diff --git a/.gitignore b/.gitignore
index 89ac4551..92d6c800 100644
--- a/.gitignore
+++ b/.gitignore
@@ -76,3 +76,6 @@ evals/dataset/manifest.json
 evals/dataset/traces/
 .coverage
 .DS_Store
+
+# Local debug/test output
+output/
diff --git a/README.md b/README.md
index bf9f685a..cbf7107e 100644
--- a/README.md
+++ b/README.md
@@ -3,10 +3,10 @@
 </p>
 
 
-<h1 align="center">The context layer for AI agents.</h1>
+<h1 align="center">Private improvement infrastructure for AI agents.</h1>
 
 <p align="center">
-  Lerim sits above agent traces, compiles the useful signal into cited context, and gives the next agent the operating memory it needs before work begins.
+  Lerim sits above agent traces, compiles useful signal into cited context and eval assets, and gives future agents the operating memory they need before work begins.
 </p>
 
 <p align="center">
@@ -50,11 +50,11 @@
 
 # Lerim
 
-Lerim is a context compiler for AI agent workflows.
+Lerim is a context compiler for repeated AI agent workflows.
 
 Agents leave traces everywhere: terminals, tools, tickets, code reviews, support cases, research runs. Most of that history is too noisy to reuse directly.
 
-Lerim filters those traces into evidence-backed context records: the decisions, constraints, facts, preferences, and handoffs future agents should not have to rediscover.
+Lerim filters those traces into evidence-backed context records and eval-ready workflow signal: the decisions, constraints, facts, preferences, corrections, and handoffs future agents should not have to rediscover.
 
 Instead of replaying raw traces or losing useful context between workflows, Lerim keeps:
 
@@ -62,6 +62,7 @@ Instead of replaying raw traces or losing useful context between workflows, Leri
 - constraints
 - preferences
 - facts
+- corrections
 - handoffs
 - evidence linked back to the source session
 
@@ -70,7 +71,7 @@ Instead of replaying raw traces or losing useful context between workflows, Leri
 | Moment | Lerim does | Future agents get |
 | --- | --- | --- |
 | A completed agent run lands | Imports a source session from an adapter, MCP submit, or clean custom JSONL | A stable source boundary instead of a transcript paste |
-| The trace is noisy | Compacts the run and filters for reusable decisions, constraints, facts, preferences, and handoffs | Durable context, not another log index |
+| The trace is noisy | Compacts the run and filters for reusable decisions, constraints, facts, preferences, corrections, and handoffs | Durable context and eval-ready signal, not another log index |
 | Someone asks later | Retrieves relevant records and answers with citations back to stored evidence | A shorter start with less re-explaining |
 
 ## Quick Install
@@ -101,7 +102,7 @@ lerim answer "What context should I know before working in this project?"
 
 ## Why Lerim
 
-AI agents now triage tickets, investigate incidents, research markets, prepare handoffs, review policies, and change software.
+AI agents now triage tickets, investigate incidents, research markets, prepare handoffs, review policies, analyze customers, and change software.
 
 Every run leaves a trace. Most traces are too long, too noisy, and too platform-specific for the next agent to reuse directly.
 
@@ -111,16 +112,19 @@ Without a durable context layer:
 - constraints get rediscovered
 - preferences get ignored
 - every new session starts too close to zero
+- useful corrections never become eval or training signal
 
-Lerim fixes that by turning raw traces into reusable context records and making them queryable from agent tools and product workflows.
+Lerim fixes that by turning raw traces into reusable context records, eval assets, and training-ready workflow signal that remain queryable from agent tools and product workflows.
 
 Lerim is meant for any trace-producing agent workflow. Today, native source
 adapters are strongest for coding agents, and documented custom-trace paths cover
-support and incident workflows:
+support and incident workflows. Coding is a proof-rich workflow pack, not the
+whole product category:
 
 - coding agents: repo conventions, architecture decisions, setup facts, failed paths, test lessons, release handoffs
 - support operations: customer constraints, known fixes, failed fixes, escalation reasons, policy evidence, handoffs
 - operations and incidents: root causes, mitigations, rejected hypotheses, runbook gaps, incident handoffs, follow-up risks
+- research, compliance, security, revenue, and other custom business agents: source trails, assumptions, approvals, rejected paths, policy facts, and workflow-specific handoffs when the source owner handles export, cleaning, and redaction
 
 ## Key Capabilities
 
@@ -263,7 +267,19 @@ hardware/runtime metadata, and failure count.
 - Operations and incidents: documented custom-trace path; preserve root causes, mitigations, rejected hypotheses, runbook gaps, owner decisions, and follow-up risks.
 - Coding agents: retain architecture decisions, failed paths, repo conventions, setup facts, release handoffs, and constraints.
 
-Research, revenue, security, and other verticals can use the same custom-trace path today when the user owns export, cleaning, and redaction. The first product wedge and strongest examples are coding plus support and incident operations.
+Research, revenue, security, compliance, and other verticals can use the same custom-trace path today when the user owns export, cleaning, and redaction. The product wedge is one repeated private workflow with trace access, a workflow owner, privacy constraints, and measurable quality failure. Coding remains a strong proof workflow because the native adapters are mature, but the commercial company should be positioned around private agent improvement for enterprise workflows.
+
+## Enterprise Readiness To-Do List
+
+Use this list to keep the repo, website, and pitch aligned without turning the
+open-source package into a closed enterprise product:
+
+- Keep open core useful: CLI, local runtime, MCP server, native adapters, custom trace import, context DB, docs, and benchmarks.
+- Sell the production layer: Context Audits, private deployment, workflow evals, governance controls, managed integrations, retention, and enterprise support.
+- Prove one workflow first: support escalation, incident/security ops, research intelligence, compliance review, or engineering automation.
+- Measure improvement honestly: context reused, false memories rejected, eval pass rate, human acceptance, token budget saved, and repeated work reduced.
+- Build training only after proof: approved traces, corrections, and eval assets can become SFT/RL data once the customer workflow and privacy boundary are clear.
+- Keep coding agents as a proof pack, not the headline TAM/SAM/SOM story.
 
 ## Skill Updates
 
@@ -292,7 +308,43 @@ lerim dashboard
 See [Skill Updates](docs/guides/skill-updates.md) for the dashboard workflow
 and [CLI: lerim skill](docs/cli/skill.md) for command details.
 
-## Custom Agent Traces
+## Custom & Non-Coding Agents
+
+Lerim is not only for coding agents. Support, incident/security operations,
+research, compliance, revenue, and other custom business agents feed the same
+compiler through clean JSONL traces and a signal profile that matches the workflow.
+
+<p align="center">
+  <img src="docs/assets/lerim-agent-improvement-loop.png" alt="The agent improvement loop: your agent produces a completed run, the Lerim open core captures and compiles it into cited context, context is served back to future runs, and the Lerim private layer specializes models for the workflow" width="860">
+</p>
+
+Bundled signal profiles cover the common verticals out of the box:
+
+| Profile | Workflow |
+| --- | --- |
+| `coding` | Repository and coding-agent work (default). |
+| `support` | Customer support and customer operations. |
+| `ops` | Incident response, operations, and reliability. |
+| `research` | Research, market intelligence, and analysis. |
+| `compliance` | Compliance, legal, regulatory, and policy review. |
+| `generic` | General-purpose fallback. |
+
+List and inspect them with `lerim profile list` / `lerim profile show research`.
+If none fit, write your own YAML profile in a few minutes — see
+[Customize Lerim For Your Use Case](docs/guides/custom-source-profiles.md).
+
+If your agent does not have a native Lerim adapter, start at
+[Custom & Non-Coding Agents](docs/guides/custom-agents.md) for the full path from
+choosing a profile to querying compiled context.
+
+Worked before/after demos with real extracted records:
+
+- [Support Ops Demo](docs/guides/support-ops-demo.md)
+- [Incident Ops Demo](docs/guides/incident-ops-demo.md)
+- [Research Demo](docs/guides/research-demo.md)
+- [Compliance Demo](docs/guides/compliance-demo.md)
+
+### Custom Agent Traces
 
 Built-in `connect` adapters monitor the supported sources available today:
 Claude Code, Codex CLI, Cursor, OpenCode, and pi.
@@ -411,9 +463,10 @@ Lerim core is Apache-2.0. The local CLI, runtime, MCP server, native adapters,
 context DB schema, benchmark scripts, and integration docs should remain useful
 without a paid account.
 
-The planned commercial path is hosted/team infrastructure: sync, hosted private
-MCP, dashboards, review workflows, governance, SSO, audit logs, managed
-retention, evaluation monitoring, private deployments, and enterprise support.
+The planned commercial path is the production layer around the open core:
+Context Audits, hosted/private MCP, dashboards, review workflows, governance,
+SSO, audit logs, managed retention, evaluation monitoring, private deployments,
+workflow packs, training-ready dataset export, and enterprise support.
 
