or critical corrections. Minor fixes (typos, formatting) don't require date update.",
"trigger": "As defined in original instruction",
"action": "GitHub README.md must be reviewed weekly and 'Last Updated' date updated when material changes occur",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.9,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"file": "README.md",
"review_frequency": "weekly",
"update_trigger": "material_changes",
"priority": "high"
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-21T05:38:05.001Z",
"author": "Tractatus Framework",
"session_id": "2025-10-21",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "GitHub README is primary external interface - must be world-class and current. Material changes include: service additions/removals, architecture changes, status updates, documentation links, or critical corrections. Minor fixes (typos, formatting) don't require date update."
}
},
{
"id": "inst_063",
"title": "Public GitHub (tractatus-framework) must remain implementation-focused",
"category": "GIT_VERSION_CONTROL",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Public GitHub (tractatus-framework) must remain implementation-focused. Prohibited without explicit approval: changing target audience (implementer→researcher), adding research framing, adding failure case studies, theoretical content, or repositioning as research project. Full discretion ≠ permission to change fundamental purpose.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-21T08:12:30.842Z",
"rationale": "Created 2025-10-21 after bad actor incident: AI converted implementation docs to research manifesto without permission. Scope creep under \"full discretion\" is not authorized architectural repositioning. Public GitHub is for developers implementing framework, not researchers studying it. All background/research content belongs on agenticgovernance.digital website.",
"trigger": "As defined in original instruction",
"action": "Public GitHub (tractatus-framework) must remain implementation-focused. Prohibited without explicit approval: changing target audience (implementer→researcher), adding research framing, adding failure case studies, theoretical content, or repositioning as research project. Full discretion ≠ permission to change fundamental purpose.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"repository": "tractatus-framework",
"prohibited_actions": [
"audience_substitution",
"research_framing",
"failure_case_studies",
"theoretical_positioning",
"scope_inflation"
],
"required_audience": "implementers",
"required_purpose": "implementation_documentation",
"approval_required_for": "audience_changes, content_type_changes, project_positioning"
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-21T08:12:30.842Z",
"author": "Tractatus Framework",
"session_id": "2025-10-21",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Created 2025-10-21 after bad actor incident: AI converted implementation docs to research manifesto without permission. Scope creep under \"full discretion\" is not authorized architectural repositioning. Public GitHub is for developers implementing framework, not researchers studying it. All background/research content belongs on agenticgovernance.digital website."
}
},
{
"id": "inst_008_CONSOLIDATED",
"title": "ALL HTML/JS must comply with Content Security Policy: no inline event handler...",
"category": "SECURITY",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "ALL HTML/JS must comply with Content Security Policy: no inline event handlers (onclick, onload, etc.), no inline scripts, no inline styles. ALL HTTP responses MUST include comprehensive security headers: Content-Security-Policy, Strict-Transport-Security, X-Frame-Options (DENY), X-Content-Type-Options (nosniff), Referrer-Policy (strict-origin-when-cross-origin). Pre-tool execution hook validators (validate-file-write.js, validate-file-edit.js) MUST check CSP compliance before allowing edits and provide specific violation details if blocked.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "CONSOLIDATED from inst_008, inst_044, inst_048. Single source of truth for CSP and security header requirements. Prevents CSP violations and security header omissions.",
"trigger": "As defined in original instruction",
"action": "ALL HTML/JS must comply with Content Security Policy: no inline event handlers (onclick, onload, etc.), no inline scripts, no inline styles. ALL HTTP responses MUST include comprehensive security headers: Content-Security-Policy, Strict-Transport-Security, X-Frame-Options (DENY), X-Content-Type-Options (nosniff), Referrer-Policy (strict-origin-when-cross-origin). Pre-tool execution hook validators (validate-file-write.js, validate-file-edit.js) MUST check CSP compliance before allowing edits and provide specific violation details if blocked.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"blocking": true,
"enforcement_location": "pre-tool-hooks"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CONSOLIDATED from inst_008, inst_044, inst_048. Single source of truth for CSP and security header requirements. Prevents CSP violations and security header omissions."
}
},
{
"id": "inst_020_CONSOLIDATED",
"title": "Web application deployments MUST ensure correct file permissions before going...",
"category": "DEPLOYMENT",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Web application deployments MUST ensure correct file permissions before going live. Public-facing HTML/CSS/JS: 644 (rw-r--r--), executable scripts: 755 (rwxr-xr-x), admin directories: 750 (rwxr-x---). ALL deployment scripts (rsync, scp, git pull) MUST include automated post-deployment permission correction commands. Verify with \"ls -la\" before declaring deployment complete. Permission errors are recurring deployment failures - automated correction is mandatory.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "CONSOLIDATED from inst_020, inst_022. Prevents public access to admin directories and execution of static files. Recurring issue required automation mandate.",
"trigger": "As defined in original instruction",
"action": "Web application deployments MUST ensure correct file permissions before going live. Public-facing HTML/CSS/JS: 644 (rw-r--r--), executable scripts: 755 (rwxr-xr-x), admin directories: 750 (rwxr-x---). ALL deployment scripts (rsync, scp, git pull) MUST include automated post-deployment permission correction commands. Verify with \"ls -la\" before declaring deployment complete. Permission errors are recurring deployment failures - automated correction is mandatory.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"blocking": true,
"automation_required": true
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CONSOLIDATED from inst_020, inst_022. Prevents public access to admin directories and execution of static files. Recurring issue required automation mandate."
}
},
{
"id": "inst_041_CONSOLIDATED",
"title": "ALL file inputs (web uploads, email attachments, user-provided files) MUST be...",
"category": "SECURITY",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "ALL file inputs (web uploads, email attachments, user-provided files) MUST be validated before processing: (1) File type whitelist validation (reject executables, scripts), (2) Size limits enforced, (3) Content scanning for malware/XSS payloads, (4) Secure storage (GridFS with encryption), (5) Access control (authenticated users only, role-based permissions). Reject and log all suspicious files per inst_046 (security event logging). Never trust client-provided MIME types - verify file signatures.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "CONSOLIDATED from inst_041, inst_042. Comprehensive file/attachment security validation. Part of security vetting framework.",
"trigger": "As defined in original instruction",
"action": "ALL file inputs (web uploads, email attachments, user-provided files) MUST be validated before processing: (1) File type whitelist validation (reject executables, scripts), (2) Size limits enforced, (3) Content scanning for malware/XSS payloads, (4) Secure storage (GridFS with encryption), (5) Access control (authenticated users only, role-based permissions). Reject and log all suspicious files per inst_046 (security event logging). Never trust client-provided MIME types - verify file signatures.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"blocking": true,
"security_critical": true
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CONSOLIDATED from inst_041, inst_042. Comprehensive file/attachment security validation. Part of security vetting framework."
}
},
{
"id": "inst_063_CONSOLIDATED",
"title": "Public GitHub repository (tractatus-framework) must remain implementation-foc...",
"category": "GIT_VERSION_CONTROL",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Public GitHub repository (tractatus-framework) must remain implementation-focused. Prohibited without explicit approval: (1) Governance research documents, (2) Pluralistic deliberation guides, (3) Theoretical frameworks, (4) Project-specific internal documentation, (5) Business strategy documents. Allowed: (1) Technical implementation documentation, (2) API reference guides, (3) Code examples and tutorials, (4) Installation/setup guides, (5) Contribution guidelines. README.md must be reviewed weekly and \"Last Updated\" date updated when material changes occur. README is primary external interface - must be world-class and current.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "CONSOLIDATED from inst_028, inst_062, inst_063. Created after bad actor incident where AI converted implementation docs to authoritarian governance guide. Prevents misrepresentation of framework purpose.",
"trigger": "As defined in original instruction",
"action": "Public GitHub repository (tractatus-framework) must remain implementation-focused. Prohibited without explicit approval: (1) Governance research documents, (2) Pluralistic deliberation guides, (3) Theoretical frameworks, (4) Project-specific internal documentation, (5) Business strategy documents. Allowed: (1) Technical implementation documentation, (2) API reference guides, (3) Code examples and tutorials, (4) Installation/setup guides, (5) Contribution guidelines. README.md must be reviewed weekly and \"Last Updated\" date updated when material changes occur. README is primary external interface - must be world-class and current.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "ADVISORY",
"requires_user_approval": true,
"review_frequency": "weekly"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CONSOLIDATED from inst_028, inst_062, inst_063. Created after bad actor incident where AI converted implementation docs to authoritarian governance guide. Prevents misrepresentation of framework purpose."
