Burning the boat: from strangler to clean-room

We had planned to strangle an existing fork, pulling its code in as untrusted modules behind the core. We abandoned that. The fork carried non-commercial pixel art and trademarked naming, both blockers for a sellable, governance-first product. So the fork was archived and removed, and the canonical repo became fully clean-room.

With the foundation clean, we hardened the skin. No symlinks anywhere: readers never follow them and any tree containing one is rejected and quarantined. Integrity is checked before, during, and after execution, so drift mid-run quarantines the capability. And prompt injection was promoted to its own highest risk tier, above critical: instruction-override content is rejected and can never be registered, even from a trusted publisher.

This was also when the Fleet theme arrived: an IP-safe, original cast that turns the governance model into something you can see. The themed UI is the governance model visualized, bound to live state.

A clean-room core is slower to start and far easier to trust.