- Remove non-existent hook references from tier configs
(dependency-guard.sh, compliance-pre-check.sh, pii-detector.sh,
compliance-session-init.sh never existed in examples/)
- Replace compliance-audit-logger.sh in Regulated tier with session-logger.sh
- Remove all invalid JSON // comments from settings.json code blocks
- Fix fabricated CLAUDE_SETTINGS env var + claude run-headless API
(neither exist in Claude Code) — replaced with CI pipeline check pattern
- Fix date -d syntax (GNU-only, breaks macOS) → cross-platform with OS check
- Reclassify Customer PII from CONFIDENTIAL to RESTRICTED
(GDPR/CCPA treat PII as protected — Enterprise plan alone insufficient)
- Clarify §3.3 governance-check.sh vs governance-enforcement-hook.sh templates
- Fix org config directory listing to use real hooks only
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
3832bf3c86