feat(iwooos): 新增資安資產控制總帳
Some checks failed
Code Review / ai-code-review (push) Successful in 13s
CD Pipeline / tests (push) Successful in 1m45s
Ansible / Reboot Recovery Contract / validate (push) Has been cancelled
CD Pipeline / post-deploy-checks (push) Has been cancelled
CD Pipeline / build-and-deploy (push) Has been cancelled

This commit is contained in:
Your Name
2026-06-18 13:56:22 +08:00
parent abd3f44744
commit 81a60226bb
9 changed files with 1956 additions and 0 deletions

View File

@@ -1,3 +1,40 @@
## 2026-06-18P0-A 資安資產控制總帳本地收斂
**背景**:使用者要求 IwoooS 必須完整盤點所有主機、服務、套件、工具、網站前後台、Nginx、網路、Wazuh、Kali、告警監控、備份復原、供應鏈、AI provider 與跨專案 runtime並優先處理會造成即時資安危害的配置控管。此段先把範圍收成 repo-side 只讀總帳與前台可視卡,避免再用零散長文或單一事故卡追蹤。
**完成內容**
- 新增 `scripts/security/security-asset-control-ledger.py`,輸出 `security_asset_control_ledger_v1` snapshot。
- 新增 `docs/security/SECURITY-ASSET-CONTROL-LEDGER.md``docs/security/security-asset-control-ledger.snapshot.json`,固定 16 個資安資產群組、14 個 P0 群組、2 個 P1 群組、64 個 committed evidence refs、24 個 owner 必填欄位、24 個 reviewer checks、10 條 outcome lanes、44 個 blocked actions。
- `/zh-TW/iwooos` 新增「P0-A 資安資產控制總帳」卡片,放在 SOC / SIEM / Kali / Wazuh 整合卡之後、外部入侵防堵矩陣之前。
- `apps/web/messages/zh-TW.json``apps/web/messages/en.json` 都補上繁體中文文案;前台只顯示脫敏群組、缺口與 0 / false 邊界,不放工作視窗內容、個人 namespace、內部對話或內網拓樸。
- `iwooos-config-control-guard.py``security-mirror-progress-guard.py` 已鎖住新文件、snapshot、前端 testid、卡片順序、i18n key 與所有 0 / false marker。
**完成度同步**
- P0-A repo-side 資安資產控制總帳:`100%`
- P0-A 前端本地可視化:`100%`
- owner packet 回覆:`0%``owner_response_received_count=0``owner_response_accepted_count=0`
- live evidence 驗收:`0%``live_evidence_accepted_count=0`
- runtime / response / containment`0%``runtime_gate_count=0``action_button_count=0`、host write / active scan / Wazuh active response / Kali execute / SOAR / auto block / production write 全部維持 false。
- IwoooS headline progress 仍維持 `64%`,不可因 repo-side 總帳完成而假性拉高。
**本地驗證**
- `python3 scripts/security/security-asset-control-ledger.py --root . --generated-at 2026-06-18T13:44:00+08:00 --output docs/security/security-asset-control-ledger.snapshot.json``SECURITY_ASSET_CONTROL_LEDGER_OK groups=16 p0=14 evidence_refs=64 runtime_gate=0`
- `python3 -m json.tool docs/security/security-asset-control-ledger.snapshot.json``apps/web/messages/zh-TW.json``apps/web/messages/en.json`:通過。
- `python3 -m py_compile scripts/security/security-asset-control-ledger.py scripts/security/iwooos-config-control-guard.py scripts/security/security-mirror-progress-guard.py`:通過。
- `python3 scripts/security/iwooos-config-control-guard.py --root .`:通過。
- `python3 scripts/security/security-mirror-progress-guard.py --root .`:通過。
- `python3 scripts/ops/doc-secrets-sanity-check.py docs .gitea apps/web/messages/zh-TW.json apps/web/messages/en.json 'apps/web/src/app/[locale]/iwooos/page.tsx'`:通過,`scanned_files=907`
- `python3 scripts/security/public-frontend-env-guard.py --root .`:通過,`violations=0 runtime_gate=0`
- 針對本段前端與總帳文件掃描工作視窗、外部對話標記、個人 namespace、內網片語命中 `0`
- `pnpm --filter @awoooi/web typecheck`:通過。
- `git diff --check`:通過。
**尚未完成**
- 本段尚未 push、尚未取得 Gitea run、尚未部署、尚未做正式站 desktop / mobile smoke。
- 磁碟剩餘空間低於 1GiB因此本地未執行 Next production build正式部署後必須以 production route 補做 desktop / mobile、水平溢出、必要文字可見與外洩字串檢查。
**邊界**:本段沒有 SSH、沒有主機寫入、沒有 Nginx reload、沒有 firewall / K8s / workflow 變更、沒有 Wazuh active response、沒有 Kali active scan 或 `/execute`、沒有 Telegram 實發、沒有 SOAR case、沒有收 secret 明文、沒有新增任何正式操作按鈕。
## 2026-06-18全 0 週報改為資料鏈異常而非正常報表
**背景**:使用者提供 AWOOOI 週報截圖指出告警、AI 效能、開發活動、成本全部為 0這種報表沒有用途應該診斷資料鏈與 AI Agent 自動化,而不是只發出空報表。盤點後確認舊 `WeeklyReportService` 會在 Stats / K3s / Git 等資料來源失敗時 fallback 成 0且 Git 統計依賴容器內 `/app`,成本 / token 也仍是缺資料路徑,導致「查不到資料」被偽裝成「沒有事件」。

View File

@@ -0,0 +1,101 @@
# IwoooS 資安資產控制總帳
| 項目 | 內容 |
|------|------|
| 日期 | 2026-06-18 |
| 狀態 | `security_asset_control_ledger_ready_no_runtime_action` |
| 工具 | `scripts/security/security-asset-control-ledger.py` |
