Agents consistently ignore written instructions about memory routing
and default to writing local MEMORY.md files regardless of rules in
RUNTIME.md, CLAUDE.md, or MEMORY.md itself. Instructions alone are
insufficient — a technical gate is required.
Changes:
- Add tools/qa/prevent-memory-write.sh — PreToolUse hook that blocks
Write/Edit/MultiEdit to ~/.claude/projects/*/memory/*.md (exit 2)
- Register hook in runtime/claude/settings.json PreToolUse array
- Update runtime/claude/RUNTIME.md: replace soft "Memory Override"
note with hard-gate policy, what-goes-where table, and rationale
- Rewrite guides/MEMORY.md: OpenBrain as primary layer, blocked silos
table, project continuity files, how-the-hook-works section
The correct behavior is now the only possible behavior for Claude Code.
All agent learnings route to OpenBrain where every harness can read them.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
e2e-delivery.md → E2E-DELIVERY.md
orchestrator.md → ORCHESTRATOR.md
ci-cd-pipelines.md → CI-CD-PIPELINES.md
Agents on case-sensitive filesystems couldn't find these guides because
AGENTS.md referenced uppercase names but the files were lowercase.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- zone-list, record-list, record-create, record-update, record-delete
- Named instance support (-a flag) with configurable default
- Zone name-to-ID auto-resolution in shared _lib.sh
- Updated credentials loader with cloudflare/cloudflare-<name> services
- TOOLS.md and INFRASTRUCTURE.md guide documentation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Post-mortem from website agent session that manually built/pushed Docker
images instead of using existing Woodpecker CI pipelines. Root cause:
agent skipped E2E intake because the task "felt simple."
AGENTS.md hard gates 10-12:
- Manual docker build/push FORBIDDEN when CI pipelines exist
- MUST check for pipeline config before any build/deploy action
- Load order and intake are NOT conditional on task complexity
E2E-DELIVERY.md:
- Complexity trap warning on intake section
- Mandatory deployment surface check (step 3) with pipeline discovery
- Expanded forbidden anti-patterns with Build/Deploy section
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
