From 06b49b5e2e2437da8febfdb139892382144d3d06 Mon Sep 17 00:00:00 2001
From: Alex Skatell <alex@topline.com>
Date: Wed, 13 May 2026 17:12:47 -0400
Subject: [PATCH] docs(skills): adopt composite query audit contract + ban bash
 heredocs

Bundled skill docs were still telling agents to author a hand-rolled
composite SQL string for the standard pipeline audit. Now that
`topline --agent query audit|snapshot|freshness` ship as composite
warehouse commands (PR #8), the documented contract collapses to:

  1. query doctor
  2. query audit --pipeline ... --since ... --status open
  3. answer

Hard ceiling drops from 4 calls to 3. Raw `query sql` is reserved
for non-standard analytics only.

Adds an explicit pitfall: bash heredocs around `query sql`
(`SQL=\$(cat <<'SQL' ... SQL)` or `--sql "\$(cat <<SQL ... SQL)"`)
are the bash form of the Python wrapper anti-pattern and are banned
in the default flow. If a question is a standard pipeline rollup,
the answer is `query audit`, not a hand-built multi-line SQL string.

hermes SKILL bumped to v1.5.0; claude-code SKILL keeps no version
field but is brought to the same contract.
---
 skills/claude-code/SKILL.md | 49 +++++++++++++++------
 skills/hermes/SKILL.md      | 88 +++++++++++++++++++++++--------------
 2 files changed, 90 insertions(+), 47 deletions(-)

diff --git a/skills/claude-code/SKILL.md b/skills/claude-code/SKILL.md
index d144a08..088659b 100644
--- a/skills/claude-code/SKILL.md
+++ b/skills/claude-code/SKILL.md
@@ -1,41 +1,62 @@
 # Topline OS CLI Skill
 
-Use the `topline` CLI for Topline OS CRM workflows. For broad CRM analytics, **prefer the hosted warehouse SQL path** (`topline --agent query ...`) when `TOPLINE_QUERY_TOKEN` is configured. Use REST-backed CLI commands for live operational reads, exact object drilldowns, and approved writes.
+Use the `topline` CLI for Topline OS CRM workflows. For broad CRM analytics, **prefer the composite warehouse commands** (`topline --agent query audit|snapshot|freshness`) when `TOPLINE_QUERY_TOKEN` is configured. They wrap the standard pipeline audit shape into one CLI call. Use REST-backed CLI commands for live operational reads, exact object drilldowns, and approved writes.
 
-## Standard pipeline audit contract (hard limit — 4 calls)
+## Standard pipeline audit contract (hard limit — 3 calls)
 
 For any "what happened in pipeline X over window W" question, run **exactly** this sequence and stop:
 
-1. Readiness probe. Prefer `topline --agent query doctor` when the installed CLI supports it; JSON: `queryTokenPresent`, `schemaReachable`, `tableCount`, `missingTables`, `recommendation`. If the command returns `unknown query command "doctor"`, the binary is stale — rebuild via `scripts/install-local.sh`, or use `topline --agent query help` + `topline --agent query explain --tables opportunities,pipeline_stages,messages,contacts,call_events,appointments` as the fallback probe and proceed with SQL. If `queryTokenPresent` is false, `schemaReachable` is false, or `explain` fails for an expected table, stop and report the readiness gap. If `missingTables` is non-empty, treat each as an `os-mcp` coverage bug and surface it in the final answer.
-2. `topline --agent query sql --sql '<composite audit>'` — ONE call returning open count/value, stage rollup, activity by channel/direction, moved/created/closed deals in window, top active deals. If the window is custom/relative and not already known, prepend a single `date` call before this step.
+1. `topline --agent query doctor` — readiness probe. JSON: `queryTokenPresent`, `schemaReachable`, `tableCount`, `missingTables`, `recommendation`. If `queryTokenPresent` is false, `schemaReachable` is false, or any expected table is missing, stop and report the readiness gap. Missing tables/views are `os-mcp` coverage bugs; surface them in the final answer.
+2. `topline --agent query audit --pipeline PIPELINE_ID --since WINDOW --status open` — one composite call returning `freshness`, `snapshot`, `activity` (with `unique_touches`), `deals`, and `movement`. Default `--since this-week-et` for "this week"; the CLI resolves the window.
 3. Answer.
 
