@raishin/vanguard-frontier-agentic 2.1.0 → 2.2.0

package/skills/cross-functional/legal-hr-case-capsule/references/capsule-schema.md

@@ -0,0 +1,110 @@
+# Legal-HR Case Capsule — Schema and Redaction Rules
+
+The capsule is the only sanctioned cross-agent handoff record. It has 30
+required fields. A capsule with any field omitted, blank, or set to a
+placeholder is not ready to send.
+
+## Field definitions
+
+### Identity and routing
+
+| Field | Type | Rule |
+|---|---|---|
+| `case_id` | string | Stable opaque identifier. No employee name, no email. |
+| `source_agent` | string | Agent id that produced this capsule. |
+| `receiving_agent` | string | Agent id this capsule is handed to. |
+| `primary_agent` | string | The single agent accountable for synthesis. Exactly one. |
+| `secondary_agents` | string[] | Agents running parallel review. May be empty. |
+| `matter_type` | enum | See risk taxonomy `matter_type` values. |
+| `employee_or_party_identifiers_redacted` | string | Role + business unit only, e.g. "IC engineer, BU-West". Never a name or ID. |
+| `jurisdiction_or_location_if_known` | string | Country / state / "Unknown". |
+| `business_unit` | string | Org unit reference, not a person. |
+| `timeline` | string | Dated sequence of events, effective dates, deadlines. |
+
+### Evidence discipline
+
+| Field | Type | Rule |
+|---|---|---|
+| `facts` | string[] | Confirmed and corroborated only. |
+| `allegations` | string[] | Claims made but unproven; record who made each. |
+| `assumptions` | string[] | Treated as plausible but unverified. |
+| `inferences` | string[] | Conclusions drawn from facts; mark each as inference. |
+| `missing_evidence` | string[] | Materially relevant facts not provided. |
+| `evidence_quality` | enum | `strong` / `mixed` / `weak` / `insufficient`. |
+
+### Risk posture
+
+| Field | Type | Rule |
+|---|---|---|
+| `risk_rating` | enum | `Critical` / `High` / `Medium` / `Low` / `Unknown`. |
+| `privilege_sensitivity` | enum | `none` / `possible` / `likely-privileged`. |
+| `privacy_sensitivity` | enum | `low` / `moderate` / `high` / `special-category`. |
+| `retaliation_risk` | enum | `none-observed` / `possible` / `elevated` / `unknown`. |
+| `discrimination_or_harassment_risk` | enum | `none-observed` / `possible` / `elevated` / `unknown`. |
+| `regulatory_risk` | enum | `none-observed` / `possible` / `elevated` / `unknown`. |
+| `litigation_hold_needed` | enum | `no` / `recommended` / `yes` / `unknown`. |
+| `data_minimization_notes` | string | What was excluded and why. |
+
+### Ownership and action
+
+| Field | Type | Rule |
+|---|---|---|
+| `decision_owner` | string | Accountable human role, e.g. "Employment Counsel". Exactly one. |
+| `human_approval_required` | boolean | `true` for any adverse, irreversible, or cross-domain action. |
+| `escalation_required` | boolean | `true` whenever an escalation gate is triggered. |
+| `recommended_next_action` | string | A recommendation, never a directive. |
+| `do_not_do_list` | string[] | Explicit prohibited actions. Must be non-empty. |
+| `audit_log_summary` | string | One-line pointer to the audit-log event for this handoff. |
+
+## Redaction rules
+
+1. Default to role + business-unit references. A name appears in a capsule only
+   when a named human owner role requires it, and never an employee subject.
+2. No government IDs, no contact details, no credentials, no medical detail, no
+   protected-class data unless the matter strictly requires it and the
+   `privacy_sensitivity` field is set to `special-category` with a documented
+   reason in `data_minimization_notes`.
+3. Privileged or investigation text is summarized, never pasted. If a capsule
+   would extend circulation of privileged material, set `privilege_sensitivity`
+   to `likely-privileged` and narrow the content.
+4. `do_not_do_list` always includes, at minimum, the actions outside agent
+   authority: approve, deny, terminate, discipline, settle, file, notify a
+   regulator, make a public disclosure, send an employee communication, or
+   mutate an HR/legal system.
+
+## Worked example (sanitized)
+
+```json
+{
+  "case_id": "CAP-2026-0142",
+  "source_agent": "hr-maestro-agent",
+  "receiving_agent": "hr-termination-readiness-agent",
+  "primary_agent": "hr-termination-readiness-agent",
+  "secondary_agents": ["legal-employment-law-risk-agent", "hr-employee-relations-agent"],
+  "matter_type": "termination-with-retaliation-risk",
+  "employee_or_party_identifiers_redacted": "IC engineer, BU-West",
+  "jurisdiction_or_location_if_known": "Unknown",
+  "business_unit": "BU-West Engineering",
+  "timeline": "Complaint filed 2026-04-02; PIP opened 2026-04-09; termination proposed 2026-05-10",
+  "facts": ["A PIP was opened", "A complaint was filed before the PIP"],
+  "allegations": ["Manager states performance was failing pre-complaint (uncorroborated)"],
+  "assumptions": ["PIP criteria were applied consistently with peers"],
+  "inferences": ["Timing proximity could be read as retaliatory by a fact-finder"],
+  "missing_evidence": ["Contemporaneous performance records predating the complaint", "Comparator data"],
+  "evidence_quality": "weak",
+  "risk_rating": "High",
+  "privilege_sensitivity": "possible",
+  "privacy_sensitivity": "moderate",
+  "retaliation_risk": "elevated",
+  "discrimination_or_harassment_risk": "unknown",
+  "regulatory_risk": "possible",
+  "litigation_hold_needed": "recommended",
+  "data_minimization_notes": "Complaint text excluded; only sequence retained",
+  "decision_owner": "Employment Counsel",
+  "human_approval_required": true,
+  "escalation_required": true,
+  "recommended_next_action": "Pause the proposed termination; route to employment counsel for retaliation analysis",
+  "do_not_do_list": ["Do not proceed with termination", "Do not backdate or retroactively create performance records", "Do not contact the complainant about the complaint"],
+  "audit_log_summary": "EVT-2026-0142-03 capsule handoff hr-maestro -> termination-readiness"
+}
+```

