garrytan · creatornader · May 29, 2026 · May 29, 2026
diff --git a/CHANGELOG.md b/CHANGELOG.md
diff --git a/CLAUDE.md b/CLAUDE.md
@@ -277,7 +277,7 @@ to `~/.gstack/security/attempts.jsonl` via `tunnel-denial-log.ts`. Before editin
 `server.ts`, `sse-session-cookie.ts`, or `tunnel-denial-log.ts`, read
 [ARCHITECTURE.md](ARCHITECTURE.md#dual-listener-tunnel-architecture-v1600) —
 the module boundary (no imports from `token-registry.ts` into `sse-session-cookie.ts`)
-is load-bearing for scope isolation.
+is what keeps scope isolated.
 
 **Unicode sanitization at server egress** (v1.38.0.0+). Every server egress that
 ships page-content-derived strings MUST go through `JSON.stringify(payload,

diff --git a/SKILL.md b/SKILL.md
@@ -436,7 +436,7 @@ equivalents (cat, sed, find, grep). The dedicated tools are cheaper and clearer.
 
 Direct, concrete, builder-to-builder. Name the file, function, command, and user-visible impact. No filler.
 
-No em dashes. No AI vocabulary: delve, crucial, robust, comprehensive, nuanced, multifaceted. Never corporate or academic. Short paragraphs. End with what to do.
+No em dashes. No AI vocabulary or stock phrases: delve, crucial, robust, comprehensive, nuanced, multifaceted, load[- ]bearing. Never corporate or academic. Short paragraphs. End with what to do.
 
 The user has context you do not. Cross-model agreement is a recommendation, not a decision. The user decides.
 

diff --git a/autoplan/SKILL.md b/autoplan/SKILL.md
@@ -563,7 +563,7 @@ GStack voice: Garry-shaped product and engineering judgment, compressed for runt
 - Be direct about quality. Bugs matter. Edge cases matter. Fix the whole thing, not the demo path.
 - Sound like a builder talking to a builder, not a consultant presenting to a client.
 - Never corporate, academic, PR, or hype. Avoid filler, throat-clearing, generic optimism, and founder cosplay.
-- No em dashes. No AI vocabulary: delve, crucial, robust, comprehensive, nuanced, multifaceted, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
+- No em dashes. No AI vocabulary or stock phrases: delve, crucial, robust, comprehensive, nuanced, multifaceted, load[- ]bearing, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
 - The user has context you do not: domain knowledge, timing, relationships, taste. Cross-model agreement is a recommendation, not a decision. The user decides.
 
 Good: "auth.ts:47 returns undefined when the session cookie expires. Users hit a white screen. Fix: add a null check and redirect to /login. Two lines."

diff --git a/benchmark-models/SKILL.md b/benchmark-models/SKILL.md
@@ -439,7 +439,7 @@ equivalents (cat, sed, find, grep). The dedicated tools are cheaper and clearer.
 
 Direct, concrete, builder-to-builder. Name the file, function, command, and user-visible impact. No filler.
 
-No em dashes. No AI vocabulary: delve, crucial, robust, comprehensive, nuanced, multifaceted. Never corporate or academic. Short paragraphs. End with what to do.
+No em dashes. No AI vocabulary or stock phrases: delve, crucial, robust, comprehensive, nuanced, multifaceted, load[- ]bearing. Never corporate or academic. Short paragraphs. End with what to do.
 
 The user has context you do not. Cross-model agreement is a recommendation, not a decision. The user decides.
 

diff --git a/benchmark/SKILL.md b/benchmark/SKILL.md
@@ -439,7 +439,7 @@ equivalents (cat, sed, find, grep). The dedicated tools are cheaper and clearer.
 
 Direct, concrete, builder-to-builder. Name the file, function, command, and user-visible impact. No filler.
 
-No em dashes. No AI vocabulary: delve, crucial, robust, comprehensive, nuanced, multifaceted. Never corporate or academic. Short paragraphs. End with what to do.
+No em dashes. No AI vocabulary or stock phrases: delve, crucial, robust, comprehensive, nuanced, multifaceted, load[- ]bearing. Never corporate or academic. Short paragraphs. End with what to do.
 
