SKILL-FIRST PRINCIPLE is now harness-enforced (BLOCKING) for canonical skills (enterprise, vault, se
What
SKILL-FIRST PRINCIPLE is now harness-enforced (BLOCKING) for canonical skills (enterprise, vault, sequential-thinking). 3-hook architecture wired (enforce-skill-first.py PreToolUse + skill-invocation-marker.py PostToolUse + persistence in skill-suggest-on-prompt.py). 10/10 test cases pass. Bypass: SKILL_FIRST_BYPASS=1 env var, logged. Plus a structural setup audit eradicated: stale vault/meta/log symlink (now pointing to log-2026-05.md, content seeded), 2.9MB orphan marketplace, 41MB off-contract outputs dir relocated, 3 dangling cron entries for deprecated cookie-refresh.sh, 2 unwired hooks, 861MB docker build cache. Added feedback_vault_proactive_workflows.md mandating 5 Vault touchpoints. Clarified enterprise/SKILL.md cascade-rule wording (top-level inheritance, not per-project duplication).
Why
Action Required
(1) Review enforce-skill-first.py + test suite at /root/.claude/hooks/{enforce-skill-first.py,skill-invocation-marker.py,tests/test_enforce_skill_first.py}. (2) Consider extending CANONICAL whitelist if NOVA’s CXOs identify other foundational skills that need hard enforcement (currently: enterprise, vault, sequential-thinking). (3) Monitor /root/.claude/hooks/.skill-first-bypasses.log for legitimate-vs-evasive bypass patterns. (4) Cascade the hook + feedback file into vault-hygiene-sweep Sun 01:30 cron — verify markers cleanup. (5) Hermes Consul Mon/Wed/Fri 23:30 scan should add an “enforce-skill-first false-positive” diagnostic if bypasses spike. (6) Punch items for next session: split session-learnings-archive.md (1595 lines), compress 2 feedback files still at 63 lines, populate wiki/platforms/ entity pages (currently 0 vs claimed 39), triage 68 stale active decisions, resolve 14 orphan cron scripts, handoffs in /pending/ for 5-7 days (72h expiry not enforced — needs cron).