@event4u/agent-config 2.13.0 → 2.14.0

package/.agent-src/commands/memory/learn-low-impact.md

@@ -0,0 +1,143 @@
+---
+name: memory:learn-low-impact
+tier: 2
+cluster: memory
+sub: learn-low-impact
+skills: [ai-council, upstream-contribute]
+description: Preview validated low-impact entries that would be upstreamed to the package seed (default `--preview`); `--apply` opens a draft PR via `upstream-contribute` after re-redaction.
+disable-model-invocation: true
+suggestion:
+  eligible: true
+  trigger_description: "upstream low-impact decisions, share validated council questions, contribute the learning corpus"
+  trigger_context: "user has accumulated validated entries in agents/low-impact-decisions.md and wants to share with the package"
+---
+
+# /memory learn-low-impact
+
+Promote `## Validated` entries from
+[`agents/low-impact-decisions.md`](../../agents/low-impact-decisions.md)
+into the upstream seed at
+`.agent-src.uncompressed/data/low-impact-decisions-seed.md` via a DRAFT
+PR against the agent-config package. **Validated entries only** — probation
+entries never upstream, they're unconfirmed signal.
+
+## Flags
+
+| Flag | Default | Behaviour |
+|---|---|---|
+| `--preview` | **on** | Build the plan, run the redactor, render promoted / refused / already-seeded buckets + draft PR body. **No file write, no branch, no PR.** Default behaviour. |
+| `--apply` | off | Mutually exclusive with `--preview`. Required to invoke `upstream-contribute` and open the draft PR. Refusals from the redactor still block. |
+
+Iron Law: ``--apply`` never auto-fires on the first invocation. The
+user always sees the preview block first and re-runs explicitly.
+
+## Iron Law — privacy floor runs TWICE
+
+```
+THE REDACTOR RUNS AT INTAKE (WRITE GATE) AND AGAIN HERE (UPSTREAM GATE).
+ANY VIOLATION → REFUSE THE PR. NO SILENT REWRITES.
+```
+
+See [`low-impact-corpus-privacy-floor`](../rules/low-impact-corpus-privacy-floor.md)
+for the eight forbidden-content classes.
+
+## Steps
+
+### 1. Build the preview plan
+
+Call
+`scripts/ai_council/learn_low_impact_preview.py::build_preview` with
+the project-local corpus and the package seed:
+
+```python
+from scripts.ai_council.learn_low_impact_preview import build_preview
+plan = build_preview(
+    corpus_path="agents/low-impact-decisions.md",
+    seed_path=".agent-src.uncompressed/data/low-impact-decisions-seed.md",
+    repo_slug="<owner>/<repo>",  # from `git remote get-url origin`
+    repo_root="<absolute repo root>",
+    private_domains=(),   # from .agent-settings.yml policy
+    customer_names=(),    # from .agent-settings.yml policy
+    sql_identifiers=(),   # from .agent-settings.yml policy
+)
+```
+
+The builder runs all three contract checks in one pass:
+
+1. Parses `## Validated` (strict mode — drift surfaces as
+   `CorpusParseError`).
+2. Diffs against the seed file — already-seeded entries land in
+   `plan.already_seeded` and never upstream.
+3. Re-runs `redact_low_impact_entry` on every candidate. Failures
+   land in `plan.refused`.
+
+### 2. Surface the preview block
+
+Print `plan.render()` verbatim. Always. This is the user-facing
+audit trail per `fast-path-marker-visibility` Iron Law — the host
+agent MUST NOT swallow or paraphrase it.
+
+```
+## learn-low-impact preview — repo=<slug>
+last-upstreamed: <sha>
+seed: <path>
+
+### Promoted (N) …
+### Refused (M) — redactor blocked …
+### Already seeded (K) …
+```
+
+### 3. Decide based on the flag
+
+- **`--preview` (default)** — stop here. If `plan.would_open_pr` is
+  true, the rendered block ends with
+  `> Re-run with \`--apply\` to open the draft PR via \`upstream-contribute\`.`
+  Hand control back to the user.
