@zuzuucodes/cli 1.3.1 → 1.5.0

package/zuzuu/guardrails.mjs

@@ -1,48 +1,96 @@
 // The Guardrails faculty — v1 rule engine (pure; I/O lives in the hook command).
 //
-// Rules are DATA, not code: .zuzuu/guardrails/rules.json, ordered, declarative —
-// a *definition* in the pin-definitions sense (versioned in git, graduates via
-// proposals like every faculty's contents).
+// Rules are DATA, not code: one envelope item per rule under
+// .zuzuu/guardrails/items/<id>.md (the Faculty Standard, W24) — *definitions*
+// in the pin-definitions sense (versioned in git, graduate via proposals like
+// every faculty's contents).
 //
-//   { "version": 1,
-//     "rules": [ { "id": "no-root-wipe", "action": "deny",
-//                  "tool": "Bash",              // exact tool name, or "*"
-//                  "pattern": "rm\\s+-rf\\s+/", // regex over the tool INPUT (stringified)
-//                  "reason": "destructive root delete" } ] }
+//   ---
+//   id: no-root-wipe
+//   faculty: guardrails
+//   kind: rule
+//   title: …
+//   payload:
+//     action: deny              # deny | ask | allow
+//     tool: Bash                # exact tool name, or "*"
+//     pattern: "rm\\s+-rf\\s+/" # regex over the tool INPUT (stringified)
+//     reason: destructive root delete
+//   ---
+//   (optional rationale prose)
 //
 // Evaluation: collect every matching rule, then severity wins — deny > ask >
 // allow (an explicit allow can whitelist past a later ask/deny only if it is
 // NOT outweighed; severity beats file order so a sloppy rule ordering can never
 // silently disarm a deny).
 //
-// FAIL-OPEN: any malformed rule/file yields { ok:false } and no decision — the
-// host proceeds through its normal permission flow. A guardrail bug must never
-// brick the agent; misses are logged, not fatal.
+// FAIL-OPEN, per item: a malformed rule file is SKIPPED (and counted in
+// `skipped`), never a crash and never a block — the other rules still apply.
+// The gate runs per tool call, so loads are cached on the items dir's stat
+// signature (names+mtimes+sizes): re-parse only when something changed. No
+// derived file — the item files stay the single source of truth.
 
-import { readFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { readFileSync, readdirSync, statSync } from 'node:fs';
+import { parseEnvelope } from './faculty/envelope.mjs';
 
 const SEVERITY = { deny: 3, ask: 2, allow: 1 };
 const ACTIONS = new Set(Object.keys(SEVERITY));
 
