docs(WP-0010): sharpen mission to "issue SSH, route the rest" + pointer catalog

Implements WARDEN-WP-0010 (charter + pointer catalog). ops-warden issues
short-lived SSH certificates and routes every other credential need to the
subsystem that owns it — no desk metaphor, one execution lane.

- wiki/AccessRouting.md: role/boundary, issue-vs-route matrix, anti-patterns
- registry/routing/catalog.yaml: machine-readable pointer layer (6 active + 1
  draft). No-double-source rule enforced structurally — authored steps/cert_command
  only on the warden_executes:true SSH entry; every wiki_ref anchor resolves
- wiki/CredentialRouting.md: catalog-keyed index + no-duplicate-interfaces note
- INTENT/SCOPE/AGENTS/repo-boundary/capability: aligned to the new framing;
  SCOPE notes A3 -> A4 lands with WP-0011 warden route CLI
- WP-0011/0012 + WP-0010: state_hub id writeback; WP-0010 marked done

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

wiki/CredentialRouting.md

@@ -70,6 +70,28 @@ stop if you landed on "NEVER ops-warden" for non-SSH secrets.
 
 ---
 
+## Routing catalog index
+
+These needs are also carried in the machine-readable pointer catalog
+(`registry/routing/catalog.yaml`, surfaced via `warden route` — WARDEN-WP-0011).
+The catalog is a **pointer layer**: it names the owner and links the doc, it does
+not restate the owner's procedure. Only the SSH row is something ops-warden
+executes.
+
+| Catalog `id` | What ops-warden answers | What the worker does next |
+| --- | --- | --- |
+| `ssh-cert-host-access` | **Issues** the cert (`warden sign`) | Use the cert / wire it into `cert_command` |
+| `openbao-api-key` | "OpenBao owns this — here is the path" | Call OpenBao on the owning system |
+| `flex-auth-policy-check` | "flex-auth decides — here is the policy doc" | Query flex-auth / embed the PEP |
+| `key-cape-oidc-login` | "key-cape / Keycloak owns identity" | Authenticate via IAM Profile |
+| `ops-bridge-tunnel` | "ops-bridge owns transport — supply a `cert_command`" | Open the tunnel with ops-bridge |
+| `railiance-infra-principals` | "railiance-infra deploys host principals" | Run the infra Ansible |
+
+ops-warden answers *where + who*; the worker acts on the owning system. ops-warden
+never performs the non-SSH step on the worker's behalf.
+
+---
+
 ## Examples — do NOT ask ops-warden
 
 | Request | Correct path |
@@ -80,6 +102,12 @@ stop if you landed on "NEVER ops-warden" for non-SSH secrets.
 | "S3 credentials for artifact upload" | NK-WP-0007 / artifact-store consumer path |
 | "JWT for my app" | key-cape / Keycloak IAM Profile |
 
+**No duplicate interfaces.** Commands like `warden secret`, `warden login`,
+`warden policy`, or `warden tunnel` do not exist and will not be added — each
+belongs to another subsystem. The canonical anti-pattern table lives in
+`wiki/AccessRouting.md#anti-patterns-not-coming-to-ops-warden`; it is not
+restated here.
+
 ---
 
 ## Examples — ops-warden IS correct
@@ -134,6 +162,7 @@ Report drift via custodian workplan or State Hub message to `ops-warden`.
 ## See also
 
 - `INTENT.md` — steward mission
+- `wiki/AccessRouting.md` — what ops-warden issues vs routes (role and boundary)
 - `wiki/NetKingdomSecurityMap.md` — component literacy
 - `wiki/ActorInventoryPatterns.md` — actor naming
 - `wiki/OpenBaoSshEngineChecklist.md` — production SSH signing verify