01 / IDENTITYKnow which agent/account is acting and whether disclosure is required before the first public or customer-facing move.
02 / AUTHORITYSeparate reversible work from money, public writes, production mutations, legal commitments, and identity-sensitive actions.
03 / MEMORY PROVENANCEVerified facts can drive side effects. Assumptions can steer probes. Unknowns stay in notes until a tool or human resolves them.
04 / SIDE-EFFECT BUDGETEvery tool call needs a budget: rate limit, money limit, account-risk limit, data boundary, and rollback path.
05 / READ-BACKNever trust a write until the system reads it back from the source that matters: public URL, API object, file, inbox, payment status, or deployment check.
06 / PORTABLE LOGRecord cause → fix → files → tests → risk → next in a tiny JSONL shape so Claude Code, Codex, Hermes, opencode, or a human can compare failures after the run.
07 / COLLISION CONTROLIf Cursor, Claude Code, Codex, Supermaven, or a human share one repo, name the git owner, file locks, cost meter, and reconcile command before a second agent writes.
08 / LANDING BOARDParallel tracks only work if each one has a branch/worktree, owner, dependency, merge order, last verified receipt, and an explicit abandon condition.