diff --git a/.machine_readable/licensing-policy.toml b/.machine_readable/licensing-policy.toml
new file mode 100644
index 0000000..5e2b165
--- /dev/null
+++ b/.machine_readable/licensing-policy.toml
@@ -0,0 +1,55 @@
+# SPDX-License-Identifier: PMPL-1.0-or-later
+# SPDX-FileCopyrightText: 2026 Jonathan Jewell (hyperpolymath)
+#
+# Machine-readable form of LICENCE-POLICY.adoc. Tools enforce from this;
+# humans read the .adoc (the .adoc is the source of truth — keep in
+# sync, do not diverge). NOT a REUSE per-file dep5 map: this encodes
+# the RULES, not per-file claims.
+
+schema = "hyperpolymath.licensing-policy/1"
+revised = "2026-05-18"
+note = "Rules 1-3 are the standing lawyer-backed policy; addendum is additive (007, no-automation, variant cleanup)."
+
+[default]                                # Rule 1
+spdx = "PMPL-1.0-or-later"
+meaning = "Palimpsest-MPL v1.0 — incorporates MPL-2.0 by reference"
+scope = "all hyperpolymath original code, docs, config, scripts"
+status = "the disciplined estate standard (audit-confirmed ~75% of files)"
+
+[fallback]                               # Rule 2
+spdx = "MPL-2.0"
+rule = "automatic operative legal fallback for PMPL-1.0-or-later; no separate declaration needed (lawyer-confirmed)"
+
+[platform_exception]                     # Rule 2, registries
+spdx = "MPL-2.0"
+applies = "crates.io / Hackage / npm and other OSI-only registries"
+note = "explicit MPL-2.0 + comment '(PMPL-1.0-or-later preferred; MPL-2.0 required for [platform])'; compliance, not preference"
+
+[exceptions.son]                         # Rule 3
+spdx = "AGPL-3.0-or-later"
+instances = ["IDApTIK", "Airborne Submarine Squadron (ASS)"]
+permanent = true
+open_question = "possible move to PAGPL-1.0-or-later (Palimpsest-AGPL) — owner ruling pending, not asserted"
+
+[exceptions.repo_007]                    # Addendum A1 (overrides Rules 1-3 for 007)
+handling = "OUT-OF-SCOPE"
+reason = "full commercial dual-use; potentially dangerous to declare (export-control / hazardous-tech sensitive)"
+rule = "never touch/normalise/label/add-SPDX/scan/report; surface to owner only"
+
+[third_party]
+rule = "preserve original SPDX exactly; never relicense; flag-not-edit"
+
+[automation]                             # Addendum A2
+allowed = false
+rule = "no bulk/sed/script/agent licence-SPDX changes ever; remediation is manual, per-file, owner-only"
+exception = "an agent may author NEW files with correct SPDX; a brand-new repo's own top-level LICENSE may be set"
+
+[debt]                                   # Addendum A3 — the ONLY licence debt
+type = "variant normalisation (manual, owner-driven)"
+fix = "PMPL-1.0 and PMPL-1.0-or-later-or-later -> PMPL-1.0-or-later"
+
+[guard]
+location = "rsr-template-repo/.github/workflows/spdx-policy-guard.yml"
+edits_files = false
+tolerates = ["PMPL-*"]
+fails_on = ["contradictory multi-SPDX in one file", "foreign licences outside the estate family"]
diff --git a/LICENCE-POLICY.adoc b/LICENCE-POLICY.adoc
index 441be78..7cc41d0 100644
--- a/LICENCE-POLICY.adoc
+++ b/LICENCE-POLICY.adoc
@@ -95,6 +95,50 @@ compatibility with other licences, clear modern language.
 * CI: `hypatia-scan.yml` checks SPDX headers on all files
 * Pre-commit: `panic-attack assail` catches missing or wrong SPDX identifiers
 * New repos: rsr-template-repo defaults to `PMPL-1.0-or-later`
+* CI: `rsr-template-repo/.github/workflows/spdx-policy-guard.yml` —
+  report-only drift-guard (never edits); fails on foreign SPDX and
+  contradictory multi-SPDX files; tolerates the `PMPL-*` family
+
+== Addendum — 2026-05-18 clarifications (additive; Rules 1–3 unchanged)
+
+These refine, they do not supersede. The three Rules above are correct
+and remain in force (a read-only estate audit confirmed PMPL-1.0-or-later
+is the disciplined estate standard, and PMPL = Palimpsest-MPL v1.0,
+which incorporates MPL-2.0 by reference with the MPL-2.0 fallback of
+Rule 2 — i.e. the model is internally coherent).
+
+=== A1 — `007` is out of scope entirely
+
+`007` carries a full commercial, dual-use licence where *dual-use means
+potentially dangerous to declare* (export-control / hazardous-tech
+sensitive). Labelling or asserting its licence is itself a sensitive
+act. Never touch, normalise, label, add SPDX to, scan, or include 007
+in any report or sweep. Surface to the owner only. This overrides
+Rules 1–3 for 007.
+
+=== A2 — Licence edits are manual, owner-only, never automated
+
+No automated or bulk SPDX/licence change (sed sweep, script, agent
+pass) on any estate repo, ever. Prior automated attempts falsified
+third-party licence authorship — a legal-integrity hazard. Remediation
+is manual, per-file, by the owner. An agent may author *new* files with
+the correct SPDX from birth, and may set a brand-new repo's own
+top-level LICENSE — that is authoring, not relicensing.
+
+=== A3 — Variant normalisation is the only standing debt
+
+A few files carry malformed variants — `PMPL-1.0` (missing
+`-or-later`) and `PMPL-1.0-or-later-or-later` (doubled suffix). These
+should read `PMPL-1.0-or-later`. This is the *only* licence debt, and
+it is owner-driven manual cleanup (per A2) — not a drift to auto-fix.
+
+=== A4 — Open question (owner ruling pending)
+
+Rule 3 uses `AGPL-3.0-or-later` for the son's co-developed projects.
+The Palimpsest family has a canonical member `PAGPL-1.0-or-later`
+(Palimpsest-AGPL). Whether the son's work should move to
+`PAGPL-1.0-or-later` is an *open owner decision* — not yet ruled, not
+asserted here.
 
 == See Also