 See [COMMERCIAL.md](COMMERCIAL.md) for the open-core boundary.
 
diff --git a/docs/assets/README.md b/docs/assets/README.md
index 56d2f29a..bbb4a631 100644
--- a/docs/assets/README.md
+++ b/docs/assets/README.md
@@ -10,7 +10,12 @@ that are safe to ship with the docs site.
 - `lerim-context-retrieval.svg` is the public README visual showing CLI, skill,
   and MCP retrieval from the context graph.
 - `lerim-custom-trace-folder.svg` is the public custom-trace flow showing
-  clean JSONL registration and daemon polling ingest.
+  clean JSONL registration and daemon polling ingest. Trace-source labels use
+  support/research/custom-harness examples to reflect the multi-vertical custom path.
+- `lerim-agent-improvement-loop.png` is the public improvement-loop diagram:
+  your agent → Lerim open core (capture, compile, cite) → cited context served
+  back → Lerim private layer (specialization). Used on the README and the Custom
+  & Non-Coding Agents guide.
 - `integration-matrix-screenshot.png` is a non-authoritative public docs
   screenshot, not a benchmark artifact. Regenerate it from the integration
   matrix page before release.
diff --git a/docs/assets/lerim-agent-improvement-loop.png b/docs/assets/lerim-agent-improvement-loop.png
new file mode 100644
index 00000000..320607a3
Binary files /dev/null and b/docs/assets/lerim-agent-improvement-loop.png differ
diff --git a/docs/assets/lerim-context-retrieval.svg b/docs/assets/lerim-context-retrieval.svg
index cd39ff0a..ba02d983 100644
--- a/docs/assets/lerim-context-retrieval.svg
+++ b/docs/assets/lerim-context-retrieval.svg
@@ -60,14 +60,6 @@
       <path fill="#fff" fill-rule="evenodd" d="M384 416H128V96H384V416ZM320 160H192V352H320V160Z" clip-rule="evenodd"/>
     </symbol>
 
-    <!-- OpenClaw icon source: https://devicons.io/icons/openclaw/ -->
-    <symbol id="openclawIcon" viewBox="0 0 600 600">
-      <path fill="#d9232e" d="M300 64.2c-158.2 0-237.4 131.9-237.4 237.4s79.2 211 158.3 237.3v52.8h52.7v-52.8s26.4 10.6 52.8 0v52.8H379v-52.8c79.1-26.4 158.3-131.8 158.3-237.3S458.3 64.2 300 64.2"/>
-      <path fill="#ff4d4d" d="M89 248.8C9.9 222.4-16.5 275.2 9.9 328s79.1 26.4 105.5-26.3c15.8-37 0-52.8-26.4-52.8m422 0c79.1-26.4 105.5 26.4 79.1 79.1-26.4 52.8-79.1 26.4-105.5-26.3-15.8-37 0-52.8 26.4-52.8"/>
-      <path fill="#050810" d="M220.9 227.7a31.7 31.7 0 1 0 0-63.3 31.7 31.7 0 0 0 0 63.3m158.2 0a31.7 31.7 0 1 0 0-63.3 31.7 31.7 0 0 0 0 63.3"/>
-      <path fill="#00e5cc" d="M226.2 204a13.2 13.2 0 1 0 0-26.4 13.2 13.2 0 0 0 0 26.4m158.2 0a13.2 13.2 0 1 0 0-26.4 13.2 13.2 0 0 0 0 26.4"/>
-    </symbol>
-
     <style>
       .sans { font-family: Inter, ui-sans-serif, -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif; }
       .mono { font-family: "JetBrains Mono", ui-monospace, SFMono-Regular, Menlo, Consolas, monospace; }
@@ -230,8 +222,10 @@
 
     <g transform="translate(154 94)">
       <circle cx="22" cy="22" r="18" fill="rgba(127,216,255,0.12)" stroke="rgba(127,216,255,0.26)"/>
-      <use href="#openclawIcon" x="10" y="10" width="24" height="24"/>
-      <text x="52" y="20" class="item-label">OpenClaw</text>
+      <path d="M 13 25 a 7 7 0 0 1 14 0 M 11 25 v 2 a 3 3 0 0 0 3 3 M 29 25 v 2 a 3 3 0 0 1 -3 3" stroke="#7fd8ff" stroke-width="1.6" fill="none" stroke-linecap="round" stroke-linejoin="round"/>
+      <rect x="11" y="25" width="4" height="6" rx="1.5" stroke="#7fd8ff" stroke-width="1.6" fill="none"/>
+      <rect x="27" y="25" width="4" height="6" rx="1.5" stroke="#7fd8ff" stroke-width="1.6" fill="none"/>
+      <text x="52" y="20" class="item-label">Support agent</text>
       <text x="52" y="36" class="item-sub">MCP</text>
     </g>
 
diff --git a/docs/assets/lerim-custom-trace-folder.svg b/docs/assets/lerim-custom-trace-folder.svg
index a952eae0..c1197777 100644
--- a/docs/assets/lerim-custom-trace-folder.svg
+++ b/docs/assets/lerim-custom-trace-folder.svg
@@ -41,39 +41,6 @@
       <path d="M 1 1 L 9 5 L 1 9 Z" fill="#7fd8ff"/>
     </marker>
 
-    <!-- OpenClaw icon source: https://devicons.io/icons/openclaw/ -->
-    <symbol id="openclawIcon" viewBox="0 0 600 600">
-      <path fill="url(#ocBody)" d="M300 64.2c-158.2 0-237.4 131.9-237.4 237.4s79.2 211 158.3 237.3v52.8h52.7v-52.8s26.4 10.6 52.8 0v52.8H379v-52.8c79.1-26.4 158.3-131.8 158.3-237.3S458.3 64.2 300 64.2"/>
-      <path fill="url(#ocLeft)" d="M89 248.8C9.9 222.4-16.5 275.2 9.9 328s79.1 26.4 105.5-26.3c15.8-37 0-52.8-26.4-52.8"/>
-      <path fill="url(#ocRight)" d="M511 248.8c79.1-26.4 105.5 26.4 79.1 79.1-26.4 52.8-79.1 26.4-105.5-26.3-15.8-37 0-52.8 26.4-52.8"/>
-      <path fill="#ff4d4d" d="M137.7 46.9c11.9-7.1 25.9-5.9 40.4.9q21.6 10.3 48.4 37.2a7.9 7.9 0 1 1-11.2 11.2q-26-26-44-34c-11.8-5.6-19.8-5.2-25.5-1.8a8 8 0 0 1-8.1-13.5m284.2 1c14.5-6.8 28.5-8.1 40.4-1a8 8 0 0 1-8.1 13.5c-5.7-3.4-13.7-3.8-25.6 1.8q-18 8-43.9 34A8 8 0 0 1 373.5 85q26.8-26.8 48.4-37.2"/>
-      <path fill="#050810" d="M220.9 227.7a31.7 31.7 0 1 0 0-63.3 31.7 31.7 0 0 0 0 63.3m158.2 0a31.7 31.7 0 1 0 0-63.3 31.7 31.7 0 0 0 0 63.3"/>
-      <path fill="#00e5cc" d="M226.2 204a13.2 13.2 0 1 0 0-26.4 13.2 13.2 0 0 0 0 26.4m158.2 0a13.2 13.2 0 1 0 0-26.4 13.2 13.2 0 0 0 0 26.4"/>
-    </symbol>
-
-    <linearGradient id="ocBody" x1="-16.5" x2="675.6" y1="11.5" y2="571.4" gradientUnits="userSpaceOnUse">
-      <stop stop-color="#ff4d4d"/>
-      <stop offset="1" stop-color="#991b1b"/>
-    </linearGradient>
-    <linearGradient id="ocLeft" x1="0" x2="107.8" y1="241.8" y2="373.7" gradientUnits="userSpaceOnUse">
-      <stop stop-color="#ff4d4d"/>
-      <stop offset="1" stop-color="#991b1b"/>
-    </linearGradient>
-    <linearGradient id="ocRight" x1="484.6" x2="610" y1="248.8" y2="361.6" gradientUnits="userSpaceOnUse">
-      <stop stop-color="#ff4d4d"/>
-      <stop offset="1" stop-color="#991b1b"/>
-    </linearGradient>
-
-    <!-- Hermes icon source: https://github.com/NousResearch/hermes-agent/blob/main/acp_registry/icon.svg -->
-    <symbol id="hermesIcon" viewBox="0 0 16 16">
-      <path d="M8 1.5v13" stroke="currentColor" stroke-width="1.5" stroke-linecap="round"/>
-      <path d="M8 3.25c-2.35-1.4-4.7-.95-6.25.35 1.85-.2 3.8.2 5.55 1.55" stroke="currentColor" stroke-width="1.1" stroke-linecap="round" stroke-linejoin="round"/>
-      <path d="M8 3.25c2.35-1.4 4.7-.95 6.25.35-1.85-.2-3.8.2-5.55 1.55" stroke="currentColor" stroke-width="1.1" stroke-linecap="round" stroke-linejoin="round"/>
-      <path d="M8 13.25c-2.3-1-3.05-2.65-1.35-4.15-2 .8-2.35 2.95-.35 4" stroke="currentColor" stroke-width="1.1" stroke-linecap="round" stroke-linejoin="round"/>
-      <path d="M8 13.25c2.3-1 3.05-2.65 1.35-4.15 2 .8 2.35 2.95.35 4" stroke="currentColor" stroke-width="1.1" stroke-linecap="round" stroke-linejoin="round"/>
-      <circle cx="8" cy="1.8" r="1.1" fill="currentColor"/>
-    </symbol>
-
     <style>
       .sans { font-family: Inter, ui-sans-serif, -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif; }
       .mono { font-family: "JetBrains Mono", ui-monospace, SFMono-Regular, Menlo, Consolas, monospace; }
@@ -194,17 +161,18 @@
 
