feat: guard DIFC proxy emission with difc-proxy feature flag

pkg/constants/constants.go

@@ -708,6 +708,11 @@ const (
 	// When enabled: no secret validation step is generated, copilot-requests: write permission is added,
 	// and the GitHub Actions token is used as the agentic engine secret.
 	CopilotRequestsFeatureFlag FeatureFlag = "copilot-requests"
+	// DIFCProxyFeatureFlag is the feature flag name for enabling the DIFC proxy.
+	// When enabled, the compiler injects DIFC proxy steps (start/stop) around pre-agent
+	// gh CLI steps and qmd indexing steps when guard policies are configured.
+	// By default (flag absent), DIFC proxy steps are not emitted.
+	DIFCProxyFeatureFlag FeatureFlag = "difc-proxy"
 )
 
 // Step IDs for pre-activation job

pkg/constants/constants_test.go

@@ -327,6 +327,7 @@ func TestFeatureFlagConstants(t *testing.T) {
 		{"MCPScriptsFeatureFlag", MCPScriptsFeatureFlag, "mcp-scripts"},
 		{"MCPGatewayFeatureFlag", MCPGatewayFeatureFlag, "mcp-gateway"},
 		{"DisableXPIAPromptFeatureFlag", DisableXPIAPromptFeatureFlag, "disable-xpia-prompt"},
+		{"DIFCProxyFeatureFlag", DIFCProxyFeatureFlag, "difc-proxy"},
 	}
 
 	for _, tt := range tests {

pkg/workflow/compiler_difc_proxy.go

@@ -68,11 +68,16 @@ import (
 var difcProxyLog = logger.New("workflow:difc_proxy")
 
 // hasDIFCGuardsConfigured returns true if the GitHub tool has explicit guard policies configured
-// (min-integrity is set). This is the base condition for DIFC proxy injection.
+// (min-integrity is set) AND the "difc-proxy" feature flag is enabled.
+// This is the base condition for DIFC proxy injection.
 func hasDIFCGuardsConfigured(data *WorkflowData) bool {
 	if data == nil {
 		return false
 	}
+	if !isFeatureEnabled(constants.DIFCProxyFeatureFlag, data) {
+		difcProxyLog.Print("difc-proxy feature flag not enabled, skipping DIFC proxy injection")
+		return false
+	}
 	githubTool, hasGitHub := data.Tools["github"]
 	if !hasGitHub || githubTool == false {
 		return false