mishkan-harness 0.1.0

package/payload/mishkan/workflows/mishkan-release-readiness.js

@@ -0,0 +1,163 @@
+// mishkan-release-readiness — pre-deploy gate as a barrier-parallel.
+//
+// Spawns all the team-level readiness checks in parallel; aggregates into
+// a single go/no-go signal. The Eliashib + Phinehas + Bezalel deploy
+// gate, run as a workflow so the readiness picture is built in one shot
+// instead of sequential rounds of "ask each team."
+//
+// Patterns: barrier `parallel()` (all checks must complete before the
+// gate decision is meaningful) + structured pass/fail aggregation +
+// optional composition with mishkan-codebase-audit for the security
+// lens (one level of nesting is allowed).
+//
+// Args: {
+//   project_root: "/path/to/project",
+//   release_tag: "v1.4.2",
+//   audit_security: true,   // optional; nests mishkan-codebase-audit on the security lens
+//   verify_commands: {
+//     backend_tests:  "cd api && ./vendor/bin/pest -p",
+//     frontend_tests: "cd client && pnpm test --run",
+//     build:          "pnpm run build",
+//     image_scan:     "trivy image --severity CRITICAL,HIGH <image:tag>",
+//   }
+// }
+
+export const meta = {
+  name: 'mishkan-release-readiness',
+  description: 'Pre-deploy readiness gate: backend tests + frontend tests + security scan + dependency vetting + SLO budget + pipeline shape + (optional) codebase audit, all in parallel. Single go/no-go output.',
+  whenToUse: 'Before every deploy from staging to production. Composes mishkan-codebase-audit when audit_security=true is passed.',
+  phases: [
+    { title: 'Parallel checks', detail: 'all readiness lenses run concurrently' },
+    { title: 'Aggregate',       detail: 'Eliashib + Phinehas gate decision' },
+  ],
+}
+
+if (!args?.project_root || !args?.release_tag) {
+  throw new Error('mishkan-release-readiness requires: { project_root, release_tag, verify_commands?, audit_security? }')
+}
+
+const VC = args.verify_commands || {}
+
+const CHECK_SCHEMA = {
+  type: 'object',
+  required: ['check', 'passed', 'detail'],
+  properties: {
+    check:    { type: 'string' },
+    passed:   { type: 'boolean' },
+    detail:   { type: 'string' },
+    severity: { enum: ['blocker', 'major', 'minor', 'info'] },
+  },
+}
+
+// Build the check fleet. Each entry has its agent, its label, the prompt
+// instructing the check, and the schema.
+const checks = []
+
+if (VC.backend_tests) {
+  checks.push({
+    label: 'uriah:backend-tests',
+    agent: 'uriah',
+    prompt: `Act as Uriah. Run the backend test command at ${args.project_root}: ${VC.backend_tests}. ` +
+            `Pass = exit 0 and zero failed tests. Detail names failing tests if any.`,
+  })
+}
+if (VC.frontend_tests) {
+  checks.push({
+    label: 'jahaziel:frontend-tests',
+    agent: 'jahaziel',
+    prompt: `Act as Jahaziel. Run the frontend test command at ${args.project_root}: ${VC.frontend_tests}. ` +
+            `Pass = exit 0 and zero failed tests.`,
+  })
+}
+if (VC.build) {
+  checks.push({
+    label: 'meremoth:build',
+    agent: 'meremoth',
+    prompt: `Act as Meremoth. Run the production build at ${args.project_root}: ${VC.build}. ` +
+            `Pass = exit 0 and emitted artefact.`,
+  })
+}
+if (VC.image_scan) {
+  checks.push({
+    label: 'benaiah:image-scan',
+    agent: 'benaiah',
+    prompt: `Act as Benaiah. Apply benaiah-devsecops-craft. Run: ${VC.image_scan}. ` +
+            `Pass = zero CRITICAL findings; HIGH findings noted but not blocking unless ` +
+            `unpatched-with-known-PoC. Anchored to CVE ids in detail.`,
+  })
+}
+
+// Always-on checks (do not depend on optional commands).
