Add CTO Core route admission guard

.sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-PACKET-CLOSEOUT.md

@@ -29,6 +29,7 @@ Core Promotion Decision Packet.
 - decision_status: core_promotion_requested
 - ready_for_core_review: true
 - recommended_next_decision: open_governed_core_prd_route
+- recommendation_status: candidate_only_until_core_route_admission_guard_passes
 - candidate_default_repeatability_eligible: true
 - repeatability_count: 2
 - repeatability_status: pass
@@ -91,6 +92,7 @@ Core Promotion Decision Packet.
 Any future Core route must:
 
 - start from the Core workspace, not this CTO workspace;
+- pass a Core Route Admission Guard showing an idle governed Core route and no active conflicting Core worktree;
 - classify the promoted object class before mutation;
 - obey the Core Sequence Protocol;
 - update Core SOT only through a governed Core PRD and SOT Issue route;
@@ -124,4 +126,4 @@ Do not treat Case, Hermes, Pi, Codex, Harness, or CTO as Cortex OS authority.
 
 ## Decision
 
-CTO evidence is ready for Core review. The next pragmatic move is to open a governed Core PRD route only if JP or a governed Core route chooses to pursue promotion. Until that separate route exists and passes Core validators, Core promotion remains not-promoted and runtime default activation remains false.
+CTO evidence is ready for Core review. The next pragmatic move is candidate-only: open a governed Core PRD route only after the Core Route Admission Guard passes and only if JP or a governed Core route chooses to pursue promotion. Until that separate route exists and passes Core validators, Core promotion remains not-promoted and runtime default activation remains false.

.sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-PACKET-PRD.md

@@ -21,7 +21,7 @@ CTO now has validated child-local evidence through Stage 6 repeatability: two go
 
 ## Solution
 
-Create a child-local Core Promotion Decision Packet that maps validated CTO evidence to one future governed Core review decision. The packet records `decision_status: core_promotion_requested`, `ready_for_core_review: true`, `candidate_default_repeatability_eligible: true`, `runtime_default_activation: false`, and `core_promotion_status: not-promoted`. It recommends opening a separate governed Core PRD route if JP or a governed Core route chooses to pursue promotion. It does not mutate Core, promote CTO artifacts, activate Case as runtime default, or authorize another Case run.
+Create a child-local Core Promotion Decision Packet that maps validated CTO evidence to one future governed Core review decision. The packet records `decision_status: core_promotion_requested`, `ready_for_core_review: true`, `candidate_default_repeatability_eligible: true`, `runtime_default_activation: false`, and `core_promotion_status: not-promoted`. It recommends opening a separate governed Core PRD route only after a Core Route Admission Guard passes. It does not mutate Core, promote CTO artifacts, activate Case as runtime default, or authorize another Case run.
 
 ## Scope
 
@@ -75,6 +75,7 @@ Create a child-local Core Promotion Decision Packet that maps validated CTO evid
 - The packet records `ready_for_core_review: true` rather than `promoted`, `approved`, or `runtime_default_active`.
 - The packet maps evidence by Workboard IDs and replay artifact paths instead of copying runtime JSON, proof logs, or raw Target Repository content.
 - The packet's next action is a decision route: `open_governed_core_prd_route`.
+- The packet's next action is candidate-only until the Core Route Admission Guard passes.
 - Any later promotion must happen from the Core workspace under the Core Sequence Protocol, Core object classification, Core validators, and Core Evidence.
 
 ## Testing Decisions

.sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-RECORD.md

@@ -22,6 +22,7 @@ Core Promotion Decision Packet.
 - resolver: JP or governed Core route
 - ready_for_core_review: true
 - recommended_next_decision: open_governed_core_prd_route
+- recommendation_status: candidate_only_until_core_route_admission_guard_passes
 - candidate_default_repeatability_eligible: true
 - repeatability_count: 2
 - repeatability_status: pass
@@ -43,6 +44,7 @@ Core Promotion Decision Packet.
 - Core SOT Issue required.
 - runtime default activation requires a separate governed Core route.
 - Core promotion, if chosen later, must happen only in `core/` or a governed Core worktree, not `cto/`.
+- Core route admission requires an idle governed Core route and no active conflicting Core worktree.
 
