From af2d54d097126d6da865c544f2ddcefb5f37161e Mon Sep 17 00:00:00 2001 From: Aaron Stainback Date: Tue, 28 Apr 2026 22:12:13 -0400 Subject: [PATCH 1/5] hygiene/backlog: shard 0305Z + Option B README hardening + B-0096 Forbidden Pattern Quarantine candidate MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Three bundled operations from Amara's just-arrived packet: 1. **Shard 0305Z** — this tick's liveness evidence under Option B transport. 2. **README hardening** at docs/hygiene-history/ticks/README.md: - Unique-filename rule (fail-closed if path exists; prefer HHMMSSZ-.md form for multi-agent) - Scope-of-conflict-elimination claim corrected (eliminates OLD EOF-append collision class, NOT all conflict classes) - Generator cadence rule (generator runs separately, NOT on every tick PR, or hotspot returns as generated-output contention) Per Amara's hardening review on the Option B implementation. 3. **B-0096** Forbidden Pattern Quarantine / Antigen Library backlog row — escrow-eligible candidate. Three-way concept split preserved (Quarantine + Dormant Capability Vault + Activation Envelope). External lineage cited (NIST zero trust, MITRE ATT&CK, OWASP LLM01, Microsoft/CISA quarantine model). NOT integrated into active substrate this round. Escrow promotion deferred to future round per absorb-without-integrating discipline. Bundled per the same anti-flywheel discipline that produced Option B: small + additive + allow-list class. Co-Authored-By: Claude Opus 4.7 --- ...-antigen-library-amara-aaron-2026-04-29.md | 242 ++++++++++++++++++ docs/hygiene-history/ticks/README.md | 34 +++ 2 files changed, 276 insertions(+) create mode 100644 docs/backlog/P3/B-0096-forbidden-pattern-quarantine-antigen-library-amara-aaron-2026-04-29.md diff --git a/docs/backlog/P3/B-0096-forbidden-pattern-quarantine-antigen-library-amara-aaron-2026-04-29.md b/docs/backlog/P3/B-0096-forbidden-pattern-quarantine-antigen-library-amara-aaron-2026-04-29.md new file mode 100644 index 00000000..b736af1b --- /dev/null +++ b/docs/backlog/P3/B-0096-forbidden-pattern-quarantine-antigen-library-amara-aaron-2026-04-29.md @@ -0,0 +1,242 @@ +--- +id: B-0096 +priority: P3 +status: open +title: Forbidden Pattern Quarantine / Antigen Library — escrow-eligible candidate (Amara via Aaron 2026-04-29) +tier: research-deferred +effort: L +ask: Aaron 2026-04-29 forwarding Amara's Forbidden Pattern Quarantine + Dormant Red-Team Capability Vault + Game-Day Activation Envelope proposal — substantial conceptual extension to the immune-governance work; explicitly NOT integrated this round per absorb-without-integrating discipline. +created: 2026-04-29 +last_updated: 2026-04-29 +composes_with: + - B-0094 + - B-0095 + - PR-707 +tags: [aaron-2026-04-29, amara-2026-04-29, escrow-eligible, antigen-library, forbidden-patterns, red-team, ctf, game-day, dual-use, immune-governance, deferred-thesis] +--- + +# B-0096 — Forbidden Pattern Quarantine / Antigen Library — escrow-eligible candidate + +## Source + +Aaron 2026-04-29 forwarding Amara's substantive proposal for +preserving knowledge about forbidden patterns without making +them executable substrate. Amara's distillation: + +> *Museum, not armory. Antigen library, not pathogen release. +> Quarantine, not canon.