@neikyun/ciel 6.11.0 → 6.11.2

package/assets/skills/workflow/evaluer-sizer/SKILL.md

@@ -0,0 +1,112 @@
+---
+name: evaluer-sizer
+description: How to size and assess risk before coding — back-of-envelope sizing, pre-mortem (2 failure modes), recent-churn check, diverged alternatives (v5), and counterfactual ("what if we do nothing?"). For Ciel v5 pipeline step 9 (EVALUER). Use after DIVERGE and RECHERCHE, before ASK2.
+---
+
+# Pre-Implementation Sizing — 5 Cheap Gates (Ciel v5)
+
+## What this covers
+
+How to sanity-check an approach before committing to it. In v5, this step follows DIVERGE (etape 5) which explored 2-3 approaches. Here we evaluate the selected approach. These 5 gates take 2 minutes and prevent hours of wasted work.
+
+## Core principle
+
+**Quantify before coding.** "Small memory footprint" is not sizing. "~2 MB × 10k entries = 20 MB" is.
+
+## Gate 1: Back-of-envelope sizing
+
+Compute rough estimates:
+- Memory: bytes per row × row count
+- Connections: concurrent users × connections per user
+- Throughput: req/s × processing time per req
+- Storage: items × avg size × retention
+
+Does the solution fit in the budget? If caching requires 10 GB and the server has 2 GB -> wrong solution, don't start.
+
+## Gate 2: Pre-mortem
+
+State explicitly: "In production, this could fail in these 2 ways:"
+1. <failure mode 1>
+2. <failure mode 2>
+
+Can't imagine 2 failure modes -> don't understand the system well enough.
+
+## Gate 3: Recent churn
+
+```bash
+git log --oneline --since="7 days" -- <impacted files>
+```
+
+If 2+ commits in the last week touched the same module:
+- Read those commits BEFORE proposing your fix
+- Someone already fixed this area twice this week -> incomplete mental model
+- Your "fix" might be the 3rd attempt at the same bug
+
+## Gate 4: Diverged approach comparison (v5)
+
+Compare the approaches explored during DIVERGE (etape 5):
+- Approach A (from DIVERGE): <summary>
+- Approach B (from DIVERGE): <summary>
+- Selected: <A or B> because <reason>
+- Why NOT the other: <specific limitation, not "it's worse">
+
+If only 1 approach was explored -> DIVERGE was incomplete.
+
+## Gate 5: Counterfactual
+
+**Counterfactual**: "What if we do NOTHING?" If doing nothing solves 80% of the problem with 0 risk -> reconsider scope.
+
+## Output format
+
+```
+## EVALUER
+
+### Sizing
+- Memory: <estimate>
+- Connections: <estimate>
+- Throughput: <estimate>
+- Fit: <yes -- within budget | no -- what breaks>
+
+### Pre-mortem (2 ways this could fail)
+1. <failure mode>
+2. <failure mode>
+
+### Recent churn
+- Commits in last 7 days: <N>
+- Relevant: <list>
+- Read them? <yes -- findings>
+
+### Diverged approach comparison (v5)
+- A: <summary>
+- B: <summary>
+- Selected: <A/B> because <reason>
+
+### Counterfactual
+- What if nothing? <consequence>
+- 80% solve with 0 risk? <yes -> reconsider | no -> proceed>
+```
+
+## How to verify
+
+- [ ] Sizing has concrete numbers (request rate, data volume, latency budget)?
+- [ ] Pre-mortem identifies >= 2 specific failure modes?
+- [ ] Recent churn checked (git log for affected files)?
+- [ ] >= 2 approaches compared from DIVERGE?
+- [ ] Counterfactual stated ("what if we don't do this")?
+- [ ] Selected approach justified with specific reason?
+
+## Common rationalizations
+
+| Rationalization | Reality |
+|---|---|
+| "I'll size it as I go" | Sizing after coding is guessing. Sizing before prevents committing to the wrong approach. |
+| "I can't estimate without coding" | Back-of-envelope takes 2 minutes. 2 minutes of thinking saves 2 hours of coding the wrong thing. |
+| "Pre-mortem is pessimistic" | Pre-mortem is the cheapest bug fix you'll ever write. Imagining failure costs nothing. Production failure costs everything. |
+| "Diverging is a waste of time, the first approach is fine" | The first approach is rarely the best. It's just the first. Generating 2-3 approaches takes 5 minutes. Committing to the wrong one takes days. |
+
+## Common mistakes
+
+- **Hand-waving sizing**: "small footprint" without numbers
+- **Pre-mortem = tests**: "might have bugs" is useless. "Query times out at > 10k notifications" is useful.
