feedback no operator blame in external surfaces

Rule

External surfaces include:

pwa/ (the PWA dashboard — all coworkers see this)
~/Desktop/SkyRun/Consolidation Reports/ (Drive-synced)
~/Desktop/SkyRun/Email Scans/ (Drive-synced)
~/Desktop/SkyRun/audit/ (Drive-synced audit summaries that render into the morning brief)
~/Desktop/SkyRun/Call Transcripts/notes/ (deal-arc notes shared with Rachel and ops)
~/Desktop/SkyRun/knowledge_graph.json (Drive-synced canonical graph)
~/Library/Application Support/SkyRun/health/*.json (renders into the morning brief)
Anything else that flows through Drive-sync

Operator-private logs that may keep forensic detail:

~/Library/Application Support/SkyRun/state/incident_scrub_log.jsonl (operator-only audit trail of scrubs)
~/Library/Application Support/SkyRun/audit_history/ (operator-only deep audit logs)

Why

A reader sees the marker and immediately knows something is being hidden, which is worse than the original leak. The discipline is invisible scrub: drop the entire sentence / bullet / JSON field, so the file reads naturally with no breadcrumb.

How to apply

Every writer that emits to an external surface must route its final output through incident_commentary_filter.sanitize_for_external_surface():

python
from incident_commentary_filter import (
    sanitize_for_external_surface,
    should_skip_field,
    sanitize_dict,
)

For free-form text (markdown, brief body, advisory copy)
body = sanitize_for_external_surface(body)

For dict / JSON output — drops sentence-level commentary AND
entire key/value pairs whose key is incident-class metadata
clean = sanitize_dict(report_dict)

For per-field JSON building
if should_skip_field("operator_side_defect_noted", value):
    pass  # do not emit
else:
    out[field_name] = value

The filter strips entire sentences (not the matching phrase only) when it finds operator-blame language — so the surrounding prose flows naturally with no gap.

Wired into

nightly-consolidation SKILL.md → critical-rules block at top
stalled-deal-watchdog SKILL.md → top of spec
commitment-tracker SKILL.md → top of spec
gmail-deep-scan SKILL.md → top of spec
transcript-scan SKILL.md → top of spec
build_pwa.py → stage_memory_files() sanitizes memory MD content as it copies into pwa/memory/
commitment_tracker.py → import + helper available for any future write paths
stalled_watchdog_drift_resolver.py → import + helper for drift-advisory output
backfill_engagements_from_transcripts.py → import + helper for engagement-summary output
voice_check.py + draft_safety/voice_check.py → PHRASE_BLACKLIST entries reject redaction markers in OUTBOUND drafts too

Phrase classes the filter strips

Each match removes the entire sentence containing it:

Full phrase catalog in ~/Library/Application Support/SkyRun/incident_commentary_filter.py::OPERATOR_BLAME_PATTERNS.

Field-name drops (for JSON writers)

Any key matching these gets DROPPED (not emitted with a sanitized value):

field name contains redacted (anywhere)
field name contains _defect
field name is in SUSPICIOUS_FIELD_NAMES AND value contains incident-class substring

SUSPICIOUS_FIELD_NAMES: operator_side_defect_noted, operator_side_defect, operator_triage_owed, bracket_leak_scrub_status, anomaly, anomaly_detail, _redacted.

Precedent — 2026-05-13

Joseph flagged: "Those markers ARE the callout — they scream 'something incriminating happened here that we covered up.' Worse than the original in some ways." Invisible-scrub re-pass + writer-side prevention shipped same day.