 ## Guardrails
 

.sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-CLOSEOUT.md

@@ -0,0 +1,66 @@
+---
+name: CTO Core Route Admission Guard Closeout
+status: validated
+lifecycle_classification: sot
+owner: jp
+created: 2026-06-02
+last_reviewed: 2026-06-02
+core_promotion_status: not-promoted
+source: .sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD.md
+---
+
+# CTO Core Route Admission Guard Closeout
+
+Local planning SOT only. Not a Core Protocol. Not active Core authority.
+
+Core Route Admission Guard.
+
+## Workboard
+
+- `CTO-WORK-089`
+- `CTO-WORK-090`
+- `CTO-WORK-091`
+- `CTO-WORK-092`
+
+## Result
+
+- status: validated
+- core_route_admission_status: not_admitted
+- guard_status: blocked
+- blocked_reason: active_or_conflicting_core_work_present
+- do_not_touch_other_agent_work: true
+- ready_for_core_route_review: true
+- recommended_next_decision: open_governed_core_prd_route
+- next_allowed_action: wait_or_open_later_core_route_when_idle
+- idle_governed_core_route_required: true
+- no_active_conflicting_core_worktree_required: true
+- runtime_default_activation: false
+- core_promotion_status: not-promoted
+- No Core mutation occurs.
+- No Core reservation occurs.
+- No Core promotion occurs.
+- Do not mutate `../core/`.
+- Runtime default activation remains false.
+- Do not activate Case as default backend.
+- This closeout does not authorize another Case run.
+
+## Evidence References
+
+- `CTO-WORK-085`
+- `CTO-WORK-086`
+- `CTO-WORK-087`
+- `CTO-WORK-088`
+- `CTO-WORK-089`
+- `CTO-WORK-090`
+- Core Promotion Decision Packet remains child-local.
+- Core route admission is blocked until future read-only checks pass.
+- S135 conflict avoidance remains required when `CORE-WORK-172` or `core/worktrees/core-keyvault-authmd-promotion-135` is active.
+
+## Validation
+
+- `python3 tools/validate_cto_child.py`: required
+- `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py`: required before final claim
+
+## Decision
+
+Do not touch other agent work. Do not open or mutate a Core route from CTO while active or conflicting Core work exists. `recommended_next_decision: open_governed_core_prd_route` remains candidate-only until the guard passes.

.sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-ISSUES.md

@@ -0,0 +1,101 @@
+---
+name: CTO Core Route Admission Guard Issues
+status: validated
+lifecycle_classification: sot
+owner: jp
+created: 2026-06-02
+last_reviewed: 2026-06-02
+core_promotion_status: not-promoted
+source: .sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-PRD.md
+---
+
+# CTO Core Route Admission Guard Issues
+
+Local planning SOT only. Not a Core Protocol. Not active Core authority.
+
+Core Route Admission Guard.
+
+## Issue: CTO-WORK-089 - Core Route Admission Guard PRD
+
+Type: AFK.
+
+Status: validated.
+
+Acceptance:
+
+- Define Core Route Admission Guard.
+- Require `core_route_admission_status: not_admitted`.
+- Require `guard_status: blocked`.
+- Require `blocked_reason: active_or_conflicting_core_work_present`.
+- Require `do_not_touch_other_agent_work: true`.
+- Require `ready_for_core_route_review: true`.
+- Require `recommended_next_decision: open_governed_core_prd_route`.
+- Require candidate-only recommendation until guard passes.
+- Require `idle_governed_core_route_required: true`.
+- Require `no_active_conflicting_core_worktree_required: true`.
+- Require `runtime_default_activation: false`.
+- Require `core_promotion_status: not-promoted`.
+- Require `next_allowed_action: wait_or_open_later_core_route_when_idle`.
+- Forbid Core mutation, Core reservation, Core promotion, other-agent worktree mutation, other-agent process termination, Case default activation, Case execution, target repository mutation, and mutation of `../core/`.
+
+## Issue: CTO-WORK-090 - Core Route Admission Guard Record
+
+Type: AFK.
+
+Status: validated.
+
+Blocked by: `CTO-WORK-089`.
+
+Acceptance:
+
+- Create the Core Route Admission Guard record.
+- Record fail-closed status.
+- Record `core_route_admission_status: not_admitted`.
+- Record `ready_for_core_route_review: true`.
+- Record `recommended_next_decision: open_governed_core_prd_route`.
+- Record future read-only checks: Core worktree list, Core main status, active Core worktree status, Core Sequence Protocol route, and running Core validation processes.
+- Record idle governed Core route required.
+- Record no active conflicting Core worktree required.
+- Record no Core mutation.
+- Record no Core reservation.
+- Record no Core promotion.
+- Record Runtime default activation remains false.
+- Record Do not activate Case as default backend.
+
+## Issue: CTO-WORK-091 - Core Route Admission Guard Closeout
+
+Type: AFK.
+
+Status: validated.
+
+Blocked by: `CTO-WORK-090`.
+
+Acceptance:
+
+- Create closeout.
+- Reference `CTO-WORK-085`, `CTO-WORK-086`, `CTO-WORK-087`, `CTO-WORK-088`, `CTO-WORK-089`, and `CTO-WORK-090`.
+- Record active or conflicting Core work blocks this route.
+- Record S135 conflict avoidance.
+- Record `next_allowed_action: wait_or_open_later_core_route_when_idle`.
+- Record no Core mutation, no Core reservation, no Core promotion, and no runtime default activation.
+
+## Issue: CTO-WORK-092 - Core Route Admission Guard Validation
+
+Type: AFK.
+
+Status: validated.
+
+Blocked by: `CTO-WORK-091`.
+
+Acceptance:
+
+- Update `tools/validate_cto_child.py`.
+- Register `CTO-WORK-089`, `CTO-WORK-090`, `CTO-WORK-091`, and `CTO-WORK-092`.
+- Require PRD, issue, guard, and closeout phrases.
+- Require Workboard statuses validated.
+- Require `python3 tools/validate_cto_child.py` to pass.
+- Require Core caveman prose discipline before final claim.
+
+## Granularity Check
+
+This is one vertical child-local guard: define the guard, record the fail-closed route state, close out the evidence, and validate it. It does not edit Core and does not overlap active Core S135 work.

.sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-PRD.md

@@ -0,0 +1,128 @@
+---
+name: CTO Core Route Admission Guard PRD
+status: validated
+lifecycle_classification: sot
+owner: jp
+created: 2026-06-02
+last_reviewed: 2026-06-02
+core_promotion_status: not-promoted
+source: .sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-PACKET-CLOSEOUT.md
+---
+
+# CTO Core Route Admission Guard PRD
+
+Local planning SOT only. Not a Core Protocol. Not active Core authority.
+
+Core Route Admission Guard.
+
+## Problem Statement
+
+CTO has a validated Core Promotion Decision Packet that says Case candidate-default evidence is ready for Core review. Core currently also has independent active work. Without a child-local admission guard, CTO can accidentally treat a ready packet as permission to open or mutate a Core route while another Core route is active.
+
+## Solution
+
+Add a child-local Core Route Admission Guard. The guard records the checks required before CTO may request a Core review route. It blocks while any active or conflicting Core worktree, Core validation process, Core Sequence Protocol route, or dirty Core main state exists. It does not reserve Core, edit Core, merge Core, or authorize runtime default activation.
+
+## Scope
+
+- Register `CTO-WORK-089`, `CTO-WORK-090`, `CTO-WORK-091`, and `CTO-WORK-092`.
+- Add Core Route Admission Guard to `CONTEXT.md`.
+- Define `core_route_admission_status: not_admitted`.
+- Define `guard_status: blocked`.
+- Define `blocked_reason: active_or_conflicting_core_work_present`.
+- Define `ready_for_core_route_review: true`.
+- Define `recommended_next_decision: open_governed_core_prd_route`.
+- Require that recommendation to be candidate-only until the Core Route Admission Guard passes.
+- Require `idle_governed_core_route_required: true`.
+- Require `no_active_conflicting_core_worktree_required: true`.
+- Require S135 conflict avoidance when `core/worktrees/core-keyvault-authmd-promotion-135` or `CORE-WORK-172` is active.
+- Require read-only checks before any future Core route request: Core worktree list, Core main status, Core active worktree status, Core Sequence Protocol route, and running Core validation processes.
+- Require the guard to fail closed when ownership is uncertain.
+- Require `do_not_touch_other_agent_work: true`.
+- Require no Core mutation.
+- Require no Core reservation.
+- Require no Core promotion.
+- Require Do not mutate `../core/`.
+- Require Core validator coverage.
+- No Core mutation occurs.
+- No Core reservation occurs.
+- No Core promotion occurs.
+- Require runtime_default_activation: false.
+- Require core_promotion_status: not-promoted.
+- Require the next allowed action to be `wait_or_open_later_core_route_when_idle`.
+
+## Non-Goals
+
+- Do not mutate Core.
+- Do not mutate another agent worktree.
+- Do not stop another agent process.
+- Do not reserve Core.
+- Do not open a Core PRD.
+- Do not promote CTO artifacts into Core.
+- Do not activate Case as default backend.
+- Do not run Case.
+- Do not mutate target repositories.
+- Do not push, merge, deploy, close, PR open, issue close, public publication, vendor-source mutation, external developer repository mutation, unowned repository mutation, endpoint exposure, secret exposure, credential exposure, or raw Target Repository content exposure.
+
+## User Stories
+
+1. As JP, I want CTO to refuse Core-route work when another agent owns the active Core lane, so other work is not disturbed.
+2. As CTO, I want a fail-closed admission check, so a ready packet cannot become Core mutation authority.
+3. As a future Core agent, I want explicit route prerequisites, so Core review starts only from a clean and selected route.
+4. As Cortex OS Core, I want Core Sequence Protocol authority preserved, so child-local readiness cannot override current Core work.
+
+## Implementation Decisions
+
+- Use the existing CTO SOT plus validator seam; no runtime module is added.
+- The guard status is `blocked` because active or conflicting Core work was observed during route selection.
+- The guard records admission checks as requirements, not as a live lock or Core reservation.
+- The guard may be superseded only by a later governed Core route or a later CTO record showing Core is idle and selected.
+
+## Testing Decisions
+
+- Test through `python3 tools/validate_cto_child.py`.
+- Validator coverage must require guard files, Workboard statuses, fail-closed language, and no-Core-mutation language.
+- Core caveman prose discipline remains required before final claim.
+- No Core aggregate validation is required because this slice does not edit Core.
+
+## Challenge Review
+
+- `$zoom-out`: accepted. The guard sits between the CTO Core Promotion Decision Packet and any future Core PRD route.
+- `$improve-codebase-architecture`: accepted. A SOT plus validator guard is the right seam; a live lock would create Core behavior from CTO.
+- `$grill-with-docs`: accepted. The canonical term is Core Route Admission Guard.
+- Rejected feedback: continue the active Core S135 worktree. JP explicitly said not to touch other agent work.
+- Rejected feedback: create a Core reservation. CTO has no authority to reserve Core from child-local planning.
+
+## Acceptance Criteria
+
+- `WORKBOARD.yaml` records `CTO-WORK-089`, `CTO-WORK-090`, `CTO-WORK-091`, and `CTO-WORK-092` as validated.
+- `CONTEXT.md` defines Core Route Admission Guard.
+- Guard records `core_route_admission_status: not_admitted`.
+- Guard records `guard_status: blocked`.
+- Guard records `blocked_reason: active_or_conflicting_core_work_present`.
+- Guard records `do_not_touch_other_agent_work: true`.
+- Guard records `ready_for_core_route_review: true`.
+- Guard records `runtime_default_activation: false`.
+- Guard records `core_promotion_status: not-promoted`.
+- Guard records `next_allowed_action: wait_or_open_later_core_route_when_idle`.
+- Guard records `recommended_next_decision: open_governed_core_prd_route`.
+- Guard records `idle_governed_core_route_required: true`.
+- Guard records `no_active_conflicting_core_worktree_required: true`.
+- Guard states no Core mutation, no Core reservation, no Core promotion, and no runtime default activation occur.
+- Guard requires future read-only checks before any Core route request.
+- CTO validator checks PRD, issues, guard, closeout, and Workboard statuses.
+
+## Validation
+
+- `python3 tools/validate_cto_child.py`
+- `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py`
+
+## Risks And Dependencies
+
+- The guard can be mistaken for Core authority. Mitigation: validator requires not-promoted status and no Core reservation language.
+- Core state can change after this record. Mitigation: future route requests must re-check Core state read-only.
+- Another agent's process can be misidentified. Mitigation: ownership uncertainty blocks rather than authorizes action.
+
+## Success Definition
+
+CTO has a validated child-local guard that prevents the Core Promotion Decision Packet from becoming a Core route request while Core has active or conflicting work. Core promotion remains not-promoted and runtime default activation remains false.

.sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD.md

@@ -0,0 +1,71 @@
+---
+name: CTO Core Route Admission Guard
+status: validated
+lifecycle_classification: sot
+owner: jp
+created: 2026-06-02
+last_reviewed: 2026-06-02
+core_promotion_status: not-promoted
+source: .sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-ISSUES.md
+---
+
+# CTO Core Route Admission Guard
+
+Local planning SOT only. Not a Core Protocol. Not active Core authority.
+
+Core Route Admission Guard.
+
+## Workboard
+
+- `CTO-WORK-089`
+- `CTO-WORK-090`
+
+## Route State
+
+- core_route_admission_status: not_admitted
+- guard_status: blocked
+- blocked_reason: active_or_conflicting_core_work_present
+- do_not_touch_other_agent_work: true
+- ready_for_core_route_review: true
+- recommended_next_decision: open_governed_core_prd_route
+- next_allowed_action: wait_or_open_later_core_route_when_idle
+- idle_governed_core_route_required: true
+- no_active_conflicting_core_worktree_required: true
+- runtime_default_activation: false
+- core_promotion_status: not-promoted
+- No Core mutation occurs.
+- No Core reservation occurs.
+- No Core promotion occurs.
+- Do not mutate `../core/`.
+- Runtime default activation remains false.
+- Do not activate Case as default backend.
+- This guard does not authorize another Case run.
+
+## Admission Checks Required Before Future Core Route Request
+
+- Core worktree list read-only check.
+- Core main status read-only check.
+- Active Core worktree status read-only check.
+- Core Sequence Protocol route check.
+- Running Core validation process check.
+- Idle governed Core route check.
+- No active conflicting Core worktree check.
+- S135 conflict avoidance check for `CORE-WORK-172` and `core/worktrees/core-keyvault-authmd-promotion-135`.
+- Core validator coverage check after a future Core route exists.
+- Ownership uncertainty blocks action.
+
+## Blocked Actions
+
+- Do not mutate Core.
+- Do not mutate another agent worktree.
+- Do not stop another agent process.
+- Do not reserve Core.
+- Do not open a Core PRD from CTO.
+- Do not promote CTO artifacts into Core.
+- Do not activate Case as default backend.
+- Do not run Case.
+- Do not mutate target repositories.
+
+## Decision
+
+The CTO Core Promotion Decision Packet remains ready for Core review, but `recommended_next_decision: open_governed_core_prd_route` is candidate-only. Core route admission is blocked until a later read-only check proves Core is idle or explicitly selected by Core authority.

CONTEXT.md

@@ -40,3 +40,7 @@ _Avoid_: autonomous default execution, unmanaged Case task, direct repo mutation
 **Core Promotion Decision Packet**:
 A child-local CTO artifact that maps validated CTO evidence to a future governed Core decision route. It may request Core review, but it does not grant Core authority or runtime default activation.
 _Avoid_: promotion approval, Core authority, runtime default switch
+
+**Core Route Admission Guard**:
+A child-local CTO guard that blocks a future Core review request when Core has active or conflicting work. It records route readiness checks, but it does not reserve Core, mutate Core, or override Core Sequence Protocol authority.
+_Avoid_: Core reservation, Core work claim, promotion authority

README.md

@@ -58,6 +58,10 @@ This workspace is registered as a child-local planning workspace. Registration d
 |       |-- CTO-CORE-PROMOTION-DECISION-PACKET-ISSUES.md
 |       |-- CTO-CORE-PROMOTION-DECISION-RECORD.md
 |       |-- CTO-CORE-PROMOTION-DECISION-PACKET-CLOSEOUT.md
+|       |-- CTO-CORE-ROUTE-ADMISSION-GUARD-PRD.md
+|       |-- CTO-CORE-ROUTE-ADMISSION-GUARD-ISSUES.md
+|       |-- CTO-CORE-ROUTE-ADMISSION-GUARD.md
+|       |-- CTO-CORE-ROUTE-ADMISSION-GUARD-CLOSEOUT.md
 |       |-- CTO-HERMES-CONTROL-SURFACE-PRD.md
 |       |-- CTO-HERMES-CONTROL-SURFACE-ISSUES.md
 |       |-- CTO-FIRST-REAL-GOVERNED-WORKFLOW-PRD.md