-**Hard ceiling: 4 tool calls after skills load** (date if needed + readiness probe + composite SQL + answer). Banned in the default flow:
+**Hard ceiling: 3 tool calls after skills load** (doctor + audit + answer). Banned in the default flow:
 
+- Raw `topline --agent query sql --sql ...` for standard pipeline audits — `query audit` already covers the shape.
+- `query schema`, `query explain`, or per-table freshness SQL before `query audit`. The audit payload's `freshness` field is enough.
 - `pipeline audit`, `opportunities search`, `conversations search`, per-conversation message fetches.
-- `python3` / `execute_code` / any subprocess wrapper around `topline`. The CLI returns JSON; parse it directly. Reshape data in SQL with a final `SELECT`, not in Python.
+- `python3` / `execute_code` / any subprocess wrapper around `topline`. The CLI returns JSON; parse it directly.
+- **Bash heredocs around `query sql`**: `SQL=$(cat <<'SQL' ... SQL)` or `topline --agent query sql --sql "$(cat <<SQL ... SQL)"`. Same shape as the Python wrapper anti-pattern, different shell. If you find yourself authoring multi-line SQL for a standard pipeline question, switch to `query audit`.
 - Editing this skill (or the audits skill) via `skill_manage` mid-run. The contract is read-only during execution; propose edits in a separate turn.
 
-`query doctor` replaces the prior ad-hoc freshness/token probe. Only run a separate freshness SQL (`MAX(_synced_at)` per table) if the user explicitly asks about sync lag.
-
 Exceptions — each requires the user explicitly asking:
 
 - "Drill into deal X" → `opportunities` / `conversations` / `messages` calls OK.
 - "Why does SQL disagree with the audit?" → run `pipeline audit` and reconcile.
-- "Is the warehouse stale?" → freshness deep-dive (`MAX(_synced_at)` per table).
+- "Is the warehouse stale?" → `topline --agent query freshness` or a targeted `MAX(_synced_at)` SQL.
+- Non-standard analytics that `query audit` / `snapshot` / `freshness` cannot express → raw `query sql` is fine, but keep it inline (`--sql '...'`), not in a heredoc.
 
-If `query doctor`'s `recommendation` flags stale data or coverage gaps, disclose it in the answer but do **not** auto-fallback to REST. Coverage gaps are bugs to fix in `os-mcp`, not workarounds for the agent.
+If `query doctor` or the audit payload's `freshness` rows flag stale data or coverage gaps, disclose it in the answer but do **not** auto-fallback to REST. Coverage gaps are bugs to fix in `os-mcp`, not workarounds for the agent.
 
-## Hosted warehouse SQL (preferred for analytics)
+## Composite warehouse commands (preferred for analytics)
 
 ```bash
 topline --agent query doctor
-topline --agent query schema     # only when doctor flags schema not cached or stale
+topline --agent query audit --pipeline PIPELINE_ID --since this-week-et --status open
+topline --agent query snapshot --pipeline PIPELINE_ID --status open
+topline --agent query freshness
+```
+
+Answer from `query audit` JSON directly:
+
+- `snapshot.rows` → open count/value and stage distribution.
+- `activity.rows` → `unique_touches` by channel/direction.
+- `deals.rows` → per-deal touch breakdowns.
+- `movement.rows` → stage/status/record movement.
+- `freshness.rows` → data freshness caveats.
+
+Keep activity and movement separate.
+
+`TOPLINE_QUERY_TOKEN` must be a connection-bound token from `https://os-mcp.topline.com/connect`; raw PITs are intentionally rejected for SQL. Never print query tokens.
+
+## Raw SQL (non-standard analytics only)
+
+```bash
 topline --agent query explain --tables opportunities,pipeline_stages,messages,contacts,call_events,appointments
 topline --agent query sql --sql 'SELECT status, COUNT(*) AS n FROM opportunities GROUP BY status ORDER BY n DESC'
 ```
 
-`TOPLINE_QUERY_TOKEN` must be a connection-bound token from `https://os-mcp.topline.com/connect`; raw PITs are intentionally rejected for SQL. Never print query tokens.
+Use raw SQL only for analytics the composite commands cannot express. Keep it inline; do not assemble multi-line SQL in a bash heredoc.
 