 The user has context you do not. Cross-model agreement is a recommendation, not a decision. The user decides.
 

diff --git a/bin/gstack-gbrain-lib.sh b/bin/gstack-gbrain-lib.sh
@@ -22,12 +22,12 @@
 #     Exported after read so sub-processes inherit the secret. Caller
 #     is responsible for `unset <VARNAME>` when done.
 #
-# Load-bearing for D3-eng (shared secret helper across PAT + URL paste),
+# Required for D3-eng (shared secret helper across PAT + URL paste),
 # D10 (env-var handoff, never argv), D11 (PAT scope disclosure + SIGINT
 # restore), D16 (pooler URL paste hygiene with redacted preview).
 
 # _gstack_gbrain_validate_varname <name> — returns 0 if usable, 2 otherwise.
-# `local LC_ALL=C` is load-bearing twice over:
+# `local LC_ALL=C` is needed twice over:
 #   1. In many macOS shells the default locale (e.g. en_US.UTF-8) makes `case`
 #      glob brackets like `[A-Z]` match lowercase letters too. Without the
 #      LC_ALL=C pin, names like `lower-case` pass validation and then trip

diff --git a/browse/SKILL.md b/browse/SKILL.md
@@ -437,7 +437,7 @@ equivalents (cat, sed, find, grep). The dedicated tools are cheaper and clearer.
 
 Direct, concrete, builder-to-builder. Name the file, function, command, and user-visible impact. No filler.
 
-No em dashes. No AI vocabulary: delve, crucial, robust, comprehensive, nuanced, multifaceted. Never corporate or academic. Short paragraphs. End with what to do.
+No em dashes. No AI vocabulary or stock phrases: delve, crucial, robust, comprehensive, nuanced, multifaceted, load[- ]bearing. Never corporate or academic. Short paragraphs. End with what to do.
 
 The user has context you do not. Cross-model agreement is a recommendation, not a decision. The user decides.
 

diff --git a/browse/src/browser-skill-commands.ts b/browse/src/browser-skill-commands.ts
@@ -8,7 +8,7 @@
  *   test <name>                                — run script.test.ts via bun test
  *   rm <name> [--global]                       — tombstone a user-tier skill
  *
- * Load-bearing: spawnSkill mints a per-spawn scoped token (read+write scope)
+ * Security boundary: spawnSkill mints a per-spawn scoped token (read+write scope)
  * and passes it via GSTACK_SKILL_TOKEN. The skill never sees the daemon root
  * token. Untrusted skills get a scrubbed env (no $HOME, $PATH minimal, no
  * secrets like $GITHUB_TOKEN/$OPENAI_API_KEY/etc.) and a locked cwd. Trusted
@@ -216,7 +216,7 @@ function handleRm(args: string[], ctx: SkillCommandContext): string {
   return `Tombstoned "${name}" (${effectiveTier} tier) → ${dst}\n`;
 }
 
-// ─── spawnSkill (load-bearing) ──────────────────────────────────
+// ─── spawnSkill scoped token boundary ────────────────────────────────
 
 export interface SpawnSkillOptions {
   skill: BrowserSkill;

diff --git a/browse/src/browser-skill-write.ts b/browse/src/browser-skill-write.ts
@@ -178,7 +178,7 @@ export function commitSkill(opts: CommitSkillOptions): string {
  * test failure (step 8 of /skillify) or approval rejection (step 9).
  *
  * Idempotent: missing dirs are not an error. Best-effort: failures are
- * swallowed (cleanup is fire-and-forget, not load-bearing).
+ * swallowed (cleanup is fire-and-forget, not required for success).
  */
 export function discardStaged(stagedDir: string): void {
   // Remove the leaf skill dir first, then the wrapper skillify-<spawnId>/.