+- **Fake alternatives**: "React over Assembly" is not real. "Page vs cursor pagination because API is public" is real.
+- **Single-approach bias (v5)**: if DIVERGE was skipped, EVALUER cannot compare alternatives. Go back to DIVERGE.

package/assets/skills/workflow/faire-gatekeeper/SKILL.md

@@ -0,0 +1,99 @@
+---
+name: faire-gatekeeper
+description: How to implement code safely — 6 quality gates for Ciel v5 (test-first, alternatives, idiomatic, quality, removal, boy-scout). SPIKE mode relaxes gates. A checklist for implementation discipline during FAIRE (etape 11).
+---
+
+# Implementation Safety — 6 Quality Gates (Ciel v5)
+
+## What this covers
+
+How to implement code with discipline during Ciel v5 FAIRE phase (etape 11). These gates run during coding and are enforced by the plugin or hooks. SPIKE mode relaxes some gates.
+
+## Core principle
+
+**Check gates per-file, not per-task.** Each write/edit gets its own gate check. In SPIKE mode, gates 1 and 6 are optional but the code must be marked FIXME/TODO.
+
+## The 6 gates (v5)
+
+### Gate 1: Test-first (RED)
+
+Do not write source code before the test exists. If no `*.test.*` file exists:
+- OpenCode: plugin blocks via tool.execute.before
+- Claude Code: hook blocks via exit 2
+
+**SPIKE mode**: relaxed. Exploration code may be written without tests, but must be marked FIXME/TODO.
+
+### Gate 2: Alternatives
+
+"I chose X over Y because [reason]." No Y named -> research alternatives first.
+
+### Gate 3: Idiomatic
+
+Common bypass signals that need justification:
+- `window.*` / `document.*` in React -> why not hook/ref/router?
+- `for` + raw SQL -> why not batch/ORM?
+- `catch(e) { return null }` -> why not Result/sealed class?
+- `as X` without type guard -> why not `is X`?
+- Copying a block for the 3rd+ time -> why not extract a helper?
+
+### Gate 4: Quality
+
+- Complexity: < 15 (cyclomatic)
+- Nesting: < 4 levels
+- Function length: < 50 lines
+- File length: < 400 lines
+
+**SPIKE mode**: relaxed. Exploration code may be longer or complex, but must be marked FIXME/TODO.
+
+### Gate 5: Removal safety
+
+If you are DELETING code:
+- Who uses it? (grep for imports/references)
+- What replaces it?
+- What degrades if not replaced?
+- Is there a migration path?
+
+### Gate 6: Boy-scout (v5)
+
+After the change: is the code better than before?
+- Minor improvements count: better naming, removed dead code, added missing test
+- If the file was already touched, leaving it better is cheap
+- If nothing to improve, note "status quo" explicitly
+
+## Output format
+
+```
+## FAIRE gates
+
+Gate 1 (test-first): <PASS | BLOCKED | SPIKE>
+Gate 2 (alternatives): <X > Y because ...>
+Gate 3 (idiomatic): <PASS | bypass justified: ...>
+Gate 4 (quality): <complexity N, nesting N, length N | PASS>
+Gate 5 (removal): <no removal | safe: ...>
+Gate 6 (boy-scout): <improved: ... | status quo>
+```
+
+## How to verify
+
+- [ ] Test exists (or spike mode active)?
+- [ ] Alternative considered and documented?
+- [ ] No unjustified framework bypass?
+- [ ] Complexity < 15, nesting < 4, function < 50 lines?
+- [ ] Removals checked for dependents?
+- [ ] Code better than before?
+
+## SPIKE mode behavior
+
+When `.ciel/exploration.active` exists:
+- Gate 1 (test-first): relaxed
+- Gate 4 (quality): relaxed
+- Gates 2, 3, 5: always active
+- Gate 6 (boy-scout): recommended but not blocking
+- Exploration code MUST be marked FIXME or TODO
+
+## Key rules
+
+- **Gates are non-negotiable in Standard/Critical mode**: plugin/hooks enforce them
+- **SPIKE mode is for exploration only**: gates are relaxed, but code must be refactored properly after
+- **Gate 5 matters most**: deleting code without checking dependents is the fastest way to break production
+- **Boy-scout is the cheapest improvement**: if you already read the file, clean it up

package/assets/skills/workflow/flux-narrator/SKILL.md

@@ -0,0 +1,93 @@
+---
+name: flux-narrator
+description: How to trace data flow through a system — trigger → handler → service → state → output, with boundaries, assumptions, and break points called out. Essential before implementation or test writing.
