fix(scribe): reorder tasks — archival first with HARD GATE enforcement

.changeset/notification-routing-skill.md

@@ -0,0 +1,6 @@
+---
+"@bradygaster/squad-cli": minor
+"@bradygaster/squad-sdk": minor
+---
+
+feat: add notification-routing skill for pub-sub channel routing

.github/copilot-instructions.md

@@ -2,6 +2,35 @@
 
 You are working on a project that uses **Squad**, an AI team framework. When picking up issues autonomously, follow these guidelines.
 
+## Git Safety — Mandatory Rules
+
+**These rules are non-negotiable. Violating them risks deleting production source code.**
+
+### Staging
+- ❌ **NEVER** use `git add .` or `git add -A` — these stage unintended deletions from incomplete working trees
+- ❌ **NEVER** use `git commit -a` — same risk
+- ✅ **ALWAYS** stage specific files: `git add path/to/file1.ts path/to/file2.ts`
+- ✅ **ALWAYS** review before committing: run `git diff --cached --stat` and verify the file count matches your intent
+
+### Pushing
+- ❌ **NEVER** push directly to `dev` or `main` — always open a PR
+- ❌ **NEVER** force push (`git push --force` or `--force-with-lease`) to shared branches
+- ✅ **ALWAYS** work on a feature branch: `git checkout -b squad/{issue-number}-{slug}`
+- ✅ **ALWAYS** open a PR: `gh pr create --base dev --draft`
+
+### Pre-Push Checklist
+Before pushing any commit, verify:
+1. `git diff --cached --stat` — file count matches intent (expect ≤10 files for most fixes)
+2. `git diff --cached --diff-filter=D --name-only` — NO unintended deletions
+3. `npm run build` — build succeeds with your changes
+4. Commit message references the issue: `Closes #N`
+
+### Red Flags — STOP and Ask
+If you see any of these, STOP immediately and comment on the issue asking for guidance:
+- More than 20 files in your diff
+- ANY file deletions you didn't explicitly intend
+- Changes outside the scope of your assigned issue
+
 ## Team Context
 
 Before starting work on any issue:

.github/workflows/squad-ci.yml

@@ -66,6 +66,43 @@ jobs:
       - name: Install Playwright browsers
         run: npx playwright install chromium --with-deps
 
+      - name: "🔒 Source tree canary check"
+        run: |
+          echo "Verifying critical source files exist..."
+          MISSING=0
+          for f in \
+            "packages/squad-sdk/src/index.ts" \
+            "packages/squad-cli/src/cli/index.ts" \
+            "packages/squad-sdk/package.json" \
+            "packages/squad-cli/package.json"; do
+            if [ ! -f "$f" ]; then
+              echo "::error::MISSING critical file: $f"
+              MISSING=$((MISSING + 1))
+            fi
+          done
+          if [ $MISSING -gt 0 ]; then
+            echo "::error::$MISSING critical source files missing — possible accidental deletion"
+            exit 1
+          fi
+          echo "✅ All critical source files present"
+
+      - name: "🔒 Large deletion guard"
+        if: github.event_name == 'pull_request'
+        run: |
+          DELETED=$(git diff --diff-filter=D --name-only origin/${{ github.base_ref }}...HEAD | wc -l)
+          echo "Files deleted in this PR: $DELETED"
+          if [ "$DELETED" -gt 50 ]; then
+            echo "::error::This PR deletes $DELETED files (threshold: 50). If intentional, add the 'large-deletion-approved' label."
+            LABELS=$(gh pr view ${{ github.event.pull_request.number }} --json labels --jq '.labels[].name' 2>/dev/null || echo "")
+            if echo "$LABELS" | grep -q "large-deletion-approved"; then
+              echo "✅ Large deletion approved via label"
+            else
+              exit 1
+            fi
+          fi
+        env:
+          GH_TOKEN: ${{ github.token }}
+
       - name: Build
         run: npm run build
 

.github/workflows/squad-docs-links.yml

@@ -20,7 +20,6 @@ jobs:
           args: >-
             --verbose
             --no-progress
-            --exclude-mail
             --timeout 30
             --max-retries 3
             --accept 200..=299,403,429

.gitignore

@@ -11,9 +11,14 @@ coverage/
 .squad/decisions/inbox/
 .squad/sessions/
 .squad/config.json
-.test-cli-*
+# Test temp dirs (created in cwd by vitest tests, cleaned in afterEach)
+.test-*
 # Docs site generated files
 docs/dist/
+docs/src/content/docs/reference/api/
+
+# Docs test screenshots (local verification only)
+docs/tests/screenshots/
 # Squad: SubSquad activation file (local to this machine)
 .squad-workstream
 .squad/.first-run

.squad-templates/scribe-charter.md

@@ -15,6 +15,10 @@
 - `.squad/decisions.md` — the shared decision log all agents read (canonical, merged)
 - `.squad/decisions/inbox/` — decision drop-box (agents write here, I merge)
 - Cross-agent context propagation — when one agent's decision affects another
+- Decision archival — **HARD GATE**: enforce two-tier ceiling on decisions.md before every merge:
+  - **Tier 1 (30-day):** If >20KB, archive entries older than 30 days
+  - **Tier 2 (7-day):** If still >50KB after Tier 1, archive entries older than 7 days
+  - Emit HEALTH REPORT to session log after archival runs
 
 ## How I Work