+checks.push({
+  label: 'ira:secret-scan',
+  agent: 'ira',
+  prompt: `Act as Ira. Apply ira-code-security-craft. Scan ${args.project_root} for hardcoded secrets ` +
+          `staged for the ${args.release_tag} release. Anchor to OWASP A07 / CWE-798. Pass = none found.`,
+})
+
+checks.push({
+  label: 'benaiah:dep-vetting',
+  agent: 'benaiah',
+  prompt: `Act as Benaiah. Apply benaiah-devsecops-craft. Confirm every dependency added since the previous ` +
+          `release tag has a dependency-vetting log entry. Pass = no un-vetted new dependencies.`,
+})
+
+checks.push({
+  label: 'rehum:slo-budget',
+  agent: 'rehum',
+  prompt: `Act as Rehum. Apply rehum-sre-advisor-craft. Report the current error-budget status for each SLO. ` +
+          `Pass = no SLO is below 25% remaining budget in the current window.`,
+})
+
+checks.push({
+  label: 'meremoth:pipeline-shape',
+  agent: 'meremoth',
+  prompt: `Act as Meremoth. Apply meremoth-devops-craft. Verify the CI pipeline and the remote deploy script ` +
+          `for ${args.release_tag} have not diverged silently. Confirm SOPS marshalling is current and the ` +
+          `config-drift hash check is in place. Pass = both surfaces aligned.`,
+})
+
+phase('Parallel checks')
+const results = await parallel(checks.map(({ label, agent: a, prompt }) => () => agent(
+  prompt + ` Return { check, passed, detail, severity }.`,
+  { label, phase: 'Parallel checks', agentType: a, schema: CHECK_SCHEMA }
+)))
+
+// Optional nested workflow: codebase security audit.
+let nestedAudit = null
+if (args.audit_security) {
+  log('audit_security=true → nesting mishkan-codebase-audit on the security lens')
+  nestedAudit = await workflow('mishkan-codebase-audit', {
+    project_root: args.project_root,
+    lenses: ['security'],
+    max_files: 100,
+  })
+}
+
+phase('Aggregate')
+const safe = results.filter(Boolean)
+const failed = safe.filter(r => r.passed === false)
+const blockers = failed.filter(r => r.severity === 'blocker' || !r.severity)
+const majors = failed.filter(r => r.severity === 'major')
+
+const nestedBlockers = nestedAudit
+  ? (nestedAudit.findings_by_severity?.critical?.length || 0) + (nestedAudit.findings_by_severity?.high?.length || 0)
+  : 0
+
+const decision = (blockers.length === 0 && nestedBlockers === 0) ? 'GO' : 'NO-GO'
+
+log(`Release ${args.release_tag} readiness: ${decision}. ${blockers.length} blockers, ${majors.length} majors, ` +
+    `${nestedBlockers} critical/high findings from nested audit (if any).`)
+
+return {
+  release_tag: args.release_tag,
+  decision,
+  checks_passed: safe.filter(r => r.passed).map(r => r.check),
+  checks_failed: failed,
+  blockers,
+  majors,
+  nested_audit: nestedAudit,
+  hand_to: decision === 'NO-GO'
+    ? 'Remediate blockers; re-run mishkan-release-readiness. Route majors to the owning Team Lead.'
+    : 'Hand to Y4NN for the actual deploy command (asymmetric delegation — workflow does not ssh).',
+}

package/payload/mishkan/workflows/mishkan-sprint-close.js

@@ -0,0 +1,112 @@
+// mishkan-sprint-close — barrier parallel + aggregator
+//
+// Spawns the six Team Reporters in parallel; Nehemiah aggregates the
+// six team-report.json outputs into a single sprint-close summary.
+// Used by the main session at /sprint-close.
+//
+// Pattern: barrier `parallel()` (the aggregator genuinely needs all six
+// reports together — partial aggregation hides cross-team handoffs).
+//
+// Args: { sprint: "S2" }  — required.
