diff --git a/docs/pr-discussions/PR-0844-ops-0-0-0-post-reset-cleanup-stale-prose-fixes-protection-co.md b/docs/pr-discussions/PR-0844-ops-0-0-0-post-reset-cleanup-stale-prose-fixes-protection-co.md
new file mode 100644
index 00000000..48aa96f1
--- /dev/null
+++ b/docs/pr-discussions/PR-0844-ops-0-0-0-post-reset-cleanup-stale-prose-fixes-protection-co.md
@@ -0,0 +1,193 @@
+---
+pr_number: 844
+title: "ops(0-0-0): post-reset cleanup \u2014 stale-prose fixes + protection-config memory"
+author: "AceHack"
+state: "CLOSED"
+created_at: "2026-04-29T14:14:41Z"
+closed_at: "2026-04-29T14:18:52Z"
+head_ref: "post-0-0-0-cleanup-2026-04-29"
+base_ref: "main"
+archived_at: "2026-04-29T14:30:11Z"
+archive_tool: "tools/pr-preservation/archive-pr.sh"
+---
+
+# PR #844: ops(0-0-0): post-reset cleanup — stale-prose fixes + protection-config memory
+
+## PR description
+
+## Summary
+
+The small in-lane cleanup PR Amara prescribed after 0/0/0 was reached. Two scoped changes:
+
+1. **Stale-prose fixes in `docs/active-trajectory.md`** — flip post-reset contradicting language to in-force 0/0/0-achieved language
+2. **Protection-config memory** — document the dual-layer surprise + Aaron's "delete legacy, rulesets canonical" decision
+
+## 🎯 0/0/0 ACHIEVED 2026-04-29T14:04:50Z
+
+```
+AceHack/main = LFG/main = 621aae082d70fcbf36931718ecf1b6d9e149295f
+Topology:    0 ahead, 0 behind, 0 file content diff
+Archive ref: archive/acehack-main-pre-000-reset-2026-04-29 → 6755081... (preserved)
+Layers:      legacy DELETED (per Aaron); rulesets re-enabled
+```
+
+## Stale-prose fixes (Amara substrate-pass catch)
+
+Two paragraphs flipped from pre-reset state to in-force post-reset state:
+- Line 221: *"Currently NOT signoff-eligible"* → *"0/0/0 ACHIEVED 2026-04-29T14:04:50Z..."*
+- Line 413: *"Hard-reset is NOT YET signoff-eligible"* → *"Hard-reset complete (2026-04-29T14:04:50Z)..."*
+
+This is **Derived-Rollup Drift** class — primary state changed, downstream prose still claims old state. Caught pre-commit by Amara's substrate pass; not a Codex/Copilot retry.
+
+## Protection-config memory
+
+`memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md`:
+
+- AceHack/Zeta had BOTH legacy branch protection AND repository rulesets on `main`
+- Both layers enforced independently; GitHub UI doesn't surface dual-layer state
+- Aaron: *"I knew there were two but I was confused why."*
+- Maintainer call: legacy DELETED, rulesets canonical going forward
+- Error-code mapping: `GH013` = rulesets surface, `GH006` = legacy surface
+- Diagnostic script (`gh api` commands) for future audits
+- Future-protocol note: rulesets `non_fast_forward` rule still doesn't match CLAUDE.md's *"force-push to AceHack main is part of protocol"* — task #305 home for that decision
+
+`MEMORY.md` index updated with one-line pointer.
+
+## Tick shard 1410Z
+
+Records the entire 0/0/0 hard-reset arc:
+- Triple-check buddy review (Amara approved meaningful-content-loss-free)
+- Verify-only gate packet (5/5 PASS at 13:39Z)
+- Aaron's explicit EXECUTE at 13:58Z
+- Steps A/B/C with the dual-layer surprise + recovery
+- Path 1 v3 success at 14:04:50Z
+
+## What this PR does NOT do (per Amara's lane discipline)
+
+- ❌ Does NOT start the recovery lane (inventory parked at `/tmp/recovery-inventory-2026-04-29.tsv`, awaits Amara's classification framework which just landed)
+- ❌ Does NOT consolidate the 8 deferred-queue rule candidates (P1 work, post-0/0/0-success-trigger satisfied but lane discipline says one cleanup PR first)
+- ❌ Does NOT touch Aurora extension (P2)
+- ❌ Does NOT mutate any branches/worktrees/stashes (Aaron's authority for irreversible)
+
+## Authority boundary going forward (per Amara post-reset packet)
+
+```
+Reversible + in-lane + PR-reviewed → proceed autonomously
+Irreversible / deletion / force-push / authority config / identity canon → ask Aaron
+Unclear → stop, report exact uncertainty, propose one safe action
+```
+
+## Test plan
+
+- [x] Stale "Currently NOT signoff-eligible" → in-force 0/0/0-achieved language
+- [x] Stale "Hard-reset is NOT YET signoff-eligible" → "Hard-reset complete" language
+- [x] Memory file written + MEMORY.md index updated
+- [x] Tick shard 1410Z appended
+- [x] No new ledger headline introduced (273/0/0 doesn't need to flip — it's the final state)
+- [ ] CI green
+- [ ] Codex / Copilot reviews resolved if any threads land
+
+🤖 Generated with [Claude Code](https://claude.com/claude-code)
+
+## Reviews
+
+### COMMENTED — @chatgpt-codex-connector (2026-04-29T14:16:32Z)
+
+
+### 💡 Codex Review
+
+Here are some automated review suggestions for this pull request.
+
+**Reviewed commit:** `8630c28e57`
+
+
+<details> <summary>ℹ️ About Codex in GitHub</summary>
+<br/>
+
+[Your team has set up Codex to review pull requests in this repo](https://chatgpt.com/codex/cloud/settings/general). Reviews are triggered when you
+- Open a pull request for review
+- Mark a draft as ready
+- Comment "@codex review".
+
+If Codex has suggestions, it will comment; otherwise it will react with 👍.
+
+
+Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
+
+</details>
+
+### COMMENTED — @copilot-pull-request-reviewer (2026-04-29T14:19:29Z)
+
+## Pull request overview
+
+Post-0/0/0 cleanup to align durable docs/memory with the now-in-force hard-reset state and to capture the branch-protection dual-layer incident for future debugging.
+
+**Changes:**
+- Updates `docs/active-trajectory.md` to reflect that the 0/0/0 hard-reset is complete (replacing stale “not signoff-eligible” prose).
+- Adds a new memory entry documenting the dual-layer (rulesets + legacy branch protection) enforcement surprise and the chosen canonical surface going forward.
+- Updates the memory index and appends a tick shard recording the reset arc and this cleanup PR.
+
+### Reviewed changes
+
+Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.
+
+| File | Description |
+| ---- | ----------- |