WORKBOARD.yaml

@@ -441,3 +441,23 @@ items:
     status: validated
     source: .sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-PACKET-ISSUES.md
     owner: ""
+  - id: CTO-WORK-089
+    title: Core Route Admission Guard PRD
+    status: validated
+    source: .sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-PRD.md
+    owner: ""
+  - id: CTO-WORK-090
+    title: Core Route Admission Guard Record
+    status: validated
+    source: .sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD.md
+    owner: ""
+  - id: CTO-WORK-091
+    title: Core Route Admission Guard Closeout
+    status: validated
+    source: .sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-CLOSEOUT.md
+    owner: ""
+  - id: CTO-WORK-092
+    title: Core Route Admission Guard Validation
+    status: validated
+    source: .sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-ISSUES.md
+    owner: ""

tools/validate_cto_child.py

@@ -88,6 +88,10 @@ REQUIRED_FILES = [
     ".sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-PACKET-ISSUES.md",
     ".sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-RECORD.md",
     ".sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-PACKET-CLOSEOUT.md",
+    ".sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-PRD.md",
+    ".sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-ISSUES.md",
+    ".sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD.md",
+    ".sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-CLOSEOUT.md",
     ".sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-PRD.md",
     ".sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-ISSUES.md",
     ".sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-APPROVAL-PACKET.md",
@@ -1545,6 +1549,113 @@ REQUIRED_CORE_PROMOTION_DECISION_PACKET_CLOSEOUT_PHRASES = [
     "No Core Sequence Protocol route has selected CTO promotion as current work.",
 ]
 