 ## Pipeline audit (diagnostic / one-off only — NOT the analytics default)
 
@@ -56,7 +77,7 @@ Useful switches:
 - `--conversation-limit 10` and `--message-limit 30` to tune lookup volume.
 - `--include-tasks false` to skip overdue task hygiene.
 
-Do **not** run this after a successful SQL audit "to verify" — cross-verification is a drilldown subroutine, not the default.
+Do **not** run this after a successful `query audit` "to verify" — cross-verification is a drilldown subroutine, not the default.
 
 ## Setup and supporting commands
 
diff --git a/skills/hermes/SKILL.md b/skills/hermes/SKILL.md
index 444a5c0..d7f92ca 100644
--- a/skills/hermes/SKILL.md
+++ b/skills/hermes/SKILL.md
@@ -1,14 +1,14 @@
 ---
 name: topline-os-cli
-description: Use the Topline OS CLI for SQL-first CRM analytics, pipeline audits, token-efficient reads, deal briefs, and agent-safe sales operations. Default to the hosted warehouse `topline --agent query` path for analytics; use REST-backed commands for live drilldowns and approved writes.
-version: 1.4.0
+description: Use the Topline OS CLI for SQL-first CRM analytics, pipeline audits, token-efficient reads, deal briefs, and agent-safe sales operations. Default to the composite `topline --agent query audit|snapshot|freshness` commands for standard analytics; use REST-backed commands for live drilldowns and approved writes.
+version: 1.5.0
 ---
 
 # Topline OS CLI
 
-Use `topline` when the user asks for sales pipeline reporting, CRM hygiene, deal briefs, or any repeated Topline OS read where one compound SQL or CLI command is cheaper than many MCP/API/tool calls.
+Use `topline` when the user asks for sales pipeline reporting, CRM hygiene, deal briefs, or any repeated Topline OS read where one composite CLI command is cheaper than many MCP/API/tool calls.
 
-For broad CRM analytics, **prefer the hosted warehouse SQL path** (`topline --agent query ...`) when `TOPLINE_QUERY_TOKEN` is configured. Use REST-backed CLI commands for live operational reads, exact object drilldowns, and approved writes.
+For broad CRM analytics, **prefer the composite warehouse commands** (`topline --agent query audit|snapshot|freshness`) when `TOPLINE_QUERY_TOKEN` is configured. They wrap the standard pipeline audit shape (snapshot, activity, deals, movement, freshness) into one CLI call, so agents do not need to hand-write SQL for the common case. Use REST-backed CLI commands for live operational reads, exact object drilldowns, and approved writes.
 
 ## Required env
 
@@ -24,57 +24,77 @@ Never print full PIT or query token values. Mask secrets and unnecessary PII by
 ```bash
 topline setup-check
 topline help
-topline --agent query doctor      # deterministic SQL readiness probe (added in v1.3.0)
+topline --agent query doctor      # deterministic SQL readiness probe (v1.3.0+)
 date '+%Y-%m-%d %H:%M:%S %Z (%z); %A; ISO week %V'
 ```
 
 `query doctor` returns JSON with `queryTokenPresent`, `tokenSourceEnvVar`, `rawPitRejected`, `baseUrl`, `schemaReachable`, `tableCount`, `expectedTables`, `missingTables`, and a `recommendation`. It never prints the token. Use it as the first deterministic check before any analytics SQL.
 
