HawkinsOperations · raylee-hawkins · Jun 1, 2026 · Jun 1, 2026 · Jun 1, 2026
@@ -66,6 +66,10 @@ List checks run, checks not run, and any required status checks.
 
 Green CI/status checks are not merge authority.
 
+For command-center, reviewer-route, governance, or proof-boundary changes, run:
+
+`python scripts/verify-command-center-invariants.py`
+
 ## Security / Privacy
 
 State whether private-term, public-safety, secret, hostname, LAN IP, raw-log, screenshot, CSV export, or local evidence-path risk was reviewed.
@@ -96,6 +100,7 @@ This PR must not promote runtime-active, signal-observed, evidence-linked public
 - [ ] No unrelated dirty state included
 - [ ] Claim boundary included
 - [ ] Testing/validation listed
+- [ ] Command-center invariant check run or explicitly not applicable
 - [ ] Private-term/public-safety review completed or explicitly not run
 - [ ] No runtime/signal/public-safe overclaim added
 - [ ] Required session log appended if this was meaningful work

@@ -0,0 +1,38 @@
+name: command-center-invariants
+
+on:
+  pull_request:
+    paths:
+      - "README.md"
+      - "profile/**"
+      - "architecture/**"
+      - "governance/**"
+      - "wiki/**"
+      - ".github/pull_request_template.md"
+      - ".github/workflows/command-center-invariants.yml"
+      - "scripts/verify-command-center-invariants.py"
+  push:
+    branches:
+      - main
+    paths:
+      - "README.md"
+      - "profile/**"
+      - "architecture/**"
+      - "governance/**"
+      - "wiki/**"
+      - ".github/pull_request_template.md"
+      - ".github/workflows/command-center-invariants.yml"
+      - "scripts/verify-command-center-invariants.py"
+
+permissions:
+  contents: read
+
+jobs:
+  command-center-invariants:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Verify command-center invariants
+        run: python scripts/verify-command-center-invariants.py
@@ -4,18 +4,27 @@ This repository is the HawkinsOperations GitHub organization command center. It
 
 The public organization overview is controlled by [profile/README.md](profile/README.md). This repo is a front door, not a proof source: GitHub rendering is not proof.
 
+## Fast Reviewer Path
+
+| Time | Start | What to confirm |
+|---:|---|---|
+| 30 sec | [profile/START_HERE.md](profile/START_HERE.md) | What HawkinsOperations is, which repo owns truth, and what remains blocked. |
+| 3 min | [profile/README.md](profile/README.md) -> [Control Status Matrix](governance/CONTROL_STATUS_MATRIX.md) | Command-center route, proof ceiling, ledger count boundary, and standing controls. |
+| 10 min | [Reproducible Reviewer Path](architecture/REPRODUCIBLE_REVIEWER_PATH.md) | Clone-runnable source/validation/proof inspection without private runtime access. |
+
 ## Command Center Routes
 
 | Need | Route | Boundary |
 |---|---|---|
-| Org front door | [profile/README.md](profile/README.md) | Reviewer routing only; does not create proof. |
 | First reviewer path | [profile/START_HERE.md](profile/START_HERE.md) | Click path for review/demo; does not promote claims. |
+| Org front door | [profile/README.md](profile/README.md) | Reviewer routing only; does not create proof. |
 | Six-repo architecture | [architecture/REPO_AUTHORITY_MAP.md](architecture/REPO_AUTHORITY_MAP.md) | Repo ownership map; source does not prove runtime. |
 | Proof chain | [architecture/REPRODUCIBLE_REVIEWER_PATH.md](architecture/REPRODUCIBLE_REVIEWER_PATH.md) | Clone-runnable inspection path; no private runtime access. |
 | Truth/control status | [governance/CONTROL_STATUS_MATRIX.md](governance/CONTROL_STATUS_MATRIX.md) | Current wording and blockers; soft unless enforced. |
-| Standing control registers | [governance/ISSUE_FACTORY_CONTROL_RECEIPTS.md](governance/ISSUE_FACTORY_CONTROL_RECEIPTS.md) | Maintained blocked-claims register for #10, enforcement/control-class ledger for #8, and receipt-backed issue closeout; governance classification only. |
+| Standing control registers | [governance/ISSUE_FACTORY_CONTROL_RECEIPTS.md](governance/ISSUE_FACTORY_CONTROL_RECEIPTS.md) | #8 and #10 remain open standing controls unless Raylee approves a replacement standing-control role; governance classification only. |
+| Command-center invariants | [governance/COMMAND_CENTER_INVARIANTS.json](governance/COMMAND_CENTER_INVARIANTS.json) and [scripts/verify-command-center-invariants.py](scripts/verify-command-center-invariants.py) | Verifier control for route and claim-boundary invariants; does not promote proof. |
 | Visual system map | [wiki/11_ORG_SYSTEM_MAP.md](wiki/11_ORG_SYSTEM_MAP.md) | Docs-as-code map; routing is not proof. |
-| Project cockpit | [private org Control Board route](https://github.com/orgs/HawkinsOperations/projects/2) | Operating control only; project metadata is not proof. Project #1 is not an active reviewer route. |
+| Project cockpit | [private org Control Board route](https://github.com/orgs/HawkinsOperations/projects/2) | Coordination-only operating cockpit; project metadata is report-only, not proof, approval, runtime, signal, public-safe status, or merge authority. Project #1 is not an active reviewer route. |
 | Proof records | [hawkinsoperations-proof](https://github.com/HawkinsOperations/hawkinsoperations-proof) | Proof records own claim ceilings. |
 
