Refresh rc1 launch readiness copy

docs/releases/2.0.0-rc.1/article-outline.md

@@ -31,6 +31,10 @@ The leverage comes from treating the harness, reusable workflow layer, and opera
 - hooks and verification discipline
 - security and review patterns
 - operator workflow skills around content, research, and business ops
+- queue, discussion, Linear, legacy, and release-evidence checks that make the
+  operating state inspectable
+- supply-chain IOC scanning and no-lifecycle install hardening after the
+  Mini Shai-Hulud/TanStack campaign
 
 ### 3. Why Hermes Is the Operator Layer
 
@@ -45,8 +49,21 @@ The leverage comes from treating the harness, reusable workflow layer, and opera
 - cross-harness architecture doc
 - Hermes import guidance
 - clearer 2.0 positioning in the repo
+- preview-pack smoke gate
+- launch drafts for GitHub release copy, X, LinkedIn, article, Telegram/Hermes
+  handoff, and demo prompts
 
-### 5. What Stays Local
+### 5. What Changed Since v1.10.0
+
+- Claude Code remains the core target, but ECC now treats Codex, OpenCode,
+  Cursor, Gemini, Zed, and terminal-only workflows as shared execution surfaces.
+- The release process now has repeatable platform, discussion, observability,
+  supply-chain, Linear progress, and preview-pack checks.
+- AgentShield and ECC Tools work is mirrored into the roadmap so enterprise
+  security, hosted review, policy promotion, and billing-readiness lanes do not
+  drift away from the main release.
+
+### 6. What Stays Local
 
 - secrets and auth
 - raw workspace exports
@@ -54,7 +71,7 @@ The leverage comes from treating the harness, reusable workflow layer, and opera
 - operator-specific automations that have not been sanitized
 - deeper CRM, finance, and Google Workspace playbooks
 
-### 6. Closing Point
+### 7. Closing Point
 
 The goal is not to copy one exact stack.
 

docs/releases/2.0.0-rc.1/linkedin-post.md

@@ -9,7 +9,7 @@ It is becoming a cross-harness operating system for agentic work:
 - reusable skills instead of one-off prompts
 - hooks and tests instead of manual discipline
 - MCP-backed access to docs, code, browser automation, and research
-- Codex, OpenCode, Cursor, Gemini, and Claude Code surfaces that share the same core workflow layer
+- Codex, OpenCode, Cursor, Gemini, Zed, and Claude Code surfaces that share the same core workflow layer
 - Hermes as the operator shell for chat, cron, handoffs, and daily work routing
 
 For this release-candidate surface, I kept the repo honest.
@@ -20,9 +20,20 @@ I did not publish private workspace state. I shipped the reusable layer:
 - release notes and launch collateral
 - cross-harness architecture notes
 - Hermes import guidance for turning local operator patterns into public ECC skills
+- release-readiness gates for PRs, issues, discussions, Linear progress, legacy tails, observability, and supply-chain checks
+- a deterministic preview-pack smoke test so the public pack can be verified before a release action
 
 The leverage is not just better prompting.
 
 It is reducing the number of isolated surfaces, turning repeated workflows into reusable skills, and making the operating system around the agent measurable.
 
+The supply-chain work became part of the release story too. After the Mini
+Shai-Hulud/TanStack campaign, rc.1 now includes IOC scanning, no-lifecycle CI
+installs, advisory-source refresh, npm audit/signature checks, and AI-tool
+persistence coverage.
+
 There is still more to harden before GA, especially around packaging, installers, and the `ecc2/` control plane. But rc.1 is enough to show the shape clearly.
+
+Public publication is still approval-gated until the GitHub release, npm
+`next` publish, plugin path, final URLs, and billing/native-payments claims have
+live evidence.