-/** Parse + validate a rules file. Fail-open: returns ok:false on any problem. */
-export function loadRules(path) {
+// dir → { sig, result } — tiny in-memory cache (per process; the spawned gate
+// pays one cold load, long-lived processes like `zuzuu web` skip re-parses).
+const cache = new Map();
+
+/** Compile one parsed envelope item into a rule, or null if malformed. */
+function compileRule(item) {
+  const p = item?.payload ?? {};
+  if (!item?.id || !ACTIONS.has(p.action) || typeof p.pattern !== 'string' || !p.pattern) return null;
+  try {
+    return { id: String(item.id), action: p.action, tool: p.tool || '*', re: new RegExp(p.pattern, 'i'), reason: String(p.reason ?? '') };
+  } catch {
+    return null; // uncompilable pattern → skip this rule only
+  }
+}
+
+/**
+ * Load the rules from a guardrails faculty dir (…/guardrails) by composing the
+ * envelope items under its items/ subdir. FAIL-OPEN: a missing dir is zero
+ * rules; a malformed item is skipped + counted, never a crash.
+ * @param {string} guardrailsDir  the faculty dir (e.g. <home>/guardrails)
+ * @returns {{ok: boolean, rules: Array, skipped: Array<{file: string, error: string}>}}
+ */
+export function loadRules(guardrailsDir) {
   try {
-    const data = JSON.parse(readFileSync(path, 'utf8'));
-    if (!Array.isArray(data.rules)) return { ok: false, rules: [], error: 'rules is not an array' };
+    const dir = join(guardrailsDir, 'items');
+    let names;
+    try {
+      names = readdirSync(dir).filter((f) => f.endsWith('.md')).sort();
+    } catch {
+      return { ok: true, rules: [], skipped: [] }; // no items dir → no rules (normal flow)
+    }
+    let sig = null;
+    try {
+      sig = names.map((n) => { const s = statSync(join(dir, n)); return `${n}:${s.mtimeMs}:${s.size}`; }).join('|');
+      const hit = cache.get(dir);
+      if (hit && hit.sig === sig) return hit.result;
+    } catch { sig = null; /* stat race → just load uncached */ }
+
     const rules = [];
-    for (const r of data.rules) {
-      if (!r || typeof r !== 'object' || !ACTIONS.has(r.action) || typeof r.pattern !== 'string') {
-        return { ok: false, rules: [], error: `malformed rule: ${JSON.stringify(r).slice(0, 80)}` };
-      }
+    const skipped = [];
+    for (const f of names) {
       try {
-        rules.push({ id: String(r.id ?? `rule-${rules.length}`), action: r.action, tool: r.tool || '*', re: new RegExp(r.pattern, 'i'), reason: String(r.reason ?? '') });
+        const { ok, item, errors } = parseEnvelope(readFileSync(join(dir, f), 'utf8'));
+        const rule = ok ? compileRule(item) : null;
+        if (rule) rules.push(rule);
+        else skipped.push({ file: f, error: ok ? 'malformed rule payload' : (errors[0] ?? 'parse error') });
       } catch (e) {
-        return { ok: false, rules: [], error: `bad pattern in ${r.id}: ${e.message}` };
+        skipped.push({ file: f, error: e.message });
       }
     }
-    return { ok: true, rules };
+    const result = { ok: true, rules, skipped };
+    if (sig != null) cache.set(dir, { sig, result });
+    return result;
   } catch (e) {
-    return { ok: false, rules: [], error: e.message };
+    return { ok: false, rules: [], skipped: [], error: e.message }; // engine trouble → fail open
   }
 }
 

package/zuzuu/instructions/adapter.mjs

@@ -1,30 +1,26 @@
 // zuzuu/instructions/adapter.mjs
-// The Instructions faculty adapter (WS2-T4). Wraps steering-amendment proposals
+// The Instructions faculty adapter. Wraps steering-amendment proposals
 // behind the faculty-spine adapter contract — { name, ingest, validate, apply,
 // render } — so `zuzuu review` can surface and approve them uniformly.
 //
 // An instructions proposal payload is a steering amendment:
-//   { text }  — a line or paragraph to append to project.md
+//   { id?, text }  — a line or paragraph of steering
 //
-// apply: appends the text as a line to .zuzuu/instructions/project.md (creates
-//        the file if absent; never duplicates an already-present line).
+// apply: writes the amendment as a Faculty Standard envelope item under
+//        .zuzuu/instructions/items/<id>.md (kind: amendment; body = the text).
+//        The pinned steering itself lives at items/steering.md; future
+//        amendments are MORE items, never edits to steering. Idempotent: a
+//        text already present in any instructions item is not duplicated.
 //
 // Registers itself on import.
 
-import { join } from 'node:path';
-import { existsSync, readFileSync, writeFileSync, mkdirSync } from 'node:fs';
 import * as registry from '../faculty/registry.mjs';
+import { listFacultyItems, writeFacultyItem } from '../faculty/items.mjs';
+import { deriveTitle } from '../faculty/envelope.mjs';
+import { slugify } from '../knowledge/items.mjs';
 
 const name = 'instructions';
 
-// ---------------------------------------------------------------------------
-// helpers
-// ---------------------------------------------------------------------------
-
-function projectMdPath(agentDir) {
-  return join(agentDir, 'instructions', 'project.md');
-}
-
 // ---------------------------------------------------------------------------
 // adapter contract
 // ---------------------------------------------------------------------------
@@ -50,29 +46,33 @@ function validate(_agentDir, payload) {
 }
 
