Document cleanup proof hardening

nshkrdotcom · nshkrdotcom · commit 66cc7d8daab8 · 2026-05-25T15:34:17.000-10:00
diff --git a/README.md b/README.md
@@ -68,6 +68,9 @@ The current harness covers:
   restart-claim fields
 - GEPA, TRINITY, cost/budget, and adaptive-control prior-fabric proofs
 - fugu single-node readiness handoff for the distributed `nshkr_v2` proof plan
+- cleanup hardening for strict Context ABI hashes, raw-payload rejection,
+  model class-to-profile routing, GEPA optimizer boundaries, authority
+  evidence verification, and proof artifact ledger posture
 - AITrace-backed receipt collection and release-proof mapping
 
 This makes StackLab the answer to "does the stack claim have executable proof?"
diff --git a/docs/gn_ten_proof_matrix.md b/docs/gn_ten_proof_matrix.md
@@ -138,7 +138,10 @@ path, and run GitHub or Linear live commands by prefixing them with
   proof from admitted Context ABI packet through
   `Trinity.MezzanineRouterAdapter`, Mezzanine render handoff, Jido fake model
   invocation, AITrace bounded route/model/eval facts, AppKit projections, and
-  StackLab context/router/coordination/model scanner receipts.
+  StackLab context/router/coordination/model scanner receipts. Automation
+  should precompile `examples/nshkr_router_fabric_roundtrip` before redirecting
+  `--json` output so Mix dependency compilation logs cannot pollute the JSON
+  receipt.
 - `fugu_single_node_readiness_handoff`: records the Phase 16 single-node
   provider-free handoff receipt that unblocks the `../nshkr_v2` distributed
   StackLab checklist. It names Context ABI, router fabric, and Extravaganza
diff --git a/guides/context_abi.md b/guides/context_abi.md
@@ -21,6 +21,11 @@ A green context proof records packet hash, authority ref, render refs, trace
 ref, redaction posture, and no-bypass scanner results. Monolith and distributed
 proofs compare semantic receipt fields, not placement or timing facts.
 
+Scanner fixtures reject malformed packet hashes such as non-hex
+`sha256:...` values and any raw prompt/memory/provider payload leakage. The
+hash evidence is expected to come from owner canonical encoding rather than
+from ad hoc `inspect/1`, JSON, or Erlang term binary output.
+
 ## Local QC
 
 ```bash
