tractatus/docs/ENFORCEMENT_AUDIT.md

# Governance Enforcement Audit

## Problem Statement
Claude missed "ffs" trigger (inst_082) and token checkpoint monitoring (inst_075) despite both being active HIGH persistence instructions. This reveals a **voluntary compliance failure pattern**.

## Root Cause
Instructions marked MANDATORY but lacking architectural enforcement mechanisms rely on voluntary compliance, which fails under cognitive load or context pressure.

## Enforcement Analysis: 54 HIGH Persistence Instructions

### ✅ ALREADY ENFORCED (8 instructions)
These have architectural hooks/scripts that BLOCK or ALERT automatically:

1. **inst_038**: Pre-action checks → `.claude/hooks/framework-audit-hook.js`
2. **inst_065**: Session initialization → `scripts/session-init.js` (mandatory)
3. **inst_070**: Secret detection → Git pre-commit hook (if installed)
4. **inst_071**: Pre-deployment checklist → Partially automated
5. **inst_075**: Token checkpoints → `.claude/hooks/check-token-checkpoint.js` ✨ NEW
6. **inst_077**: Session closedown → `scripts/session-closedown.js`
7. **inst_078**: "ff" trigger → `.claude/hooks/trigger-word-checker.js` ✨ NEW
8. **inst_082**: "ffs" trigger → `.claude/hooks/trigger-word-checker.js` ✨ NEW

### ⚠️  NEEDS ENFORCEMENT (12 critical instructions)

#### **HIGH PRIORITY - Implement Now**

**inst_027**: NEVER modify instruction-history.json without approval
- **Risk**: HIGH - Could corrupt governance system
- **Enforcement**: PreToolUse hook to block Write/Edit on .claude/instruction-history.json
- **Implementation**: Add to existing framework-audit-hook.js

**inst_064**: Framework components MUST be actively used
- **Risk**: HIGH - Framework fade = governance collapse
- **Enforcement**: session-state.json tracking + periodic verification
- **Implementation**: Add activity report to session-init output

**inst_066**: Conventional commit format required
- **Risk**: MEDIUM - Makes git history hard to parse
- **Enforcement**: Git commit-msg hook to validate format
- **Implementation**: Create .git/hooks/commit-msg

**inst_068**: Test requirements before commits/deployments
- **Risk**: HIGH - Broken code reaches production
- **Enforcement**: Pre-commit hook to run relevant tests
- **Implementation**: Add to git pre-commit hook

**inst_023**: Background process management required
- **Risk**: MEDIUM - Orphaned processes waste resources
- **Enforcement**: Track spawned processes in session-state.json
- **Implementation**: Hook on Bash tool with run_in_background=true

**inst_046**: Security events MUST be logged
- **Risk**: HIGH - Undetected attacks
- **Enforcement**: Audit log verification in pre-deployment checklist
- **Implementation**: Add automated check to deployment script

#### **MEDIUM PRIORITY - Implement Later**

**inst_040**: "all" command verification (needs workflow enforcement)
**inst_056**: Batch operation validation (needs workflow tracking)
**inst_019**: ContextPressureMonitor must account for total context (already doing this)

### 📋 INFORMATIONAL/GUIDELINES (34 instructions)
These provide context, standards, or principles that don't require automated enforcement:

- **SYSTEM quadrant** (9): Database ports, CSP rules, security standards, credential handling
- **STRATEGIC quadrant** (17): Quality standards, approval requirements, values principles, architectural guidance
- **OPERATIONAL quadrant** (8): Best practices, deployment procedures, file management

These are enforced through:
- Code review
- Human approval gates (inst_005)
- Documentation and training
- Framework service checks (BoundaryEnforcer, CrossReferenceValidator)

## Enforcement Tiers

### Tier 1: Architectural Blocks (MANDATORY)
Cannot proceed without compliance. Examples:
- session-init.js blocks without local server
- Pre-action hooks block dangerous operations
- Secret detection prevents commits with credentials

### Tier 2: Architectural Alerts (CRITICAL)
Warns immediately but allows override with explicit approval. Examples:
- Token checkpoint warnings
- Trigger word reminders
- CSP compliance notifications

### Tier 3: Audit Trails (MONITORING)
Logs violations for review but doesn't block. Examples:
- Framework component usage tracking
- Security event logging
- Background process inventory

### Tier 4: Human Gates (APPROVAL)
Requires explicit human decision. Examples:
- Architectural changes (inst_005)
- Values-sensitive content (BoundaryEnforcer)
- Production deployments (inst_071)

## Implementation Priority Queue

### Immediate (This Session)
1. ✅ Token checkpoint monitoring hook
2. ✅ Trigger word detection hook
3. ⏳ instruction-history.json write protection
4. ⏳ Framework activity verification
5. ⏳ Conventional commit format hook

### Next Session
6. Test requirement enforcement (pre-commit)
7. Background process tracking
8. Security event audit verification
9. Batch operation workflow tracking

### Ongoing
10. Continuous monitoring of framework fade
11. Periodic enforcement effectiveness review
12. New instruction classification and enforcement design

## Meta-Enforcement System

Create `scripts/audit-enforcement.js` that:
1. Scans all HIGH persistence instructions
2. Identifies those with MUST/NEVER/MANDATORY language
3. Checks if corresponding enforcement mechanism exists
4. Alerts when new imperative instructions lack enforcement
5. Generates enforcement gap report

Run automatically:
- At session start (via session-init.js)
- When instruction-history.json changes
- On demand via "ffs" or dedicated trigger

## Philosophy
**"If it's MANDATORY, it must be ENFORCED architecturally, not documented."**

Voluntary compliance works under ideal conditions but fails under:
- Cognitive load (complex multi-step tasks)
- Context pressure (approaching token limits)
- Auto-compact recovery (instruction injection timing)
- Session handoffs (knowledge discontinuity)

Architectural enforcement (hooks, scripts, blocks) is reliable regardless of conditions.

---
**Created**: 2025-10-25
**Trigger**: Missed "ffs" code word recognition
**Outcome**: Systematic enforcement architecture design