+allowed-tools: Read, Grep
+---
+
+# Data Flow Tracing — Narrate Before You Code
+
+## What this covers
+
+How to trace and narrate data flow through a system. If you can't narrate the flow, you don't understand the system — read more code before implementing.
+
+## Core narration
+
+Format: `"When [trigger] → [handler fires] → [function calls] → [data flows] → [output]"`
+
+Example:
+```
+When user clicks "Save" on ProfileForm →
+  → ProfileForm.tsx:handleSubmit (component boundary)
+  → useUpdateProfile hook fires (state boundary)
+  → fetch('/api/users/:id/profile', {method: 'PATCH'}) (network boundary)
+  → Ktor Route at routes/UserRoute.kt:PATCH /:id/profile
+  → UserService.updateProfile (service layer)
+  → UserRepository.save (DB layer)
+  → return HTTP 200 with updated user
+  → UI optimistically updates via React Query
+  → Toast notification: "Profile saved"
+```
+
+## 3 cross-cutting dimensions
+
+### BOUNDARIES
+Where does control pass between layers? Each boundary is a place where contracts can break.
+
+### ASSUMPTIONS
+What must be true for this flow to work? E.g. "assumes user is authenticated", "assumes DB connection is not exhausted".
+
+### BREAK POINTS
+Where can the flow fail WITHOUT visible error? E.g. silent swallowed exceptions, network retries that mask failures, caching that hides stale data.
+
+**Break points ≠ assumptions**: an assumption is "must be true"; a break point is "how it fails silently even when all assumptions hold".
+
+## Test-specific items (when writing tests)
+
+When the task involves writing tests, also determine:
+
+- **Test level**: unit / integration / E2E — justify the choice
+- **URL routing**: request `host:port` vs handler `host:port` — match or mismatch? (CI often differs from local)
+- **Mock lifecycle**: fires at module load? function call? render cycle?
+- **Timing**: expected delay in ms / CI runner capabilities (fake timers? timeout?)
+
+## Output format
+
+```
+## FLUX
+
+When <trigger>
+  → <layer 1: component/handler — file:function>
+  → <layer 2: service/function — file:function>
+  → <layer 3: DB/API/store>
+  → <output: state change / HTTP response / side effect>
+
+### Boundaries
+- <list: where control crosses layers>
+
+### Assumptions
+- <list: what must be true>
+
+### Break points (silent failures)
+- <list: how the flow fails without visible error>
+
+[If writing tests:]
+### Test-specific
+- Test level: <unit | integration | E2E> — <justification>
+- URL routing: MATCH ✓ | MISMATCH ⚠️
+- Mock lifecycle: <module load | function call | render>
+- Timing: <X ms>, CI: <capable | insufficient ⚠️>
+```
+
+## How to verify
+
+- [ ] ≥ 3 layers in the flow (trigger → middle → output)?
+- [ ] BOUNDARIES identified?
+- [ ] ASSUMPTIONS listed (what must be true)?
+- [ ] BREAK POINTS identified (silent failures)?
+- [ ] Narration based on grep (not memory)?
+
+## Key rules
+
+- **Minimum 3 layers**: trigger → middle → output. Only 2 = don't understand the flow.
+- **Don't narrate from memory**: grep the actual call graph. Pattern-matching produces plausible but wrong narrations.
+- **Test items mandatory when writing tests**: skipping any one risks CI/local mismatch or flaky tests.

package/assets/skills/workflow/memoire/SKILL.md

@@ -0,0 +1,198 @@
+---
+name: memoire
+description: Persists project knowledge in Ciel via cued-recall memory (etape 15 MEMOIRE). Captures interventions and decisions into .ciel/memory/{episodes,concepts,guards}/ with index.json mapping cues (paths, symbols, intents) to memories. Replayed automatically when matching cues fire. Replaces the legacy free-recall .ciel/learnings.md blob.