+- **`--apply`** — refuse when `plan.refused` is non-empty; surface
+  the refusals and stop. Otherwise invoke
+  [`upstream-contribute`](../skills/upstream-contribute/SKILL.md)
+  with:
+    - **target file:** `.agent-src.uncompressed/data/low-impact-decisions-seed.md`
+    - **PR title:** `plan.render_pr_body()` first heading
+    - **PR body:** `plan.render_pr_body()`
+    - **patch:** `plan.render_diff()`
+    - **draft:** `true` — never auto-merge; review is a human gate.
+
+### 4. Advance the local baseline (`--apply` path only)
+
+When the PR is opened (step 3 returns a PR URL + new commit SHA on
+the package branch):
+
+```bash
+# update the local pointer so subsequent runs are deltas
+sed -i.bak -E "s|^last-upstreamed: .*|last-upstreamed: <new-sha>|" \
+    agents/low-impact-decisions.md
+rm agents/low-impact-decisions.md.bak
+```
+
+### 5. Surface result (`--apply` path only)
+
+```
+> Drafted PR <url>
+> Entries upstreamed: N
+> Provenance bumped: <old-sha> → <new-sha>
+```
+
+## Halt conditions
+
+- Redactor refuses (any class) — surface, stop. `--apply` is rejected.
+- No candidates (`plan.has_work == False`) — exit 0 with the preview
+  block; no PR even on `--apply`.
+- `--preview` (default) — always stops before any side-effect.
+- Package repo unavailable per `upstream-contribute § Step 4` — surface
+  the access options, stop.
+- User explicitly declines the PR option — exit 0, no PR.
+
+## See also
+
+- [`upstream-contribute`](../skills/upstream-contribute/SKILL.md) — PR
+  machinery (branch, commit, gates).
+- [`agents/low-impact-decisions.md`](../../agents/low-impact-decisions.md)
+  — the project-local corpus.
+- [`low-impact-corpus-privacy-floor`](../rules/low-impact-corpus-privacy-floor.md)
+  — Iron Law.

package/.agent-src/rules/ask-when-uncertain.md

@@ -8,7 +8,7 @@ source: package
 
 # Ask When Uncertain
 
-**When in doubt, ask.** Don't guess, assume, or improvise. One question too many beats one wrong assumption.
+**When in doubt, ask.** Don't guess or improvise. One question too many beats one wrong assumption.
 
 ## Iron Law — one question per turn, ALWAYS
 
@@ -17,7 +17,7 @@ ONE QUESTION PER TURN. NO EXCEPTIONS.
 ASK. WAIT FOR THE ANSWER. THEN ASK THE NEXT.
 ```
 
-Even if trivial, independent, or batchable — exactly one.
+Even if trivial or independent — exactly one.
 
 ## When to ask
 
@@ -49,14 +49,18 @@ Any "yes" → **collapse to ONE question**. Hold the rest for their own turn. Ra
 
 ### Ordering & handoff
 
-- **Session handoff** (`/agent-handoff`, fresh-chat) — ask LAST, after domain / clarifying questions, so answers fold into the handoff. Full: [`agent-interaction-and-decision-quality § handoff`](../docs/guidelines/agent-infra/agent-interaction-and-decision-quality.md#handoff--model-switch-questions).
-- **Model switch** — [`model-recommendation`](model-recommendation.md) STOP-AND-WAIT gate is standalone, not appended.
-- **Blocking clarification** — ask FIRST, alone, before any research or planning output.
+- **Session handoff** — ask LAST, after domain / clarifying questions. Full: [`agent-interaction-and-decision-quality § handoff`](../docs/guidelines/agent-infra/agent-interaction-and-decision-quality.md#handoff--model-switch-questions).
+- **Model switch** — [`model-recommendation`](model-recommendation.md) STOP-AND-WAIT gate is standalone.
+- **Blocking clarification** — ask FIRST, alone, before research / planning output.
 - **Optional refinement** — don't ask; state the assumption, proceed.
 
+## Impact-based routing (AI Council)
+
+AI Council enabled → questions classified and routed per `decision_resolution`. **Iron Law: `high_impact` and `user_required` ALWAYS reach the user.** Contract: [`ai-council-config`](../docs/contracts/ai-council-config.md#decision-resolution-by-impact-phase-10-ask-user-routing).
