<feed xmlns='http://www.w3.org/2005/Atom'>
<title>rulesets/claude-rules/host-identity.md, branch main</title>
<subtitle>Claude Code skills, rules, and language bundles
</subtitle>
<id>https://git.cjennings.net/rulesets/atom?h=main</id>
<link rel='self' href='https://git.cjennings.net/rulesets/atom?h=main'/>
<link rel='alternate' type='text/html' href='https://git.cjennings.net/rulesets/'/>
<updated>2026-07-02T09:19:01+00:00</updated>
<entry>
<title>feat(rules): add the host-identity guard rule and startup probe</title>
<updated>2026-07-02T09:19:01+00:00</updated>
<author>
<name>Craig Jennings</name>
<email>c@cjennings.net</email>
</author>
<published>2026-07-02T09:19:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.cjennings.net/rulesets/commit/?id=b6a977cec25fddf1e498896cec3ad9462fc149db'/>
<id>urn:sha1:b6a977cec25fddf1e498896cec3ad9462fc149db</id>
<content type='text'>
A tracked or synced doc asserting "this machine is X" is false on every machine but its origin, and an agent trusting it reasons backwards all session. It happened live: a stale "ratio" claim steered a session running on velox. The new rule bans fixed identity claims in tracked/synced docs and requires the runtime derivation instead (uname -n, since the hostname binary is often absent). Describing the fleet stays legal. Claiming the current member doesn't.

startup gained a read-only probe that greps CLAUDE.md and notes.org for the pattern and surfaces hits as a judgment flag, never a block. Fixture-verified under bash and zsh.
</content>
</entry>
</feed>