+---
+
+# Persist Project Knowledge — Cued-Recall Memory (Ciel v6.5+)
+
+## What this covers
+
+How to save and retrieve project knowledge using **cued recall**: memories tagged with mechanical cues (file paths, symbols, intents) that fire automatically when those cues appear in the next task's context. The model never has to "remember to search" — the system surfaces relevant memory by mechanical match.
+
+See `docs/adrs/0001-cued-recall-memory.md` for the full design rationale.
+
+## Core principle
+
+**Cued recall over free recall.** Don't ask the model "is there relevant memory?" — surface memory automatically when the context cue (file, symbol, intent) matches.
+
+## Three persistence targets
+
+### 1. Episodes — `.ciel/memory/episodes/<YYYY-MM-DD>-<slug>.md`
+
+Dated events: human corrections, incidents, decisions discovered during a task.
+
+Frontmatter:
+```yaml
+---
+id: mem_012
+title: Admin routes use admin-guard wrapper
+languages: [typescript]
+path_patterns:
+  - src/admin/**
+  - src/pages/admin/**
+symbols: [AdminGuard, useAdminGuard]
+intents: [new-route, admin]
+captured_at: 2026-05-08T14:32:00Z
+captured_from: user-intervention  # or: incident, decision, bootstrap
+trigger_count: 0
+last_triggered: null
+stale_after_days: 90
+stale: false
+---
+
+# Admin routes use admin-guard wrapper
+
+**Context:** when adding a route under `/admin/*`, do not use the standard
+auth middleware. Use the project's `admin-guard` wrapper, which adds
+audit logging and role-based checks.
+
+**Why:** captured 2026-05-08 after the third incident where standard
+middleware allowed read access without role check.
+
+**How to apply:** import from `src/lib/auth/admin-guard.ts`. Wrap the
+route handler. See `src/admin/users/page.tsx` for canonical usage.
+```
+
+Capture when:
+- User corrects the model ("non, on utilise X ici")
+- An incident is documented (build broke, prod paged, test flaked for non-obvious reason)
+- A non-obvious decision is made (chose lib A over B because constraint C)
+
+### 2. Concepts — `.ciel/memory/concepts/<topic>.md`
+
+Stable conventions promoted from episodes that triggered ≥ N times. Same frontmatter, but with `captured_from: consolidation` and `promoted_from: [mem_012, mem_018]`.
+
+Promotion rule (handled by `memoire-consolidator` skill):
+- Episode triggered ≥ 5 times in last 60 days → candidate for promotion
+- ≥ 2 episodes share ≥ 80% of tags + similar lesson → candidate for merge
+
+### 3. Guards — `.ciel/memory/guards/<scope>.md`
+
+Vigilance rules with narrow trigger scope and high-severity warnings. Same frontmatter, but with `severity: critical`. Used for:
+- Foot-guns (commands that destroy prod)
+- Forbidden patterns (editing a deployed migration)
+- Mandatory checks before specific actions
+
+## Index — `.ciel/memory/index.json`
+
+The cue → memory mapping. Always loaded by `session-start.sh` at SessionStart.
+
+```json
+{
+  "version": 2,
+  "memories": {
+    "mem_012": { "title": "...", "file": "...", "languages": [...], "..." : "..." }
+  },
+  "by_path": { "src/admin/**": ["mem_012"] },
+  "by_symbol": { "AdminGuard": ["mem_012"] },
+  "by_intent": { "new-route": ["mem_012"] },
+  "by_language": { "typescript": ["mem_012"] }
+}
+```
+
+The index is rebuilt from frontmatter scans by `memoire-consolidator` whenever a memory is added/updated.
+
+## Capture flow
+
+1. User submits prompt
+2. `user-prompt-submit.sh` hook scans for intervention patterns: "tu as oublié", "non en fait", "attention que", "rappelle-toi", "n'oublie pas", "wait", "stop", "non on fait plutôt", "ici on fait plutôt"
+3. If matched → emits a context message: "INTERVENTION DETECTED — propose capture"
+4. Model surfaces an `AskUserQuestion`: "Capture this correction as memory? [Title / Tags suggested / Skip]"
+5. User confirms or skips
+6. On confirm → write `.ciel/memory/episodes/<date>-<slug>.md`, update `index.json`
+
+**Never auto-silent.** The user is the filter against cargo-cult capture.
