fix: Address review — remove stale Matrix references from runtime prompts

Critical fixes:
- vault/vault-agent.sh: Update comment and prompt to use PHASE:escalate
  instead of "send a Matrix message"
- dev/dev-agent.sh: Update escalation instruction from "reply via Matrix"
  to "respond via the forge"
- dev/phase-handler.sh: Update build_phase_protocol_prompt() escalation
  text from "reply via Matrix" to "respond via the forge"

Minor fixes:
- bin/disinto: Remove duplicate comment line in docker-compose header
- README.md: Update vault table row from "via Matrix" to "via vault/forge"
- BOOTSTRAP.md: Remove "Matrix credentials" from TOML description
- lib/AGENTS.md: Remove "callers may follow up via Matrix" from
  formula_phase_callback description

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

BOOTSTRAP.md

@@ -99,7 +99,7 @@ If you have an existing deployment using `CODEBERG_TOKEN` / `REVIEW_BOT_TOKEN` i
 ## 3. Configure Project TOML
 
 Each project needs a `projects/<name>.toml` file with box-specific settings
-(absolute paths, Woodpecker CI IDs, Matrix credentials, forge URL). These files are
+(absolute paths, Woodpecker CI IDs, forge URL). These files are
 **gitignored** — they are local installation config, not shared code.
 
 To create one:

README.md

@@ -153,7 +153,7 @@ disinto/
 | **Review** | Every 10 min | Finds PRs without review, runs Claude-powered code review, approves or requests changes. |
 | **Gardener** | Daily | Grooms the issue backlog: detects duplicates, promotes `tech-debt` to `backlog`, closes stale issues, escalates ambiguous items. |
 | **Planner** | Weekly | Updates AGENTS.md documentation to reflect recent code changes, then gap-analyses VISION.md vs current state and creates up to 5 backlog issues for the highest-leverage gaps. |
-| **Vault** | Every 30 min | Safety gate for dangerous or irreversible actions. Classifies pending actions via Claude: auto-approve, auto-reject, or escalate to a human via Matrix. |
+| **Vault** | Every 30 min | Safety gate for dangerous or irreversible actions. Classifies pending actions via Claude: auto-approve, auto-reject, or escalate to a human via vault/forge. |
 
 ## Design Principles
 

bin/disinto

@@ -156,7 +156,6 @@ generate_compose() {
   cat > "$compose_file" <<'COMPOSEEOF'
 # docker-compose.yml — generated by disinto init
 # Brings up Forgejo, Woodpecker, and the agent runtime.
-# Brings up Forgejo, Woodpecker, and the agent runtime.
 
 services:
   forgejo:

dev/dev-agent.sh

@@ -574,7 +574,7 @@ phase handler. You do not need to merge or close anything — stop and wait.
 \`\`\`bash
 printf 'PHASE:escalate\nReason: %s\n' \"describe what you need\" > \"${PHASE_FILE}\"
 \`\`\`
-Then STOP and wait. A human will reply via Matrix and the response will be injected.
+Then STOP and wait. A human will review and respond via the forge.
 
 **If refusing (too large, unmet dep, already done):**
 \`\`\`bash

dev/phase-handler.sh

@@ -167,7 +167,7 @@ echo "PHASE:awaiting_ci" > "${_pf}"
 \`\`\`bash
 printf 'PHASE:escalate\nReason: %s\n' "describe what you need" > "${_pf}"
 \`\`\`
-Then STOP and wait. A human will reply via Matrix and the response will be injected.
+Then STOP and wait. A human will review and respond via the forge.
 