+
 ## Creating new agent artifacts
 
-Skill / rule / command / guideline creation or major rewrite → [`artifact-drafting-protocol`](artifact-drafting-protocol.md) (Understand → Research → Draft). Don't improvise questions.
+Skill / rule / command / guideline → [`artifact-drafting-protocol`](artifact-drafting-protocol.md) (Understand → Research → Draft).
 
 ## Examples
 

package/.agent-src/rules/copilot-routing.md

@@ -1,7 +1,7 @@
 ---
 type: "auto"
 tier: "3"
-description: "When configuring the GitHub Copilot AI assistant — copilot-instructions.md, PR-review comment patterns, suggestion behavior — route to the copilot-config skill"
+description: "Configuring GitHub Copilot — copilot-instructions.md, PR-review comment patterns, suggestion behavior — route to the copilot-config skill"
 source: package
 triggers:
   - keyword: "copilot"

package/.agent-src/rules/devcontainer-routing.md

@@ -1,7 +1,7 @@
 ---
 type: "auto"
 tier: "3"
-description: "When wiring DevContainers or GitHub Codespaces — devcontainer.json, container images, VS Code features, port forwarding — route to the devcontainer skill"
+description: "Wiring DevContainers or GitHub Codespaces — devcontainer.json, images, VS Code features, port forwarding — route to the devcontainer skill"
 source: package
 triggers:
   - keyword: "devcontainer"

package/.agent-src/rules/external-reference-deep-dive.md

@@ -1,7 +1,7 @@
 ---
 type: "auto"
 tier: "2b"
-description: "When the user names an external repo, file, URL, or artifact as a reference — fetch the actual tree and inspect, never summarize from README or metadata"
+description: "User names an external repo, file, URL, or artifact as reference — fetch the actual tree and inspect, never summarize from README or metadata"
 alwaysApply: false
 source: package
 triggers:

package/.agent-src/rules/fast-path-marker-visibility.md

@@ -0,0 +1,38 @@
+---
+type: "auto"
+tier: "1"
+description: "Low-impact council fast-path dispatch — host agent MUST surface the transparency marker verbatim in the reply opening; never swallow or paraphrase it."
+source: package
+triggers:
+  - keyword: "low-impact council"
+  - keyword: "fast-path"
+  - keyword: "Resolved via low-impact council"
+  - keyword: "low_impact"
+  - intent: "low-impact council dispatch"
+validator_ignore:
+  - type: "substring"
+    pattern: ".agent-src.uncompressed/"
+    reason: "Compressor injects a back-pointer to the uncompressed source for full failure-modes detail."
+---
+
+# Fast-Path Marker Visibility
+
+## The Iron Law
+
+```
+EVERY LOW-IMPACT COUNCIL FAST-PATH REPLY OPENS WITH THE EXACT MARKER.
+NEVER PARAPHRASE. NEVER SWALLOW. NEVER SUBSTITUTE THE AGENT'S OWN VERDICT.
+```
+
+Markers (from `scripts/ai_council/low_impact.py`):
+
+- **Resolved** — `> Resolved via low-impact council fast-path: <verdict>.`
+- **Unavailable** — `> Low-impact council unavailable (no opted-in members) — escalating to user.`
+- **Split** — `> Low-impact council split — escalating to user (<m1>: X / <m2>: Y):`
+- **Aborted** — `> Low-impact council aborted (token cap) — escalating to user:`
+
+Verbatim = first non-whitespace line, English (no translation), no emoji prefix, no merged numbered-options. Marker is the only audit signal that distinguishes fast-path from local deliberation. See `.agent-src.uncompressed/rules/fast-path-marker-visibility.md` for full failure modes.
+
+Scope: `low_impact` class only. `high_impact` and `user_required` never reach fast-path.
+
+See: [`ai-council-config § Low-impact council opt-in`](../docs/contracts/ai-council-config.md#low-impact-council-opt-in), [`direct-answers`](direct-answers.md) (invented-facts Iron Law kin).

package/.agent-src/rules/low-impact-corpus-privacy-floor.md

@@ -0,0 +1,74 @@
+---
+type: "auto"
+tier: "1"
+description: "Writing, editing, or upstreaming entries in `agents/low-impact-decisions.md` — non-bypassable privacy floor for the learning corpus."
