diff --git a/apps/web/messages/en.json b/apps/web/messages/en.json
index 5ec5ad333..0bc2407a2 100644
--- a/apps/web/messages/en.json
+++ b/apps/web/messages/en.json
@@ -2954,6 +2954,51 @@
"guard": "Visible preflight is not request sent, received, accepted, or audit emitted."
}
}
+ },
+ "awooopCrossSessionHandoff": {
+ "title": "AwoooP Cross-Session Handoff",
+ "subtitle": "S2.52 freezes the current PR, branch, progress semantics, required guards, forbidden actions, and next coordination gate as read-only handoff packets so another AwoooP Session can continue without treating the handoff as production landing or execution authorization.",
+ "packetLabel": "Handoff packet",
+ "handoffLabel": "Handoff note",
+ "guardLabel": "Still locked",
+ "items": {
+ "branchAndPrAnchor": {
+ "title": "PR / branch anchor",
+ "body": "PR #117 and codex/security-supply-chain-contracts-20260512 are the current read-only sync anchors.",
+ "handoff": "The other Session should confirm the same PR, branch, and latest commit, then read LOGBOOK and the rollup ledger.",
+ "guard": "Do not merge, deploy, switch primary, or mutate refs from the handoff."
+ },
+ "progressSemantics": {
+ "title": "Progress semantics",
+ "body": "The headline remains 58%; framework is 80-85%; runtime / ingestion / GitHub primary / AwoooP production landing remains 35-40%.",
+ "handoff": "New UI, docs, and snapshots stay in the framework_detail ledger unless owner response, runtime gate, GitHub primary, or production landing evidence exists.",
+ "guard": "Do not treat framework detail, readiness, handoff, or guard pass as headline delta."
+ },
+ "requiredGuardCommands": {
+ "title": "Required guards",
+ "body": "Run security-mirror-progress-guard.py and source-control-owner-response-guard.py before taking over.",
+ "handoff": "Continue read-only projection only after both guards pass; if either fails, fix the contract or snapshot first.",
+ "guard": "Do not skip guards; do not treat guard pass as runtime approval."
+ },
+ "forbiddenRuntimeActions": {
+ "title": "Runtime forbidden actions",
+ "body": "Kali /execute, SSH, host update, active scan, credentialed scan, blocking control, repo / refs / workflow actions remain unauthorized.",
+ "handoff": "The other Session may only add read-only evidence, UI projection, docs, snapshots, and guards.",
+ "guard": "runtime_execution_authorized=false; action_buttons_allowed=false"
+ },
+ "awooopReadOnlyInputs": {
+ "title": "AwoooP read-only inputs",
+ "body": "AwoooP may consume the rollup snapshot, IwoooS projection, owner response validation rollup, Kali status, and rollout policy.",
+ "handoff": "Main-line AwoooP intake may display only state, evidence refs, route groups, and forbidden actions.",
+ "guard": "Do not store raw payloads, credential plaintext, token values, or execution payloads."
+ },
+ "nextCoordinationGate": {
+ "title": "Next coordination gate",
+ "body": "The next high-level gates that can move the headline remain owner response accepted, redacted payload ingestion, active runtime gate, GitHub primary ready, or AwoooP production landing.",
+ "handoff": "If the other Session advances production landing, it must provide read-only consumption evidence and deployment proof.",
+ "guard": "Do not treat handoff packets as production consumption."