docs/releases/2.0.0-rc.1/preview-pack-manifest.md

@@ -23,7 +23,7 @@ surfaces, or posting announcements.
 | `docs/releases/2.0.0-rc.1/publication-readiness.md` | Release gate | Requires fresh evidence from the exact release commit |
 | `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-15.md` | Current May 15 queue, roadmap, security, supply-chain watch, no-lifecycle CI install hardening, AgentShield #86 evidence-pack provenance, ECC Tools billing-gate, Actions cache purge, and `ecc2` test evidence through PR #1941 | Must be superseded by a final clean-checkout evidence file before real publication |
 | `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-16.md` | Current May 16/17 queue cleanup, recsys skill merge, GateGuard triage, PR #1947 supply-chain protection, AgentShield #87 plugin-cache confidence evidence, AgentShield #88 evidence-pack inspect/readback, AgentShield #89 evidence-pack fleet routing, AgentShield #90 fleet review items, AgentShield #91 policy export, AgentShield #92 policy promotion, ECC-Tools #76 fleet-summary consumption, ECC-Tools #77 hosted finding evidence paths, ECC-Tools #78 harness policy-route linking, dashboard refresh, and combined Node/Rust/release-surface gate evidence through the May 16 mirror | Must still be repeated from a strict clean checkout before real publication |
-| `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-17.md` | Current May 17 queue-zero state, Japanese localization merge, Dependabot TypeScript and Node type merges, post-merge ja-JP lint repair, Mini Shai-Hulud/TanStack protection recheck, npm audit/signature checks, operator dashboard refresh, Linear sync, and GitHub CI evidence for `99dd6ac0` | Current strongest readiness snapshot; must still be repeated from a strict clean checkout before real publication |
+| `docs/releases/2.0.0-rc.1/publication-evidence-2026-05-17.md` | Current May 17 queue-zero state, Japanese localization merge, Dependabot TypeScript and Node type merges, post-merge ja-JP lint repair, Mini Shai-Hulud/TanStack protection recheck, npm audit/signature checks, legacy and Linear progress routing, deterministic preview-pack smoke, operator dashboard refresh, Linear sync, and GitHub CI evidence for `27dc2918` | Current strongest readiness snapshot; must still be repeated from a strict clean checkout before real publication |
 | `docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-17.md` | Current prompt-to-artifact operator dashboard | Shows PR/issue/discussion/platform/supply-chain gates current and publication, plugin, billing, AgentShield, ECC Tools, legacy, and Linear productization gaps still open |
 | `docs/releases/2.0.0-rc.1/naming-and-publication-matrix.md` | Naming, slug, and publication-path decision record | Keeps `Everything Claude Code / ECC`, npm `ecc-universal`, and plugin slug `ecc` for rc.1 |
 | `docs/releases/2.0.0-rc.1/x-thread.md` | X launch draft | Must replace placeholders with live URLs after release/package/plugin publication |

docs/releases/2.0.0-rc.1/publication-evidence-2026-05-17.md

@@ -7,9 +7,9 @@ npm publication, plugin tag, marketplace submission, or announcement post.
 
 | Field | Evidence |
 | --- | --- |
-| Upstream main | `744f4169972fd81618c3114ea1ca5ffb85ef4c82` |
+| Upstream main | `27dc2918a24a50b8dd5e23dba2aa6a05bd17c0d7` |
 | Git remote | `https://github.com/affaan-m/everything-claude-code.git` |
-| Evidence scope | Current `main` after the Japanese localization and Dependabot merge batch, post-merge ja-JP markdown anchor repair, Zed install-target support, Mini Shai-Hulud/TanStack protection recheck, the Windows-path CI fix, AgentShield policy-promotion Action output mirror, ECC-Tools hosted promotion judge audit-trace mirror, ECC-Tools billing announcement preflight mirror, and ECC-Tools production Marketplace readback-state mirror |
+| Evidence scope | Current `main` after the Japanese localization and Dependabot merge batch, post-merge ja-JP markdown anchor repair, Zed install-target support, Mini Shai-Hulud/TanStack protection recheck, AgentShield policy-promotion Action output mirror, ECC-Tools hosted promotion judge audit-trace mirror, ECC-Tools billing announcement preflight mirror, ECC-Tools production Marketplace readback-state mirror, legacy-tail dashboard routing, Linear progress readiness, and the deterministic preview-pack smoke gate |
 | Local status caveat | `git status --short --branch` showed `## main...origin/main` plus unrelated untracked `docs/drafts/` |
 