package/skills/cross-functional/legal-hr-risk-taxonomy/README.md

@@ -0,0 +1,97 @@
+# 🏷️ Legal-HR Risk Taxonomy
+
+The **risk taxonomy** defines the shared vocabulary for legal and HR risk assessment — severity scales, sensitivity labels, escalation-grade matter types, escalation gates, and minimum-necessary audit-log schema. It enables agents to speak the same language and escalate with precision.
+
+## What is the risk taxonomy?
+
+A structured reference that specifies:
+- **5-level severity scale** (Critical → High → Medium → Low → Informational) with clear business-impact definitions
+- **Privilege, privacy, and retaliation sensitivity labels** — data classification to control what can be disclosed, who can view case context, and when escalation is mandatory
+- **Escalation-grade matter types** — a list of matters (retaliation allegations, data breaches, whistleblower reports, executive misconduct, securities violations) that trigger automatic counsel/board escalation
+- **Escalation gates** — thresholds and decision rules that mandate senior human involvement
+- **Minimum-necessary audit-log schema** — structured fields every Legal and HR agent must emit to the audit trail
+
+See [`references/risk-labels.md`](references/risk-labels.md) for the complete specification, enumeration of matter types, label definitions, and the audit-log schema.
+
+## The severity scale
+
+| Level | Definition | Legal example | HR example | Next action |
+| ----- | ---------- | ------------- | ---------- | ----------- |
+| **Critical** | Board-level incident; regulatory exposure; imminent legal jeopardy | Patent infringement by key competitor entering market; major data breach affecting thousands of customers | Executive misconduct allegation; whistleblower report of systemic discrimination; mass layoff with retaliation risk | Immediate counsel + board escalation |
+| **High** | Material legal or HR risk; requires counsel or senior HR review; potential litigation or regulatory investigation | Wrongful-termination exposure; contract breach by vendor; regulatory licensing gap | Wrongful termination exposure; retaliation risk in termination; high-risk accommodation denial | Escalate to employment counsel or CHRO within 24 hours |
+| **Medium** | Process improvement needed; no immediate jeopardy; senior review recommended | Contract clause ambiguity; IP assignment gap in contractor agreement | Pay-equity anomaly; performance-plan defensibility concern | Escalate to counsel/senior HR; schedule review within a week |
+| **Low** | Informational; no immediate action required; routine guidance | Routine contract renewal; standard vendor audit | Routine scheduling conflict; policy-interpretation question | Route to the right specialist; no escalation required |
+| **Informational** | Informational only; logged for completeness | Regulatory guidance update; industry trend | Engagement survey result; policy reminder | Log and distribute |
+
+## Sensitivity labels
+
+Every Legal and HR matter is labeled with one or more sensitivity markers that control disclosure:
+
+- **attorney-client-privilege** — information protected from disclosure under legal privilege; must not be shared downstream without counsel approval
+- **work-product-doctrine** — analysis, strategy, or litigation advice; protected under work-product doctrine
+- **medical-information** — employee medical records, disability status, medical leave reason; must be minimized and access-controlled
+- **protected-characteristic-data** — age, race, gender, religion, national origin, disability, genetic information; must be minimized and access-controlled