+
+## Recall flow
+
+1. SessionStart or new task begins
+2. `session-start.sh` hook reads:
+   - The user's prompt (extract keywords → intent cues)
+   - `.ciel/map.json` (current focus modules → path cues)
+   - Recently tracked files (`.ciel/tracked-files.json`) → path + symbol cues
+3. Queries `index.json`: cues ∩ memories → candidate set
+4. Scores by: `recency × trigger_count × tag-overlap`
+5. Selects top-K under depth budget (Trivial 1K / Standard 3K / Critical 5K tokens)
+6. Injects one-line previews:
+   ```
+   [mem_012, fired 7×] Admin routes use admin-guard wrapper
+   [mem_007, fired 3×] Migration files are checksum-locked
+   ```
+7. Model can `Read` full content if relevant (cued exploration, not blanket dump)
+
+## Bootstrap from existing docs
+
+On first run, the slash command `/ciel-memory-bootstrap` ingests:
+
+| Source | Format expected |
+|---|---|
+| `.ciel/learnings.md` | Legacy Ciel format with `[date] MISTAKE/RULE` entries |
+| `.claude/lessons.md` or `lessons.md` | Same as above |
+| `ciel-overlay.md` | "Key Lessons" section |
+| `.claude/rules/*.md` | Each file = one rule |
+| `AGENTS.md` | Rules sections |
+
+Each ingested item becomes an episode with `captured_from: bootstrap`. Tags are inferred from content (file paths mentioned, symbols mentioned, language detected from imports).
+
+If no source is found, the system reports it and waits for organic capture via interventions.
+
+## Decay
+
+- `last_triggered` is updated by `session-start.sh` whenever a memory is matched and injected
+- After `stale_after_days` (default 90) without trigger → `stale: true`
+- Stale memories excluded from auto-injection but kept on disk
+- Skill `memoire-consolidator` periodically suggests purge or refresh
+
+## Token budget (hard caps)
+
+| Depth | Cap |
+|---|---|
+| Trivial | 1K tokens injected |
+| Standard | 3K tokens injected |
+| Critical | 5K tokens injected |
+
+If candidate set exceeds cap, drop lowest-scoring entries first. Index itself is small (~50 tokens per entry); the cap concerns content previews and any auto-loaded full content.
+
+## Common rationalizations
+
+| Rationalization | Reality |
+|---|---|
+| "I'll remember this next session" | You won't. Even if you do, the next agent session won't. Capture or it's gone. |
+| "The user corrected me, but it was obvious" | The fact that you missed it makes it non-obvious. Capture. |
+| "All this is in CLAUDE.md already" | CLAUDE.md is loaded once and diluted by lost-in-the-middle (Liu 2023). Cued memory bypasses that. |
+| "Capturing slows the user down" | One confirmation now vs. the same intervention next month. The math favors capture. |
+
+## What to persist vs what to skip
+
+PERSIST (becomes a memory):
+- User corrections that aren't obvious from reading the code
+- Incidents (what broke, root cause, fix that worked)
+- Architecture decisions with their motivation
+- Foot-guns (commands/patterns to avoid in this project)
+- Wrappers / conventions that override library defaults
+
+SKIP (don't pollute the corpus):
+- The code itself (it's in git)
+- Routine task completion ("I added a button")
+- Anything trivially derivable by reading the file
+- Personal style preferences (those go in `ciel-overlay.md`)
+
+## How to verify (etape MEMOIRE)
+
+- [ ] Did this session contain a user intervention/correction? If yes, was it captured?
+- [ ] Did this session document a new pattern, foot-gun, or convention? If yes, episode created?
+- [ ] Was the index.json updated by the capture flow?
+- [ ] Are tags reasonable (paths actually exist, symbols are real)?
+- [ ] If the same correction came up next month, would the cued recall fire? (Mental dry-run.)
+
+## Migration from legacy `.ciel/learnings.md`
+
+The legacy single-blob `learnings.md` is kept for backward compatibility but **deprecated**. New writes should go to `.ciel/memory/episodes/` via the capture flow. Run `/ciel-memory-bootstrap` to migrate existing entries — it parses the dated entries and converts each into an episode with inferred tags.
+
+## Related
+
+- `docs/adrs/0001-cued-recall-memory.md` — full design rationale and binding principles
+- `skills/workflow/memoire-consolidator` — periodic maintenance: promote, merge, decay
+- `commands/ciel-memory-bootstrap.md` — first-run scan + ingestion
+- `hooks/user-prompt-submit.sh` — detects intervention patterns and proposes capture
+- `hooks/session-start.sh` — injects matching memories at session start

package/assets/skills/workflow/memoire-consolidator/SKILL.md

@@ -0,0 +1,91 @@
+---
+name: memoire-consolidator
+description: Periodic maintenance of .ciel/memory/ — promotes high-frequency episodes to concepts, merges duplicates, marks stale entries, rebuilds index.json. Run manually or via /ciel-improve. Keeps the cued-recall corpus from accumulating noise as projects age.