| Snapshot | `docs/security/security-asset-control-ledger.snapshot.json` |
| 對應優先序 | P0-A 資產 / 配置總清冊 |
| runtime gate | `0` |
## 1. 目的
此總帳把 IwoooS 既有的資安清冊、snapshot、owner gate、事故後回讀計畫與前台防洩漏 guard彙整成一份可重跑的「資安資產控制總帳」。它回答的是
1. 哪些主機、公開入口、版本來源、workflow、監控、Wazuh、Kali、備份、供應鏈、AI agent 與產品 runtime 已進入資安控管視野。
2. 每一類資產目前缺哪一種 owner packet 與脫敏 evidence refs。
3. 哪些動作仍必須維持 `0 / false`,不能因 UI 可見、snapshot 存在或 CD 成功而自動升級。
本文件不是 live host truth也不是主機修復、掃描、封鎖、reload、restart、secret rotation、workflow dispatch、SOAR action 或 production write 授權。
## 2. 固定摘要
| 指標 | 值 |
|------|----|
| 資安資產群組 | `16` |
| P0 資產群組 | `14` |
| P1 資產群組 | `2` |
| C0 群組 | `14` |
| C1 群組 | `2` |
| evidence refs | `64` |
| 已存在 evidence refs | `64` |
| 缺失 evidence refs | `0` |
| owner 必填欄位 | `24` |
| reviewer checks | `24` |
| outcome lanes | `10` |
| blocked actions | `44` |
| owner packet required | `16` |
| owner response received / accepted | `0 / 0` |
| live evidence accepted | `0` |
| runtime gate / action button | `0 / 0` |
| P0-A repo 總帳完成度 | `100%` |
| IwoooS headline | 仍維持 `64%` |
## 3. 資產群組與優先序
| 優先 | 群組 | 控制範圍 | 下一步 |
|------|------|----------|--------|
| P0 | Nginx / Public Gateway / Route | 公開入口、API、WebSocket、ACME、admin route、Ollama proxy | 補 live conf、rendered diff、`nginx -t`、route smoke、rollback owner |
| P0 | DNS / TLS / Certbot | domain、certificate path、ACME、renewal owner、TLS route | 補憑證覆蓋依據、到期 metadata、renewal owner、ACME route owner |
| P0 | Docker / systemd / Host Service | compose、systemd、repair-bot、port binding、process / persistence baseline | 補 live hash、incident readback、restart window、rollback owner、post-check |
| P0 | SSH / Firewall / WireGuard / NodePort | SSH、known_hosts、sudoers、firewall、WireGuard、NetworkPolicy、NodePort | 補 actor、before / after、impact、operator notification、restoration evidence |
| P0 | K8s / ArgoCD / GitOps | manifests、ArgoCD、RBAC、NetworkPolicy、CronJob、Velero | 補 ArgoCD revision、health / sync、rendered diff、rollback revision、postcheck owner |
| P0 | Gitea Workflow / Runner / Secret Metadata | workflow、runner、deploy key、webhook、secret name parity、redaction guard | 補 runner attestation、secret injection route、log redaction、Gitea run readback |
| P0 | Gitea / GitHub / Source Control | repo visibility、canonical refs、GitHub primary readiness、branch / tag / workflow boundary | 補 owner response不得自動建 repo、改 visibility、sync refs 或切 primary |
| P0 | Wazuh / Endpoint / SIEM | Wazuh manager、agent、FIM、rule / decoder、event ref、active response dry-run 邊界 | 補 Wazuh health refs、agent refs、event refs 與 no-raw-payload attestation |
| P0 | Kali 112 / Assessment Tooling | Kali health、tool version、scope、finding envelope、maintenance window | 補 scope ref、health ref、normalized finding envelopeactive scan 與 `/execute` 另批 |
| P0 | Monitoring / Alerting / Observability | Prometheus、Alertmanager、Telegram route、SigNoz、Sentry、Langfuse、no-false-green | 補 route owner、receiver diff、receipt evidence、noise budget、reload owner |
| P0 | Backup / Restore / DR / Escrow | backup、restic、offsite、escrow、Velero、restore drill、retention | 補 restore drill、offsite ref、escrow non-secret proof、retention runway、DR scorecard |
| P0 | Harbor / Registry / SBOM / Supply Chain | Harbor、registry、image tag、SBOM、Cosign、SLSA、dependency drift、CVE / KEV | 補 SBOM / VEX / provenance intake、image signing、KEV / EPSS / exposure SLA |
| P0 | Public / Admin / API / Frontend Runtime | public URL、CORS、auth boundary、middleware、webhook、frontend env、i18n redaction | 補 route owner、API readback、CORS diff、desktop / mobile smoke、bundle scan |
| P0 | AI Provider / Model Router / Agent Runtime | OpenClaw、Ollama、NemoTron、Hermes、Gemini、MCP / A2A、tool allowlist、cost / privacy | 補 dry-run、benchmark、cost review、privacy review、fallback order、rollback owner |
| P1 | Product Surface / Runtime Route | AWOOOI、AwoooP、IwoooS、VibeWork、agent-bounty-protocol、StockPlatform、Tsenyang、Bitan | 補逐產品 owner、route、admin、API、backup、webhook、rollback 與 validation 指標 |