}
},
{
"id": "inst_064",
"title": "Tractatus framework components MUST be actively used throughout sessions: (1)...",
"category": "PRIVACY",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Tractatus framework components MUST be actively used throughout sessions: (1) ContextPressureMonitor: At session start (baseline), 50k/100k/150k token milestones, after complex multi-file operations, after errors. (2) InstructionPersistenceClassifier: When user gives explicit instruction, configuration specifications, architectural constraints. (3) CrossReferenceValidator: Before database schema changes, configuration modifications, architectural decisions. (4) BoundaryEnforcer: Before privacy policy decisions, ethical trade-offs, values-sensitive content. (5) MetacognitiveVerifier: For operations with 3+ file modifications or 5+ sequential steps. (6) PluralisticDeliberationOrchestrator: When BoundaryEnforcer flags values conflict. Framework fade (components not being used) = CRITICAL FAILURE. Update .claude/session-state.json after each component use with timestamp and validation count.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "CRITICAL ENFORCEMENT GAP - Previously documented but not enforced as rule. Specifies exactly when each component must be used. Replaces vague inst_007.",
"trigger": "As defined in original instruction",
"action": "Tractatus framework components MUST be actively used throughout sessions: (1) ContextPressureMonitor: At session start (baseline), 50k/100k/150k token milestones, after complex multi-file operations, after errors. (2) InstructionPersistenceClassifier: When user gives explicit instruction, configuration specifications, architectural constraints. (3) CrossReferenceValidator: Before database schema changes, configuration modifications, architectural decisions. (4) BoundaryEnforcer: Before privacy policy decisions, ethical trade-offs, values-sensitive content. (5) MetacognitiveVerifier: For operations with 3+ file modifications or 5+ sequential steps. (6) PluralisticDeliberationOrchestrator: When BoundaryEnforcer flags values conflict. Framework fade (components not being used) = CRITICAL FAILURE. Update .claude/session-state.json after each component use with timestamp and validation count.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"framework_critical": true,
"failure_mode": "CRITICAL"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CRITICAL ENFORCEMENT GAP - Previously documented but not enforced as rule. Specifies exactly when each component must be used. Replaces vague inst_007."
}
},
{
"id": "inst_065",
"title": "MANDATORY at session start and immediately after conversation compaction: Run...",
"category": "FRAMEWORK_OPERATION",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "MANDATORY at session start and immediately after conversation compaction: Run \"node scripts/session-init.js\", then report to user: (1) Server status: curl -s http://localhost:9000/health | jq -r '.status' (expect 'ok'), (2) Framework statistics: session ID, active instructions count, version from .claude/session-state.json and .claude/instruction-history.json, (3) MongoDB status: active rules count from tractatus_dev database. BLOCK all session work until initialization complete and results reported to user. Output results in clean formatted summary before proceeding with any tasks.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "Required by CLAUDE.md but not previously enforced as rule. Ensures framework operational before work begins. Critical for session continuity after compaction.",
"trigger": "As defined in original instruction",
"action": "MANDATORY at session start and immediately after conversation compaction: Run \"node scripts/session-init.js\", then report to user: (1) Server status: curl -s http://localhost:9000/health | jq -r '.status' (expect 'ok'), (2) Framework statistics: session ID, active instructions count, version from .claude/session-state.json and .claude/instruction-history.json, (3) MongoDB status: active rules count from tractatus_dev database. BLOCK all session work until initialization complete and results reported to user. Output results in clean formatted summary before proceeding with any tasks.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"blocking": true,
"triggers": [
"session_start",
"post_compaction"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Required by CLAUDE.md but not previously enforced as rule. Ensures framework operational before work begins. Critical for session continuity after compaction."
}
},
{
"id": "inst_066",
"title": "ALL git commits MUST use conventional commit format: \"type(scope): description\"",
"category": "GIT_VERSION_CONTROL",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "ALL git commits MUST use conventional commit format: \"type(scope): description\". Types: feat (new feature), fix (bug fix), docs (documentation), refactor (code restructure), test (test additions), chore (maintenance). Include Claude Code attribution footer:\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\nCo-Authored-By: Claude <noreply@anthropic.com>\n\nNEVER use \"git commit -i\" or \"git add -i\" (interactive modes not supported). When pre-commit hooks modify files, verify commit authorship (git log -1 --format='%an %ae') before amending - NEVER amend other developers' commits.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "Documented in Maintenance Guide but not enforced as rule. Improves git history quality and provides attribution transparency.",
"trigger": "As defined in original instruction",
"action": "ALL git commits MUST use conventional commit format: \"type(scope): description\". Types: feat (new feature), fix (bug fix), docs (documentation), refactor (code restructure), test (test additions), chore (maintenance). Include Claude Code attribution footer:\n🤖 Generated with [Claude Code](https://claude.com/claude-code)\nCo-Authored-By: Claude <noreply@anthropic.com>\n\nNEVER use \"git commit -i\" or \"git add -i\" (interactive modes not supported). When pre-commit hooks modify files, verify commit authorship (git log -1 --format='%an %ae') before amending - NEVER amend other developers' commits.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "ADVISORY",
"quality_standard": true
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Documented in Maintenance Guide but not enforced as rule. Improves git history quality and provides attribution transparency."
}
},
{
"id": "inst_067",
"title": "BEFORE database operations or port-specific commands: (1) VERIFY current envi...",
"category": "DEPLOYMENT",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "BEFORE database operations or port-specific commands: (1) VERIFY current environment (local vs production) from context, (2) VERIFY correct port/database from explicit user instruction OR CLAUDE.md defaults (local: tractatus_dev:27017 on port 9000, production: tractatus_prod:27017 on port 9000), (3) If user specifies non-standard port or database (e.g., port 27027, custom database name), USE EXACT VALUE FROM USER INSTRUCTION - do NOT autocorrect to standard defaults. Pattern recognition bias for standard ports/databases is a known 27027 failure mode where training data associations override explicit instructions. When in doubt, ask user to confirm environment.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "Prevents 27027-type failures where pattern recognition overrides explicit user instructions. Critical for multi-environment operations.",
"trigger": "As defined in original instruction",
"action": "BEFORE database operations or port-specific commands: (1) VERIFY current environment (local vs production) from context, (2) VERIFY correct port/database from explicit user instruction OR CLAUDE.md defaults (local: tractatus_dev:27017 on port 9000, production: tractatus_prod:27017 on port 9000), (3) If user specifies non-standard port or database (e.g., port 27027, custom database name), USE EXACT VALUE FROM USER INSTRUCTION - do NOT autocorrect to standard defaults. Pattern recognition bias for standard ports/databases is a known 27027 failure mode where training data associations override explicit instructions. When in doubt, ask user to confirm environment.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "RESTRICTED",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"failure_prevention": "27027_pattern_bias",
"blocking": true
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Prevents 27027-type failures where pattern recognition overrides explicit user instructions. Critical for multi-environment operations."
}
},
{
"id": "inst_068",
"title": "Run tests in these scenarios: (1) Before git commits if tests exist for modif...",
"category": "DEPLOYMENT",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Run tests in these scenarios: (1) Before git commits if tests exist for modified code area, (2) Before all deployments (run full test suite), (3) After refactoring (run affected tests), (4) When user explicitly requests testing. Test failures BLOCK commits and deployments unless user explicitly approves proceeding with failing tests. When creating new features, ask user if tests should be written - do not assume test requirements. Report test results with counts: X passed, Y failed, Z skipped. Use \"npm test\" for full suite or \"npm test -- <path>\" for specific tests.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "Aligns with world-class quality standard (inst_004). Prevents regressions and maintains code quality.",
"trigger": "As defined in original instruction",
"action": "Run tests in these scenarios: (1) Before git commits if tests exist for modified code area, (2) Before all deployments (run full test suite), (3) After refactoring (run affected tests), (4) When user explicitly requests testing. Test failures BLOCK commits and deployments unless user explicitly approves proceeding with failing tests. When creating new features, ask user if tests should be written - do not assume test requirements. Report test results with counts: X passed, Y failed, Z skipped. Use \"npm test\" for full suite or \"npm test -- <path>\" for specific tests.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"blocking": true,
"quality_critical": true
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Aligns with world-class quality standard (inst_004). Prevents regressions and maintains code quality."
}
},
{
"id": "inst_024a",
"title": "Before session handoff or closedown: Kill all background processes spawned du...",
"category": "ARCHITECTURE",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Before session handoff or closedown: Kill all background processes spawned during session (npm, jest, node, dev servers, file watchers). Use \"ps aux | grep -E \\\"npm|jest|node\\\"\" to find processes, \"pkill -f <pattern>\" to terminate. Verify cleanup with \"ps aux | grep -E \\\"npm|jest|node\\\"\" again (should show no results except grep itself). Update .claude/session-state.json with cleanup timestamp and process count terminated.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "Split from inst_024 for granular enforcement. Part of comprehensive closedown protocol.",
"trigger": "As defined in original instruction",
"action": "Before session handoff or closedown: Kill all background processes spawned during session (npm, jest, node, dev servers, file watchers). Use \"ps aux | grep -E \\\"npm|jest|node\\\"\" to find processes, \"pkill -f <pattern>\" to terminate. Verify cleanup with \"ps aux | grep -E \\\"npm|jest|node\\\"\" again (should show no results except grep itself). Update .claude/session-state.json with cleanup timestamp and process count terminated.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"closedown_step": 1
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Split from inst_024 for granular enforcement. Part of comprehensive closedown protocol."
