chore(custodian): opt into CAP1 enforcement

.console/log.md

@@ -1,5 +1,15 @@
 # Log
 
+## 2026-06-16 — Opt into CAP1 enforcement (context_bootstrap)
+
+Added `audit.capabilities.enforce: true` so Custodian's CAP1 verifies the
+capability OperatorConsole owns (`context_bootstrap` →
+`operator_console.bootstrap.build_resume_prompt`) resolves here. Registry located
+via the existing `cross_repo.platform_manifest_repo` sibling; `capabilities` also
+whitelisted in `plugin_audit_keys` for the lagging-doctor typo-guard. Enforced by
+PlatformManifest's capability-refs gate (OperatorConsole added to its owning set)
++ pre-push.
+
 ## 2026-06-16 — feat: Fleet Capabilities section in startup context (capability plane Phase 1)
 
 First consumer of the capability registry. `build_resume_prompt` now appends a

.custodian/config.yaml

@@ -27,14 +27,21 @@ audit:
   # leak fail-closed) now that this repo's .console/ has been reconciled.
   reconcile_enforce: true
 
+  # CAP1 — enforce that capabilities owned by OperatorConsole (context_bootstrap)
+  # resolve here. Registry is located via the existing cross_repo sibling below.
+  capabilities:
+    enforce: true
+
   # The deployed Custodian reconcile detector reads `reconcile_enforce`, but its
   # doctor `--strict` typo-guard allow-list lags one release behind and does not
   # yet list the key — so it emits "unknown audit key 'reconcile_enforce'" and
   # fails CI. Declaring it here via the supported plugin_audit_keys escape hatch
   # whitelists the key for the typo-guard while leaving enforcement fully active.
-  # Can be dropped once the released doctor adds reconcile_enforce to its set.
+  # `capabilities` is whitelisted for the same lagging-doctor reason.
+  # Can be dropped once the released doctor adds these keys to its set.
   plugin_audit_keys:
     - reconcile_enforce
+    - capabilities
 
   cross_repo:
     platform_manifest_repo: ../PlatformManifest