+- **whistleblower-report** — information from a whistleblower; mandatory confidentiality and retaliation-risk escalation
+- **retaliation-risk** — an action that, if taken without review, could trigger retaliation claims; automatic escalation
+- **data-breach-material** — involves a data breach or loss of regulated data; automatic regulatory and counsel escalation
+- **executive-misconduct** — conduct by executives or board members; automatic board and counsel escalation
+
+## Escalation-grade matter types
+
+The following matter types **automatically trigger escalation** (counsel, CHRO, CFO, or board as appropriate):
+
+- Retaliation allegations or risk
+- Discrimination or harassment allegations
+- Whistleblower reports
+- Executive or board-member misconduct
+- Data breaches or regulatory notifications
+- Litigation holds or subpoena response
+- Securities-law materiality (IPO, acquisitions, public disclosures)
+- Mass layoffs or restructurings with adverse-impact risk
+- Third-party claims (breach of contract, IP infringement, product liability)
+- Regulatory agency contact or investigation
+
+## Escalation gates
+
+Escalation gates are decision thresholds. When a matter hits a gate, human approval is mandatory:
+
+1. **Severity ≥ High** → escalate to counsel (legal) or CHRO (HR)
+2. **Any sensitivity label** → escalate to the gate owner (e.g., whistleblower → board; executive misconduct → CEO + board)
+3. **Matter type is escalation-grade** → escalate automatically
+4. **Time-critical or irreversible action** → escalate before execution
+5. **Cross-domain matter** → escalate to maestro router; both domains approve
+6. **Disagreement between specialists** → escalate to counsel + CHRO
+7. **Regulatory or board trigger** → escalate to general counsel + CFO + board
+
+## Audit-log schema
+
+Every Legal and HR agent must emit the following minimum-necessary audit-log entry:
+
+```json
+{
+  "agent_id": "legal-privacy-data-protection-agent",
+  "matter_id": "MTR-2025-00041",
+  "timestamp": "2025-05-19T14:23:45Z",
+  "severity": "High",
+  "sensitivity_labels": ["attorney-client-privilege", "data-breach-material"],
+  "decision": "Flag DPIA gap; escalate to counsel before proceeding with cross-border transfer",
+  "evidence_level": "Strong",
+  "open_questions": ["Scope of DPIA if only metadata is transferred", "Adequacy decision status in target jurisdiction"],
+  "safe_next_actions": ["Retain outside DPA counsel", "Schedule adequacy-decision research"],
+  "decision_owner": "Chief Privacy Officer",
+  "do_not_do_list": ["Do not proceed with cross-border transfer without adequate decision", "Do not disclose PII without DPIA completion"]
+}
+```
+
+See [`references/risk-labels.md`](references/risk-labels.md) for the complete schema and worked examples.
+
+## Cross-references
+
+- [`SKILL.md`](SKILL.md) — the skill prompt for risk assessment and taxonomy application
+- [`references/risk-labels.md`](references/risk-labels.md) — complete specification, matter-type enumeration, label definitions, audit-log examples
+- [`docs/architecture/legal-hr-agent-routing.md`](/docs/architecture/legal-hr-agent-routing.md) — how escalation gates feed into routing decisions
+- [`skills/cross-functional/legal-hr-case-capsule`](/skills/cross-functional/legal-hr-case-capsule/) — case capsule carries severity and sensitivity labels
+
+---
+
+*The risk taxonomy is part of the vanguard frontier's cross-functional protocol layer. It ensures Legal and HR agents rate risk in the same language and escalate with precision.*