     <g transform="translate(22 50)">
       <circle cx="28" cy="27" r="18" fill="rgba(127,216,255,0.12)" stroke="rgba(127,216,255,0.26)"/>
-      <use href="#openclawIcon" x="16" y="15" width="24" height="24"/>
-      <text x="58" y="24" class="item-label">OpenClaw</text>
+      <path d="M 19 30 a 9 9 0 0 1 18 0 M 16 30 v 3 a 4 4 0 0 0 4 4 M 40 30 v 3 a 4 4 0 0 1 -4 4" stroke="#7fd8ff" stroke-width="2" fill="none" stroke-linecap="round" stroke-linejoin="round"/>
+      <rect x="16" y="30" width="5" height="7" rx="2" stroke="#7fd8ff" stroke-width="2" fill="none"/>
+      <rect x="35" y="30" width="5" height="7" rx="2" stroke="#7fd8ff" stroke-width="2" fill="none"/>
+      <text x="58" y="24" class="item-label">Support agent</text>
       <text x="58" y="40" class="item-sub">export completed runs</text>
     </g>
 
     <g transform="translate(22 106)">
       <circle cx="28" cy="27" r="18" fill="rgba(255,217,107,0.10)" stroke="rgba(255,217,107,0.26)"/>
-      <g color="#ffd96b">
-        <use href="#hermesIcon" x="16" y="15" width="24" height="24"/>
-      </g>
-      <text x="58" y="24" class="item-label">Hermes</text>
+      <path d="M 19 22 a 4 4 0 0 1 4 -4 h 10 a 4 4 0 0 1 4 4 v 8 a 4 4 0 0 1 -4 4 h -6 l -4 3 v -3 h -0 a 4 4 0 0 1 -4 -4 Z" stroke="#ffd96b" stroke-width="2" fill="none" stroke-linejoin="round"/>
+      <path d="M 22 23 h 12 M 22 27 h 8" stroke="#ffd96b" stroke-width="1.5" stroke-linecap="round"/>
+      <text x="58" y="24" class="item-label">Research agent</text>
       <text x="58" y="40" class="item-sub">export completed runs</text>
     </g>
 
diff --git a/docs/concepts/business-workflows.md b/docs/concepts/business-workflows.md
index 8a19639d..557af69f 100644
--- a/docs/concepts/business-workflows.md
+++ b/docs/concepts/business-workflows.md
@@ -1,20 +1,27 @@
 # Business Workflows
 
 Lerim is useful when a team runs repeated AI workflows and keeps losing the
-operating context between runs.
+operating context, correction signal, and evaluation evidence between runs.
 
 The pattern is:
 
 1. an agent completes work inside a business process
 2. the trace contains evidence, decisions, constraints, open questions, and handoffs
 3. Lerim extracts the reusable signal
-4. Lerim writes compact context records with source evidence
+4. Lerim writes compact context records and eval-ready assets with source evidence
 5. the next agent starts with compact, cited context instead of a raw transcript
+6. approved corrections can later become training data for workflow-specific models
 
-The first product wedge is coding agents plus support and incident operations.
-Research, revenue, security, and other workflows can use custom clean traces
-today when the source owner handles export, redaction, and retention. Dedicated
-signal packs for those verticals are future extensions, not separate pipelines.
+The commercial wedge is one repeated private workflow with trace access, a
+workflow owner, privacy constraints, and measurable quality failure. Coding
+agents are a strong proof pack because native adapters are mature, but the
+company positioning should be broader: private agent improvement infrastructure
+for enterprise workflows.
+
+Support, incident/security operations, research, compliance, revenue, and other
+workflows can use custom clean traces today when the source owner handles export,
+redaction, and retention. Dedicated signal packs for those verticals are future
+extensions, not separate pipelines.
 
 ## Support operations
 
@@ -52,7 +59,8 @@ lerim answer "What risks were still open after the last carrier-delay incident?"
 ## Engineering automation
 
 Engineering teams can retain architecture decisions, failed tests, repo
-conventions, release lessons, and operational constraints.
+conventions, release lessons, and operational constraints. This remains a strong
+technical proof workflow, but it should not be the only market story.
 
 Example question:
 
@@ -80,3 +88,17 @@ If the source trace contains customer-specific noise or sensitive fields, run a
 customer-owned cleaner before the files enter that folder. Lerim filters for
 durable business signal, but pre-ingest cleaning is still the right boundary for
 secrets, regulated data, large raw tool outputs, and retention policy.
+
+## Funding-readiness checklist
+
+Use this as the operating to-do list for aligning pitch, website, docs, and the
+repo without changing the open-source code boundary:
+
+- Pitch: lead with private agent improvement infrastructure, not AI Lab and not coding-only memory.
+- Website: make the first offer a Context Audit for one repeated enterprise agent workflow.
+- Docs: keep the open-core boundary clear and show support, incident/security, research, compliance, and engineering automation as workflow packs.
+- Product proof: measure context reused, false memories rejected, eval pass rate, human acceptance, token budget saved, and repeated work reduced.
+- Commercial proof: target 3-5 paid audits, 2-3 pilots, and one private deployment before a seed round.
+- Pricing: use Context Audit at roughly $15K-$40K, private deployment at roughly $60K-$250K/year per workflow or team, and SFT/RL services at roughly $15K-$75K/month plus compute after approved traces and evals exist.
+- Market framing: TAM is enterprise agentic AI, SAM is private/custom agent improvement workflows, and SOM is the first 24-36 months of deployments and training retainers.
+- Repo boundary: keep coding adapters because they are real product proof; add enterprise features through docs, examples, workflow packs, evals, and private deployment work rather than hiding the current open-source strengths.
diff --git a/docs/examples/index.md b/docs/examples/index.md
index 4db7e6ba..08e1642a 100644
--- a/docs/examples/index.md
+++ b/docs/examples/index.md
@@ -111,6 +111,9 @@ lerim context records --profile support
 lerim answer "What refund approval constraints should the next support agent know?"
 ```
 
+See the [Support Ops Demo](../guides/support-ops-demo.md) for a realistic
+before/after with real extracted records.
+
 ## Incident-Agent Trace Import
 
 Incident traces should preserve root causes, mitigations, rejected hypotheses,
@@ -127,6 +130,47 @@ lerim context records --profile ops
 lerim answer "What did we learn from the last incident handoff?"
 ```
 
+See the [Incident Ops Demo](../guides/incident-ops-demo.md) for a realistic
+before/after with real extracted records.
+
+## Research-Agent Trace Import
+
+Research traces should preserve source-quality rules, cited conclusions, rejected
+leads, and analyst assumptions.
+
+```bash
+lerim trace import ./traces/research/*.jsonl \
+  --source-name research-agent \
+  --source-profile research \
+  --scope-type domain \
+  --scope research
+
+lerim context records --profile research
+lerim answer "What source-quality rules should the next research run follow?"
+```
+
+See the [Research Demo](../guides/research-demo.md) for a realistic before/after
+with real extracted records.
+
+## Compliance-Agent Trace Import
+
+Compliance traces should preserve policy boundaries, approval gates, rejected
+interpretations with reasoning, and regulatory citations.
+
+```bash
+lerim trace import ./traces/compliance/*.jsonl \
+  --source-name compliance-agent \
+  --source-profile compliance \
+  --scope-type domain \
+  --scope compliance
+
+lerim context records --profile compliance
+lerim answer "What approval gates apply to data-export feature changes?"
+```
+
+See the [Compliance Demo](../guides/compliance-demo.md) for a realistic
+before/after with real extracted records.
+
 ## What Not To Claim
 