+| `memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md` | New memory capturing the GH013/GH006 dual-layer behavior, decision, and diagnostics. |
+| `memory/MEMORY.md` | Adds an index entry pointing to the new protection-config memory. |
+| `docs/hygiene-history/ticks/2026/04/29/1410Z.md` | New tick shard recording the 0/0/0 achievement and follow-on cleanup PR. |
+| `docs/active-trajectory.md` | Flips two stale paragraphs to reflect the achieved post-reset state. |
+
+## Review threads
+
+### Thread 1: memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md:40 (resolved)
+
+**@chatgpt-codex-connector** (2026-04-29T14:16:33Z):
+
+**<sub><sub>![P2 Badge](https://img.shields.io/badge/P2-yellow?style=flat)</sub></sub>  Use supported gh api request-body syntax**
+
+The `Executed` commands document `gh api ... --input '{"enforcement": "disabled"}'`, but `gh api` treats `--input` as a file argument (manual: `--input <file>`, use `-` for stdin), so this form is interpreted as a filename and is not reproducible as written. Because this memory file is positioned as an operational reference for future protection toggles, the current command text can cause failed retries during incident handling; use a real file/stdin body or field flags instead.
+
+Useful? React with 👍 / 👎.
+
+### Thread 2: memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md:42 (unresolved)
+
+**@copilot-pull-request-reviewer** (2026-04-29T14:19:27Z):
+
+The `gh api ... --input '{"enforcement": ...}'` invocations won’t work as written: `gh api --input` expects a file path (or stdin via `--input -`), not an inline JSON string. Use `-f enforcement=...`/`-F enforcement=...`, or pass JSON via stdin (e.g., `--input -`) so this is copy/paste-correct for future audits.
+
+### Thread 3: memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md:43 (unresolved)
+
+**@copilot-pull-request-reviewer** (2026-04-29T14:19:28Z):
+
+The step list appears internally inconsistent: the earlier GH006 rejection indicates legacy branch protection was active, but the subsequent `gh api -X DELETE .../branches/main/protection` line claims a 404 "Branch not protected" response (which typically means there was no classic protection to delete). To keep this memory reliable, please reconcile this (e.g., clarify an intermediate UI/API change, confirm the endpoint/repo/branch used, or update the recorded responses).
+```suggestion
+# Delete legacy branch protection (this removed the GH006 blocker)
+gh api -X DELETE repos/AceHack/Zeta/branches/main/protection
+# → 204 No Content
+```
+
+### Thread 4: memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md:82 (unresolved)
+
+**@copilot-pull-request-reviewer** (2026-04-29T14:19:28Z):
+
+References to “Task #305” here are ambiguous in-repo (this repo already has a PR #305, and backlog rows use `B-####` IDs under `docs/backlog/**`). Consider replacing “Task #305”/“#305-adjacent” with the actual backlog-row ID (if any) or a direct URL so readers don’t chase the wrong artifact.
+
+### Thread 5: memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md:18 (unresolved)
+
+**@copilot-pull-request-reviewer** (2026-04-29T14:19:28Z):
+
+Minor wording nit: “the only rulesets ruleset” reads like a duplication. Consider rephrasing to “the only ruleset” / “the only rulesets entry” for clarity.
+```suggestion
+After disabling the only ruleset (id=15524390 "Default", `enforcement: disabled`) and retrying, the push was rejected AGAIN with a **different error code**:
+```
+
+## General comments
+
+### @AceHack (2026-04-29T14:17:34Z)
+
+Codex P2 (14:16Z) addressed in f6d6a94. Fixed memory-file documentation: `gh api --input '{json}'` was wrong syntax (gh treats --input value as a file path). Replaced with the actual heredoc-from-stdin pattern that was used live: `gh api ... --input - <<'EOF'` + JSON body + `EOF`. Added clarifying note about gh CLI flag semantics for future readers.
+
+### @AceHack (2026-04-29T14:18:51Z)
+
+Closing per Aaron's correction: this PR went LFG-first, but the canonical pattern is AceHack-first → LFG forward-sync → AceHack absorbs LFG squash-SHA. *"Without the double-hop in a few hours we'll be right back to where we started — that's load-bearing to get right."* Branch `post-0-0-0-cleanup-2026-04-29` is being repushed to AceHack remote and opened there as the canonical first PR. Codex P2 review feedback (gh api --input syntax fix) is preserved as commit `f6d6a94` on the branch + carried into the AceHack PR.
diff --git a/docs/pr-discussions/PR-0845-ops-0-0-0-lfg-forward-sync-post-reset-cleanup-copilot-fixes.md b/docs/pr-discussions/PR-0845-ops-0-0-0-lfg-forward-sync-post-reset-cleanup-copilot-fixes.md
new file mode 100644
index 00000000..7398e64d
--- /dev/null
+++ b/docs/pr-discussions/PR-0845-ops-0-0-0-lfg-forward-sync-post-reset-cleanup-copilot-fixes.md
@@ -0,0 +1,81 @@
+---
+pr_number: 845
+title: "ops(0-0-0): LFG forward-sync \u2014 post-reset cleanup + Copilot fixes + pr-preservation drain-logs (mirror of AceHack #101)"
+author: "AceHack"
+state: "MERGED"
+created_at: "2026-04-29T14:25:11Z"
+merged_at: "2026-04-29T14:27:35Z"
+closed_at: "2026-04-29T14:27:35Z"
+head_ref: "post-0-0-0-cleanup-2026-04-29"
+base_ref: "main"
+archived_at: "2026-04-29T14:30:07Z"
+archive_tool: "tools/pr-preservation/archive-pr.sh"
+---
+
+# PR #845: ops(0-0-0): LFG forward-sync — post-reset cleanup + Copilot fixes + pr-preservation drain-logs (mirror of AceHack #101)
+
+## PR description
+
+## Summary
+
+LFG forward-sync PR for the AceHack-first cleanup that landed at AceHack#101 (merged 2026-04-29T14:19:41Z, squash → `5485772e87d74f3b96cdac4f39063cb0e82d7839`).
+
+This is **step 2 of the canonical double-hop**: AceHack-first (#101 ✓) → LFG forward-sync (this PR) → AceHack absorbs LFG squash-SHA (after this merges).
+
+## Diff vs LFG main (same content as AceHack #101 + LFG-side review fixes + pr-preservation files)
+
+1. **Original cleanup commits** (from AceHack #101): stale-prose fixes in `docs/active-trajectory.md`, protection-config memory file, MEMORY.md index entry, tick shard 1410Z