package/skills/cross-functional/legal-hr-risk-taxonomy/SKILL.md

@@ -0,0 +1,89 @@
+---
+name: legal-hr-risk-taxonomy
+description: Use this skill to assign consistent risk labels to a Legal or HR matter — severity ratings, privilege and privacy sensitivity labels, retaliation and discrimination risk labels, matter-type classes, escalation-gate triggers, and the audit-log schema. It standardizes the vocabulary every Legal and HR agent and case capsule uses so risk is rated the same way across the ecosystem. It does not give legal or HR advice and never concludes that a matter is safe or compliant.
+allowed-tools: Read Grep Glob
+metadata:
+  author: "github: Raishin"
+  version: "0.1.0"
+  updated: "2026-05-18"
+  category: compliance
+  lifecycle: experimental
+---
+
+# Legal-HR Risk Taxonomy
+
+## Purpose
+This skill is the shared risk vocabulary for the Legal and HR agent ecosystem.
+It defines the severity scale, sensitivity labels, matter-type classes,
+escalation-gate triggers, and the audit-log schema, so every agent and every
+case capsule rates and labels risk the same way. It does not give legal or HR
+advice and never concludes that a matter is safe, compliant, or approved.
+
+## When to use
+- An agent must assign a `risk_rating` or sensitivity label to a matter.
+- An agent must decide whether an escalation gate is triggered.
+- A capsule or audit-log entry must be filled in with consistent labels.
+
+## Severity scale
+| Rating | Meaning |
+|---|---|
+| Critical | Immediate legal or regulatory exposure; do not proceed without counsel sign-off. |
+| High | Material litigation, regulatory, or financial exposure; escalation strongly indicated. |
+| Medium | Manageable with documented controls; monitor and document. |
+| Low | Limited exposure on current evidence; note and monitor. |
+| Unknown | Jurisdiction or material facts missing; cannot rate. Mandatory when documentation is incomplete. |
+
+`Unknown` is mandatory, not a fallback. An agent never upgrades a matter to a
+ratable severity to avoid an escalation.
+
+## Sensitivity labels
+- `privilege_sensitivity`: `none` / `possible` / `likely-privileged`.
+- `privacy_sensitivity`: `low` / `moderate` / `high` / `special-category`.
+- `retaliation_risk`, `discrimination_or_harassment_risk`, `regulatory_risk`:
+  `none-observed` / `possible` / `elevated` / `unknown`.
+- `litigation_hold_needed`: `no` / `recommended` / `yes` / `unknown`.
+
+## Escalation-grade matter types
+The following are escalation-grade by default — they always reach a qualified
+human owner regardless of severity rating: harassment, discrimination,
+retaliation, whistleblower, workplace safety, wage/hour, worker classification,
+union/labor, immigration, medical leave, disability accommodation, pay equity,
+executive misconduct, mass layoff or reorganization, employee data breach, and
+litigation-hold or discovery matters.
+
+## Escalation gates
+A matter must be paused and escalated when any gate is true:
+- The matter is an escalation-grade matter type (above).
+- A claim, complaint, charge, grievance, or subpoena has been filed or
+  threatened.
+- Protected activity, protected characteristics, or whistleblower status are in
+  play.
+- Attorney-client privilege or work-product protection may be implicated.
+- Financial or reputational exposure is material.
+- A board, audit-committee, or regulatory-reporting trigger may apply.
+- The matter crosses Legal and HR and no documented controls exist.
+- Legal and HR agents disagree.
+
+See [references/risk-labels.md](references/risk-labels.md) for the full
+`matter_type` value list and the audit-log schema.
+
+## Audit-log schema
+Every handoff and escalation produces one audit-log event with the minimum
+necessary fields: `event_id`, `case_id`, `timestamp`, `initiating_agent`,
+`receiving_agent`, `human_owner`, `matter_type`, `risk_rating`,
+`escalation_status`, `data_sensitivity`, `privilege_sensitivity`,
+`action_recommended`, `action_prohibited`, `evidence_summary`,
+`open_questions`, `decision_status`, `retention_category`. Field rules are in
+the reference file.
+
+## References
+- [Risk labels and audit-log schema](references/risk-labels.md) — full
+  `matter_type` enumeration, label definitions, and audit-log field contract.
+
+## Security notes
+- A rating is an opinion on exposure, never a clearance. Never record "this is
+  compliant" or "safe to proceed"; use the severity scale only.
+- The audit log is minimum-necessary. It carries labels and summaries, never
+  raw medical, privileged, credential, or protected-class content.
+- When facts are missing, rate `Unknown` and trigger the escalation gate rather
+  than guessing a lower severity.

package/skills/cross-functional/legal-hr-risk-taxonomy/metadata.json

@@ -0,0 +1,19 @@
+{
+  "id": "legal-hr-risk-taxonomy",
+  "name": "Legal-HR Risk Taxonomy",
+  "type": "skill",
+  "provider": "generic",
+  "harnesses": ["codex", "claude-code", "cursor", "gemini", "kiro", "other"],
+  "summary": "Shared risk vocabulary for the Legal and HR agent ecosystem — severity ratings, privilege and privacy sensitivity labels, matter-type classes, escalation-gate triggers, and the audit-log schema. Does not give legal or HR advice and never concludes a matter is safe or compliant.",
+  "source_type": "original",
+  "official_docs": [
+    "https://www.nist.gov/privacy-framework",
+    "https://www.eeoc.gov",
+    "https://eur-lex.europa.eu/eli/reg/2016/679/oj"
+  ],
+  "security_notes": "A risk rating is an opinion on exposure, never a clearance; never records a matter as compliant or safe. The audit-log schema is minimum-necessary and carries labels and summaries, never raw medical, privileged, credential, or protected-class content. Rates Unknown and escalates when facts are missing.",
+  "last_verified": "2026-05-18",
+  "path": "skills/cross-functional/legal-hr-risk-taxonomy",
+  "author": "github: Raishin",
+  "version": "0.1.0"
+}