+REQUIRED_CORE_ROUTE_ADMISSION_GUARD_PRD_PHRASES = [
+    "Local planning SOT only. Not a Core Protocol. Not active Core authority.",
+    "Core Route Admission Guard",
+    "CTO-WORK-089",
+    "CTO-WORK-090",
+    "CTO-WORK-091",
+    "CTO-WORK-092",
+    "core_route_admission_status: not_admitted",
+    "guard_status: blocked",
+    "blocked_reason: active_or_conflicting_core_work_present",
+    "do_not_touch_other_agent_work: true",
+    "ready_for_core_route_review: true",
+    "recommended_next_decision: open_governed_core_prd_route",
+    "idle_governed_core_route_required: true",
+    "no_active_conflicting_core_worktree_required: true",
+    "S135 conflict avoidance",
+    "Core Sequence Protocol route",
+    "Core validator coverage",
+    "No Core mutation occurs.",
+    "No Core reservation",
+    "No Core promotion occurs.",
+    "Do not mutate `../core/`.",
+    "runtime_default_activation: false",
+    "core_promotion_status: not-promoted",
+    "Do not activate Case as default backend.",
+    "No Core aggregate validation is required because this slice does not edit Core.",
+]
+
+REQUIRED_CORE_ROUTE_ADMISSION_GUARD_ISSUE_PHRASES = [
+    "Local planning SOT only. Not a Core Protocol. Not active Core authority.",
+    "Core Route Admission Guard",
+    "CTO-WORK-089",
+    "CTO-WORK-090",
+    "CTO-WORK-091",
+    "CTO-WORK-092",
+    "core_route_admission_status: not_admitted",
+    "guard_status: blocked",
+    "blocked_reason: active_or_conflicting_core_work_present",
+    "do_not_touch_other_agent_work: true",
+    "ready_for_core_route_review: true",
+    "recommended_next_decision: open_governed_core_prd_route",
+    "candidate-only recommendation until guard passes",
+    "idle governed Core route required",
+    "no active conflicting Core worktree required",
+    "S135 conflict avoidance",
+    "Runtime default activation remains false.",
+    "Do not activate Case as default backend.",
+    "python3 tools/validate_cto_child.py",
+]
+
+REQUIRED_CORE_ROUTE_ADMISSION_GUARD_RECORD_PHRASES = [
+    "Local planning SOT only. Not a Core Protocol. Not active Core authority.",
+    "Core Route Admission Guard",
+    "CTO-WORK-089",
+    "CTO-WORK-090",
+    "core_route_admission_status: not_admitted",
+    "guard_status: blocked",
+    "blocked_reason: active_or_conflicting_core_work_present",
+    "do_not_touch_other_agent_work: true",
+    "ready_for_core_route_review: true",
+    "recommended_next_decision: open_governed_core_prd_route",
+    "next_allowed_action: wait_or_open_later_core_route_when_idle",
+    "idle_governed_core_route_required: true",
+    "no_active_conflicting_core_worktree_required: true",
+    "runtime_default_activation: false",
+    "core_promotion_status: not-promoted",
+    "No Core mutation occurs.",
+    "No Core reservation occurs.",
+    "No Core promotion occurs.",
+    "Do not mutate `../core/`.",
+    "Runtime default activation remains false.",
+    "Do not activate Case as default backend.",
+    "This guard does not authorize another Case run.",
+    "S135 conflict avoidance check for `CORE-WORK-172` and `core/worktrees/core-keyvault-authmd-promotion-135`.",
+    "Ownership uncertainty blocks action.",
+]
+
+REQUIRED_CORE_ROUTE_ADMISSION_GUARD_CLOSEOUT_PHRASES = [
+    "Local planning SOT only. Not a Core Protocol. Not active Core authority.",
+    "Core Route Admission Guard",
+    "CTO-WORK-089",
+    "CTO-WORK-090",
+    "CTO-WORK-091",
+    "CTO-WORK-092",
+    "core_route_admission_status: not_admitted",
+    "guard_status: blocked",
+    "blocked_reason: active_or_conflicting_core_work_present",
+    "do_not_touch_other_agent_work: true",
+    "ready_for_core_route_review: true",
+    "recommended_next_decision: open_governed_core_prd_route",
+    "next_allowed_action: wait_or_open_later_core_route_when_idle",
+    "idle_governed_core_route_required: true",
+    "no_active_conflicting_core_worktree_required: true",
+    "runtime_default_activation: false",
+    "core_promotion_status: not-promoted",
+    "No Core mutation occurs.",
+    "No Core reservation occurs.",
+    "No Core promotion occurs.",
+    "Do not mutate `../core/`.",
+    "Runtime default activation remains false.",
+    "Do not activate Case as default backend.",
+    "This closeout does not authorize another Case run.",
+    "S135 conflict avoidance remains required when `CORE-WORK-172` or `core/worktrees/core-keyvault-authmd-promotion-135` is active.",
+    "Do not touch other agent work.",
+    "candidate-only until the guard passes",
+]
+
 
 def workboard_status(text: str, issue_id: str) -> str | None:
     pattern = rf"- id: {re.escape(issue_id)}\n(?:    .+\n)*?    status: ([^\n]+)"
@@ -2133,6 +2244,46 @@ def main() -> int:
             if phrase not in text:
                 errors.append(f"missing_core_promotion_decision_packet_closeout_phrase:{phrase}")
 