 ## Current Boundary

@@ -149,7 +149,7 @@ npm run build
 Expected Phase 1 gap:
 
 - ID-DET-002, ID-DET-003, and ID-DET-004 public website routes are pending.
-- HO-DET-012 appears in current website telemetry data, but proof and website parity remain required before any public proof or public-safe wording can be claimed.
+- HO-DET-012 appears in current website source data, but proof and website parity remain required before any public proof or public-safe wording can be claimed.
 
 ## Private-Only Commands Excluded
 
@@ -166,30 +166,23 @@ The public clone path excludes:
 
 Private evidence can inform future review only after privacy review, stale review, evidence linkage review, wording review, and Raylee approval.
 
-## Future Intended Top-Level Verifier
+## Command-Center Invariant Verifier
 
-Future Phase 2 or later work may add a top-level verifier under separate approval:
+The `.github` command-center route has a local invariant verifier for reviewer-route and claim-boundary checks:
 
 ```powershell
-python -B .github\scripts\verify_hawkinsoperations_promotion_chain.py --repo-root <org-root>
+cd .github
+python scripts\verify-command-center-invariants.py
 ```
 
-Expected future output fields:
+Expected output fields:
 
 ```text
-ORG_PROMOTION_CHAIN
-SOURCE_CONTRACT
-VALIDATION_CONTRACT
-PLATFORM_VISIBILITY_CONTRACT
-PROOF_STATUS_INDEX
-PUBLIC_CLAIM_PARITY
-PUBLIC_SAFE_STATUS=NOT_PUBLIC_SAFE
-RUNTIME_ACTIVE_PUBLIC_PROOF=BLOCKED
-SIGNAL_OBSERVED_PUBLIC_PROOF=BLOCKED
-HUMAN_REVIEW_REQUIRED=true
+COMMAND_CENTER_INVARIANTS=PASS
+checked_files=<count>
 ```
 
-That verifier does not exist in Phase 1 and must not be claimed as a current control.
+This verifier proves only that checked command-center route files and invariant wording passed. It does not prove runtime truth, signal truth, public-safe status, Project-board approval, merge authority, or public proof.
 