+
+2. **LFG #844 Codex P2 fix** (commit `f6d6a94`): `gh api --input` syntax corrected to heredoc-stdin pattern
+
+3. **LFG #844 Copilot thread fixes** (this commit):
+   - Internal consistency on legacy DELETE response (DELETE returned 204; GET-after-DELETE returned 404 "Branch not protected" — two-step accuracy)
+   - "Task #305" → "task #275" (correct in-session TaskList reference) + namespace-disambiguation parenthetical
+   - "the only rulesets ruleset" → "the only ruleset" (wording nit)
+
+4. **PR-preservation drain-logs** (Aaron 2026-04-29 directive): `docs/pr-preservation/lfg-844-drain-log.md` + `docs/pr-preservation/acehack-101-drain-log.md` — verbatim threads + responses + outcome classes for both PRs in this double-hop round
+
+## Sequence after this PR merges
+
+1. LFG/main advances to new squash-SHA = `<TBD>`
+2. AceHack/main is at `5485772...` (post-#101); LFG/main moves to `<TBD>` (post-this)
+3. Force-push acehack/main → LFG/main `<TBD>` (toggle ruleset / push / restore — same pattern as the 0/0/0 hard-reset)
+4. AceHack/main = LFG/main = `<TBD>` — 0/0/0 invariant restored
+
+## Authority boundary
+
+Step 3 (force-push to AceHack) is irreversible from the ref-perspective + requires ruleset toggle → **gates on Aaron's authority**. After this PR merges, I prepare the verify-only gate packet for the absorption push, then await Aaron's `EXECUTE`.
+
+Also addresses Copilot review feedback from LFG #844 carried forward.
+
+🤖 Generated with [Claude Code](https://claude.com/claude-code)
+
+## Reviews
+
+### COMMENTED — @copilot-pull-request-reviewer (2026-04-29T14:28:47Z)
+
+## Pull request overview
+
+Forward-syncs the AceHack-first post-reset cleanup into LFG, preserving operational learnings from the 0/0/0 reset and capturing PR review/drain artifacts as durable history.
+
+**Changes:**
+- Adds/updates protection-config operational memory (dual-layer legacy branch protection vs rulesets) and indexes it in `memory/MEMORY.md`.
+- Updates `docs/active-trajectory.md` to reflect the now-achieved 0/0/0 state (replacing stale pre-reset “not signoff-eligible” language).
+- Adds PR-preservation drain logs for both sides of the double-hop and appends the 14:10Z tick-history shard.
+
+### Reviewed changes
+
+Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.
+
+<details>
+<summary>Show a summary per file</summary>
+
+| File | Description |
+| ---- | ----------- |
+| memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md | Documents the dual-layer protection discovery, error-code mapping, and the operational sequence (incl. corrected `gh api --input -` usage). |
+| memory/MEMORY.md | Adds an index entry pointing to the new protection-config memory. |
+| docs/pr-preservation/lfg-844-drain-log.md | Records LFG-side PR #844 review threads and resolutions for training-signal preservation. |
+| docs/pr-preservation/acehack-101-drain-log.md | Records AceHack-side PR #101 outcome (auto-merged/no-review) for the double-hop record. |
+| docs/hygiene-history/ticks/2026/04/29/1410Z.md | Adds the 14:10Z tick shard row capturing the reset completion + cleanup PR opening. |
+| docs/active-trajectory.md | Updates trajectory text to reflect the completed hard-reset and new next-action lane. |
+</details>
diff --git a/docs/pr-discussions/PR-acehack-0101-ops-0-0-0-post-reset-cleanup-stale-prose-fixes-protection-co.md b/docs/pr-discussions/PR-acehack-0101-ops-0-0-0-post-reset-cleanup-stale-prose-fixes-protection-co.md
new file mode 100644
index 00000000..bce8ed5b
--- /dev/null
+++ b/docs/pr-discussions/PR-acehack-0101-ops-0-0-0-post-reset-cleanup-stale-prose-fixes-protection-co.md
@@ -0,0 +1,144 @@
+---
+pr_number: 101
+title: "ops(0-0-0): post-reset cleanup \u2014 stale-prose fixes + protection-config memory"
+author: "AceHack"
+state: "MERGED"
+created_at: "2026-04-29T14:19:35Z"
+merged_at: "2026-04-29T14:19:41Z"
+closed_at: "2026-04-29T14:19:42Z"
+head_ref: "post-0-0-0-cleanup-2026-04-29"
+base_ref: "main"
+archived_at: "2026-04-29T14:34:12Z"
+archive_tool: "tools/pr-preservation/archive-pr.sh"
+---
+
+# PR #101: ops(0-0-0): post-reset cleanup — stale-prose fixes + protection-config memory
+
+## PR description
+
+## Summary
+
+Canonical AceHack-first PR: post-reset cleanup after the 0/0/0 hard-reset achieved 2026-04-29T14:04:50Z. Two scoped changes:
+
+1. **Stale-prose fixes in `docs/active-trajectory.md`** — flip post-reset contradicting language to in-force 0/0/0-achieved language
+2. **Protection-config memory** — document the dual-layer surprise + Aaron's "delete legacy, rulesets canonical" decision
+
+## Lineage
+
+This PR was originally opened on LFG-side (Lucent-Financial-Group/Zeta#844) by mistake — Aaron correctly flagged that the canonical flow is AceHack-first → LFG forward-sync → AceHack absorbs LFG squash-SHA. *"Without the double-hop in a few hours we'll be right back to where we started — that's load-bearing to get right."* + the high-signal-data-multiplier framing: 2× review-agent passes per PR = 2× signal for the training corpus.
+
+LFG #844 closed; branch repushed to AceHack as the canonical first stop. Includes Codex P2 review feedback from the LFG side (gh api --input syntax fix at commit `f6d6a94`) preserved as part of the branch history.
+
+## 🎯 0/0/0 ACHIEVED 2026-04-29T14:04:50Z
+
+```
+AceHack/main = LFG/main = 621aae082d70fcbf36931718ecf1b6d9e149295f
+Topology:    0 ahead, 0 behind, 0 file content diff
+Archive ref: archive/acehack-main-pre-000-reset-2026-04-29 → 6755081... (preserved)
+Layers:      legacy DELETED (per Aaron); rulesets canonical
+```
+
+## Stale-prose fixes (Amara substrate-pass catch)
+
+Two paragraphs flipped from pre-reset state to in-force post-reset state:
+- *"Currently NOT signoff-eligible"* → *"0/0/0 ACHIEVED 2026-04-29T14:04:50Z..."*
+- *"Hard-reset is NOT YET signoff-eligible"* → *"Hard-reset complete (2026-04-29T14:04:50Z)..."*
+
+Derived-Rollup Drift class — primary state changed, downstream prose still claimed old state.
+
+## Protection-config memory