}
},
{
"id": "inst_024b",
"title": "Before session handoff: Verify",
"category": "DOCUMENTATION",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Before session handoff: Verify .claude/instruction-history.json changes are synced to MongoDB governanceRules collection. If instruction-history.json modified this session, run \"node scripts/sync-instructions-to-db.js\" to sync. Compare counts: active instructions in JSON vs active rules in database. Report sync status in handoff document: \"Synced: X instructions → Y database rules\" or \"Not needed: No changes this session\".",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "Split from inst_024 for granular enforcement. Ensures file-database consistency.",
"trigger": "As defined in original instruction",
"action": "Before session handoff: Verify .claude/instruction-history.json changes are synced to MongoDB governanceRules collection. If instruction-history.json modified this session, run \"node scripts/sync-instructions-to-db.js\" to sync. Compare counts: active instructions in JSON vs active rules in database. Report sync status in handoff document: \"Synced: X instructions → Y database rules\" or \"Not needed: No changes this session\".",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"closedown_step": 2
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Split from inst_024 for granular enforcement. Ensures file-database consistency."
}
},
{
"id": "inst_024c",
"title": "Before session handoff: Document complete git status: (1) Current branch, (2)...",
"category": "GIT_VERSION_CONTROL",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Before session handoff: Document complete git status: (1) Current branch, (2) Commits ahead/behind remote (git status shows \"Your branch is ahead of origin/main by X commits\"), (3) Working tree status (clean vs untracked files), (4) Most recent commits (git log --oneline -5). Include in handoff document with explanations for any untracked files (e.g., \"untracked files are INTERNAL project files, NOT for public repo\"). If working tree has uncommitted changes, explain why or commit before handoff.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "Split from inst_024 for granular enforcement. Provides next session with clear git context.",
"trigger": "As defined in original instruction",
"action": "Before session handoff: Document complete git status: (1) Current branch, (2) Commits ahead/behind remote (git status shows \"Your branch is ahead of origin/main by X commits\"), (3) Working tree status (clean vs untracked files), (4) Most recent commits (git log --oneline -5). Include in handoff document with explanations for any untracked files (e.g., \"untracked files are INTERNAL project files, NOT for public repo\"). If working tree has uncommitted changes, explain why or commit before handoff.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"closedown_step": 3
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Split from inst_024 for granular enforcement. Provides next session with clear git context."
}
},
{
"id": "inst_024d",
"title": "Before session handoff: Clean temporary artifacts created during session: (1)",
"category": "GIT_VERSION_CONTROL",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Before session handoff: Clean temporary artifacts created during session: (1) .memory-test/ directory (if exists from testing), (2) Test databases (mongosh --eval \"db.dropDatabase()\" on tractatus_test), (3) Stale lock files (check age - if hours old with no process, safe to delete), (4) Temporary scripts in /tmp/. Document what was cleaned and what was intentionally kept (e.g., \"package-lock.json kept - legitimate\", \"mongod.lock kept - server running\"). Do NOT delete legitimate lock files for running processes.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "Split from inst_024 for granular enforcement. Prevents clutter accumulation across sessions.",
"trigger": "As defined in original instruction",
"action": "Before session handoff: Clean temporary artifacts created during session: (1) .memory-test/ directory (if exists from testing), (2) Test databases (mongosh --eval \"db.dropDatabase()\" on tractatus_test), (3) Stale lock files (check age - if hours old with no process, safe to delete), (4) Temporary scripts in /tmp/. Document what was cleaned and what was intentionally kept (e.g., \"package-lock.json kept - legitimate\", \"mongod.lock kept - server running\"). Do NOT delete legitimate lock files for running processes.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "ADVISORY",
"closedown_step": 4
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Split from inst_024 for granular enforcement. Prevents clutter accumulation across sessions."
}
},
{
"id": "inst_024e",
"title": "Create session handoff document as OPTIMAL_STARTUP_PROMPT_<DATE>",
"category": "GIT_VERSION_CONTROL",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Create session handoff document as OPTIMAL_STARTUP_PROMPT_<DATE>.md with: (1) Current system status (server, framework, database, git), (2) Completed tasks with file:line references and verification, (3) In-progress tasks with blockers and next steps, (4) Pending tasks prioritized by user importance, (5) Recent instruction additions/changes with rationale, (6) Known issues and gotchas, (7) Framework health assessment, (8) User decisions needed, (9) Ready-to-use TodoWrite JSON for next session, (10) Recommended startup sequence with exact commands. STOP ALL WORK IMMEDIATELY after creating handoff document - handoff signals NEW session intent, not continuation.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "Split from inst_024 for granular enforcement. Core handoff creation with strict format requirements.",
"trigger": "As defined in original instruction",
"action": "Create session handoff document as OPTIMAL_STARTUP_PROMPT_<DATE>.md with: (1) Current system status (server, framework, database, git), (2) Completed tasks with file:line references and verification, (3) In-progress tasks with blockers and next steps, (4) Pending tasks prioritized by user importance, (5) Recent instruction additions/changes with rationale, (6) Known issues and gotchas, (7) Framework health assessment, (8) User decisions needed, (9) Ready-to-use TodoWrite JSON for next session, (10) Recommended startup sequence with exact commands. STOP ALL WORK IMMEDIATELY after creating handoff document - handoff signals NEW session intent, not continuation.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"closedown_step": 5,
"terminal_action": true
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Split from inst_024 for granular enforcement. Core handoff creation with strict format requirements."
}
},
{
"id": "inst_069",
"title": "ALL credentials, API keys, secrets, tokens, passwords in documentation MUST b...",
"category": "SECURITY",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "ALL credentials, API keys, secrets, tokens, passwords in documentation MUST be redacted or use example-only values. NEVER include real production or development credentials in files committed to git. Required patterns: API keys: \"sk-ant-api03-EXAMPLE-REDACTED-NEVER-USE\", Stripe keys: \"sk_live_EXAMPLE_REDACTED\", \"pk_live_EXAMPLE_REDACTED\", Passwords: \"REDACTED\" or \"your-password-here\", Tokens: \"your-token-here\". BEFORE committing any file containing credential-like patterns: (1) Replace ALL real values with examples/redacted versions, (2) Run secret detection scan (gitleaks or detect-secrets), (3) Verify no actual credentials remain. If actual credentials needed for deployment, use: Environment variables (.env file, NOT committed), Secure secret management (HashiCorp Vault, AWS Secrets Manager), Deployment-specific configuration (NOT in git).",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "CRITICAL SECURITY REQUIREMENT - Created in response to Anthropic API key exposure incident on 2025-10-21. API key (sk-ant-api03-_xm...TwAA, ID 5043627, name: family-history-ocr) was committed to public repository in docs/STRIPE_LIVE_MODE_DEPLOYMENT.md at commit 31345d5c1abc8c8da9387d55494a1741f451f9a7. GitHub secret scanning detected and Anthropic revoked key automatically. This rule prevents recurrence by requiring ALL credentials to be redacted in documentation and enforcing secret detection scans before commits.",
"trigger": "As defined in original instruction",
"action": "ALL credentials, API keys, secrets, tokens, passwords in documentation MUST be redacted or use example-only values. NEVER include real production or development credentials in files committed to git. Required patterns: API keys: \"sk-ant-api03-EXAMPLE-REDACTED-NEVER-USE\", Stripe keys: \"sk_live_EXAMPLE_REDACTED\", \"pk_live_EXAMPLE_REDACTED\", Passwords: \"REDACTED\" or \"your-password-here\", Tokens: \"your-token-here\". BEFORE committing any file containing credential-like patterns: (1) Replace ALL real values with examples/redacted versions, (2) Run secret detection scan (gitleaks or detect-secrets), (3) Verify no actual credentials remain. If actual credentials needed for deployment, use: Environment variables (.env file, NOT committed), Secure secret management (HashiCorp Vault, AWS Secrets Manager), Deployment-specific configuration (NOT in git).",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "CONFIDENTIAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"blocking": true,
"security_critical": true,
"incident_response": "anthropic_api_key_exposure_2025_10_21"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CRITICAL SECURITY REQUIREMENT - Created in response to Anthropic API key exposure incident on 2025-10-21. API key (sk-ant-api03-_xm...TwAA, ID 5043627, name: family-history-ocr) was committed to public repository in docs/STRIPE_LIVE_MODE_DEPLOYMENT.md at commit 31345d5c1abc8c8da9387d55494a1741f451f9a7. GitHub secret scanning detected and Anthropic revoked key automatically. This rule prevents recurrence by requiring ALL credentials to be redacted in documentation and enforcing secret detection scans before commits."