+---
+
+# Consolidate Cued-Recall Memory
+
+## What this covers
+
+The corpus under `.ciel/memory/` grows over time. Without maintenance it accumulates duplicates, stale entries, and episodes that should have been promoted to stable concepts long ago. This skill is the maintenance pass.
+
+See `skills/workflow/memoire/SKILL.md` for the capture/recall flow and `docs/adrs/0001-cued-recall-memory.md` for the full design.
+
+## When to run
+
+- Manually via `/ciel-improve` or direct invocation
+- When `index.json` shows ≥ 50 episodes
+- Quarterly on long-lived projects
+- After any large bootstrap import (existing tribal docs ingested at once)
+
+## Five operations
+
+### 1. Promote frequent episodes → concepts
+
+Criterion: episode with `trigger_count ≥ 5` AND `last_triggered` within 60 days.
+
+Action: copy episode content to `.ciel/memory/concepts/<slug>.md`, set `captured_from: consolidation` and `promoted_from: [original_id]`. Mark original episode `superseded_by: <new_id>` and exclude from active index.
+
+Why: concepts are stable conventions. Frequent triggers prove the rule has crystallized.
+
+### 2. Merge similar episodes
+
+Criterion: two or more episodes share ≥ 80% of tags AND describe the same lesson (semantic similarity, judged by reading content).
+
+Action: create a new concept that subsumes them, mark all originals `merged_into: <concept_id>`.
+
+Why: bootstrap or rapid capture often produces near-duplicates ("admin routes use admin-guard" + "always wrap admin in admin-guard"). Merging reduces noise without losing the signal.
+
+### 3. Mark stale entries
+
+Criterion: `last_triggered` is older than `stale_after_days` (default 90) OR null + `captured_at` older than 90 days.
+
+Action: set `stale: true` in frontmatter and in `index.json`. Stale entries are excluded from auto-injection but remain on disk.
+
+Why: untriggered memories may be obsolete (the file no longer exists, the convention changed). Auto-injecting them produces false positives.
+
+### 4. Detect dead anchors
+
+Criterion: a memory's `path_patterns` no longer match any file in the repo (deleted module, renamed convention).
+
+Action: flag for human review in `.ciel/memory/review-queue.md`. Don't auto-delete — the user should decide whether the memory is obsolete or needs updated paths.
+
+### 5. Rebuild `index.json`
+
+Always done last. Scans all `*.md` under `.ciel/memory/{episodes,concepts,guards}/`, parses frontmatter, regenerates the cue indices (`by_path`, `by_symbol`, `by_intent`, `by_language`).
+
+This guarantees the index never drifts from source-of-truth (the markdown files).
+
+## Output report
+
+After running, emit a summary:
+
+```
+[memoire-consolidator] 2026-05-08
+Promoted: 3 episodes → concepts
+Merged:   2 episode pairs → 2 concepts
+Stale:    7 entries flagged
+Dead:     1 anchor needs review (see .ciel/memory/review-queue.md)
+Index:    rebuilt — 42 active memories, 9 stale, 51 total
+```
+
+## Anti-patterns to avoid
+
+| Anti-pattern | Reason |
+|---|---|
+| Auto-deleting stale entries | User may want to revive; deletion is irreversible. Always flag, never delete. |
+| Promoting on first trigger | One trigger isn't crystallization. Wait for repetition. |
+| Merging without reading content | Tags may overlap by accident (two different `auth/**` rules). Read before merge. |
+| Skipping index rebuild | Drift between index and markdown is worse than missing data — silent corruption. |
+
+## Design principles inherited from ADR-0001
+
+- Markdown is source of truth; index is derived
+- User is the filter for irreversible actions (deletion, merge with conflict)
+- Decay over accumulation: stale flag is automatic, but action on it is human
+
+## Related skills
+
+- `memoire` — capture/recall flow (writes the inputs this skill consumes)
+- `meta-critiquer` — post-task reflection that may trigger consolidation if many captures occurred
+- `learnings-capture` — older format, superseded by cued-recall memoire