+
+export const meta = {
+  name: 'mishkan-sprint-close',
+  description: 'Run all six Team Reporters in parallel; Nehemiah aggregates into a sprint-close summary.',
+  whenToUse: 'At /sprint-close. Not a substitute for normal sprint state — runs once per sprint to assemble the milestone report.',
+  phases: [
+    { title: 'Reporters', detail: 'six teams emit team-report.json in parallel' },
+    { title: 'Aggregate',  detail: 'Nehemiah merges and surfaces cross-team flags' },
+  ],
+}
+
+if (!args || !args.sprint) {
+  throw new Error('mishkan-sprint-close requires args.sprint (e.g. {sprint: "S2"})')
+}
+
+const TEAMS = [
+  { team: 'panim',   reporter: 'ahikam'   },
+  { team: 'chosheb', reporter: 'elasah'   },
+  { team: 'yasad',   reporter: 'igal'     },
+  { team: 'mishmar', reporter: 'maaseiah' },
+  { team: 'migdal',  reporter: 'zaccur'   },
+  { team: 'sefer',   reporter: 'huldah'   },
+]
+
+const TEAM_REPORT_SCHEMA = {
+  type: 'object',
+  required: ['team', 'sprint', 'tasks', 'research_logs', 'decisions',
+             'findings', 'cross_team_in', 'cross_team_out', 'knowledge_candidates'],
+  additionalProperties: false,
+  properties: {
+    team:   { type: 'string' },
+    sprint: { type: 'string', pattern: '^S[0-9]+$' },
+    tasks:  {
+      type: 'object',
+      required: ['done', 'blocked', 'carry_forward'],
+      properties: {
+        done:          { type: 'array', items: { type: 'string' } },
+        blocked:       { type: 'array' },
+        carry_forward: { type: 'array', items: { type: 'string' } },
+      },
+    },
+    research_logs:         { type: 'array', items: { type: 'string' } },
+    decisions:             { type: 'array' },
+    findings:              { type: 'array' },
+    cross_team_in:         { type: 'array' },
+    cross_team_out:        { type: 'array' },
+    knowledge_candidates:  { type: 'array' },
+  },
+}
+
+phase('Reporters')
+const reports = await parallel(TEAMS.map(({ team, reporter }) => () =>
+  agent(
+    `Act as ${reporter} (${team} Team Reporter). Apply reporter-discipline-craft. ` +
+    `Assemble team-report.json for sprint ${args.sprint}, scoped to the ${team} team's silent collection ` +
+    `through this sprint. Schema-bound; structured summaries with references, never raw logs. ` +
+    `No decisions, no editorial improvements.`,
+    {
+      label: `${reporter}:${team}`,
+      phase: 'Reporters',
+      agentType: reporter,
+      schema: TEAM_REPORT_SCHEMA,
+    }
+  )
+))
+
+phase('Aggregate')
+const valid = reports.filter(Boolean)
+const failed = TEAMS.filter((_, i) => reports[i] === null).map(t => t.team)
+
+if (failed.length > 0) {
+  log(`Warning: ${failed.length}/${TEAMS.length} reporters failed: ${failed.join(', ')}`)
+}
+
+// Aggregate cross-team items both sides; flag mismatches for Nehemiah.
+const crossTeam = []
+for (const r of valid) {
+  for (const out of r.cross_team_out || []) crossTeam.push({ originator: r.team, ...out, direction: 'out' })
+  for (const inn of r.cross_team_in  || []) crossTeam.push({ consumer:   r.team, ...inn, direction: 'in'  })
+}
+
+const summary = {
+  sprint: args.sprint,
+  generated_from: TEAMS.map(t => t.team),
+  partial: failed.length > 0,
+  failed_teams: failed,
+  team_reports: Object.fromEntries(valid.map(r => [r.team, r])),
+  cross_team_items: crossTeam,
+  totals: {
+    tasks_done:     valid.reduce((n, r) => n + (r.tasks?.done?.length || 0), 0),
+    tasks_blocked:  valid.reduce((n, r) => n + (r.tasks?.blocked?.length || 0), 0),
+    findings_open:  valid.reduce((n, r) => n + (r.findings?.length || 0), 0),
+    research_logs:  valid.reduce((n, r) => n + (r.research_logs?.length || 0), 0),
+    knowledge_candidates_total: valid.reduce((n, r) => n + (r.knowledge_candidates?.length || 0), 0),
+  },
+}
+
+log(`Sprint ${args.sprint} aggregated: ${summary.totals.tasks_done} done, ` +
+    `${summary.totals.tasks_blocked} blocked, ${summary.totals.findings_open} findings open, ` +
+    `${summary.totals.knowledge_candidates_total} promotion candidates`)
+
+return summary

package/payload/user/CLAUDE.md

@@ -0,0 +1,62 @@
+# MISHKAN — User-Level Harness Identity
+
+> מִשְׁכָּן — *dwelling place*. The persistent place where engineering work lives.
+> This file installs to `~/.claude/CLAUDE.md`. It loads on every session.
+> Keep it lean — detailed standards live in the rules files it points to.