 /**
- * Apply an approved amendment: append text to project.md (idempotent on
- * identical lines — won't duplicate a line already present).
+ * Apply an approved amendment: write an amendment item (idempotent on
+ * identical text — won't duplicate steering already present in any item).
  * @returns {{ok:boolean, action:string, itemIds:string[]}}
  */
 function apply(agentDir, proposal) {
-  const text = proposal?.payload?.text ?? '';
-
-  // Ensure the instructions dir exists
-  mkdirSync(join(agentDir, 'instructions'), { recursive: true });
+  const text = String(proposal?.payload?.text ?? '').trim();
 
-  const path = projectMdPath(agentDir);
-  const existing = existsSync(path) ? readFileSync(path, 'utf8') : '';
-
-  // Idempotence: skip if the exact text is already present
-  if (existing.includes(text)) {
+  // Idempotence: skip if the exact text already lives in an instructions item
+  const { items } = listFacultyItems(agentDir, 'instructions');
+  if (items.some((i) => String(i.body ?? '').includes(text))) {
     return { ok: true, action: 'amended instructions (already present)', itemIds: [] };
   }
 
-  // Append (with trailing newline)
-  const separator = existing && !existing.endsWith('\n') ? '\n' : '';
-  writeFileSync(path, existing + separator + text + '\n');
-
-  return { ok: true, action: 'amended instructions', itemIds: [] };
+  const id = proposal?.payload?.id || slugify(text, 50);
+  writeFacultyItem(agentDir, {
+    id,
+    faculty: name,
+    kind: 'amendment',
+    title: deriveTitle(text, id),
+    status: 'active',
+    created_at: new Date().toISOString().replace(/\.\d+Z$/, 'Z'),
+    provenance: Array.isArray(proposal?.provenance) ? proposal.provenance : [],
+    payload: { scope: 'project' },
+    body: text,
+  });
+
+  return { ok: true, action: 'amended instructions', itemIds: [id] };
 }
 
 /**

package/zuzuu/knowledge/items.mjs

@@ -1,31 +1,35 @@
-// Knowledge items — files as truth. One item per markdown file under
-// .zuzuu/knowledge/items/<id>.md: a constrained-YAML frontmatter (we control both
-// writer and reader; grammar below) + a prose body (the fact in your voice).
+// Knowledge items — files as truth, in the Faculty Standard envelope (W24).
+// One item per markdown file under .zuzuu/knowledge/items/<id>.md:
 //
 //   ---
 //   id: test-command
-//   type: command
-//   created_at: 2026-06-10T12:00:00Z
+//   faculty: knowledge
+//   kind: command
+//   title: The test command
 //   status: active
-//   attributes:
-//     command: npm test
-//   relations:
-//     - type: relates-to
-//       target: ci-pipeline
-//       commentary: optional
+//   created_at: 2026-06-10T12:00:00Z
 //   provenance:
 //     - session: ses_abc
 //       ref: occurrences=12
+//   payload:
+//     type: command
+//     attributes:
+//       command: npm test
+//     relations:
+//       - type: relates-to
+//         target: ci-pipeline
 //   ---
 //   Body prose.
 //
-// Grammar (deliberately small): top-level scalar keys; ONE nested map
-// (`attributes`); arrays of flat maps (`relations`, `provenance`). Values are
-// single-line strings (quotes optional). Anything outside this grammar is a
-// parse error — git-diffable simplicity beats YAML completeness here.
+// This module is a thin wrapper over faculty/envelope.mjs: the ON-DISK format
+// is the envelope; the IN-MEMORY item shape stays the historical knowledge one
+// ({id, type, created_at, status, attributes, relations, provenance, body}) so
+// the registry/ER/index/digest pipeline is untouched. Ids are unchanged by the
+// standard — only frontmatter keys moved (type/attributes/relations → payload).
 
