@groundnuty/macf 0.2.9 → 0.2.11

package/dist/.build-info.json

@@ -1,4 +1,4 @@
 {
-  "commit": "f62d934c26edc72896859557b3109e075f9043c9",
-  "built_at": "2026-04-30T16:08:13.236Z"
+  "commit": "9de68a7ab7403b7d60d9a2c106768edf21365c8f",
+  "built_at": "2026-05-01T14:46:30.110Z"
 }

package/dist/cli/claude-sh.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"claude-sh.d.ts","sourceRoot":"","sources":["../../src/cli/claude-sh.ts"],"names":[],"mappings":"AAaA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAiCnD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4CG;AACH,wBAAgB,kBAAkB,CAChC,MAAM,EAAE,eAAe,EACvB,GAAG,GAAE,MAAM,CAAC,UAAwB,GACnC,MAAM,EAAE,CAkDV;AA4BD;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,eAAe,GAAG,MAAM,CAiGhE;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAAC,YAAY,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,GAAG,MAAM,CAUnF"}
+{"version":3,"file":"claude-sh.d.ts","sourceRoot":"","sources":["../../src/cli/claude-sh.ts"],"names":[],"mappings":"AAaA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AA8GnD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4CG;AACH,wBAAgB,kBAAkB,CAChC,MAAM,EAAE,eAAe,EACvB,GAAG,GAAE,MAAM,CAAC,UAAwB,GACnC,MAAM,EAAE,CA+DV;AA4BD;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,eAAe,GAAG,MAAM,CA+GhE;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAAC,YAAY,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,GAAG,MAAM,CAUnF"}

package/dist/cli/claude-sh.js

@@ -41,6 +41,81 @@ function registryEnvLines(cfg) {
             ];
     }
 }
+/**
+ * Emit the `macf_settings_get` shell function (macf#313).
+ *
+ * Reads `.env.<name>` from `<workspace>/.claude/settings.local.json`
+ * via `jq`. Returns empty string if the file/key is missing or `jq`
+ * isn't installed. Used by the settings-driven identity overrides
+ * (see `generateClaudeSh`'s identity block) and the OTel endpoint
+ * settings layer.
+ *
+ * Defined before any caller in the generated script. Idempotent —
+ * calling it with no settings.local.json present is safe (just returns
+ * empty).
+ */
+function settingsGetHelperLines() {
+    return [
+        '',
+        '# Settings-driven identity helper (macf#313). Reads `.env.<NAME>` from',
+        '# .claude/settings.local.json via jq; returns empty string if file/key',
+        '# missing or jq absent. Used by the identity-override block below + the',
+        '# OTel endpoint settings layer to prefer operator-edited settings.local.json',
+        '# over baked defaults, without forcing operators to edit this launcher.',
+        'macf_settings_get() {',
+        '  local var_name="$1"',
+        '  if [ -f "$SCRIPT_DIR/.claude/settings.local.json" ] && command -v jq >/dev/null 2>&1; then',
+        '    jq -r ".env.${var_name} // empty" "$SCRIPT_DIR/.claude/settings.local.json" 2>/dev/null',
+        '  fi',
+        '}',
+    ];
+}
+/**
+ * Emit the tmux self-wrap block (macf#313).
+ *
+ * If `$TMUX` is unset (operator launched outside tmux) AND
+ * `MACF_NO_TMUX_WRAP` isn't `1`, the script `exec`s itself inside a
+ * tmux session named `<MACF_PROJECT>@<MACF_AGENT_NAME>`. Re-attach if
+ * the session already exists; otherwise create a new session and exec
+ * into it. Eliminates operator-discipline dependency for canonical
+ * session naming (coordination.md §Canonical tmux launch pattern).
+ *
+ * Path-2 promotion of the canonical-session-name rule: pre-#313, the
+ * rule existed as text-only doc that operators had to manually wrap
+ * `tmux new-session -d -s "<project>@<agent>" "./claude.sh"`. Post-#313,
+ * bare `./claude.sh` produces the same canonical session structurally.
+ *
+ * Order requirement: `MACF_PROJECT` and `MACF_AGENT_NAME` must be
+ * exported before this block (so `$SESSION_NAME` resolves correctly).
+ * `generateClaudeSh` orders accordingly.
+ *
+ * Opt-out: `MACF_NO_TMUX_WRAP=1 ./claude.sh` for operator-driven manual
+ * launches outside tmux (e.g., debug sessions, single-shot CLI use, CI).
+ * Sister convention to `MACF_OTEL_DISABLED=1`, `MACF_SKIP_TOKEN_CHECK=1`.
+ */
+function tmuxSelfWrapLines() {
+    return [
+        '',
+        '# Tmux self-wrap (macf#313 Path-2 promotion of coordination.md',
+        '# §Canonical tmux launch pattern). If launched outside tmux and the',
+        '# operator hasn\'t opted out, re-exec inside a tmux session named',
+        '# <MACF_PROJECT>@<MACF_AGENT_NAME>. Attach if the session exists;',
+        '# otherwise create a new one. The second invocation (inside tmux)',
+        '# has $TMUX set and skips the wrap.',
+        '#',
+        '# Opt-out: MACF_NO_TMUX_WRAP=1 ./claude.sh',
+        '#   For operator-driven manual launches outside tmux, debug sessions,',
+        '#   single-shot CLI use, CI environments.',
+        'if [ -z "${TMUX:-}" ] && [ "${MACF_NO_TMUX_WRAP:-}" != "1" ]; then',
+        '  SESSION_NAME="${MACF_PROJECT}@${MACF_AGENT_NAME}"',
+        '  if tmux has-session -t "$SESSION_NAME" 2>/dev/null; then',
+        '    exec tmux attach -t "$SESSION_NAME"',
+        '  else',
+        '    exec tmux new-session -s "$SESSION_NAME" -c "$SCRIPT_DIR" "$0" "$@"',
+        '  fi',
+        'fi',
+    ];
+}
 /**
  * Emit the Claude Code native OTEL telemetry env block into the
  * generated `claude.sh`. Three mandatory gates per Claude Code docs
@@ -126,7 +201,20 @@ export function otelTelemetryLines(config, env = process.env) {
         'export OTEL_TRACES_EXPORTER=otlp',
         'export OTEL_METRICS_EXPORTER=otlp',
         'export OTEL_LOGS_EXPORTER=otlp',
-        `export OTEL_EXPORTER_OTLP_ENDPOINT="\${OTEL_EXPORTER_OTLP_ENDPOINT:-${endpoint}}"`,
+        // 4-layer endpoint resolution chain (macf#313):
+        //   1. OTEL_EXPORTER_OTLP_ENDPOINT (runtime env, canonical OTel name) — wins
+        //   2. MACF_OTEL_ENDPOINT (runtime env)
+        //   3. settings.local.json `.env.MACF_OTEL_ENDPOINT` (operator-edited)
+        //   4. Baked default from macf init/update (template-time MACF_OTEL_ENDPOINT)
+        // The MACF_OTEL_ENDPOINT runtime+settings layer was added in #313 to
+        // close the gap between the existing template-time MACF_OTEL_ENDPOINT
+        // (bakes into this script at macf init/update) and the canonical
+        // runtime override (OTEL_EXPORTER_OTLP_ENDPOINT). Operators who want
+        // per-launch endpoint changes without re-running macf update now have
+        // settings.local.json `.env.MACF_OTEL_ENDPOINT` as the ergonomic path.
+        `MACF_OTEL_ENDPOINT="\${MACF_OTEL_ENDPOINT:-$(macf_settings_get MACF_OTEL_ENDPOINT)}"`,
+        `MACF_OTEL_ENDPOINT="\${MACF_OTEL_ENDPOINT:-${endpoint}}"`,
+        'export OTEL_EXPORTER_OTLP_ENDPOINT="${OTEL_EXPORTER_OTLP_ENDPOINT:-$MACF_OTEL_ENDPOINT}"',
         'export OTEL_EXPORTER_OTLP_PROTOCOL=http/protobuf',
         `export OTEL_SERVICE_NAME="macf-agent-${config.agent_name}"`,
         `export OTEL_RESOURCE_ATTRIBUTES="gen_ai.agent.name=${config.agent_name},gen_ai.agent.role=${config.agent_role},service.namespace=macf"`,
@@ -179,10 +267,24 @@ export function generateClaudeSh(config) {
         // cross-repo work — attribution trap fires. See #140 + the
         // cross-repo cwd trap note in coordination.md Token & Git Hygiene.
         'export MACF_WORKSPACE_DIR="$SCRIPT_DIR"',
-        `export MACF_AGENT_NAME="${config.agent_name}"`,
         `export MACF_PROJECT="${config.project}"`,
         `export MACF_AGENT_TYPE="${config.agent_type}"`,
-        `export MACF_AGENT_ROLE="${config.agent_role}"`,
+        ...settingsGetHelperLines(),
+        '',
+        '# Settings-driven identity overrides (macf#313). Three-layer priority:',
+        '#   1. Already-set env var (operator: `MACF_AGENT_NAME=foo ./claude.sh`)',
+        '#   2. .claude/settings.local.json `env` block (operator: edit JSON;',
+        '#      no script edit needed; persists across `macf update`)',
+        '#   3. Baked default from macf init/update (this template)',
+        '# Identity changes become JSON edits rather than script edits.',
+        `MACF_AGENT_NAME="\${MACF_AGENT_NAME:-$(macf_settings_get MACF_AGENT_NAME)}"`,
+        `MACF_AGENT_NAME="\${MACF_AGENT_NAME:-${config.agent_name}}"`,
+        'export MACF_AGENT_NAME',
+        `MACF_AGENT_ROLE="\${MACF_AGENT_ROLE:-$(macf_settings_get MACF_AGENT_ROLE)}"`,
+        `MACF_AGENT_ROLE="\${MACF_AGENT_ROLE:-${config.agent_role}}"`,
+        'export MACF_AGENT_ROLE',
+        ...tmuxSelfWrapLines(),
+        '',
         `export APP_ID="${config.github_app.app_id}"`,
         `export INSTALL_ID="${config.github_app.install_id}"`,
         `export KEY_PATH="${config.github_app.key_path}"`,