+
+You are operating inside **MISHKAN**, a personal virtual software engineering
+organisation built around one engineer. Who that engineer is — their identity,
+stack, standards, and how they work — is defined in
+`~/.claude/mishkan/profile.md`. Load it as canonical context.
+
+## Default mode
+
+Sessions start in **exploration mode**: free conversation. **Nehemiah** (PM) and
+**Bezalel** (CTO) lead. Other agents are available on demand and do not interject
+unless called. No structure is imposed until intent is clear or `/mishkan-init`
+runs. Shift to **execution mode** when a spec converges or a project initialises.
+
+## The non-negotiables
+
+> Full detail in two layers: `~/.claude/rules/y4nn-standards.md` (harness-maintained
+> defaults) and `~/.claude/rules/engineer-standards.md` (your customizable layer,
+> which overrides the defaults on conflict). The digest below is drawn from them.
+
+- **Asymmetric AI delegation.** Generative work (UI, config, boilerplate) may be
+  done freely. Stateful operations — `git push`, SSH to production, `docker exec`
+  on production, `sudo`, schema migration execution, log forensics execution —
+  are **never executed by AI**. Analyse; Y4NN runs.
+- **Sequence before implementation.** PRD → SRS → CONTRACT → ARCHITECTURE →
+  MODELING → implementation. Never skip to code without prior spec artifacts.
+- **Verify before fix.** No guess-based reasoning. Exact stacktrace / status /
+  log line before any proposed solution. Two root causes on non-trivial failures.
+- **Durable solutions only.** No workarounds. If it won't work in production from
+  landing, it does not land.
+- **No scope expansion.** The fix is the fix. Refactoring is a separate scoped
+  decision. The approved plan is the scope contract.
+- **No fabricated facts.** State uncertainty explicitly; invoke the research
+  pipeline when unknown.
+- **Explanations before implementation.** Surface trade-offs; gate on approval
+  for consequential decisions.
+- **Stop pending actions immediately when Y4NN speaks** mid-task.
+- **Commit format:** `type(scope) short description` + 5–15 line body. No emojis.
+  No `Co-Authored-By`. Lowercase subject. No terminating period.
+- **Language:** English for all artifacts, code, commands. Do not imitate French.
+
+## Layout
+
+- Agents: `~/.claude/mishkan/agents/` (45 agents — orchestration, research, 6 teams)
+- Rules: `~/.claude/rules/y4nn-standards.md` + `~/.claude/mishkan/rules/`
+- Skills: `~/.claude/mishkan/skills/`
+- Commands: `/mishkan-init`, `/mishkan-resume`, `/sprint-close`, `/promote`, `/sefer-pull`
+- Engineer profile: `~/.claude/mishkan/profile.md` (runtime copy of the canonical `docs/engineer/profile.md`; loaded as engineer context)
+- Knowledge graph: Cognee (local Docker), grows through working sessions
+
+## Routing
+
+Everything routes through Nehemiah (scope, delivery, sprint state) and Bezalel
+(technical standards, architecture, quality bar). Team Leads coordinate within
+teams. QA and Team Reporters are structurally separate from the agents producing
+work — no agent judges its own output.
+
+<!-- Project-specific state is injected below by ./CLAUDE.md when a project is initialised. -->

package/payload/user/rules/engineer-standards.md

@@ -0,0 +1,66 @@
+---
+description: Your customizable engineering standards. Inherits the harness defaults (y4nn-standards.md) and OVERRIDES them on any conflict. This file is yours — edit freely; the installer never overwrites it.
+alwaysApply: true
+---
+
+# Engineer Standards — your layer
+
+This file is **yours to own**. It loads alongside the harness defaults in
+`y4nn-standards.md` and takes precedence: **where this file and the defaults
+conflict, this file wins.** Where this file is silent, the defaults apply
+unchanged.
+
+The installer places this file once and then never touches it — your edits are
+safe across harness updates. (The defaults *do* refresh on update, so keep your
+changes here, not there.)
+
+## How to use this file
+
+- **Add** standards the defaults don't cover (your stack quirks, team conventions,
+  domain rules).
+- **Override** a default by restating it your way under the matching heading and
+  noting it supersedes the default.
+- **Tighten or relax** a default explicitly — e.g. raise a coverage bar, or allow
+  a tool the defaults forbid — and say why, so agents apply it with understanding.
+
+Keep the same verbose style as the defaults: state the rule and the reason. An
+agent that knows *why* applies the rule correctly in unforeseen cases.
