05 — Capability Behavioral Contract (no existence / no free-text proof)

Replaces FIX4's object-existence + free-text capability proof.

• v_qt001_capability_behavior_probe: reads ACTUAL state per capability — keyset_pagination (writer body iterates by ordered keyset > marker? currently full %I rescan → demonstrated=false), resume_watermark (writer reads resume_marker as a start bound? writes but never reads → false; 0 resumed done ledgers), representative_perf_gate (measured gate? none → false).
• v_qt001_capability_behavioral_contract: registry-driven (qt001_capability_behavior_registry); satisfied = behavior_demonstrated AND operational_evidence. Object existence and free-text proof_object are NEVER read for satisfaction.
• v_qt001_scale_behavioral_guard: scale_not_safe = bool_or(NOT satisfied). LIVE: 0/3 satisfied → scale_not_safe=true, with real evidence strings (full-scan / no-resume / no-perf-gate). Replaces the literal-true v_qt001_scale_not_safe_guard.
• v_qt001_capability_no_function_exists_proof_guard: pass iff (no capability satisfied without demonstrated behavior) AND (contract definition does not use to_regproc/to_regclass) AND (free-text proof cannot unlock). LIVE pass=true.
• v_qt001_capability_behavior_negative_tests: 4 REAL evaluations (read pg_get_viewdef / contract state), NOT literal true: function_existence_alone_insufficient, free_text_proof_object_cannot_satisfy, behavior_demonstration_required, operational_evidence_required. All pass.

Result: capability stays NOT_SAFE (blocking) for REAL reasons; the system can self-progress only when real keyset/resume/perf behavior + operational evidence appear (a 2.6B deliverable).