+
+`memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md`:
+
+- AceHack/Zeta had BOTH legacy branch protection AND repository rulesets on `main`
+- Both layers enforced independently; GitHub UI doesn't surface dual-layer state
+- Aaron: *"I knew there were two but I was confused why."*
+- Maintainer call: legacy DELETED, rulesets canonical going forward
+- Error-code mapping: `GH013` = rulesets surface, `GH006` = legacy surface
+- Diagnostic script (`gh api` commands, with correct heredoc-stdin syntax per Codex's feedback) for future audits
+- Future-protocol note: rulesets `non_fast_forward` rule still doesn't match CLAUDE.md *"force-push to AceHack main is part of protocol"* — task #305 home for that decision
+
+`MEMORY.md` index updated with one-line pointer.
+
+## Tick shard 1410Z
+
+Records the entire 0/0/0 hard-reset arc.
+
+## Sequence after this PR merges
+
+1. AceHack/main advances by 1 (this content)
+2. Open forward-sync PR on LFG/Zeta with this content
+3. After LFG forward-sync merges, force-push AceHack/main to LFG's squash-SHA (absorbs the LFG squash, restoring AceHack/main = LFG/main exactly)
+4. AceHack/main = LFG/main again — 0/0/0 holds
+
+## Authority boundary going forward (per Amara post-reset packet)
+
+```
+Reversible + in-lane + PR-reviewed → proceed autonomously
+Irreversible / deletion / force-push / authority config / identity canon → ask Aaron
+Unclear → stop, report exact uncertainty, propose one safe action
+```
+
+## Test plan
+
+- [x] Stale "Currently NOT signoff-eligible" → in-force 0/0/0-achieved language
+- [x] Stale "Hard-reset is NOT YET signoff-eligible" → "Hard-reset complete" language
+- [x] Memory file written with corrected gh CLI syntax + MEMORY.md index updated
+- [x] Tick shard 1410Z appended
+- [x] Branch opened AceHack-first per double-hop discipline
+- [ ] CI green
+- [ ] Codex / Copilot reviews resolved if any threads land
+- [ ] LFG forward-sync PR opened after merge
+- [ ] AceHack absorbs LFG squash-SHA after forward-sync merge
+
+🤖 Generated with [Claude Code](https://claude.com/claude-code)
+
+## Reviews
+
+### COMMENTED — @copilot-pull-request-reviewer (2026-04-29T14:24:13Z)
+
+## Pull request overview
+
+Post-0/0/0 hard-reset cleanup PR that updates current-state docs/memory to reflect the achieved 0/0/0 status and captures a durable debugging note about GitHub’s dual-layer protection enforcement (legacy branch protection + rulesets) on AceHack/Zeta.
+
+**Changes:**
+- Add a new protection-config memory documenting GH013 vs GH006 and a `gh api` audit/diagnostic sequence.
+- Update `docs/active-trajectory.md` prose to reflect that the 0/0/0 hard-reset has completed.
+- Append a tick shard row and add a new `MEMORY.md` index entry pointing to the new memory.
+
+### Reviewed changes
+
+Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.
+
+| File | Description |
+| ---- | ----------- |
+| memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md | New memory documenting dual-layer protection enforcement + commands/error-code mapping. |
+| memory/MEMORY.md | Adds newest-first index entry pointing to the new protection-config memory. |
+| docs/hygiene-history/ticks/2026/04/29/1410Z.md | New tick shard entry recording the 0/0/0 reset arc + follow-up PR. |
+| docs/active-trajectory.md | Flips stale “not signoff-eligible” / “not yet” language to post-reset “complete/achieved” state. |
+
+## Review threads
+
+### Thread 1: memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md:101 (unresolved)
+
+**@copilot-pull-request-reviewer** (2026-04-29T14:24:11Z):
+
+P1: This file references `memory/feedback_aaron_visibility_constraint_no_changes_he_cant_see_2026_04_28.md`, but that file does not exist in-repo (the path 404s). This leaves a broken cross-reference in the new memory. Either add the missing memory file in this PR, or update the reference to the correct existing in-repo memory that captures the same rule.
+
+### Thread 2: memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md:41 (unresolved)
+
+**@copilot-pull-request-reviewer** (2026-04-29T14:24:12Z):
+
+P1: The “Delete legacy branch protection” example is confusing/internally inconsistent: the comment says legacy protection was deleted, but the shown DELETE call returns “Branch not protected” (404), which indicates there was nothing to delete at that moment. Consider clarifying the sequence (e.g., DELETE returns 204 when protection exists; 404 means it was already removed) or adjusting the narrative so readers don’t infer that 404 = successful deletion.
+
+### Thread 3: memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md:18 (unresolved)
+
+**@copilot-pull-request-reviewer** (2026-04-29T14:24:12Z):
+
+P2: Minor wording issue: “the only rulesets ruleset” reads like a duplicated word and is easy to misread. Consider simplifying to “the only ruleset” (or “the only repository ruleset”).
+
+### Thread 4: memory/MEMORY.md:5 (unresolved)
+
+**@copilot-pull-request-reviewer** (2026-04-29T14:24:12Z):
+
+P2: `MEMORY.md` index entries are expected to be terse (memory/README.md notes the index is capped at ~200 lines and should stay short). This new entry is very long for a single-line index item; consider trimming the summary here and leaving the detailed narrative inside the linked memory file.
diff --git a/docs/pr-preservation/acehack-101-drain-log.md b/docs/pr-preservation/acehack-101-drain-log.md
index f97293af..cb8617f8 100644
--- a/docs/pr-preservation/acehack-101-drain-log.md
+++ b/docs/pr-preservation/acehack-101-drain-log.md
@@ -5,28 +5,78 @@
 **Opened:** 2026-04-29T14:18Z
 **Merged:** 2026-04-29T14:19:41Z (squash; merge commit `5485772e87d74f3b96cdac4f39063cb0e82d7839`)
 **Branch:** post-0-0-0-cleanup-2026-04-29 → main
-**Status checks:** 17 ran (most short-running), no required-status-checks rule on AceHack so auto-merge fired ~2 min after open
+**Status checks:** 17 ran; AceHack has no required-status-checks rule, so auto-merge fired ~2 min after open
 