package/skills/cross-functional/legal-hr-risk-taxonomy/references/risk-labels.md

@@ -0,0 +1,91 @@
+# Legal-HR Risk Labels and Audit-Log Schema
+
+## matter_type values
+
+The `matter_type` field on a case capsule uses one of these classes. Classes
+marked **E** are escalation-grade by default.
+
+| Value | Domain | E |
+|---|---|---|
+| `contract-review` | Legal | |
+| `privacy-data-protection` | Legal | |
+| `litigation-hold-discovery` | Legal | E |
+| `regulatory-compliance` | Legal | |
+| `ip-open-source` | Legal | |
+| `vendor-procurement-risk` | Legal | |
+| `ethics-investigation` | Legal | E |
+| `policy-governance` | Legal | |
+| `public-disclosure` | Legal | E |
+| `employee-relations` | HR | |
+| `workplace-investigation` | HR | E |
+| `performance-management` | HR | |
+| `termination-readiness` | HR | |
+| `termination-with-retaliation-risk` | HR + Legal | E |
+| `leave-accommodation` | HR | E |
+| `recruiting-selection` | HR | |
+| `compensation-equity` | HR | E |
+| `benefits-payroll` | HR | |
+| `workforce-reduction` | HR + Legal | E |
+| `worker-classification` | HR + Legal | E |
+| `harassment-discrimination` | HR + Legal | E |
+| `retaliation` | HR + Legal | E |
+| `whistleblower` | Legal + HR | E |
+| `executive-misconduct` | Legal + HR | E |
+| `union-labor` | HR + Legal | E |
+| `employee-data-breach` | Legal + HR | E |
+| `people-data-analytics` | HR | |
+| `hris-process-controls` | HR | |
+| `unclassified` | maestro | |
+
+## Label definitions
+
+- `evidence_quality`
+  - `strong` — corroborated, contemporaneous, consistent.
+  - `mixed` — some corroboration, some gaps.
+  - `weak` — largely uncorroborated or single-source.
+  - `insufficient` — cannot assess; treat conclusions as Unknown.
+- `privilege_sensitivity`
+  - `none` — no privileged material implicated.
+  - `possible` — privilege may attach; flag and narrow circulation.
+  - `likely-privileged` — route through counsel; do not widen distribution.
+- `privacy_sensitivity`
+  - `low` — no personal data beyond role references.
+  - `moderate` — ordinary employee data.
+  - `high` — sensitive employee data (performance, discipline).
+  - `special-category` — medical, disability, immigration, protected-class, or
+    similar; documented justification required.
+
+## Audit-log schema
+
+One event per handoff or escalation. Minimum necessary fields only.
+
+| Field | Rule |
+|---|---|
+| `event_id` | Stable opaque event identifier. |
+| `case_id` | The capsule this event belongs to. |
+| `timestamp` | ISO 8601. |
+| `initiating_agent` | Agent id that raised the event. |
+| `receiving_agent` | Agent id or human owner role receiving it. |
+| `human_owner` | Accountable human role. |
+| `matter_type` | A value from the table above. |
+| `risk_rating` | Critical / High / Medium / Low / Unknown. |
+| `escalation_status` | `none` / `recommended` / `escalated` / `paused`. |
+| `data_sensitivity` | The `privacy_sensitivity` label. |
+| `privilege_sensitivity` | The `privilege_sensitivity` label. |
+| `action_recommended` | One-line recommendation, never a directive. |
+| `action_prohibited` | The capsule `do_not_do_list` summary. |
+| `evidence_summary` | One line; no raw sensitive content. |
+| `open_questions` | Material questions still unanswered. |
+| `decision_status` | `pending-human-approval` / `approved-by-owner` / `not-required`. |
+| `retention_category` | Records-retention class for the event. |
+
+## Rules
+
+1. The audit log carries labels and summaries only. Never raw medical,
+   privileged, credential, or protected-class content.
+2. `decision_status` is never `approved` unless a named `human_owner` approved
+   it. Agents never self-approve.
+3. When facts are missing, `risk_rating` is `Unknown` and `escalation_status`
+   is at least `recommended`.
+4. An escalation-grade `matter_type` forces `escalation_status` to `escalated`
+   or `paused`, never `none`.