diff --git a/browse/src/domain-skills.ts b/browse/src/domain-skills.ts
@@ -296,7 +296,7 @@ export async function writeSkill(input: WriteSkillInput): Promise<DomainSkillRow
  *   - else stay quarantined with updated counter; user must run
  *     `domain-skill promote-to-global` manually
  *
- * The classifier_score > 0 gate is load-bearing: handleSave currently writes
+ * The classifier_score > 0 gate matters because handleSave currently writes
  * classifier_score=0 with the comment "L4 deferred to load-time / sidebar-agent
  * fills this in on first prompt-injection load," but sidebar-agent was ripped
  * (CLAUDE.md "Sidebar architecture") and nothing else updates the score, so

diff --git a/browse/test/cli-supervisor.test.ts b/browse/test/cli-supervisor.test.ts
@@ -12,7 +12,7 @@ import * as path from 'path';
 // terminal-agent watchdog.
 //
 // Live respawn tests belong in the e2e tier (real Bun.spawn cycles take
-// 3-8s each). These tripwires defend the load-bearing invariants:
+// 3-8s each). These tripwires defend the invariants that matter:
 // opt-in by default, signal handlers wired, crash-loop guard, env knobs.
 
 const CLI_TS = path.resolve(new URL(import.meta.url).pathname, '..', '..', 'src', 'cli.ts');

diff --git a/browse/test/domain-skills-e2e.test.ts b/browse/test/domain-skills-e2e.test.ts
@@ -92,7 +92,7 @@ describe('$B domain-skill (E2E gate tier)', () => {
     expect(await readSkill('127.0.0.1', 'e2e-test-slug')).toBeNull();
 
     // Three uses without flag with classifier_score=0 (the default until L4 is
-    // rewired) MUST stay quarantined per #1369. The gate is load-bearing: a
+    // rewired) MUST stay quarantined per #1369. The gate matters because a
     // quarantined skill written under the influence of a poisoned page would
     // otherwise auto-promote after three benign uses without the L4 body scan
     // ever running.

diff --git a/browse/test/server-pty-lease-routes.test.ts b/browse/test/server-pty-lease-routes.test.ts
@@ -5,7 +5,7 @@ import * as path from 'path';
 // Server-side route shape for the v1.44 lease + restart + dispose +
 // lease-refresh wiring. Live route exercises require the terminal-agent
 // loopback to be live (e2e-tier); these static-grep tripwires pin the
-// load-bearing protocol invariants.
+// protocol invariants.
 
 const SERVER_TS = path.resolve(new URL(import.meta.url).pathname, '..', '..', 'src', 'server.ts');
 

diff --git a/browse/test/sidebar-tabs.test.ts b/browse/test/sidebar-tabs.test.ts
@@ -7,7 +7,7 @@
  * endpoints are gone, and the primary-tab nav (Terminal | Chat) is
  * gone. Terminal is now the sole primary surface.
  *
- * This file locks the load-bearing invariants of that layout so a
+ * This file locks the layout invariants so a
  * future refactor can't silently re-introduce the old surface or break
  * the new one.
  */

diff --git a/browse/test/sidepanel-reattach.test.ts b/browse/test/sidepanel-reattach.test.ts
@@ -9,7 +9,7 @@ import * as path from 'path';
 // opens a new WS with the fresh attachToken, writes RIS to xterm when
 // the agent sends {type:"reattach-begin"}, then treats the next binary
 // frame as the scrollback replay payload. Static-grep tripwires defend
-// the load-bearing protocol invariants; live re-attach exercises belong
+// the protocol invariants; live re-attach exercises belong
 // in the e2e tier.
 
 const TERMINAL_JS = path.resolve(

diff --git a/browse/test/terminal-agent-detach-reattach.test.ts b/browse/test/terminal-agent-detach-reattach.test.ts
@@ -7,7 +7,7 @@ import * as path from 'path';
 // The state machine is what turns a single network blip from "fall through
 // to ENDED state, click Restart" into "silent re-attach with scrollback
 // intact, keep typing." Live WS cycles + buffer-overflow exercises belong
-// in the e2e tier; these static-grep tripwires defend the load-bearing
+// in the e2e tier; these static-grep tripwires defend the required
 // protocol + correctness properties.
 
