HawkinsOperations · raylee-hawkins · Jun 17, 2026 · Jun 16, 2026
@@ -24,11 +24,11 @@ Total HawkinsOperations system repos remain seven:
 - `hawkinsoperations-platform` = contracts/mechanics
 - `hawkinsoperations-proof` = proof records/claim ceilings
 - `hawkinsoperations-website` = public rendering
-- `aevumguard` = current Hoxline compatibility repo path
+- `hoxline` = current Hoxline product/front-door repo
 
 No eighth repo may be added without explicit approval.
 
-Hoxline is a proof-bound claim control system for AI-assisted security work. Current repository path: HawkinsOperations/aevumguard. Product name: Hoxline by HawkinsOperations. Repository rename is not yet approved. Claim Firewall is the first internal Claim Authority capability inside Hoxline; it does not change proof authority, runtime truth, signal truth, public-safe status, or approval boundaries.
+Hoxline by HawkinsOperations is the current product/front-door repo and ProofOps control surface. Hoxline provides ProofOps control for the AI security era and governs how AI-assisted security work becomes tested, reviewed, blocked, or safe to claim. Current repository path: HawkinsOperations/hoxline. AevumGuard is legacy/compatibility naming only. Claim Firewall is the first Claim Authority enforcement capability inside Hoxline; it is not the product, platform, front-door repo, an eighth repo, proof authority, runtime proof, or signal proof.
 ## Authority Summary
 
 | Repository | Authority plane | Owns | Boundary |
@@ -39,17 +39,17 @@ Hoxline is a proof-bound claim control system for AI-assisted security work. Cur
 | `hawkinsoperations-platform` | Contracts / orchestration / control logic | Runtime contracts, interface boundaries, and non-promotional guardrails. | Contracts do not prove public proof, production readiness, or current runtime state. |
 | `hawkinsoperations-proof` | Proof records / evidence truth | Proof records, claim ceilings, evidence boundary records, and cited case packets. | Proof records do not publish raw private evidence or raise ceilings by presentation. |
 | `hawkinsoperations-website` | Public rendering only | Public reviewer navigation and rendered wording. | Rendering is not proof and cannot approve a claim. |
-| `aevumguard` | Product / front door | Hoxline product surface and Claim Authority capabilities, starting with Claim Firewall. | Product framing does not prove runtime, signal, evidence, public-safe status, production readiness, or approval. |
+| `hoxline` | Product / front door | Hoxline product surface and Claim Authority capabilities, starting with Claim Firewall. | Product framing does not prove runtime, signal, evidence, public-safe status, production readiness, or approval. |
 
 ## Command Center Operating Surfaces
 
 | Surface | Route | Owns | Does not own |
 | --- | --- | --- | --- |
 | Organization front door | [profile/README.md](../profile/README.md) | High-level reviewer orientation and demo routing. | Proof, runtime, signal, or public-safe approval. |
-| Product front door | [aevumguard](https://github.com/HawkinsOperations/aevumguard) | Hoxline product experience and Claim Authority capability surface. | Proof authority, runtime truth, signal truth, public-safe approval, or repo expansion approval. |
+| Product front door | [hoxline](https://github.com/HawkinsOperations/hoxline) | Hoxline product experience and Claim Authority capability surface. | Proof authority, runtime truth, signal truth, public-safe approval, or repo expansion approval. |
 | Reviewer start path | [profile/START_HERE.md](../profile/START_HERE.md) | First-click review sequence and claim-boundary reminders. | Stronger claim status than proof records allow. |
 | Operating cockpit | [private org Control Board route](https://github.com/orgs/HawkinsOperations/projects/2) | Current work visibility and queue coordination for the canonical private HawkinsOperations Control Board; Project #1 is not an active reviewer route. | Source truth, validation truth, runtime truth, signal truth, proof, public-safe status, merge approval, or project metadata authority. |
-| Proof ledger route | [Lifetime Case Ledger public summary](https://github.com/HawkinsOperations/hawkinsoperations-proof/blob/main/proof/records/lifetime-case-ledger-v1-public-summary.json) | Bounded count summary: 4 events, 4 cases, 0 public-safe cases, 0 closed cases. | Runtime activity, signal observation, public proof, public-safe runtime proof, case closure, or disposition authority. |
+| Proof ledger route | [Lifetime Case Ledger public summary](https://github.com/HawkinsOperations/hawkinsoperations-proof/blob/main/proof/records/lifetime-case-ledger-v1-public-summary.json) | Bounded count summary owned by proof records and platform manifests; this map does not copy changing counts. | Runtime activity, signal observation, public proof, public-safe runtime proof, case closure, or disposition authority. |
 | Clone-runnable proof chain | [REPRODUCIBLE_REVIEWER_PATH.md](REPRODUCIBLE_REVIEWER_PATH.md) | Source-controlled inspection steps across all seven repos. | Private runtime access, evidence export, public-safe promotion, GitHub settings changes, or product proof promotion. |
 