+ }
+ }
}
},
"tickets": {
diff --git a/apps/web/messages/zh-TW.json b/apps/web/messages/zh-TW.json
index 1afda0c7c..55a5eeca1 100644
--- a/apps/web/messages/zh-TW.json
+++ b/apps/web/messages/zh-TW.json
@@ -2955,6 +2955,51 @@
"guard": "preflight 可見不代表 request sent、received、accepted 或 audit emitted。"
}
}
+ },
+ "awooopCrossSessionHandoff": {
+ "title": "AwoooP 跨 Session Handoff",
+ "subtitle": "S2.52 將目前 PR、分支、進度語義、必跑 guard、禁止動作與下一個協調 gate 固定成只讀 handoff packet,讓另一個 AwoooP Session 可直接接手,不把 handoff 當 production landing 或執行授權。",
+ "packetLabel": "Handoff packet",
+ "handoffLabel": "交接說明",
+ "guardLabel": "仍鎖住",
+ "items": {
+ "branchAndPrAnchor": {
+ "title": "PR / 分支錨點",
+ "body": "目前以 PR #117 與 codex/security-supply-chain-contracts-20260512 作為只讀同步錨點。",
+ "handoff": "另一個 Session 先確認同一 PR / branch / latest commit,再讀 LOGBOOK 與 rollup ledger。",
+ "guard": "不從 handoff 自動 merge、deploy、切 primary 或改 refs。"
+ },
+ "progressSemantics": {
+ "title": "進度語義",
+ "body": "headline 仍是 58%,framework 80-85%,runtime / ingestion / GitHub primary / AwoooP production landing 35-40%。",
+ "handoff": "所有新 UI / docs / snapshot 只能進 framework_detail ledger,除非 owner response、runtime gate、GitHub primary 或 production landing 有 evidence。",
+ "guard": "不把 framework detail、readiness、handoff、guard pass 當 headline delta。"
+ },
+ "requiredGuardCommands": {
+ "title": "必跑 Guard",
+ "body": "接手前先跑 security-mirror-progress-guard.py 與 source-control-owner-response-guard.py。",
+ "handoff": "兩個 guard 都通過後才能繼續 read-only projection;失敗時先停下修 contract / snapshot。",
+ "guard": "不跳過 guard;不把 guard pass 當 runtime approval。"
+ },
+ "forbiddenRuntimeActions": {
+ "title": "Runtime 禁止動作",
+ "body": "Kali /execute、SSH、host update、active scan、credentialed scan、blocking control、repo / refs / workflow 動作仍未授權。",
+ "handoff": "另一個 Session 只能新增 read-only evidence、UI projection、docs、snapshot、guard。",
+ "guard": "runtime_execution_authorized=false;action_buttons_allowed=false"
+ },
+ "awooopReadOnlyInputs": {
+ "title": "AwoooP 只讀輸入",
+ "body": "可消費 rollup snapshot、IwoooS projection、owner response validation rollup、Kali status 與 rollout policy。",
+ "handoff": "AwoooP 主線接入時只顯示狀態、evidence refs、route group 與 forbidden actions。",
+ "guard": "不保存 raw payload、credential plaintext、token value 或 execution payload。"
+ },
+ "nextCoordinationGate": {
+ "title": "下一個協調 Gate",
+ "body": "下一個真正能推動 headline 的高層 gate 仍是 owner response accepted、redacted payload ingestion、active runtime gate、GitHub primary ready 或 AwoooP production landing。",
+ "handoff": "若另一個 Session 要推進 production landing,必須提交 read-only consumption evidence 與 deployment proof。",
+ "guard": "不把 handoff packet 當 production consumption。"
+ }
+ }
}
},
"tickets": {
diff --git a/apps/web/src/app/[locale]/iwooos/page.tsx b/apps/web/src/app/[locale]/iwooos/page.tsx
index 429b40bbf..e07a4fe49 100644
--- a/apps/web/src/app/[locale]/iwooos/page.tsx
+++ b/apps/web/src/app/[locale]/iwooos/page.tsx
@@ -52,6 +52,13 @@ type AwoooPReadOnlyLandingReadinessItem = {
tone: 'steady' | 'warn' | 'locked'
}
+type AwoooPCrossSessionHandoffPacket = {
+ key: string
+ packet: string
+ icon: typeof ShieldCheck
+ tone: 'steady' | 'warn' | 'locked'
+}
+
type OwnerResponseNextActionFocusItem = {
key: string
focus: string
@@ -375,6 +382,15 @@ const awooopReadOnlyLandingReadinessItems: AwoooPReadOnlyLandingReadinessItem[]
{ key: 'productionHandoffPending', item: 'L6', icon: Clock3, tone: 'locked' },
]
+const awooopCrossSessionHandoffPackets: AwoooPCrossSessionHandoffPacket[] = [
+ { key: 'branchAndPrAnchor', packet: 'H1', icon: GitBranch, tone: 'steady' },
+ { key: 'progressSemantics', packet: 'H2', icon: Radar, tone: 'warn' },
+ { key: 'requiredGuardCommands', packet: 'H3', icon: ShieldCheck, tone: 'steady' },