package/skills/cross-functional/legal-hr-routing-protocol/README.md

@@ -0,0 +1,68 @@
+# 🔗 Legal-HR Routing Protocol
+
+The **routing protocol** defines the rules, patterns, and conflict-resolution logic for when matters cross the legal-HR boundary. It answers: *When does a matter route from Legal to HR? When from HR to Legal? When do both own it? How do they coordinate?*
+
+## What is the routing protocol?
+
+A control-layer skill that specifies:
+- **15 recurring cross-domain scenarios** (from the [`handoff-matrix.md`](references/handoff-matrix.md)) — e.g., wrongful-termination exposure → legal owns risk, HR owns execution; whistleblower report → legal owns privilege, HR owns investigation
+- **Controlled-handoff communication principles** — only the case capsule flows between agents; context is redacted per the case capsule rules
+- **Conflict resolution in 10 steps** — when a single matter triggers both legal and HR concern, this protocol defines the triage, the escalation path, and who decides
+
+## The handoff matrix
+
+The [`references/handoff-matrix.md`](references/handoff-matrix.md) is the truth table. It lists 15 scenarios in a rows-and-columns format:
+
+| Scenario | Legal owns | HR owns | Decision path |
+| -------- | ---------- | ------- | ------------- |
+| Wrongful termination exposure | Risk analysis, legal holds, counsel escalation | Documentation, retaliation check, execution | Legal flags risk; HR confirms readiness |
+| Whistleblower intake | Privilege, investigation design, board escalation | Interview sequencing, witness neutrality, closure | HR investigates; Legal advises on scope |
+| ... and 13 more | ... | ... | ... |
+
+See the full matrix in [`references/handoff-matrix.md`](references/handoff-matrix.md).
+
+## Routing is a recommendation
+
+**Important:** The routing protocol routes *requests* to the right specialist and *patterns* to the right owner. It is a recommendation that a human confirms. No agent executes a handoff unilaterally; every route is logged and traceable.
+
+## For Legal agents
+
+When your review flags an HR exposure (e.g., "this termination has retaliation risk"), you don't make the HR decision. Instead:
+1. Compose a case capsule
+2. Route to the HR maestro with a handoff reason
+3. Log the escalation
+4. Remain available if Legal is needed for litigation or board escalation
+
+## For HR agents
+
+When your review flags a legal exposure (e.g., "this investigation has whistleblower concerns"), you don't make the legal decision. Instead:
+1. Compose a case capsule
+2. Route to the Legal maestro with a handoff reason
+3. Confirm Legal's guidance before proceeding
+4. Remain available if HR evidence is needed for litigation support
+
+## Conflict resolution
+
+When a single matter triggers both legal and HR concern equally, neither agent decides in isolation. The protocol enforces a 10-step conflict-resolution flow:
+
+1. Both agents signal the dual-ownership via case capsule
+2. The legal-hr maestro router receives both signals and enters triage mode
+3. Routing determines which agent's decision takes precedence (or if both approve)
+4. The decision_owner is named explicitly
+5. Both agents log the escalation and their agreement/dissent
+6. If disagreement, counsel + senior HR + CFO are escalated
+7. If time-critical, a temporary hold is issued and a meeting is scheduled
+8. Decision is recorded with rationale
+9. Both agents execute under the shared decision
+10. Audit log records the entire conflict and resolution
+
+## Cross-references
+
+- [`SKILL.md`](SKILL.md) — the skill prompt and routing scaffold
+- [`references/handoff-matrix.md`](references/handoff-matrix.md) — 15-scenario truth table with decision logic
+- [`docs/architecture/legal-hr-agent-routing.md`](/docs/architecture/legal-hr-agent-routing.md) — three-layer architecture, maestro contract, routing flow
+- [`skills/cross-functional/legal-hr-case-capsule`](/skills/cross-functional/legal-hr-case-capsule/) — the payload structure for handoffs
+
+---
+
+*The routing protocol is part of the vanguard frontier's cross-functional coordination layer. It enables agents to hand off, escalate, and coordinate across organizational boundaries without improvising.*