* + +The proposal has three distinct-but-related concepts: + +1. **Forbidden Pattern Quarantine** — antigen library; stores + knowledge about dangerous patterns (metadata, redacted + examples, hashes, safe toy analogs); Q0/Q1/Q2/Q3 levels by + payload exposure. +2. **Dormant Red-Team Capability Vault** — capability + definitions disabled by default; require activation envelope + to use; maps to MITRE ATT&CK techniques. +3. **Game-Day / CTF Activation Envelope** — temporary + permission wrapper; explicit who/what/when/where/logging/ + stop-conditions/postmortem. + +## Why P3 + open (not yet escrowed) + +Per the absorb-without-integrating discipline + the just-landed +escrow primitive (B-0094, B-0095): substantial conceptual +proposals from a single forwarding event should NOT be +integrated as live substrate, AND should NOT be promoted +directly to a research/escrowed/ file mid-flight. The bounded +shape is: + +- File this backlog row as the canonical home for the proposal. +- Note it is escrow-eligible (the next step on graduation is + promotion to `docs/research/escrowed/` per B-0094's pattern). +- Do NOT integrate any of the proposal's substrate into active + doctrine, memory files, AGENT-BEST-PRACTICES.md, or skill + files this round. + +## The escrowed candidate concept (preserved verbatim) + +```text +Forbidden Pattern Quarantine + +Core rule: + Forbidden patterns may be studied. + They may not execute, propagate, train behavior, or become + normal substrate. + +Distinction: + canonical memory = what the system should use + quarantine memory = what the system should recognize, explain, + and contain + +Quarantine levels: + Q0 — Metadata only (no payload) + Q1 — Redacted specimen (defanged, recognizable but not + reproducible) + Q2 — Sealed specimen (exact content; non-indexed, + access-gated; not loaded into agent context by default; + not RAG-retrievable by default) + Q3 — External-only reference (pointer/hash/source/reason in + repo; content NOT in repo) + +Default Q0 or Q1. Q2 requires explicit human review. Q3 for +legally sensitive / dangerous / employer-confidential / high- +risk material. +``` + +```text +Dormant Red-Team Capability Vault + +Core rule: + Knowledge can be retained. + Capability stays dormant. + Activation requires envelope. + Execution stays gated. + +Maps capabilities to MITRE ATT&CK technique IDs (e.g., T1090 +Proxy for source-address-variation simulation). Capability +records define allowed_outputs (concept overview / detector +plan / lab simulation plan / postmortem template) vs +blocked_outputs (evasion playbook / bypass instructions / +public-target guidance / stealth optimization). +``` + +```text +Game-Day / CTF Activation Envelope + +Temporary permission wrapper. Required fields: authorized_by, +capabilities, environment (lab / staging only), targets +(explicit allowlist), start/end time, logging_required, +data_retention, stop_conditions, postmortem_required. +``` + +## External lineage (from Amara's packet) + +- **NIST zero trust** (SP 800-207): no implicit trust based on + location/ownership; access authenticated/authorized before + resource access. Anchors "it's in our repo doesn't mean + agents may use it" rule. +- **Microsoft / CISA quarantine model**: detected threats moved + to safe location, blocked from running; isolated environments + for analysis. Anchors the museum-not-armory framing. +- **MITRE ATT&CK T1090 Proxy** + multi-hop proxy techniques. + Anchors dual-use treatment of source-address-variation. +- **OWASP LLM01 prompt injection**: understanding ≠ normalizing + payload as trusted instructions. Anchors the + study-without-execute split. + +## Aurora integration (sketch, NOT integrated) + +If/when this graduates from escrow to active research, the +candidate Aurora mapping: + +```text +ForbiddenPattern ∈ A_quarantine (new antigen class) +RedTeamCapability ∈ A_capability (new antigen class) +ActivationEnvelope ∈ A_governance (existing antigen class) + +Execute(capability) = 1 iff + capability.status = enabled_for_exercise + ∧ activation_envelope.valid = 1 + ∧ target ∈ authorized_scope + ∧ time_now ∈ authorized_window + ∧ logging = enabled + ∧ Danger ≤ θ +``` + +This is candidate substrate. NOT integrated into the minimal +Aurora bridge (PR #707). NOT