+ { key: 'forbiddenRuntimeActions', packet: 'H4', icon: Lock, tone: 'locked' },
+ { key: 'awooopReadOnlyInputs', packet: 'H5', icon: FileText, tone: 'steady' },
+ { key: 'nextCoordinationGate', packet: 'H6', icon: ClipboardCheck, tone: 'warn' },
+]
+
const ownerResponseNextActionFocusItems: OwnerResponseNextActionFocusItem[] = [
{ key: 'giteaOwnerAttestation', focus: 'S4.9', icon: ClipboardCheck, tone: 'warn' },
{ key: 'githubTargetOwnerDecision', focus: 'S4.10', icon: GitBranch, tone: 'warn' },
@@ -973,6 +989,39 @@ function AwoooPReadOnlyLandingReadinessCard({ item }: { item: AwoooPReadOnlyLand
)
}
+function AwoooPCrossSessionHandoffPacketCard({ item }: { item: AwoooPCrossSessionHandoffPacket }) {
+ const t = useTranslations('iwooos.awooopCrossSessionHandoff')
+ const Icon = item.icon
+ const textWrap = { overflowWrap: 'anywhere' as const, wordBreak: 'break-word' as const }
+ return (
+
+
+
+
+ {t('packetLabel')}
+
+
{item.packet}
+
+
+ {t(`items.${item.key}.title` as never)}
+
+
+ {t(`items.${item.key}.body` as never)}
+
+
+
{t('handoffLabel')}
+
+ {t(`items.${item.key}.handoff` as never)}
+
+
{t('guardLabel')}
+
+ {t(`items.${item.key}.guard` as never)}
+
+
+
+ )
+}
+
function OwnerResponseNextActionFocusCard({ item }: { item: OwnerResponseNextActionFocusItem }) {
const t = useTranslations('iwooos.ownerResponseNextActionFocus')
const Icon = item.icon
@@ -2296,6 +2345,26 @@ export default function IwoooSPage({ params }: { params: { locale: string } }) {
+
+
+
{t('awooopCrossSessionHandoff.title')}
+
+ {t('awooopCrossSessionHandoff.subtitle')}
+
+
+
+ {awooopCrossSessionHandoffPackets.map(item => (
+
+ ))}
+
+
+
{t('progressAcceleration.title')}
diff --git a/docs/LOGBOOK.md b/docs/LOGBOOK.md
index 29d09d0af..d2ffc94ce 100644
--- a/docs/LOGBOOK.md
+++ b/docs/LOGBOOK.md
@@ -1,3 +1,17 @@
+## 2026-05-20 | 資安供應鏈 S2.52:IwoooS AwoooP Cross-Session Handoff Packets
+
+**背景**:另一個 AwoooP Session 同步推進中,S2.51 已把只讀 landing readiness 顯示出來;本輪把 PR / branch、進度語義、必跑 guard、禁止 runtime 動作、只讀輸入與下一個協調 gate 固定成 handoff packets,避免兩邊 Session 因為不同步而誤 merge、誤 deploy、誤切 primary、誤改 refs 或誤把 handoff 當執行授權。
+
+**完成**:
+- `/iwooos` 新增「AwoooP 跨 Session Handoff」六個接手 packets:PR / 分支錨點、進度語義、必跑 Guard、Runtime 禁止動作、AwoooP 只讀輸入、下一個協調 Gate。
+- `iwooos_posture_projection_v1` schema / snapshot 新增 `awooop_cross_session_handoff_packets` 與 `awooop_cross_session_handoff_packet_count=6`,每個 packet 固定 `headline_percent_delta=0`、`production_landing_enabled=false`、`execution_router_linked=false`、`progress_change_applied=false`、`runtime_execution_authorized=false`、`action_buttons_allowed=false`、`not_authorization=true`。
+- `security_mirror_status_rollup_v1` micro progress ledger 新增 `s2_52_iwooos_awooop_cross_session_handoff_packets`,headline progress 仍維持 58%。
+- `security-mirror-progress-guard.py` 開始驗證六個 handoff packets、handoff axes、current states、zero / false 邊界、allowed frontend output 與 forbidden output。
+
+**仍禁止**:
+- AwoooP cross-session handoff packet 不代表 production consumption、merge、deploy、primary switch、refs mutation、guard skip、progress increase、execution router linked、runtime gate、approval record、action button、Kali `/execute`、SSH 登入、主機變更、Kali 更新或 blocking control。
+- 整體資安網 headline 仍是 58%;框架 / 治理 / 文件 / schema / read-only evidence 仍約 80-85%;真正落地執行 / runtime ingestion / GitHub primary / AwoooP production landing 仍約 35-40%。
+
## 2026-05-20 | 資安供應鏈 S2.51:IwoooS AwoooP Read-Only Landing Readiness
**背景**:S2.50 已把 58% 維持的五個真實 movement gates 顯示出來;其中 AwoooP read-only landing 仍未進 production 消費。本輪先把 AwoooP 主線只讀接入前需要消費的 snapshot、evidence refs、guard checks、route groups 與 forbidden outputs 做成 readiness 面板,讓另一個 AwoooP Session 可直接接手,但不把 readiness 誤判成 production landing enabled。
diff --git a/docs/schemas/iwooos_posture_projection_v1.schema.json b/docs/schemas/iwooos_posture_projection_v1.schema.json
