15 — Next Paste-Ready Prompts

Six paste-ready prompts (mission §18 requires ≥5). Each carries Hard Gate 0, the no-version-bump/no-mutation regime, and locks output/boundary/authority/evidence (prompt standard §8). Package root = knowledge/dev/reports/architecture/one-roof-governance-clause-review-hardening-2026-06-01/. The hardening pack it reviewed = …/one-roof-governance-decision-pack-2026-06-01/.

---

Prompt 1 — Second clause review (apply Tier-1, re-attack)

MISSION: SECOND_PASS_ONE_ROOF_HARDENING_FOLD_AND_REATTACK
Effort: high. Mode: READ-ONLY + KB report. No mutation, no enactment, no version bump.
Hard Gate 0: confirm KB read; no PG/Directus/Qdrant/Nuxt/law/approval mutation.
Read: the clause-review pack …/one-roof-governance-clause-review-hardening-2026-06-01/ (00–16) and the decision pack
…/one-roof-governance-decision-pack-2026-06-01/ (00–13).
1. Produce a single hardening-revision draft of the decision pack that folds in Tier-1 blockers T1-1..T1-7 (doc 14 §14.2)
   using the revised wording in doc 13 (M-DEF-1..7 + the Đ37/31/35/24/26/28/45 revisions) — as PROPOSED text in a new
   KB doc, NOT by editing the decision pack.
2. Re-run the 24 red-team scenarios (doc 12) against the folded text; confirm each formerly-⚠️ scenario now resolves and
   the 2 ❌ (#13/#14) are explicitly scoped to the substrate prerequisite (T1-6).
3. Adversarially attack the FOLDED text for NEW contradictions introduced by the fixes (esp. the 5-term identity G6,
   the severity-aware gate F3, and the two-mode apply I2).
Output: KB doc …/one-roof-governance-hardening-revision-draft-<date>.md + a residual-risk list. Do NOT edit either pack.

Prompt 2 — Cowork / Claude Desktop / GPT council critique

MISSION: COUNCIL_CRITIQUE_ONE_ROOF_CLAUSE_HARDENING
Effort: high. Mode: READ-ONLY review. Output: KB review doc only.
Read both packs (decision pack 00–13 + clause-hardening pack 00–16).
Hard Gate 0: no PG/Directus/Qdrant/Nuxt/law/approval mutation.
Score each branch A–M (0–10) and each Tier-1 blocker (doc 14 §14.2): GO / REVISE with exact text.
Specifically adjudicate the 19 open questions (doc 14 §14.5) — for each, pick a default or escalate to the human president.
Attack the hardening itself: (a) does the non-governed Class 0 (A2/M-DEF-1) leak any shared-truth artifact out of governance?
(b) does responsibility-scope (C2) actually satisfy Đ37 §4.12, or does it reinterpret an enacted clause too freely?
(c) is "reclassify §5.4-EXT to prerequisite" (I2/B7) correct, or can law_jurisdiction+inheritance truly cover law-orphan
objects (routes/adapters) without object edges? (d) is the severity-aware gate (F3) safe, or does "warning non-blocking"
let authority gaps ship?
Output: …/one-roof-governance-hardening-council-critique-<date>.md with a per-blocker verdict + a single GO/REVISE for the
hardening revision. Do NOT mutate anything.

Prompt 3 — Canonical design patch (concept docs only; conditional GO)

MISSION: PATCH_RP_DESIGN_ONE_ROOF_CONCEPTS_HARDENED
Effort: high. Mode: KB content-only editorial. NO version bump, NO status change, NO enactment.
Prereq: Tier-1 T1-1..T1-5,T1-7 folded (Prompt 1) + council GO (Prompt 2). T1-6 (substrate) flagged as prerequisite, not built.
Apply ONLY the concept-level patches from decision-pack doc 09: P-09.1 (00-master-design-v0.1.md One-Roof statement) and
P-09.4 (NEW 14-governance-coverage-and-anarchy-detection.md). BOTH MUST carry the hardened definitions M-DEF-1..7
(non-governed Class 0, coverage profiles, role taxonomy + responsibility scope, birth↔governance joint matrix, anarchic
re-base, 11-field exception record, governance-grain 5-term identity) and MUST flag T1-6 (new APR action-types + §5.4-EXT
object edge) as an explicit substrate prerequisite. DEFER the surface-binding patches P-09.2/3/5/6/7 until owner/gate/
exception semantics are settled (doc 14 §14.6).
Each patch header: "supplemental One-Roof alignment; content-only; no version change."
Hard Gate 0: no PG/Directus/Qdrant/Nuxt/law/approval mutation; do NOT touch normative_registry/law_catalog/governance_docs.
Output: the 2 patched/created design docs + a patch-log; list/read each after write to verify content.

Prompt 4 — Technical design for the governance-coverage scanner / DOT family (design + read-only rehearsal)