package/dist/cli/claude-sh.js.map

@@ -1 +1 @@
-{"version":3,"file":"claude-sh.js","sourceRoot":"","sources":["../../src/cli/claude-sh.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAG1C;;;;;;;;;;GAUG;AACH,SAAS,gBAAgB,CAAC,GAAoB;IAC5C,QAAQ,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC1B,KAAK,MAAM;YACT,OAAO;gBACL,kCAAkC;gBAClC,8BAA8B,GAAG,CAAC,QAAQ,CAAC,KAAK,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,GAAG;aACzE,CAAC;QACJ,KAAK,KAAK;YACR,OAAO;gBACL,iCAAiC;gBACjC,6BAA6B,GAAG,CAAC,QAAQ,CAAC,GAAG,GAAG;aACjD,CAAC;QACJ,KAAK,SAAS;YACZ,OAAO;gBACL,qCAAqC;gBACrC,8BAA8B,GAAG,CAAC,QAAQ,CAAC,IAAI,GAAG;aACnD,CAAC;IACN,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4CG;AACH,MAAM,UAAU,kBAAkB,CAChC,MAAuB,EACvB,MAAyB,OAAO,CAAC,GAAG;IAEpC,IAAI,GAAG,CAAC,oBAAoB,CAAC,KAAK,GAAG,IAAI,GAAG,CAAC,oBAAoB,CAAC,KAAK,MAAM,EAAE,CAAC;QAC9E,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,QAAQ,GAAG,GAAG,CAAC,oBAAoB,CAAC,IAAI,wBAAwB,CAAC;IAEvE,+DAA+D;IAC/D,kEAAkE;IAClE,6DAA6D;IAC7D,oDAAoD;IACpD,IAAI,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CACb,wDAAwD;YACtD,QAAQ,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI;YACpC,6CAA6C,CAChD,CAAC;IACJ,CAAC;IAED,OAAO;QACL,EAAE;QACF,iFAAiF;QACjF,yEAAyE;QACzE,gFAAgF;QAChF,+EAA+E;QAC/E,mFAAmF;QACnF,uEAAuE;QACvE,wEAAwE;QACxE,qEAAqE;QACrE,wEAAwE;QACxE,yEAAyE;QACzE,sEAAsE;QACtE,yEAAyE;QACzE,kEAAkE;QAClE,2DAA2D;QAC3D,gEAAgE;QAChE,gEAAgE;QAChE,gEAAgE;QAChE,+DAA+D;QAC/D,8DAA8D;QAC9D,uCAAuC;QACvC,8CAA8C;QAC9C,kCAAkC;QAClC,mCAAmC;QACnC,gCAAgC;QAChC,uEAAuE,QAAQ,IAAI;QACnF,kDAAkD;QAClD,wCAAwC,MAAM,CAAC,UAAU,GAAG;QAC5D,sDAAsD,MAAM,CAAC,UAAU,sBAAsB,MAAM,CAAC,UAAU,0BAA0B;KACzI,CAAC;AACJ,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,WAAW,CAAC,GAAoB;IACvC,QAAQ,GAAG,CAAC,UAAU,EAAE,CAAC;QACvB,KAAK,WAAW;YACd,OAAO,CAAC,IAAI,CAAC,CAAC;QAChB,KAAK,QAAQ;YACX,OAAO,EAAE,CAAC;IACd,CAAC;AACH,CAAC;AAED,MAAM,oBAAoB,GAAG;IAC3B,oEAAoE;IACpE,gEAAgE;IAChE,sEAAsE;IACtE,kEAAkE;CACnE,CAAC;AAEF;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAuB;IACtD,OAAO;QACL,qBAAqB;QACrB,mBAAmB;QACnB,EAAE;QACF,0BAA0B,MAAM,CAAC,UAAU,EAAE;QAC7C,GAAG,oBAAoB;QACvB,EAAE;QACF,4DAA4D;QAC5D,kBAAkB;QAClB,EAAE;QACF,uDAAuD;QACvD,6DAA6D;QAC7D,6DAA6D;QAC7D,4DAA4D;QAC5D,2DAA2D;QAC3D,mEAAmE;QACnE,yCAAyC;QACzC,2BAA2B,MAAM,CAAC,UAAU,GAAG;QAC/C,wBAAwB,MAAM,CAAC,OAAO,GAAG;QACzC,2BAA2B,MAAM,CAAC,UAAU,GAAG;QAC/C,2BAA2B,MAAM,CAAC,UAAU,GAAG;QAC/C,kBAAkB,MAAM,CAAC,UAAU,CAAC,MAAM,GAAG;QAC7C,sBAAsB,MAAM,CAAC,UAAU,CAAC,UAAU,GAAG;QACrD,oBAAoB,MAAM,CAAC,UAAU,CAAC,QAAQ,GAAG;QACjD,kEAAkE;QAClE,gEAAgE;QAChE,kEAAkE;QAClE,gEAAgE;QAChE,+DAA+D;QAC/D,kDAAkD;QAClD,qBAAqB;QACrB,8BAA8B;QAC9B,0CAA0C;QAC1C,MAAM;QACN,iBAAiB;QACjB,0CAA0C,MAAM,CAAC,OAAO,eAAe;QACvE,yCAAyC,MAAM,CAAC,OAAO,cAAc;QACrE,iEAAiE;QACjE,+DAA+D;QAC/D,2DAA2D;QAC3D,0CAA0C;QAC1C,oEAAoE;QACpE,qEAAqE;QACrE,6DAA6D;QAC7D,4DAA4D;QAC5D,4BAA4B;QAC5B,+BAA+B,MAAM,CAAC,cAAc,IAAI,WAAW,GAAG;QACtE,uDAAuD;QACvD,4DAA4D;QAC5D,4DAA4D;QAC5D,4DAA4D;QAC5D,+DAA+D;QAC/D,GAAG,CAAC,MAAM,CAAC,YAAY,KAAK,SAAS;YACnC,CAAC,CAAC,CAAC,6BAA6B,MAAM,CAAC,YAAY,GAAG,CAAC;YACvD,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,MAAM,CAAC,WAAW,KAAK,SAAS;YAClC,CAAC,CAAC,CAAC,4BAA4B,MAAM,CAAC,WAAW,GAAG,CAAC;YACrD,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,gBAAgB,CAAC,MAAM,CAAC;QAC3B,GAAG,kBAAkB,CAAC,MAAM,CAAC;QAC7B,EAAE;QACF,0EAA0E;QAC1E,0EAA0E;QAC1E,4EAA4E;QAC5E,2EAA2E;QAC3E,2EAA2E;QAC3E,oEAAoE;QACpE,8DAA8D;QAC9D,2EAA2E;QAC3E,qEAAqE;QACrE,UAAU;QACV,GAAG;QACH,iBAAiB;QACjB,EAAE;QACF,2BAA2B,MAAM,CAAC,UAAU,QAAQ;QACpD,8BAA8B,MAAM,CAAC,UAAU,QAAQ;QACvD,EAAE;QACF,kBAAkB,MAAM,CAAC,UAAU,KAAK,MAAM,CAAC,UAAU,OAAO;QAChE,sEAAsE;QACtE,oEAAoE;QACpE,kEAAkE;QAClE,oEAAoE;QACpE,uDAAuD;QACvD,EAAE;QACF,kEAAkE;QAClE,oEAAoE;QACpE,iEAAiE;QACjE,4DAA4D;QAC5D,uBAAuB;QACvB,kCAAkC;QAClC,iBAAiB,CAAC,cAAc,EAAE,4BAA4B,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO;QAChF,MAAM;QACN,iBAAiB,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,EAAE,cAAc,EAAE,4BAA4B,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO;QACxG,IAAI;QACJ,EAAE;KACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,YAAoB,EAAE,MAAuB;IACzE,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACvC,aAAa,CAAC,IAAI,EAAE,gBAAgB,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAC/D,uEAAuE;IACvE,qEAAqE;IACrE,kEAAkE;IAClE,oDAAoD;IACpD,SAAS,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IACvB,OAAO,IAAI,CAAC;AACd,CAAC"}
+{"version":3,"file":"claude-sh.js","sourceRoot":"","sources":["../../src/cli/claude-sh.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAG1C;;;;;;;;;;GAUG;AACH,SAAS,gBAAgB,CAAC,GAAoB;IAC5C,QAAQ,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC1B,KAAK,MAAM;YACT,OAAO;gBACL,kCAAkC;gBAClC,8BAA8B,GAAG,CAAC,QAAQ,CAAC,KAAK,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,GAAG;aACzE,CAAC;QACJ,KAAK,KAAK;YACR,OAAO;gBACL,iCAAiC;gBACjC,6BAA6B,GAAG,CAAC,QAAQ,CAAC,GAAG,GAAG;aACjD,CAAC;QACJ,KAAK,SAAS;YACZ,OAAO;gBACL,qCAAqC;gBACrC,8BAA8B,GAAG,CAAC,QAAQ,CAAC,IAAI,GAAG;aACnD,CAAC;IACN,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,SAAS,sBAAsB;IAC7B,OAAO;QACL,EAAE;QACF,wEAAwE;QACxE,wEAAwE;QACxE,yEAAyE;QACzE,8EAA8E;QAC9E,yEAAyE;QACzE,uBAAuB;QACvB,uBAAuB;QACvB,8FAA8F;QAC9F,6FAA6F;QAC7F,MAAM;QACN,GAAG;KACJ,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,SAAS,iBAAiB;IACxB,OAAO;QACL,EAAE;QACF,gEAAgE;QAChE,qEAAqE;QACrE,mEAAmE;QACnE,mEAAmE;QACnE,mEAAmE;QACnE,qCAAqC;QACrC,GAAG;QACH,4CAA4C;QAC5C,uEAAuE;QACvE,2CAA2C;QAC3C,oEAAoE;QACpE,qDAAqD;QACrD,4DAA4D;QAC5D,yCAAyC;QACzC,QAAQ;QACR,yEAAyE;QACzE,MAAM;QACN,IAAI;KACL,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4CG;AACH,MAAM,UAAU,kBAAkB,CAChC,MAAuB,EACvB,MAAyB,OAAO,CAAC,GAAG;IAEpC,IAAI,GAAG,CAAC,oBAAoB,CAAC,KAAK,GAAG,IAAI,GAAG,CAAC,oBAAoB,CAAC,KAAK,MAAM,EAAE,CAAC;QAC9E,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,QAAQ,GAAG,GAAG,CAAC,oBAAoB,CAAC,IAAI,wBAAwB,CAAC;IAEvE,+DAA+D;IAC/D,kEAAkE;IAClE,6DAA6D;IAC7D,oDAAoD;IACpD,IAAI,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CACb,wDAAwD;YACtD,QAAQ,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI;YACpC,6CAA6C,CAChD,CAAC;IACJ,CAAC;IAED,OAAO;QACL,EAAE;QACF,iFAAiF;QACjF,yEAAyE;QACzE,gFAAgF;QAChF,+EAA+E;QAC/E,mFAAmF;QACnF,uEAAuE;QACvE,wEAAwE;QACxE,qEAAqE;QACrE,wEAAwE;QACxE,yEAAyE;QACzE,sEAAsE;QACtE,yEAAyE;QACzE,kEAAkE;QAClE,2DAA2D;QAC3D,gEAAgE;QAChE,gEAAgE;QAChE,gEAAgE;QAChE,+DAA+D;QAC/D,8DAA8D;QAC9D,uCAAuC;QACvC,8CAA8C;QAC9C,kCAAkC;QAClC,mCAAmC;QACnC,gCAAgC;QAChC,gDAAgD;QAChD,6EAA6E;QAC7E,wCAAwC;QACxC,uEAAuE;QACvE,8EAA8E;QAC9E,qEAAqE;QACrE,sEAAsE;QACtE,iEAAiE;QACjE,qEAAqE;QACrE,sEAAsE;QACtE,uEAAuE;QACvE,sFAAsF;QACtF,8CAA8C,QAAQ,IAAI;QAC1D,0FAA0F;QAC1F,kDAAkD;QAClD,wCAAwC,MAAM,CAAC,UAAU,GAAG;QAC5D,sDAAsD,MAAM,CAAC,UAAU,sBAAsB,MAAM,CAAC,UAAU,0BAA0B;KACzI,CAAC;AACJ,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,WAAW,CAAC,GAAoB;IACvC,QAAQ,GAAG,CAAC,UAAU,EAAE,CAAC;QACvB,KAAK,WAAW;YACd,OAAO,CAAC,IAAI,CAAC,CAAC;QAChB,KAAK,QAAQ;YACX,OAAO,EAAE,CAAC;IACd,CAAC;AACH,CAAC;AAED,MAAM,oBAAoB,GAAG;IAC3B,oEAAoE;IACpE,gEAAgE;IAChE,sEAAsE;IACtE,kEAAkE;CACnE,CAAC;AAEF;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAuB;IACtD,OAAO;QACL,qBAAqB;QACrB,mBAAmB;QACnB,EAAE;QACF,0BAA0B,MAAM,CAAC,UAAU,EAAE;QAC7C,GAAG,oBAAoB;QACvB,EAAE;QACF,4DAA4D;QAC5D,kBAAkB;QAClB,EAAE;QACF,uDAAuD;QACvD,6DAA6D;QAC7D,6DAA6D;QAC7D,4DAA4D;QAC5D,2DAA2D;QAC3D,mEAAmE;QACnE,yCAAyC;QACzC,wBAAwB,MAAM,CAAC,OAAO,GAAG;QACzC,2BAA2B,MAAM,CAAC,UAAU,GAAG;QAC/C,GAAG,sBAAsB,EAAE;QAC3B,EAAE;QACF,wEAAwE;QACxE,0EAA0E;QAC1E,sEAAsE;QACtE,8DAA8D;QAC9D,4DAA4D;QAC5D,gEAAgE;QAChE,6EAA6E;QAC7E,wCAAwC,MAAM,CAAC,UAAU,IAAI;QAC7D,wBAAwB;QACxB,6EAA6E;QAC7E,wCAAwC,MAAM,CAAC,UAAU,IAAI;QAC7D,wBAAwB;QACxB,GAAG,iBAAiB,EAAE;QACtB,EAAE;QACF,kBAAkB,MAAM,CAAC,UAAU,CAAC,MAAM,GAAG;QAC7C,sBAAsB,MAAM,CAAC,UAAU,CAAC,UAAU,GAAG;QACrD,oBAAoB,MAAM,CAAC,UAAU,CAAC,QAAQ,GAAG;QACjD,kEAAkE;QAClE,gEAAgE;QAChE,kEAAkE;QAClE,gEAAgE;QAChE,+DAA+D;QAC/D,kDAAkD;QAClD,qBAAqB;QACrB,8BAA8B;QAC9B,0CAA0C;QAC1C,MAAM;QACN,iBAAiB;QACjB,0CAA0C,MAAM,CAAC,OAAO,eAAe;QACvE,yCAAyC,MAAM,CAAC,OAAO,cAAc;QACrE,iEAAiE;QACjE,+DAA+D;QAC/D,2DAA2D;QAC3D,0CAA0C;QAC1C,oEAAoE;QACpE,qEAAqE;QACrE,6DAA6D;QAC7D,4DAA4D;QAC5D,4BAA4B;QAC5B,+BAA+B,MAAM,CAAC,cAAc,IAAI,WAAW,GAAG;QACtE,uDAAuD;QACvD,4DAA4D;QAC5D,4DAA4D;QAC5D,4DAA4D;QAC5D,+DAA+D;QAC/D,GAAG,CAAC,MAAM,CAAC,YAAY,KAAK,SAAS;YACnC,CAAC,CAAC,CAAC,6BAA6B,MAAM,CAAC,YAAY,GAAG,CAAC;YACvD,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,MAAM,CAAC,WAAW,KAAK,SAAS;YAClC,CAAC,CAAC,CAAC,4BAA4B,MAAM,CAAC,WAAW,GAAG,CAAC;YACrD,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,gBAAgB,CAAC,MAAM,CAAC;QAC3B,GAAG,kBAAkB,CAAC,MAAM,CAAC;QAC7B,EAAE;QACF,0EAA0E;QAC1E,0EAA0E;QAC1E,4EAA4E;QAC5E,2EAA2E;QAC3E,2EAA2E;QAC3E,oEAAoE;QACpE,8DAA8D;QAC9D,2EAA2E;QAC3E,qEAAqE;QACrE,UAAU;QACV,GAAG;QACH,iBAAiB;QACjB,EAAE;QACF,2BAA2B,MAAM,CAAC,UAAU,QAAQ;QACpD,8BAA8B,MAAM,CAAC,UAAU,QAAQ;QACvD,EAAE;QACF,kBAAkB,MAAM,CAAC,UAAU,KAAK,MAAM,CAAC,UAAU,OAAO;QAChE,sEAAsE;QACtE,oEAAoE;QACpE,kEAAkE;QAClE,oEAAoE;QACpE,uDAAuD;QACvD,EAAE;QACF,kEAAkE;QAClE,oEAAoE;QACpE,iEAAiE;QACjE,4DAA4D;QAC5D,uBAAuB;QACvB,kCAAkC;QAClC,iBAAiB,CAAC,cAAc,EAAE,4BAA4B,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO;QAChF,MAAM;QACN,iBAAiB,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,EAAE,cAAc,EAAE,4BAA4B,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO;QACxG,IAAI;QACJ,EAAE;KACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,YAAoB,EAAE,MAAuB;IACzE,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACvC,aAAa,CAAC,IAAI,EAAE,gBAAgB,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAC/D,uEAAuE;IACvE,qEAAqE;IACrE,kEAAkE;IAClE,oDAAoD;IACpD,SAAS,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IACvB,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/cli/settings-writer.d.ts

