# ECP-0106: Forge NBC workers need `/tmp` and search-driven MVPD selection

## Why

The forge NBC worker reached two distinct failure domains:

1. Chrome failed during early startup under the hardened `wt-publish` unit even though the same
   browser launch worked outside the systemd sandbox.
2. Once the browser launch succeeded, the MVPD picker automation could reach the provider gate but
   still mis-clicked broad page containers instead of the intended provider search result.

## Decision

1. Allow NBC `wt-publish` units to write to `/tmp` in addition to the persistent profile and auth
   directories.
2. Treat the NBC MVPD picker as a search-first flow:
   - type the configured provider name
   - submit the search explicitly
   - prefer short, actionable provider-result nodes over generic container matches
3. Keep the provider name configurable through `EVERY_CHANNEL_NBC_MVPD_PROVIDER`, with `Verizon Fios`
   remaining the default.

## Consequences

- Forge NBC workers align better with Chrome's actual startup needs under systemd hardening.
- MVPD automation becomes less likely to click the whole picker page or other non-provider chrome.
- Future provider integrations should extend the same search-first DOM strategy instead of adding
  brittle page-wide text matches.

## Rejected Alternatives

- Disable most systemd hardening for NBC units entirely: rejected because `/tmp` write access is the
  smallest validated change that unblocks Chrome startup.
- Keep broad `div` and `span` provider scans: rejected because they can match large container nodes
  whose text merely happens to include the provider name.