 - MCP config support does not prove native completed-session capture.
diff --git a/docs/examples/traces/compliance-review-run.jsonl b/docs/examples/traces/compliance-review-run.jsonl
new file mode 100644
index 00000000..d8d137db
--- /dev/null
+++ b/docs/examples/traces/compliance-review-run.jsonl
@@ -0,0 +1,8 @@
+{"type":"user","message":{"role":"user","content":"Review whether the new customer data-export feature meets GDPR Article 20 data portability requirements before launch."},"timestamp":"2026-05-20T10:00:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Checking the feature against GDPR Article 20. The requirement is that personal data be exported in a structured, commonly used, machine-readable format."},"timestamp":"2026-05-20T10:02:00Z"}
+{"type":"user","message":{"role":"user","content":"The feature exports to a proprietary encrypted blob. Is that compliant?"},"timestamp":"2026-05-20T10:05:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Rejected interpretation: a proprietary encrypted blob does NOT satisfy Article 20 portability. The reasoning: 'commonly used and machine-readable' requires an open interoperable format (e.g., JSON, CSV, XML). A format that can only be read by our own decryption tool fails the interoperability test and was previously rejected by the EDPB Guidelines on data portability. This interpretation should stand for all future export-feature reviews."},"timestamp":"2026-05-20T10:07:00Z"}
+{"type":"user","message":{"role":"user","content":"What's the approval path to fix this?"},"timestamp":"2026-05-20T10:09:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Standing approval gate: any data-export format change requires sign-off from the Data Protection Officer AND Legal before it can ship. This is not a product-team-only decision. The current proprietary-blob export must be blocked from launch until it is reworked to an open format and re-reviewed."},"timestamp":"2026-05-20T10:10:00Z"}
+{"type":"user","message":{"role":"user","content":"Noted. Anything else for future reviews?"},"timestamp":"2026-05-20T10:12:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Durable policy boundary for future export-feature work: data-export features must offer at least one open, machine-readable format by default to meet GDPR Article 20. Proprietary or encrypted-only formats are non-compliant regardless of whether the customer 'can' request a readable copy through support. Citation: GDPR Article 20(1); EDPB Guidelines on the right to data portability. Effective jurisdiction: EU/EEA; version current as of May 2026."},"timestamp":"2026-05-20T10:13:00Z"}
diff --git a/docs/examples/traces/incident-agent-run.jsonl b/docs/examples/traces/incident-agent-run.jsonl
index 454c04d1..5255af07 100644
--- a/docs/examples/traces/incident-agent-run.jsonl
+++ b/docs/examples/traces/incident-agent-run.jsonl
@@ -1,2 +1,8 @@
-{"type":"user","message":{"role":"user","content":"Investigate webhook delivery failures for the EU billing queue."},"timestamp":"2026-05-16T11:00:00Z"}
-{"type":"assistant","message":{"role":"assistant","content":"The incident agent confirmed the carrier retried duplicate deliveries, disabled the stale route, and left follow-up work to add replay protection to the runbook."},"timestamp":"2026-05-16T11:08:00Z"}
+{"type":"user","message":{"role":"user","content":"Investigate webhook delivery failures for the EU billing queue. Alerts fired at 03:10 UTC showing a 70% delivery failure rate."},"timestamp":"2026-05-16T11:00:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Initial hypothesis: the EU gateway is down. Checking gateway health."},"timestamp":"2026-05-16T11:01:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Gateway health is green; gateway is NOT the cause. Rejecting the gateway-down hypothesis. Next hypothesis: the delivery route is misconfigured."},"timestamp":"2026-05-16T11:03:00Z"}
+{"type":"user","message":{"role":"user","content":"Did you find anything in the delivery logs?"},"timestamp":"2026-05-16T11:04:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Delivery logs show the carrier retried duplicate deliveries for the same event id up to 8 times, exhausting the retry budget. The stale route eu-billing-legacy was still receiving traffic. Confirmed root cause: the eu-billing-legacy route was not decommissioned after the migration, causing duplicate delivery and retry exhaustion on the active route."},"timestamp":"2026-05-16T11:06:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Mitigation applied: disabled the stale eu-billing-legacy route. Delivery failure rate dropped from 70% to 2% within 5 minutes. No data loss; all events eventually delivered via the active route."},"timestamp":"2026-05-16T11:08:00Z"}
+{"type":"user","message":{"role":"user","content":"What's still open after this?"},"timestamp":"2026-05-16T11:09:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Follow-up risk: there is no replay protection in the runbook, so a future stale route or carrier-side duplicate can cause the same retry exhaustion. The runbook needs an idempotency/dedup step before this can be considered resolved. Owner decision: routing decommission authority sits with the Platform team, not the on-call responder. I am leaving the runbook-gap follow-up open for Platform to add replay protection."},"timestamp":"2026-05-16T11:10:00Z"}
diff --git a/docs/examples/traces/research-analyst-run.jsonl b/docs/examples/traces/research-analyst-run.jsonl
new file mode 100644
index 00000000..18af3b37
--- /dev/null
+++ b/docs/examples/traces/research-analyst-run.jsonl
@@ -0,0 +1,8 @@
+{"type":"user","message":{"role":"user","content":"Assess the competitive position of the EU neobank sector for Q2 2026. Focus on funding trends and regulatory headwinds."},"timestamp":"2026-05-18T14:00:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Starting with primary sources. Per our standing source-quality rule: prefer SEC equivalents and ESMA filings over press releases and blog posts. Treating trade-press funding numbers as unverified unless corroborated by a filing or a named investor."},"timestamp":"2026-05-18T14:02:00Z"}
+{"type":"user","message":{"role":"user","content":"What did you find on funding?"},"timestamp":"2026-05-18T14:10:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Three ESMA-filed prospectuses confirm Q2 2026 neobank funding is down approximately 35% year-over-year, driven by tightened MiFID II marketing restrictions on retail investment products. This is a confirmed, filing-backed conclusion. I am rejecting the earlier TechCrunch lead claiming a 50% drop; that figure came from a single unnamed source and is not corroborated by any filing. Going forward, we should not use TechCrunch funding figures for EU neobank sizing unless a filing corroborates them."},"timestamp":"2026-05-18T14:12:00Z"}
+{"type":"user","message":{"role":"user","content":"And the regulatory headwinds?"},"timestamp":"2026-05-18T14:15:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Recurring analyst assumption to preserve for future runs: EU neobank valuations should be benchmarked against traditional bank multiples adjusted downward for regulatory capital requirements, not against US fintech multiples. The US-fintech-comparables framing used in several sell-side notes overstates neobank value because it ignores MiFID II capital constraints."},"timestamp":"2026-05-18T14:17:00Z"}
+{"type":"user","message":{"role":"user","content":"Good. What should we exclude going forward?"},"timestamp":"2026-05-18T14:20:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Standing scoping boundary: exclude crypto-native and stablecoin-first institutions from the EU neobank coverage set unless explicitly requested; they operate under a different regulatory regime and distort the funding-trend comparison. Source caveat: the 35% decline figure is only as current as the May 2026 filings; it may shift when the June 2026 cycle posts."},"timestamp":"2026-05-18T14:22:00Z"}
diff --git a/docs/examples/traces/support-agent-run.jsonl b/docs/examples/traces/support-agent-run.jsonl
index 40a88ab4..5a88edf5 100644
--- a/docs/examples/traces/support-agent-run.jsonl
+++ b/docs/examples/traces/support-agent-run.jsonl
@@ -1,2 +1,8 @@
-{"type":"user","message":{"role":"user","content":"Customer requested a refund for a failed renewal. Policy says refunds above EUR 500 require manager approval."},"timestamp":"2026-05-16T09:00:00Z"}
-{"type":"assistant","message":{"role":"assistant","content":"The support agent confirmed the renewal failed twice, kept the ticket open, and escalated because the refund amount was above the approval threshold."},"timestamp":"2026-05-16T09:05:00Z"}
+{"type":"user","message":{"role":"user","content":"Customer #4421 is requesting a refund for a failed annual renewal (EUR 640). The charge went through but the plan did not activate. They want the refund processed today."},"timestamp":"2026-05-16T09:00:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"The refund amount is EUR 640, which is above the EUR 500 manager-approval threshold. I cannot auto-approve. Let me check the renewal failure reason first."},"timestamp":"2026-05-16T09:01:30Z"}
+{"type":"user","message":{"role":"user","content":"What did the billing system show?"},"timestamp":"2026-05-16T09:02:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"The billing log shows the renewal attempted twice and both failed with PAYMENT_GATEWAY_TIMEOUT, but the charge was captured on the second attempt. This is the known gateway-capture-without-activation bug. The fix is to manually activate the plan OR refund; the customer chose refund."},"timestamp":"2026-05-16T09:02:45Z"}
+{"type":"user","message":{"role":"user","content":"Process the refund. Route to the billing team if needed."},"timestamp":"2026-05-16T09:04:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Because the refund exceeds EUR 500, I am escalating to the billing manager for approval rather than processing directly. Required diagnostics attached: gateway timeout log, duplicate capture evidence, plan-inactive status. I am NOT retrying the charge, since retrying a captured-but-inactive renewal creates a triple charge per the known gateway bug. Ticket held open pending manager approval."},"timestamp":"2026-05-16T09:05:00Z"}
