From 03df1046bca17747369b4a9766bad379470d6145 Mon Sep 17 00:00:00 2001
From: ProtocolWarden <32967198+ProtocolWarden@users.noreply.github.com>
Date: Tue, 16 Jun 2026 01:03:19 -0400
Subject: [PATCH] chore(custodian): opt into CAP1 enforcement

Enforce that the capability this repo owns resolves here (registry via the
existing cross_repo sibling). Part of the capability-plane population follow-up;
PlatformManifest's capability-refs gate adds this repo to its owning set.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
---
 .console/log.md        | 10 ++++++++++
 .custodian/config.yaml |  9 ++++++++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/.console/log.md b/.console/log.md
index 1d111cd..b34dee8 100644
--- a/.console/log.md
+++ b/.console/log.md
@@ -1,5 +1,15 @@
 # Log
 
+## 2026-06-16 — Opt into CAP1 enforcement (context_bootstrap)
+
+Added `audit.capabilities.enforce: true` so Custodian's CAP1 verifies the
+capability OperatorConsole owns (`context_bootstrap` →
+`operator_console.bootstrap.build_resume_prompt`) resolves here. Registry located
+via the existing `cross_repo.platform_manifest_repo` sibling; `capabilities` also
+whitelisted in `plugin_audit_keys` for the lagging-doctor typo-guard. Enforced by
+PlatformManifest's capability-refs gate (OperatorConsole added to its owning set)
++ pre-push.
+
 ## 2026-06-16 — feat: Fleet Capabilities section in startup context (capability plane Phase 1)
 
 First consumer of the capability registry. `build_resume_prompt` now appends a
diff --git a/.custodian/config.yaml b/.custodian/config.yaml
index 8770a97..d16aff0 100644
--- a/.custodian/config.yaml
+++ b/.custodian/config.yaml
@@ -27,14 +27,21 @@ audit:
   # leak fail-closed) now that this repo's .console/ has been reconciled.
   reconcile_enforce: true
 
+  # CAP1 — enforce that capabilities owned by OperatorConsole (context_bootstrap)
+  # resolve here. Registry is located via the existing cross_repo sibling below.
+  capabilities:
+    enforce: true
+
   # The deployed Custodian reconcile detector reads `reconcile_enforce`, but its
   # doctor `--strict` typo-guard allow-list lags one release behind and does not
   # yet list the key — so it emits "unknown audit key 'reconcile_enforce'" and
   # fails CI. Declaring it here via the supported plugin_audit_keys escape hatch
   # whitelists the key for the typo-guard while leaving enforcement fully active.
-  # Can be dropped once the released doctor adds reconcile_enforce to its set.
+  # `capabilities` is whitelisted for the same lagging-doctor reason.
+  # Can be dropped once the released doctor adds these keys to its set.
   plugin_audit_keys:
     - reconcile_enforce
+    - capabilities
 
   cross_repo:
     platform_manifest_repo: ../PlatformManifest