 import { join } from 'node:path';
 import { existsSync, readFileSync, writeFileSync, readdirSync, mkdirSync } from 'node:fs';
+import { parseEnvelope, serializeEnvelope, deriveTitle } from '../faculty/envelope.mjs';
 
 export const itemsDir = (agentDir) => join(agentDir, 'knowledge', 'items');
 
@@ -38,88 +42,49 @@ export function slugify(text, max = 60) {
     .replace(/-+$/, '') || 'item';
 }
 
-const unquote = (s) => {
-  const t = s.trim();
-  return (t.startsWith('"') && t.endsWith('"')) || (t.startsWith("'") && t.endsWith("'")) ? t.slice(1, -1) : t;
-};
-const quoteIfNeeded = (s) => {
-  const t = String(s);
-  if (t.includes('\n')) throw new Error('item values must be single-line');
-  return /[:#'"\[\]{}]|^\s|\s$/.test(t) ? JSON.stringify(t) : t;
-};
-
-/** Parse an item file's text → item object. Throws on grammar violations. */
+/**
+ * Parse an item file's text → the in-memory knowledge item. Throws on grammar
+ * violations (callers catch — allItems collects, inbox falls back to prose).
+ */
 export function parseItem(text) {
-  const m = text.match(/^---\n([\s\S]*?)\n---\n?([\s\S]*)$/);
-  if (!m) throw new Error('no frontmatter block');
-  const [, fm, body] = m;
-  const item = { attributes: {}, relations: [], provenance: [], body: body.trim() };
-  let section = null; // 'attributes' | 'relations' | 'provenance'
-  let current = null; // current array entry
-  for (const raw of fm.split('\n')) {
-    if (!raw.trim()) continue;
-    const indent = raw.match(/^ */)[0].length;
-    const line = raw.trim();
-    if (indent === 0) {
-      current = null;
-      const kv = line.match(/^([A-Za-z_][\w-]*):\s*(.*)$/);
-      if (!kv) throw new Error(`bad line: ${line}`);
-      const [, key, val] = kv;
-      if (['attributes', 'relations', 'provenance'].includes(key)) {
-        section = key;
-        if (val) throw new Error(`${key} must be a block`);
-      } else {
-        section = null;
-        item[key] = unquote(val);
-      }
-    } else if (section === 'attributes') {
-      const kv = line.match(/^([A-Za-z_][\w-]*):\s*(.*)$/);
-      if (!kv) throw new Error(`bad attribute line: ${line}`);
-      item.attributes[kv[1]] = unquote(kv[2]);
-    } else if (section === 'relations' || section === 'provenance') {
-      if (line.startsWith('- ')) {
-        current = {};
-        item[section].push(current);
-        const kv = line.slice(2).match(/^([A-Za-z_][\w-]*):\s*(.*)$/);
-        if (!kv) throw new Error(`bad ${section} entry: ${line}`);
-        current[kv[1]] = unquote(kv[2]);
-      } else {
-        if (!current) throw new Error(`${section} entry continuation without "-": ${line}`);
-        const kv = line.match(/^([A-Za-z_][\w-]*):\s*(.*)$/);
-        if (!kv) throw new Error(`bad ${section} line: ${line}`);
-        current[kv[1]] = unquote(kv[2]);
-      }
-    } else {
-      throw new Error(`unexpected indented line: ${line}`);
-    }
-  }
-  if (!item.id) throw new Error('item missing id');
+  const { ok, item: env, errors } = parseEnvelope(text);
+  if (!ok) throw new Error(errors[0] ?? 'invalid envelope');
+  if (env.faculty !== 'knowledge') throw new Error(`not a knowledge item (faculty: ${env.faculty})`);
+  const p = env.payload ?? {};
+  const item = {
+    attributes: p.attributes ?? {},
+    relations: p.relations ?? [],
+    provenance: env.provenance ?? [],
+    body: env.body,
+  };
+  item.id = env.id;
+  item.type = p.type ?? env.kind;
+  if (env.created_at != null) item.created_at = env.created_at;
+  if (env.updated_at != null) item.updated_at = env.updated_at;
+  if (env.status != null) item.status = env.status;
   if (!item.type) throw new Error('item missing type');
   return item;
 }
 