+{"type":"user","message":{"role":"user","content":"Good. For future reference, any renewal where the charge captured but activation failed should NOT be retried. Always refund or manually activate."},"timestamp":"2026-05-16T09:06:30Z"}
+{"type":"assistant","message":{"role":"assistant","content":"Noted as a standing constraint: captured-but-inactive renewals must not be retried; the correct actions are manual activation or refund, never a re-charge. Escalation prerequisites for refunds above EUR 500 are: gateway log, capture evidence, and plan-status confirmation. Handing off to billing manager for approval on this ticket."},"timestamp":"2026-05-16T09:07:00Z"}
diff --git a/docs/guides/compliance-demo.md b/docs/guides/compliance-demo.md
new file mode 100644
index 00000000..dd42484d
--- /dev/null
+++ b/docs/guides/compliance-demo.md
@@ -0,0 +1,88 @@
+# Compliance Demo
+
+This demo shows a realistic compliance-review agent trace moving through Lerim's
+compiler so the next compliance review of a data-export feature starts with the
+policy boundary, the rejected interpretation, and the approval gate instead of
+re-litigating whether a proprietary format meets GDPR Article 20. The trace and
+the extracted records below are real: the output was captured by importing the
+checked-in example through Lerim's `compliance` profile.
+
+## 1. The completed run
+
+A compliance agent reviewed whether a new customer data-export feature met GDPR
+Article 20 data portability requirements before launch. The feature exported to a
+proprietary encrypted blob. The valuable signal is not the review itself; it is
+the rejected interpretation (with reasoning), the standing approval gate, and the
+durable policy boundary with its regulatory citation.
+
+The trace lives at [`docs/examples/traces/compliance-review-run.jsonl`](../examples/traces/compliance-review-run.jsonl).
+
+## 2. Import it
+
+```bash
+lerim trace import docs/examples/traces/compliance-review-run.jsonl \
+  --source-name compliance-agent \
+  --source-profile compliance \
+  --scope-type domain \
+  --scope compliance
+```
+
+## 3. What Lerim kept
+
+Four records were extracted: two durable constraints (a policy boundary with a
+regulatory citation, and a standing approval gate), one citation fact, and one
+archived episode for the review.
+
+**Constraints (active — these govern future export-feature work):**
+
+- **GDPR Article 20 portability requires open formats** — A proprietary encrypted
+  blob fails the "commonly used and machine-readable" requirement per EDPB
+  Guidelines on data portability. This interpretation applies to all future
+  export-feature reviews.
+- **Standing approval gate for data-export format changes** — This is not a
+  product-team-only decision. Proprietary-blob exports must be blocked from launch
+  until reworked to an open format and re-reviewed.
+
+**Fact (active):**
+
+- **GDPR Article 20 regulation citation** — GDPR Article 20(1); EDPB Guidelines
+  on the right to data portability. Effective jurisdiction: EU/EEA; version
+  current as of May 2026.
+
+**Episode (archived — history, not standing context):**
+
+- The GDPR Article 20 data portability compliance review of the specific feature.
+
+Inspect them yourself:
+
+```bash
+lerim context records --source-profile compliance
+```
+
+## 4. What the next agent now knows
+
+Before this trace was compiled, the next compliance review of a data-export
+feature would have to re-research whether a proprietary format satisfies Article
+20 and re-decide who needs to sign off. After compilation, the rejected
+interpretation (with its reasoning), the approval gate, and the regulatory
+citation are available before work begins — so a product team cannot ship a
+proprietary-only export format by treating it as a product-only decision.
+
+## 5. The improvement loop
+
+The policy boundaries and rejected interpretations above are exactly the kind of
+approved, cited, compliance-specific data for a
+smaller, private compliance-review model. The open core captures and cites; model
+specialization (distillation, RL, prompt and harness tuning) is the private Lerim
+layer, built on top of this open foundation.
+
+## Notes
+
+- Replace the checked-in example with your own cleaned compliance-agent source
+  session for real evaluation.
+- Do not put private regulated data under public docs. Use customer-owned storage
+  for raw traces and commit only small sanitized examples when a public example is
+  useful.
+- If the trace contains regulated personal data, run a cleaner or the
+  [defense-in-depth redaction helper](submit-custom-agent-trace.md#defense-in-depth-redaction)
+  before import.
diff --git a/docs/guides/custom-agents.md b/docs/guides/custom-agents.md
new file mode 100644
index 00000000..4d1ede76
--- /dev/null
+++ b/docs/guides/custom-agents.md
@@ -0,0 +1,139 @@
+# Custom & Non-Coding Agents
+
+Start here if your agent is **not** a coding agent with a native Lerim adapter.
+That covers support, incident/security operations, research, compliance, revenue,
+and any custom business agent that produces completed runs but does not live in an
+IDE session store.
+
+Coding agents (Claude Code, Codex CLI, Cursor, OpenCode, pi) have native adapters
+that read completed sessions automatically. Everything else uses the **custom
+agent path** below. Both paths feed the same compiler and the same context store.
+
+<p align="center">
+  <img src="../assets/lerim-agent-improvement-loop.png" alt="The agent improvement loop: your agent produces a completed run, the Lerim open core captures and compiles it into cited context, context is served back to future runs, and the Lerim private layer specializes models for the workflow" width="860">
+</p>
+
+## 1. Does your agent have a native adapter?
+
+If your agent runs as a coding agent in a local session store, use the native
+adapter path instead — it is automatic:
+
+```bash
+lerim connect auto
+lerim project add .
+lerim up
+```
+
+See [Connecting Agents](connecting-agents.md) for the adapter list. If your agent
+is API-driven, server-side, or part of a business workflow (support, incidents,
+research, compliance, sales, internal tools), continue below.
+
+## 2. Pick or write a signal profile
+
+A signal profile tells Lerim's extraction what counts as durable signal for your
+workflow and what is noise. Lerim bundles six profiles:
+
+| Profile | Use for |
+| --- | --- |
+| `coding` | Repository and coding-agent work (default). |
+| `support` | Customer support and customer operations. |
+| `ops` | Incident response, operations, and reliability. |
+| `research` | Research, market intelligence, and analysis. |
+| `compliance` | Compliance, legal, regulatory, and policy review. |
+| `generic` | General-purpose fallback when no other profile fits. |
+
+List them and inspect one:
+
+```bash
+lerim profile list
+lerim profile show research
+```
+
+If none fit — for example a sales, procurement, or internal business agent — write
+your own YAML profile. It is four rule groups (`focus_rules`, `reject_as_noise`,
+`evidence_rules`, `scope_rules`) and takes a few minutes. See
+[Customize Lerim For Your Use Case](custom-source-profiles.md).
+
+## 3. Get a clean completed-run trace
+
+Lerim reads **completed** sessions, not live in-flight state. Export your agent's
+finished run as canonical JSONL, one event per line:
+
+```json
+{"type":"user","message":{"role":"user","content":"..."},"timestamp":"2026-05-16T09:00:00Z"}
+{"type":"assistant","message":{"role":"assistant","content":"..."},"timestamp":"2026-05-16T09:02:00Z"}
+```
+
+JSON arrays, wrapper objects (`messages` / `events` / `trace`), and plain text are
+also accepted. See [Submit A Custom Agent Trace](submit-custom-agent-trace.md) for
+the full shape reference.
+
+**Clean before import.** Remove secrets, tokens, regulated personal data, and huge
+raw payloads before the trace enters Lerim. Lerim extraction is selective, but it
+is not a privacy firewall. For a quick first pass, use the
+[defense-in-depth redaction helper](submit-custom-agent-trace.md#defense-in-depth-redaction).
+
+## 4. Import it
+
+One file:
+
+```bash
+lerim trace import ./my-agent-run.jsonl \
+  --source-name support-agent \
+  --source-profile support \
+  --scope-type domain \
+  --scope support-ops
+```
+
+Or register an ongoing folder of clean traces so background ingest picks up new
+files automatically:
+
+```bash
+lerim project add ~/lerim-traces/support-clean --type custom --source-profile support
+lerim ingest --agent custom
+```
+
+See [Custom Trace Folders](custom-trace-folders.md).
+
+## 5. See the extracted context
+
+```bash
+lerim context records --source-profile support
+lerim status
+```
+
+Routine sessions can produce zero durable records — that is the compiler rejecting
+noise, not a failure. A useful run produces a few cited records across
+`decision`, `constraint`, `fact`, `preference`, and `episode`.
+
+## 6. Query it for the next run
+
+```bash
+lerim answer "What approval constraints should the next support agent know?"
+lerim context-brief show
+```
+
+For MCP-capable agents, install Lerim as an MCP server so the agent can query
+context in-loop: [MCP Quickstart](mcp-quickstart.md).
+
+## 7. The improvement loop
+
+Approved traces, corrections, and extracted records are structured, cited, and
+scoped — which makes them reusable beyond the next query. They become
+**training-ready data** for the same workflow (for example, distilling a strong
+general model into a cheaper task-specific one).
+
+Lerim has two layers. The **open core** (Apache-2.0, this repo) captures,
+compiles, cites, and serves context. **Model specialization** — distillation, RL,
+and prompt and harness tuning for a specific workflow — is the private Lerim
+layer, built on top of this open foundation.
+
+## Worked examples
+
+Each of these shows a realistic trace, the real records Lerim extracted, and what
+the next agent now knows:
+
+- [Support Ops Demo](support-ops-demo.md)
+- [Incident Ops Demo](incident-ops-demo.md)
+- [Research Demo](research-demo.md)
+- [Compliance Demo](compliance-demo.md)
diff --git a/docs/guides/incident-ops-demo.md b/docs/guides/incident-ops-demo.md
index 37e7c3dd..f69aae7f 100644
--- a/docs/guides/incident-ops-demo.md
+++ b/docs/guides/incident-ops-demo.md
@@ -1,9 +1,23 @@
 # Incident Ops Demo
 