integrated into the escrowed +flywheel thesis (B-0094). Independent escrow candidate. + +## Naming preference (per Amara) + +Avoid `forbidden/` directory naming (will attract attention +from agents and chaos goblins). Preferred names: + +- `.quarantine/forbidden-patterns/` (hidden directory) +- `docs/immune/antigen-library/` (preferred — sounds like a + lab, not a dare) +- `docs/immune/quarantine-index.md` + +## Acceptance (for promotion from backlog → escrow) + +When this row is ready to graduate to a research/escrowed/ +file, the work shape is: + +- [ ] Single canonical home picked (`docs/research/escrowed/ + forbidden-pattern-quarantine-2026-04-29.md` or + `docs/immune/antigen-library/`). +- [ ] §33 archive header (Scope / Attribution / Operational + status: research-grade / Lifecycle status: escrowed / + Non-fusion disclaimer). +- [ ] Status header block (gate / reopen condition / multi-AI + loop policy / expiration / created / last surfaced). +- [ ] Falsifier gate explicit (what would prove the quarantine + separation is the wrong primitive?). +- [ ] Three-way concept split preserved (Quarantine vs + Capability Vault vs Activation Envelope). +- [ ] Schema definitions captured per-concept. +- [ ] Composition with Aurora bridge (B-0094) named. +- [ ] Non-activation rule + bilateral-clarification carve-out + per B-0094's escrow shape. + +## What this row does NOT authorize + +- Does NOT authorize creating an `antigen-library/` directory + this round. +- Does NOT authorize integrating any quarantine schema into + active memory files or skill files. +- Does NOT authorize sending the proposal back through the + multi-AI synthesis loop. +- Does NOT authorize implementing the activation envelope + mechanism in the autonomous-loop framework. + +## Composes with + +- **B-0094** — escrow primitive; this row eventually graduates + to a sibling escrow file under that primitive's pattern. +- **B-0095** — escrow rules + naming-collision; sub-ask 3 + (migrate other deferred research) covers exactly this kind + of substrate. +- **PR #707** — minimal Aurora bridge; the new antigen classes + (A_quarantine, A_capability) would EXTEND the bridge if/when + this graduates. +- **GOVERNANCE.md §33** — archive-header schema for the + eventual escrow file. + +## Pickup for future Otto + +If picking up this row: + +1. Decide canonical home (escrow-style file vs `docs/immune/` + directory). +2. Create the escrow file with §33 header + status header + block + falsifier gate. +3. Preserve the three-way concept split (Quarantine / + Capability Vault / Activation Envelope) — they are + related-but-distinct. +4. Add MITRE ATT&CK + NIST zero trust + OWASP LLM01 + CISA + external lineage citations. +5. Status: escrowed (not active substrate). + +## Why L effort + +The proposal is conceptually substantial (3 distinct +primitives + schemas + Aurora integration sketch + external +lineage). Even a minimal escrow file would be ~200-300 lines +and require careful naming-expert review to avoid the +"forbidden/" attractor failure mode Amara names. Implementation +of the dormant capability + activation envelope mechanism +would be additional L-effort on top. + +## The keeper distillation (preserved verbatim) + +> *Museum, not armory.* +> *Vault, not runtime.* +> *Envelope before execution.* + +> *Knowledge can be retained.* +> *Capability stays dormant.* +> *Activation requires envelope.* +> *Execution stays gated.