+    core_route_admission_guard_prd = ROOT / ".sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-PRD.md"
+    if core_route_admission_guard_prd.is_file():
+        text = core_route_admission_guard_prd.read_text(encoding="utf-8")
+        if "core_promotion_status: not-promoted" not in text:
+            errors.append("core_route_admission_guard_prd_missing_not_promoted_frontmatter")
+        for phrase in REQUIRED_CORE_ROUTE_ADMISSION_GUARD_PRD_PHRASES:
+            checked.append(f"core_route_admission_guard_prd_phrase:{phrase}")
+            if phrase not in text:
+                errors.append(f"missing_core_route_admission_guard_prd_phrase:{phrase}")
+
+    core_route_admission_guard_issues = ROOT / ".sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-ISSUES.md"
+    if core_route_admission_guard_issues.is_file():
+        text = core_route_admission_guard_issues.read_text(encoding="utf-8")
+        if "core_promotion_status: not-promoted" not in text:
+            errors.append("core_route_admission_guard_issues_missing_not_promoted_frontmatter")
+        for phrase in REQUIRED_CORE_ROUTE_ADMISSION_GUARD_ISSUE_PHRASES:
+            checked.append(f"core_route_admission_guard_issue_phrase:{phrase}")
+            if phrase not in text:
+                errors.append(f"missing_core_route_admission_guard_issue_phrase:{phrase}")
+
+    core_route_admission_guard = ROOT / ".sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD.md"
+    if core_route_admission_guard.is_file():
+        text = core_route_admission_guard.read_text(encoding="utf-8")
+        if "core_promotion_status: not-promoted" not in text:
+            errors.append("core_route_admission_guard_missing_not_promoted_frontmatter")
+        for phrase in REQUIRED_CORE_ROUTE_ADMISSION_GUARD_RECORD_PHRASES:
+            checked.append(f"core_route_admission_guard_record_phrase:{phrase}")
+            if phrase not in text:
+                errors.append(f"missing_core_route_admission_guard_record_phrase:{phrase}")
+
+    core_route_admission_guard_closeout = ROOT / ".sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-CLOSEOUT.md"
+    if core_route_admission_guard_closeout.is_file():
+        text = core_route_admission_guard_closeout.read_text(encoding="utf-8")
+        if "core_promotion_status: not-promoted" not in text:
+            errors.append("core_route_admission_guard_closeout_missing_not_promoted_frontmatter")
+        for phrase in REQUIRED_CORE_ROUTE_ADMISSION_GUARD_CLOSEOUT_PHRASES:
+            checked.append(f"core_route_admission_guard_closeout_phrase:{phrase}")
+            if phrase not in text:
+                errors.append(f"missing_core_route_admission_guard_closeout_phrase:{phrase}")
+
     prd = ROOT / ".sot/03-PROTOCOLS/CTO-CASE-CANDIDATE-BACKEND-PRD.md"
     if prd.is_file():
         text = prd.read_text(encoding="utf-8")
@@ -2670,6 +2821,10 @@ def main() -> int:
             checked.append(f"workboard_id:{issue_id}")
             if issue_id not in text:
                 errors.append(f"missing_workboard_id:{issue_id}")
+        for issue_id in ["CTO-WORK-089", "CTO-WORK-090", "CTO-WORK-091", "CTO-WORK-092"]:
+            checked.append(f"workboard_id:{issue_id}")
+            if issue_id not in text:
+                errors.append(f"missing_workboard_id:{issue_id}")
         expected_statuses = {
             "CTO-WORK-001": "validated",
             "CTO-WORK-002": "validated",
@@ -2756,6 +2911,10 @@ def main() -> int:
             "CTO-WORK-086": "validated",
             "CTO-WORK-087": "validated",
             "CTO-WORK-088": "validated",
+            "CTO-WORK-089": "validated",
+            "CTO-WORK-090": "validated",
+            "CTO-WORK-091": "validated",
+            "CTO-WORK-092": "validated",
         }
         for issue_id, expected in expected_statuses.items():
             checked.append(f"workboard_status:{issue_id}:{expected}")
@@ -2842,6 +3001,14 @@ def main() -> int:
             errors.append("workboard_missing_core_promotion_decision_record_source")
         if "CTO-CORE-PROMOTION-DECISION-PACKET-CLOSEOUT.md" not in text:
             errors.append("workboard_missing_core_promotion_decision_packet_closeout_source")
+        if "CTO-CORE-ROUTE-ADMISSION-GUARD-PRD.md" not in text:
+            errors.append("workboard_missing_core_route_admission_guard_prd_source")
+        if "CTO-CORE-ROUTE-ADMISSION-GUARD-ISSUES.md" not in text:
+            errors.append("workboard_missing_core_route_admission_guard_issues_source")
+        if "CTO-CORE-ROUTE-ADMISSION-GUARD.md" not in text:
+            errors.append("workboard_missing_core_route_admission_guard_source")
+        if "CTO-CORE-ROUTE-ADMISSION-GUARD-CLOSEOUT.md" not in text:
+            errors.append("workboard_missing_core_route_admission_guard_closeout_source")
 
     payload = {
         "ok": not errors,