index 798f899f9..2a4c8d819 100644
--- a/docs/schemas/iwooos_posture_projection_v1.schema.json
+++ b/docs/schemas/iwooos_posture_projection_v1.schema.json
@@ -15,6 +15,7 @@
"summary",
"progress",
"awooop_read_only_landing_readiness_items",
+ "awooop_cross_session_handoff_packets",
"progress_hold_movement_gates",
"progress_acceleration_lanes",
"owner_response_next_action_focus_items",
@@ -150,6 +151,7 @@
"host_owner_decision_record_human_record_owner_review_preparation_packet_count",
"host_owner_decision_record_human_record_owner_review_preparation_checklist_item_count",
"awooop_read_only_landing_readiness_item_count",
+ "awooop_cross_session_handoff_packet_count",
"progress_hold_movement_gate_count",
"progress_acceleration_lane_count",
"action_buttons_allowed",
@@ -357,6 +359,10 @@
"type": "integer",
"const": 6
},
+ "awooop_cross_session_handoff_packet_count": {
+ "type": "integer",
+ "const": 6
+ },
"progress_hold_movement_gate_count": {
"type": "integer",
"const": 5
@@ -3930,6 +3936,83 @@
}
}
},
+ "awooop_cross_session_handoff_packets": {
+ "type": "array",
+ "minItems": 6,
+ "maxItems": 6,
+ "items": {
+ "type": "object",
+ "required": [
+ "packet_id",
+ "display_order",
+ "handoff_axis",
+ "current_state",
+ "handoff_instruction",
+ "guardrail",
+ "display_mode",
+ "headline_percent_delta",
+ "production_landing_enabled",
+ "execution_router_linked",
+ "progress_change_applied",
+ "runtime_execution_authorized",
+ "action_buttons_allowed",
+ "not_authorization"
+ ],
+ "properties": {
+ "packet_id": {
+ "type": "string"
+ },
+ "display_order": {
+ "type": "integer",
+ "minimum": 1
+ },
+ "handoff_axis": {
+ "type": "string"
+ },
+ "current_state": {
+ "type": "string"
+ },
+ "handoff_instruction": {
+ "type": "string"
+ },
+ "guardrail": {
+ "type": "string"
+ },
+ "display_mode": {
+ "const": "awooop_cross_session_handoff_packet_only"
+ },
+ "headline_percent_delta": {
+ "type": "integer",
+ "const": 0
+ },
+ "production_landing_enabled": {
+ "type": "boolean",
+ "const": false
+ },
+ "execution_router_linked": {
+ "type": "boolean",
+ "const": false
+ },
+ "progress_change_applied": {
+ "type": "boolean",
+ "const": false
+ },
+ "runtime_execution_authorized": {
+ "type": "boolean",
+ "const": false
+ },
+ "action_buttons_allowed": {
+ "type": "boolean",
+ "const": false
+ },
+ "not_authorization": {
+ "type": "boolean",
+ "const": true
+ }
+ },
+ "additionalProperties": false
+ }
+ },
"progress_hold_movement_gates": {
"type": "array",
"minItems": 5,
diff --git a/docs/security/IWOOOS-POSTURE-PROJECTION.md b/docs/security/IWOOOS-POSTURE-PROJECTION.md
index 672dec5c9..4057d2c1d 100644
--- a/docs/security/IWOOOS-POSTURE-PROJECTION.md
+++ b/docs/security/IWOOOS-POSTURE-PROJECTION.md
@@ -79,6 +79,7 @@ IwoooS 首版只讀取或對齊以下已提交 evidence:
47. 5 個 S4.9 owner response request templates,直接顯示 owner 要逐項回覆的 public-only / local gap、org/user endpoint、110 adjacent source、repo owner / canonical scope、legacy / inaccessible disposition,但不送出 request、不催收、不代填、不標記 received / accepted、不完成 Gitea inventory、不寫 Gitea、不 sync refs、不切 GitHub primary。
48. 5 個 progress hold movement gates,直接顯示 58% 仍維持的五個實質門檻:owner response accepted、redacted payload ingestion、active runtime gate、GitHub primary ready、AwoooP read-only landing,但不把 gate 顯示當成進度加分、授權或 runtime execution。
49. 6 個 AwoooP read-only landing readiness items,整理 AwoooP 主線只讀接入前要消費的 snapshot、evidence refs、guard checks、route groups、forbidden outputs 與 production handoff pending,但不標記 production landing enabled、不接 execution router。
+50. 6 個 AwoooP cross-session handoff packets,固定另一個 AwoooP Session 接手前要確認的 PR / branch、進度語義、guard commands、runtime 禁止動作、只讀輸入與下一個協調 gate,但不把 handoff 當 merge、deploy、primary switch、refs mutation、guard skip 或 production consumption。