-## Standard pipeline audit contract (hard limit — 4 calls)
+## Standard pipeline audit contract (hard limit — 3 calls)
 
 For any "what happened in pipeline X over window W" question, run **exactly** this sequence and stop:
 
-1. Readiness probe. Prefer `topline --agent query doctor` when the installed CLI supports it; it returns JSON: `queryTokenPresent`, `tokenSourceEnvVar`, `rawPitRejected`, `baseUrl`, `schemaReachable`, `tableCount`, `expectedTables`, `missingTables`, `recommendation`. If the command returns `unknown query command "doctor"`, the installed binary is stale — rebuild via `scripts/install-local.sh`, or use `topline --agent query help` + `topline --agent query explain --tables opportunities,pipeline_stages,messages,contacts,call_events,appointments` as the fallback readiness check and proceed with SQL. If `queryTokenPresent` is false, `schemaReachable` is false, or `explain` fails for an expected table, stop and report the readiness gap. If `missingTables` is non-empty, treat each missing table as an `os-mcp` coverage bug and surface it in the final answer.
-2. `topline --agent query sql --sql '<composite audit>'` — ONE call, returns: open count/value, stage rollup, activity by channel/direction, moved/created/closed deals in window, top active deals. If the window is custom/relative and not already known, prepend a single `date` call before this step.
+1. `topline --agent query doctor` — readiness probe. If `queryTokenPresent` is false, `schemaReachable` is false, or any expected table is missing, stop and report the readiness gap. Missing tables/views are `os-mcp` coverage bugs; surface them in the final answer.
+2. `topline --agent query audit --pipeline PIPELINE_ID --since WINDOW --status open` — one composite call returning `freshness`, `snapshot`, `activity` (with `unique_touches`), `deals` (per-deal touch breakdowns), and `movement`. Default `--since this-week-et` for "this week"; the CLI resolves the window so a separate `date` call is not needed for that phrase.
 3. Answer.
 
-**Hard ceiling: 4 tool calls after skills load** (date if needed + readiness probe + composite SQL + answer). The following are explicitly banned in the default flow:
+**Hard ceiling: 3 tool calls after skills load** (doctor + audit + answer). The following are explicitly banned in the default flow:
 
+- Raw `topline --agent query sql --sql ...` for standard pipeline audits — the composite `query audit` already covers the shape.
+- `query schema`, `query explain`, or per-table freshness SQL before `query audit`. Use `query doctor` for readiness and rely on the audit payload's `freshness` field.
 - `pipeline audit`, `opportunities search`, `conversations search`, per-conversation message fetches.
-- `python3` / `execute_code` / any subprocess wrapper around `topline` calls. The CLI already returns JSON; parse it in the answer, not in a Python loop. Reshape data inside the SQL with a final `SELECT`, not in a wrapper script.
-- `skill_manage` edits to this skill or `topline-os-crm-audits` during the audit. The contract is **read-only during execution**. If the skill is wrong, finish the current run honestly (or stop and disclose the gap), then propose the edit in a separate turn. Mid-run skill edits invalidate the test trace because the documented contract is no longer what the agent followed.
-
-`query doctor` replaces the prior ad-hoc freshness/token probe — it is faster, deterministic, never prints the token, and surfaces both auth/readiness and warehouse coverage in one JSON payload. Only run a separate freshness SQL (`MAX(_synced_at)` per table) if the user explicitly asks about sync lag.
+- `python3` / `execute_code` / any subprocess wrapper around `topline` calls. The CLI already returns JSON; parse it in the answer, not in a Python loop.
+- **Bash heredocs around `query sql`**: `SQL=$(cat <<'SQL' ... SQL)` or `topline --agent query sql --sql "$(cat <<SQL ... SQL)"`. Same shape as the Python wrapper anti-pattern, different shell. If you find yourself authoring multi-line SQL in a heredoc for a standard pipeline question, switch to `query audit`.
+- `skill_manage` edits to this skill or `topline-os-crm-audits` during the audit. The contract is **read-only during execution**. If the skill is wrong, finish the current run honestly (or stop and disclose the gap), then propose the edit in a separate turn.
 