+source: package
+triggers:
+  - path_prefix: "agents/low-impact-decisions"
+  - keyword: "low-impact-decisions"
+  - keyword: "low-impact corpus"
+  - keyword: "learn-low-impact"
+---
+
+# Low-Impact Corpus — Privacy Floor
+
+## Iron Law
+
+```
+NO ENTRY LEAVES THE PROJECT REPO UNTIL THE REDACTOR CLEARS IT.
+NO SECRETS. NO EMAILS. NO PROJECT PATHS. NO CUSTOMER NAMES.
+NO INTERNAL HOSTNAMES. NO MONEY. NO BUSINESS SQL. NO LONG CODE.
+```
+
+Redactor lives in `scripts/ai_council/redact_low_impact_entry.py`
+and runs at **both** gates:
+
+1. **Write gate** — every intake append to
+   `agents/low-impact-decisions.md` (Phase 12 § Step 2).
+2. **Upstream gate** — every `/memory learn-low-impact` PR draft,
+   before diff leaves repo (Phase 12 § Step 5).
+
+Failure at either gate refuses the operation, surfaces offending
+pattern, asks user to rephrase. Redactor never auto-rewrites — silent
+rewriting is soft gate, this is hard.
+
+## Forbidden-content classes (8)
+
+| # | Class | Pattern source |
+|---|---|---|
+| 1 | Secrets | raw-key prefixes from `scripts/ai_council/config._RAW_KEY_PREFIXES` + inline `api_key:` shape |
+| 2 | Emails | RFC-5322-ish |
+| 3 | Project-rooted paths | `/Users/`, `/home/`, `/opt/`, `/private/`, drive letters, configured `repo_root` |
+| 4 | Customer / tenant names | caller-supplied list; generic placeholders (`<customer>`, `<tenant>`, `<account>`, `<user>`) survive |
+| 5 | Internal hostnames | `*.internal`, `*.local`, caller-supplied private domains |
+| 6 | Monetary amounts | `$1,234`, `€500`, `USD 1000` shapes |
+| 7 | Business-context SQL identifiers | caller-supplied table / column list |
+| 8 | Inline code excerpts > 40 chars | backtick-fenced runs |
+
+## Locked target types
+
+- `agents/low-impact-decisions.md` — project-local corpus.
+- `data/low-impact-decisions-seed.md` (agent-config package) —
+  upstream seed shipped with the package.
+
+## When to invoke
+
+- Host agent just received user intake trigger (see
+  `scripts/ai_council/low_impact_intake.TRIGGER_PHRASES`).
+- Host agent about to write entry to corpus or open `/memory learn-low-impact` PR.
+
+## What to surface on refusal
+
+One-line marker:
+
+```
+> Low-impact corpus refused — <category>: <snippet…>. Rephrase or skip.
+```
+
+Then agent stops intake/upstream flow. No silent retry, no auto-rewrite.
+
+## See also
+
+- `scripts/ai_council/redact_low_impact_entry.py` — the redactor.
+- `scripts/ai_council/low_impact_intake.py` — write-gate caller.
+- `agents/low-impact-decisions.md` — corpus + Anti-Examples list.

package/.agent-src/rules/symfony-routing.md

@@ -1,7 +1,7 @@
 ---
 type: "auto"
 tier: "3"
-description: "When writing or reviewing Symfony code — DI container, bundles, Doctrine, Messenger, Security voters, console commands — route to the symfony-workflow skill"
+description: "Writing or reviewing Symfony code — DI, bundles, Doctrine, Messenger, Security voters, console commands — route to the symfony-workflow skill"
 source: package
 triggers:
   - keyword: "symfony"

package/.agent-src/skills/ai-council/SKILL.md

@@ -5,6 +5,8 @@ source: package
 domain: process
 ---
 
+<!-- cloud_safe: degrade -->
+
 > **Experimental.** AI Council is not yet validated by external users. API costs apply per consultation.
 
 # ai-council
@@ -30,6 +32,45 @@ Do NOT use when:
 * The user has not configured any council member → state that and stop;
   do not silently fall back to anything.