-## Threads (0 review threads, 0 issue-level comments)
+## Threads (4 unresolved Copilot threads at merge — filed 14:24:11Z, AFTER auto-merge fired at 14:19:41Z)
 
-AceHack/Zeta does NOT have Codex or Copilot installed as PR reviewers (or they didn't have time to file before auto-merge fired). Result: zero review-agent feedback was collected on this AceHack PR. The same content went through the LFG side as #844 first, where Codex + Copilot DID review and produce 5 substantive threads (preserved in `lfg-844-drain-log.md`).
+The threads landed AFTER the merge because AceHack has no required-conversation-resolution rule and no required-status-checks rule — auto-merge didn't wait for Copilot's review. Copilot's findings still apply to the merged content; corrected in the post-#101 follow-up double-hop cycle.
 
-This is the **double-hop training-data observation in practice**: AceHack and LFG produce different review-agent feedback per identical content. AceHack has weaker/no review coverage; LFG has the full Codex + Copilot pass. The double-hop value here is the LFG side, not the AceHack side. Per Aaron's framing, BOTH are valuable training signal — silence on AceHack is also signal (telling us AceHack's review surface is sparser).
+### Thread 1 — Copilot P1 — broken xref to user-scope memory file
+
+**Path:** memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md
+**Filed:** 2026-04-29T14:24:11Z
+**Outcome class:** FIX (real broken-xref)
+
+> P1: This file references `memory/feedback_aaron_visibility_constraint_no_changes_he_cant_see_2026_04_28.md`, but that file does not exist in-repo (the path 404s). This leaves a broken cross-reference in the new memory. Either add the missing memory file in this PR, or update the reference to the correct existing in-repo memory that captures the same rule.
+
+**Resolution path (post-#101 follow-up cycle):** The visibility-constraint memory exists in user-scope memory only (`~/.claude/projects/-Users-acehack-Documents-src-repos-Zeta/memory/`), not in-repo. The original xref was therefore broken — an in-repo file pointing at a user-scope-only file. Replaced with a generic prose pointer to the underlying principle. (Earlier drafts of this drain-log claimed in-repo `memory/MEMORY.md` had a matching broken pointer; on closer inspection it does not — the user-scope MEMORY.md has the index entry, in-repo MEMORY.md does not. Backfill of the visibility-constraint memory to in-repo is tracked under task #291 / MEMORY.md index audit.)
+
+### Thread 2 — Copilot P1 — internal consistency on legacy DELETE response
+
+**Path:** memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md
+**Filed:** 2026-04-29T14:24:12Z
+**Outcome class:** FIX (already-applied — was duplicate of LFG #844 Thread 3)
+
+> P1: The "Delete legacy branch protection" example is confusing/internally inconsistent: the comment says legacy protection was deleted, but the shown DELETE call returns "Branch not protected" (404), which indicates there was nothing to delete at that moment. Consider clarifying the sequence (e.g., DELETE returns 204 when protection exists; 404 means it was already removed) or adjusting the narrative so readers don't infer that 404 = successful deletion.
+
+**Resolution path:** Already addressed by the carried-forward fix from LFG #844 Thread 3 (in commit `19f8f0b` on the LFG forward-sync side). The post-fix memory file shows DELETE returned rc=0 (success / 204 No Content) with the 404 coming from a separate verification GET. AceHack #101 merged BEFORE this fix landed, so the merged AceHack/main has the pre-fix text. The post-#101 follow-up cycle carries the fix to AceHack via the next AceHack-first PR.
+
+### Thread 3 — Copilot P2 — wording "the only rulesets ruleset"
+
+**Filed:** 2026-04-29T14:24:12Z
+**Outcome class:** FIX (already-applied — same path as Thread 2)
+
+> P2: Minor wording issue: "the only rulesets ruleset" reads like a duplicated word and is easy to misread. Consider simplifying to "the only ruleset" (or "the only repository ruleset").
+
+**Resolution path:** Same as Thread 2 — already fixed in LFG #845 (carried forward in commit on the LFG-side branch); AceHack/main currently has the pre-fix text; carried into post-#101 follow-up cycle.
+
+### Thread 4 — Copilot P2 — MEMORY.md index entry too long
+
+**Path:** memory/MEMORY.md
+**Filed:** 2026-04-29T14:24:12Z
+**Outcome class:** FIX
+
+> P2: `MEMORY.md` index entries are expected to be terse (memory/README.md notes the index is capped at ~200 lines and should stay short). This new entry is very long for a single-line index item; consider trimming the summary here and leaving the detailed narrative inside the linked memory file.
+
+**Resolution path (post-#101 follow-up cycle):** Trimmed the index entry from a 4-line dense paragraph to a single concise line per `memory/README.md` discipline. Detail stays in the linked memory file.
+
+## Issue-level comments
+
+(none — auto-merged before any landed)
+
+## Reviews
+
+- **Copilot — COMMENTED at 14:24:13Z**: PR-overview review enumerating the 4 review-thread findings (consolidated review summary).
 
