diff --git a/crates/bascule-shell/src/main.rs b/crates/bascule-shell/src/main.rs
index f653155..2d2c290 100644
--- a/crates/bascule-shell/src/main.rs
+++ b/crates/bascule-shell/src/main.rs
@@ -123,6 +123,23 @@ fn set_env(
     if let Some(ref domain) = id.domain {
         std::env::set_var("BASCULE_DOMAIN", domain);
     }
+
+    // M2: export operator roles for gsh's role-aware Corpus check.
+    // Precedence: caller-set BASCULE_ROLES wins; otherwise derive a
+    // sensible default from the auth method so existing dev shells
+    // get *some* role context instead of empty. Real role provisioning
+    // (Entra group claims, SPIFFE workload roles) will replace this
+    // in M5; M2 just needs the env var populated so the classifier
+    // has something to match against.
+    if std::env::var_os("BASCULE_ROLES").is_none() {
+        let default_role = match id.auth_method.as_str() {
+            "oidc-entra" | "oidc-cached" => "operator",
+            "kerberos" => "operator",
+            "ssh-key" => "apprentice",
+            _ => "apprentice",
+        };
+        std::env::set_var("BASCULE_ROLES", default_role);
+    }
     // BASCULE_ATTESTATION_HASH was an opaque "evidence string" SHA. M1
     // replaces it with the proto SAT composite hash. Kept under the same
     // env var name for backward compatibility with existing gsh consumers