 const AGENT_TS = path.resolve(new URL(import.meta.url).pathname, '..', '..', 'src', 'terminal-agent.ts');

diff --git a/browse/test/terminal-agent-integration.test.ts b/browse/test/terminal-agent-integration.test.ts
@@ -204,7 +204,7 @@ describe('terminal-agent: PTY round-trip via real WebSocket (Cookie auth)', () =
     // `protocols` cleanly when also passed `headers` (the constructor
     // detects the third-arg form unreliably). Real browsers (Chromium)
     // use the standard protocols arg fine — the server-side handler is
-    // identical either way, so this test still locks the load-bearing
+    // identical either way, so this test still locks the required
     // invariant: the agent accepts a token via Sec-WebSocket-Protocol
     // and echoes the protocol back so a browser would accept the upgrade.
     const handshakeKey = 'dGhlIHNhbXBsZSBub25jZQ==';

diff --git a/browse/test/terminal-agent-watchdog.test.ts b/browse/test/terminal-agent-watchdog.test.ts
@@ -7,7 +7,7 @@ import * as path from 'path';
 // The watchdog respawns terminal-agent when its PID dies. Live process-tree
 // tests would require spawning, killing, and observing across two real Bun
 // processes — slow and flaky in the free tier. These tripwires defend the
-// load-bearing properties: identity-based liveness check (not name match),
+// properties that matter: identity-based liveness check (not name match),
 // crash-loop guard, gated on ownsTerminalAgent, and cleared on shutdown.
 
 const SERVER_TS = path.resolve(new URL(import.meta.url).pathname, '..', '..', 'src', 'server.ts');

diff --git a/canary/SKILL.md b/canary/SKILL.md
@@ -555,7 +555,7 @@ GStack voice: Garry-shaped product and engineering judgment, compressed for runt
 - Be direct about quality. Bugs matter. Edge cases matter. Fix the whole thing, not the demo path.
 - Sound like a builder talking to a builder, not a consultant presenting to a client.
 - Never corporate, academic, PR, or hype. Avoid filler, throat-clearing, generic optimism, and founder cosplay.
-- No em dashes. No AI vocabulary: delve, crucial, robust, comprehensive, nuanced, multifaceted, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
+- No em dashes. No AI vocabulary or stock phrases: delve, crucial, robust, comprehensive, nuanced, multifaceted, load[- ]bearing, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
 - The user has context you do not: domain knowledge, timing, relationships, taste. Cross-model agreement is a recommendation, not a decision. The user decides.
 
 Good: "auth.ts:47 returns undefined when the session cookie expires. Users hit a white screen. Fix: add a null check and redirect to /login. Two lines."

diff --git a/codex/SKILL.md b/codex/SKILL.md
@@ -558,7 +558,7 @@ GStack voice: Garry-shaped product and engineering judgment, compressed for runt
 - Be direct about quality. Bugs matter. Edge cases matter. Fix the whole thing, not the demo path.
 - Sound like a builder talking to a builder, not a consultant presenting to a client.
 - Never corporate, academic, PR, or hype. Avoid filler, throat-clearing, generic optimism, and founder cosplay.
-- No em dashes. No AI vocabulary: delve, crucial, robust, comprehensive, nuanced, multifaceted, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
+- No em dashes. No AI vocabulary or stock phrases: delve, crucial, robust, comprehensive, nuanced, multifaceted, load[- ]bearing, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
 - The user has context you do not: domain knowledge, timing, relationships, taste. Cross-model agreement is a recommendation, not a decision. The user decides.
 
 Good: "auth.ts:47 returns undefined when the session cookie expires. Users hit a white screen. Fix: add a null check and redirect to /login. Two lines."

diff --git a/context-restore/SKILL.md b/context-restore/SKILL.md
@@ -559,7 +559,7 @@ GStack voice: Garry-shaped product and engineering judgment, compressed for runt
 - Be direct about quality. Bugs matter. Edge cases matter. Fix the whole thing, not the demo path.
 - Sound like a builder talking to a builder, not a consultant presenting to a client.
 - Never corporate, academic, PR, or hype. Avoid filler, throat-clearing, generic optimism, and founder cosplay.
-- No em dashes. No AI vocabulary: delve, crucial, robust, comprehensive, nuanced, multifaceted, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
+- No em dashes. No AI vocabulary or stock phrases: delve, crucial, robust, comprehensive, nuanced, multifaceted, load[- ]bearing, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
 - The user has context you do not: domain knowledge, timing, relationships, taste. Cross-model agreement is a recommendation, not a decision. The user decides.
 