| P1 | KM / PlayBook / Script / Schedule / Verifier | incident、approval、repair candidate、manual handoff 的自動化資產沉澱 | 補 incident / approval / manual handoff writeback contract |
## 4. Owner Packet 必填欄位
每個資產群組要從候選進到 reviewer review至少必須具備
`asset_group_id``asset_alias``owner_role``owner_team``business_impact``technical_scope``affected_routes_or_services``data_classification``redacted_evidence_refs``source_of_truth_ref``live_state_ref``config_diff_ref``monitoring_signal_ref``wazuh_or_siem_ref``kali_scope_ref``backup_restore_ref``supply_chain_ref``secret_absence_attestation``raw_payload_absence_attestation``maintenance_window``rollback_owner``postcheck_owner``followup_owner``decision_reason`
## 5. 固定停止線
以下項目仍維持 `0 / false`
- owner response received / accepted。
- live evidence accepted。
- runtime gate / action button。
- host write、SSH read、Nginx reload、firewall change、ArgoCD sync、workflow modification。
- secret value collection。
- Wazuh active response。
- Kali active scan / Kali `/execute`
- Telegram send、SOAR action、auto block、production write。
## 6. 驗證指令
```bash
python3 scripts/security/security-asset-control-ledger.py \
--root . \
--generated-at 2026-06-18T13:44:00+08:00 \
--output docs/security/security-asset-control-ledger.snapshot.json
```
## 7. 完成度
| 工作 | 完成度 | 說明 |
|------|--------|------|
| P0-A repo-side 資安資產控制總帳 | `100%` | 16 個群組、64 個 evidence refs 全部對上 |
| owner packet 收件 | `0%` | 尚未收到或接受 owner response |
| live evidence 驗收 | `0%` | 未 SSH、未讀 live host、未呼叫 Wazuh / Kali |
| runtime / response / containment | `0%` | 未開掃描、封鎖、reload、restart、SOAR、auto block |

View File

@@ -0,0 +1,823 @@
{
"asset_groups": [
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/PUBLIC-GATEWAY-PREFLIGHT-INVENTORY.md"
},
{
"exists": true,
"ref": "docs/security/public-gateway-preflight-inventory.snapshot.json"
},
{
"exists": true,
"ref": "docs/security/PUBLIC-GATEWAY-POST-INCIDENT-READBACK-PLAN.md"
},
{
"exists": true,
"ref": "docs/security/public-gateway-post-incident-readback-plan.snapshot.json"
}
],
"evidence_refs": [
"docs/security/PUBLIC-GATEWAY-PREFLIGHT-INVENTORY.md",
"docs/security/public-gateway-preflight-inventory.snapshot.json",
"docs/security/PUBLIC-GATEWAY-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/public-gateway-post-incident-readback-plan.snapshot.json"
],
"group_id": "public_gateway_nginx",
"label": "Nginx / Public Gateway / Route",
"live_evidence_accepted": 0,
"next_owner_action": "補 owner-provided live conf、rendered diff、nginx -t、route smoke、rollback owner。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P0",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "公開入口、API、WebSocket、ACME、admin route、Ollama proxy",
"secret_value_collection_allowed": false,
"tier": "C0"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/DOMAIN-TLS-CERTBOT-INVENTORY.md"
},
{
"exists": true,
"ref": "docs/security/domain-tls-certbot-inventory.snapshot.json"
},
{
"exists": true,
"ref": "docs/security/DOMAIN-TLS-CERTBOT-OWNER-RESPONSE-ACCEPTANCE.md"
},
{
"exists": true,
"ref": "docs/security/domain-tls-certbot-owner-response-acceptance.snapshot.json"
}
],
"evidence_refs": [
"docs/security/DOMAIN-TLS-CERTBOT-INVENTORY.md",
"docs/security/domain-tls-certbot-inventory.snapshot.json",
"docs/security/DOMAIN-TLS-CERTBOT-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/domain-tls-certbot-owner-response-acceptance.snapshot.json"
],
"group_id": "dns_tls_certbot",
"label": "DNS / TLS / Certbot",
"live_evidence_accepted": 0,
"next_owner_action": "補 SAN / wildcard 覆蓋依據、expiry metadata、renewal owner、ACME route owner。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P0",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "domain、certificate path、ACME、renewal owner、TLS route",
"secret_value_collection_allowed": false,
"tier": "C0"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/HOST-SERVICE-CONFIG-INVENTORY.md"
},
{
"exists": true,