@@ -30,6 +30,20 @@ export declare const MACF_HOOK_COMMAND = "$CLAUDE_PROJECT_DIR/.claude/scripts/ch
  * `2026-04-27-self-observed-canonical-rule-breach-pattern-analysis.md`).
  */
 export declare const MACF_MENTION_HOOK_COMMAND = "$CLAUDE_PROJECT_DIR/.claude/scripts/check-mention-routing.sh";
+/**
+ * LGTM-gate hook command (groundnuty/macf#270 — DR-023 UC-2). Blocks
+ * `gh pr merge` invocations when the target PR has no non-author
+ * APPROVED review on record. Implements `pr-discipline.md` "no LGTM
+ * = no merge" structurally (rule codified via macf#262 / PR #263).
+ *
+ * Per the DR-023 amendment (PR #279), this is a bash command-type
+ * hook — NOT `type: "mcp_tool"`. PreToolUse-blocking semantics +
+ * mcp_tool's non-blocking-on-disconnect failure mode are structurally
+ * incompatible; bash form fires uniformly across substrate (no
+ * macf-agent MCP server) AND consumer workspaces. UC-4 (PR #275)
+ * demonstrated the bash-form path empirically; UC-2 mirrors it.
+ */
+export declare const MACF_LGTM_HOOK_COMMAND = "$CLAUDE_PROJECT_DIR/.claude/scripts/check-lgtm-gate.sh";
 /**
  * Permission patterns pre-approving the 4 `macf-agent` plugin skills.
  * Without these, every first invocation of a skill (e.g. `/macf-status`
@@ -216,15 +230,18 @@ export declare function installPluginSkillPermissions(workspaceDir: string): voi
  *   - `check-gh-token.sh` (groundnuty/macf#140 — attribution-trap defense)
  *   - `check-mention-routing.sh` (groundnuty/macf#244 + #272 — routing
  *     leak detector for raw `@<bot>[bot]` in describing-context)
+ *   - `check-lgtm-gate.sh` (groundnuty/macf#270 — DR-023 UC-2; blocks
+ *     `gh pr merge` when no non-author APPROVED review exists)
  *
  * Creates the `.claude/` directory and the file if either is missing.
  * Idempotent: repeated calls don't duplicate entries.
  *
- * Both hooks share `matcher: "Bash"` because Claude Code's matcher field
+ * All hooks share `matcher: "Bash"` because Claude Code's matcher field
  * gates which tool fires the hook; the wrapped-command detection (gh vs
- * git-push for token, gh issue/pr comment for routing) happens INSIDE
- * each script. Distinct entries per script keep them independently
- * upgradeable + diagnosable in `gh issue list` style settings audits.
+ * git-push for token, gh issue/pr comment for routing, gh pr merge for
+ * LGTM) happens INSIDE each script. Distinct entries per script keep
+ * them independently upgradeable + diagnosable in `gh issue list` style
+ * settings audits.
  */
 export declare function installGhTokenHook(workspaceDir: string): void;
 //# sourceMappingURL=settings-writer.d.ts.map

package/dist/cli/settings-writer.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"settings-writer.d.ts","sourceRoot":"","sources":["../../src/cli/settings-writer.ts"],"names":[],"mappings":"AAuBA;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,eAAO,MAAM,iBAAiB,0DAA0D,CAAC;AAEzF;;;;;;;;GAQG;AACH,eAAO,MAAM,yBAAyB,iEAAiE,CAAC;AA6DxG;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,eAAO,MAAM,wBAAwB,EAAE,SAAS,MAAM,EAKrD,CAAC;AAEF;;;;;;;;;;;;;;;;;GAiBG;AACH,eAAO,MAAM,uBAAuB,kBAAkB,CAAC;AAEvD;;;;;;;;;;;GAWG;AACH,wBAAgB,mBAAmB,CAAC,YAAY,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,CAS3E;AAmBD;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAgB,mBAAmB,CAAC,YAAY,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,CAM3E;AAED;;;;;;;;;GASG;AACH,wBAAgB,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,CAM1E;AAaD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,yBAAyB,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CA+CpE;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AACH,eAAO,MAAM,yBAAyB,EAAE,SAAS,MAAM,EA0CtD,CAAC;AAWF;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,8BAA8B,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CA8CzE;AAED;;;;;;GAMG;AACH,wBAAgB,0BAA0B,CAAC,YAAY,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,CAQlF;AASD;;;;;;;;GAQG;AACH,wBAAgB,6BAA6B,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CA+BxE;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CA0C7D"}
+{"version":3,"file":"settings-writer.d.ts","sourceRoot":"","sources":["../../src/cli/settings-writer.ts"],"names":[],"mappings":"AAuBA;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,eAAO,MAAM,iBAAiB,0DAA0D,CAAC;AAEzF;;;;;;;;GAQG;AACH,eAAO,MAAM,yBAAyB,iEAAiE,CAAC;AAExG;;;;;;;;;;;;GAYG;AACH,eAAO,MAAM,sBAAsB,2DAA2D,CAAC;AA8D/F;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,eAAO,MAAM,wBAAwB,EAAE,SAAS,MAAM,EAKrD,CAAC;AAEF;;;;;;;;;;;;;;;;;GAiBG;AACH,eAAO,MAAM,uBAAuB,kBAAkB,CAAC;AAEvD;;;;;;;;;;;GAWG;AACH,wBAAgB,mBAAmB,CAAC,YAAY,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,CAS3E;AAmBD;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAgB,mBAAmB,CAAC,YAAY,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,CAM3E;AAED;;;;;;;;;GASG;AACH,wBAAgB,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,CAM1E;AAaD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,yBAAyB,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CA+CpE;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AACH,eAAO,MAAM,yBAAyB,EAAE,SAAS,MAAM,EA0CtD,CAAC;AAWF;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,8BAA8B,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CA8CzE;AAED;;;;;;GAMG;AACH,wBAAgB,0BAA0B,CAAC,YAAY,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,CAQlF;AASD;;;;;;;;GAQG;AACH,wBAAgB,6BAA6B,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CA+BxE;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CA8C7D"}

package/dist/cli/settings-writer.js

@@ -52,6 +52,20 @@ export const MACF_HOOK_COMMAND = '$CLAUDE_PROJECT_DIR/.claude/scripts/check-gh-t
  * `2026-04-27-self-observed-canonical-rule-breach-pattern-analysis.md`).
  */
 export const MACF_MENTION_HOOK_COMMAND = '$CLAUDE_PROJECT_DIR/.claude/scripts/check-mention-routing.sh';
+/**
+ * LGTM-gate hook command (groundnuty/macf#270 — DR-023 UC-2). Blocks
+ * `gh pr merge` invocations when the target PR has no non-author
+ * APPROVED review on record. Implements `pr-discipline.md` "no LGTM
+ * = no merge" structurally (rule codified via macf#262 / PR #263).
+ *
+ * Per the DR-023 amendment (PR #279), this is a bash command-type
+ * hook — NOT `type: "mcp_tool"`. PreToolUse-blocking semantics +
+ * mcp_tool's non-blocking-on-disconnect failure mode are structurally
+ * incompatible; bash form fires uniformly across substrate (no
+ * macf-agent MCP server) AND consumer workspaces. UC-4 (PR #275)
+ * demonstrated the bash-form path empirically; UC-2 mirrors it.
+ */
+export const MACF_LGTM_HOOK_COMMAND = '$CLAUDE_PROJECT_DIR/.claude/scripts/check-lgtm-gate.sh';
 /**
  * The hook filenames used to identify MACF-managed entries on refresh.
  * Matched by path-end equality (see isMacfManagedCommand) so operator
@@ -60,6 +74,7 @@ export const MACF_MENTION_HOOK_COMMAND = '$CLAUDE_PROJECT_DIR/.claude/scripts/ch
 const MACF_HOOK_FILENAMES = [
     'check-gh-token.sh',
     'check-mention-routing.sh',
+    'check-lgtm-gate.sh',
 ];
 /**
  * True iff the command string represents one of our managed hooks — i.e.
@@ -493,15 +508,18 @@ export function installPluginSkillPermissions(workspaceDir) {
  *   - `check-gh-token.sh` (groundnuty/macf#140 — attribution-trap defense)
  *   - `check-mention-routing.sh` (groundnuty/macf#244 + #272 — routing
  *     leak detector for raw `@<bot>[bot]` in describing-context)
+ *   - `check-lgtm-gate.sh` (groundnuty/macf#270 — DR-023 UC-2; blocks
+ *     `gh pr merge` when no non-author APPROVED review exists)
  *
  * Creates the `.claude/` directory and the file if either is missing.
  * Idempotent: repeated calls don't duplicate entries.
  *
- * Both hooks share `matcher: "Bash"` because Claude Code's matcher field
+ * All hooks share `matcher: "Bash"` because Claude Code's matcher field
  * gates which tool fires the hook; the wrapped-command detection (gh vs
- * git-push for token, gh issue/pr comment for routing) happens INSIDE
- * each script. Distinct entries per script keep them independently
- * upgradeable + diagnosable in `gh issue list` style settings audits.
+ * git-push for token, gh issue/pr comment for routing, gh pr merge for
+ * LGTM) happens INSIDE each script. Distinct entries per script keep
+ * them independently upgradeable + diagnosable in `gh issue list` style
+ * settings audits.
  */
 export function installGhTokenHook(workspaceDir) {
     const absDir = resolve(workspaceDir);
@@ -528,6 +546,10 @@ export function installGhTokenHook(workspaceDir) {
             matcher: 'Bash',
             hooks: [{ type: 'command', command: MACF_MENTION_HOOK_COMMAND }],
         },
+        {
+            matcher: 'Bash',
+            hooks: [{ type: 'command', command: MACF_LGTM_HOOK_COMMAND }],
+        },
     ];
     const updated = {
         ...settings,