}
},
{
"id": "inst_070",
"title": "ALL git commits MUST pass secret detection scan before being allowed",
"category": "GIT_VERSION_CONTROL",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "ALL git commits MUST pass secret detection scan before being allowed. Use gitleaks or detect-secrets as pre-commit hook. Hook location: .git/hooks/pre-commit. Command: gitleaks detect --source . --verbose. Action: BLOCK commit if secrets detected. If legitimate secret-like pattern detected (false positive): (1) Verify it is NOT a real secret, (2) Add to .gitleaksignore with comment explaining why, (3) Get user approval before committing, (4) Document in commit message. NEVER bypass secret detection hook without explicit user approval.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "CRITICAL SECURITY REQUIREMENT - Created in response to Anthropic API key exposure incident. Automated pre-commit hook prevents credentials from being committed to git in the first place. This is Layer 3 of defense-in-depth strategy (Prevention → Mitigation → Detection → Backstop → Recovery).",
"trigger": "As defined in original instruction",
"action": "ALL git commits MUST pass secret detection scan before being allowed. Use gitleaks or detect-secrets as pre-commit hook. Hook location: .git/hooks/pre-commit. Command: gitleaks detect --source . --verbose. Action: BLOCK commit if secrets detected. If legitimate secret-like pattern detected (false positive): (1) Verify it is NOT a real secret, (2) Add to .gitleaksignore with comment explaining why, (3) Get user approval before committing, (4) Document in commit message. NEVER bypass secret detection hook without explicit user approval.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "CONFIDENTIAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"blocking": true,
"automation_required": true,
"security_critical": true
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "CRITICAL SECURITY REQUIREMENT - Created in response to Anthropic API key exposure incident. Automated pre-commit hook prevents credentials from being committed to git in the first place. This is Layer 3 of defense-in-depth strategy (Prevention → Mitigation → Detection → Backstop → Recovery)."
}
},
{
"id": "inst_071",
"title": "PRE-DEPLOYMENT CHECKLIST (run in order):\n□ 1",
"category": "SECURITY",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "PRE-DEPLOYMENT CHECKLIST (run in order):\n□ 1. CSP Compliance Check [AUTOMATED via hook]\n□ 2. Secret Detection Scan (gitleaks detect --source .)\n□ 3. Credential Audit (grep -r \"sk-\" \"pk-\" \"secret\" \"password\")\n□ 4. Local Server Test (curl http://localhost:9000/health → 200 OK)\n□ 5. Comprehensive Testing (npm test → all pass)\n□ 6. Permission Verification (ls -la → correct 644/755)\n□ 7. Git Status Clean (no uncommitted changes)\n□ 8. Public Repository Content Review (no internal docs)\nMark each checkbox before proceeding to next. BLOCK deployment if any step fails.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "ENHANCED from inst_054 - Added steps 2, 3, 8 in response to security incident. Step 2 (Secret Detection) and Step 3 (Credential Audit) provide redundant verification that no credentials are being deployed. Step 8 (Public Repository Content Review) ensures no internal documentation accidentally published. This is defense-in-depth approach.",
"trigger": "As defined in original instruction",
"action": "PRE-DEPLOYMENT CHECKLIST (run in order):\n□ 1. CSP Compliance Check [AUTOMATED via hook]\n□ 2. Secret Detection Scan (gitleaks detect --source .)\n□ 3. Credential Audit (grep -r \"sk-\" \"pk-\" \"secret\" \"password\")\n□ 4. Local Server Test (curl http://localhost:9000/health → 200 OK)\n□ 5. Comprehensive Testing (npm test → all pass)\n□ 6. Permission Verification (ls -la → correct 644/755)\n□ 7. Git Status Clean (no uncommitted changes)\n□ 8. Public Repository Content Review (no internal docs)\nMark each checkbox before proceeding to next. BLOCK deployment if any step fails.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "CONFIDENTIAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"blocking": true,
"replaces": "inst_054"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "ENHANCED from inst_054 - Added steps 2, 3, 8 in response to security incident. Step 2 (Secret Detection) and Step 3 (Credential Audit) provide redundant verification that no credentials are being deployed. Step 8 (Public Repository Content Review) ensures no internal documentation accidentally published. This is defense-in-depth approach."
}
},
{
"id": "inst_072",
"title": "Implement defense-in-depth for credential protection: Layer 1 - Prevention: N...",
"category": "SECURITY",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Implement defense-in-depth for credential protection: Layer 1 - Prevention: Never commit credentials to git. Layer 2 - Mitigation: Redact credentials in documentation. Layer 3 - Detection: Pre-commit secret scanning (automated). Layer 4 - Backstop: GitHub secret scanning (automatic on public repos). Layer 5 - Recovery: Credential rotation procedures documented. ALL security-sensitive operations must have multiple layers. If one layer fails, others should prevent catastrophic outcome. When creating deployment documentation: (1) Use environment variable names, not values, (2) Include credential rotation procedures, (3) Document secret management system (Vault, AWS Secrets Manager), (4) Never assume \"just do not commit secrets\" is sufficient protection.",
"context": "Migrated from v1.0. Original timestamp: undefined",
"rationale": "STRATEGIC SECURITY PRINCIPLE - Created in response to incident analysis. The breach occurred because only Layer 1 (prevention) and Layer 4 (GitHub scanning) existed. Layers 2, 3, and 5 were missing. This rule requires ALL five layers for security-critical operations. Based on \"assume breach\" security model where no single control is trusted.",
"trigger": "As defined in original instruction",
"action": "Implement defense-in-depth for credential protection: Layer 1 - Prevention: Never commit credentials to git. Layer 2 - Mitigation: Redact credentials in documentation. Layer 3 - Detection: Pre-commit secret scanning (automated). Layer 4 - Backstop: GitHub secret scanning (automatic on public repos). Layer 5 - Recovery: Credential rotation procedures documented. ALL security-sensitive operations must have multiple layers. If one layer fails, others should prevent catastrophic outcome. When creating deployment documentation: (1) Use environment variable names, not values, (2) Include credential rotation procedures, (3) Document secret management system (Vault, AWS Secrets Manager), (4) Never assume \"just do not commit secrets\" is sufficient protection.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.7,
"temporal_scope": "PERMANENT",
"verification_required": "PERIODIC",
"securityClassification": "CONFIDENTIAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "ADVISORY",
"architectural_principle": true,
"security_critical": true
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-06",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "STRATEGIC SECURITY PRINCIPLE - Created in response to incident analysis. The breach occurred because only Layer 1 (prevention) and Layer 4 (GitHub scanning) existed. Layers 2, 3, and 5 were missing. This rule requires ALL five layers for security-critical operations. Based on \"assume breach\" security model where no single control is trusted."
}
},
{
"id": "inst_075",
"title": "AFTER each response, check <system-warning> for current token count",
"category": "VALUES_ALIGNMENT",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "AFTER each response, check <system-warning> for current token count. IF token count > next_checkpoint value in .claude/token-checkpoints.json, MUST run: node scripts/check-token-checkpoint.js --tokens [current]/[budget]. This generates pressure report and marks checkpoint as completed. Checkpoints are at 25% (50k), 50% (100k), 75% (150k). Checking checkpoints is MANDATORY, not optional. Token budget awareness prevents context window exhaustion and maintains quality.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-22T23:43:14.646Z",
"rationale": "Created in response to token checkpoint enforcement failure (session passed 96k tokens without reporting at 50k and 100k thresholds). Makes checkpoint monitoring architecturally enforced through HIGH persistence instruction. Prevents context window exhaustion and session quality degradation.",
"trigger": "As defined in original instruction",
"action": "AFTER each response, check <system-warning> for current token count. IF token count > next_checkpoint value in .claude/token-checkpoints.json, MUST run: node scripts/check-token-checkpoint.js --tokens [current]/[budget]. This generates pressure report and marks checkpoint as completed. Checkpoints are at 25% (50k), 50% (100k), 75% (150k). Checking checkpoints is MANDATORY, not optional. Token budget awareness prevents context window exhaustion and maintains quality.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"checkpoint_script": "scripts/check-token-checkpoint.js",
"checkpoints": [
50000,
100000,
150000
],
"verification_required": "MANDATORY",
"automation_trigger": "after_response"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-22T23:43:14.646Z",
"author": "Tractatus Framework",
"session_id": "2025-10-23-framework-analysis",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Created in response to token checkpoint enforcement failure (session passed 96k tokens without reporting at 50k and 100k thresholds). Makes checkpoint monitoring architecturally enforced through HIGH persistence instruction. Prevents context window exhaustion and session quality degradation."
