Run mode: scheduled, autonomous, read-only.

Audit window: last 24 hours of commit activity, current working-tree state, default-branch CI in last 24 hours.

Pre-flight

Repo inventory (10 active, top-level)

ghost-os, ha-law, sail-cases, sail-hr, sail-infrastructure, sail-knowledge, sail-litify, sail-marketing, sail-seo, sail-templates. Vendor reference clones excluded.

Risk snapshot

Repo Branch Uncommitted Oldest unstaged Diverged >7d Unpushed CI fails 24h
ghost-os main 0 0 0 0
ha-law main 15 24d 0 0 0
sail-cases main 2 0d 0 0 0
sail-hr main 5 30d 0 0 0
sail-infrastructure agent/projects-reorg-2026-04-18 6 14d 1 0 0
sail-knowledge agent/credential-redaction-2026-05-04 0 1 0 0
sail-litify codex/roundtable-qa-2026-04-25 20 38d 5 0 0
sail-marketing agent/projects-reorg-2026-04-18 10 14d 1 0 0
sail-seo agent/credential-redaction-2026-05-04 0 2 7 0
sail-templates agent/trust-strip-sitewide-2026-04-19 13 30d 1 3 0

Top risks

  1. Unpushed local commits — sail-seo has 7 unpushed across 3 branches (main is 5 ahead of origin/main, two weeks). sail-templates/main is 3 ahead of origin, two weeks. Local-only work = single-machine loss exposure.
  2. sail-litify branch sprawl — 5 long-lived branches diverged from main, two of them 10+ commits ahead (codex/intake-email-confirmation = 14 ahead, codex/litify-priority-tracker = 10 ahead). Rebase cost is climbing.
  3. Tooling gap — GitHub Dependabot endpoint returned HTTP 403 for all 10 repos. Token missing security_events scope. Audit is incomplete on supply-chain risk.

Clean signals