"ref": "docs/security/host-service-config-inventory.snapshot.json"
},
{
"exists": true,
"ref": "docs/security/HOST-SERVICE-POST-INCIDENT-READBACK-PLAN.md"
},
{
"exists": true,
"ref": "docs/security/host-service-post-incident-readback-plan.snapshot.json"
}
],
"evidence_refs": [
"docs/security/HOST-SERVICE-CONFIG-INVENTORY.md",
"docs/security/host-service-config-inventory.snapshot.json",
"docs/security/HOST-SERVICE-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/host-service-post-incident-readback-plan.snapshot.json"
],
"group_id": "host_service_runtime",
"label": "Docker / systemd / Host Service",
"live_evidence_accepted": 0,
"next_owner_action": "補 live hash metadata、incident readback、restart window、rollback owner、post-check。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P0",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "Docker Compose、systemd、repair-bot、port binding、process / persistence baseline",
"secret_value_collection_allowed": false,
"tier": "C0"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/SSH-NETWORK-ACCESS-INVENTORY.md"
},
{
"exists": true,
"ref": "docs/security/ssh-network-access-inventory.snapshot.json"
},
{
"exists": true,
"ref": "docs/security/SSH-NETWORK-POST-INCIDENT-READBACK-PLAN.md"
},
{
"exists": true,
"ref": "docs/security/ssh-network-post-incident-readback-plan.snapshot.json"
}
],
"evidence_refs": [
"docs/security/SSH-NETWORK-ACCESS-INVENTORY.md",
"docs/security/ssh-network-access-inventory.snapshot.json",
"docs/security/SSH-NETWORK-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/ssh-network-post-incident-readback-plan.snapshot.json"
],
"group_id": "ssh_firewall_network",
"label": "SSH / Firewall / WireGuard / NodePort",
"live_evidence_accepted": 0,
"next_owner_action": "補 actor、before / after state、impact、operator notification、restoration evidence。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P0",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "SSH target、known_hosts、sudoers、firewall、WireGuard、NetworkPolicy、NodePort",
"secret_value_collection_allowed": false,
"tier": "C0"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/K8S-ARGOCD-MANIFEST-INVENTORY.md"
},
{
"exists": true,
"ref": "docs/security/k8s-argocd-manifest-inventory.snapshot.json"
},
{
"exists": true,
"ref": "docs/security/K8S-ARGOCD-POST-INCIDENT-READBACK-PLAN.md"
},
{
"exists": true,
"ref": "docs/security/k8s-argocd-post-incident-readback-plan.snapshot.json"
}
],
"evidence_refs": [
"docs/security/K8S-ARGOCD-MANIFEST-INVENTORY.md",
"docs/security/k8s-argocd-manifest-inventory.snapshot.json",
"docs/security/K8S-ARGOCD-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/k8s-argocd-post-incident-readback-plan.snapshot.json"
],
"group_id": "k8s_argocd_gitops",
"label": "K8s / ArgoCD / GitOps",
"live_evidence_accepted": 0,
"next_owner_action": "補 ArgoCD revision、health / sync、rendered manifest diff、rollback revision、postcheck owner。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P0",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "K8s manifests、ArgoCD app、RBAC、NetworkPolicy、CronJob、Velero",
"secret_value_collection_allowed": false,
"tier": "C0"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-INVENTORY.md"
},
{
"exists": true,
"ref": "docs/security/source-control-workflow-secret-name-inventory.snapshot.json"
},
{
"exists": true,
"ref": "docs/security/CD-RUNNER-SECRET-INJECTION-POST-INCIDENT-READBACK-PLAN.md"
},
{
"exists": true,
"ref": "docs/security/cd-runner-secret-injection-post-incident-readback-plan.snapshot.json"
}
],
"evidence_refs": [
"docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-INVENTORY.md",
"docs/security/source-control-workflow-secret-name-inventory.snapshot.json",
"docs/security/CD-RUNNER-SECRET-INJECTION-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/cd-runner-secret-injection-post-incident-readback-plan.snapshot.json"
],
"group_id": "workflow_runner_secret",