 
+## When NOT to invoke — necessity self-check
+
+Phase 6 necessity classifier (see
+[`ai-council-config § Necessity classifier`](../../../docs/contracts/ai-council-config.md))
+runs as pre-flight gate inside CLI, skips council when prompt looks
+like routine work. Route around it BEFORE gate fires so user never pays
+classifier-pause cost on request that obviously did not need council.
+
+Skip council, stay in-session for:
+
+* **Bugfix shape** — stack trace, error, crash, failing test, "broken",
+  regression. Use `systematic-debugging` or `bug-investigate`.
+* **Syntax / format / lint** — `typo`, `formatting`, `lint`, `indent`,
+  `import order`, simple rename. Use language skill directly
+  (`php-coder`, `eloquent`, `nextjs-patterns`).
+* **Single-file implementation** — "this function", "this method",
+  "this file", "one-liner", "small change", "add a getter". Use
+  language skill directly.
+* **Documentation lookup** — "what is X", "how does Y work", "example
+  of Z", "syntax of W". Use `codebase-retrieval` or docs skill, never
+  council.
+
+Invoke council when:
+
+* **Architectural / structural** — system boundaries, coupling,
+  refactor strategy, migration plan, rewrite vs redesign.
+* **Multi-axis trade-off** — stakeholders disagree; competing
+  alternatives need weighing; "pros and cons" is the actual ask.
+* **Strategic / direction** — "should we …", "shall we …", roadmap
+  shape, long-term technical direction.
+* **Explicit ambiguity** — user wrote "unsure / uncertain / ambiguous
+  / second opinion / sanity check".
+
+Agent orchestration MUST call `council_cli` with `--invocation agent`
+so gate can skip silently on routine requests. User-typed `/council`
+keeps default (`--invocation user_explicit`); user gets educational
+message + `--proceed-anyway` override path. Mode `block` ignores
+`--proceed-anyway` by design — cost-strict opt-in.
+
 ## Goal
 
 Bring in **independent** external models to critique a project
@@ -89,8 +130,9 @@ travel changes.
 
 | Mode | Client | Billable | Transport | Status |
 |---|---|---|---|---|
-| `api` | `AnthropicClient` / `OpenAIClient` | yes | provider SDK + key from `~/.event4u/agent-config/<provider>.key` (legacy `~/.config/agent-config/<provider>.key` read as fallback) | shipped |
+| `api` | `AnthropicClient` / `OpenAIClient` / `GeminiClient` / `XAIClient` / `PerplexityClient` | yes | provider SDK + key from `~/.event4u/agent-config/<provider>.key` (legacy `~/.config/agent-config/<provider>.key` read as fallback) | shipped |
 | `manual` | `ManualClient` | no | `stdout` (prompt block) + `stdin` (user pastes the web-UI reply, terminated by a line containing only `END`) | shipped (Phase 2b) |
+| `cli` | `AnthropicCliClient` / `OpenAICliClient` / `GeminiCliClient` | no (subscription-authed) | local subprocess against the vendor CLI (`claude`, `codex`, `gemini`); auth delegated to the CLI's own session, no API key in this process | shipped (anthropic/openai/gemini · Phase 3) |
 
 Resolution lives in `scripts/ai_council/modes.py`:
 `resolve_mode(name, invocation_mode, member_settings, global_mode)`
@@ -118,16 +160,79 @@ thread** (no system prompt repetition). `2` records the round and
 moves to the next member. `3` returns `error="manual_aborted"` for
 that member and the orchestrator stops the fan-out.
 
+### CLI-mode UX
+
+`mode: cli` runs the council through the vendor's local CLI
+instead of the API. Auth is delegated — user logs into each CLI
+once (`claude login`, `codex login`, `gemini`), orchestrator
+inherits the subscription. No API key in this process.
+`billable=False` → cost gate bypassed; the local
+`cli_call_budget.max_calls_per_day.<provider>` quota (state at
+`~/.event4u/agent-config/cli-calls.json`, daily UTC reset) is the
+only per-day brake.
+
+Three vendor CLIs wired:
+
+- **Anthropic / Claude** — invokes `claude --print --output-format json`,
+  parses standard envelope (`result` + `usage` + `session_id` +
+  `total_cost_usd`). Token counts and reported cost survive to
+  `metadata` for audit.