 ## Outcome class summary
 
-- 0 threads filed
-- 0 issue-level comments
-- Outcome class: AUTO-MERGED-NO-REVIEW
+- 4 threads total: ALL UNRESOLVED at merge time (because auto-merge fired before review landed)
+- Outcome classes: 1 P1 broken-xref (FIX), 1 P1 internal-consistency (FIX, already-applied), 1 P2 wording (FIX, already-applied), 1 P2 MEMORY.md verbose (FIX)
+- All 4 fixes carry into the post-#101 follow-up double-hop cycle
 
 ## Lessons for future PRs
 
-1. **Review-agent coverage asymmetry between forks** is real and worth tracking. AceHack's review surface (Codex/Copilot bot configuration) is weaker than LFG's. The double-hop pattern compensates by routing every PR through LFG's review surface either before (AceHack-first → LFG forward-sync) or after (LFG-first → AceHack mirror).
+1. **AceHack auto-merge races Copilot review** — without required-conversation-resolution + required-status-checks on AceHack, auto-merge can fire BEFORE reviewers land their threads. The threads still apply to the merged content; just need a follow-up cycle to land fixes. Worth flagging that AceHack's review surface is "best effort, post-hoc" while LFG's is "pre-merge gating."
+
+2. **The double-hop captures BOTH waves of review** — even when AceHack auto-merges fast, the LFG forward-sync PR re-runs review and catches the same findings (LFG #844 caught the same internal-consistency + wording issues). The double-hop is also a *redundancy mechanism* against fast-merge-on-AceHack.
 
-2. **AceHack rulesets has no required-status-checks rule.** PRs auto-merge without lint/test gates passing. This is acceptable for the dev-mirror role (rapid iteration) but means AceHack-side PR quality depends on the human author + the eventual LFG forward-sync gate catching anything.
+3. **(Pre-fix behavior, now resolved in PR #846)** `tools/pr-preservation/archive-pr.sh` originally used `gh repo view --json nameWithOwner` to resolve the target repo, ignoring any `GH_REPO` env var set by the operator. To archive cross-fork PRs operators had to either cd into a clone with the right origin, run `gh repo set-default <fork>/<repo>` first, or write the archive manually with a fork-prefixed filename. **PR #846 fixed this**: the script now honors `GH_REPO=[HOST/]OWNER/REPO` (matching `gh` CLI conventions, including GitHub Enterprise host prefix), validates the value strictly, and propagates the host to `gh api --hostname` so cross-fork Enterprise archives target the right backend. Cross-fork archive command (post-fix): `GH_REPO=AceHack/Zeta tools/pr-preservation/archive-pr.sh <PR>`.
 
-3. **Documenting the asymmetry**: AceHack's role is "where work lands first for fast iteration"; LFG's role is "where review rigor lands and becomes durable substrate." The training-data corpus collects from BOTH, with the understanding that they capture different things.
+4. **Cross-fork archive filename collision** — if AceHack and LFG both have a PR #101, single-namespace `PR-0101-<slug>.md` filenames collide. Use fork-prefixed naming for cross-fork: `PR-acehack-0101-<slug>.md` / `PR-lfg-0101-<slug>.md`. Long-term fix tracked as task #314 (canonical fork-data homes — migrate fork-prefixed files to `forks/<fork-name>/pr-reviews/` trees + fuller `archive-pr.sh` patch with frontmatter `repo:` field, `--out-dir`, auto-route).
 
-## Relationship to LFG #844
+## Relationship to other PRs in this round
 
-This PR is the canonical-direction reopening of LFG #844 (which was opened LFG-first by mistake and closed per Aaron's correction: *"without the double-hop in a few hours we'll be right back to where we started — that's load-bearing to get right"*). The 5 review threads from #844 are preserved at `lfg-844-drain-log.md`; the corresponding fixes are committed to the same branch (`post-0-0-0-cleanup-2026-04-29`) and carried into both this AceHack PR and the upcoming LFG forward-sync PR.
+- LFG #844 — opened LFG-first by mistake, closed; threads documented at `lfg-844-drain-log.md`. Most threads' fixes carried into LFG #845.
+- LFG #845 — forward-sync of AceHack #101 + LFG #844 fixes + this drain-log; merged 14:27:35Z (squash → `3785124...`).
+- This PR (AceHack #101) — first canonical hop; merged 14:19:41Z. The 4 Copilot threads landed AFTER merge and are corrected in the post-#101 follow-up double-hop.
+- Pending — AceHack absorbs LFG squash-SHA `3785124...` to restore 0/0/0 (gates on Aaron's `EXECUTE`).
diff --git a/docs/pr-preservation/lfg-844-drain-log.md b/docs/pr-preservation/lfg-844-drain-log.md
index 0ca9b666..ef600e6d 100644
--- a/docs/pr-preservation/lfg-844-drain-log.md
+++ b/docs/pr-preservation/lfg-844-drain-log.md
@@ -11,7 +11,7 @@
 ### Thread 1 — Codex P2 — `gh api --input` syntax (RESOLVED via commit f6d6a94)
 
 **Author:** chatgpt-codex-connector
-**Path:** memory/feedback_acehack_zeta_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md
+**Path:** memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md
 **Filed:** 2026-04-29T14:16:33Z
 **Outcome class:** FIX
 
@@ -24,7 +24,7 @@
 ### Thread 2 — Copilot — `gh api --input` (UNRESOLVED at close, addressed in carry-forward to #101 + LFG forward-sync)
 
 **Author:** copilot-pull-request-reviewer
-**Path:** memory/feedback_acehack_zeta_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md (line 42)
+**Path:** memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md (line 42)
 **Filed:** 2026-04-29T14:19:27Z
 **Outcome class:** FIX (duplicate finding, same root cause as Codex Thread 1)
 
@@ -35,7 +35,7 @@
 ### Thread 3 — Copilot — internal consistency on legacy DELETE response (UNRESOLVED, FIX in carry-forward)
 
 **Author:** copilot-pull-request-reviewer
-**Path:** memory/feedback_acehack_zeta_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md (line 43)
+**Path:** memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md (line 43)
 **Filed:** 2026-04-29T14:19:28Z
 **Outcome class:** FIX
 
@@ -60,7 +60,7 @@
 ### Thread 4 — Copilot — "Task #305" ambiguous reference (UNRESOLVED, FIX in carry-forward)
 