 Exceptions — each requires the user explicitly asking:
 
 - "Drill into deal X" → `opportunities` / `conversations` / `messages` calls OK.
 - "Why does SQL disagree with the audit?" → run `pipeline audit` and reconcile.
-- "Is the warehouse stale?" → freshness deep-dive (`MAX(_synced_at)` per table).
+- "Is the warehouse stale?" → run `topline --agent query freshness` or a targeted `MAX(_synced_at)` SQL.
+- Non-standard analytics that `query audit` / `query snapshot` / `query freshness` cannot express → raw `query sql` is fine, but author the SQL inline (`--sql '...'`), not in a heredoc.
 
-If `query doctor`'s `recommendation` flags stale data or coverage gaps, disclose it in the answer (e.g. "os-mcp missing `appointments` table; calls/appointments may be undercounted") but do **not** auto-fallback to REST. The user can ask for a live re-run if the gap matters. Coverage gaps are bugs to fix in `os-mcp`, not workarounds for the agent.
+If `query doctor` or the audit payload's `freshness` rows flag stale data or coverage gaps, disclose it in the answer but do **not** auto-fallback to REST. Coverage gaps are bugs to fix in `os-mcp`, not workarounds for the agent.
 
-## Hosted warehouse SQL (preferred for analytics)
+## Composite warehouse commands (preferred for analytics)
 
 ```bash
-topline --agent query doctor           # preferred — deterministic readiness probe, returns JSON
-topline --agent query help             # fallback if the installed binary predates `query doctor`
-topline --agent query explain --tables opportunities,pipeline_stages,messages,contacts,call_events,appointments
-topline --agent query sql --sql 'SELECT status, COUNT(*) AS n FROM opportunities GROUP BY status ORDER BY n DESC'
+topline --agent query doctor
+topline --agent query audit --pipeline PIPELINE_ID --since this-week-et --status open
+topline --agent query snapshot --pipeline PIPELINE_ID --status open
+topline --agent query freshness
 ```
 
-If `query doctor` returns `unknown query command "doctor"`, the installed binary is stale — rebuild via `scripts/install-local.sh` in the `Topline-com/os-cli` checkout, or use `query help` + `query explain` as the fallback probe and proceed with SQL. If `doctor` reports `queryTokenPresent: false` or `schemaReachable: false`, stop and ask the user to mint/configure a connection-bound query token. Do not silently fall back to REST and present it as the SQL-first result.
+What each returns:
+
+- `query doctor` — auth/readiness JSON: `queryTokenPresent`, `tokenSourceEnvVar`, `rawPitRejected`, `baseUrl`, `schemaReachable`, `tableCount`, `expectedTables`, `missingTables`, `recommendation`.
+- `query audit` — `freshness`, `snapshot`, `activity` (with `unique_touches`), `deals`, `movement`. The standard pipeline audit payload.
+- `query snapshot` — open count/value and stage distribution (subset of `audit.snapshot`).
+- `query freshness` — `_synced_at` lag per warehouse table/view.
+
+Answer from `query audit` JSON directly:
 
-Qualified-pipeline weekly activity sample:
+- `snapshot.rows` → open count/value and stage distribution.
+- `activity.rows` → `unique_touches` by channel/direction. Use `unique_touches`, not raw row counts.
+- `deals.rows` → per-deal touch breakdowns.
+- `movement.rows` → stage/status/record movement.
+- `freshness.rows` → data freshness caveats.
+
+Keep activity and movement separate: messages/call_events/appointments prove touches; movement rows prove stage/status/record movement.
+
+## Raw SQL (non-standard analytics only)
 
 ```bash
-topline --agent query sql --sql "WITH qualified_opps AS (SELECT DISTINCT contact_id FROM opportunities WHERE pipeline_id = 'PIPELINE_ID' AND status = 'open' AND contact_id IS NOT NULL), week_messages AS (SELECT m.contact_id, m.type, m.direction, m.date_added FROM messages m JOIN qualified_opps q ON q.contact_id = m.contact_id WHERE m.date_added >= 'YYYY-MM-DDT00:00:00-04:00') SELECT COALESCE(type, 'unknown') AS activity_type, COALESCE(direction, 'unknown') AS direction, COUNT(*) AS touches, COUNT(DISTINCT contact_id) AS contacts_touched, MIN(date_added) AS first_touch, MAX(date_added) AS last_touch FROM week_messages GROUP BY activity_type, direction ORDER BY touches DESC LIMIT 20"
+topline --agent query explain --tables opportunities,pipeline_stages,messages,contacts,call_events,appointments
+topline --agent query sql --sql 'SELECT status, COUNT(*) AS n FROM opportunities GROUP BY status ORDER BY n DESC'
 ```
 