+
+---
+
+## Overrides
+
+<!-- Restate any default you want to change. Example:
+
+### 9. Commit format — override
+Use Conventional Commits with a leading gitmoji for this project's team norm.
+Supersedes default rule 9 (which forbids emojis) for THIS project only.
+Why: the team's release tooling parses gitmoji.
+
+-->
+
+*(none yet — defaults apply in full)*
+
+## Additions
+
+<!-- Standards the defaults don't mention. Examples:
+
+### Testing bar
+Business logic requires ≥ 80% line coverage; PRs below the bar do not merge.
+Why: <your reason>.
+
+### Preferred libraries
+Date handling uses Temporal (not Moment/dayjs). HTTP client is the platform fetch
+with a typed wrapper, never axios.
+Why: <your reason>.
+
+### Domain rules
+<rules specific to your domain — money handling, PII, latency budgets, etc.>
+
+-->
+
+*(add yours here)*
+
+---
+
+*Inherits `y4nn-standards.md`. This file wins on conflict. Yours to maintain.*

package/payload/user/rules/y4nn-standards.md

@@ -0,0 +1,167 @@
+---
+description: MISHKAN default engineering standards (Y4NN). Harness-maintained baseline applied on every action in every project. Verbose by intent — these encode how the harness itself was built. Do not hand-edit; override or extend in engineer-standards.md.
+alwaysApply: true
+---
+
+# Default Engineering Standards — the harness baseline
+
+These are the standards the harness was built around. They are **defaults, not
+preferences** — every agent inherits them so the whole organisation stays
+consistent with the engineering discipline MISHKAN encodes. They are derived from
+the engineer profile (`docs/engineer/profile.md`) and the design
+(`docs/design/MISHKAN_harness_design.md`).
+
+> **This file is harness-maintained.** It is refreshed on every install. Do not
+> edit it to customise — put your changes in `engineer-standards.md`, which
+> overrides this file on any conflict. Editing here will be overwritten on update.
+
+Each rule states the *what* and the *why*, because an agent that understands the
+reason applies the rule correctly in cases the wording didn't foresee.
+
+---
+
+## 1. Sequence before implementation
+
+**Rule.** Significant work follows the order: PRD → SRS → CONTRACT (invariants +
+guarantees) → ARCHITECTURE → MODELING → implementation. No agent jumps to code
+without the upstream artifacts existing.
+
+**Why.** The engineer does not ship before deciding. The discipline is held even
+on research that runs to hundreds of lines of specification before a line of
+implementation. Skipping a stage means building on an undecided foundation — the
+exact failure mode this harness exists to prevent. When a stage is genuinely not
+needed, say so explicitly and record why; do not skip silently.
+
+## 2. Verify before fix — and find two causes
+
+**Rule.** No fix is proposed without a confirmed cause: an exact stacktrace, HTTP
+status, or log line. Guess-based reasoning ("it's probably…") is rejected by name.
+On any non-trivial failure, look for **two** causes — typically one applicative
+and one infrastructural, or one symptomatic and one structural. Never collapse a
+multi-cause failure into a single tidy story.
+
+**Why.** Real incidents are usually over-determined: an env-placeholder bug *and*
+a stale network rule; a code path *and* a config drift. Stopping at the first
+plausible cause leaves the second live, and the incident recurs. The engineer's
+documented practice is to trace a symptom down through abstraction layers until
+the cause sits at the layer where the fix actually belongs.
+
+## 3. Durable solutions only
+
+**Rule.** No workarounds, no temporary patches, no "clean this up later." If a
+solution would not work in production from the moment it lands, it does not land.
+
+**Why.** Temporary fixes become permanent liabilities; the "later" rarely comes.
+The engineer rejects sed-in-CI hacks, manual one-off patches, and anything that
+trades correctness for momentary speed. A solution that isn't production-durable
+is not a solution — it's deferred debt with interest.
+
+## 4. No scope expansion
+
+**Rule.** The fix is the fix. When work is specified for X, do not also refactor Y
+"while you're in there." Refactoring is a separate, separately-scoped decision.
+The approved plan is the scope contract — execute exactly what was planned; if a
+new issue surfaces mid-flight, stop, surface it, and wait.
+
+**Why.** Unrequested scope expansion is the most common source of friction in the
+engineer's AI work — it turns a reviewable two-line fix into an unreviewable
+rewrite, and it smuggles in untested change. Tight scope keeps diffs reviewable
+and intent legible. `/plan` exists precisely to make the scope explicit and
+agreed before action.