 **Author:** copilot-pull-request-reviewer
-**Path:** memory/feedback_acehack_zeta_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md (line 82)
+**Path:** memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md (line 82)
 **Filed:** 2026-04-29T14:19:28Z
 **Outcome class:** FIX (real ambiguity — wrong reference)
 
@@ -73,7 +73,7 @@
 ### Thread 5 — Copilot — wording nit "the only rulesets ruleset" (UNRESOLVED, FIX in carry-forward)
 
 **Author:** copilot-pull-request-reviewer
-**Path:** memory/feedback_acehack_zeta_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md (line 18)
+**Path:** memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md (line 18)
 **Filed:** 2026-04-29T14:19:28Z
 **Outcome class:** FIX (small)
 
diff --git a/memory/MEMORY.md b/memory/MEMORY.md
index af84d0c9..dfc71294 100644
--- a/memory/MEMORY.md
+++ b/memory/MEMORY.md
@@ -2,7 +2,7 @@
 
 **📌 Fast path: read `CURRENT-aaron.md` and `CURRENT-amara.md` first.** <!-- latest-paired-edit: fork-audit R/C/T diff-filter coverage + plumbing-vs-porcelain note (2026-04-29 round-10 Amara). NOTE: this comment is a single-slot "latest paired edit" marker (not a paired-edit log). Per the round-10 Amara framing the slot semantics are now explicit. -->
 
-- [**0/0/0 ACHIEVED + AceHack/Zeta protection-config dual-layer surprise — legacy deleted, rulesets canonical (Aaron decision, 2026-04-29T14:04:50Z)**](feedback_acehack_zeta_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md) — Hard-reset of `acehack/main` to LFG `621aae0...` succeeded after dual-layer protection surprise: AceHack/Zeta had BOTH legacy branch protection AND repository rulesets on `main`; both enforced independently; GitHub UI doesn't surface the dual-layer state. Aaron: *"I knew there were two but I was confused why."* Maintainer call: legacy DELETED, rulesets canonical going forward. Error-code mapping: GH013 = rulesets surface, GH006 = legacy surface. Old AceHack tip preserved at `archive/acehack-main-pre-000-reset-2026-04-29`.
+- [**0/0/0 ACHIEVED + AceHack/Zeta protection-config dual-layer (Aaron, 2026-04-29)**](feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md) — Hard-reset succeeded after dual-layer surprise (legacy + rulesets on AceHack/main, both enforcing). Aaron: legacy DELETED, rulesets canonical. GH013 = rulesets, GH006 = legacy. Old tip preserved at `archive/acehack-main-pre-000-reset-2026-04-29`.
 
 - [**Bare `main` is ambiguous — automation uses explicit refs (Amara, 2026-04-29)**](feedback_bare_main_ambiguity_automation_discipline_explicit_refs_required_amara_2026_04_29.md) — Generic multi-remote-repo automation rule: scripts use `refs/remotes/<remote>/<branch>` (or `refs/heads/<branch>`); bare branch names only for interactive humans. Hard-stop on fatal base-ref errors. Caught when bare `git checkout main` was hitting `fatal: matched multiple (2) remote tracking branches` and the loop continued past the failure with wrong downstream state.
 
diff --git a/memory/feedback_acehack_zeta_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md b/memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md
similarity index 89%
rename from memory/feedback_acehack_zeta_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md
rename to memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md
index 21397a11..35866b09 100644
--- a/memory/feedback_acehack_zeta_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md
+++ b/memory/feedback_protection_config_dual_layer_legacy_deleted_rulesets_canonical_2026_04_29.md
@@ -101,4 +101,4 @@ gh api repos/{owner}/{repo}/branches/{branch} --jq '.protected'
 - `memory/feedback_destructive_git_op_5_pre_flight_disciplines_codex_gemini_2026_04_28.md` — pre-flight disciplines for destructive git ops (force-push needs `--force-with-lease=ref:exact-old-sha`)
 - `docs/active-trajectory.md` — 0/0/0 hard-reset gate spec + post-reset state
 - task #275 (TaskList, pending: "Set up acehack-first development workflow") — protection-config protocol-vs-ruleset alignment goes under that lane. Note: distinct from PR numbers #305/etc. which are unrelated artifacts; this is the in-session TaskCreate/TaskList tracker.
-- `memory/feedback_aaron_visibility_constraint_no_changes_he_cant_see_2026_04_28.md` — Aaron's visibility constraint; this case satisfied it because Aaron was repo admin on AceHack/Zeta and could see the toggles in UI (even if confused by the dual-layer surface)
+- Aaron's standing visibility-constraint principle (don't change shared-production things he can't see) — satisfied here because Aaron is repo admin on AceHack/Zeta and the rulesets toggles are visible in the GitHub UI (even if confused by the dual-layer surface). The detailed memory for this principle currently lives in user-scope memory only (`~/.claude/projects/-Users-acehack-Documents-src-repos-Zeta/memory/feedback_aaron_visibility_constraint_no_changes_he_cant_see_2026_04_28.md`), not in-repo. (In-repo `memory/MEMORY.md` does not currently index the visibility-constraint principle; user-scope MEMORY.md does.) A future audit pass should backfill this principle to in-repo memory; tracked under task #291 (MEMORY.md index audit + backfill).
diff --git a/tools/pr-preservation/archive-pr.sh b/tools/pr-preservation/archive-pr.sh
index f53f91fc..bcd1817f 100755
--- a/tools/pr-preservation/archive-pr.sh
+++ b/tools/pr-preservation/archive-pr.sh
@@ -112,19 +112,92 @@ if ! REPO_ROOT="$(git rev-parse --show-toplevel 2>/dev/null)"; then
 fi
 
