feat: hard-gate agent memory to OpenBrain via PreToolUse hook

Agents consistently ignore written instructions about memory routing
and default to writing local MEMORY.md files regardless of rules in
RUNTIME.md, CLAUDE.md, or MEMORY.md itself. Instructions alone are
insufficient — a technical gate is required.

Changes:
- Add tools/qa/prevent-memory-write.sh — PreToolUse hook that blocks
  Write/Edit/MultiEdit to ~/.claude/projects/*/memory/*.md (exit 2)
- Register hook in runtime/claude/settings.json PreToolUse array
- Update runtime/claude/RUNTIME.md: replace soft "Memory Override"
  note with hard-gate policy, what-goes-where table, and rationale
- Rewrite guides/MEMORY.md: OpenBrain as primary layer, blocked silos
  table, project continuity files, how-the-hook-works section

The correct behavior is now the only possible behavior for Claude Code.
All agent learnings route to OpenBrain where every harness can read them.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

runtime/claude/RUNTIME.md

@@ -46,9 +46,37 @@ Task(subagent_type="Plan", model="opus", prompt="Design the multi-tenant isolati
 | Status/health checks | Test writing | Security/auth logic |
 | Simple one-liner fixes | Standard features | Ambiguous design decisions |
 
-## Memory Override
+## Memory Policy (Hard Gate)
 
-Do NOT write durable memory to `~/.claude/projects/*/memory/`. All durable memory MUST be written to `~/.config/mosaic/memory/` per `~/.config/mosaic/guides/MEMORY.md`. Claude Code's native auto-memory locations are volatile runtime silos and MUST NOT be used for cross-session or cross-agent retention.
+**OpenBrain is the primary cross-agent memory layer.** All agent learnings, gotchas, decisions, and project state MUST be captured to OpenBrain via the `capture` MCP tool or REST API.
+
+`~/.claude/projects/*/memory/MEMORY.md` files are **write-blocked by PreToolUse hook** (`prevent-memory-write.sh`). Any attempt to write agent learnings there will be rejected with an error directing you to OpenBrain.
+
+### What belongs where
+
+| Content | Location |
+|---------|----------|
+| Discoveries, gotchas, decisions, observations | OpenBrain `capture` — searchable by all agents |
+| Active task state | `docs/TASKS.md` or `docs/scratchpads/` |
+| Behavioral guardrails that MUST be in load-path | `MEMORY.md` (read-mostly; write only for genuine behavioral overrides) |
+| Mosaic framework technical notes | `~/.config/mosaic/memory/` |
+
+### Using OpenBrain
+
+At session start, load prior context:
+```
+search("topic or project name")   # semantic search
+recent(limit=5)                    # what's been happening
+```
+
+When you discover something:
+```
+capture("The thing you learned", source="project/context", metadata={"type": "gotcha", ...})
+```
+
+### Why the hook exists
+
+Instructions in RUNTIME.md, CLAUDE.md, and MEMORY.md are insufficient — agents default to writing local MEMORY.md regardless of written rules. The PreToolUse hook is a hard technical gate that makes the correct behavior the only possible behavior.
 
 ## MCP Requirement
 

runtime/claude/settings.json

@@ -1,6 +1,18 @@
 {
   "model": "opus",
   "hooks": {
+    "PreToolUse": [
+      {
+        "matcher": "Write|Edit|MultiEdit",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "~/.config/mosaic/tools/qa/prevent-memory-write.sh",
+            "timeout": 10
+          }
+        ]
+      }
+    ],
     "PostToolUse": [
       {
         "matcher": "Edit|MultiEdit|Write",