filesystem audit across 19 directories

A full-system audit run at the start of the day surfaced four structural risks that set the agenda for everything that followed.

what the audit found

Ran a structured filesystem audit across 19 directories — every active project under ~/Projects and related infrastructure. The audit artifact is saved at FILESYSTEM_AUDIT_2026-04-17.md. Four risks came back:

• CV-Intel had no remote and no backup. A complete loss scenario with no recovery path — 15 months of Rancho Mirage civic intelligence, the distiller pipeline, the D1 schema, all of it.
• Six Cloudflare Workers were untracked by git. Deployed infrastructure with no version history and no way to reconstruct if a worker was deleted or a deployment went sideways.
• Loose .env at ~/Projects root with plaintext API keys. Anthropic, Cloudflare, NewsAPI, FEC — all in a single unencrypted file sitting outside any repo.
• docs/ vs com/ source-of-truth contradiction. docs/ was the old Mintlify publishing surface. com/ was the live Astro site. Both existed, both had CLAUDE.md references pointing at different things — a slow-building confusion risk for any agent or human reading the repo structure.

why this mattered

None of these were active fires. All of them were deferred risk. The kind of thing that only becomes visible when you stop building for an hour and actually look at the shape of the infrastructure. The audit gave the rest of the day a concrete agenda: insure CV-Intel first, then retire docs/ and close the contradiction, then clean up the .claude/settings.local.json while we were in the neighborhood.