+Raw SQL is for analytics the composite commands cannot express (e.g. unusual rollups, cross-pipeline funnels, custom user-supplied joins). Keep it inline; do not assemble multi-line SQL in a bash heredoc.
+
 Rules:
 
 - The command calls the hosted `Topline-com/os-mcp` `/query/api/*` endpoints and inherits MCP SQL safety: one `SELECT` / `WITH ... SELECT`, exposed tables only, 5,000-row cap.
-- Use SQL first for counts, joins, stage/value snapshots, contact activity rollups, and funnel analytics. Use REST/CLI action commands for live mutations, exact object drilldowns, or when synced warehouse freshness is uncertain.
+- Use SQL first for counts, joins, stage/value snapshots, contact activity rollups, and funnel analytics that the composite commands do not cover. Use REST/CLI action commands for live mutations, exact object drilldowns, or when synced warehouse freshness is uncertain.
 - Do not print query tokens. If missing, ask the user to mint/configure a connection-bound query token — do not silently fall back to REST and present it as the SQL-first result.
 
 ## Pipeline audit (diagnostic / one-off only — NOT the analytics default)
@@ -98,7 +118,7 @@ topline --agent pipeline audit \
 
 Confirm `activityJoinIncluded: true` in the JSON before trusting any zero-activity result. If that field is missing or false, the installed CLI is old or the audit was run with `--skip-activity`; treat the output as snapshot-only.
 
-Do **not** run this after a successful SQL audit "to verify" — cross-verification is a drilldown subroutine, not the default.
+Do **not** run this after a successful `query audit` "to verify" — cross-verification is a drilldown subroutine, not the default.
 
 Flags:
 
@@ -129,24 +149,26 @@ topline raw request GET /opportunities/search --query '{"pipelineId":"PIPELINE_I
 
 - Prefer `--agent` for concise, token-efficient output.
 - Add `--mask-pii` when sharing outside a private internal context.
-- Use Python or SQL for arithmetic, grouping, and joins; never do CRM math mentally.
+- Use composite query commands or inline SQL for arithmetic, grouping, and joins; never do CRM math mentally.
 - Avoid markdown tables in chat replies (Discord/WhatsApp). Use bullets.
 - Keep sales reporting separated into: activity, movement, hygiene, next action.
 