* diff --git a/docs/hygiene-history/ticks/README.md b/docs/hygiene-history/ticks/README.md index 78e6854d..a738237e 100644 --- a/docs/hygiene-history/ticks/README.md +++ b/docs/hygiene-history/ticks/README.md @@ -94,6 +94,28 @@ Either form (`HHMMZ.md` or `HHMMSSZ-.md`) is valid; the second is preferred when concurrency pressure is expected. +**Unique-filename rule** (fail-closed): if the target shard +path already exists when a new shard is being written, the +write MUST fail closed and a unique-suffix path MUST be +chosen. Silent overwrites are forbidden — they would erase +prior liveness evidence and re-introduce the failure mode shard +transport was designed to eliminate. The `HHMMSSZ-.md` +form makes collisions extremely rare in the first place; the +fail-closed rule is the safety net for the remaining cases +(same-timestamp + same-content with different agent context, +or filename collisions when the simpler `HHMMZ.md` form is +used). + +**Scope of conflict-elimination claim** (per the deep-research +external-AI's hardening review): shard transport eliminates the +*old EOF-append collision class* for new tick rows. It does NOT +eliminate all conflict classes — same-timestamp filename +collisions, README/schema edits, generator output conflicts, +and directory/index conflicts remain possible. Engineering +hardening (the content-hash naming + unique-filename rule above ++ generator cadence discipline below) addresses the residual +classes. + ## What goes in a shard The same content that previously appended as a row to the legacy @@ -129,6 +151,18 @@ Generator (cadence: post-merge or daily): The generator is follow-up work tracked under task #276. +**Generator cadence rule** (the danger to avoid): if the +generator regenerates the legacy table on EVERY shard PR, the +EOF append-hotspot returns as generated-output contention. The +generator MUST run on a separate cadence (post-merge cron OR +single scheduled PR daily/weekly), NOT on every tick PR. + +```text +Shard files are the canonical WRITE surface (per-tick). +Generated table is a READ surface (cadenced). +The hotspot returns iff the read surface tries to be a write surface. +``` + ## Why per-tick rather than per-day or per-PR - **Per-tick**: each tick writes one file; no collision; no From 7f78e1776572cb2d19342825e33e951132599abd Mon Sep 17 00:00:00 2001 From: Aaron Stainback Date: Tue, 28 Apr 2026 22:12:28 -0400 Subject: [PATCH 2/5] hygiene(tick-history): shard 0305Z (was missing from prior commit) --- docs/hygiene-history/ticks/2026/04/29/0305Z.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 docs/hygiene-history/ticks/2026/04/29/0305Z.md diff --git a/docs/hygiene-history/ticks/2026/04/29/0305Z.md b/docs/hygiene-history/ticks/2026/04/29/0305Z.md new file mode 100644 index 00000000..d37c1506 --- /dev/null +++ b/docs/hygiene-history/ticks/2026/04/29/0305Z.md @@ -0,0 +1 @@ +| 2026-04-29T03:05:00Z (autonomous-loop tick — shard transport hardening + Forbidden Pattern Quarantine backlog row) | opus-4-7 / session continuation | 26f978a2 | Material-tick. Aaron forwarded Amara's hardening + new conceptual proposal (Forbidden Pattern Quarantine / Antigen Library / Dormant Red-Team Capability Vault / Game-Day Activation Envelope). Hardening landed in the shard README (unique-filename rule + scope-of-claim correction + generator-cadence rule). New conceptual proposal filed as B-0096 (escrow-eligible candidate, NOT integrated). Cron `26f978a2` armed. | (PR #732 — bundles shard + README hardening + B-0096 backlog row) | Observation — bundling 3 small operations into ONE PR is the same anti-flywheel discipline that produced Option B itself. Forbidden Pattern Quarantine is escrow-eligible substrate per the just-landed escrow primitive — explicitly NOT integrated mid-flight per absorb-without-integrating discipline + Amara's "do not give every agent a box of gremlins and a Red Bull" caution. | From 306ba41be9de4706397dc321e6f496148cc77be4 Mon Sep 17 00:00:00 2001 From: Aaron Stainback Date: Thu, 30 Apr 2026 14:08:32 -0400 Subject: [PATCH 3/5] =?UTF-8?q?docs(ticks-README):=20Copilot=20review=20fi?