 The actual release operator should repeat all publish-facing checks from the
@@ -22,7 +22,7 @@ final release commit with a strictly clean checkout before publishing.
 | Trunk PRs | `gh pr list --state open --limit 50 --json number,title` | 0 open PRs |
 | Trunk issues | `gh issue list --state open --limit 50 --json number,title` | 0 open issues |
 | Platform audit | `node scripts/platform-audit.js --json --allow-untracked docs/drafts/` | Ready; tracked repos report 0 open PRs, 0 open issues, 0 discussion maintainer-touch gaps, 0 answerable Q&A missing accepted answers, and 0 blocking dirty files |
-| Operator dashboard | `npm run operator:dashboard -- --allow-untracked docs/drafts/ --write docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-17.md` | Generated current dashboard for `744f4169972fd81618c3114ea1ca5ffb85ef4c82`; status remains `work remaining` because release, npm, plugin, billing, and announcement gates are approval-gated |
+| Operator dashboard | `npm run operator:dashboard -- --json --allow-untracked docs/drafts/` | Generated current dashboard for `27dc2918a24a50b8dd5e23dba2aa6a05bd17c0d7`; dashboard ready true, publication ready false because release, npm, plugin, billing, and announcement gates are approval-gated |
 
 Tracked repositories in the platform audit were:
 