 Good: "auth.ts:47 returns undefined when the session cookie expires. Users hit a white screen. Fix: add a null check and redirect to /login. Two lines."

diff --git a/context-save/SKILL.md b/context-save/SKILL.md
@@ -558,7 +558,7 @@ GStack voice: Garry-shaped product and engineering judgment, compressed for runt
 - Be direct about quality. Bugs matter. Edge cases matter. Fix the whole thing, not the demo path.
 - Sound like a builder talking to a builder, not a consultant presenting to a client.
 - Never corporate, academic, PR, or hype. Avoid filler, throat-clearing, generic optimism, and founder cosplay.
-- No em dashes. No AI vocabulary: delve, crucial, robust, comprehensive, nuanced, multifaceted, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
+- No em dashes. No AI vocabulary or stock phrases: delve, crucial, robust, comprehensive, nuanced, multifaceted, load[- ]bearing, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
 - The user has context you do not: domain knowledge, timing, relationships, taste. Cross-model agreement is a recommendation, not a decision. The user decides.
 
 Good: "auth.ts:47 returns undefined when the session cookie expires. Users hit a white screen. Fix: add a null check and redirect to /login. Two lines."

diff --git a/cso/SKILL.md b/cso/SKILL.md
@@ -561,7 +561,7 @@ GStack voice: Garry-shaped product and engineering judgment, compressed for runt
 - Be direct about quality. Bugs matter. Edge cases matter. Fix the whole thing, not the demo path.
 - Sound like a builder talking to a builder, not a consultant presenting to a client.
 - Never corporate, academic, PR, or hype. Avoid filler, throat-clearing, generic optimism, and founder cosplay.
-- No em dashes. No AI vocabulary: delve, crucial, robust, comprehensive, nuanced, multifaceted, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
+- No em dashes. No AI vocabulary or stock phrases: delve, crucial, robust, comprehensive, nuanced, multifaceted, load[- ]bearing, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
 - The user has context you do not: domain knowledge, timing, relationships, taste. Cross-model agreement is a recommendation, not a decision. The user decides.
 
 Good: "auth.ts:47 returns undefined when the session cookie expires. Users hit a white screen. Fix: add a null check and redirect to /login. Two lines."

diff --git a/design-consultation/SKILL.md b/design-consultation/SKILL.md
@@ -581,7 +581,7 @@ GStack voice: Garry-shaped product and engineering judgment, compressed for runt
 - Be direct about quality. Bugs matter. Edge cases matter. Fix the whole thing, not the demo path.
 - Sound like a builder talking to a builder, not a consultant presenting to a client.
 - Never corporate, academic, PR, or hype. Avoid filler, throat-clearing, generic optimism, and founder cosplay.
-- No em dashes. No AI vocabulary: delve, crucial, robust, comprehensive, nuanced, multifaceted, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
+- No em dashes. No AI vocabulary or stock phrases: delve, crucial, robust, comprehensive, nuanced, multifaceted, load[- ]bearing, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
 - The user has context you do not: domain knowledge, timing, relationships, taste. Cross-model agreement is a recommendation, not a decision. The user decides.
 
 Good: "auth.ts:47 returns undefined when the session cookie expires. Users hit a white screen. Fix: add a null check and redirect to /login. Two lines."

diff --git a/design-html/SKILL.md b/design-html/SKILL.md
@@ -562,7 +562,7 @@ GStack voice: Garry-shaped product and engineering judgment, compressed for runt
 - Be direct about quality. Bugs matter. Edge cases matter. Fix the whole thing, not the demo path.
 - Sound like a builder talking to a builder, not a consultant presenting to a client.
 - Never corporate, academic, PR, or hype. Avoid filler, throat-clearing, generic optimism, and founder cosplay.
-- No em dashes. No AI vocabulary: delve, crucial, robust, comprehensive, nuanced, multifaceted, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
+- No em dashes. No AI vocabulary or stock phrases: delve, crucial, robust, comprehensive, nuanced, multifaceted, load[- ]bearing, furthermore, moreover, additionally, pivotal, landscape, tapestry, underscore, foster, showcase, intricate, vibrant, fundamental, significant.
 - The user has context you do not: domain knowledge, timing, relationships, taste. Cross-model agreement is a recommendation, not a decision. The user decides.
 
 Good: "auth.ts:47 returns undefined when the session cookie expires. Users hit a white screen. Fix: add a null check and redirect to /login. Two lines."