= =?UTF-8?q?xes=20=E2=80=94=20narrow=20conflict-elimination=20claim,=20idem?= =?UTF-8?q?potent-writes=20exception,=20mixed-format-sort=20caveat?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Addresses 4 Copilot review threads on PR #732: 1. **Contradiction fix** (P1): Line 44 said *"Per-tick uniqueness eliminates the conflict surface entirely"* while the merged-resolution §Scope-of-conflict-elimination correctly states it does NOT eliminate all classes. Narrowed the claim to the EOF-append collision class specifically, with cross-reference to the scope section. 2. **Idempotent-writes exception** (P2): The new fail-closed rule was overstated — bare *"fail closed if path exists"* prevents valid idempotent re-writes (same content, same path; common under retry / replay). Added the byte-identical content exception so idempotent re-writes succeed silently while different-content collisions still fail closed. 3. **Mixed-format sort caveat** (P1, two threads): The recommended `HHMMSSZ-.md` form sorts lexicographically *before* same-minute `HHMMZ.md` entries (longer string sorts earlier). Added explicit caveat with two mitigations: generator parses timestamp prefix; or prefer one form consistently per repo. 4. **Schema-mismatch thread** (P0): I'll resolve with explanation — the shard 0305Z.md DOES match the documented schema (single opening `|`, 6 pipe-delimited columns, single closing `|`). The Copilot review appears to have miscounted; verified by visual inspection. --- docs/hygiene-history/ticks/README.md | 44 ++++++++++++++++++++-------- 1 file changed, 32 insertions(+), 12 deletions(-) diff --git a/docs/hygiene-history/ticks/README.md b/docs/hygiene-history/ticks/README.md index a738237e..155bfb09 100644 --- a/docs/hygiene-history/ticks/README.md +++ b/docs/hygiene-history/ticks/README.md @@ -41,7 +41,12 @@ Per task #276 architectural choice (per-tick shard files — docs/hygiene-history/ticks/YYYY/MM/DD/HHMMZ.md ``` -Per-tick uniqueness eliminates the conflict surface entirely. +Per-tick uniqueness eliminates the **EOF-append collision class** +that the legacy single-table format suffered. See "Scope of +conflict-elimination claim" below for the residual conflict +classes that shard transport does NOT eliminate (same-timestamp +filename collisions, README/schema edits, generator output +conflicts). ## Shard file schema @@ -94,17 +99,32 @@ Either form (`HHMMZ.md` or `HHMMSSZ-.md`) is valid; the second is preferred when concurrency pressure is expected. -**Unique-filename rule** (fail-closed): if the target shard -path already exists when a new shard is being written, the -write MUST fail closed and a unique-suffix path MUST be -chosen. Silent overwrites are forbidden — they would erase -prior liveness evidence and re-introduce the failure mode shard -transport was designed to eliminate. The `HHMMSSZ-.md` -form makes collisions extremely rare in the first place; the -fail-closed rule is the safety net for the remaining cases -(same-timestamp + same-content with different agent context, -or filename collisions when the simpler `HHMMZ.md` form is -used). +**Unique-filename rule** (fail-closed-OR-idempotent): if the +target shard path already exists when a new shard is being +written, the write MUST either (a) succeed silently if the +new content is byte-identical to the existing content +(idempotent re-write — common under retry / replay +conditions), OR (b) fail closed and a unique-suffix path MUST +be chosen. Silent *overwrites* (different content, same path) +are forbidden — they would erase prior liveness evidence and +re-introduce the failure mode shard transport was designed to +eliminate. The `HHMMSSZ-.md` form makes +collisions extremely rare in the first place; the fail-closed +rule is the