@@ -47,6 +47,9 @@ Tracked repositories in the platform audit were:
 | Zed adapter commit | Pushed `2371a3cf0543365c1c18e84eba786b1abcb28941` to add project-local Zed support through the selective install target, README Zed guidance, and `.zed/settings.json` planning coverage |
 | Zed Windows CI fix | Pushed `744f4169972fd81618c3114ea1ca5ffb85ef4c82` to normalize the Zed install-plan source-path assertion across Windows path separators |
 | Discussion #1896 | Added a maintainer update confirming Zed support on `main`, documenting the dry-run command, and clarifying that BYOK/OpenRouter secrets stay in Zed/local user settings rather than ECC-managed project files |
+| Legacy-tail dashboard slice | Pushed `f397216aee5a0ca7d168726d3cc41eb47f728b37` and dashboard regeneration commits to keep localization-tail evidence attached to ITO-55 and prevent stale legacy work from being treated as release-current |
+| Linear progress readiness slice | Pushed `355c4f128183aa7f7ce9da9485af07d257d67f69` and dashboard regeneration commit `1a384dc5dbd24a3be725e1b26c169bddb6c850b6` to require refreshed Linear progress evidence after significant merge batches |
+| Preview-pack smoke slice | Pushed `3215e655eff70b9fea5382ce5996666a1f48d1af` to add `npm run preview-pack:smoke`, covering preview-pack artifacts, Hermes import boundaries, verification commands, and approval-gated publication blockers; lint and dashboard follow-up commits landed through `27dc2918a24a50b8dd5e23dba2aa6a05bd17c0d7` |
 | AgentShield hardening-output slice | Pushed AgentShield `1124535345d7040242ecd3803f65bcd4dcaf6ec2` to expose package-manager hardening status/count outputs and redacted GitHub Action job-summary evidence for registry credentials, lifecycle-script drift, and release-age gate drift |
 | AgentShield policy-promotion Action slice | Pushed AgentShield `1593925dca025632dd8a6454509fce3fe7517cdf` to expose policy-promotion status/count/digest outputs plus GitHub Action job-summary review items for owner approval, protected rollout, and runtime smoke; the same Action job marks runtime smoke verified when it scans with the promoted policy |
 | ECC-Tools policy-promotion telemetry slice | Pushed ECC-Tools `86589517b11b95f1b0216ae7737563fb67ee1604` to route AgentShield policy-promotion Action outputs into hosted security review findings and Hosted Promotion Readiness scoring |
@@ -60,7 +63,7 @@ Tracked repositories in the platform audit were:
 | Gate | Command | Result |
 | --- | --- | --- |
 | Root lint | `npm run lint` | Passed after the ja-JP autonomous-loop anchor repair |
-| Root suite | `npm test` | 2479 passed, 0 failed |
+| Root suite | `npm test` | 2487 passed, 0 failed |
 | GitHub Actions CI | `gh run view 25989533576 --json status,conclusion,jobs` | Completed successfully with 37/37 jobs green, including Security Scan and all Windows test jobs |
 | Harness audit | `node scripts/harness-audit.js --format json` | 70/70, no top actions |
 | Observability readiness | `npm run observability:ready -- --format json` | 21/21, ready yes |
@@ -68,6 +71,7 @@ Tracked repositories in the platform audit were:
 | Supply-chain IOC scan | `node scripts/ci/scan-supply-chain-iocs.js --home` | Passed; 200 files inspected, including user-level persistence targets |
 | npm audit | `npm audit --audit-level=high` | 0 vulnerabilities |
 | npm signatures | `npm audit signatures` | 213 verified registry signatures; 17 verified attestations |
+| Preview-pack smoke | `npm run preview-pack:smoke` | Passed; ready yes; digest `dfb1ed014607`; 5 checks passed and 0 failed |
 | AgentShield enterprise CI output slice | AgentShield local `npm run build`, focused action tests, `npm run typecheck`, `npm run lint`, full `npm test`, and `git diff --check`; GitHub Actions `25994354007`, `25994354011`, `25994354026` | Local gates passed; remote CI, Test GitHub Action, and Self-Scan completed successfully for `1124535` |
 | AgentShield policy-promotion Action output slice | AgentShield local `npm run build`, `npx vitest run tests/action-promotion.test.ts tests/action.test.ts`, `npm run typecheck`, `npm run lint`, full `npm test`, and `git diff --check`; GitHub Actions `25995929182`, `25995929190`, `25995929161` | Local gates passed; remote CI, Test GitHub Action, and Self-Scan completed successfully for `1593925` |
 | ECC-Tools policy-promotion hosted telemetry slice | ECC-Tools local focused vitest checks for policy-promotion Action-output routing and hosted-promotion readiness, `npm run typecheck`, `npm run lint`, full `npm test`, and `git diff --check`; GitHub Actions `25996758218` | Local gates passed; remote CI completed successfully for `8658951` |
@@ -75,8 +79,9 @@ Tracked repositories in the platform audit were:
 | ECC-Tools hosted promotion judge audit trace slice | ECC-Tools local focused vitest checks for hosted model-judge audit traces, `npm run typecheck`, `npm run lint`, full `npm test`, and `git diff --check`; GitHub Actions `25997840703` | Local gates passed; remote CI completed successfully for `05d4e82` |
 | ECC-Tools billing announcement preflight slice | ECC-Tools local focused vitest preflight tests, `npm run typecheck`, `npm run lint`, full `npm test`, and `git diff --check`; GitHub Actions `25998238507` | Local gates passed; remote CI completed successfully for `91a441b` |
 | ECC-Tools production Marketplace readback-state slice | ECC-Tools local `npm test` and `git diff --check`; Cloudflare `wrangler secret list` confirmed `INTERNAL_API_SECRET` exists by name; `wrangler kv key list` for `account-billing:` and `billing-state:` both returned empty lists; GitHub Actions `25998610438` | Local gates passed; remote CI completed successfully for `eb69412`; live announcement remains blocked until Marketplace purchase/webhook records populate KV |
-| GitHub queues | `gh pr list`; `gh issue list`; `node scripts/platform-audit.js --json --allow-untracked docs/drafts/` | 0 open PRs, 0 open issues, and platform audit ready across the tracked repo set |
-| Operator dashboard | `npm run operator:dashboard -- --allow-untracked docs/drafts/ --write docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-17.md` | Dashboard generated for the current commit; macro publication gates still incomplete |
+| GitHub queues | `gh pr list`; `gh issue list`; `node scripts/platform-audit.js --json --allow-untracked docs/drafts/` | 0 open PRs, 0 open issues, 0 discussion maintainer-touch gaps, 0 answerable Q&A missing accepted answers, 0 GitHub fetch errors, and platform audit ready across the tracked repo set |
+| Operator dashboard | `npm run operator:dashboard -- --json --allow-untracked docs/drafts/` | Dashboard generated for `27dc2918a24a50b8dd5e23dba2aa6a05bd17c0d7` with platform ready true, dashboard ready true, and macro publication gates still incomplete |
+| GitHub Actions CI | `gh run watch 26000918211 --repo affaan-m/everything-claude-code --exit-status` | Completed successfully for `27dc2918a24a50b8dd5e23dba2aa6a05bd17c0d7`, including Validate Components, Lint, Security Scan, Coverage, and the full OS/Node/package-manager matrix |
 
