New Capability: Infrastructure Health Enforcement + Incident Documentation System
Date: March 8, 2026 Origin: Weekly planning session exposed chronic token loading failures, triggering full infrastructure diagnosis and creation of formal incident/capability documentation workflow Impact: All three leaders — eliminates the #1 source of wasted session time (token/MCP failures) and establishes repeatable processes for documenting incidents and new capabilities
What Was Built
1. CRLF Prevention Layer
A multi-layer defense against Windows line endings corrupting .env files and scripts:
.editorconfigat monorepo root enforcesend_of_line = lfacross all files. Any editor that supports EditorConfig (VS Code, JetBrains, Sublime, vim, etc.) will automatically use LF when creating or editing files in this repo.- All 29
.envfiles converted from CRLF to LF on disk. Combined with the existing.gitattributes(which handles tracked files), this closes the gap for gitignored files. settings.local.jsoncredential scrub — removed 3 hardcoded API tokens that had leaked through the improvised-workaround path.
2. Mandatory Enforcement Loading
CLAUDE.md Step 4 (Load Enforcement) was upgraded from an implicit recommendation to an explicit, mandatory step. The two enforcement files (vf-platform-context.md and vf-self-correction.md) must now be read before any work begins. This was validated empirically: sessions without enforcement loading drift into calendar-based phasing and scope-reduction framing within the first response.
3. Incident Documentation Command (/corrective-action-report)
A new slash command that formalizes the process of capturing incidents. Previously, hard-won lessons were added to MEMORY.md's Critical Lessons inconsistently and after the fact. This command provides:
- Structured incident identification (summary, symptoms, impact, timeline)
- Root cause analysis with category taxonomy (7 categories)
- Fix documentation with verification steps
- Prevention measures across 5 layers (Critical Lessons, Enforcement Skills, Tech Stack, Operations State, Instruction Optimizer)
- Automatic logging to the instruction optimizer's incident log
4. Capability Documentation Command (/capability-report)
A new slash command that ensures every new capability is documented for all three AI leaders. Previously, capabilities were documented ad-hoc or not at all. This command provides:
- Structured capability identification (name, trigger, implementation, dependencies)
- Three-leader impact assessment (V, Sage, Pax)
- Usage examples with exact commands
- Operational state updates across memory files and CLAUDE.md
Infrastructure Changes
| Change | Before | After |
|---|---|---|
.editorconfig |
Did not exist | Enforces LF, UTF-8, 2-space indent across all files |
.env files (29) |
CRLF line endings (silent token corruption) | LF line endings (tokens load correctly) |
settings.local.json |
3 hardcoded API tokens in permission rules | Wildcard patterns (*) replacing literal tokens |
| CLAUDE.md Step 4 | Implicit enforcement loading | Explicit mandatory requirement with file paths |
/corrective-action-report |
Did not exist | Formal incident documentation workflow |
/capability-report |
Did not exist | Formal capability documentation workflow |
Implementation
| File | Purpose |
|---|---|
/mnt/d/Projects/value-first-operations/.editorconfig |
Cross-editor LF enforcement |
/mnt/d/.claude/settings.local.json |
Cleaned permission rules (no credentials) |
.claude/commands/corrective-action-report.md |
Incident documentation command (234 lines) |
.claude/commands/capability-report.md |
Capability documentation command (197 lines) |
Usage
# After an incident — document what went wrong and prevent recurrence
/corrective-action-report
/corrective-action-report "HubSpot API returned 401 because .env had CRLF line endings"
# After building something new — document for all three leaders
/capability-report
/capability-report "Google Docs document delivery pipeline"
# Verify .editorconfig is active (should show end_of_line = lf)
cat /mnt/d/Projects/value-first-operations/.editorconfig
# Check a .env file for CRLF contamination
file /path/to/.env
# Good: "ASCII text" — Bad: "ASCII text, with CRLF line terminators"
# Fix a CRLF file manually if needed
sed -i 's/\r$//' /path/to/file
Leader Applications
V (Operations)
Primary beneficiary. V's daily operations commands (/daily-ops, /daily-recap, /weekly-plan, /weekly-review) all depend on HubSpot API access, which requires functional token loading. The CRLF fix eliminates the #1 source of session-start failures. The /corrective-action-report and /capability-report commands give V a structured way to maintain institutional memory — turning one-off fixes into permanent organizational learning.
V should invoke /corrective-action-report whenever a session encounters a failure that consumed significant time. V should invoke /capability-report whenever a new script, command, or integration is built.
Sage (Customer)
Direct beneficiary of token reliability. Sage's commands (/relationship-brief, /meeting-prep, /interest-brief) require HubSpot data access. Token loading failures blocked Sage's relationship intelligence in prior sessions. The fix ensures Sage can access client data reliably.
Pax (Finance)
Direct beneficiary of token reliability. Pax's commands (/revenue-brief, /investment-brief, /1099-prep) query HubSpot for financial data (Orders, Investments, Services). Token failures blocked revenue visibility. The fix ensures Pax can produce financial intelligence on demand.
Dependencies
| Dependency | Status | Notes |
|---|---|---|
.gitattributes (tracked files) |
Confirmed | Already enforces * text=auto eol=lf |
.editorconfig (all files) |
Confirmed | Committed and pushed |
| Editor support | Confirmed | VS Code, JetBrains, Sublime, vim all support EditorConfig natively or via plugin |
Git config core.autocrlf=input |
Confirmed | Set on this system — converts CRLF→LF on commit |
Verification
# Verify no CRLF files remain in env files
find /mnt/d/Projects/value-first-operations -name "*.env" -o -name ".env" | head -5 | xargs file
# Should show "ASCII text" for all (no "CRLF" designation)
# Verify .editorconfig exists and is committed
git -C /mnt/d/Projects/value-first-operations log --oneline --all -- .editorconfig
# Should show the commit
# Verify settings.local.json has no literal tokens
grep -c "pat-na" /mnt/d/.claude/settings.local.json
# Should return 0