"label": "Gitea Workflow / Runner / Secret Metadata",
"live_evidence_accepted": 0,
"next_owner_action": "補 runner attestation、workspace cleanup、secret injection route、log redaction、Gitea run readback。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P0",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "workflow、runner label、deploy key、webhook、secret name parity、redaction guard",
"secret_value_collection_allowed": false,
"tier": "C0"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/GITEA-GITHUB-MIGRATION-INVENTORY.md"
},
{
"exists": true,
"ref": "docs/security/SOURCE-CONTROL-PRIMARY-READINESS-GATE.md"
},
{
"exists": true,
"ref": "docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md"
},
{
"exists": true,
"ref": "docs/security/source-control-primary-readiness-gate.snapshot.json"
}
],
"evidence_refs": [
"docs/security/GITEA-GITHUB-MIGRATION-INVENTORY.md",
"docs/security/SOURCE-CONTROL-PRIMARY-READINESS-GATE.md",
"docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md",
"docs/security/source-control-primary-readiness-gate.snapshot.json"
],
"group_id": "source_control_repo_visibility",
"label": "Gitea / GitHub / Source Control",
"live_evidence_accepted": 0,
"next_owner_action": "補 owner response不得建立 repo、改 visibility、sync refs 或切 primary。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P0",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "repo visibility、canonical refs、GitHub primary readiness、branch / tag / workflow boundary",
"secret_value_collection_allowed": false,
"tier": "C0"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/WAZUH-IWOOOS-INTRUSION-READBACK-PLAN.md"
},
{
"exists": true,
"ref": "docs/security/wazuh-iwooos-intrusion-readback-plan.snapshot.json"
},
{
"exists": true,
"ref": "docs/security/SOC-SIEM-KALI-WAZUH-INTEGRATION-CONTROL.md"
},
{
"exists": true,
"ref": "docs/security/soc-siem-kali-wazuh-integration-control.snapshot.json"
}
],
"evidence_refs": [
"docs/security/WAZUH-IWOOOS-INTRUSION-READBACK-PLAN.md",
"docs/security/wazuh-iwooos-intrusion-readback-plan.snapshot.json",
"docs/security/SOC-SIEM-KALI-WAZUH-INTEGRATION-CONTROL.md",
"docs/security/soc-siem-kali-wazuh-integration-control.snapshot.json"
],
"group_id": "wazuh_endpoint_siem",
"label": "Wazuh / Endpoint / SIEM",
"live_evidence_accepted": 0,
"next_owner_action": "補 Wazuh health refs、agent refs、event refs、rule / decoder readback 與 no-raw-payload attestation。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P0",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "Wazuh manager、agent、FIM、rule / decoder、event ref、active response dry-run boundary",
"secret_value_collection_allowed": false,
"tier": "C0"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/KALI-INTEGRATION-STATUS.md"
},
{
"exists": true,
"ref": "docs/security/kali-integration-status.snapshot.json"
},
{
"exists": true,
"ref": "docs/security/KALI-112-MAINTENANCE-WINDOW-DRAFT.md"
},
{
"exists": true,
"ref": "docs/security/kali-112-maintenance-window-draft.snapshot.json"
}
],
"evidence_refs": [
"docs/security/KALI-INTEGRATION-STATUS.md",
"docs/security/kali-integration-status.snapshot.json",
"docs/security/KALI-112-MAINTENANCE-WINDOW-DRAFT.md",
"docs/security/kali-112-maintenance-window-draft.snapshot.json"
],
"group_id": "kali_112_assessment",
"label": "Kali 112 / Assessment Tooling",
"live_evidence_accepted": 0,
"next_owner_action": "補 scope ref、health ref、normalized finding envelopeactive scan 與 /execute 仍獨立批准。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P0",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "Kali health、tool version、scope、finding envelope、maintenance window",
"secret_value_collection_allowed": false,
"tier": "C0"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/MONITORING-ALERTING-OBSERVABILITY-INVENTORY.md"
},
{
"exists": true,
"ref": "docs/security/monitoring-alerting-observability-inventory.snapshot.json"
},
{
"exists": true,