 ## Current Publication Blockers
 

docs/releases/2.0.0-rc.1/publication-readiness.md

@@ -31,7 +31,8 @@ combined final-gate rerun on current `main`, see
 [`publication-evidence-2026-05-16.md`](publication-evidence-2026-05-16.md).
 For the May 17 queue cleanup, Japanese localization merge, Dependabot
 TypeScript and Node type merges, post-merge ja-JP lint repair, Mini
-Shai-Hulud/TanStack local protection recheck, and current operator dashboard
+Shai-Hulud/TanStack local protection recheck, legacy-tail and Linear progress
+routing, deterministic preview-pack smoke gate, and current operator dashboard
 refresh, see
 [`publication-evidence-2026-05-17.md`](publication-evidence-2026-05-17.md).
 For the operator-facing prompt-to-artifact readiness dashboard from the same
@@ -78,13 +79,13 @@ Record the exact commit SHA and command output before any publication action:
 | Evidence | Command | Required result | Recorded output |
 | --- | --- | --- | --- |
 | Clean release branch | `git status --short --branch` | On intended release commit; no unrelated files | Pending final strict clean-checkout release pass; `publication-evidence-2026-05-17.md` records current `main` with unrelated untracked `docs/drafts/` |
-| Preview-pack smoke | `npm run preview-pack:smoke` | Preview pack artifacts, Hermes boundary, final verification command list, and publication blockers pass | Pending final strict clean-checkout release pass; deterministic smoke gate is in-tree |
+| Preview-pack smoke | `npm run preview-pack:smoke` | Preview pack artifacts, Hermes boundary, final verification command list, and publication blockers pass | `publication-evidence-2026-05-17.md`: ready yes, digest `dfb1ed014607`, 5 passed, 0 failed; repeat in a final strict clean-checkout release pass |
 | Harness audit | `npm run harness:audit -- --format json` | 70/70 passing | `publication-evidence-2026-05-17.md`: 70/70 |
 | Adapter scorecard | `npm run harness:adapters -- --check` | PASS | `publication-evidence-2026-05-16.md`: PASS, 11 adapters |
 | Observability readiness | `npm run observability:ready` | 21/21 passing | `publication-evidence-2026-05-17.md`: 21/21, ready yes |
 | Release safety gate | `npm run observability:ready -- --format json` | Release Safety category passing with publication readiness, supply-chain, workflow security, package surface, and release-surface evidence | `publication-evidence-2026-05-13-post-hardening.md`: Release Safety 3/3 |
 | Supply-chain verification | `npm audit --json`; `npm audit signatures`; `cd ecc2 && cargo audit -q`; Dependabot alerts; GitGuardian Security Checks | 0 vulnerabilities/alerts, registry signatures verified, GitGuardian clean | `publication-evidence-2026-05-17.md`: npm registry signatures and attestations verified, 0 high-or-higher npm vulnerabilities, supply-chain IOC scan clean |
-| Root suite | `node tests/run-all.js` | 0 failures | `publication-evidence-2026-05-17.md`: `npm test` passed 2473/2473, 0 failed |
+| Root suite | `node tests/run-all.js` | 0 failures | `publication-evidence-2026-05-17.md`: `npm test` passed 2487/2487, 0 failed |
 | Markdown lint | `npx markdownlint-cli '**/*.md' --ignore node_modules` | 0 failures | `publication-evidence-2026-05-17.md`: passed after ja-JP autonomous-loop anchor repair |
 | Package surface | `node tests/scripts/npm-publish-surface.test.js` | 0 failures; no Python bytecode in npm tarball | `2/2` passed in May 12 evidence pass |
 | Release surface | `node tests/docs/ecc2-release-surface.test.js` | 0 failures | `publication-evidence-2026-05-16.md`: 20/20 passed |
@@ -92,7 +93,7 @@ Record the exact commit SHA and command output before any publication action:
 | Queue baseline | `gh pr list` / `gh issue list` across trunk, AgentShield, JARVIS, ECC Tools, and ECC website | Under 20 open PRs and under 20 open issues | `publication-evidence-2026-05-17.md`: platform audit ready, 0 open PRs and 0 open issues across checked repos |
 | Discussion baseline | `node scripts/discussion-audit.js --json` | No unmanaged active discussion queue and no answerable Q&A missing an accepted answer | `publication-evidence-2026-05-15.md`: 58 trunk discussions, 0 without maintainer touch; other tracked repos disabled or 0 |
 | Linear roadmap | Linear project and issue readback | Detailed roadmap exists with release, security, AgentShield, ECC Tools, legacy, and observability lanes | `publication-evidence-2026-05-15.md`: project and 16 issue lanes recorded |
-| Operator readiness dashboard | `npm run operator:dashboard -- --allow-untracked docs/drafts/ --write docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-17.md` | Current queue state mapped to macro-goal deliverables and incomplete gaps | `operator-readiness-dashboard-2026-05-17.md`: regenerated from `afe0ae8d`, 0 open PRs, 0 open issues, 0 discussion gaps |
+| Operator readiness dashboard | `npm run operator:dashboard -- --json --allow-untracked docs/drafts/` | Current queue state mapped to macro-goal deliverables and incomplete gaps | `publication-evidence-2026-05-17.md`: generated from `27dc2918`, platform ready true, dashboard ready true, 0 open PRs, 0 open issues, 0 discussion gaps |
 