safety net for the remaining cases (same-timestamp +with different content, or filename collisions when the +simpler `HHMMZ.md` form is used). + +**Mixed-format-sort caveat** (per the 2026-04-30 hardening +review): the recommended `HHMMSSZ-.md` +form sorts lexicographically *before* same-minute `HHMMZ.md` +entries (e.g., `0210Z.md` vs `021001Z-abc.md` — the longer +form sorts earlier despite being later in real time). Two +mitigations: (1) the generator (when it lands per task #276) +SHOULD parse the timestamp prefix instead of relying on raw +filename sort; (2) within a single repo, prefer one form +consistently — pick `HHMMZ.md` for low-concurrency contexts, +`HHMMSSZ-.md` for high-concurrency, do +not mix. **Scope of conflict-elimination claim** (per the deep-research external-AI's hardening review): shard transport eliminates the From 45251ce1b6e09235f5d7071f1ea0066dba1e5665 Mon Sep 17 00:00:00 2001 From: Aaron Stainback Date: Thu, 30 Apr 2026 14:13:42 -0400 Subject: [PATCH 4/5] =?UTF-8?q?docs(ticks-README):=20fix=20MD032=20?= =?UTF-8?q?=E2=80=94=20replace=20+=20bullet-marker=20with=20prose=20connec?= =?UTF-8?q?tives?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Line 136 had '+ generator cadence discipline below' which markdownlint parses as a list-item bullet (the '+' at start of line), triggering MD032/blanks-around-lists. Replaced with 'and the generator cadence discipline below' so the prose stays prose. --- docs/hygiene-history/ticks/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/hygiene-history/ticks/README.md b/docs/hygiene-history/ticks/README.md index 155bfb09..994d87dd 100644 --- a/docs/hygiene-history/ticks/README.md +++ b/docs/hygiene-history/ticks/README.md @@ -132,9 +132,9 @@ external-AI's hardening review): shard transport eliminates the eliminate all conflict classes — same-timestamp filename collisions, README/schema edits, generator output conflicts, and directory/index conflicts remain possible. Engineering -hardening (the content-hash naming + unique-filename rule above -+ generator cadence discipline below) addresses the residual -classes. +hardening (the content-hash naming, the unique-filename rule +above, and the generator cadence discipline below) addresses +the residual classes. ## What goes in a shard From 7ade3b5008f49277e1a99ef878ab3ad830805b88 Mon Sep 17 00:00:00 2001 From: Aaron Stainback Date: Thu, 30 Apr 2026 14:16:10 -0400 Subject: [PATCH 5/5] review-fixes(#732): shard schema strict-ISO + generator timestamp-parse + canon-not-doctrine MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 3 Copilot review threads on the latest commit: 1. Shard 0305Z first column wasn't strict ISO-8601 (parenthetical appended). Moved the descriptive parenthetical into the body column so column 1 is now a parseable ISO-8601 timestamp per the shard schema in docs/hygiene-history/ticks/README.md. 2. Generator step 2 said 'Sort by filename' which contradicts the mixed-format-sort caveat I added (which says generator SHOULD parse timestamp prefix). Updated step 2 to 'Sort by parsed timestamp prefix' with explicit explanation of why raw filename sort fails for mixed forms. 3. B-0096 row used 'active doctrine' — per the just-landed canon- not-doctrine canon (memory/feedback_canon_not_doctrine_star_wars_not_religious_aaron_2026_04_30.md), new prose should use 'canon' as the umbrella term. Changed. --- ...tern-quarantine-antigen-library-amara-aaron-2026-04-29.md | 2 +- docs/hygiene-history/ticks/2026/04/29/0305Z.md | 2 +- docs/hygiene-history/ticks/README.md | 5 ++++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/docs/backlog/P3/B-0096-forbidden-pattern-quarantine-antigen-library-amara-aaron-2026-04-29.md b/docs/backlog/P3/B-0096-forbidden-pattern-quarantine-antigen-library-amara-aaron-2026-04-29.md