docs: fix guard count drift in CLAUDE.md, README, and workflow

Update security guard references from 9 to 10 (GR-SEC-010 was missing),
code reviewer guards from 13 to 17 (new GR-CORE-LAYERS, GR-CORE-MODULE,
GR-CORE-META, GR-UI-TAXONOMY), and total guard count from 22 to 27.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-04-13 20:50:24 +02:00
parent 98afac24b1
commit 5f156661fd
3 changed files with 10 additions and 10 deletions

View File

@@ -8,7 +8,7 @@ All guard IDs (GR-\*) and gate IDs (QG-\*) from `.agents/checks/` are **binding
- **Full workflow trigger is risk-based** and defined in `.agents/checks/enforcement-policy.json` (`full_workflow_required_when`). Matching changes MUST follow `.agents/workflow.md` (Analyst → Planner → Executor → Reviewers → Finalizer). Read `.agents/README.md` and the relevant role prompt in `.agents/prompts/` before starting.
- **Quick fixes** may skip full workflow only if they match `.agents/checks/enforcement-policy.json` (`quick_fix_allowlist`) and still pass required gates.
- **New modules** MUST conform to `.agents/contracts/module-manifest.schema.json` and pass all 9 security guards (GR-SEC-001 through GR-SEC-009).
- **New modules** MUST conform to `.agents/contracts/module-manifest.schema.json` and pass all 10 security guards (GR-SEC-001 through GR-SEC-010).
Full workflow definition: `.agents/workflow.md` | Guard catalog: `.agents/checks/guard-catalog.json` | Enforcement policy: `.agents/checks/enforcement-policy.json` | Guard enforcement map: `.agents/checks/guard-enforcement-map.json` | Skills: `.agents/skills/`
@@ -192,7 +192,7 @@ docker/ # Dockerfiles, Nginx configs, PHP configs
## Security (non-negotiable)
These rules are enforced by guards GR-SEC-001 through GR-SEC-009 in `.agents/checks/guard-catalog.json`. Any violation is a blocking finding.
These rules are enforced by guards GR-SEC-001 through GR-SEC-010 in `.agents/checks/guard-catalog.json`. Any violation is a blocking finding.
- CSRF token verified on every POST (GR-SEC-001)
- No PII or secrets in logs or audit metadata (GR-SEC-002)