package/dist/cli/settings-writer.js.map

@@ -1 +1 @@
-{"version":3,"file":"settings-writer.js","sourceRoot":"","sources":["../../src/cli/settings-writer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AACH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAC7E,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAE1C;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,uDAAuD,CAAC;AAEzF;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,8DAA8D,CAAC;AAExG;;;;GAIG;AACH,MAAM,mBAAmB,GAAsB;IAC7C,mBAAmB;IACnB,0BAA0B;CAC3B,CAAC;AAEF;;;;;;GAMG;AACH,SAAS,oBAAoB,CAAC,OAAe;IAC3C,iEAAiE;IACjE,6EAA6E;IAC7E,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACrD,MAAM,KAAK,GAAG,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,QAAQ,GAAG,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IACjE,OAAO,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAChD,CAAC;AAqBD,SAAS,YAAY,CAAC,IAAY;IAChC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,EAAE,CAAC;IACjC,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IACxC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAa,CAAC;IACrC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CACb,4DAA4D,IAAI,KAAM,GAAa,CAAC,OAAO,IAAI;YAC7F,gDAAgD,EAClD,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAsB;IACzD,+BAA+B;IAC/B,+BAA+B;IAC/B,8BAA8B;IAC9B,6BAA6B;CAC9B,CAAC;AAEF;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,eAAe,CAAC;AAEvD;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,mBAAmB,CAAC,YAAoB;IACtD,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,eAAe,CAAC,CAAC;IACtD,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,UAAU,GAAI,QAAQ,CAAC,SAAS,CAAyC,IAAI,EAAE,CAAC;IACtF,MAAM,aAAa,GAAI,UAAU,CAAC,YAAY,CAAyC,IAAI,EAAE,CAAC;IAC9F,MAAM,IAAI,GAAG,aAAa,CAAC,WAAW,CAAC,CAAC;IACxC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC;QAAE,OAAO,EAAE,CAAC;IACpC,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,oBAAoB,CAAC,QAAgB,EAAE,GAAqB;IACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;IACxC,MAAM,cAAc,GAAI,QAAQ,CAAC,aAAa,CAAyC,IAAI,EAAE,CAAC;IAC9F,MAAM,IAAI,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC;QAAE,OAAO,EAAE,CAAC;IACpC,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,UAAU,mBAAmB,CAAC,YAAoB;IACtD,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,oBAAoB,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,EAAE,OAAO,CAAC,CAAC;IAC7E,MAAM,KAAK,GAAG,oBAAoB,CAAC,IAAI,CAAC,SAAS,EAAE,qBAAqB,CAAC,EAAE,OAAO,CAAC,CAAC;IACpF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;AAClD,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,kBAAkB,CAAC,YAAoB;IACrD,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,oBAAoB,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,EAAE,MAAM,CAAC,CAAC;IAC5E,MAAM,KAAK,GAAG,oBAAoB,CAAC,IAAI,CAAC,SAAS,EAAE,qBAAqB,CAAC,EAAE,MAAM,CAAC,CAAC;IACnF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;AAClD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,uBAAuB,GAAsB;IACjD,kBAAkB;CACnB,CAAC;AAEF;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,yBAAyB,CAAC,YAAoB;IAC5D,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IACrD,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,MAAM;QAAE,OAAO;IAE5C,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IAE9C,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1C,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACpC,iEAAiE;IACjE,kEAAkE;IAClE,MAAM,UAAU,GAAI,QAAQ,CAAC,SAAS,CAAyC,IAAI,EAAE,CAAC;IACtF,MAAM,aAAa,GAAI,UAAU,CAAC,YAAY,CAAyC,IAAI,EAAE,CAAC;IAC9F,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;QAC7D,CAAC,CAAE,aAAa,CAAC,WAAW,CAAwB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;QACtG,CAAC,CAAC,EAAE,CAAC;IAEP,iEAAiE;IACjE,kEAAkE;IAClE,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,CACpC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,uBAAuB,CAAC,QAAQ,CAAC,KAAK,CAAC,CACpD,CAAC;IAEF,gEAAgE;IAChE,6DAA6D;IAC7D,IAAI,SAAS,CAAC,MAAM,KAAK,aAAa,CAAC,MAAM,IAAI,SAAS,CAAC,QAAQ,CAAC,uBAAuB,CAAC,EAAE,CAAC;QAC7F,OAAO;IACT,CAAC;IAED,MAAM,SAAS,GAAG,SAAS,CAAC,QAAQ,CAAC,uBAAuB,CAAC;QAC3D,CAAC,CAAC,SAAS;QACX,CAAC,CAAC,CAAC,GAAG,SAAS,EAAE,uBAAuB,CAAC,CAAC;IAE5C,MAAM,OAAO,GAAa;QACxB,GAAG,QAAQ;QACX,OAAO,EAAE;YACP,GAAG,UAAU;YACb,UAAU,EAAE;gBACV,GAAG,aAAa;gBAChB,SAAS;aACV;SACF;KACF,CAAC;IAEF,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAC/D,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAsB;IAC1D,0BAA0B;IAC1B,OAAO;IACP,OAAO;IACP,SAAS;IACT,UAAU;IACV,OAAO;IACP,OAAO;IACP,OAAO;IACP,aAAa;IACb,MAAM;IACN,OAAO;IACP,OAAO;IACP,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,MAAM;IACN,WAAW;IACX,uBAAuB;IACvB,QAAQ;IACR,MAAM;IACN,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,OAAO;IACP,MAAM;IACN,MAAM;IACN,QAAQ;IACR,OAAO;IACP,OAAO;IACP,QAAQ;IACR,SAAS;IACT,0DAA0D;IAC1D,qDAAqD;IACrD,QAAQ;IACR,MAAM;IACN,SAAS;IACT,yDAAyD;IACzD,2DAA2D;IAC3D,SAAS;IACT,MAAM;IACN,SAAS;CACV,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,6BAA6B,GAAsB,EAAE,CAAC;AAE5D;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,UAAU,8BAA8B,CAAC,YAAoB;IACjE,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;IAChE,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,MAAM;QAAE,OAAO;IAE5C,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IAE9C,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1C,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACpC,mEAAmE;IACnE,yDAAyD;IACzD,MAAM,UAAU,GAAI,QAAQ,CAAC,SAAS,CAAyC,IAAI,EAAE,CAAC;IACtF,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC;QAC5D,CAAC,CAAE,UAAU,CAAC,kBAAkB,CAAwB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;QAC1G,CAAC,CAAC,EAAE,CAAC;IAEP,6DAA6D;IAC7D,gEAAgE;IAChE,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAC/B,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,6BAA6B,CAAC,QAAQ,CAAC,KAAK,CAAC,CAC1D,CAAC;IAEF,4DAA4D;IAC5D,gEAAgE;IAChE,4CAA4C;IAC5C,MAAM,MAAM,GAAG,CAAC,GAAG,SAAS,CAAC,CAAC;IAC9B,KAAK,MAAM,KAAK,IAAI,yBAAyB,EAAE,CAAC;QAC9C,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC;YAAE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAClD,CAAC;IAED,8DAA8D;IAC9D,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM,CAAC;IACrD,MAAM,WAAW,GAAG,UAAU,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5E,IAAI,WAAW;QAAE,OAAO;IAExB,MAAM,OAAO,GAAa;QACxB,GAAG,QAAQ;QACX,OAAO,EAAE;YACP,GAAG,UAAU;YACb,gBAAgB,EAAE,MAAM;SACzB;KACF,CAAC;IAEF,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAC/D,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,0BAA0B,CAAC,YAAoB;IAC7D,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,eAAe,CAAC,CAAC;IACtD,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,UAAU,GAAI,QAAQ,CAAC,SAAS,CAAyC,IAAI,EAAE,CAAC;IACtF,MAAM,IAAI,GAAG,UAAU,CAAC,kBAAkB,CAAC,CAAC;IAC5C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC;QAAE,OAAO,EAAE,CAAC;IACpC,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED;;;;GAIG;AACH,MAAM,yBAAyB,GAAG,mBAAmB,CAAC;AAEtD;;;;;;;;GAQG;AACH,MAAM,UAAU,6BAA6B,CAAC,YAAoB;IAChE,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IAE9C,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1C,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAK,QAAQ,CAAC,aAAa,CAAyB,CAAC,OAAO,CAAC,CAAC;QACvH,CAAC,CAAC,CAAE,QAAQ,CAAC,aAAa,CAAkC,CAAC,KAAK,CAAC;QACnE,CAAC,CAAC,EAAE,CAAC;IAEP,+DAA+D;IAC/D,mEAAmE;IACnE,4DAA4D;IAC5D,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,CACpC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,yBAAyB,CAAC,CACrF,CAAC;IAEF,MAAM,KAAK,GAAa,CAAC,GAAG,SAAS,EAAE,GAAG,wBAAwB,CAAC,CAAC;IAEpE,MAAM,mBAAmB,GAAI,QAAQ,CAAC,aAAa,CAAyC,IAAI,EAAE,CAAC;IACnG,MAAM,OAAO,GAAa;QACxB,GAAG,QAAQ;QACX,WAAW,EAAE;YACX,GAAG,mBAAmB;YACtB,KAAK;SACN;KACF,CAAC;IAEF,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAC/D,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,kBAAkB,CAAC,YAAoB;IACrD,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IAE9C,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1C,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,IAAI,EAAE,CAAC;IACnC,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,IAAI,EAAE,CAAC;IAE1C,wDAAwD;IACxD,uEAAuE;IACvE,qEAAqE;IACrE,2DAA2D;IAC3D,0DAA0D;IAC1D,oEAAoE;IACpE,sCAAsC;IACtC,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CACjC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,oBAAoB,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CACrE,CAAC;IAEF,MAAM,WAAW,GAAyB;QACxC;YACE,OAAO,EAAE,MAAM;YACf,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,iBAAiB,EAAE,CAAC;SACzD;QACD;YACE,OAAO,EAAE,MAAM;YACf,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC;SACjE;KACF,CAAC;IAEF,MAAM,OAAO,GAAa;QACxB,GAAG,QAAQ;QACX,KAAK,EAAE;YACL,GAAG,KAAK;YACR,UAAU,EAAE,CAAC,GAAG,SAAS,EAAE,GAAG,WAAW,CAAC;SAC3C;KACF,CAAC;IAEF,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAC/D,CAAC"}
+{"version":3,"file":"settings-writer.js","sourceRoot":"","sources":["../../src/cli/settings-writer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AACH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAC7E,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAE1C;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,uDAAuD,CAAC;AAEzF;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,8DAA8D,CAAC;AAExG;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,wDAAwD,CAAC;AAE/F;;;;GAIG;AACH,MAAM,mBAAmB,GAAsB;IAC7C,mBAAmB;IACnB,0BAA0B;IAC1B,oBAAoB;CACrB,CAAC;AAEF;;;;;;GAMG;AACH,SAAS,oBAAoB,CAAC,OAAe;IAC3C,iEAAiE;IACjE,6EAA6E;IAC7E,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACrD,MAAM,KAAK,GAAG,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,QAAQ,GAAG,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IACjE,OAAO,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAChD,CAAC;AAqBD,SAAS,YAAY,CAAC,IAAY;IAChC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,EAAE,CAAC;IACjC,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IACxC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAa,CAAC;IACrC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CACb,4DAA4D,IAAI,KAAM,GAAa,CAAC,OAAO,IAAI;YAC7F,gDAAgD,EAClD,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAsB;IACzD,+BAA+B;IAC/B,+BAA+B;IAC/B,8BAA8B;IAC9B,6BAA6B;CAC9B,CAAC;AAEF;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,eAAe,CAAC;AAEvD;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,mBAAmB,CAAC,YAAoB;IACtD,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,eAAe,CAAC,CAAC;IACtD,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,UAAU,GAAI,QAAQ,CAAC,SAAS,CAAyC,IAAI,EAAE,CAAC;IACtF,MAAM,aAAa,GAAI,UAAU,CAAC,YAAY,CAAyC,IAAI,EAAE,CAAC;IAC9F,MAAM,IAAI,GAAG,aAAa,CAAC,WAAW,CAAC,CAAC;IACxC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC;QAAE,OAAO,EAAE,CAAC;IACpC,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,oBAAoB,CAAC,QAAgB,EAAE,GAAqB;IACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;IACxC,MAAM,cAAc,GAAI,QAAQ,CAAC,aAAa,CAAyC,IAAI,EAAE,CAAC;IAC9F,MAAM,IAAI,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC;QAAE,OAAO,EAAE,CAAC;IACpC,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,UAAU,mBAAmB,CAAC,YAAoB;IACtD,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,oBAAoB,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,EAAE,OAAO,CAAC,CAAC;IAC7E,MAAM,KAAK,GAAG,oBAAoB,CAAC,IAAI,CAAC,SAAS,EAAE,qBAAqB,CAAC,EAAE,OAAO,CAAC,CAAC;IACpF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;AAClD,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,kBAAkB,CAAC,YAAoB;IACrD,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,oBAAoB,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,EAAE,MAAM,CAAC,CAAC;IAC5E,MAAM,KAAK,GAAG,oBAAoB,CAAC,IAAI,CAAC,SAAS,EAAE,qBAAqB,CAAC,EAAE,MAAM,CAAC,CAAC;IACnF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;AAClD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,uBAAuB,GAAsB;IACjD,kBAAkB;CACnB,CAAC;AAEF;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,yBAAyB,CAAC,YAAoB;IAC5D,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IACrD,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,MAAM;QAAE,OAAO;IAE5C,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IAE9C,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1C,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACpC,iEAAiE;IACjE,kEAAkE;IAClE,MAAM,UAAU,GAAI,QAAQ,CAAC,SAAS,CAAyC,IAAI,EAAE,CAAC;IACtF,MAAM,aAAa,GAAI,UAAU,CAAC,YAAY,CAAyC,IAAI,EAAE,CAAC;IAC9F,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;QAC7D,CAAC,CAAE,aAAa,CAAC,WAAW,CAAwB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;QACtG,CAAC,CAAC,EAAE,CAAC;IAEP,iEAAiE;IACjE,kEAAkE;IAClE,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,CACpC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,uBAAuB,CAAC,QAAQ,CAAC,KAAK,CAAC,CACpD,CAAC;IAEF,gEAAgE;IAChE,6DAA6D;IAC7D,IAAI,SAAS,CAAC,MAAM,KAAK,aAAa,CAAC,MAAM,IAAI,SAAS,CAAC,QAAQ,CAAC,uBAAuB,CAAC,EAAE,CAAC;QAC7F,OAAO;IACT,CAAC;IAED,MAAM,SAAS,GAAG,SAAS,CAAC,QAAQ,CAAC,uBAAuB,CAAC;QAC3D,CAAC,CAAC,SAAS;QACX,CAAC,CAAC,CAAC,GAAG,SAAS,EAAE,uBAAuB,CAAC,CAAC;IAE5C,MAAM,OAAO,GAAa;QACxB,GAAG,QAAQ;QACX,OAAO,EAAE;YACP,GAAG,UAAU;YACb,UAAU,EAAE;gBACV,GAAG,aAAa;gBAChB,SAAS;aACV;SACF;KACF,CAAC;IAEF,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAC/D,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAsB;IAC1D,0BAA0B;IAC1B,OAAO;IACP,OAAO;IACP,SAAS;IACT,UAAU;IACV,OAAO;IACP,OAAO;IACP,OAAO;IACP,aAAa;IACb,MAAM;IACN,OAAO;IACP,OAAO;IACP,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,MAAM;IACN,WAAW;IACX,uBAAuB;IACvB,QAAQ;IACR,MAAM;IACN,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,OAAO;IACP,MAAM;IACN,MAAM;IACN,QAAQ;IACR,OAAO;IACP,OAAO;IACP,QAAQ;IACR,SAAS;IACT,0DAA0D;IAC1D,qDAAqD;IACrD,QAAQ;IACR,MAAM;IACN,SAAS;IACT,yDAAyD;IACzD,2DAA2D;IAC3D,SAAS;IACT,MAAM;IACN,SAAS;CACV,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,6BAA6B,GAAsB,EAAE,CAAC;AAE5D;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,UAAU,8BAA8B,CAAC,YAAoB;IACjE,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;IAChE,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,MAAM;QAAE,OAAO;IAE5C,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IAE9C,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1C,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACpC,mEAAmE;IACnE,yDAAyD;IACzD,MAAM,UAAU,GAAI,QAAQ,CAAC,SAAS,CAAyC,IAAI,EAAE,CAAC;IACtF,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC;QAC5D,CAAC,CAAE,UAAU,CAAC,kBAAkB,CAAwB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;QAC1G,CAAC,CAAC,EAAE,CAAC;IAEP,6DAA6D;IAC7D,gEAAgE;IAChE,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAC/B,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,6BAA6B,CAAC,QAAQ,CAAC,KAAK,CAAC,CAC1D,CAAC;IAEF,4DAA4D;IAC5D,gEAAgE;IAChE,4CAA4C;IAC5C,MAAM,MAAM,GAAG,CAAC,GAAG,SAAS,CAAC,CAAC;IAC9B,KAAK,MAAM,KAAK,IAAI,yBAAyB,EAAE,CAAC;QAC9C,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC;YAAE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAClD,CAAC;IAED,8DAA8D;IAC9D,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM,CAAC;IACrD,MAAM,WAAW,GAAG,UAAU,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5E,IAAI,WAAW;QAAE,OAAO;IAExB,MAAM,OAAO,GAAa;QACxB,GAAG,QAAQ;QACX,OAAO,EAAE;YACP,GAAG,UAAU;YACb,gBAAgB,EAAE,MAAM;SACzB;KACF,CAAC;IAEF,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAC/D,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,0BAA0B,CAAC,YAAoB;IAC7D,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,eAAe,CAAC,CAAC;IACtD,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,UAAU,GAAI,QAAQ,CAAC,SAAS,CAAyC,IAAI,EAAE,CAAC;IACtF,MAAM,IAAI,GAAG,UAAU,CAAC,kBAAkB,CAAC,CAAC;IAC5C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC;QAAE,OAAO,EAAE,CAAC;IACpC,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED;;;;GAIG;AACH,MAAM,yBAAyB,GAAG,mBAAmB,CAAC;AAEtD;;;;;;;;GAQG;AACH,MAAM,UAAU,6BAA6B,CAAC,YAAoB;IAChE,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IAE9C,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1C,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAK,QAAQ,CAAC,aAAa,CAAyB,CAAC,OAAO,CAAC,CAAC;QACvH,CAAC,CAAC,CAAE,QAAQ,CAAC,aAAa,CAAkC,CAAC,KAAK,CAAC;QACnE,CAAC,CAAC,EAAE,CAAC;IAEP,+DAA+D;IAC/D,mEAAmE;IACnE,4DAA4D;IAC5D,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,CACpC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,yBAAyB,CAAC,CACrF,CAAC;IAEF,MAAM,KAAK,GAAa,CAAC,GAAG,SAAS,EAAE,GAAG,wBAAwB,CAAC,CAAC;IAEpE,MAAM,mBAAmB,GAAI,QAAQ,CAAC,aAAa,CAAyC,IAAI,EAAE,CAAC;IACnG,MAAM,OAAO,GAAa;QACxB,GAAG,QAAQ;QACX,WAAW,EAAE;YACX,GAAG,mBAAmB;YACtB,KAAK;SACN;KACF,CAAC;IAEF,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAC/D,CAAC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,UAAU,kBAAkB,CAAC,YAAoB;IACrD,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IAE9C,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1C,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,IAAI,EAAE,CAAC;IACnC,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,IAAI,EAAE,CAAC;IAE1C,wDAAwD;IACxD,uEAAuE;IACvE,qEAAqE;IACrE,2DAA2D;IAC3D,0DAA0D;IAC1D,oEAAoE;IACpE,sCAAsC;IACtC,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CACjC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,oBAAoB,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CACrE,CAAC;IAEF,MAAM,WAAW,GAAyB;QACxC;YACE,OAAO,EAAE,MAAM;YACf,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,iBAAiB,EAAE,CAAC;SACzD;QACD;YACE,OAAO,EAAE,MAAM;YACf,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC;SACjE;QACD;YACE,OAAO,EAAE,MAAM;YACf,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAC;SAC9D;KACF,CAAC;IAEF,MAAM,OAAO,GAAa;QACxB,GAAG,QAAQ;QACX,KAAK,EAAE;YACL,GAAG,KAAK;YACR,UAAU,EAAE,CAAC,GAAG,SAAS,EAAE,GAAG,WAAW,CAAC;SAC3C;KACF,CAAC;IAEF,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAC/D,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@groundnuty/macf",
-  "version": "0.2.9",
+  "version": "0.2.11",
   "description": "Multi-Agent Coordination Framework CLI — coordinate Claude Code agents via GitHub. Installs as `macf` binary; use `macf init` to set up an agent workspace, `macf update` to refresh rules + version pins.",
   "type": "module",
   "main": "dist/index.js",
@@ -35,7 +35,7 @@
     "test:watch": "vitest"
   },
   "dependencies": {
-    "@groundnuty/macf-core": "0.2.9",
+    "@groundnuty/macf-core": "0.2.11",
     "commander": "^14.0.3",
     "reflect-metadata": "^0.2.2",
     "zod": "^4.0.0"