-This demo uses a tiny checked-in example trace to show the import shape. Replace
-it with your own cleaned incident-agent source session for real evaluation.
+This demo shows a realistic incident-agent trace moving through Lerim's compiler so
+the next on-call responder or postmortem writer starts with the confirmed root
+cause, the rejected hypothesis, and the open runbook gap instead of re-investigating
+from scratch. The trace and the extracted records below are real: the output was
+captured by importing the checked-in example through Lerim's `ops` profile.
 
-Import an incident trace:
+## 1. The completed run
+
+An incident agent investigated a 70% webhook delivery failure rate on the EU
+billing queue at 03:10 UTC. It rejected the first hypothesis (gateway down),
+confirmed the real root cause (a stale route not decommissioned after migration),
+applied a mitigation, and flagged a runbook gap. The valuable signal is not the
+mitigation; it is the rejected hypothesis, the authority boundary, and the open
+follow-up risk.
+
+The trace lives at [`docs/examples/traces/incident-agent-run.jsonl`](../examples/traces/incident-agent-run.jsonl).
+
+## 2. Import it
 
 ```bash
 lerim trace import docs/examples/traces/incident-agent-run.jsonl \
@@ -13,17 +27,64 @@ lerim trace import docs/examples/traces/incident-agent-run.jsonl \
   --scope incident-ops
 ```
 
-Inspect the resulting records:
+## 3. What Lerim kept
+
+Five records were extracted: two durable constraints (a runbook gap and an
+authority boundary), two facts (the confirmed root cause and the rejected
+hypothesis), and one archived episode for the incident itself.
+
+**Constraints (active — these govern future response):**
+
+- **Runbook requires replay protection** — No replay protection or
+  idempotency/dedup step exists. A future stale route or carrier-side duplicate
+  can cause the same retry exhaustion. The runbook must be updated before this
+  incident class is considered resolved.
+- **Routing changes require Platform authority** — Routing decommission authority
+  sits with the Platform team. On-call responders must not decommission routing
+  paths independently; they must escalate to Platform.
+
+**Facts (active):**
+
+- **Stale route caused webhook delivery failures** — The stale
+  `eu-billing-legacy` route was not decommissioned after migration; the carrier
+  retried duplicate deliveries up to 8 times, exhausting the retry budget.
+  Disabling the route resolved the issue.
+- **Gateway was healthy during webhook failures** — EU gateway was confirmed
+  healthy; gateway failure was not the cause. This fact prevents the next
+  responder from re-chasing the gateway-down hypothesis.
+
+**Episode (archived — history, not standing context):**
+
+- The EU billing webhook delivery failure investigation itself.
+
+Inspect them yourself:
 
 ```bash
-lerim context records --profile ops
-lerim context records --profile ops --type fact
+lerim context records --source-profile ops
 ```
 
-Incident records should preserve confirmed root causes, rejected hypotheses,
-mitigations, failed paths, owner decisions, and source-of-truth facts only
-when the trace supports them.
+## 4. What the next agent now knows
+
+Before this trace was compiled, the next responder to a similar webhook failure
+would likely start by checking the gateway (the rejected hypothesis) and might
+decommission a route without Platform sign-off (the authority boundary). After
+compilation, the confirmed root cause, the explicitly rejected gateway hypothesis,
+and the open runbook gap are available before work begins — so the 9am postmortem
+writer does not re-derive what the 3am responder already concluded.
+
+## 5. The improvement loop
+
+The rejected-hypothesis and root-cause records above are exactly the kind of
+approved, cited, incident-specific data that can be exported as training-ready
+data for a smaller, private incident-response model. Lerim captures and cites the
+data for a smaller, private incident-response model. The open core captures and cites; model specialization (distillation, RL,
+prompt and harness tuning) is the private Lerim layer, built on top of this open
+foundation.
+
+## Notes
 
-Do not put private incident datasets or converter outputs under public docs.
-Use team-owned storage for raw traces and commit only small sanitized examples
-when a public example is useful.
+- Replace the checked-in example with your own cleaned incident-agent source
+  session for real evaluation.
+- Do not put private incident datasets or converter outputs under public docs.
+  Use team-owned storage for raw traces and commit only small sanitized examples
+  when a public example is useful.
diff --git a/docs/guides/research-demo.md b/docs/guides/research-demo.md
new file mode 100644
index 00000000..923d8dd5
--- /dev/null
+++ b/docs/guides/research-demo.md
@@ -0,0 +1,96 @@
+# Research Demo
+
+This demo shows a realistic research-analyst agent trace moving through Lerim's
+compiler so the next research run starts with the source-quality rules, the
+rejected leads, and the cited conclusions instead of re-deriving methodology from
+scratch. The trace and the extracted records below are real: the output was
+captured by importing the checked-in example through Lerim's `research` profile.
+
+## 1. The completed run
+
+A research agent assessed the competitive position of the EU neobank sector for
+Q2 2026. The valuable signal is not the report itself; it is the standing
+source-quality rule, the rejected uncorroborated lead, the coverage boundary, and
+the confirmed filing-backed conclusion.
+
+The trace lives at [`docs/examples/traces/research-analyst-run.jsonl`](../examples/traces/research-analyst-run.jsonl).
+
+## 2. Import it
+
+```bash
+lerim trace import docs/examples/traces/research-analyst-run.jsonl \
+  --source-name research-agent \
+  --source-profile research \
+  --scope-type domain \
+  --scope research
+```
+
+## 3. What Lerim kept
+
+Six records were extracted: three durable constraints (a source-quality hierarchy,
+a rejected-lead rule, and a coverage boundary), one confirmed fact, one analyst
+preference, and one archived episode for the research session.
+
+**Constraints (active — these govern future research):**
+
+- **Source-quality hierarchy for quantitative claims** — ESMA filings and SEC
+  equivalents are preferred over press releases and blog posts for confirming
+  quantitative claims such as funding figures.
+- **TechCrunch funding figures require regulatory corroboration** — TechCrunch
+  funding figures should not be used for EU neobank sizing unless corroborated by
+  a regulatory filing. A single unnamed source with no filing corroboration was
+  rejected.
+- **Crypto-native institutions excluded from EU neobank coverage** —
+  Crypto-native and stablecoin-first institutions are excluded from the EU
+  neobank coverage set unless explicitly requested; they distort funding-trend
+  comparisons.
+
+**Fact (active, cited):**
+
+- **Q2 2026 EU neobank funding declined approximately 35% year-over-year** —
+  Driven by tightened MiFID II marketing restrictions. Confirmed by three
+  ESMA-filed prospectuses. *Evidence: line 4.*
+
+**Preference (active):**
+
+- **Benchmark EU neobank valuations against traditional bank multiples** — Not
+  against US fintech multiples. US-fintech comparables overstate value because
+  they ignore MiFID II capital constraints.
+
+**Episode (archived — history, not standing context):**
+
+- The EU neobank funding research session itself.
+
+Inspect them yourself:
+
+```bash
+lerim context records --source-profile research
+```
+
+## 4. What the next agent now knows
+
+Before this trace was compiled, the next research run on EU neobanks would likely
+re-cite the uncorroborated TechCrunch funding figure, benchmark against US fintech
+multiples, and include crypto-native institutions in the coverage set — all of
+which this run rejected. After compilation, the source-quality hierarchy, the
+explicit coverage boundary, and the filing-backed conclusion are available before
+work begins.
+
+## 5. The improvement loop
+
+The source-quality rules and cited conclusions above are exactly the kind of
+approved, evidence-backed data for a
+smaller, private research-analyst model. The open core captures and cites; model
+specialization (distillation, RL, prompt and harness tuning) is the private Lerim
+layer, built on top of this open foundation.
+
+## Notes
+
+- Lerim is selective by design. The first extraction of an earlier version of this
+  trace produced zero durable records because the methodology rules were stated
+  only as in-the-moment narration. Adding one explicit "going forward, we should
+  not use TechCrunch figures unless a filing corroborates them" line caused the
+  rules to be captured as standing constraints. Routine sessions can and should
+  produce zero records; that is the compiler rejecting noise.
+- Replace the checked-in example with your own cleaned research-agent source
+  session for real evaluation.
diff --git a/docs/guides/submit-custom-agent-trace.md b/docs/guides/submit-custom-agent-trace.md
index 64188939..a20041b0 100644
--- a/docs/guides/submit-custom-agent-trace.md
+++ b/docs/guides/submit-custom-agent-trace.md
@@ -23,6 +23,26 @@ Clean and redact the trace before it enters Lerim:
 Lerim extraction is selective, but it is not a privacy firewall. Source owners
 still own export, cleaning, redaction, and retention.
 