 # Dynamic owner / name — works from forks or after rename.
-# Requires `gh repo view` to succeed; the script hard-fails
-# with exit 1 rather than silently defaulting to a baked-in
-# NWO (better to fail loud than archive to the wrong repo
-# path on a fork).
-REPO_NWO="$(gh repo view --json nameWithOwner --jq .nameWithOwner 2>/dev/null || true)"
-if [ -z "${REPO_NWO}" ]; then
-  echo "error: could not detect repo via 'gh repo view'. Is gh authenticated and this a GitHub repo?" >&2
+# Resolution order:
+#   1. GH_REPO env var (e.g. GH_REPO=AceHack/Zeta) — needed for cross-fork
+#      archives where the local clone's `gh repo view` resolves to a
+#      different repo than the PR's home (e.g. local origin = LFG but
+#      archiving an AceHack PR).
+#   2. `gh repo view --json nameWithOwner` — falls back to whichever repo
+#      gh-cli resolves for the current working directory (typically
+#      the local clone's `origin` remote, or the explicit `gh repo
+#      set-default` setting if one is in effect).
+# The script hard-fails with exit 1 rather than silently defaulting to a
+# baked-in NWO (better to fail loud than archive to the wrong repo path).
+if [ -n "${GH_REPO:-}" ]; then
+  REPO_NWO="${GH_REPO}"
+else
+  REPO_NWO="$(gh repo view --json nameWithOwner --jq .nameWithOwner 2>/dev/null || true)"
+fi
+# Validate + parse OWNER/REPO (and optional HOST for GitHub Enterprise).
+# GH_REPO per gh CLI docs accepts `[HOST/]OWNER/REPO`. Strict parser:
+#   - 2-segment `OWNER/REPO` → host defaults to github.com (gh CLI default)
+#   - 3-segment `HOST/OWNER/REPO` → HOST must look like a hostname (contain
+#     a dot, e.g. `github.example.com`). Bare 3-segment values like
+#     `owner/repo/extra` are rejected — they're either malformed or a
+#     mis-typed 2-segment value, never a valid Enterprise URL.
+#   - Empty owner or name (e.g. `/repo`, `owner/`, `host//repo`) → reject.
+# Host propagation: when REPO_HOST is set, pass `--hostname` to all
+# `gh api` calls so cross-fork archive runs against Enterprise repos
+# actually target the right backend. (Codex P2 #846: previously the host
+# was parsed but discarded, so host-qualified GH_REPO values silently hit
+# github.com.)
+REPO_HOST=""
+case "${REPO_NWO}" in
+  */*/*/*)
+    # 4+ segments — never valid for `[HOST/]OWNER/REPO`. Fall through to
+    # rejection rather than silently picking the last two segments.
+    REPO_OWNER=""
+    REPO_NAME=""
+    ;;
+  */*/*)
+    # 3-segment form `HOST/OWNER/REPO` (host-qualified, e.g. Enterprise)
+    REPO_NAME="${REPO_NWO##*/}"             # last segment
+    _REPO_TMP="${REPO_NWO%/*}"              # everything before last /
+    REPO_OWNER="${_REPO_TMP##*/}"           # second-to-last segment
+    REPO_HOST="${_REPO_TMP%/*}"             # first segment (host)
+    unset _REPO_TMP
+    ;;
+  */*)
+    # 2-segment form `OWNER/REPO` (default github.com)
+    REPO_OWNER="${REPO_NWO%/*}"
+    REPO_NAME="${REPO_NWO#*/}"
+    ;;
+  *)
+    REPO_OWNER=""
+    REPO_NAME=""
+    ;;
+esac
+if [ -z "${REPO_OWNER}" ] || [ -z "${REPO_NAME}" ]; then
+  echo "error: could not detect repo (need GH_REPO=[HOST/]OWNER/REPO env var or 'gh repo view' to succeed). Is gh authenticated and this a GitHub repo? Got: '${REPO_NWO:-(empty)}'" >&2
+  exit 1
+fi
+# Reject embedded slashes inside owner/repo (defence in depth — the case
+# patterns above should already prevent this, but a path-injection here
+# would land archive output outside docs/pr-discussions/).
+case "${REPO_OWNER}" in *"/"*)
+  echo "error: REPO_OWNER cannot contain a slash (got: '${REPO_OWNER}')" >&2
+  exit 1
+  ;;
+esac
+case "${REPO_NAME}" in *"/"*)
+  echo "error: REPO_NAME cannot contain a slash (got: '${REPO_NAME}')" >&2
   exit 1
+  ;;
+esac
+# When 3-segment form was given, validate host looks like a hostname
+# (contain a dot). This rejects ambiguous values like `owner/repo/extra`
+# which would otherwise parse as host=owner / owner=repo / repo=extra.
+if [ -n "${REPO_HOST}" ]; then
+  case "${REPO_HOST}" in
+    *.*) : ;;  # ok, contains a dot
+    *)
+      echo "error: GH_REPO 3-segment form must be HOST/OWNER/REPO where HOST is a hostname containing a dot (e.g. github.example.com/owner/repo). Got: '${REPO_NWO}'" >&2
+      exit 1
+      ;;
+  esac
 fi
-REPO_OWNER="${REPO_NWO%/*}"
-REPO_NAME="${REPO_NWO#*/}"
 
-export REPO_ROOT PR REPO_OWNER REPO_NAME
+export REPO_ROOT PR REPO_OWNER REPO_NAME REPO_HOST
 OUT_DIR="${REPO_ROOT}/docs/pr-discussions"
 mkdir -p "$OUT_DIR"
 
@@ -147,6 +220,7 @@ import json, os, subprocess, sys
 
 OWNER = os.environ['REPO_OWNER']
 NAME  = os.environ['REPO_NAME']
+HOST  = os.environ.get('REPO_HOST') or ''
 PR    = int(os.environ['PR'])
 
 QUERY = """
@@ -224,8 +298,17 @@ query($threadId: ID!, $after: String) {
 """
 
 def gh_graphql(query, variables):
-    """Invoke gh api graphql and return parsed JSON or raise."""
-    cmd = ["gh", "api", "graphql", "-f", f"query={query}"]
+    """Invoke gh api graphql and return parsed JSON or raise.
+
+    Honour HOST when REPO_HOST was parsed from a 3-segment GH_REPO
+    (Codex P2 #846): without --hostname, gh api defaults to github.com,
+    so host-qualified GH_REPO values would silently target the wrong
+    backend on GitHub Enterprise.
+    """
+    cmd = ["gh", "api"]
+    if HOST:
+        cmd.extend(["--hostname", HOST])
+    cmd.extend(["graphql", "-f", f"query={query}"])
     for k, v in variables.items():
         if v is None:
             # gh treats -F with empty string as null; for explicit null