MISSION: DESIGN_GOVERNANCE_COVERAGE_SCANNER_DOTS_HARDENED
Effort: high. Mode: design + BEGIN..ROLLBACK read-only rehearsal. NO dot_tools INSERT; NO APR; NO emit.
Prereq: Prompt 3 concept docs + the hardened definitions.
Design the 6-layer pipeline (decision-pack doc 05) and the 7 DOTs (doc 06) WITH the hardening:
 - L1 inventory-completeness check vs information_schema ∪ directus_collections ∪ meta_catalog ∪ pivot_definitions ∪
   dot_tools ∪ event_type_registry ∪ a DERIVED route inventory (nginx + Nuxt server/api) → inventory_gap/route_orphan (G1/G2).
 - L2/L3 over the GOVERNANCE GRAIN only (containers + non-inheriting; leaves inherit) — scalar/EXISTS, no fan-out (F1/G5).
 - Inheritance resolves OWNER-LINK ONLY; risk-links never inherited (B4). 5-term identity incl. stale/unverifiable (G6).
 - Severity = gap_type × profile; anarchic = missing authority-critical link (D2). Birth-precedence dedup (D1).
 - Incremental scan triggers on object change AND governance-context change (status flip/edge delete/exception expiry) (G3).
 - DOTs: PROPOSE requires registered action-types (state as prereq, I1); APPLY two-mode (law-domain now / object-edge
   blocked until §5.4-EXT, I2); SoD (I4); bootstrap seed + attestation (I3); refuse stale input (I6).
Rehearse the 4 views under ssh contabo → docker exec -i postgres psql -U workflow_admin -d directus, -v ON_ERROR_STOP=1,
SET LOCAL lock/statement/idle timeouts, all inside BEGIN; ... ROLLBACK;. Prove the identity closes per scope at governance
grain; seed a synthetic orphan to prove the detector is not blind; prove +10^6 inheriting children change total_governed by 0.
Hard Gate 0: confirm read-only role; confirm 0 leftover objects + 0 idle_tx after ROLLBACK; NO COMMIT, NO emit, NO registration.
Output: KB DOT-design doc + rehearsal evidence (SQL + closure proof + seeded-orphan detection).

Prompt 5 — Law/design clause content-only correction → ratification packet (draft only)

MISSION: DRAFT_AND_PREP_RATIFICATION_ONE_ROOF_CLAUSES_HARDENED
Effort: high. Mode: KB draft only. NO enactment (engine blocks amend_law/enact_nrm = unimplemented), NO version bump.
Prereq: Prompts 1–3.
Take the revised clauses in clause-hardening doc 13 (M-Đ37 §4.15/4.15-bis/4.16/4.17/4.18/§5.4-EXT; M-Đ31 §4.3-Loại6/
4.6/4.8/4.9-ext; M-Đ35 §6.2-bis; M-Đ24/29 §0-OWNER/§5.2-ext; M-Đ26 §0-OWNER/§MTx/§repair; M-Đ28 §0-OWNER/NT-D1-ext/
§VIII-ext; M-Đ45 §3.2/§4/§6.6-notes). For each:
 1. VERIFY the §-slot is unused in the live law text and resolve the Đ45 (ban_hanh=false leftover) + Đ36 (v4.0 vs v5.0)
    status drift FIRST (doc 14 OQ-J10) — content-only, no version bump.
 2. Produce final clause text with the in-clause definition of "valid" (J1), the Đ37 §4.15 cross-ref token (J4), and the
    exact governance_relations owner-edge proposals (agency→law only today: GOV-SIV→NRM-LAW-26, GOV-COUNCIL→NRM-LAW-24/29;
    GOV-MOUT→NRM-LAW-28 noted as pending MOUT activation / interim COUNCIL delegation J6) + the new APR action-type proposals
    (assign_governance_owner/grant_governance_exception/delegate_authority, I1/E2/C7) + the §5.4-EXT object-edge decision
    (extend table vs new governance_object_ownership, OQ-I2).
 3. Đ37 §4.12 SSOT-overlap check + Đ37 §4.14 cross-ref block per clause.
Assemble a human-ratification packet (Đ32 §4.2 quorum: president + 2 ai_council) with exact paste sign-off. State clearly:
law enactment is a SEPARATE human phase (APR amend_law/enact_nrm = unimplemented) and may await the Information-Unit law substrate.
Hard Gate 0: no normative_registry/law_catalog write, no APR creation, no version bump, no status change. Output: KB ratification-packet doc.

Prompt 6 — No-local-governance / no-hardcode CI enforcement

MISSION: CI_ENFORCE_NO_LOCAL_GOVERNANCE_HARDENED
Effort: high. Mode: CI contract design + registration. Prereq: Prompts 3–4.
Implement CI for F-ISLAND-1..9 (decision-pack doc 01 §1.7) WITH the hardening:
 - Split PG-detectable vs code-detectable islands (K6/D3): SQL checks (no-owner policy table = F-ISLAND-3; tier-B DOT
   without paired_dot = F-ISLAND-4; unregistered event_type emit = F-ISLAND-7; AND unregistered issue_type write — the
   H2/H4 register-before-write extension); source-scan of web/** INCLUDING server/api/** (G8) for F-ISLAND-1/2/6
   (local owner constant; local approval flag; UI/Nitro count/grouping/governance truth — the live health.get.ts
   totalGap=reduce() and index.vue CAT-017 are the canonical fixtures).
 - LOCAL_GOVERNANCE_ISLAND = co-located roll-up of F-ISLAND-1/2/3 (D3).
 - All numeric thresholds resolve from the COUNCIL-owned threshold-policy table; CI fails a planted literal threshold (G4).
 - CI BLOCKS the deploy (not just scheduled-detect, OQ-K6) and routes findings to system_issues via the governed
   issue_type vocabulary (H2). Reuse the live hc_finding_* no-hardcode scanner + Đ28 coverage scanner + Đ30 regression.
Plant a synthetic local-island (no-owner policy table + a UI totalGap=reduce()); CI MUST fail BOTH; prove a CI that has
never failed a planted violation is rejected as evidence (K5).
Hard Gate 0: CI is additive/gates only; no production mutation. Output: CI contracts + evidence of caught violations.

These six implement the post-review path: re-review (P1), council adjudication of open questions (P2), conditional concept-only design patch (P3), scanner/DOT technical design with read-only rehearsal (P4), clause-correction → ratification packet (P5), and the no-local-governance CI (P6). They sequence AFTER the Tier-1 fold; do not run the surface-binding design patches or any apply/registration until the substrate prerequisites (T1-6) are separately designed and approved.