"ref": "docs/security/MONITORING-POST-INCIDENT-READBACK-PLAN.md"
},
{
"exists": true,
"ref": "docs/security/monitoring-post-incident-readback-plan.snapshot.json"
}
],
"evidence_refs": [
"docs/security/MONITORING-ALERTING-OBSERVABILITY-INVENTORY.md",
"docs/security/monitoring-alerting-observability-inventory.snapshot.json",
"docs/security/MONITORING-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/monitoring-post-incident-readback-plan.snapshot.json"
],
"group_id": "monitoring_alerting_observability",
"label": "Monitoring / Alerting / Observability",
"live_evidence_accepted": 0,
"next_owner_action": "補 route owner、receiver diff、receipt evidence、noise budget、reload owner 與 no-false-green。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P0",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "Prometheus、Alertmanager、Telegram route、SigNoz、Sentry、Langfuse、no-false-green",
"secret_value_collection_allowed": false,
"tier": "C0"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/BACKUP-RESTORE-ESCROW-INVENTORY.md"
},
{
"exists": true,
"ref": "docs/security/backup-restore-escrow-inventory.snapshot.json"
},
{
"exists": true,
"ref": "docs/security/BACKUP-RESTORE-POST-INCIDENT-READBACK-PLAN.md"
},
{
"exists": true,
"ref": "docs/security/backup-restore-post-incident-readback-plan.snapshot.json"
}
],
"evidence_refs": [
"docs/security/BACKUP-RESTORE-ESCROW-INVENTORY.md",
"docs/security/backup-restore-escrow-inventory.snapshot.json",
"docs/security/BACKUP-RESTORE-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/backup-restore-post-incident-readback-plan.snapshot.json"
],
"group_id": "backup_restore_dr",
"label": "Backup / Restore / DR / Escrow",
"live_evidence_accepted": 0,
"next_owner_action": "補 restore drill、offsite sync ref、escrow non-secret proof、retention runway、DR scorecard。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P0",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "backup scripts、restic、offsite、credential escrow、Velero、restore drill、retention",
"secret_value_collection_allowed": false,
"tier": "C0"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md"
},
{
"exists": true,
"ref": "docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md"
},
{
"exists": true,
"ref": "docs/security/security-supply-chain-contract-manifest.snapshot.json"
},
{
"exists": true,
"ref": "docs/evaluations/dependency_supply_chain_drift_monitor_2026-06-18.json"
}
],
"evidence_refs": [
"docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md",
"docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md",
"docs/security/security-supply-chain-contract-manifest.snapshot.json",
"docs/evaluations/dependency_supply_chain_drift_monitor_2026-06-18.json"
],
"group_id": "container_registry_supply_chain",
"label": "Harbor / Registry / SBOM / Supply Chain",
"live_evidence_accepted": 0,
"next_owner_action": "補 SBOM / VEX / provenance intake、image signing、KEV / EPSS / exposure SLA。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P0",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "Harbor、registry、image tag、SBOM、Cosign、SLSA、dependency drift、CVE / KEV",
"secret_value_collection_allowed": false,
"tier": "C0"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/PUBLIC-RUNTIME-CONFIG-CHANGE-EVIDENCE-ACCEPTANCE.md"
},
{
"exists": true,
"ref": "docs/security/public-runtime-config-change-evidence-acceptance.snapshot.json"
},
{
"exists": true,
"ref": "docs/security/public-frontend-sensitive-surface-guard.snapshot.json"
},
{
"exists": true,
"ref": "docs/HARD_RULES.md"
}
],
"evidence_refs": [
"docs/security/PUBLIC-RUNTIME-CONFIG-CHANGE-EVIDENCE-ACCEPTANCE.md",
"docs/security/public-runtime-config-change-evidence-acceptance.snapshot.json",
"docs/security/public-frontend-sensitive-surface-guard.snapshot.json",
"docs/HARD_RULES.md"
],
"group_id": "public_admin_api_runtime",
"label": "Public / Admin / API / Frontend Runtime",
"live_evidence_accepted": 0,
