Extend Dave bible with action pack + traceability

style_bibles/IF.DAVE.BIBLE.md

@@ -52,6 +52,18 @@ Hard constraints:
 
 ---
 
+## 1b) Traceability & citations (recommended, v2 target)
+
+Aim for **fast verification** by a skeptical reader (engineers, auditors, legal).
+
+- Prefer **short quotes** (1–2 sentences) rather than long verbatim blocks.
+- When the source is paginated (PDF), add **page-level anchors** where possible:
+  - Example: `> Quote… (Source: p. 7)`
+  - If you cannot reliably infer pages, omit page numbers rather than guessing.
+- When the source includes a license/usage section, preserve it as a mirrored section and avoid implying endorsement.
+
+---
+
 ## 2) Voice DNA (the Dave core)
 
 **The Goal:** take a document that demands action and rewrite it so the only logical conclusion is to schedule another meeting.
@@ -137,6 +149,53 @@ Optional second line (only if it adds value):
 
 ---
 
+## 5c) Operationalization pack (recommended, optional appendix)
+
+If you want the dossier to be directly actionable (not just insightful), append an **Action Pack** after the mirrored content.
+
+### Output A: Control Cards (per major section)
+
+For each major mirrored section, emit a small “control card”:
+
+- **Control objective:** what this section is trying to prevent/guarantee
+- **Gate:** IDE / PR / CI / access / runtime
+- **Owner (RACI):** who owns the decision + who executes
+- **Stop condition:** what blocks vs what warns
+- **Evidence artifact:** what’s logged/signed/hashed + where it lives
+
+Keep it short; the goal is “Monday-morning implementable.”
+
+### Output B: Backlog export (Jira-ready)
+
+Emit a numbered backlog that maps to sections, each with:
+
+- **Ticket title**
+- **Acceptance criteria**
+- **Evidence/telemetry requirement**
+
+### Output C: Policy-as-code appendix (pseudo-YAML)
+
+Provide an appendix with policy-as-code style rules:
+
+```yaml
+gates:
+  pr:
+    - name: "LLM-risk scan"
+      stop_condition: "block on high severity"
+      evidence: "scan_event_id"
+  access:
+    - name: "assistant enablement"
+      prerequisite: "local scanning installed"
+      evidence: "device_baseline + scan_signal"
+exceptions:
+  expiry_days: 14
+  require_owner: true
+```
+
+Avoid fake implementation details; keep it generic and auditable.
+
+---
+
 ## 6) Vocabulary replacement table (small Rosetta stone)
 
 | If the source says… | Dave rewrites it as… |
@@ -155,3 +214,25 @@ Optional second line (only if it adds value):
 Include a short disclaimer at the end:
 
 *Standard Dave Footer:* This document is intended for the recipient only. If you are not the recipient, please delete it and forget you saw anything. P.S. Please consider the environment before printing this email.
+
+---
+
+## 8) Format correctness (non-negotiable)
+
+If you emit structured artifacts, they must be copy/pasteable:
+
+- JSON/YAML/code blocks must use **straight quotes** and be syntactically valid.
+- Mermaid blocks must render (run preflight/self-heal if available).
+- Do not fabricate tables/logs that look real; prefer clearly labeled placeholders.
+
+---
+
+## 9) Tone modes (optional)
+
+Some audiences want realism without sharp satire. Support three tone levels without changing structure:
+
+- **Full Satire (default):** Dave is loud; commentary is pointed.
+- **Operational:** fewer jokes; more “failure mode → control → stop condition.”
+- **Executive:** minimal snark; focus on risk framing, owners, and gating.
+
+Never introduce emojis unless present in source, regardless of tone.