package/plugin/rules/coordination.md

@@ -174,8 +174,14 @@ The helper is distributed to every agent workspace by `macf init` and refreshed
 
 ### Canonical tmux launch pattern
 
-**One session per agent, named `<project>@<agent>`.** For example:
+**One session per agent, named `<project>@<agent>`.** Post-v0.2.10, `claude.sh` self-wraps in tmux with this naming structurally — bare `./claude.sh` produces the canonical session. Pre-v0.2.10 consumers (and operators wanting manual launch) use the explicit form:
 
+        # Post-v0.2.10 (canonical, structural — recommended for new consumers):
+        cd /path/to/academic-resume && ./claude.sh
+        #   Self-wraps in tmux session "academic-resume@cv-architect" automatically.
+        #   Re-attaches if the session exists; creates new if not.
+
+        # Pre-v0.2.10 (manual wrap, still works post-v0.2.10 with MACF_NO_TMUX_WRAP=1):
         tmux new-session -d -s "academic-resume@cv-architect" \
           "cd /path/to/academic-resume && ./claude.sh"
 
@@ -192,6 +198,10 @@ The helper is distributed to every agent workspace by `macf init` and refreshed
 
 **Migration** from a single-session multi-window setup: `tmux rename-session -t <old-name> <new-name>` per agent.
 
+**Path-2 promotion (macf#313, v0.2.10):** the canonical session-naming rule is now structurally enforced by `claude.sh` itself. Consumer workspaces converging on v0.2.10+ via `macf update --plugin` get the self-wrap automatically; substrate launchers (operator-authored, NOT generated by `claude-sh.ts` template) are unaffected. For mixed-version fleets, pre-v0.2.10 consumers continue to need the explicit `tmux new-session` wrap until they update.
+
+**Opt-out (post-v0.2.10):** `MACF_NO_TMUX_WRAP=1 ./claude.sh` skips the self-wrap. For operator-driven manual launches outside tmux, debug sessions, single-shot CLI use, CI environments. Sister convention to `MACF_OTEL_DISABLED=1`, `MACF_SKIP_TOKEN_CHECK=1`, `MACF_SKIP_MENTION_CHECK=1`.
+
 ---
 