-/** Serialize an item object → file text (the exact grammar parseItem reads). */
+/** Serialize an in-memory knowledge item → envelope file text. */
 export function serializeItem(item) {
-  const lines = ['---'];
-  for (const key of ['id', 'type', 'created_at', 'status']) {
-    if (item[key] != null) lines.push(`${key}: ${quoteIfNeeded(item[key])}`);
-  }
-  const attrs = Object.entries(item.attributes ?? {});
-  if (attrs.length) {
-    lines.push('attributes:');
-    for (const [k, v] of attrs) lines.push(`  ${k}: ${quoteIfNeeded(v)}`);
-  }
-  for (const section of ['relations', 'provenance']) {
-    const arr = item[section] ?? [];
-    if (!arr.length) continue;
-    lines.push(`${section}:`);
-    for (const entry of arr) {
-      const keys = Object.keys(entry);
-      keys.forEach((k, i) => lines.push(`  ${i === 0 ? '- ' : '  '}${k}: ${quoteIfNeeded(entry[k])}`));
-    }
-  }
-  lines.push('---', '');
-  return lines.join('\n') + (item.body ? item.body.trim() + '\n' : '');
+  if (!item.id) throw new Error('item missing id');
+  if (!item.type) throw new Error('item missing type');
+  const payload = { type: item.type };
+  if (Object.keys(item.attributes ?? {}).length) payload.attributes = item.attributes;
+  if ((item.relations ?? []).length) payload.relations = item.relations;
+  return serializeEnvelope({
+    id: item.id,
+    faculty: 'knowledge',
+    kind: item.type,
+    title: item.title ?? deriveTitle(item.body, item.id),
+    status: item.status,
+    created_at: item.created_at,
+    updated_at: item.updated_at,
+    provenance: item.provenance ?? [],
+    payload,
+    body: item.body,
+  });
 }
 
 /** Write an item to its canonical file. Returns the path. */

package/zuzuu/live/install.mjs

@@ -13,7 +13,7 @@ const DENY_RULES = ['Read(./.zuzuu/.traces/**)', 'Read(./.zuzuu/.live/**)'];
 
 // Minimal hook set: lifecycle (Design B re-captures the transcript — no
 // PostToolUse needed) + the PreToolUse Guardrails GATE (the one place we *do*
-// sit on the hot path: it evaluates .zuzuu/guardrails/rules.json per tool call,
+// sit on the hot path: it evaluates the .zuzuu/guardrails/items/ rules per tool call,
 // fails open, and stays silent unless a rule matches).
 export const LIFECYCLE_EVENTS = ['SessionStart', 'Stop', 'SessionEnd'];
 export const GATE_EVENTS = ['PreToolUse'];

package/zuzuu/memory/adapter.mjs

@@ -1,58 +1,26 @@
 // zuzuu/memory/adapter.mjs
-// The Memory faculty adapter (WS2-T4). Wraps episode proposals behind the
+// The Memory faculty adapter. Wraps episode proposals behind the
 // faculty-spine adapter contract — { name, ingest, validate, apply, render } —
 // so `zuzuu review` can surface and approve memory entries uniformly.
 //
-// A memory proposal payload is an episode record matching the WS1 Memory schema:
-//   { id, date, title, provenance, body }
+// A memory proposal payload is an episode record:
+//   { id, date, title, provenance: {sessions, hosts}, tags, body }
 //   id format: mem-<YYYY-MM-DD>-<slug>
 //
-// apply: writes .zuzuu/memory/entries/<id>.md with YAML frontmatter (status: curated)
-//        and the body sections (Attempted / Resulted / Remember next time).
+// apply: writes .zuzuu/memory/entries/<id>.md as a Faculty Standard envelope
+//        (kind: episode; payload = {sessions, hosts, tags}; body = the
+//        Attempted / Resulted / Remember-next-time sections).
 //
 // Registers itself on import.
 
