docs: add Phase 8 operating-layer extraction artifacts

[ProfRandom92]

Adds Phase 8 operating-layer extraction review artifacts and repo-local draft skill candidates.

Scope:

• docs-only
• no runtime/source changes
• no active hooks
• no active MCP registration
• no plugin installation
• no provider/model calls
• no generated reports/artifacts touched
• no global skill installation

Commits:

• 38d8efb docs(phase8): audit operating-layer extraction
• 1dede37 docs(phase8a): add draft operating-layer skills
• 5f76fac docs(phase8b): design Codex plugin scaffold
• 0db36f8 fix(codex-hooks): harden review edge cases

Review status:

• validate: pass
• Gemini review threads: 6 resolved
• PR remains draft until human promotion

Review focus:

• operating-boundary correctness
• claim hygiene
• artifact hygiene
• promotion safety before any global install
• whether Phase 8B/8C should remain design-only before activation

[gemini-code-assist]

Code Review

This pull request introduces a local Codex Desktop governance layer, including policy hooks, agent skills, and draft skill specifications under docs/ to enforce boundaries around git operations, secret reads, and artifact hygiene. The code review feedback is highly constructive, pointing out several robustness and security improvements. Specifically, the reviewer recommends handling non-dictionary JSON inputs defensively across all hook scripts to prevent AttributeError crashes, ensuring path normalization handles Windows backslashes correctly in pre_tool_use_policy.py, and expanding the secret-read detection pattern to include other common utilities like grep and awk to prevent policy bypasses.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.