 **On unrecoverable failure:**
 \`\`\`bash

lib/AGENTS.md

@@ -11,7 +11,7 @@ sourced as needed.
 | `lib/ci-debug.sh` | CLI tool for Woodpecker CI: `list`, `status`, `logs`, `failures` subcommands. Not sourced — run directly. | Humans / dev-agent (tool access) |
 | `lib/load-project.sh` | Parses a `projects/*.toml` file into env vars (`PROJECT_NAME`, `FORGE_REPO`, `WOODPECKER_REPO_ID`, monitoring toggles, mirror config, etc.). | env.sh (when `PROJECT_TOML` is set), supervisor-poll (per-project iteration) |
 | `lib/parse-deps.sh` | Extracts dependency issue numbers from an issue body (stdin → stdout, one number per line). Matches `## Dependencies` / `## Depends on` / `## Blocked by` sections and inline `depends on #N` / `blocked by #N` patterns. Inline scan skips fenced code blocks to prevent false positives from code examples in issue bodies. Not sourced — executed via `bash lib/parse-deps.sh`. | dev-poll, supervisor-poll |
-| `lib/formula-session.sh` | `acquire_cron_lock()`, `check_memory()`, `load_formula()`, `build_context_block()`, `consume_escalation_reply()`, `start_formula_session()`, `formula_phase_callback()`, `build_prompt_footer()`, `build_graph_section()`, `run_formula_and_monitor(AGENT [TIMEOUT] [CALLBACK])` — shared helpers for formula-driven cron agents (lock, memory guard, formula loading, prompt assembly, tmux session, monitor loop, crash recovery). `build_graph_section()` generates the structural-analysis section (runs `lib/build-graph.py`, formats JSON output) — previously duplicated in planner-run.sh and predictor-run.sh, now shared here. `formula_phase_callback()` handles `PHASE:escalate` (unified escalation path — kills the session; callers may follow up via Matrix). `run_formula_and_monitor` accepts an optional CALLBACK (default: `formula_phase_callback`) so callers can install custom merge-through or escalation handlers. | planner-run.sh, predictor-run.sh, gardener-run.sh, supervisor-run.sh, dev-agent.sh, action-agent.sh |
+| `lib/formula-session.sh` | `acquire_cron_lock()`, `check_memory()`, `load_formula()`, `build_context_block()`, `consume_escalation_reply()`, `start_formula_session()`, `formula_phase_callback()`, `build_prompt_footer()`, `build_graph_section()`, `run_formula_and_monitor(AGENT [TIMEOUT] [CALLBACK])` — shared helpers for formula-driven cron agents (lock, memory guard, formula loading, prompt assembly, tmux session, monitor loop, crash recovery). `build_graph_section()` generates the structural-analysis section (runs `lib/build-graph.py`, formats JSON output) — previously duplicated in planner-run.sh and predictor-run.sh, now shared here. `formula_phase_callback()` handles `PHASE:escalate` (unified escalation path — kills the session). `run_formula_and_monitor` accepts an optional CALLBACK (default: `formula_phase_callback`) so callers can install custom merge-through or escalation handlers. | planner-run.sh, predictor-run.sh, gardener-run.sh, supervisor-run.sh, dev-agent.sh, action-agent.sh |
 | `lib/guard.sh` | `check_active(agent_name)` — reads `$FACTORY_ROOT/state/.{agent_name}-active`; exits 0 (skip) if the file is absent. Factory is off by default — state files must be created to enable each agent. **Logs a message to stderr** when skipping (`[check_active] SKIP: state file not found`), so agent dropout is visible in cron logs. Sourced by dev-poll.sh, review-poll.sh, action-poll.sh, predictor-run.sh, supervisor-run.sh. | cron entry points |
 | `lib/mirrors.sh` | `mirror_push()` — pushes `$PRIMARY_BRANCH` + tags to all configured mirror remotes (fire-and-forget background pushes). Reads `MIRROR_NAMES` and `MIRROR_*` vars exported by `load-project.sh` from the `[mirrors]` TOML section. Failures are logged but never block the pipeline. Sourced by dev-poll.sh and dev/phase-handler.sh — called after every successful merge. | dev-poll.sh, phase-handler.sh |
 | `lib/build-graph.py` | Python tool: parses VISION.md, prerequisite-tree.md, AGENTS.md, formulas/*.toml, evidence/, and forge issues/labels into a NetworkX DiGraph. Runs structural analyses (orphaned objectives, stale prerequisites, thin evidence, circular deps) and outputs a JSON report. Used by `review-pr.sh` (per-PR changed-file analysis) and `predictor-run.sh` (full-project analysis) to provide structural context to Claude. | review-pr.sh, predictor-run.sh |

vault/vault-agent.sh

@@ -5,8 +5,8 @@
 # builds a prompt with action summaries, and lets the LLM decide routing.
 #
 # The LLM can call vault-fire.sh (auto-approve) or vault-reject.sh (reject)
-# directly. For escalations, it sends a Matrix message and marks the action
-# as "escalated" in pending/ so vault-poll skips it on future runs.
+# directly. For escalations, it writes a PHASE:escalate file and marks the
+# action as "escalated" in pending/ so vault-poll skips it on future runs.
 
 set -euo pipefail
 
@@ -76,7 +76,7 @@ For actions that need human approval (escalate), write a PHASE:escalate file
 to signal the unified escalation path:
   printf 'PHASE:escalate\nReason: vault procurement — %s\n' '<action summary>' \\
     > /tmp/vault-escalate-<action-id>.phase
-Then send a Matrix message with context about what needs approval."
+Then STOP and wait — a human will review via the forge."
 
 CLAUDE_OUTPUT=$(timeout "$CLAUDE_TIMEOUT" claude -p "$PROMPT" \
   --model sonnet \