+## Defense-In-Depth Redaction
+
+For a quick first pass, use the bundled redaction helper to strip common secrets
+and PII from a trace before import. It is pure regex, makes no network calls, and
+handles JSONL, JSON, and plain text.
+
+```bash
+python scripts/redact_trace.py ./raw-support-agent-run.jsonl -o ./clean-support-run.jsonl
+```
+
+It catches obvious high-risk patterns — API keys (`sk-...`, `AKIA...`, Stripe,
+GitHub, Slack tokens), bearer tokens, password assignments, private key blocks,
+emails, credit card numbers, SSNs, and IBANs — and reports a count per category.
+
+This is **defense-in-depth, not a compliance boundary**. A clean redaction report
+does not mean the trace is safe for regulated data. Review the output before
+import, and keep your customer-owned cleaning and retention process for anything
+regulated or customer-specific. Lerim extraction is selective, but it is not a
+privacy firewall.
+
 ## Accepted Trace Shapes
 
 ### JSONL
diff --git a/docs/guides/support-ops-demo.md b/docs/guides/support-ops-demo.md
index 0d8ef8c4..70adf983 100644
--- a/docs/guides/support-ops-demo.md
+++ b/docs/guides/support-ops-demo.md
@@ -1,9 +1,20 @@
 # Support Ops Demo
 
-This demo uses a tiny checked-in example trace to show the import shape. Replace
-it with your own cleaned support-agent source session for real evaluation.
+This demo shows a realistic support-agent trace moving through Lerim's compiler so
+the next support agent starts with the durable constraints instead of re-deriving
+them. The trace and the extracted records below are real: the output was captured
+by importing the checked-in example through Lerim's `support` profile.
 
-Import a support trace:
+## 1. The completed run
+
+A support agent handled a customer refund request for a failed annual renewal.
+The interesting signal is not the refund itself; it is the standing policy the run
+surfaced: a renewal where the gateway captured the charge but activation failed
+must never be retried, because retrying creates a triple charge.
+
+The trace lives at [`docs/examples/traces/support-agent-run.jsonl`](../examples/traces/support-agent-run.jsonl).
+
+## 2. Import it
 
 ```bash
 lerim trace import docs/examples/traces/support-agent-run.jsonl \
@@ -13,18 +24,64 @@ lerim trace import docs/examples/traces/support-agent-run.jsonl \
   --scope support-ops
 ```
 
-Inspect the resulting records:
+## 3. What Lerim kept
+
+Five records were extracted. Three are durable constraints that govern future
+support work, one is a reusable fact about a known bug, and the specific ticket
+itself is archived as an episode (kept as history, not promoted to standing
+context).
+
+**Constraints (active — these govern future runs):**
+
+- **No retry for captured-but-inactive renewals** — Renewals where the payment
+  gateway captures the charge but activation fails must not be retried. Only
+  manual activation or customer refund are authorized follow-up actions.
+  *Evidence: lines 4, 7.*
+- **EUR 500 manager approval threshold for refunds** — Refunds exceeding EUR 500
+  require manager approval and cannot be auto-approved. *Evidence: line 2.*
+- **EUR 500+ refund escalation diagnostics requirements** — Escalations for
+  EUR 500+ refunds must include gateway timeout log, duplicate capture evidence,
+  and plan-inactive status confirmation. *Evidence: line 8.*
+
+**Fact (active):**
+
+- **Known gateway-capture-without-activation bug** — Payment gateway times out on
+  activation but captures the charge; retry causes triple charge. Resolution is
+  manual activation or refund only. *Evidence: line 4.*
+
+**Episode (archived — history, not standing context):**
+
+- Support escalation for the specific EUR 640 refund (kept as an episode record,
+  not promoted to a durable constraint).
+
+Inspect them yourself:
 
 ```bash
-lerim context records --profile support
-lerim context records --profile support --type constraint
-lerim context records --profile support --type fact
+lerim context records --source-profile support
 ```
 
-Support records should preserve strict reusable context: customer constraints,
-policy-backed facts, source-of-truth evidence, known fixes, failed paths, and
-handoff boundaries when they are supported by the trace.
+## 4. What the next agent now knows
+
+Before this trace was compiled, a fresh support agent handling the next
+captured-but-inactive renewal would most likely retry the charge (causing a triple
+charge) or escalate without the required diagnostics. After compilation, the
+standing constraints above are available before work begins.
+
+## 5. The improvement loop
+
+The constraints above are exactly the kind of approved, cited, workflow-specific
+data for a smaller, private support
+model. The open core captures and cites; model specialization (distillation, RL,
+prompt and harness tuning) is the private Lerim layer, built on top of this open
+foundation.
+
+## Notes
 