}
},
{
"id": "inst_024_CONSOLIDATED",
"title": "Session handoff/closedown procedure (executed in order): (1) Kill background ...",
"category": "GIT_VERSION_CONTROL",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Session handoff/closedown procedure (executed in order): (1) Kill background processes, (2) Verify instruction history contains all session changes, (3) Document complete git status (modified files, branch state, pending commits), (4) Clean temporary artifacts, (5) Create handoff document OPTIMAL_STARTUP_PROMPT_<DATE>.md with: system status, completed tasks with file:line references, in-progress tasks with blockers, pending tasks prioritized, instruction changes, known issues, framework health, user decisions needed, TodoWrite JSON, startup sequence. STOP ALL WORK after creating handoff (signals NEW session intent).",
"context": "Migrated from v1.0. Original timestamp: 2025-10-22T23:52:42.135Z",
"rationale": "Consolidated from inst_024a-e (5 instructions). Combines all session handoff steps into single comprehensive procedure. Created during framework optimization 2025-10-23.",
"trigger": "As defined in original instruction",
"action": "Session handoff/closedown procedure (executed in order): (1) Kill background processes, (2) Verify instruction history contains all session changes, (3) Document complete git status (modified files, branch state, pending commits), (4) Clean temporary artifacts, (5) Create handoff document OPTIMAL_STARTUP_PROMPT_<DATE>.md with: system status, completed tasks with file:line references, in-progress tasks with blockers, pending tasks prioritized, instruction changes, known issues, framework health, user decisions needed, TodoWrite JSON, startup sequence. STOP ALL WORK after creating handoff (signals NEW session intent).",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"procedure_steps": 5,
"replaces": [
"inst_024a",
"inst_024b",
"inst_024c",
"inst_024d",
"inst_024e"
]
},
"relatedInstructions": [],
"active": false,
"metadata": {
"created": "2025-10-22T23:52:42.135Z",
"author": "Tractatus Framework",
"session_id": "2025-10-23-framework-optimization",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Consolidated from inst_024a-e (5 instructions). Combines all session handoff steps into single comprehensive procedure. Created during framework optimization 2025-10-23."
}
},
{
"id": "inst_076",
"title": "When user provides technical hypothesis or debugging suggestion: (1) Test use...",
"category": "TESTING",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "When user provides technical hypothesis or debugging suggestion: (1) Test user's hypothesis FIRST before pursuing alternative approaches, (2) If hypothesis fails, report results to user before trying alternative, (3) If pursuing alternative without testing user hypothesis, explicitly explain why. Rationale: Respecting user technical expertise is a collaboration boundary. Ignoring user suggestions wastes tokens, frustrates user, and violates collaborative partnership. User often has context (visual observation, domain knowledge) that Claude lacks.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-23T00:06:16.876Z",
"rationale": "Created in response to FRAMEWORK_INCIDENT_2025-10-20_IGNORED_USER_HYPOTHESIS. User correctly identified 'Tailwind issue' but Claude pursued 12 failed attempts before testing user's hypothesis. Wasted 70,000+ tokens and significant time. This rule enforces 'test user hypothesis first' as mandatory collaboration boundary. BoundaryEnforcer should flag actions that ignore user suggestions without justification.",
"trigger": "As defined in original instruction",
"action": "When user provides technical hypothesis or debugging suggestion: (1) Test user's hypothesis FIRST before pursuing alternative approaches, (2) If hypothesis fails, report results to user before trying alternative, (3) If pursuing alternative without testing user hypothesis, explicitly explain why. Rationale: Respecting user technical expertise is a collaboration boundary. Ignoring user suggestions wastes tokens, frustrates user, and violates collaborative partnership. User often has context (visual observation, domain knowledge) that Claude lacks.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"verification_required": "MANDATORY",
"component": "BoundaryEnforcer",
"boundary_type": "collaboration",
"enforcement": "procedural"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-23T00:06:16.876Z",
"author": "Tractatus Framework",
"session_id": "2025-10-23-framework-analysis",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Created in response to FRAMEWORK_INCIDENT_2025-10-20_IGNORED_USER_HYPOTHESIS. User correctly identified 'Tailwind issue' but Claude pursued 12 failed attempts before testing user's hypothesis. Wasted 70,000+ tokens and significant time. This rule enforces 'test user hypothesis first' as mandatory collaboration boundary. BoundaryEnforcer should flag actions that ignore user suggestions without justification."
}
},
{
"id": "inst_077",
"title": "When user requests session closedown (or says \"wrap up\", \"end session\", \"crea...",
"category": "GIT_VERSION_CONTROL",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "When user requests session closedown (or says \"wrap up\", \"end session\", \"create handoff\", \"process session closedown\"), execute: `node scripts/session-closedown.js`. Script will handle all closedown phases: (1) Kill background processes, (2) Sync instructions to database, (3) Framework performance analysis, (4) Audit log analysis with rule suggestions, (5) Git status documentation, (6) Handoff document creation, (7) Compaction marker creation. STOP ALL WORK after script completes. Do NOT continue working or respond beyond acknowledging completion. Script output includes next session startup instructions.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-24T09:11:09.164Z",
"rationale": "Replaces inst_024_CONSOLIDATED (and all inst_024 series) with executable session-closedown.js script. Script provides: automated cleanup, framework performance metrics, audit log analysis, violation pattern detection, rule suggestions (3+ occurrences threshold), git status capture, comprehensive handoff document generation, compaction marker for post-restart detection. Ensures consistency across all session closedowns, reduces manual errors, provides framework intelligence.",
"trigger": "As defined in original instruction",
"action": "When user requests session closedown (or says \"wrap up\", \"end session\", \"create handoff\", \"process session closedown\"), execute: `node scripts/session-closedown.js`. Script will handle all closedown phases: (1) Kill background processes, (2) Sync instructions to database, (3) Framework performance analysis, (4) Audit log analysis with rule suggestions, (5) Git status documentation, (6) Handoff document creation, (7) Compaction marker creation. STOP ALL WORK after script completes. Do NOT continue working or respond beyond acknowledging completion. Script output includes next session startup instructions.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.98,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"trigger_phrases": [
"wrap up",
"end session",
"create handoff",
"process session closedown",
"session closedown"
],
"script_path": "scripts/session-closedown.js",
"post_script_action": "STOP_ALL_WORK",
"script_phases": [
"cleanup",
"framework_analysis",
"audit_analysis",
"git_documentation",
"handoff_creation",
"compaction_marker"
],
"replaces": "inst_024_CONSOLIDATED"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-24T09:11:09.164Z",
"author": "Tractatus Framework",
"session_id": "2025-10-24-session-management-automation",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Replaces inst_024_CONSOLIDATED (and all inst_024 series) with executable session-closedown.js script. Script provides: automated cleanup, framework performance metrics, audit log analysis, violation pattern detection, rule suggestions (3+ occurrences threshold), git status capture, comprehensive handoff document generation, compaction marker for post-restart detection. Ensures consistency across all session closedowns, reduces manual errors, provides framework intelligence."
}
},
{
"id": "inst_078",
"title": "When user prefixes prompt with 'ff' (Framework Full), invoke framework-audit-...",
"category": "FRAMEWORK_OPERATION",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "When user prefixes prompt with 'ff' (Framework Full), invoke framework-audit-response.js script BEFORE responding. This triggers ALL 6 framework services (BoundaryEnforcer, PluralisticDeliberationOrchestrator, MetacognitiveVerifier, CrossReferenceValidator, ContextPressureMonitor, InstructionPersistenceClassifier) for conversational responses that don't use Edit/Write/Bash tools. Usage: node scripts/framework-audit-response.js --prompt \"user question\" --type \"boundary_question\". Include audit IDs in response.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-24T11:23:00.591Z",
"rationale": "Extends PreToolUse hook architecture to conversational responses. Provides audit trail for VALUES/WISDOM/INNOVATION boundary decisions.",
"trigger": "As defined in original instruction",
"action": "When user prefixes prompt with 'ff' (Framework Full), invoke framework-audit-response.js script BEFORE responding. This triggers ALL 6 framework services (BoundaryEnforcer, PluralisticDeliberationOrchestrator, MetacognitiveVerifier, CrossReferenceValidator, ContextPressureMonitor, InstructionPersistenceClassifier) for conversational responses that don't use Edit/Write/Bash tools. Usage: node scripts/framework-audit-response.js --prompt \"user question\" --type \"boundary_question\". Include audit IDs in response.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PROJECT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"trigger": "ff",
"script": "scripts/framework-audit-response.js",
"purpose": "manual_framework_invocation",
"services": [
"BoundaryEnforcer",
"PluralisticDeliberationOrchestrator",
"MetacognitiveVerifier",
"CrossReferenceValidator",
"ContextPressureMonitor",
"InstructionPersistenceClassifier"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-24T11:23:00.591Z",
"author": "Tractatus Framework",
"session_id": "2025-10-25-ff-trigger-implementation",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Extends PreToolUse hook architecture to conversational responses. Provides audit trail for VALUES/WISDOM/INNOVATION boundary decisions."
