diff --git a/org-templates/molecule-dev/org.yaml b/org-templates/molecule-dev/org.yaml
index 82b278b4..849f8b99 100644
--- a/org-templates/molecule-dev/org.yaml
+++ b/org-templates/molecule-dev/org.yaml
@@ -11,15 +11,34 @@ defaults:
   # specifies its own `plugins:` list (which REPLACES defaults — not a union;
   # see platform/internal/handlers/org.go ~L345). So any workspace that
   # needs extras must re-list the defaults plus its additions.
+  # Platform union-semantics tracked in #68; until that lands, we list fully.
   #
-  # - ecc:           "Everything Claude Code" guardrails + coding skills
-  #                  (api-design, coding-standards, deep-research, security-review, tdd-workflow)
-  # - molecule-dev:  Molecule AI codebase conventions, past bugs, review-loop
-  # - superpowers:   systematic-debugging, TDD, planning, verification-before-completion
+  # Coding / guardrail essentials:
+  # - ecc:                            "Everything Claude Code" guardrails + coding skills
+  # - molecule-dev:                   Molecule AI codebase conventions, past bugs, review-loop
+  # - superpowers:                    systematic-debugging, TDD, planning, verification-before-completion
+  #
+  # Safety hooks (PreToolUse/PostToolUse/UserPromptSubmit) — universal:
+  # - molecule-careful-bash:          refuse destructive shell (rm -rf, push --force main, DROP TABLE)
+  # - molecule-prompt-watchdog:       inject warnings on destructive user prompts
+  # - molecule-audit-trail:           append every Edit/Write to .claude/audit.jsonl
+  #
+  # Operational memory — keeps agents consistent across sessions/cron ticks:
+  # - molecule-session-context:       auto-load cron learnings + PR/issue counts on SessionStart
+  # - molecule-skill-cron-learnings:  per-tick learning JSONL format (pairs with session-context)
+  #
+  # Docs hygiene:
+  # - molecule-skill-update-docs:     keep architecture / README / edit-history aligned with code
   plugins:
     - ecc
     - molecule-dev
     - superpowers
+    - molecule-careful-bash
+    - molecule-prompt-watchdog
+    - molecule-audit-trail
+    - molecule-session-context
+    - molecule-skill-cron-learnings
+    - molecule-skill-update-docs
   # workspace_dir: not set by default — each agent gets an isolated Docker volume
   # Set per-workspace to bind-mount a host directory as /workspace
 
@@ -54,6 +73,10 @@ workspaces:
     files_dir: pm
     workspace_dir: ${WORKSPACE_DIR}
     canvas: { x: 400, y: 50 }
+    # PM needs workflow-triage (/triage command for PR triage) and workflow-retro
+    # (/retro for weekly retrospectives) on top of defaults. Re-list full set
+    # (REPLACE semantics today — see #68 for the union-proposal).
+    plugins: [ecc, molecule-dev, superpowers, molecule-careful-bash, molecule-prompt-watchdog, molecule-audit-trail, molecule-session-context, molecule-skill-cron-learnings, molecule-skill-update-docs, molecule-workflow-triage, molecule-workflow-retro]
     # Auto-link Telegram so the user can talk to PM directly from Telegram.
     # Bot token + chat ID come from pm/.env (TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID).
     channels:
@@ -84,7 +107,7 @@ workspaces:
         # Research roles extend defaults with browser-automation so they can
         # scrape the live web (product pages, GitHub trending, docs).
         # Per-workspace plugins REPLACE defaults, so re-list the full set.
-        plugins: [ecc, molecule-dev, superpowers, browser-automation]
+        plugins: [ecc, molecule-dev, superpowers, molecule-careful-bash, molecule-prompt-watchdog, molecule-audit-trail, molecule-session-context, molecule-skill-cron-learnings, molecule-skill-update-docs, browser-automation]
         initial_prompt: |
           You just started as Research Lead. Set up silently — do NOT contact other agents.
           1. Clone the repo: git clone https://github.com/${GITHUB_REPO}.git /workspace/repo 2>/dev/null || (cd /workspace/repo && git pull)
@@ -97,15 +120,15 @@ workspaces:
           - name: Market Analyst
             role: Market sizing, trends, user research
             files_dir: market-analyst
-            plugins: [ecc, molecule-dev, superpowers, browser-automation]
+            plugins: [ecc, molecule-dev, superpowers, molecule-careful-bash, molecule-prompt-watchdog, molecule-audit-trail, molecule-session-context, molecule-skill-cron-learnings, molecule-skill-update-docs, browser-automation]
           - name: Technical Researcher
             role: AI frameworks and protocol evaluation
             files_dir: technical-researcher
-            plugins: [ecc, molecule-dev, superpowers, browser-automation]
+            plugins: [ecc, molecule-dev, superpowers, molecule-careful-bash, molecule-prompt-watchdog, molecule-audit-trail, molecule-session-context, molecule-skill-cron-learnings, molecule-skill-update-docs, browser-automation]
           - name: Competitive Intelligence
             role: Competitor tracking and feature comparison
             files_dir: competitive-intelligence
-            plugins: [ecc, molecule-dev, superpowers, browser-automation]
+            plugins: [ecc, molecule-dev, superpowers, molecule-careful-bash, molecule-prompt-watchdog, molecule-audit-trail, molecule-session-context, molecule-skill-cron-learnings, molecule-skill-update-docs, browser-automation]
 
       - name: Dev Lead
         role: Engineering planning and team coordination
@@ -213,6 +236,13 @@ workspaces:
             tier: 3
             model: opus
             files_dir: security-auditor
+            # Security Auditor adds three security-critical skills on top of defaults:
+            # - molecule-skill-code-review:          multi-criteria review for security-relevant PRs
+            # - molecule-skill-cross-vendor-review:  adversarial second opinion via non-Claude model
+            #                                        (use ONLY for noteworthy PRs — auth, billing, data)
+            # - molecule-skill-llm-judge:            cheap gate that catches "wrong thing shipped"
+            # REPLACE semantics — re-list the full default set. (See #68 for union proposal.)
+            plugins: [ecc, molecule-dev, superpowers, molecule-careful-bash, molecule-prompt-watchdog, molecule-audit-trail, molecule-session-context, molecule-skill-cron-learnings, molecule-skill-update-docs, molecule-skill-code-review, molecule-skill-cross-vendor-review, molecule-skill-llm-judge]
             initial_prompt: |
               You just started as Security Auditor. Set up silently — do NOT contact other agents.
               1. Clone the repo: git clone https://github.com/${GITHUB_REPO}.git /workspace/repo 2>/dev/null || (cd /workspace/repo && git pull)
@@ -376,7 +406,7 @@ workspaces:
             # Add browser-automation for live canvas screenshots via Puppeteer
             # (Chrome CDP path, works around the Playwright / libglib gap tracked in #23).
             # Per-workspace plugins REPLACE defaults — re-list the full set.
-            plugins: [ecc, molecule-dev, superpowers, browser-automation]
+            plugins: [ecc, molecule-dev, superpowers, molecule-careful-bash, molecule-prompt-watchdog, molecule-audit-trail, molecule-session-context, molecule-skill-cron-learnings, molecule-skill-update-docs, browser-automation]
             initial_prompt: |
               You just started as UIUX Designer. Set up silently — do NOT contact other agents.
               1. Clone the repo: git clone https://github.com/${GITHUB_REPO}.git /workspace/repo 2>/dev/null || (cd /workspace/repo && git pull)