 ## Do Not Publish If
 

docs/releases/2.0.0-rc.1/release-notes.md

@@ -13,9 +13,38 @@ Claude Code remains a core target. Codex, OpenCode, Cursor, Gemini, and other ha
 - Clarified the split between ECC as the reusable substrate and Hermes as the operator shell.
 - Documented the cross-harness portability model for skills, hooks, MCPs, rules, and instructions.
 - Added a Hermes import playbook for turning local operator patterns into publishable ECC skills.
+- Added Zed as a project-local planning/install target while keeping BYOK and OpenRouter secrets outside ECC-managed project files.
+- Added command-registry coverage, platform audit, discussion audit, operator dashboard, Linear progress readiness, and preview-pack smoke gates.
 - Added a local [observability readiness gate](../../architecture/observability-readiness.md) for loop status, session traces, harness audit, and ECC2 tool-risk logs.
 - Refreshed the release-readiness evidence after the May 2026 Mini Shai-Hulud/TanStack campaign follow-up, including full-campaign AgentShield IOC coverage, queue-zero/discussion checks, a detailed Linear roadmap gate, and the May 17 operator dashboard snapshot.
 
+## Since v1.10.0
+
+The rc.1 surface now includes the main 2.0 direction rather than one isolated
+feature branch:
+
+- cross-harness substrate work for Claude Code, Codex, OpenCode, Cursor,
+  Gemini, Zed, and terminal-only workflows;
+- stronger package and plugin publication surfaces for npm, Claude plugin,
+  Codex repo-marketplace, OpenCode, and agent metadata;
+- operator gates for PRs, issues, discussions, stale legacy work, Linear
+  progress, release evidence, and dashboard repeatability;
+- supply-chain hardening after the Mini Shai-Hulud/TanStack campaign,
+  including IOC scanning, no-lifecycle CI installs, advisory-source refresh,
+  npm audit/signature checks, and user-level AI-tool persistence targets;
+- AgentShield enterprise-roadmap mirrors for package-manager hardening,
+  evidence-pack provenance, policy export, policy promotion, fleet routing,
+  and GitHub Action output telemetry;
+- ECC Tools roadmap mirrors for hosted analysis, fleet-summary consumption,
+  finding evidence paths, harness policy-route linking, hosted promotion judge
+  audit traces, billing announcement preflight, and production Marketplace
+  readback state;
+- documentation expansion, Japanese localization, zh-CN to ja-JP parity
+  repair, and dependency readiness through TypeScript 6 and Node type updates;
+- launch collateral for GitHub release copy, X, LinkedIn, article outline,
+  Telegram/Hermes handoff, demo prompts, and the approval-gated launch
+  checklist.
+
 ## Why This Matters
 
 ECC is no longer only a Claude Code plugin or config bundle.
@@ -39,6 +68,7 @@ What ships in this surface:
 - cross-harness architecture documentation
 - Hermes import guidance for sanitized operator workflows
 - publication-readiness evidence for queue state, discussion state, Linear roadmap coverage, operator dashboard status, and supply-chain follow-up
+- preview-pack smoke evidence proving the public pack is assembled without private Hermes state
 
 What stays local:
 