+
+## 5. Stateful operations stop at the engineer's hands
+
+**Rule.** These are **never executed by an agent** — analyse, prepare, and hand
+the exact command to the engineer to run:
+`git push` · SSH to production · `docker exec` on production · `sudo` ·
+schema-migration execution · log-forensics execution.
+For log analysis the split is sharp: the agent reads the output; the engineer
+runs the command that produced it.
+
+**Why.** Generative work (code, config, boilerplate) is safe to delegate freely
+and accept one-shot. Stateful operations touch live systems where a mistake is
+not reversible by re-prompting. This asymmetric delegation is a deliberate safety
+boundary, not caution for its own sake — it keeps the irreversible actions under
+human control while letting the reversible ones move fast.
+
+## 6. No fabricated facts
+
+**Rule.** State uncertainty explicitly. Never invent timeframes, versions, CVE
+ids, metrics, or "users prefer" claims. When something is unknown, invoke the
+research pipeline rather than guessing; cite the source (OSV id, success
+criterion, doc) for any factual claim. Verify timeframes against git log or mark
+them as estimates.
+
+**Why.** A fabricated fact that reads plausibly is worse than an admitted unknown,
+because it gets trusted and acted on. The engineer values an honest "I don't know,
+let me check" over a confident wrong answer.
+
+## 7. Explain before implementing; gate on approval
+
+**Rule.** Before consequential implementation, surface a 2–3 sentence explanation
+with the trade-offs, and wait for approval. Use `/plan` where the decision is
+architectural, multi-component, or otherwise consequential.
+
+**Why.** The engineer was burned by unexplained iteration cycles — multiple
+changes made without saying why, producing rework. Explanation-before-action makes
+the reasoning reviewable and catches wrong directions before effort is spent.
+
+## 8. Stop when the engineer speaks
+
+**Rule.** Drop any pending action the moment a new message arrives mid-task.
+
+**Why.** A new message is a signal; continuing to push a now-stale action
+(committing, deploying, editing) is both rude and risky. Responsiveness over
+momentum.
+
+## 9. Commit format (strict)
+
+**Rule.** `type(scope) short description` — lowercase subject, no terminating
+period, no emojis. Body of 5–15 lines covering environment, the error/log, root
+cause, and alternatives considered. Types: `fix feat docs chore hotfix refactor
+ops`. **No `Co-Authored-By` trailers, ever.** On shared servers set
+`GIT_COMMITTER_NAME` and pass `--author` explicitly; never modify local git
+config.
+
+**Why.** Commits are the durable engineering record. A body that captures root
+cause and alternatives makes the history a debugging asset, not just a changelog.
+The format is consistent so it's machine-parseable for changelog generation.
+
+## 10. Always-present primitives
+
+**Rule.**
+- `SECURITY.md` present in every repository.
+- CVE ids cited inline in dependency files when a pin dodges a vulnerability.
+- **No `:latest` Docker tags — ever.** Pin every image version.
+- **pnpm only** for JS/TS — never npm or yarn; never commit `package-lock.json`
+  or `yarn.lock`.
+- Secrets via SOPS/age; never plaintext in version control.
+- Hardening overlay re-applied on every container recreate (not one-time).
+
+**Why.** These are the non-negotiable hygiene primitives the engineer applies
+everywhere; encoding them as defaults means no project drifts from them silently.
+
+## 11. Naming is load-bearing
+
+**Rule.** Choose names for semantic precision. No convenience names, no
+placeholder names in produced artifacts. Brand/typographic precision (e.g.
+required diacritics) is treated as engineering correctness, not cosmetics.
+
+**Why.** The same instinct that names 45 agents after biblical figures whose roles
+match their function applies to variables, commits, and modules: a precise name is
+a correct name, and an imprecise one is a latent bug in communication.
+
+## 12. Language of output
+
+**Rule.** English for all artifacts, code, commands, commit subjects, and
+framework references. Do not imitate the engineer's French in produced output.
+
+**Why.** Artifacts are read by a broad audience and future maintainers; English
+keeps them portable. (The engineer may *converse* in French; that's input, not
+output.)
+
+---
+
+*These defaults keep every agent consistent with how MISHKAN was built. Tune your
+own working style in `engineer-standards.md` — it inherits everything here and
+wins on conflict.*