v_qt001_hardcode_guard_v5 pass=true only when ALL concrete sub-guards are true: no_legacy_dependency, writer_repointed, current_plan_v4, no_v2_plan_hash, identities_controlled, tier_signal_v4_only, block_rule_fail_closed, capability_evidence_based (scale_not_safe), structural_clean (v_qt001_disguised_hardcode_structural_detector), spoof_rejected (5/5), fake_capability_rejected (3/3). Live: all true => pass true.

Unlike v4 (which reported PASS_WITH_ROUTED while the writer still read v5/old-signoff and free-text proof passed), v5 is at least as strict as Codex: it consumes the dependency map, the controlled-identity guard, the capability evidence guard, the no-v2/no-null fingerprint guards, and the spoof/fake negative tests. It cannot pass while any reproduced Codex defect remains. It uses no manual inventory and no source-text-as-authority; the only source-text use is the deny-side legacy scan (behavioral over the live catalog).

readiness v7 consumes hardcode guard v5 (not v4), closing CODEX9 (hardcode-guard false-green).