03 · library the paper map

The papers.

Eight papers and two support memos compile deterministic governance from category claim, to compilation framework, to enforcement implementation. They are not a reading order — they are a dependency graph. Each paper has one primary contribution and a strict non-expansion clause.

the chain policy / taxonomy → governance skill → invariant set → enforce(event, state, skill_context) → PASS | HALT read order category → compilation → IR · or start with memos if you arrive skeptical non-expansion each paper carries a strict scope clause. claims that belong elsewhere must link, not expand.

Primary papers

§ category · § compilation · § IR — the load-bearing three

PAP · 05

Deterministic governance as a distinct systems category

The boundary claim. Five membership criteria: deterministic decision procedure, explicit authority model, evidence-backed ledger, lifecycle enforcement, drift closure. Not policy automation. Not guardrails. Not an IDP.

deterministic_governance_systems_category.md Stable → PAP · 04

From failure taxonomy to enforcement compilation

Translates descriptive LLM failure modes into observable predicates and terminal outcomes. The pipeline: failure mode → proxy → required artifact → invariant → HALT/ESCALATE. Classification alone is observational; governance requires executable state constraints.

failure_taxonomy_to_enforcement_compilation.md Stable → PAP · 03

Governance skills as the compilation layer

Skills are the intermediate representation between policy and runtime. Trigger, inputs, constraints, workflow, ambiguity protocol, escalation routing, failure modes — a typed IR that compiles into invariants and routes through enforce(…).

governance_skills_as_compilation_layer.md Stable →

Support memos

feeder artifacts · not standalone theses

MEM · 06

Prompt-layer guardrails vs governance authority

Why prompt/output controls are hygiene, not system authority. Indirect prompt injection reframed as cross-layer authority ambiguity. The equivalence boundary test and its two filled cases: output-validator drift, prompt approval bypass.

support_guardrails_vs_governance.md Memo → MEM · 07

Structural limits of policy-as-code

Policy-as-code governs requests. Deterministic governance governs lifecycle state transitions. The four filled drift-model slots: governed_state, observed_state, detection rule, remediation mode.

support_policy_as_code_limits.md Memo →

Empirical & long-form

corpus narrative · architecture · maturity — not yet typeset for web

PAP · 01

Fail-closed AI: 288 sessions

Empirical corpus, governance arc, failure modes, maturity assessment. 288 sessions, session-level ledger in corpus_v1_5_2.db, turn-level labeling in corpus_v1.db. 134 kB source.

fail_closed_ai_288_sessions.md Not typeset ◇ PAP · 02

Codebase: the dual-plane architecture

Execution plane vs observation plane. Phase 7/8 lifecycle, the BoundaryEnforcer, SHCL-v2 bytecode envelopes, the Phase 8 hash-chained audit ledger.

code_base_paper.md Not typeset ◇ PAP · 08

Governance skill surface

The runtime artifact trio — SKILL.md + GOVERNANCE.yaml + openai.yaml — across api_ide and exec_agents allowlists. Surface registration is the governability boundary.

governance_skill_surface.md Not typeset ◇ DOC · 09

Aggregated maturity & closure baseline

Tier table, closure-baseline claim ledger (CB-0-001 through CB-X-003), stage-by-stage status: which claims are CLOSED, PARTIAL, OPEN, and why.

aggregated_maturity.md · CLOSURE_BASELINE.md Not typeset ◇

papers · rev 012 · build 2026-04-21 event → enforce(event) → invariant → PASS | HALT meetLab · 2026