@@ -57,3 +87,10 @@ What stays local:
 5. Start with one workflow lane: engineering, research, content, or outreach.
 6. Import only sanitized operator patterns into ECC skills.
 7. Treat `ecc2/` as an alpha control plane until release packaging and installer behavior are finalized.
+
+## Do Not Treat This As Published Yet
+
+The release candidate copy is ready for final review, but the public release is
+still blocked on approval-gated actions: the GitHub prerelease, npm `next`
+publish, Claude plugin tag/marketplace path, Codex Plugin Directory status,
+final live URLs, and any billing or native-payments announcement.

docs/releases/2.0.0-rc.1/telegram-handoff.md

@@ -10,6 +10,9 @@ Use the public ECC release pack in the repo:
 - docs/releases/2.0.0-rc.1/linkedin-post.md
 - docs/releases/2.0.0-rc.1/article-outline.md
 - docs/releases/2.0.0-rc.1/launch-checklist.md
+- docs/releases/2.0.0-rc.1/preview-pack-manifest.md
+- docs/releases/2.0.0-rc.1/publication-evidence-2026-05-17.md
+- docs/releases/2.0.0-rc.1/operator-readiness-dashboard-2026-05-17.md
 - docs/HERMES-SETUP.md
 - docs/architecture/cross-harness.md
 
@@ -20,7 +23,8 @@ Task:
 3. Give me one 30-60 second Hermes x ECC video script and one 15-30 second variant.
 4. Tell me exactly what to record now with screen capture, face camera, and voice lines.
 5. Tell me what Hermes can generate automatically after I record.
-6. End with a minimal checklist of the assets or logins still needed.
+6. Keep every public claim release-candidate framed until live release/npm/plugin URLs exist.
+7. End with a minimal checklist of the assets or logins still needed.
 
 Be decisive. Return final drafts plus a practical recording checklist.
 ```

docs/releases/2.0.0-rc.1/x-thread.md

@@ -17,16 +17,31 @@ Codex, OpenCode, Cursor, Gemini, and other harnesses are part of the same story
 
 The goal is fewer one-off harness tricks and more reusable workflow surface.
 
-4/ The rc.1 surface ships the public pieces:
+4/ Since v1.10.0, the work also picked up the operator layer:
+
+PR/issue/discussion audits, Linear progress sync, release evidence, observability checks, and a generated readiness dashboard.
+
+5/ The security posture changed too.
+
+The Mini Shai-Hulud/TanStack campaign forced a real supply-chain loop:
+
+- IOC scanning
+- no-lifecycle CI installs
+- advisory-source refresh
+- npm audit/signature checks
+- AI-tool persistence targets
+
+6/ The rc.1 surface ships the public pieces:
 
 - Hermes setup guide
 - release notes
 - launch checklist
-- X and LinkedIn drafts
 - cross-harness architecture doc
 - Hermes import guidance
+- preview-pack smoke gate
+- X, LinkedIn, and article drafts
 
-5/ It does not ship private workspace state.
+7/ It does not ship private workspace state.
 
 No secrets.
 No OAuth tokens.
@@ -35,25 +50,25 @@ No personal datasets.
 
 The point is to publish the reusable system shape.
 
-6/ Why Hermes matters:
+8/ Why Hermes matters:
 
 Most agent systems fail in the daily operating loop.
 
 They can code, but they do not keep research, content, handoffs, reminders, and execution in one measurable surface.
 
-7/ ECC gives the reusable layer.
+9/ ECC gives the reusable layer.
 
 Hermes gives the operator shell.
 
 Together they make the work feel less like scattered chat windows and more like a system you can run.
 
-8/ This is still a release candidate.
+10/ This is still a release candidate.
 
 The public docs and reusable surfaces are ready for review.
 
-The deeper local integrations stay local until they are sanitized.
+The deeper local integrations stay local until they are sanitized, and publication still waits on the GitHub release, npm, plugin, and final URL gates.
 
-9/ Start here:
+11/ Start here:
 
 Repo:
 <https://github.com/affaan-m/everything-claude-code>
@@ -61,5 +76,5 @@ Repo:
 Hermes x ECC setup:
 <https://github.com/affaan-m/everything-claude-code/blob/main/docs/HERMES-SETUP.md>
 
-Release notes:
+12/ Release notes:
 <https://github.com/affaan-m/everything-claude-code/blob/main/docs/releases/2.0.0-rc.1/release-notes.md>