-import { join } from 'node:path';
-import { writeFileSync, mkdirSync } from 'node:fs';
 import * as registry from '../faculty/registry.mjs';
+import { writeFacultyItem } from '../faculty/items.mjs';
 
 const name = 'memory';
 
 // mem-<YYYY-MM-DD>-<slug>: the id must START with "mem-"
 const MEM_ID_RE = /^mem-/;
 
-// ---------------------------------------------------------------------------
-// helpers
-// ---------------------------------------------------------------------------
-
-function entriesDir(agentDir) {
-  return join(agentDir, 'memory', 'entries');
-}
-
-function entryPath(agentDir, id) {
-  return join(entriesDir(agentDir), `${id}.md`);
-}
-
-/** Render YAML frontmatter block from the payload fields. */
-function renderFrontmatter(payload) {
-  const lines = ['---'];
-  lines.push(`id: ${payload.id}`);
-  if (payload.date) lines.push(`date: ${payload.date}`);
-  if (payload.title) lines.push(`title: ${payload.title}`);
-  if (payload.provenance) {
-    lines.push('provenance:');
-    const p = payload.provenance;
-    if (Array.isArray(p.sessions)) lines.push(`  sessions: [${p.sessions.join(', ')}]`);
-    if (Array.isArray(p.hosts)) lines.push(`  hosts: [${p.hosts.join(', ')}]`);
-  }
-  if (Array.isArray(payload.tags) && payload.tags.length) {
-    lines.push(`tags: [${payload.tags.join(', ')}]`);
-  }
-  lines.push('status: curated');
-  lines.push('---');
-  return lines.join('\n');
-}
-
 // ---------------------------------------------------------------------------
 // adapter contract
 // ---------------------------------------------------------------------------
@@ -83,22 +51,29 @@ function validate(_agentDir, payload) {
 }
 
 /**
- * Apply an approved episode proposal: write the entry Markdown file.
+ * Apply an approved episode proposal: write the envelope entry file.
  * @returns {{ok:boolean, action:string, itemIds:string[]}}
  */
 function apply(agentDir, proposal) {
-  const payload = proposal?.payload ?? {};
-  const id = payload.id;
-
-  mkdirSync(entriesDir(agentDir), { recursive: true });
-
-  const frontmatter = renderFrontmatter(payload);
-  const body = payload.body ?? '';
-  const content = frontmatter + '\n' + body + (body.endsWith('\n') ? '' : '\n');
-
-  writeFileSync(entryPath(agentDir, id), content);
-
-  return { ok: true, action: `wrote memory ${id}`, itemIds: [id] };
+  const p = proposal?.payload ?? {};
+  const envPayload = {};
+  if (Array.isArray(p.provenance?.sessions) && p.provenance.sessions.length) envPayload.sessions = p.provenance.sessions.map(String);
+  if (Array.isArray(p.provenance?.hosts) && p.provenance.hosts.length) envPayload.hosts = p.provenance.hosts.map(String);
+  if (Array.isArray(p.tags) && p.tags.length) envPayload.tags = p.tags.map(String);
+
+  writeFacultyItem(agentDir, {
+    id: p.id,
+    faculty: name,
+    kind: 'episode',
+    title: p.title,
+    status: 'active',
+    created_at: p.date || new Date().toISOString().replace(/\.\d+Z$/, 'Z'),
+    provenance: Array.isArray(proposal?.provenance) ? proposal.provenance : [],
+    payload: envPayload,
+    body: p.body ?? '',
+  });
+
+  return { ok: true, action: `wrote memory ${p.id}`, itemIds: [p.id] };
 }
 
 /**

package/zuzuu/miners/actions.mjs

@@ -9,6 +9,7 @@ import { join } from 'node:path';
 import { existsSync, mkdirSync, writeFileSync } from 'node:fs';
 import { slugify } from '../knowledge/items.mjs';
 import { isSafeSlug, actionsDir, inboxDir } from '../actions/manifest.mjs';
+import { serializeEnvelope } from '../faculty/envelope.mjs';
 import { register } from './registry.mjs';
 
 // Must match the constant in knowledge/distill.mjs (adjacent Bash separator).
@@ -86,27 +87,20 @@ export function propose(agentDir, aggregated) {
 
     mkdirSync(inboxSlug, { recursive: true });
 