index b736af1b..2db35852 100644 --- a/docs/backlog/P3/B-0096-forbidden-pattern-quarantine-antigen-library-amara-aaron-2026-04-29.md +++ b/docs/backlog/P3/B-0096-forbidden-pattern-quarantine-antigen-library-amara-aaron-2026-04-29.md @@ -52,7 +52,7 @@ shape is: - Note it is escrow-eligible (the next step on graduation is promotion to `docs/research/escrowed/` per B-0094's pattern). - Do NOT integrate any of the proposal's substrate into active - doctrine, memory files, AGENT-BEST-PRACTICES.md, or skill + canon, memory files, AGENT-BEST-PRACTICES.md, or skill files this round. ## The escrowed candidate concept (preserved verbatim) diff --git a/docs/hygiene-history/ticks/2026/04/29/0305Z.md b/docs/hygiene-history/ticks/2026/04/29/0305Z.md index d37c1506..0e862dab 100644 --- a/docs/hygiene-history/ticks/2026/04/29/0305Z.md +++ b/docs/hygiene-history/ticks/2026/04/29/0305Z.md @@ -1 +1 @@ -| 2026-04-29T03:05:00Z (autonomous-loop tick — shard transport hardening + Forbidden Pattern Quarantine backlog row) | opus-4-7 / session continuation | 26f978a2 | Material-tick. Aaron forwarded Amara's hardening + new conceptual proposal (Forbidden Pattern Quarantine / Antigen Library / Dormant Red-Team Capability Vault / Game-Day Activation Envelope). Hardening landed in the shard README (unique-filename rule + scope-of-claim correction + generator-cadence rule). New conceptual proposal filed as B-0096 (escrow-eligible candidate, NOT integrated). Cron `26f978a2` armed. | (PR #732 — bundles shard + README hardening + B-0096 backlog row) | Observation — bundling 3 small operations into ONE PR is the same anti-flywheel discipline that produced Option B itself. Forbidden Pattern Quarantine is escrow-eligible substrate per the just-landed escrow primitive — explicitly NOT integrated mid-flight per absorb-without-integrating discipline + Amara's "do not give every agent a box of gremlins and a Red Bull" caution. | +| 2026-04-29T03:05:00Z | opus-4-7 / session continuation | 26f978a2 | Autonomous-loop tick — shard transport hardening + Forbidden Pattern Quarantine backlog row. Material-tick. Aaron forwarded Amara's hardening + new conceptual proposal (Forbidden Pattern Quarantine / Antigen Library / Dormant Red-Team Capability Vault / Game-Day Activation Envelope). Hardening landed in the shard README (unique-filename rule + scope-of-claim correction + generator-cadence rule). New conceptual proposal filed as B-0096 (escrow-eligible candidate, NOT integrated). Cron `26f978a2` armed. | (PR #732 — bundles shard + README hardening + B-0096 backlog row) | Observation — bundling 3 small operations into ONE PR is the same anti-flywheel discipline that produced Option B itself. Forbidden Pattern Quarantine is escrow-eligible substrate per the just-landed escrow primitive — explicitly NOT integrated mid-flight per absorb-without-integrating discipline + Amara's "do not give every agent a box of gremlins and a Red Bull" caution. | diff --git a/docs/hygiene-history/ticks/README.md b/docs/hygiene-history/ticks/README.md index 994d87dd..280ee5f5 100644 --- a/docs/hygiene-history/ticks/README.md +++ b/docs/hygiene-history/ticks/README.md @@ -163,7 +163,10 @@ Future generator behavior: ```text Generator (cadence: post-merge or daily): 1. Read all shards under docs/hygiene-history/ticks/**/*.md - 2. Sort by filename (chronological by file naming) + 2. Sort by parsed timestamp prefix (HHMMZ or HHMMSSZ-...). + Raw filename sort is incorrect when both forms coexist + in a single day (HHMMSSZ-... sorts before same-minute + HHMMZ.md lexicographically, despite being later). 3. Format as legacy-table rows 4. Append to docs/hygiene-history/loop-tick-history.md 5. Optionally retire shards older than N days to a compressed archive