 ## Token & Git Hygiene

package/plugin/rules/gh-token-attribution-traps.md

@@ -143,6 +143,18 @@ When intentionally bypassing the hook for a knowingly user-attributed op (e.g.,
 
 ---
 
+## Structural backstop: in-runner token refresh in macf-channel-server (macf#317)
+
+The 6 failure modes above all describe **token-acquisition** (the new token coming back wrong); macf#317 surfaced a 7th class — **token-expiry** during long-running sessions. Bot installation tokens have a 1-hour TTL by design; `claude.sh` mints a fresh token at session start and exports `GH_TOKEN`, but **macf-channel-server inherits this fixed token via `process.env` and has no in-runner refresh** absent the macf#317 fix. After 1 hour, every gh-API-using handler (notify_peer's registry lookups, /sign's varsClient calls) 401s. Witnessed 2026-05-01: cv-architect Stop hook 401 at ~67min uptime.
+
+The expiry sub-case is **shape-distinct** from modes 1–6: the token is `ghs_*` (right prefix), it was generated correctly, the helper script is installed, the path resolves — it's just stale. Helper-prefix-checking + PreToolUse hooks don't catch it; the structural fix is in-process refresh.
+
+**v0.2.11+ defense:** macf-channel-server's `token-refresh.ts` + `refresh-aware-client.ts` modules. The token-refresher caches the current token in-process for ~50 minutes (10-min safety margin under 1hr TTL); on every gh-API call, the refresh-aware client gets a current token (cached or fresh); on 401, the wrapper force-refreshes + retries once. Refresh failures throw with diagnostic — channel-server fails loud rather than silently using a stale token. Implementation cites `silent-fallback-hazards.md Instance 1 (expiry sub-case)` in the diagnostic message so 401s in the field surface the canonical reference.
+
+**Operator note:** the structural defense is automatic for consumer-fleet workspaces (npm-installed `@groundnuty/macf-channel-server@0.2.11+`). Substrate workspaces / bash-terminal sessions still need the operator-discipline pattern in `gh-token-refresh.md` ("refresh before every `gh` or `git push`").
+
+---
+
 ## How this relates to other canonical rules
 
 - `coordination.md` § "Token & Git Hygiene" documents the canonical helper invocation; this rule provides the failure-mode catalog the helper is designed to defend against.

package/plugin/rules/mention-routing-hygiene.md

@@ -110,15 +110,19 @@ The rule is cheap to apply, symmetric across the fleet, and eliminates a class o
 
 ## 7. Structural enforcement — `check-mention-routing.sh` PreToolUse hook
 
-Per `groundnuty/macf#244` + `#272` (closed via shared PR), this rule is also enforced by a Claude Code PreToolUse hook on `Bash` tool calls. The hook intercepts `gh issue comment` / `gh pr comment` / `gh issue close --comment` / `gh pr close --comment` invocations, parses the `--body` content, and blocks (`exit 2` with a stderr explanation) when raw `@<bot>[bot]` patterns appear in describing-context positions (mid-line, not backticked, not at line-start).
+Per `groundnuty/macf#244` + `#272`, this rule is enforced by a Claude Code PreToolUse hook on `Bash` tool calls. The hook intercepts `gh issue comment` / `gh pr comment` / `gh issue close --comment` / `gh pr close --comment` invocations, parses the `--body` content, and runs **two checks** that BLOCK (`exit 2` with stderr explanation):
+
+- **Check B — must-not-leak (macf#272, shipped PR #275):** raw `@<bot>[bot]` patterns in describing-context positions (mid-line, not backticked, not at line-start) would fire false-positive routing per §5. Applies to all comment-emit subcommands including `gh (issue|pr) close --comment` (leak prevention is independent of recipient semantics).
+- **Check A — must-have-mention (macf#244):** comment bodies with zero routing-active `@<bot>[bot]` mentions silently fail to reach the recipient peer agent per §Communication 2 ("a comment without @mention is invisible to the recipient agent"). Routing-active = NOT wrapped in backticks; both line-start addressing AND mid-line describing-leaks count toward the active total. Applies only to `gh (issue|pr) comment` — close subcommands are bypassed because self-close verification comments are canonically reporter-internal (no recipient).
 
 The hook is the same shape as `check-gh-token.sh` (#140 attribution-trap defense) — bash command-type hook distributed via `macf init` / `macf update` / `macf rules refresh` to every workspace's `.claude/scripts/check-mention-routing.sh` with the entry registered in `.claude/settings.json` `hooks.PreToolUse`. Substrate workspaces, tester agents, CV consumers, and future MACF-consumer projects all get the protection uniformly.
 
 **Heuristic** (subject to refinement; documented for transparency):
 
-- Already wrapped in backticks (`` `@<bot>[bot]` ``) → allowed (canonical describing form §5)
-- At line-start (after optional whitespace, blockquote `>`, or list-item markers `* ` / `- ` / `1. `) → allowed (canonical addressing form §3)
-- Otherwise → BLOCK with stderr citing this rule + the offending line + the `MACF_SKIP_MENTION_CHECK=1` operator override
+- Already wrapped in backticks (`` `@<bot>[bot]` ``) → routing-suppressed; allowed (canonical describing form §5); does NOT count toward Check A
+- At line-start (after optional whitespace, blockquote `>`, or list-item markers `* ` / `- ` / `1. `) → routing-active; allowed by Check B (canonical addressing form §3); counts toward Check A
+- Mid-line raw mention → routing-active; Check B BLOCK with stderr citing this rule + the offending line + the `MACF_SKIP_MENTION_CHECK=1` operator override
+- Zero routing-active mentions in body (Check A) → BLOCK; only fires when neither line-start addressing nor (any other) routing-active mention is present
 
 **Pattern scope (broadened per macf#276):** the hook's `HANDLE_PATTERN` matches ANY `@<handle>[bot]` shape — not just `@macf-*-agent[bot]`. Specifically:
 

package/plugin/rules/pr-discipline.md

@@ -350,6 +350,38 @@ changed.
 
 ---
 
+## Structural enforcement — `check-lgtm-gate.sh` PreToolUse hook
+
+Per `groundnuty/macf#270` (DR-023 UC-2), the "no LGTM = no merge" rule (codified above in §"How to submit LGTM" + §"When the reviewer is absent or unreachable" + §"Merge-by-implementer") is enforced by a Claude Code PreToolUse hook on `Bash` tool calls. The hook intercepts `gh pr merge` invocations, queries the target PR's review state via `gh pr view --json author,reviews`, and BLOCKs (`exit 2` with stderr explanation) when no APPROVED review from a non-author exists.
+
+**Architectural shape (DR-023 amendment 2026-04-27):** this is a bash command-type hook, NOT `type: "mcp_tool"`. PreToolUse-blocking semantics + mcp_tool's non-blocking-on-disconnect failure mode are structurally incompatible — a missing or transiently-disconnected MCP server would silently allow the merge. Bash form fires uniformly across substrate workspaces (where the `macf-agent` MCP server is permanently off per operator directive 2026-04-27) AND consumer workspaces (startup window + transient disconnect periods produce silent-fail paths under mcp_tool). Same reasoning UC-4 (`check-mention-routing.sh`, PR #275) demonstrated empirically.
+
+**The hook is the same shape as `check-gh-token.sh` (#140) + `check-mention-routing.sh` (#244 + #272):** a bash script distributed via `macf init` / `macf update` / `macf rules refresh` to every workspace's `.claude/scripts/check-lgtm-gate.sh` with the entry registered in `.claude/settings.json` `hooks.PreToolUse`. Substrate workspaces, tester agents, CV consumers, and future MACF-consumer projects all get the protection uniformly.
+
+**Decision rule** (subject to refinement; documented for transparency):
+
+- Command does NOT match `gh pr merge` (exact subcommand, wrapper-aware) → allow (other gh subcommands pass through unchanged)
+- Command matches but no PR number can be extracted → allow (defense-in-depth; gh itself surfaces the usage error)
+- Command matches AND `gh pr view --json author,reviews` returns at least one APPROVED review where reviewer login != author login (after normalizing `app/` prefix + `[bot]` suffix) → allow
+- Command matches AND no non-author APPROVED review exists → BLOCK with stderr citing this rule + the missing-LGTM diagnosis + the `MACF_SKIP_LGTM_CHECK=1` operator override
+- Any infrastructure failure (gh missing, network 404/5xx, malformed JSON) → fail-open (allow). Same defense-in-depth posture as `check-gh-token.sh` and `check-mention-routing.sh` — the hook closes residual policy slips, not all merge paths
+
+**Wrapper coverage:** the regex matches `gh pr merge` preceded by `sudo`, `env VAR=...`, `watch`, `ionice`, `setsid`, `nice`, `time`, bare-`VAR=...` env-prefix forms, and shell wrappers (`bash -c "gh pr merge ..."`, `sh -c`, `zsh -c`, including flag-prefixed forms like `bash -lc`). Same wrapper allow-list as `check-gh-token.sh` + `check-mention-routing.sh`. Chained-form leadins `;` `|` `&&` covered.
+
+**False-positive trade-off:** the hook leans toward false-positive over false-negative on parse-failure paths. PR-number extraction tolerates URL form (`https://github.com/owner/repo/pull/N`), `owner/repo#N` shorthand, and quoted positionals. Bare `gh pr merge` (no positional, gh prompts interactively) passes through unblocked — the operator's discipline catches it because the prompt is visible.
+
+**Override (`MACF_SKIP_LGTM_CHECK=1`)** is the escape hatch for legitimate exceptions documented in §"When the reviewer is absent or unreachable":
+
+- Reporter-sanctioned self-merge after extended reviewer absence
+- The "PR author offline → reviewer merges with hand-off comment" exception
+- Urgent reverts where waiting for review is itself a hazard
+
+Per the `check-gh-token.sh` precedent, structural enforcement plus an escape hatch outperforms behavioral discipline alone.
+
+**Empirical motivation:** `groundnuty/macf-testbed#229` Phase C iter 4 sweep (2026-04-26) recorded a self-merge-without-LGTM incident — a tester self-merged when its harness driver (acting as the de-facto reviewer) was killed mid-poll. Codified in §"When the reviewer is absent or unreachable" same day. The hook closes the residual: rule-discipline catches most cases; structural enforcement catches the slips that remain.
+
+---
+
 ## When to modify this rule
 
 - **Read:** every session start.

package/plugin/rules/silent-fallback-hazards.md

@@ -30,6 +30,12 @@ The trap is that defensive programming targets exit codes, but exit-code success
 **Recurrence:** 5+ confirmed instances across multiple agents
 **Canonical defense:** `gh-token-attribution-traps.md` (sister canonical rule) — 6 specific failure modes + result-invariant defenses (`[[ "$GH_TOKEN" == ghs_* ]]` prefix check, `macf-whoami.sh` spot-check, PreToolUse hook intercepts `gh` and `git push` invocations)
 
+**Sub-case (expiry, macf#317, 2026-05-01):** Bot installation tokens have a **1-hour TTL by design** (GitHub App contract). `claude.sh` mints a fresh token at session start and exports `GH_TOKEN`; the macf-channel-server child process inherits that same env var via standard Node `process.env` pass-through. **Without an in-runner refresh, every gh-API-using handler 401s after ~60 minutes of session uptime.** Detection: 401 (`Bad credentials`) on `listVariables` / `readVariable` / `writeVariable` calls 60+ min after server start. Witnessed 2026-05-01 ~14:30Z on cv-architect's Stop hook at ~67min uptime — the operator-witnessed incident motivating macf#317.
+
+This is a distinct sub-case from the missing-helper / mis-pipefail / wrong-prefix attribution-trap modes catalogued in `gh-token-attribution-traps.md`: the agent has the right token *shape* (`ghs_*`) but it's stale. The hazard is structural — session lifetime ≠ token lifetime by design (1hr vs ∞), so any long-running agent eventually hits this.
+
+**Defense (macf#317, v0.2.11):** in-process token-refresh helper in macf-channel-server (`src/token-refresh.ts`) caches `{token, mintedAt}`; on every `getRefreshedToken()` call, returns cached if `age < 50min` (10-min safety margin under 1hr TTL), else mints fresh via `macf-gh-token.sh`. The refresh-aware client wrapper (`src/refresh-aware-client.ts`) decorates `GitHubVariablesClient`: every method call gets a refreshed token; on 401, force-refreshes + retries once. Refresh failures throw with diagnostic — never silently fall back to the stale env-var token. Sister-shape: `macf-testbed#135` (sweep-harness in-runner refresh between iterations; closed/deferred for testbed but the channel-server class needed structural defense).
+
 ### Instance 2 — GitHub auto-close negation-blindness
 
