feat: add collectors and rules

config/rules.yaml

@@ -1,24 +1,23 @@
-# Rule registry. Each entry binds a rule id to a source and evaluation script.
-# Keep rule definitions in 40-rules/; this file ties them to schedules and severity.
+version: "1.0.0"
 
 rules:
-  - id: authority-hierarchy
-    severity: HIGH
-    entry: "40-rules/authority_hierarchy.yaml"
+  - rule_id: "ledger.hash_chain_intact"
+    severity: "CRITICAL"
+    script: "40-rules/ledger_hash_chain_intact.sh"
     evidence:
-      - vm_mcp
-      - vm_ledger
+      - "ledger_verify.json"
+    controls: ["AU-01", "AU-02"]
 
-  - id: skills-health
-    severity: MEDIUM
-    entry: "40-rules/skills_health.yaml"
+  - rule_id: "governance.constitution_pinned"
+    severity: "HIGH"
+    script: "40-rules/governance_constitution_pinned.sh"
     evidence:
-      - vm_skills
-      - ops
+      - "constitution_hash.json"
+    controls: ["GV-01"]
 
-  - id: receipts-schema
-    severity: HIGH
-    entry: "40-rules/receipts_schema.yaml"
+  - rule_id: "backup.restore_drill_recent"
+    severity: "MEDIUM"
+    script: "40-rules/backup_restore_drill_recent.sh"
     evidence:
-      - vm_contracts
-      - vm_ledger
+      - "backup_restore_drill.json"
+    controls: ["BC-01"]