-Do not put private customer datasets or converter outputs under public docs.
-Use customer-owned storage for raw traces and commit only small sanitized
-examples when a public example is useful.
+- Replace the checked-in example with your own cleaned support-agent source
+  session for real evaluation.
+- Do not put private customer datasets or converter outputs under public docs.
+  Use customer-owned storage for raw traces and commit only small sanitized
+  examples when a public example is useful.
+- If the trace contains customer PII or secrets, run a cleaner or the
+  [defense-in-depth redaction helper](submit-custom-agent-trace.md#defense-in-depth-redaction)
+  before import. Lerim extraction is selective, but it is not a privacy firewall.
diff --git a/mkdocs.yml b/mkdocs.yml
index 702eab46..96b405ee 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -153,6 +153,7 @@ nav:
     - Model Roles: configuration/model-roles.md
     - Tracing: configuration/tracing.md
   - Guides:
+    - Custom & Non-Coding Agents: guides/custom-agents.md
     - Agent Startup Context: guides/agent-startup-context.md
     - Connecting Agents: guides/connecting-agents.md
     - MCP Quickstart: guides/mcp-quickstart.md
@@ -161,6 +162,8 @@ nav:
     - Submit A Custom Agent Trace: guides/submit-custom-agent-trace.md
     - Support Ops Demo: guides/support-ops-demo.md
     - Incident Ops Demo: guides/incident-ops-demo.md
+    - Research Demo: guides/research-demo.md
+    - Compliance Demo: guides/compliance-demo.md
     - Evaluate Extraction Quality: guides/evaluate-extraction-quality.md
     - Dashboard: guides/dashboard.md
     - Skill Updates: guides/skill-updates.md
diff --git a/scripts/redact_trace.py b/scripts/redact_trace.py
new file mode 100644
index 00000000..281372f9
--- /dev/null
+++ b/scripts/redact_trace.py
@@ -0,0 +1,153 @@
+#!/usr/bin/env python3
+"""Defense-in-depth secret/PII redaction for Lerim trace files.
+
+Reads a JSONL, JSON, or plain-text trace, applies conservative regex-based
+redaction for common secret and PII patterns, and writes a cleaned copy. This is
+**defense-in-depth**, not a compliance boundary. It catches obvious high-risk
+tokens before import; it does not replace a customer-owned cleaning, redaction,
+and retention process for regulated data.
+
+Lerim extraction is selective, but it is not a privacy firewall. Run this (or your
+own cleaner) before a trace enters a custom folder or `lerim trace import`.
+
+Usage:
+    python scripts/redact_trace.py input.jsonl -o cleaned.jsonl
+    python scripts/redact_trace.py input.jsonl -o cleaned.jsonl --json
+
+No network calls. Reads one file, writes one file.
+"""
+
+from __future__ import annotations
+
+import argparse
+import json
+import re
+import sys
+from pathlib import Path
+from typing import Iterable
+
+# Each pattern: (name, compiled regex, replacement token).
+# Patterns are deliberately conservative — they target high-signal secret shapes
+# and common PII. False negatives are expected; this is a first-pass net, not DLP.
+REDACTION_PATTERNS: list[tuple[str, re.Pattern[str], str]] = [
+    # API keys / tokens with common prefixes
+    ("api_key_prefixed", re.compile(r"\b(sk-|pk-|rk-|tok_|key_|api_)[A-Za-z0-9_\-]{16,}"), "[REDACTED_API_KEY]"),
+    ("bearer_token", re.compile(r"\b(Bearer\s+)[A-Za-z0-9_\-\.=]{20,}", re.IGNORECASE), r"\1[REDACTED_TOKEN]"),
+    ("aws_access_key", re.compile(r"\b(AKIA|ASIA)[A-Z0-9]{16}"), "[REDACTED_AWS_KEY]"),
+    ("aws_secret", re.compile(r"\b(aws_secret_access_key|aws_session_token)\s*[=:]\s*[A-Za-z0-9/+=]{30,}", re.IGNORECASE), "[REDACTED_AWS_SECRET]"),
+    ("gcp_service_account", re.compile(r'"type"\s*:\s*"service_account"'), '"type":"[REDACTED_SERVICE_ACCOUNT]"'),
+    ("stripe_key", re.compile(r"\b(sk|pk|rk)_(live|test)_[A-Za-z0-9]{20,}"), "[REDACTED_STRIPE_KEY]"),
+    ("github_token", re.compile(r"\b(gh[opsu]_|github_pat_)[A-Za-z0-9_]{20,}"), "[REDACTED_GITHUB_TOKEN]"),
+    ("slack_token", re.compile(r"\bxox[abprs]-[A-Za-z0-9\-]{10,}"), "[REDACTED_SLACK_TOKEN]"),
+    ("private_key_block", re.compile(r"-----BEGIN (RSA |EC |OPENSSH |DSA )?PRIVATE KEY-----"), "[REDACTED_PRIVATE_KEY_BLOCK]"),
+    # Generic password/secret assignment
+    ("password_assign", re.compile(r"\b(password|passwd|pwd|secret|api_key|apikey|access_token|auth_token)\b\s*[=:]\s*\S+", re.IGNORECASE), "[REDACTED_SECRET]"),
+    # PII
+    ("email", re.compile(r"\b[A-Za-z0-9._%+\-]+@[A-Za-z0-9.\-]+\.[A-Za-z]{2,}\b"), "[REDACTED_EMAIL]"),
+    # Credit card (basic 13-16 digit groups)
+    ("credit_card", re.compile(r"\b(?:\d[ -]*?){13,16}\b"), "[REDACTED_CARD]"),
+    # SSN-ish (US)
+    ("ssn", re.compile(r"\b\d{3}-\d{2}-\d{4}\b"), "[REDACTED_SSN]"),
+    # IBAN (basic)
+    ("iban", re.compile(r"\b[A-Z]{2}\d{2}[A-Z0-9]{10,30}\b"), "[REDACTED_IBAN]"),
+]
+
+
+def redact_text(text: str, counts: dict[str, int]) -> str:
+    """Apply all redaction patterns to a single string, mutating counts."""
+    for name, pattern, replacement in REDACTION_PATTERNS:
+        new_text, n = pattern.subn(replacement, text)
+        if n:
+            counts[name] = counts.get(name, 0) + n
+            text = new_text
+    return text
+
+
+def iter_records(path: Path) -> Iterable[tuple[int, str]]:
+    """Yield (line_number, raw_line) for JSONL; for JSON/text yield the whole file."""
+    suffix = path.suffix.lower()
+    if suffix == ".jsonl":
+        for i, line in enumerate(path.read_text(encoding="utf-8").splitlines(), 1):
+            yield i, line
+    else:
+        yield 1, path.read_text(encoding="utf-8")
+
+
+def redact_jsonl_line(line: str, counts: dict[str, int]) -> str:
+    """Redact content fields inside one JSONL record, preserving structure."""
+    stripped = line.strip()
+    if not stripped:
+        return line
+    try:
+        obj = json.loads(stripped)
+    except json.JSONDecodeError:
+        # Not JSON — treat the raw line as text.
+        return redact_text(line, counts)
+    _redact_obj(obj, counts)
+    return json.dumps(obj, ensure_ascii=False)
+
+
+def _redact_obj(obj: object, counts: dict[str, int]) -> None:
+    """Recursively redact string values inside a parsed JSON object in place."""
+    if isinstance(obj, dict):
+        for key, value in list(obj.items()):
+            if isinstance(value, str):
+                obj[key] = redact_text(value, counts)
+            else:
+                _redact_obj(value, counts)
+    elif isinstance(obj, list):
+        for i, item in enumerate(obj):
+            if isinstance(item, str):
+                obj[i] = redact_text(item, counts)
+            else:
+                _redact_obj(item, counts)
+
+
+def main(argv: list[str] | None = None) -> int:
+    parser = argparse.ArgumentParser(
+        description="Defense-in-depth secret/PII redaction for Lerim trace files.",
+    )
+    parser.add_argument("input", type=Path, help="Input trace file (.jsonl, .json, or .txt).")
+    parser.add_argument("-o", "--output", type=Path, required=True, help="Output cleaned trace file.")
+    parser.add_argument(
+        "--text",
+        action="store_true",
+        help="Treat the input as plain text even if .jsonl (redact raw lines, not JSON fields).",
+    )
+    args = parser.parse_args(argv)
+
+    if not args.input.exists():
+        print(f"error: input file not found: {args.input}", file=sys.stderr)
+        return 2
+
+    counts: dict[str, int] = {}
+    out_lines: list[str] = []
+    is_jsonl = args.input.suffix.lower() == ".jsonl" and not args.text
+
+    for _line_no, raw in iter_records(args.input):
+        if is_jsonl:
+            out_lines.append(redact_jsonl_line(raw, counts))
+        else:
+            out_lines.append(redact_text(raw, counts))
+
+    args.output.parent.mkdir(parents=True, exist_ok=True)
+    args.output.write_text("\n".join(out_lines) + "\n", encoding="utf-8")
+
+    total = sum(counts.values())
+    print(f"Redacted {total} item(s) -> {args.output}")
+    if counts:
+        width = max(len(name) for name in counts)
+        for name, n in sorted(counts.items()):
+            print(f"  {name:<{width}}  {n}")
+    else:
+        print("  (no patterns matched; this does NOT mean the trace is clean)")
+    print(
+        "\nThis is defense-in-depth, not a compliance boundary. Review the output "
+        "before import,\nespecially for regulated or customer data.",
+        file=sys.stderr,
+    )
+    return 0
+
+
+if __name__ == "__main__":
+    raise SystemExit(main())
diff --git a/src/lerim/profiles/compliance.yaml b/src/lerim/profiles/compliance.yaml
new file mode 100644
index 00000000..30214cd7
--- /dev/null
+++ b/src/lerim/profiles/compliance.yaml
@@ -0,0 +1,22 @@
+id: compliance
+display_name: Compliance and Policy Review
+description: Compliance, legal, regulatory, and policy-review agent traces.
+focus_rules:
+  - durable policy boundaries, approval gates, and regulatory constraints that govern future work
+  - rejected interpretations or classifications only when the reasoning prevents likely repeated mistakes
+  - standing approval or escalation rules tied to a policy, regulation, or control
+  - source-of-truth references such as regulation citations, policy clauses, or control identifiers
+reject_as_noise:
+  - case-specific chatter and one-off reviewer notes without a reusable rule
+  - routine acknowledgements and progress updates
+  - raw excerpts quoted without a durable interpretation or decision
+  - unconfirmed draft opinions that were later superseded or withdrawn
+evidence_rules:
+  - keep the policy, regulation, or control citation that backs a boundary or gate
+  - preserve the reasoning behind a rejected interpretation, not just the rejection itself
+  - distinguish confirmed policy decisions from open review questions or pending approvals
+  - keep effective dates, jurisdiction, and version when the source states them
+  - fold related clauses into one governing constraint rather than one record per clause
+scope_rules:
+  - use domain scope for reusable compliance workflow context
+  - do not store private regulated personal data in reusable records
diff --git a/src/lerim/profiles/registry.py b/src/lerim/profiles/registry.py
index 37f1f68f..def0f802 100644
--- a/src/lerim/profiles/registry.py
+++ b/src/lerim/profiles/registry.py
@@ -12,7 +12,14 @@
 from lerim.profiles.base import SignalPack
 
 DEFAULT_SIGNAL_PACK_ID = "coding"
-_PROFILE_FILES = ("coding.yaml", "generic.yaml", "support.yaml", "ops.yaml")
+_PROFILE_FILES = (
+    "coding.yaml",
+    "generic.yaml",
+    "support.yaml",
+    "ops.yaml",
+    "research.yaml",
+    "compliance.yaml",
+)
 
 
 def list_signal_packs() -> list[SignalPack]:
diff --git a/src/lerim/profiles/research.yaml b/src/lerim/profiles/research.yaml
new file mode 100644
index 00000000..f4e4adb8
--- /dev/null
+++ b/src/lerim/profiles/research.yaml
@@ -0,0 +1,24 @@
+id: research
+display_name: Research and Market Intelligence
+description: Research, market-analysis, and intelligence-gathering agent traces.
+focus_rules:
+  - source-backed conclusions that apply beyond one report or run
+  - durable source-quality rules and analyst preferences that guide future research
+  - recurring analyst assumptions or framing choices that should persist across runs
+  - rejected leads, dead ends, or discredited sources only when they prevent likely repeated work
+  - standing scoping boundaries such as required coverage, exclusions, or comparables
+reject_as_noise:
+  - dead links, 404s, and transient browsing failures without a reusable lesson
+  - raw quotes and passages that do not support a durable conclusion
+  - one-off search queries and intermediate navigation steps
+  - unconfirmed hypotheses stated as tentative notes
+  - generic background knowledge not established or synthesized by the source session
+evidence_rules:
+  - keep source URLs, publication or filing dates, and source type when they support a durable record
+  - preserve uncertainty qualifiers; do not turn may, might, likely, or appears-to into certain facts
+  - distinguish confirmed findings from open questions and pending verification
+  - keep the reason a lead or source was rejected so future agents avoid repeating it
+  - fold multiple corroborating sources into one cited conclusion rather than one record per source
+scope_rules:
+  - use domain scope for reusable research workflow context
+  - use project scope only when the research is tied to one repository or deliverable