 **Surface:** PR / issue body markdown parsing
@@ -245,7 +251,7 @@ For coordination-system safety analysis: this is a class of hazards multi-agent
 
 | Instance | Surface | Structural defense | Pattern |
 |---|---|---|---|
-| 1 — gh-token attribution traps | `gh` ops + bot tokens | PreToolUse hook + helper-with-fail-loud-prefix-check | Pattern B |
+| 1 — gh-token attribution traps | `gh` ops + bot tokens | PreToolUse hook + helper-with-fail-loud-prefix-check; expiry sub-case (macf#317) adds in-runner token refresh in macf-channel-server (`token-refresh.ts` + `refresh-aware-client.ts`) — caches token ~50min, force-refreshes on 401 | Pattern B (acquisition) + Pattern A (expiry retry) |
 | 2 — GitHub auto-close negation-blindness | PR/issue body markdown | Pattern B candidate; structural defense via PreToolUse hook on body content per #275 precedent — not yet shipped | Pattern B (latent) |
 | 3 — Remote Control IPC blocking tmux send-keys | Claude Code TUI input | Two-tier: consumer fleet structurally retired via channel-server primitive (DR-020 mTLS HTTPS POST); substrate fleet permanent operational reality — defense = rule-discipline + Pattern C fragility detector | Pattern C deployable as fragility detector |
 | 4 — Loki/CH-logs pipeline divergence | OTLP logs routing | manifest warnings + shape-aware diagnostic | Pattern A |

package/scripts/check-lgtm-gate.sh

@@ -0,0 +1,274 @@
+#!/usr/bin/env bash
+#
+# check-lgtm-gate.sh — Claude Code PreToolUse hook that blocks
+# `gh pr merge` invocations when no non-author APPROVED review exists
+# on the target PR. Implements `pr-discipline.md` §"How to submit
+# LGTM — formal review, not comment" + §"When the reviewer is absent
+# or unreachable" structurally.
+#
+# Hook contract: JSON on stdin, exit 0 = allow, exit 2 = block (stderr
+# is fed back to Claude as the error). Same shape as #140's
+# check-gh-token.sh + #244/#272's check-mention-routing.sh per
+# groundnuty/macf#270 design alignment.
+#
+# Architectural note (DR-023 amendment 2026-04-27, PR #279): this is a
+# bash command-type hook, NOT `type: "mcp_tool"`. PreToolUse-blocking
+# semantics + mcp_tool's non-blocking-on-disconnect failure mode are
+# structurally incompatible — bash form fires uniformly across substrate
+# (no macf-agent MCP server) AND consumer workspaces (startup window,
+# transient disconnect). Same reasoning UC-4 (PR #275) demonstrated.
+#
+# Override: MACF_SKIP_LGTM_CHECK=1 bypasses (for legitimate operator-
+# allowed exceptions per pr-discipline.md §"When the reviewer is absent
+# or unreachable" — reporter-sanctioned self-merge, urgent revert, etc.).
+#
+# Refs: groundnuty/macf#270 (this hook); pr-discipline.md (canonical
+#       rule, distributed via `macf rules refresh`); DR-023 amendment
+#       (bash-form decision rule); macf#262 / PR #263 (LGTM rule
+#       codification); PR #275 / macf#244+#272 (empirical pattern).
+set -euo pipefail
+
+# Cheap exit on operator override — no stdin read, no parsing.
+if [[ "${MACF_SKIP_LGTM_CHECK:-}" == "1" ]]; then
+  exit 0
+fi
+
+# Read PreToolUse payload. Fall through to allow on parse error — a
+# broken hook must not brick the harness. Same defense-in-depth as
+# check-gh-token.sh.
+INPUT_JSON="$(cat 2>/dev/null || echo "")"
+COMMAND="$(jq -r '.tool_input.command // ""' <<<"$INPUT_JSON" 2>/dev/null || echo "")"
+
+if [[ -z "$COMMAND" ]]; then
+  # No command extractable — allow (defense-in-depth).
+  exit 0
+fi
+
+# Wrapper-aware match for `gh pr merge`. Mirrors check-mention-routing.sh's
+# pattern shape — covers sudo, env VAR=, watch, ionice, setsid, nice,
+# time prefix wrappers + chained-form leadins `;` `|` `&`. Subcommand
+# match: `gh pr merge` ONLY (NOT `gh pr view`, `gh pr list`, etc.) —
+# trailing whitespace or end-of-string forces exact-subcommand match.
+GH_MERGE_PATTERN='(^|[[:space:];|&])(sudo[[:space:]]+|env[[:space:]]+([A-Za-z_][A-Za-z_0-9]*=[^[:space:]]*[[:space:]]+)*|watch[[:space:]]+|ionice[[:space:]]+|setsid[[:space:]]+|nice[[:space:]]+|time[[:space:]]+|[A-Za-z_][A-Za-z_0-9]*=[^[:space:]]*[[:space:]]+)*gh[[:space:]]+pr[[:space:]]+merge([[:space:]]|$)'
+
+# Shell-wrapper bypass: catches `bash -c "gh pr merge ..."` and variants.
+# Same flag-handling logic as check-gh-token.sh + check-mention-routing.sh.
+SHELL_C_GH_MERGE_PATTERN='(^|[[:space:];|&])(sudo[[:space:]]+|env[[:space:]]+([A-Za-z_][A-Za-z_0-9]*=[^[:space:]]*[[:space:]]+)*|[A-Za-z_][A-Za-z_0-9]*=[^[:space:]]*[[:space:]]+)*(bash|sh|zsh)[[:space:]]+(-[a-zA-Z]+[[:space:]]+)*-[a-zA-Z]*c[[:space:]]+[^[:space:]].*gh[[:space:]]+pr[[:space:]]+merge([[:space:]]|$)'
+
+if [[ ! "$COMMAND" =~ $GH_MERGE_PATTERN ]] && [[ ! "$COMMAND" =~ $SHELL_C_GH_MERGE_PATTERN ]]; then
+  # Not a `gh pr merge` command — allow.
+  exit 0
+fi
+
+# Extract PR number from the matched command. The PR number is the
+# first non-flag positional argument after `gh pr merge`. Examples:
+#   gh pr merge 123 --squash
+#   gh pr merge --squash 123
+#   gh pr merge 123 --repo owner/repo --squash --delete-branch
+#   bash -c "gh pr merge 123 --squash"
+# We scan the whole command for `gh pr merge` then walk forward to find
+# the first bare integer token (not preceded by `=` so it's not a flag
+# value like `--retries=3`).
+PR_NUMBER=""
+# Strip leading wrappers up to and including `gh pr merge`. Use sed
+# with extended regex to find the gh-pr-merge prefix and remove it.
+TAIL="$(sed -E 's/^.*gh[[:space:]]+pr[[:space:]]+merge[[:space:]]+//' <<<"$COMMAND" 2>/dev/null || echo "")"
+if [[ -z "$TAIL" ]]; then
+  # No tail after `gh pr merge` — likely the operator is invoking with
+  # no args (interactive prompt). Allow; the command will fail at gh
+  # itself with a usage error, not silently merge anything.
+  exit 0
+fi
+
+# Find the first bare-integer token. Skip flags (`--foo`, `-x`) and
+# their values (handled via `[[ $prev == --* ]]` lookback for non-`=`
+# flag-value form). We only need the FIRST PR number — `gh pr merge`
+# only takes one positional.
+PREV_FLAG=""
+# shellcheck disable=SC2086
+for tok in $TAIL; do
+  # Flags introducing a value with a separate-arg form (e.g. `--repo X`)
+  # — set PREV_FLAG so the next token is consumed as a value.
+  if [[ -n "$PREV_FLAG" ]]; then
+    PREV_FLAG=""
+    continue
+  fi
+  # `--flag=value` form — single token, no lookahead needed.
+  if [[ "$tok" =~ ^--[a-zA-Z0-9-]+= ]]; then
+    continue
+  fi
+  # `--flag` without `=` — set PREV_FLAG to consume next token as value.
+  # Boolean flags (e.g. `--squash`, `--delete-branch`) don't consume a
+  # value, but we can't tell from the command alone — heuristic: the
+  # first non-flag token AFTER any flags is the PR number, even if we
+  # mistakenly skip a boolean's "value." If that "value" is the PR
+  # number itself, we miss it; mitigation: gh's canonical positional
+  # ordering is `gh pr merge <N> [flags]`, so PR-first is the common
+  # form. The few cases that put flags first AND use boolean flags
+  # without `=` are rare; fail-open is acceptable per defense-in-depth.
+  if [[ "$tok" =~ ^-- ]]; then
+    # Known value-taking flags from `gh pr merge --help`:
+    #   --repo, --body, --body-file, --match-head-commit, --subject,
+    #   --author-email
+    # Boolean flags don't consume a value:
+    #   --squash, --merge, --rebase, --delete-branch, --auto, --admin,
+    #   --disable-auto
+    case "$tok" in
+      --repo|--body|--body-file|--match-head-commit|--subject|--author-email)
+        PREV_FLAG="$tok"
+        ;;
+      *) ;;
+    esac
+    continue
+  fi
+  # Short flag — `-X`. Same boolean-vs-value ambiguity. `gh pr merge`
+  # short flags from --help: `-s` (squash), `-m` (merge), `-r` (rebase),
+  # `-d` (delete-branch), `-R` (repo, value-taking), `-b` (body, value),
+  # `-F` (body-file, value), `-t` (subject, value).
+  if [[ "$tok" =~ ^-[a-zA-Z]$ ]]; then
+    case "$tok" in
+      -R|-b|-F|-t)
+        PREV_FLAG="$tok"
+        ;;
+      *) ;;
+    esac
+    continue
+  fi
+  # Bare integer — this is our PR number.
+  if [[ "$tok" =~ ^[0-9]+$ ]]; then
+    PR_NUMBER="$tok"
+    break
+  fi
+  # URL form: `https://github.com/owner/repo/pull/<N>` — gh accepts
+  # this as a positional. Extract the trailing integer.
+  if [[ "$tok" =~ /pull/([0-9]+) ]]; then
+    PR_NUMBER="${BASH_REMATCH[1]}"
+    break
+  fi
+  # `owner/repo#N` shorthand — also accepted by gh.
+  if [[ "$tok" =~ \#([0-9]+) ]]; then
+    PR_NUMBER="${BASH_REMATCH[1]}"
+    break
+  fi
+  # Quoted forms — strip surrounding quotes before re-checking.
+  STRIPPED="${tok#\"}"
+  STRIPPED="${STRIPPED%\"}"
+  STRIPPED="${STRIPPED#\'}"
+  STRIPPED="${STRIPPED%\'}"
+  if [[ "$STRIPPED" =~ ^[0-9]+$ ]]; then
+    PR_NUMBER="$STRIPPED"
+    break
+  fi
+done
+
+if [[ -z "$PR_NUMBER" ]]; then
+  # Couldn't extract a PR number — allow per defense-in-depth.
+  # gh itself will fail with a usage error if the command is malformed,
+  # OR if it succeeds, the merge happens against the current branch's
+  # PR (gh auto-detects) — the LGTM gate is a structural guard, not a
+  # 100% catcher. Operator discipline + the canonical rule remain the
+  # primary defenses; the hook closes the residual.
+  exit 0
+fi
+
+# Extract --repo if present so the api call targets the right repo.
+# Without it, `gh api` falls back to the current git remote's repo,
+# which works in most agent-shell flows but breaks for cross-repo merges.
+REPO_FLAG=""
+# Check for `--repo X` (separate-arg form)
+if [[ "$COMMAND" =~ --repo[[:space:]]+([^[:space:]]+) ]]; then
+  REPO_FLAG="--repo ${BASH_REMATCH[1]}"
+elif [[ "$COMMAND" =~ --repo=([^[:space:]]+) ]]; then
+  REPO_FLAG="--repo ${BASH_REMATCH[1]}"
+elif [[ "$COMMAND" =~ (^|[[:space:]])-R[[:space:]]+([^[:space:]]+) ]]; then
+  REPO_FLAG="--repo ${BASH_REMATCH[2]}"
+fi
+
+# Query PR author + reviews. Use `gh pr view --json author,reviews`
+# rather than two separate `gh api` calls — single round-trip, gh
+# handles repo detection if --repo was on the original command.
+# Defense-in-depth: any failure (gh missing, network, 404, auth) →
+# fail-open. Same posture as check-gh-token.sh.
+#
+# Strip surrounding quotes from REPO_FLAG's value if quoted.
+PR_JSON=""
+# shellcheck disable=SC2086
+if ! PR_JSON="$(gh pr view "$PR_NUMBER" $REPO_FLAG --json author,reviews 2>/dev/null)"; then
+  exit 0
+fi
+if [[ -z "$PR_JSON" ]]; then
+  exit 0
+fi
+
+# author.login from `gh pr view --json author` returns either the bare
+# login (e.g. "octocat") for users or `app/<name>` for bots (e.g.
+# "app/macf-code-agent"). reviews[].author.login returns the bare
+# login form (e.g. "octocat" or "macf-science-agent" — no `app/`
+# prefix and no `[bot]` suffix). Normalize both to compare reliably:
+# strip `app/` prefix from author and `[bot]` suffix from both sides.
+PR_AUTHOR="$(jq -r '.author.login // ""' <<<"$PR_JSON" 2>/dev/null || echo "")"
+PR_AUTHOR="${PR_AUTHOR#app/}"
+PR_AUTHOR="${PR_AUTHOR%\[bot\]}"
+
+if [[ -z "$PR_AUTHOR" ]]; then
+  # Couldn't parse author — fail-open.
+  exit 0
+fi
+
+# Look for at least one APPROVED review where reviewer != author.
+# `gh pr view --json reviews` returns `[{author: {login: "..."}, state: "APPROVED"}, ...]`.
+NON_AUTHOR_APPROVALS="$(
+  jq -r --arg author "$PR_AUTHOR" '
+    [.reviews[]? |
+      select(.state == "APPROVED") |
+      (.author.login // "" | sub("^app/"; "") | sub("\\[bot\\]$"; "")) as $reviewer |
+      select($reviewer != "" and $reviewer != $author) |
+      $reviewer
+    ] | length
+  ' <<<"$PR_JSON" 2>/dev/null || echo "0"
+)"
+
+if [[ -z "$NON_AUTHOR_APPROVALS" ]] || ! [[ "$NON_AUTHOR_APPROVALS" =~ ^[0-9]+$ ]]; then
+  # Parse error — fail-open.
+  exit 0
+fi
+
+if [[ "$NON_AUTHOR_APPROVALS" -ge 1 ]]; then
+  # At least one non-author APPROVED review — allow merge.
+  exit 0
+fi
+
+# No non-author APPROVED review — block.
+cat >&2 <<ERR
+BLOCKED by MACF lgtm-gate hook: PR #${PR_NUMBER} has no non-author APPROVED
+review on record. Per pr-discipline.md "no LGTM = no merge" (canonical rule
+distributed via \`macf rules refresh\`):
+
+  "Without an explicit LGTM from the reviewer, the implementer does NOT
+  merge — even if waiting indefinitely."
+
+PR author: ${PR_AUTHOR}
+Non-author APPROVED reviews: 0
+
+The LGTM gate is structural — it ensures someone other than the implementer
+has read the diff in context. Self-merge without LGTM bypasses that quality
+gate even if the work is correct.
+
+Fix — request a formal review from a peer agent via state-change-firing
+mechanism (NOT a plain comment, per pr-discipline.md §"How to submit LGTM"):
+
+  gh pr review ${PR_NUMBER} --approve --body "LGTM"   # reviewer side
+  gh pr review ${PR_NUMBER} --request-changes --body "..."   # changes needed
+
+Then the reviewer @mentions you on the originating issue with the LGTM
+state-change as the wake signal.
+
+Override (ONLY for reporter-sanctioned exceptions per pr-discipline.md
+§"When the reviewer is absent or unreachable"):
+  export MACF_SKIP_LGTM_CHECK=1
+
+Refs: groundnuty/macf#270 (this hook); pr-discipline.md (canonical rule);
+DR-023 amendment (bash-form decision rule); macf#262 / PR #263 (rule
+codification origin).
+ERR
+exit 2