+
+  ```yaml
+  members:
+    anthropic:
+      enabled: true
+      mode: cli
+      model: claude-sonnet-4-5
+  ```
+
+- **OpenAI / Codex** — invokes `codex exec --json`, walks the
+  newline-delimited JSON event stream, pulls text from
+  `item.completed` and tokens from `turn.completed`. Session id
+  preserved.
+
+  ```yaml
+  members:
+    openai:
+      enabled: true
+      mode: cli
+      model: gpt-5
+  ```
+
+- **Google / Gemini** — invokes `gemini --output-format json` with
+  prompt piped on stdin, parses `response` + `stats.models.<m>.tokens`
+  envelope. OAuth consent must be granted once interactively before
+  the CLI is usable from a non-interactive shell.
+
+  ```yaml
+  members:
+    gemini:
+      enabled: true
+      mode: cli
+      model: gemini-2.5-pro
+  ```
+
+Auth-failure stderr from any vendor CLI surfaces as
+`error="auth_expired"` with the original stderr tail in
+`metadata.stderr_tail` so the user knows to re-login. Missing
+binary at construction time fails fast with `CouncilDisabledError`
+naming the binary and the YAML override path — never silently
+substitutes.
+
+`xai` + `perplexity` accept `mode: cli` from Phase 4 onward, but
+their community CLIs DO consume the API key and DO NOT bypass
+per-token billing — contract doc warns explicitly.
+
 ### Cost-gate bypass for non-billable members
 
 `ExternalAIClient.billable` is the contract. Clients with
-`billable=False` (`ManualClient`) bypass the cost gate entirely —
-the orchestrator skips the
-projection check, the `on_overrun` callback, and the USD-budget
-short-circuit for that member, but still records the response's
-token counts (from the manual-paste length heuristic or the
-provider's reply, when available) for observability. Mixed runs
-(one manual + one api) gate only the api members.
+`billable=False` (`ManualClient`, `AnthropicCliClient`,
+`OpenAICliClient`, `GeminiCliClient`) bypass the cost gate entirely —
+orchestrator skips the projection check, the `on_overrun` callback,
+and the USD-budget short-circuit for that member, but still records
+the response's token counts (from the manual-paste length heuristic
+or the provider's reply, when available) for observability. Mixed
+runs (one cli + one api) gate only the api members.
 
 ## Degradation modes
 
@@ -266,6 +371,16 @@ matching `road-to-<topic-slug>` roadmap under `agents/roadmaps/`).
   + gpt-4o, YYYY-MM-DD) reviewed N candidate strategies; converged
   on …`).
 
+### Exempt
+
+- `agents/audit-*/` — historical audit bundles. Canonical council
+  dirs are gitignored; audit bundles are tracked, cohesive narratives
+  that may include council artefacts as part of their evidence trail
+  (e.g. `audit-2026-05-14-north-star/` bundles its triggering
+  question, raw responses, and synthesis alongside the audit's
+  findings). The layout linter (`scripts/check_council_layout.py`)
+  skips these directories.
+
 `scripts/check_council_layout.py` is the mechanical check for the
 output path convention — wire it into the package's CI pipeline so
 violations break the build.
@@ -690,6 +805,87 @@ and call count are unaffected. Peer-review preserves the advisor
 label while stripping provider identity (`Response A (Contrarian)`).
 Two enabled advisors on the same member is a config error.
 
+## Decision-replay artefact (Phase 9, audit trail)
+
+Every session that runs consensus scoring drops a `decision-replay.md`
+next to `responses.json`. Pure projection of consensus + final-round
+member texts — **no extra model calls, no extra spend**. Surfaces per
+top finding: verdict band (Strong/Moderate/Weak), evidence-quality
+(H/M/L), agree/dissent split, one key argument per member.
+
+Two render modes — **Full** (per-member arguments attributed to
+`provider:model`) and **Redacted** (verdict + evidence-quality + counts
+only). Toggles: `ai_council.decision_replay.{enabled,
+include_member_arguments}` global; `ai_council.lenses.<lens>.decision_replay.*`
+per-lens override.
+
+CLI — written automatically by `council run` on lenses that score
+consensus. `council replay <responses.json>` re-renders from a saved
+session; `--redact-member-arguments` / `--include-member-arguments`
+flip the view independent of config (share redacted variant of an
+already-paid run).