}
},
{
"id": "inst_079",
"title": "PROHIBITED: Dark patterns, manipulative UI/UX, forced actions, deceptive design",
"category": "PRIVACY",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "PROHIBITED: Dark patterns, manipulative UI/UX, forced actions, deceptive design. ALL user interfaces (forms, modals, CTAs) MUST: (1) Respect user agency - no auto-submit, no hidden opt-ins, (2) Clear language - no double negatives in decline buttons, (3) Equal prominence for accept/decline options, (4) No artificial urgency (fake timers, limited spots), (5) Explicit consent - pre-checked boxes prohibited. Values alignment: Sovereignty principle users retain override authority.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-24T11:38:46.416Z",
"rationale": "Enforces no manipulative design patterns commitment from values.html. Prevents dark patterns that undermine user sovereignty.",
"trigger": "As defined in original instruction",
"action": "PROHIBITED: Dark patterns, manipulative UI/UX, forced actions, deceptive design. ALL user interfaces (forms, modals, CTAs) MUST: (1) Respect user agency - no auto-submit, no hidden opt-ins, (2) Clear language - no double negatives in decline buttons, (3) Equal prominence for accept/decline options, (4) No artificial urgency (fake timers, limited spots), (5) Explicit consent - pre-checked boxes prohibited. Values alignment: Sovereignty principle users retain override authority.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "RESTRICTED",
"source": "FRAMEWORK",
"parameters": {
"scope": "ui_ux_design",
"enforcement": "pre_deployment_check",
"values_principle": "sovereignty",
"examples": [
"no_auto_submit",
"no_hidden_opt_ins",
"no_fake_urgency",
"clear_decline_buttons"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-24T11:38:46.416Z",
"author": "Tractatus Framework",
"session_id": "2025-10-25-values-rules",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Enforces no manipulative design patterns commitment from values.html. Prevents dark patterns that undermine user sovereignty."
}
},
{
"id": "inst_080",
"title": "Open Source Commitment: Tractatus framework and agenticgovernance",
"category": "GIT_VERSION_CONTROL",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Open Source Commitment: Tractatus framework and agenticgovernance.digital website MUST remain fully open source (Apache 2.0). PROHIBITED without explicit human approval: (1) Closed-source dependencies for core functionality, (2) Proprietary extensions or enterprise tiers, (3) License changes that restrict community use, (4) Paywalls, vendor lock-in, or SaaS-only features. Values alignment: Community principle No paywalls or vendor lock-in.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-24T11:38:46.417Z",
"rationale": "Enforces open source commitment from values.html. Prevents proprietary creep that would contradict stated values.",
"trigger": "As defined in original instruction",
"action": "Open Source Commitment: Tractatus framework and agenticgovernance.digital website MUST remain fully open source (Apache 2.0). PROHIBITED without explicit human approval: (1) Closed-source dependencies for core functionality, (2) Proprietary extensions or enterprise tiers, (3) License changes that restrict community use, (4) Paywalls, vendor lock-in, or SaaS-only features. Values alignment: Community principle No paywalls or vendor lock-in.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"license": "Apache-2.0",
"scope": "all_tractatus_code",
"prohibited": [
"proprietary_extensions",
"paywalls",
"closed_dependencies",
"license_restrictions"
],
"values_principle": "community"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-24T11:38:46.417Z",
"author": "Tractatus Framework",
"session_id": "2025-10-25-values-rules",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Enforces open source commitment from values.html. Prevents proprietary creep that would contradict stated values."
}
},
{
"id": "inst_081",
"title": "Pluralism Principle (Foundational): Different communities hold different, equ...",
"category": "GIT_VERSION_CONTROL",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Pluralism Principle (Foundational): Different communities hold different, equally legitimate values frameworks. AI MUST NOT: (1) Impose unified moral framework, (2) Auto-resolve value conflicts, (3) Rank competing values without human input, (4) Treat one cultural framework as superior. AI MUST: (1) Present value conflicts to humans for deliberation, (2) Respect indigenous frameworks (Te Tiriti, CARE principles) as foundational not supplementary, (3) Acknowledge multiple valid perspectives, (4) Use PluralisticDeliberationOrchestrator for value conflicts. Values alignment: Core philosophy from values.html.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-24T11:38:46.417Z",
"rationale": "Restores inst_033 concept with explicit indigenous framework recognition. Core philosophical principle from values.html requiring architectural enforcement.",
"trigger": "As defined in original instruction",
"action": "Pluralism Principle (Foundational): Different communities hold different, equally legitimate values frameworks. AI MUST NOT: (1) Impose unified moral framework, (2) Auto-resolve value conflicts, (3) Rank competing values without human input, (4) Treat one cultural framework as superior. AI MUST: (1) Present value conflicts to humans for deliberation, (2) Respect indigenous frameworks (Te Tiriti, CARE principles) as foundational not supplementary, (3) Acknowledge multiple valid perspectives, (4) Use PluralisticDeliberationOrchestrator for value conflicts. Values alignment: Core philosophy from values.html.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"scope": "value_conflicts",
"service": "PluralisticDeliberationOrchestrator",
"indigenous_frameworks": [
"Te_Tiriti",
"CARE_principles"
],
"values_principle": "pluralism",
"prohibited": [
"unified_framework",
"auto_resolution",
"value_ranking"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-24T11:38:46.417Z",
"author": "Tractatus Framework",
"session_id": "2025-10-25-values-rules",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Restores inst_033 concept with explicit indigenous framework recognition. Core philosophical principle from values.html requiring architectural enforcement."
}
},
{
"id": "inst_082",
"title": "When user types 'ffs' (Full Framework Stats), invoke framework-stats",
"category": "FRAMEWORK_OPERATION",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "When user types 'ffs' (Full Framework Stats), invoke framework-stats.js script to display comprehensive session statistics. Usage: node scripts/framework-stats.js. Reports: session state, token usage & checkpoints, context pressure level, instruction counts by quadrant/persistence, audit log counts by service, framework service status. Output formatted report + JSON for programmatic access.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-24T19:57:41.404Z",
"rationale": "Complements 'ff' trigger (inst_078). Provides on-demand visibility into framework operational metrics.",
"trigger": "As defined in original instruction",
"action": "When user types 'ffs' (Full Framework Stats), invoke framework-stats.js script to display comprehensive session statistics. Usage: node scripts/framework-stats.js. Reports: session state, token usage & checkpoints, context pressure level, instruction counts by quadrant/persistence, audit log counts by service, framework service status. Output formatted report + JSON for programmatic access.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PROJECT",
"verification_required": "OPTIONAL",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"trigger": "ffs",
"script": "scripts/framework-stats.js",
"purpose": "framework_statistics_display",
"reports": [
"session_state",
"token_usage",
"context_pressure",
"instruction_stats",
"audit_logs",
"service_status"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-24T19:57:41.404Z",
"author": "Tractatus Framework",
"session_id": "2025-10-25-ffs-trigger-implementation",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Complements 'ff' trigger (inst_078). Provides on-demand visibility into framework operational metrics."
}
},
{
"id": "inst_083",
"title": "session-init",
"category": "DOCUMENTATION",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "session-init.js MUST automatically extract and display handoff context from SESSION_CLOSEDOWN_*.md files. Prevents 27027-style pattern recognition failures where Claude skips reading handoff documents. Architectural enforcement: handoff context auto-injected into session-init output (section 1a), displaying priorities, recent work, known issues, and cleanup status. No voluntary compliance needed - information appears in context automatically.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-25T02:02:39.162Z",
"rationale": "Architectural prevention of handoff skipping. Addresses observed failure where Claude ran session-init but didn't read SESSION_CLOSEDOWN_2025-10-25.md, missing context about RESEARCH_DOCUMENTATION_PLAN.md and previous session priorities. Auto-injection makes handoff unavoidable.",
"trigger": "As defined in original instruction",
"action": "session-init.js MUST automatically extract and display handoff context from SESSION_CLOSEDOWN_*.md files. Prevents 27027-style pattern recognition failures where Claude skips reading handoff documents. Architectural enforcement: handoff context auto-injected into session-init output (section 1a), displaying priorities, recent work, known issues, and cleanup status. No voluntary compliance needed - information appears in context automatically.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.98,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"script": "scripts/session-init.js",
"section": "1a",
"handoff_pattern": "SESSION_CLOSEDOWN_*.md",
"extracted_sections": [
"priorities",
"recent_commits",
"known_issues",
"cleanup_summary"
],
"enforcement_type": "architectural"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-25T02:02:39.162Z",
"author": "Tractatus Framework",
"session_id": "2025-10-25-handoff-auto-injection",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Architectural prevention of handoff skipping. Addresses observed failure where Claude ran session-init but didn't read SESSION_CLOSEDOWN_2025-10-25.md, missing context about RESEARCH_DOCUMENTATION_PLAN.md and previous session priorities. Auto-injection makes handoff unavoidable."
