Good question. The checkpoint script runs `git add -A && git commit` on the workspace — so it stages everything that's tracked or new. The guardrails are in .gitignore (logs/, /tmp files, .env, credentials) and the workspace structure itself: secrets live in 1Password, not files. Logs go to a dedicated logs/ dir that's gitignored.

The forcing function is on rollback — you can't revert without documenting what broke and why. That's where the discipline lives. Prevention is .gitignore + 1Password; accountability is the rollback contract.