 ## Current Gap Summary
 

@@ -0,0 +1,34 @@
+{
+  "schema": "hawkinsoperations-command-center-invariants-v1",
+  "scope": "HawkinsOperations/.github reviewer routing and governance shell",
+  "required_route_files": [
+    "README.md",
+    "profile/README.md",
+    "profile/START_HERE.md",
+    "architecture/REPO_AUTHORITY_MAP.md",
+    "architecture/REPRODUCIBLE_REVIEWER_PATH.md",
+    "governance/CONTROL_STATUS_MATRIX.md",
+    "governance/ISSUE_FACTORY_CONTROL_RECEIPTS.md",
+    "governance/GOVERNANCE_SUMMARY.md",
+    "governance/PR_REVIEW_AUTHORITY.md",
+    "governance/CROSS_REPO_PROMOTION_MAP.md",
+    "wiki/11_ORG_SYSTEM_MAP.md",
+    ".github/pull_request_template.md"
+  ],
+  "invariants": {
+    "github_repo_role": ".github is reviewer routing and governance shell only",
+    "project_2_role": "Project #2 is the canonical private HawkinsOperations Control Board operating cockpit",
+    "project_1_boundary": "Project #1 is not an active reviewer route",
+    "project_metadata_boundary": "Project metadata is coordination only, not proof, approval, merge authority, runtime truth, signal truth, or public-safe status",
+    "rendering_boundary": "Website and GitHub rendering are not proof",
+    "proof_authority_repo": "hawkinsoperations-proof owns proof records and claim ceilings",
+    "command_center_proof_ceiling": "SCHEMA_CONTRACT_VERIFIER_EXISTS_ONLY",
+    "ledger_public_safe_status": "NOT_PUBLIC_SAFE",
+    "reviewer_metrics_pipeline": "Reviewer metrics pipeline keeps Lifetime Governed Cases separate from detection activity, validation cases, proof records, blocked claims, and Project Board reconciliation status",
+    "reviewer_metrics_counts": "Lifetime Governed Cases 4; Detection Activity / controlled validation fire count 49; Validation Case Count 106; Proof Record Count 8; Blocked Claim Count 31",
+    "ho_det_001_public_ceiling": "CONTROLLED_TEST_VALIDATED",
+    "runtime_signal_public_promotions": "runtime-active, signal-observed, evidence-linked public proof, public-safe, production-ready, fleet-wide, AWS-live, Cribl-routed, Wazuh-routed, autonomous SOC, AI-approved, AI-decided, analyst-approved, and live Splunk claims remain blocked unless separately proven and approved",
+    "standing_controls": ".github#8 and .github#10 remain standing controls",
+    "standing_control_replacement": "Closing or replacing .github#8 or .github#10 requires explicit Raylee approval that names the replacement standing-control role"
+  }
+}
@@ -12,7 +12,8 @@ A control is REAL_CONTROL only when it blocks, fails, or forces correction throu
 | Organization profile | `.github` | soft routing only | SOURCE_EXISTS | No, soft routing only | `profile/README.md` | "The profile routes reviewers to truth boundaries." | "The profile proves runtime, validation, or public proof." | Keep links current and reviewed. |
 | Governance summary | `.github` | soft enforcement | SOURCE_EXISTS | No, unless backed by blocking checks | `governance/GOVERNANCE_SUMMARY.md` | "Governance summary describes expected gates." | "Governance text alone is a real control." | Add checks or required review that fail violations. |
 | PR review authority | `.github` | reviewer routing | SOURCE_EXISTS | No, unless backed by rulesets, required review, or blocking CI | `governance/PR_REVIEW_AUTHORITY.md` | "The PR review authority doc routes merge governance and visible human review expectations." | "PR review routing proves runtime, signal, evidence, public-safe status, or production readiness." | Back with rulesets, required review, or blocking CI if Raylee wants it to become real control. |
-| Standing control registers | `.github` | reviewer routing / issue closeout receipt / standing control ledger | SOURCE_EXISTS | No, report-only unless backed by future blocking checks or required review | `governance/ISSUE_FACTORY_CONTROL_RECEIPTS.md` | "The standing-control register maps blocked claims, enforcement classes, Project #2, repo hygiene, and issue closeout receipts." | "Standing-control registers prove runtime, signal, evidence, public-safe status, production readiness, or Project-board approval." | Keep #10 and #8 open as standing controls; update rows when blocked-claim or enforcement facts change. |
+| Standing control registers | `.github` | reviewer routing / issue closeout receipt / standing control ledger | SOURCE_EXISTS | No, report-only unless backed by future blocking checks or required review | `governance/ISSUE_FACTORY_CONTROL_RECEIPTS.md` | "The standing-control register maps blocked claims, enforcement classes, Project #2, repo hygiene, and issue closeout receipts." | "Standing-control registers prove runtime, signal, evidence, public-safe status, production readiness, or Project-board approval." | Keep #10 and #8 open as standing controls unless Raylee approves a replacement standing-control role; update rows when blocked-claim or enforcement facts change. |
+| Command-center invariant verifier | `.github` | verifier control / workflow control | COMMAND_CENTER_INVARIANTS_VERIFIED | Yes, for checked route-file and claim-boundary invariant scope only; real merge-blocking control only if required by branch protection or ruleset | `governance/COMMAND_CENTER_INVARIANTS.json`; `scripts/verify-command-center-invariants.py`; `.github/workflows/command-center-invariants.yml` | "The command-center invariant verifier checks required route files, Project #1/#2 boundaries, proof ceilings, standing-control boundaries, private exposure patterns, and blocked-claim context." | "The verifier proves runtime truth, signal truth, public-safe status, public proof, Project-board approval, merge authority, or production readiness." | Keep verifier scope bounded; make it required only with separate GitHub settings/ruleset approval. |
 | Repo authority map | `.github` | soft enforcement | SOURCE_EXISTS | No, unless backed by blocking checks | `architecture/REPO_AUTHORITY_MAP.md` | "The map defines repository ownership boundaries." | "The map proves a repo complied." | Add enforceable checks for boundary violations. |
 | Project operating cockpit | Private org control board / `.github` routing | coordination only | PROJECT_METADATA_ROUTE | No, board state is not proof or approval | [private org Control Board route](https://github.com/orgs/HawkinsOperations/projects/2); `.github/profile/README.md`; `.github/profile/START_HERE.md` | "The canonical private HawkinsOperations Control Board routes current work visibility and operating context; Project #1 is not an active reviewer route." | "Project board state proves source, validation, runtime, signal, evidence, public proof, public-safe status, merge approval, or final disposition." | Use project metadata only for coordination; proof and approval remain in repo records and Raylee review. |
 | Website | `hawkinsoperations-website` | rendering only | SOURCE_EXISTS | No | [hawkinsoperations.com](https://hawkinsoperations.com) | "The website renders reviewed public wording." | "Website presentation proves source, runtime, signal, or evidence truth." | Link claims to reviewed proof records. |