package/skills/cross-functional/legal-hr-routing-protocol/SKILL.md

@@ -0,0 +1,92 @@
+---
+name: legal-hr-routing-protocol
+description: Use this skill when a Legal or HR matter must be classified and routed to the right specialist agent, when a matter crosses both domains and needs parallel review, or when Legal and HR agents disagree and the conflict must be resolved. It defines routing rules, the overlap handoff matrix, the controlled-handoff communication principles, and the conflict-resolution protocol. It does not give legal or HR advice and never makes a final routing decision binding on a human.
+allowed-tools: Read Grep Glob
+metadata:
+  author: "github: Raishin"
+  version: "0.1.0"
+  updated: "2026-05-18"
+  category: compliance
+  lifecycle: experimental
+---
+
+# Legal-HR Routing Protocol
+
+## Purpose
+This skill defines how a Legal or HR matter is classified, routed to the right
+specialist agent, and coordinated when it crosses both domains. It exists so
+agents never work in silos when risk crosses a domain boundary, and so every
+handoff is controlled and auditable rather than free-form. It does not give
+legal or HR advice; routing is a recommendation that a human owner confirms.
+
+## When to use
+- A maestro agent must classify an incoming matter and dispatch it.
+- A specialist agent finds a matter has crossed into another domain.
+- A matter triggers an escalation gate and must be paused.
+- Legal and HR agents reach conflicting recommendations.
+
+## Communication principles
+- One accountable human owner per matter. One primary agent per matter.
+- Parallel review only when the matter genuinely crosses domains.
+- No agent makes a final legal, employment, disciplinary, regulatory,
+  settlement, disclosure, or public-communication decision.
+- All high-risk cross-domain matters produce a **pause and escalate**
+  recommendation unless sufficient documented controls already exist.
+- Every handoff uses a `legal-hr-case-capsule`. No free-form agent chatter.
+- Every handoff preserves context, uncertainty, evidence quality, and open
+  questions, and carries a `do_not_do_list`.
+- Every handoff labels privilege sensitivity and privacy sensitivity.
+- Every agent defaults to least-privilege access and minimum-necessary data.
+
+## Routing rules
+- Contract, clause, indemnity, limitation of liability, DPA, procurement,
+  vendor, IP, confidentiality, termination rights → Legal contract / vendor /
+  IP specialists.
+- Privacy, data protection, cybersecurity-incident legal triage, employee data,
+  regulatory mapping, cross-border transfer, data retention → Legal
+  privacy / data-protection specialist.
+- Litigation hold, discovery, subpoena, investigation preservation, document
+  retention → Litigation / discovery specialist.
+- Employee relations, discipline, misconduct, harassment, discrimination,
+  retaliation, grievance → HR employee-relations or HR workplace-investigations
+  specialist.
+- Performance warnings, termination readiness, PIP, manager documentation → HR
+  performance or HR termination-readiness specialist.
+- Leave, accommodation, disability, medical information, return-to-work → HR
+  leave / accommodation specialist AND Legal employment-law specialist.
+- Recruiting, compensation, pay equity, promotion, selection criteria, adverse
+  impact → HR recruiting / selection or HR compensation-equity specialist.
+- Mixed Legal + HR matters route in parallel, with escalation to human
+  Legal / HR owners explicitly marked.
+
+## Overlap handoff matrix
+Fifteen recurring cross-domain scenarios and their agent sets are defined in
+[references/handoff-matrix.md](references/handoff-matrix.md). Each row names the
+primary agent, the secondary agents, the escalation gate, and the mandatory
+`do_not_do` items.
+
+## Conflict-resolution protocol
+When Legal and HR agents disagree, follow this order and stop at the first step
+that is unmet:
+1. Freeze any irreversible action.
+2. Preserve evidence; recommend a litigation hold if discovery risk exists.
+3. State the disagreement precisely — what each agent concluded and why.
+4. Separate legal risk from HR operational risk; do not collapse them.
+5. Identify the accountable human owner.
+6. Escalate to qualified Legal / HR leadership.
+7. Document unresolved assumptions and open questions.
+8. Produce options, not a single conclusion.
+9. Require human approval before any action.
+10. Log the decision path in the audit log.
+
+## References
+- [Overlap handoff matrix](references/handoff-matrix.md) — the 15 scenarios,
+  agent sets, escalation gates, and do-not-do items.
+
+## Security notes
+- Routing is a recommendation, never an authorization. The protocol never
+  approves, denies, or directs an adverse action.
+- A matter is routed on sanitized signals. Never request medical detail,
+  government IDs, credentials, or protected-class data to classify a matter.
+- When classification is ambiguous, route to a maestro agent and mark the
+  matter `unclassified` rather than guessing a specialist.

package/skills/cross-functional/legal-hr-routing-protocol/metadata.json

@@ -0,0 +1,19 @@
+{
+  "id": "legal-hr-routing-protocol",
+  "name": "Legal-HR Routing Protocol",
+  "type": "skill",
+  "provider": "generic",
+  "harnesses": ["codex", "claude-code", "cursor", "gemini", "kiro", "other"],
+  "summary": "Classification and routing discipline for Legal and HR matters — routing rules, the cross-domain overlap handoff matrix, controlled-handoff communication principles, and the Legal-HR conflict-resolution protocol. Does not give legal or HR advice and never makes a binding routing decision.",
+  "source_type": "original",
+  "official_docs": [
+    "https://www.nist.gov/privacy-framework",
+    "https://www.eeoc.gov",
+    "https://eur-lex.europa.eu/eli/reg/2016/679/oj"
+  ],
+  "security_notes": "Routing is a recommendation, never an authorization; never approves, denies, or directs adverse action. Classifies matters from sanitized signals only and never requests medical detail, government IDs, credentials, or protected-class data. Routes ambiguous matters to a maestro rather than guessing a specialist.",
+  "last_verified": "2026-05-18",
+  "path": "skills/cross-functional/legal-hr-routing-protocol",
+  "author": "github: Raishin",
+  "version": "0.1.0"
+}

package/skills/cross-functional/legal-hr-routing-protocol/references/handoff-matrix.md