"next_owner_action": "補 route owner、API contract readback、CORS diff、desktop / mobile smoke、bundle sensitive scan。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P0",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "public URL、CORS、auth boundary、middleware、webhook、frontend env、i18n redaction",
"secret_value_collection_allowed": false,
"tier": "C0"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/AI-PROVIDER-OWNER-RESPONSE-ACCEPTANCE.md"
},
{
"exists": true,
"ref": "docs/security/ai-provider-owner-response-acceptance.snapshot.json"
},
{
"exists": true,
"ref": "docs/ai"
},
{
"exists": true,
"ref": "docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md"
}
],
"evidence_refs": [
"docs/security/AI-PROVIDER-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/ai-provider-owner-response-acceptance.snapshot.json",
"docs/ai",
"docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md"
],
"group_id": "ai_provider_agent_runtime",
"label": "AI Provider / Model Router / Agent Runtime",
"live_evidence_accepted": 0,
"next_owner_action": "補 dry-run、benchmark、cost review、privacy review、fallback order 與 rollback owner。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P0",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "OpenClaw、Ollama、NemoTron、Hermes、Gemini、MCP / A2A、tool allowlist、cost / privacy",
"secret_value_collection_allowed": false,
"tier": "C0"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/security/IWOOOS-CONFIG-CONTROL-INVENTORY.md"
},
{
"exists": true,
"ref": "docs/security/VIBEWORK-IWOOOS-ONBOARDING-HANDOFF.md"
},
{
"exists": true,
"ref": "docs/security/AGENT-BOUNTY-IWOOOS-ONBOARDING-HANDOFF.md"
},
{
"exists": true,
"ref": "docs/security/agent-bounty-iwooos-onboarding-handoff.snapshot.json"
}
],
"evidence_refs": [
"docs/security/IWOOOS-CONFIG-CONTROL-INVENTORY.md",
"docs/security/VIBEWORK-IWOOOS-ONBOARDING-HANDOFF.md",
"docs/security/AGENT-BOUNTY-IWOOOS-ONBOARDING-HANDOFF.md",
"docs/security/agent-bounty-iwooos-onboarding-handoff.snapshot.json"
],
"group_id": "product_surface_runtime_routes",
"label": "Product Surface / Runtime Route",
"live_evidence_accepted": 0,
"next_owner_action": "補逐產品 owner、route、admin、API、backup、webhook、rollback 與 validation 指標。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P1",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "AWOOOI、AwoooP、IwoooS、VibeWork、agent-bounty-protocol、StockPlatform、Tsenyang、Bitan",
"secret_value_collection_allowed": false,
"tier": "C1"
},
{
"action_button": 0,
"evidence_ref_states": [
{
"exists": true,
"ref": "docs/LOGBOOK.md"
},
{
"exists": true,
"ref": "apps/api/src/services/repair_candidate_service.py"
},
{
"exists": true,
"ref": "apps/api/src/services/telegram_gateway.py"
},
{
"exists": true,
"ref": "apps/web/src/app/[locale]/awooop/work-items/page.tsx"
}
],
"evidence_refs": [
"docs/LOGBOOK.md",
"apps/api/src/services/repair_candidate_service.py",
"apps/api/src/services/telegram_gateway.py",
"apps/web/src/app/[locale]/awooop/work-items/page.tsx"
],
"group_id": "automation_asset_sedimentation",
"label": "KM / PlayBook / Script / Schedule / Verifier",
"live_evidence_accepted": 0,
"next_owner_action": "補 incident / approval / manual handoff writeback contract讓資產總帳從可視化進入可追蹤閉環。",
"owner_packet_status": "waiting_asset_owner_packet",
"owner_response_accepted": 0,
"owner_response_received": 0,
"priority": "P1",
"raw_payload_allowed": false,
"redacted_evidence_refs_required": true,
"runtime_gate": 0,
"scope": "incident、approval、repair candidate、manual handoff 的自動化資產沉澱",
"secret_value_collection_allowed": false,
"tier": "C1"
}
],
"blocked_actions": [
"ssh_to_host",
"read_live_host_log",
"write_host_file",
"nginx_reload",
"certbot_renew",
"dns_change",
"firewall_change",
"wireguard_change",
"nodeport_change",
"networkpolicy_apply",
"kubectl_action",
"argocd_sync",
"helm_upgrade",
"docker_restart",
"docker_compose_up",
"systemctl_restart",
"repair_bot_execute",
"ansible_apply",
