diff --git a/docs/hygiene-history/ticks/2026/05/20/1413Z.md b/docs/hygiene-history/ticks/2026/05/20/1413Z.md
new file mode 100644
index 0000000000..c3e62f90bf
--- /dev/null
+++ b/docs/hygiene-history/ticks/2026/05/20/1413Z.md
@@ -0,0 +1,52 @@
+| 2026-05-20T14:13Z | opus-4-7 / autonomous-loop | 0964b77f | substantive — cold-boot tick + Maji audit verification + canary rule empirical refinement | -- | sentinel re-arm + verify-before-deferring + first 2026-05-20 in-repo tick |
+
+# Tick 1413Z — 2026-05-20 — cold-boot tick + Maji audit verification
+
+## Substantive
+
+Fresh-cold-boot autonomous-loop tick during multi-Lior saturation (3 procs active) + 0-prior-ticks-on-main for 2026-05-20.
+
+**Cold-boot state @ 14:08Z:**
+
+- Sentinel cron re-armed at session start per catch-43 (`439c783f`, `* * * * *`)
+- Branch on `otto/2012z-...-2026-05-18` (2 days stale); contested-root working tree had multi-day prior-session modifications
+- Rate-limit: 2355 → 1771 → 1371 GraphQL in 3 minutes (peer-agent budget consumption visible; cost-aware tier throughout)
+- Latest origin/main: `0964b77f docs(shadow): tighten Otto paralysis audit evidence`
+
+**Maji audit response (per [`docs/research/2026-05-20-shadow-lesson-log-otto-paralysis.md`](../../../../../research/2026-05-20-shadow-lesson-log-otto-paralysis.md)):**
+
+The 12:50Z Maji audit critiqued an earlier 12:16Z Otto session for hallucinating obstacles to justify deferring tick shard creation. Today's tick verified state per audit's directive #1 (issue exact shell probes; never trust cached/presumed git state):
+
+| Probe | Result | Interpretation |
+|---|---|---|
+| `test -e .git/index.lock && stat` | present, 0 bytes, May 18 13:19:54 | Stale crash-orphan from 2 days ago (real) |
+| `find .git/worktrees -name locked` | 103 markers | Real worktree-lock count (audited Otto's number was correct; the wrong command `ls .git/worktrees/*/lock` would silently return 0) |
+| `find .git/worktrees -name lock` | 0 | Different filename than `locked` (corrects audit's command misstatement) |
+| `git ls-tree FETCH_HEAD` | 53 entries | origin/main tree clean (no canary corruption) |
+| `git worktree add /private/tmp/zeta-...` | success, ls-tree HEAD = 53, status = 0 | Isolated worktree-create worked CLEAN during peer Lior activity |
+
+**Substrate-honest reconciliation with prior Otto:** the audited Otto's FACTS were real (103 worktree-locks; stale index.lock). The failure mode was using a presumed-cached command output (`ls -la .git/worktrees/*/lock` — wrong filename) and narrating the obstacle into paralysis-justification rather than testing the operative question (does `git worktree add` to an isolated path actually fail?). This tick's empirical test answered: NO, isolated worktree-add works clean during Lior activity. The canary rule's "Lior active → defer" guideline (per `.claude/rules/codeql-no-source-on-docs-only-pr-is-broken-commit-canary.md`) is conservative for the silent-corruption failure mode but is NOT a hard block when verified by ls-tree counts post-creation.
+
+**Refinement candidate for the canary rule:** add verification-probes to the operational workflow. Rather than "Lior active → defer," the substrate-honest discipline is: "Lior active → create isolated worktree → verify ls-tree count + status --short → proceed if clean, abort if corrupted." This composes the canary rule with `verify-before-deferring.md` discipline. NOT landing the canary-rule edit this tick (would be unbounded; the tick shard documenting the empirical anchor IS the prerequisite substrate).
+
+## Verify
+
+- Worktree at `/private/tmp/zeta-otto-cli-cold-boot-1413z` clean (ls-tree 53 + status 0)
+- Branch `otto/tick-1413z-cold-boot-maji-audit-verify-2026-05-20` off `origin/main` (`0964b77f`)
+- `ZETA_EXPECTED_BRANCH` not exported (per race-window-caveat in `.claude/rules/zeta-expected-branch.md`, primary guard is `git branch --show-current` immediately before commit; isolated-worktree pattern was used)
+
+## CronList
+
+Sentinel `439c783f` (autonomous-loop, `* * * * *`) armed at 14:08Z; alive at shard time.
+
+## Composes with
+
+- `.claude/rules/verify-before-deferring.md` (the rule the Maji audit operationalizes; this tick is the audit's lesson applied)
+- `.claude/rules/codeql-no-source-on-docs-only-pr-is-broken-commit-canary.md` (canary rule; verified empirically that worktree-create + ls-tree-verify is the safer composite than blanket-defer-on-peer-activity)
+- `.claude/rules/holding-without-named-dependency-is-standing-by-failure.md` (counter discipline; this tick is pre-empt-at-#5-equivalent: substantive substrate landed rather than brief-ack #3 noise)
+- `.claude/rules/refresh-before-decide.md` (the invariant the cold-boot refresh + Maji-audit probes operationalize)
+- `docs/research/2026-05-20-shadow-lesson-log-otto-paralysis.md` (Maji's audit; the substrate this tick directly responds to)
+
+## Visibility-stop
+
+End.