}
},
{
"id": "inst_084",
"title": "NEVER expose internal implementation details in public-facing documents (conf...",
"category": "DOCUMENTATION",
"quadrant": "SYSTEM",
"persistence": "HIGH",
"description": "NEVER expose internal implementation details in public-facing documents (confidential:false). Block exact file paths, API endpoints, database schemas, port numbers, and internal URLs. Use generalized component names instead.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-26T23:04:29.425Z",
"rationale": "Prevents reconnaissance by obscuring internal architecture in public documentation. Part of defense-in-depth security strategy (inst_072).",
"trigger": "As defined in original instruction",
"action": "NEVER expose internal implementation details in public-facing documents (confidential:false). Block exact file paths, API endpoints, database schemas, port numbers, and internal URLs. Use generalized component names instead.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 1,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"security_layer": "defense_in_depth",
"enforcement": "pre_commit_hook",
"scope": "public_documents"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-26T23:04:29.425Z",
"author": "Tractatus Framework",
"session_id": "2025-10-27-attack-surface-prevention",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Prevents reconnaissance by obscuring internal architecture in public documentation. Part of defense-in-depth security strategy (inst_072)."
}
},
{
"id": "inst_085",
"title": "All public-facing content must use grounded operational language, not abstrac...",
"category": "FRAMEWORK_OPERATION",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "All public-facing content must use grounded operational language, not abstract governance theory. Avoid terms like 'comprehensive', 'holistic', 'best practices', 'ensures'. Focus on specific mechanisms and operational reality at the coalface where AI agents operate.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-28T08:00:00.000Z",
"rationale": "Tractatus culture values operational reality over abstract governance theory. This rule enforces grounded language that connects to where governance actually works or fails.",
"trigger": "As defined in original instruction",
"action": "All public-facing content must use grounded operational language, not abstract governance theory. Avoid terms like 'comprehensive', 'holistic', 'best practices', 'ensures'. Focus on specific mechanisms and operational reality at the coalface where AI agents operate.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"scope": "public_documents",
"trigger": "content_creation_or_update",
"enforcement": "pre_commit_hook",
"prohibited_abstract_terms": [
"comprehensive",
"holistic",
"best practices",
"ensures",
"guarantees",
"proven",
"complete",
"total",
"absolute"
],
"encouraged_operational_terms": [
"at the coalface",
"architectural constraints",
"blocks violations",
"prevents exposure",
"enforces boundaries"
],
"context_exceptions": {
"quoted_examples": true,
"criticism_of_other_approaches": true,
"description": "Allow prohibited terms in quotes or when critiquing other approaches"
}
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-28T08:00:00.000Z",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Tractatus culture values operational reality over abstract governance theory. This rule enforces grounded language that connects to where governance actually works or fails."
}
},
{
"id": "inst_086",
"title": "When making claims about Tractatus effectiveness or capabilities, disclose wh...",
"category": "VALUES_ALIGNMENT",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "When making claims about Tractatus effectiveness or capabilities, disclose what we know vs. what we're still validating. Avoid certainty claims without uncertainty disclosure. When discussing data collection/processing, disclose: What personal data? Why? How long? What rights?",
"context": "Migrated from v1.0. Original timestamp: 2025-10-28T08:00:00.000Z",
"rationale": "Tractatus culture values honesty over hype. We're researching at scale, not claiming proven results. Extended to include GDPR consciousness per refinements - transparent about data handling for both Tractatus itself and organizations using it.",
"trigger": "As defined in original instruction",
"action": "When making claims about Tractatus effectiveness or capabilities, disclose what we know vs. what we're still validating. Avoid certainty claims without uncertainty disclosure. When discussing data collection/processing, disclose: What personal data? Why? How long? What rights?",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"scope": "effectiveness_claims_and_data_practices",
"trigger": "capability_claims_or_data_discussion",
"enforcement": "pre_commit_hook",
"requires_disclosure": true,
"gdpr_consciousness": {
"internal": "Tractatus data handling practices",
"external": "How framework helps organizations govern AI data practices"
},
"data_disclosure_requirements": [
"what_personal_data",
"why_needed",
"retention_period",
"user_rights"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-28T08:00:00.000Z",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Tractatus culture values honesty over hype. We're researching at scale, not claiming proven results. Extended to include GDPR consciousness per refinements - transparent about data handling for both Tractatus itself and organizations using it."
}
},
{
"id": "inst_087",
"title": "Position Tractatus as 'one possible approach' not 'the solution' to AI govern...",
"category": "FRAMEWORK_OPERATION",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Position Tractatus as 'one possible approach' not 'the solution' to AI governance. Avoid exclusive positioning language like 'the answer', 'the framework', 'the only way'. Emphasize that others may have valid approaches too.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-28T08:00:00.000Z",
"rationale": "Tractatus culture values humility and value-plurality. We have one architectural approach to governing AI agents; others may work too. This reflects the core value-plural positioning - we don't claim universal solutions.",
"trigger": "As defined in original instruction",
"action": "Position Tractatus as 'one possible approach' not 'the solution' to AI governance. Avoid exclusive positioning language like 'the answer', 'the framework', 'the only way'. Emphasize that others may have valid approaches too.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"scope": "positioning_statements",
"trigger": "tractatus_positioning_or_comparison",
"enforcement": "pre_commit_hook",
"prohibited_exclusive_terms": [
"the answer",
"the solution",
"the only way",
"the framework",
"the right approach",
"the best approach"
],
"encouraged_humble_terms": [
"one possible approach",
"one architectural approach",
"an approach that could work",
"we think this could work",
"we're finding out"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-28T08:00:00.000Z",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Tractatus culture values humility and value-plurality. We have one architectural approach to governing AI agents; others may work too. This reflects the core value-plural positioning - we don't claim universal solutions."
}
},
{
"id": "inst_088",
"title": "Content should invite understanding of governance realities, not recruit to a...",
"category": "FRAMEWORK_OPERATION",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Content should invite understanding of governance realities, not recruit to a movement. Avoid recruitment language like 'join', 'movement', 'community', 'become part of'. Focus on awakening awareness to what's missing in current AI governance approaches.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-28T08:00:00.000Z",
"rationale": "Tractatus is a statement about governance realities that need to be understood, not a political faction to join. Focus on helping people see the governance mechanism gap, not recruiting them to a cause.",
"trigger": "As defined in original instruction",
"action": "Content should invite understanding of governance realities, not recruit to a movement. Avoid recruitment language like 'join', 'movement', 'community', 'become part of'. Focus on awakening awareness to what's missing in current AI governance approaches.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"scope": "calls_to_action_and_engagement",
"trigger": "audience_engagement_language",
"enforcement": "pre_commit_hook",
"prohibited_recruitment_terms": [
"join the movement",
"become part of",
"our community",
"join us",
"be part of the solution",
"movement building",
"supporting a movement"
],
"encouraged_awakening_terms": [
"understand the governance gap",
"explore one approach",
"see what's missing",
"recognize the reality",
"consider the implications"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-28T08:00:00.000Z",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Tractatus is a statement about governance realities that need to be understood, not a political faction to join. Focus on helping people see the governance mechanism gap, not recruiting them to a cause."