 ## Public Readiness Summary
@@ -62,7 +62,7 @@ Hoxline is a proof-bound claim control system for AI-assisted security work. Cur
 | `hawkinsoperations-platform` | Platform architecture, stack truth tracking, and environment boundary documentation. | Detection proof, public proof, sensitive runtime exports, private host details. | Architecture-oriented until runtime evidence is reviewed. | Platform docs prove current deployment state. |
 | `hawkinsoperations-proof` | Proof contracts, evidence indexes, public-safe records, and claim linkage structure. | Raw private evidence publication, runtime operation, source ownership for other repos. | Proof-oriented only for reviewed and scoped records. | Evidence-linked material is automatically public-safe. |
 | `hawkinsoperations-website` | Public rendering of approved content. | Source truth, runtime truth, evidence truth, claim approval. | Rendering-oriented after public claim review. | Website presentation proves a claim by itself. |
-| `aevumguard` | Current Hoxline compatibility repo path and Claim Authority capability UX. | Proof authority, runtime status, signal observation, public-safe approval, or repo expansion. | Product-oriented until proof records approve stronger claims. | A product page or capability label proves a claim by itself. |
+| `hoxline` | Current Hoxline product/front-door repo and Claim Authority capability UX. | Proof authority, runtime status, signal observation, public-safe approval, or repo expansion. | Product-oriented until proof records approve stronger claims. | A product page or capability label proves a claim by itself. |
 
 ## Cross-Repository Rules
 
@@ -72,7 +72,7 @@ Hoxline is a proof-bound claim control system for AI-assisted security work. Cur
 - Signal claims require observed telemetry, alert, log, or output context.
 - Evidence claims require preserved and linked support.
 - Public claims require public claim review and approval.
-- Claim Firewall remains an internal Hoxline Claim Authority capability and must not be framed as a separate HawkinsOperations product repo.
+- Claim Firewall remains the first Claim Authority enforcement capability inside Hoxline and must not be framed as the product, platform, front-door repo, an eighth repo, proof authority, runtime proof, signal proof, or a separate HawkinsOperations product repo.
 - No eighth repo may be added without explicit approval.
 
 ## Blocked Organization-Level Claims

@@ -6,11 +6,11 @@ Trust class: SOURCE_EXISTS after merge
 
 ## Purpose
 
-This path gives reviewers a clone-runnable route through the six HawkinsOperations repositories without treating `.github`, CI, proof, platform, or website rendering as stronger truth than they can support.
+This path gives reviewers a clone-runnable route through the seven HawkinsOperations repositories without treating `.github`, CI, proof, platform, Hoxline product framing, or website rendering as stronger truth than they can support.
 
 Website/GitHub rendering is not proof. Public surfaces route to proof records. Required checks matter only when they actually appear, run, and pass. Codex is AI labor, not human governance.
 
