* Make extracted Guardex CLI seams executable and publishable

The branch already moved the Guardex CLI into src/**, but the extracted scaffold and git seams were still incomplete and the thin entrypoint/package regressions were only half-switched. This wires the runtime through the extracted scaffold, hooks, toolchain, and finish modules, restores the helper export contract that src/cli/main.js depends on, ships src/** in the published package, and locks the modular entrypoint with focused metadata and command-route regressions.

Constraint: The thin bin entrypoint must preserve the existing gx command surface for installed CLIs
Constraint: The existing agent branch already carried partial refactor state in bin/src/scripts, so the fix had to resume that lane instead of restarting from dev
Rejected: Re-expand logic back into bin/multiagent-safety.js | would undo the modularization goal
Confidence: medium
Scope-risk: moderate
Reversibility: clean
Directive: Keep future CLI refactors moving behavior into src/** and verify module export contracts before thinning the bin entrypoint
Tested: node --check bin/multiagent-safety.js; find src -type f -name '*.js' -exec node --check {} +; node -e "require('./src/cli/main'); console.log('cli-main-ok')"; node bin/multiagent-safety.js --version; node --test test/metadata.test.js; node --test --test-name-pattern "thin entrypoint still routes hook install through the extracted hooks module|thin entrypoint routes finish --all --dry-run through the extracted finish module" test/install.test.js; npm pack --dry-run; openspec validate agent-codex-decompose-cli-monolith-2026-04-22-11-06 --type change --strict; openspec validate --specs
Not-tested: Full test/install.test.js bundle (long-running background path; replaced with targeted command-route coverage)

* Keep the thin Guardex entrypoint executable

Rewriting bin/multiagent-safety.js into a tiny bootstrap reset its file mode to 0644, which would break direct repo usage even though the modular runtime itself was correct. This restores the executable bit and adds a metadata regression so future entrypoint rewrites keep the bin file runnable.

Constraint: The published and repo-local CLI entrypoint must remain directly executable after the modularization rewrite
Rejected: Rely on npm install behavior alone | does not protect direct repo execution or future pack regressions
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: When rewriting files under bin/, preserve the existing executable mode and add an assertion if the rewrite path can reset it
Tested: node --test --test-name-pattern "thin CLI entrypoint delegates to src/cli runtime" test/metadata.test.js; ./bin/multiagent-safety.js --version
Not-tested: Full metadata and install suites re-run after the mode-only fix

* Record merged cleanup proof for CLI modularization (#295)

PR #294 already merged into dev and the original sandbox was pruned, but the OpenSpec cleanup checklist still looked incomplete.
This follow-up records the merge and branch-prune evidence on the surviving task artifact so the change state matches reality.

Constraint: Original cleanup already happened on the owner branch before this evidence-only follow-up
Rejected: Re-run gx branch finish for agent/codex/decompose-cli-monolith-2026-04-22-11-06 | branch and worktree are already gone
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Evidence-only follow-ups should update the artifact, not replay cleanup against merged branches
Tested: openspec validate agent-codex-decompose-cli-monolith-2026-04-22-11-06 --type change --strict; openspec validate --specs; git diff --check
Not-tested: CLI/runtime regression suites (task artifact only)

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

---------

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>