"wazuh_active_response",
"wazuh_rule_change",
"kali_active_scan",
"kali_execute",
"nmap_scan",
"nuclei_scan",
"trivy_live_scan",
"package_upgrade",
"workflow_modify",
"workflow_dispatch",
"runner_restart",
"secret_read",
"secret_rotate",
"webhook_modify",
"deploy_key_modify",
"refs_sync",
"force_push",
"github_primary_switch",
"backup_run",
"restore_run",
"offsite_sync",
"remote_delete",
"telegram_send",
"soar_case_create",
"auto_block",
"production_write"
],
"execution_boundaries": {
"action_buttons_allowed": false,
"argocd_sync_authorized": false,
"auto_block_authorized": false,
"firewall_change_authorized": false,
"host_write_authorized": false,
"kali_active_scan_authorized": false,
"kali_execute_authorized": false,
"nginx_reload_authorized": false,
"not_authorization": true,
"production_write_authorized": false,
"runtime_execution_authorized": false,
"secret_value_collection_allowed": false,
"soar_action_authorized": false,
"ssh_read_authorized": false,
"telegram_send_authorized": false,
"wazuh_active_response_authorized": false,
"workflow_modification_authorized": false
},
"generated_at": "2026-06-18T13:44:00+08:00",
"git_commit": "c7597df2",
"outcome_lanes": [
"waiting_asset_owner_packet",
"request_gateway_supplement",
"request_host_service_supplement",
"request_network_supplement",
"request_wazuh_kali_supplement",
"request_backup_restore_supplement",
"request_supply_chain_supplement",
"request_product_surface_supplement",
"quarantine_secret_or_raw_payload",
"ready_for_security_reviewer_review"
],
"required_owner_fields": [
"asset_group_id",
"asset_alias",
"owner_role",
"owner_team",
"business_impact",
"technical_scope",
"affected_routes_or_services",
"data_classification",
"redacted_evidence_refs",
"source_of_truth_ref",
"live_state_ref",
"config_diff_ref",
"monitoring_signal_ref",
"wazuh_or_siem_ref",
"kali_scope_ref",
"backup_restore_ref",
"supply_chain_ref",
"secret_absence_attestation",
"raw_payload_absence_attestation",
"maintenance_window",
"rollback_owner",
"postcheck_owner",
"followup_owner",
"decision_reason"
],
"reviewer_checks": [
"asset alias 不得暴露個人 namespace",
"owner role / team 必填",
"source-of-truth 必須可追溯",
"live evidence 只能收脫敏 ref",
"secret value / hash / partial token 一律拒收",
"raw Wazuh / raw Kali output 一律拒收",
"Nginx / firewall / K8s / workflow 變更需獨立 runtime approval",
"route 200 不得當資安完成",
"dashboard 可見不得當 remediation 完成",
"backup 存在不得當 restore drill 完成",
"Kali 納入範圍不得當 active scan 授權",
"Wazuh event 可見不得當 active response 授權",
"repo snapshot 不得當 live host truth",
"事故後回讀需含 actor、before / after、impact、postcheck",
"no-false-green 必須明確標示",
"owner response received / accepted 必須維持 0除非有實際收件",
"runtime gate 必須維持 0",
"action button 必須維持 0",
"Gitea / GitHub refs 不得自動同步",
"GitHub primary 不得自動切換",
"Telegram 不得實發",
"SOAR 不得 auto block",
"AI agent 不得讀 secret 或 host write",
"LOGBOOK 不得包含內部對話逐字稿"
],
"schema_version": "security_asset_control_ledger_v1",
"status": "security_asset_control_ledger_ready_no_runtime_action",
"summary": {
"action_button_count": 0,
"active_scan_authorized_count": 0,
"asset_group_count": 16,
"auto_block_authorized_count": 0,
"blocked_action_count": 44,
"c0_asset_group_count": 14,
"c1_asset_group_count": 2,
"evidence_ref_count": 64,
"existing_evidence_ref_count": 64,
"host_write_authorized_count": 0,
"iwooos_headline_progress_percent": 64,
"kali_execute_authorized_count": 0,
"live_evidence_accepted_count": 0,
"missing_evidence_ref_count": 0,
"outcome_lane_count": 10,
"owner_packet_required_count": 16,
"owner_response_accepted_count": 0,
"owner_response_received_count": 0,
"p0_asset_group_count": 14,
"p1_asset_group_count": 2,
"raw_payload_stored_count": 0,
"required_owner_field_count": 24,
"reviewer_check_count": 24,
"runtime_gate_count": 0,
"secret_value_collected_count": 0,
"security_asset_control_ledger_completion_percent": 100,
"soar_action_authorized_count": 0,
"wazuh_active_response_authorized_count": 0
}
}