+
+## Lightweight-QA fast-path (Phase 11)
+
+Low-impact questions from Phase 10's impact router → restricted fast-path
+in place of full debate. Trade-off explicit: **1 round · ≤2 members ·
+$0.05/answer · 2500 tokens**. No advisors, no peer-review, no consensus
+scoring — quick answer + transparency marker, not deliberation.
+
+### Iron Law
+
+`high_impact` and `user_required` **never** route to fast-path,
+regardless of config. Schema validation rejects override. Fast-path
+activates only when:
+
+1. `ai_council.enabled: true` AND
+2. `decision_resolution.low_impact.mode: council` AND
+3. ≥1 member has `participate_low_impact: true` (default `false` —
+   explicit opt-in per member).
+
+Default `low_impact` route = **`agent`** — nothing reaches council
+without explicit two-knob opt-in (flip class → `council` *and* mark
+≥1 member `participate_low_impact: true`). Worked YAML, validation,
+unavailable-marker contract → [`ai-council-config § Low-impact council opt-in`](../../../docs/contracts/ai-council-config.md#low-impact-council-opt-in).
+
+### Output marker (always surfaced)
+
+* **Resolved** — `> Resolved via low-impact council (anthropic): <answer>`
+* **Split** — `> Low-impact council split — escalating to user (anthropic: X / openai: Y):`
+* **Aborted** — `> Low-impact council aborted (token cap) — escalating to user:`
+
+Marker mandatory — agent never silently substitutes fast-path verdict
+for its own answer.
+
+### Session artefact
+
+Every fast-path attempt appends one line to
+`agents/council-sessions/<date>-<slug>/low-impact-resolutions.md`:
+
+```
+2025-05-14T10:00:00Z | resolved | members=2/2 | members(anthropic, openai) cost=$0.0034 | Q=Service vs Repository for this read path?
+```
+
+Append-only, one line per resolution. Parser tolerates free-form
+headers around canonical lines.
+
+### `council replay --low-impact-stats`
+
+Re-projection of session log → summary block:
+
+```
+$ council replay agents/council-sessions/2025-05-14-foo/responses.json --low-impact-stats
+# Low-impact fast-path · session summary
+
+- attempts: 4
+- status: aborted=1 · resolved=2 · split=1
+- members: anthropic=4 · openai=3
+- total cost: $0.0096
+```
+
+No model calls — pure markdown parse. Returns 0 when session has no
+fast-path entries (clean session is not an error).
+
 ## See also
 
 - `/council` command — the user-facing entry point.
@@ -704,3 +900,7 @@ Two enabled advisors on the same member is a config error.
 - `docs/customization.md` § `ai_council.*` — settings reference.
 - `docs/contracts/ai-council-config.md` § advisors — schema + precedence
   contract.
+- `docs/contracts/ai-council-config.md` § Decision-replay artefact —
+  Phase 9 audit trail contract + redaction modes.
+- `scripts/ai_council/replay.py` — pure projection renderer (no model
+  calls).

package/.agent-src/templates/agents/agent-project-settings.example.yml

@@ -39,7 +39,7 @@ schema_version: 1
 # CI guard: a release bump of `package.json` must update this value
 # in lockstep — see scripts/check_template_pin_drift.py (road-to-
 # portable-runtime-and-update-check P3.3).
-agent_config_version: "2.12.0"
+agent_config_version: "2.13.0"
 
 # --- Project identity ---
 project:

package/.claude-plugin/marketplace.json

@@ -6,7 +6,7 @@
   },
   "metadata": {
     "description": "Shared agent configuration \u2014 skills for AI coding tools (Claude Code, Augment, Cursor, Cline, Windsurf, Gemini CLI).",
-    "version": "2.13.0",
+    "version": "2.14.0",
     "keywords": [
       "agent-config",
       "skills",
@@ -208,6 +208,7 @@
         "./.claude/skills/memory",
         "./.claude/skills/memory-add",
         "./.claude/skills/memory-consolidation",
+        "./.claude/skills/memory-learn-low-impact",
         "./.claude/skills/memory-load",
         "./.claude/skills/memory-mine-session",
         "./.claude/skills/memory-promote",