-## Clone All Six Repos
+## Clone All Seven Repos
 
 From an empty organization workspace:
 
@@ -23,6 +23,7 @@ git clone https://github.com/HawkinsOperations/hawkinsoperations-validation.git
 git clone https://github.com/HawkinsOperations/hawkinsoperations-platform.git
 git clone https://github.com/HawkinsOperations/hawkinsoperations-proof.git
 git clone https://github.com/HawkinsOperations/hawkinsoperations-website.git
+git clone https://github.com/HawkinsOperations/hoxline.git
 ```
 
 Expected sibling layout:
@@ -35,6 +36,7 @@ HawkinsOperations/
   hawkinsoperations-platform/
   hawkinsoperations-proof/
   hawkinsoperations-website/
+  hoxline/
 ```
 
 ## Reviewer Commands Available Today
@@ -98,14 +100,25 @@ python -B scripts\verify-ho-det-012-result-parity.py
 python -B scripts\scan-ho-det-012-claim-boundaries.py
 ```
 
-Report-only parity command, if the reviewer has all six sibling repos cloned:
+Report-only parity command, if the reviewer has all seven sibling repos cloned:
 
 ```powershell
 python -B scripts\verify_cross_repo_claim_parity.py --repo-root .. --report-only
 ```
 
 Report-only output is not fail-closed enforcement.
 
+### Hoxline Product / Claim Authority Plane
+
+```powershell
+cd ..\hoxline
+git status -sb
+python -B -m pytest -q tests
+python -B -m hoxline gauntlet verify --input examples\gauntlet\ho-det-001-full-loop-run-v0.json
+```
+
+Hoxline by HawkinsOperations is the product/front-door repo for ProofOps control. It governs how AI-assisted security work becomes tested, reviewed, blocked, or safe to claim. Claim Firewall is the first Claim Authority enforcement capability inside Hoxline; it is not the product, platform, front-door repo, an eighth repo, proof authority, runtime proof, or signal proof.
+
 ### Platform Boundary and Visibility Plane
 
 ```powershell

@@ -25,7 +25,7 @@
     "command_center_proof_ceiling": "SCHEMA_CONTRACT_VERIFIER_EXISTS_ONLY",
     "ledger_public_safe_status": "NOT_PUBLIC_SAFE",
     "reviewer_metrics_pipeline": "Reviewer metrics pipeline keeps Lifetime Governed Cases separate from detection activity, validation cases, proof records, blocked claims, and Project Board reconciliation status",
-    "reviewer_metrics_counts": "Lifetime Governed Cases 4; Detection Activity / controlled validation fire count 49; Validation Case Count 106; Proof Record Count 8; Blocked Claim Count 31",
+    "reviewer_metrics_counts": "Reviewer metrics values are authority-owned snapshots in proof/platform records; front-door text must route to those records instead of copying changing counts",
     "ho_det_001_public_ceiling": "CONTROLLED_TEST_VALIDATED",
     "runtime_signal_public_promotions": "runtime-active, signal-observed, evidence-linked public proof, public-safe, production-ready, fleet-wide, AWS-live, Cribl-routed, Wazuh-routed, autonomous SOC, AI-approved, AI-decided, analyst-approved, and live Splunk claims remain blocked unless separately proven and approved",
     "standing_controls": ".github#8 and .github#10 remain standing controls",

@@ -156,9 +156,9 @@ Purpose: advances issue [#39](https://github.com/HawkinsOperations/.github/issue
 
 ## Reviewer Metrics Pipeline Reconciliation Receipt
 
-Purpose: gives reviewers a single repo-backed reconciliation row for the "big number without lying" metrics pipeline while preserving the strict Lifetime Case Ledger boundary.
+Purpose: gives reviewers a point-in-time repo-backed reconciliation row for the "big number without lying" metrics pipeline while preserving the strict Lifetime Case Ledger boundary. These values are a historical receipt snapshot, not current front-door authority; current values must be read from the owning platform, validation, and proof records.
 
-| Metric / status | Current bounded value | Owning source | Boundary |
+| Metric / status | Historical bounded value | Owning source | Boundary |
 | --- | --- | --- | --- |
 | Lifetime Governed Cases | 4 | `hawkinsoperations-platform` Lifetime Case Ledger state and `hawkinsoperations-proof` public ledger summary | Strict governed case count only; detection fires do not increase this number. |
 | Detection Activity / controlled validation fire count | 49 | `hawkinsoperations-validation` detection activity ledger | Controlled validation activity only; not runtime activity, signal observation, public proof, or governed case append. |