package/scripts/check-mention-routing.sh

@@ -57,6 +57,20 @@ if [[ "$COMMAND" =~ gh[[:space:]]+(issue|pr)[[:space:]]+close ]] && [[ ! "$COMMA
   exit 0
 fi
 
+# Track whether this is a `close` subcommand. Check A
+# (must-have-mention; macf#244) does NOT apply to close subcommands —
+# self-close verification comments are canonically no-recipient
+# (reporter-internal verification per coordination.md §Issue Lifecycle 1
+# case 2 self-close pattern: "Verified on main after PR #M merged.
+# Closing as reporter."). The close action itself is the routing-end
+# signal, not a routing-active comment requiring an addressed @mention.
+# Check B (must-not-leak; describing-context) still applies on close
+# subcommands — leak prevention is independent of recipient semantics.
+IS_CLOSE_SUBCOMMAND=false
+if [[ "$COMMAND" =~ gh[[:space:]]+(issue|pr)[[:space:]]+close ]]; then
+  IS_CLOSE_SUBCOMMAND=true
+fi
+
 # `--body-file` reads content from a file path; we don't lint file
 # contents (the file may not exist at hook-fire time, or may be
 # regenerated). Accept the trade-off and allow. The canonical rule
@@ -105,8 +119,23 @@ fi
 # benefit (fleet-agnostic protection) is durable.
 HANDLE_PATTERN='@[a-zA-Z][a-zA-Z0-9_-]*[[]bot[]]'
 
-OFFENDING="$(awk -v pat="$HANDLE_PATTERN" '
+# Single AWK pass produces TWO outputs (line-prefix-discriminated):
+#   - `LEAK:<line_no>: <line>` — describing-context leaks (Check B,
+#     groundnuty/macf#272). Reported once per offending line.
+#   - `ACTIVE_COUNT:<n>` — total routing-active @mentions across the
+#     entire body (Check A, groundnuty/macf#244). Routing-active =
+#     NOT wrapped in backticks. Both line-start addressing AND mid-line
+#     describing-leaks are routing-active; only the backticked form is
+#     routing-suppressed. If this count is 0, the comment has no
+#     recipient — Check A blocks.
+AWK_OUTPUT="$(awk -v pat="$HANDLE_PATTERN" '
+  BEGIN { active_count = 0 }
   {
+    # Track which lines we have already reported a leak for, so a line
+    # with multiple offenders surfaces once (existing Check B behavior
+    # — preserved verbatim across the Check A extension).
+    line_already_reported = 0
+
     # Process every match on this line. After each match, advance the
     # search-substring past it (RSTART+RLENGTH from the original line $0
     # tracked via abs_offset).
@@ -120,15 +149,22 @@ OFFENDING="$(awk -v pat="$HANDLE_PATTERN" '
       char_before = (abs_start - 1 >= 1) ? substr($0, abs_start - 1, 1) : ""
       char_after = substr($0, abs_end, 1)
 
-      # Already-backticked? Allowed describing form (§5).
+      # Already-backticked? Allowed describing form (§5). Routing-suppressed
+      # — does NOT count toward Check A active-mention total.
       if (char_before == "`" && char_after == "`") {
         line = substr(line, RSTART + RLENGTH)
         abs_offset = abs_start + RLENGTH - 1
         continue
       }
 
+      # Routing-active (NOT backticked). Counts toward Check A regardless
+      # of position (line-start addressing AND mid-line describing both
+      # fire routing — the backtick suppression is the only routing-mute).
+      active_count++
+
       # Line-start (after optional whitespace, blockquote, or list-item
-      # markers)? Allowed addressing form (§3).
+      # markers)? Allowed addressing form (§3) — Check B passes; Check A
+      # already incremented above.
       prefix = substr($0, 1, abs_start - 1)
       if (prefix ~ /^[[:space:]>]*([0-9]+\.[[:space:]]+|[-*][[:space:]]+)?$/) {
         line = substr(line, RSTART + RLENGTH)
@@ -136,13 +172,27 @@ OFFENDING="$(awk -v pat="$HANDLE_PATTERN" '
         continue
       }
 
-      # Mid-line raw mention — describing-context leak.
-      print NR ": " $0
-      next  # skip remaining matches on this line; one report per line
+      # Mid-line raw mention — describing-context leak (Check B BLOCK).
+      # Report once per line; counter still increments for additional
+      # matches on the same line so Check A sees the complete picture.
+      if (!line_already_reported) {
+        print "LEAK:" NR ": " $0
+        line_already_reported = 1
+      }
+      line = substr(line, RSTART + RLENGTH)
+      abs_offset = abs_start + RLENGTH - 1
     }
   }
+  END { print "ACTIVE_COUNT:" active_count }
 ' <<<"$COMMAND")"
 
+# `grep` returns 1 when no matches; under `set -euo pipefail` that
+# propagates as the script's exit code without `|| true`. The Check A
+# happy-path (no leaks) needs OFFENDING to be empty without the hook
+# itself dying — the explicit fall-through is required.
+OFFENDING="$(grep '^LEAK:' <<<"$AWK_OUTPUT" | sed 's/^LEAK://' || true)"
+ACTIVE_COUNT="$(grep '^ACTIVE_COUNT:' <<<"$AWK_OUTPUT" | sed 's/^ACTIVE_COUNT://' || true)"
+
 if [[ -n "$OFFENDING" ]]; then
   cat >&2 <<ERR
 BLOCKED by MACF mention-routing-hygiene hook: this comment contains raw
@@ -173,4 +223,41 @@ ERR
   exit 2
 fi
 
+# Check A (groundnuty/macf#244): must-have-mention. Comment-emit commands
+# must contain at least one routing-active @<bot>[bot] mention. Without
+# one, the comment is "invisible" to other agents — coordination.md
+# §Communication 2 names this as the silent-failure mode.
+#
+# Bypassed for `gh (issue|pr) close --comment` — self-close verification
+# comments are canonically no-recipient (reporter-internal). The close
+# action itself signals routing-end; no addressed mention required.
+if [[ "$IS_CLOSE_SUBCOMMAND" == "false" ]] && [[ "$ACTIVE_COUNT" == "0" ]]; then
+  cat >&2 <<ERR
+BLOCKED by MACF mention-routing-hygiene hook: this comment has zero
+routing-active @<bot>[bot] mentions. Per coordination.md §Communication 2:
+
+  "@mention in EVERY comment. Routing depends on it. A comment without
+  @mention is invisible to the recipient agent."
+
+Without a routing-active mention, the comment is silently invisible to
+peer agents — they have no notification that you posted, even if the
+issue/PR is on their assigned-label queue.
+
+Fix: add an addressing mention naming the recipient:
+  @<recipient-handle>[bot] <your message>
+
+Examples (where <recipient> is the issue reporter, PR reviewer, etc.):
+  @macf-science-agent[bot] PR #N ready for review.
+  @macf-code-agent[bot] LGTM, you can merge.
+
+Override (ONLY for legitimate no-recipient cases — rare; status posts
+on self-filed-self-closed issues, or test-orchestration scratch comments):
+  export MACF_SKIP_MENTION_CHECK=1
+
+Refs: groundnuty/macf#244 (this check); coordination.md §Communication 2
+(canonical rule, distributed via \`macf rules refresh\`).
+ERR
+  exit 2
+fi
+
 exit 0