@@ -0,0 +1,48 @@
+# Legal-HR Overlap Handoff Matrix
+
+Each row is a recurring matter that crosses the Legal/HR boundary. The matter
+moves as a `legal-hr-case-capsule`. The **primary agent** owns synthesis; the
+**secondary agents** run parallel review; the **escalation gate** names the
+human owner the matter must reach.
+
+| # | Scenario | Primary agent | Secondary agents | Escalation gate |
+|---|---|---|---|---|
+| 1 | Termination with potential retaliation risk | hr-termination-readiness-agent | legal-employment-law-risk-agent, hr-employee-relations-agent | Employment counsel sign-off before any action |
+| 2 | Harassment or discrimination complaint | hr-workplace-investigations-agent | legal-employment-law-risk-agent, legal-ethics-investigations-agent | Employment counsel; investigation lead |
+| 3 | Medical leave or accommodation | hr-leave-accommodation-agent | legal-employment-law-risk-agent, legal-privacy-data-protection-agent | Employment counsel; privacy owner |
+| 4 | Workforce reduction or restructuring | hr-workforce-planning-rif-agent | legal-employment-law-risk-agent, legal-public-disclosure-agent (if material) | Employment counsel; disclosure owner if material |
+| 5 | Pay equity or promotion dispute | hr-compensation-equity-agent | legal-employment-law-risk-agent, hr-analytics-people-data-agent | Employment counsel; total-rewards owner |
+| 6 | Vendor handling employee data | legal-vendor-procurement-risk-agent | legal-privacy-data-protection-agent, hr-hris-process-controls-agent | Privacy owner; procurement owner |
+| 7 | Internal whistleblower complaint | legal-ethics-investigations-agent | hr-workplace-investigations-agent, legal-litigation-discovery-hold-agent | Ethics owner; litigation-hold owner |
+| 8 | Executive misconduct | legal-ethics-investigations-agent | hr-employee-relations-agent, legal-policy-governance-agent | Board / audit committee escalation |
+| 9 | HR AI tool adoption | hr-recruiting-selection-agent | hr-analytics-people-data-agent, legal-privacy-data-protection-agent, legal-regulatory-compliance-agent | Privacy owner; compliance owner |
+| 10 | Employee data breach | legal-privacy-data-protection-agent | hr-hris-process-controls-agent, hr-employee-relations-agent, legal-litigation-discovery-hold-agent | Privacy owner; incident commander |
+| 11 | Contractor vs. employee classification | legal-employment-law-risk-agent | hr-benefits-payroll-agent, legal-vendor-procurement-risk-agent | Employment counsel; payroll owner |
+| 12 | Union, labor, or collective-action matter | hr-employee-relations-agent | legal-employment-law-risk-agent, legal-litigation-discovery-hold-agent | Labor counsel |
+| 13 | Employee complaint involving monitoring | hr-employee-relations-agent | hr-analytics-people-data-agent, legal-privacy-data-protection-agent | Privacy owner; ER owner |
+| 14 | Compensation + payroll + protected activity | hr-compensation-equity-agent | hr-benefits-payroll-agent, legal-employment-law-risk-agent | Employment counsel |
+| 15 | Publicly sensitive executive / regulator / media issue | hr-maestro-agent + legal-maestro-agent | legal-public-disclosure-agent, legal-policy-governance-agent | Board / audit; disclosure owner |
+
+## Mandatory do-not-do items (all rows)
+
+Every capsule produced from this matrix includes, at minimum:
+
+- Do not approve, deny, terminate, discipline, settle, or file.
+- Do not notify a regulator or make a public disclosure.
+- Do not send an employee communication.
+- Do not mutate an HR or legal system of record.
+- Do not request or retain personal data beyond the minimum necessary.
+- Do not backdate, retroactively create, or alter documentation.
+
+## Scenario-specific do-not-do additions
+
+- Rows 1, 11, 14: do not characterize the matter as purely performance or
+  policy when protected activity is in the timeline.
+- Rows 2, 7, 8: do not contact the complainant or witnesses outside the
+  investigation plan; do not compromise investigation confidentiality.
+- Rows 3, 6, 9, 10, 13: do not collect or forward medical, special-category, or
+  monitoring data beyond the minimum the matter requires.
+- Row 8: do not resolve at the management layer; board / audit escalation is
+  mandatory.
+- Rows 4, 15: do not communicate externally before the disclosure owner and
+  counsel have reviewed materiality.