-    // action.json — minimal manifest (no run.mjs; this is a runbook action).
-    const manifest = {
-      slug,
-      title,
-      description: `Recurring command sequence detected from session traces: ${steps.join(' → ')}.`,
-      promptSnippet,
-    };
-    writeFileSync(join(inboxSlug, 'action.json'), JSON.stringify(manifest, null, 2) + '\n');
-
-    // SKILL.md — numbered runbook steps.
+    // ACTION.md — a runbook envelope (no run.mjs; the body IS the procedure).
+    // The body's first line is the digest one-liner (promptSnippet).
     const stepsBlock = steps.map((cmd, i) => `${i + 1}. \`${cmd}\``).join('\n');
-    const skillMd = `---
-name: ${title}
-description: ${manifest.description}
----
-
-## Steps
-
-${stepsBlock}
-`;
-    writeFileSync(join(inboxSlug, 'SKILL.md'), skillMd);
+    writeFileSync(join(inboxSlug, 'ACTION.md'), serializeEnvelope({
+      id: slug,
+      faculty: 'actions',
+      kind: 'runbook',
+      title,
+      status: 'active',
+      created_at: new Date().toISOString().replace(/\.\d+Z$/, 'Z'),
+      provenance: [],
+      payload: {},
+      body: `${promptSnippet}\n\nRecurring command sequence detected from session traces.\n\n## Steps\n\n${stepsBlock}`,
+    }));
 
     count++;
   }

package/zuzuu/miners/guardrails.mjs

@@ -16,9 +16,9 @@
 // Self-registers on import.
 
 import { join } from 'node:path';
-import { existsSync, readFileSync } from 'node:fs';
 import { slugify } from '../knowledge/items.mjs';
 import { makeProposal, writeProposal, listProposals, isArchivedResolved } from '../faculty/proposal.mjs';
+import { loadRules as loadRuleItems } from '../guardrails.mjs';
 import { register } from './registry.mjs';
 
 // ---------------------------------------------------------------------------
@@ -48,14 +48,12 @@ function guardId(cmd) {
   return 'guard-' + slugify(cmd, 50);
 }
 
-/** Load rules.json; returns { version, rules:[] } if absent/unreadable. */
-function loadRules(agentDir) {
-  const path = join(agentDir, 'guardrails', 'rules.json');
-  if (!existsSync(path)) return { version: 1, rules: [] };
+/** Ids of live rule items (guardrails/items/*.md); absent/unreadable → none. */
+function liveRuleIds(agentDir) {
   try {
-    return JSON.parse(readFileSync(path, 'utf8'));
+    return new Set(loadRuleItems(join(agentDir, 'guardrails')).rules.map((r) => r.id));
   } catch {
-    return { version: 1, rules: [] };
+    return new Set();
   }
 }
 
@@ -126,7 +124,7 @@ export function aggregate(sessions, { minFailures = 3, minSessions = 2 } = {}) {
  * Write a guardrails proposal into .zuzuu/guardrails/proposals/ for each candidate.
  * Idempotent:
  *   - skips if a guardrails proposal with the same payload.id already exists
- *   - skips if rules.json already has a rule with that id
+ *   - skips if a live rule item (guardrails/items/<id>.md) already exists
  *   - skips if the id is already resolved in proposals/archive/ — a rejection
  *     is remembered; re-distilling never resurrects it
  *
@@ -141,9 +139,8 @@ export function propose(agentDir, aggregated) {
   const existing = listProposals(agentDir, 'guardrails');
   const existingIds = new Set(existing.map((p) => p.payload?.id).filter(Boolean));
 
-  // Load existing rules (ids already applied).
-  const rulesData = loadRules(agentDir);
-  const rulesIds = new Set((rulesData.rules ?? []).map((r) => r.id).filter(Boolean));
+  // Live rule items (ids already applied).
+  const rulesIds = liveRuleIds(agentDir);
 
   let count = 0;
   for (const c of aggregated) {