 ## Common pitfalls
 
-1. **Starting CRM analytics with REST when SQL is available.** If `TOPLINE_QUERY_TOKEN` is configured and the task is a rollup/audit/count/join, use `topline --agent query sql` first. REST pagination and endpoint fan-out are fallback paths, not the default analytics path.
-2. **Running both SQL AND `pipeline audit` for the same question.** The default audit ends after the SQL composite. Don't add `pipeline audit` "to verify" — cross-verification is a drilldown subroutine, not the default. Movement is already covered by the composite SQL via `last_stage_change_at` / `last_status_change_at` / `created_at`.
-3. **Auto-falling back to REST when SQL is partial.** Hard rule: default audit ends after the SQL composite. Disclose any coverage gap in the answer; the user can ask for a live re-run if it matters. This keeps `os-mcp` view gaps visible as bugs instead of papered over.
+1. **Starting CRM analytics with REST or raw SQL when a composite command is available.** If `TOPLINE_QUERY_TOKEN` is configured and the task is a standard pipeline rollup/audit, use `topline --agent query audit` (or `query snapshot` / `query freshness`) first. REST pagination, endpoint fan-out, and hand-written SQL are fallback/advanced paths.
+2. **Running both `query audit` AND `pipeline audit` for the same question.** The default audit ends after `query audit`. Movement is already included in `query audit.movement`; don't add `pipeline audit` "to verify."
+3. **Auto-falling back to REST when SQL is partial.** Hard rule: default audit ends after `query audit`. Disclose any coverage gap in the answer; the user can ask for a live re-run if it matters. This keeps `os-mcp` view gaps visible as bugs instead of papered over.
 4. **Mislabeling SQL/native disagreements as "sync lag".** Only call it lag when `_synced_at` proves lag. If SQL is fresh but a view is missing a UNION (e.g. appointments not yet in `contact_timeline`), say the SQL surface is incomplete for that metric (`os-mcp` coverage gap) and stop.
-5. **Assuming opportunity updates equal activity.** Calls/SMS/email live in conversations/messages and may not move `updatedAt` or stage fields.
+5. **Assuming opportunity updates equal activity.** Calls/SMS/email live in conversations/messages/`call_events` and may not move `updatedAt` or stage fields.
 6. **Skipping stage lookup.** Stage IDs are opaque; map them through `opportunities pipelines` (or a SQL join on `pipeline_stages`) before presenting.
 7. **Printing secrets or full PII.** PITs, query tokens, phone numbers, and credentials never belong in logs, memory, or summaries.
 8. **Silent writes.** For mutating commands, get explicit approval and state the exact contact / opportunity / action first.
 9. **Treating masked `--agent` JSON as machine-parseable for pagination.** `--agent` enables PII masking and may replace numeric pagination fields like `startAfter` with `[PHONE]`, which makes the output invalid JSON. For internal follow-up scripts, use unmasked CLI output into temp files, parse locally, and delete the files before finishing.
-10. **Wrapping `topline` in `python3` / `execute_code` / `subprocess.run` to "verify" or "reshape" CLI output.** The CLI already returns JSON; parse it directly in the answer. Python wrapper loops are the new shape of the old REST-fan-out anti-pattern — they blow the 4-call ceiling, hide the actual data path, and produce nothing the SQL composite did not already return. If you genuinely need to reshape data, do it in the SQL itself with a final `SELECT`, not in Python around the CLI.
-11. **Editing this skill (or `topline-os-crm-audits`) mid-audit via `skill_manage`.** The contract is read-only during execution. If the skill is wrong, finish the current run honestly (or stop and disclose the gap), then propose the edit in a follow-up turn. Mid-run edits invalidate the test trace because the documented contract is no longer what the agent followed.
+10. **Wrapping `topline` in `python3` / `execute_code` / `subprocess.run` to "verify" or "reshape" CLI output.** The CLI already returns JSON; parse it directly in the answer. Python wrapper loops are the new shape of the old REST-fan-out anti-pattern.
+11. **Wrapping `query sql` in a bash heredoc.** `SQL=$(cat <<'SQL' ... SQL)` or `topline --agent query sql --sql "$(cat <<SQL ... SQL)"` is the same anti-pattern as Python wrapper loops in a different shell. If you are authoring multi-line SQL for a standard pipeline question, switch to `query audit`. If the question genuinely needs raw SQL, keep it inline on `--sql '...'`.
+12. **Editing this skill (or `topline-os-crm-audits`) mid-audit via `skill_manage`.** The contract is read-only during execution. If the skill is wrong, finish the current run honestly (or stop and disclose the gap), then propose the edit in a follow-up turn.
+13. **Prompt-rule tightening instead of primitive design.** If repeated runs keep finding new over-calling shapes (REST fan-out → python wrappers → over-decomposed SQL → bash heredocs), stop adding rules and move the workflow into a composite command/view. The standard pipeline audit is now `query doctor` → `query audit` → answer.
 
 ## Reporting rule of thumb
 
-Use hosted SQL query commands for broad analytics when `TOPLINE_QUERY_TOKEN` is configured. Use `topline raw request` for one-off edge cases. Use the typed CLI commands for compound read/reporting workflows or live drilldowns. Keep activity separate from movement: conversation activity can happen without opportunity stage/status changes.
+Use composite query commands for broad analytics when `TOPLINE_QUERY_TOKEN` is configured. Use raw `query sql` for non-standard analytics. Use the typed CLI commands for compound read/reporting workflows or live drilldowns. Keep activity separate from movement: conversation activity can happen without opportunity stage/status changes.