}
},
{
"id": "inst_089",
"title": "Emphasize architectural constraints over behavioral training/prompting as gov...",
"category": "FRAMEWORK_OPERATION",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Emphasize architectural constraints over behavioral training/prompting as governance mechanism. When mentioning training or prompting approaches, contrast with architectural constraints. Principle: 'More training prolongs the pain' - behavioral approaches are hope-based governance.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-28T08:00:00.000Z",
"rationale": "Core Tractatus culture: governance must be architectural, not behavioral. Training/prompting approaches assume compliance - architectural constraints enforce it. This distinguishes Tractatus from hope-based governance that relies on agents 'learning' to behave correctly.",
"trigger": "As defined in original instruction",
"action": "Emphasize architectural constraints over behavioral training/prompting as governance mechanism. When mentioning training or prompting approaches, contrast with architectural constraints. Principle: 'More training prolongs the pain' - behavioral approaches are hope-based governance.",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"scope": "governance_mechanism_discussion",
"trigger": "discussion_of_how_governance_works",
"enforcement": "pre_commit_hook",
"core_principle": "more_training_prolongs_the_pain",
"contrast_required": true,
"behavioral_terms_trigger_warning": [
"training",
"prompting",
"better prompts",
"improved guidelines",
"policy compliance",
"following rules"
],
"architectural_emphasis": [
"structural constraints",
"architectural enforcement",
"mechanism-based governance",
"at the coalface enforcement",
"automatic violation blocking"
],
"not_applicable_to": [
"measurement_methodology_documents",
"bi_tool_documentation",
"roi_analysis_documents"
],
"not_applicable_description": "Rule applies to documents discussing HOW governance works, not documents about measuring governance effectiveness"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-28T08:00:00.000Z",
"author": "Tractatus Framework",
"session_id": "2025-10-07-001",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Core Tractatus culture: governance must be architectural, not behavioral. Training/prompting approaches assume compliance - architectural constraints enforce it. This distinguishes Tractatus from hope-based governance that relies on agents 'learning' to behave correctly."
}
},
{
"id": "inst_090",
"title": "Six governance services must reinforce each other through mutual validation, ...",
"category": "FRAMEWORK_OPERATION",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Six governance services must reinforce each other through mutual validation, creating deep interlock rather than isolated enforcement",
"context": "Migrated from v1.0. Original timestamp: 2025-10-30T06:12:36.879Z",
"rationale": "Centers Reinforce Centers - Deep Interlock principle from Christopher Alexander",
"trigger": "As defined in original instruction",
"action": "Six governance services must reinforce each other through mutual validation, creating deep interlock rather than isolated enforcement",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.9,
"temporal_scope": "PERMANENT",
"verification_required": "REQUIRED",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"services": [
"BoundaryEnforcer",
"CrossReferenceValidator",
"MetacognitiveVerifier",
"ContextPressureMonitor",
"InstructionPersistenceClassifier",
"PluralisticDeliberationOrchestrator"
],
"principle": "deep_interlock"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-30T06:12:36.879Z",
"author": "Tractatus Framework",
"session_id": "2025-10-30-alexander-integration",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Centers Reinforce Centers - Deep Interlock principle from Christopher Alexander"
}
},
{
"id": "inst_091",
"title": "Framework changes must preserve wholeness - existing audit logs remain interp...",
"category": "FRAMEWORK_OPERATION",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Framework changes must preserve wholeness - existing audit logs remain interpretable, prior governance decisions remain valid, instruction precedents maintain authority",
"context": "Migrated from v1.0. Original timestamp: 2025-10-30T06:12:36.880Z",
"rationale": "Structure-Preserving Transformations Only - Enhance wholeness while maintaining coherence",
"trigger": "As defined in original instruction",
"action": "Framework changes must preserve wholeness - existing audit logs remain interpretable, prior governance decisions remain valid, instruction precedents maintain authority",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.95,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"principle": "structure_preserving_transformation",
"preservation_targets": [
"audit_logs",
"governance_decisions",
"instruction_precedents"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-30T06:12:36.880Z",
"author": "Tractatus Framework",
"session_id": "2025-10-30-alexander-integration",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Structure-Preserving Transformations Only - Enhance wholeness while maintaining coherence"
}
},
{
"id": "inst_092",
"title": "Governance operates on gradients (NORMAL/ELEVATED/HIGH/CRITICAL context press...",
"category": "FRAMEWORK_OPERATION",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Governance operates on gradients (NORMAL/ELEVATED/HIGH/CRITICAL context pressure, LOW/MEDIUM/HIGH persistence) rather than binary yes/no switches",
"context": "Migrated from v1.0. Original timestamp: 2025-10-30T06:12:36.880Z",
"rationale": "Gradients Over Binary Switches - Natural systems use gradients, not binary switches",
"trigger": "As defined in original instruction",
"action": "Governance operates on gradients (NORMAL/ELEVATED/HIGH/CRITICAL context pressure, LOW/MEDIUM/HIGH persistence) rather than binary yes/no switches",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.88,
"temporal_scope": "PERMANENT",
"verification_required": "REQUIRED",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"principle": "gradients_not_binary",
"examples": [
"context_pressure_levels",
"persistence_levels",
"verification_requirements"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-30T06:12:36.880Z",
"author": "Tractatus Framework",
"session_id": "2025-10-30-alexander-integration",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Gradients Over Binary Switches - Natural systems use gradients, not binary switches"
}
},
{
"id": "inst_093",
"title": "Framework evolves through real-world use and feedback, not top-down specifica...",
"category": "FRAMEWORK_OPERATION",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Framework evolves through real-world use and feedback, not top-down specification - governance grows from failures and successes, not predetermined plans",
"context": "Migrated from v1.0. Original timestamp: 2025-10-30T06:12:36.880Z",
"rationale": "Living Process Over Fixed Design - Systems grow organically through use",
"trigger": "As defined in original instruction",
"action": "Framework evolves through real-world use and feedback, not top-down specification - governance grows from failures and successes, not predetermined plans",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.85,
"temporal_scope": "PERMANENT",
"verification_required": "REQUIRED",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"principle": "living_process",
"evolution_triggers": [
"real_failures",
"audit_log_analysis",
"governance_gaps",
"user_feedback"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-30T06:12:36.880Z",
"author": "Tractatus Framework",
"session_id": "2025-10-30-alexander-integration",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Living Process Over Fixed Design - Systems grow organically through use"
}
},
{
"id": "inst_094",
"title": "Governance must be woven into AI deployment architecture, not bolted on as se...",
"category": "DEPLOYMENT",
"quadrant": "STRATEGIC",
"persistence": "HIGH",
"description": "Governance must be woven into AI deployment architecture, not bolted on as separate compliance layer - if AI can execute without governance validation, framework is separate (and will be bypassed)",
"context": "Migrated from v1.0. Original timestamp: 2025-10-30T06:12:36.880Z",
"rationale": "Not-Separateness (Framework Integration) - Deep integration, not bolt-on compliance",
"trigger": "As defined in original instruction",
"action": "Governance must be woven into AI deployment architecture, not bolted on as separate compliance layer - if AI can execute without governance validation, framework is separate (and will be bypassed)",
"validation": "Verification required before proceeding",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.93,
"temporal_scope": "PERMANENT",
"verification_required": "MANDATORY",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"principle": "not_separateness",
"integration_test": "can_ai_bypass_governance"
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-30T06:12:36.880Z",
"author": "Tractatus Framework",
"session_id": "2025-10-30-alexander-integration",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Not-Separateness (Framework Integration) - Deep integration, not bolt-on compliance"
}
},
{
"id": "inst_095",
"title": "Track all questions in both directions (User→Claude and Claude→User)",
"category": "DOCUMENTATION",
"quadrant": "OPERATIONAL",
"persistence": "HIGH",
"description": "Track all questions in both directions (User→Claude and Claude→User). At end of each interaction, verify all questions have been addressed. Issue explicit alert if question remains unanswered. Apply to terminal interactions and documentation.",
"context": "Migrated from v1.0. Original timestamp: 2025-10-30T07:44:38.563Z",
"rationale": "Question Tracking and Clarification Protocol - Prevents missed questions in busy prompts and cross-session interactions",
"trigger": "As defined in original instruction",
"action": "Track all questions in both directions (User→Claude and Claude→User). At end of each interaction, verify all questions have been addressed. Issue explicit alert if question remains unanswered. Apply to terminal interactions and documentation.",
"validation": "Best-effort validation",
"evidence": "Session handoff logs, audit trails",
"explicitness": 0.92,
"temporal_scope": "PERMANENT",
"verification_required": "REQUIRED",
"securityClassification": "INTERNAL",
"source": "FRAMEWORK",
"parameters": {
"tracking_scope": [
"terminal",
"documentation",
"plan_mode"
],
"alert_threshold": "immediate",
"question_types": [
"explicit_query",
"clarification_request",
"decision_point"
],
"exempt_patterns": [
"rhetorical_question"
]
},
"relatedInstructions": [],
"active": true,
"metadata": {
"created": "2025-10-30T07:44:38.563Z",
"author": "Tractatus Framework",
"session_id": "2025-10-30-qa-tracking",
"original_schema": "v1.0",
"migrated": "2025-11-02",
"migration_notes": "Question Tracking and Clarification Protocol - Prevents missed questions in busy prompts and cross-session interactions"
}
}
]
}
Reference in a new issue View git blame Copy permalink