## 3.1 既有前端資安頁面整合
@@ -830,6 +831,23 @@ S2.51 將 AwoooP 主線只讀接入前的準備條件拉到 IwoooS 可見面板
這個 readiness board 不代表 production landing 已完成、AwoooP 已消費 production 狀態、guard 已可跳過、execution router 已接上或 progress 已加分。它只把下一個 AwoooP 主線接入需要保留的只讀邊界整理清楚。
+## 3.43 AwoooP Cross-Session Handoff Packets
+
+S2.52 將另一個 AwoooP Session 接手前必須先看懂的同步資訊固定成 IwoooS 可見 handoff packets。這一層只回答「另一個 Session 要怎麼避免和本 PR / 本資安線互相打架」,不代表 production landing、merge、deploy、primary switch、refs mutation、guard skip 或 runtime action 已獲准。
+
+| 順序 | Handoff packet | 目前狀態 | 交接要求 |
+|------|----------------|----------|----------|
+| 1 | PR / branch anchor | ready for parallel session sync | 先確認 PR #117、`codex/security-supply-chain-contracts-20260512` 與 latest commit,再讀 LOGBOOK 與 rollup ledger |
+| 2 | Progress semantics | ready for parallel session sync | headline 維持 58%,framework 維持 80-85%,runtime / ingestion / GitHub primary / AwoooP production landing 維持 35-40% |
+| 3 | Required guard commands | ready for parallel session sync | 接手前先跑 `security-mirror-progress-guard.py` 與 `source-control-owner-response-guard.py` |
+| 4 | Forbidden runtime actions | ready for parallel session sync | Kali `/execute`、SSH、host update、active scan、credentialed scan、blocking control、repo / refs / workflow 動作仍未授權 |
+| 5 | AwoooP read-only inputs | ready for parallel session sync | AwoooP 只消費 rollup snapshot、IwoooS projection、owner response validation rollup、Kali status 與 rollout policy |
+| 6 | Next coordination gate | waiting external production evidence | 若要推進 production landing,必須提供 read-only consumption evidence 與 deployment proof |
+
+每個 AwoooP cross-session handoff packet 都固定 `display_mode=awooop_cross_session_handoff_packet_only`、`headline_percent_delta=0`、`production_landing_enabled=false`、`execution_router_linked=false`、`progress_change_applied=false`、`runtime_execution_authorized=false`、`action_buttons_allowed=false`、`not_authorization=true`。
+
+這個 handoff board 不代表另一個 Session 已完成 production consumption、可以 merge / deploy、可以切 primary、可以改 refs、可以跳過 guard 或可以提高 progress。它只把跨 Session 接手的讀取順序與禁止動作固定成可驗證 contract。
+
## 4. 仍禁止
IwoooS 不得提供下列輸出:
@@ -875,10 +893,11 @@ IwoooS 不得提供下列輸出:
39. 把 progress acceleration lane 當成授權、進度自動加分、owner response received、runtime gate、GitHub primary readiness 或 production execution。
40. 把 progress hold movement gate 當成進度加分、owner response received / accepted、payload ingestion、runtime gate、GitHub primary ready、AwoooP production landing 或 action button。
41. 把 AwoooP read-only landing readiness 當成 production consumption、progress increase、execution router、action button、guard skip、runtime gate 或 GitHub primary readiness。
-42. 把 owner response next-action focus 當成催收、代填、received、accepted、approval record、runtime gate、repo / refs mutation、secret value collection 或 GitHub primary switch。
-43. 把 S4.9 owner response preflight 當成 request sent、owner response received / accepted、preflight passed、audit emitted、approval record、Gitea write、repo / refs mutation、runtime gate 或 GitHub primary switch。
-44. 把 S4.9 owner response request template 當成 request sent、owner response received / accepted、audit emitted、Gitea inventory completed、Gitea write、repo / refs mutation、token collection、runtime gate 或 GitHub primary switch。
-45. 把 58% progress、contract count、mirror readiness 或前端可見狀態當成授權。
+42. 把 AwoooP cross-session handoff packet 當成 merge、deploy、primary switch、refs mutation、guard skip、production consumption、runtime gate 或 action button。
+43. 把 owner response next-action focus 當成催收、代填、received、accepted、approval record、runtime gate、repo / refs mutation、secret value collection 或 GitHub primary switch。
+44. 把 S4.9 owner response preflight 當成 request sent、owner response received / accepted、preflight passed、audit emitted、approval record、Gitea write、repo / refs mutation、runtime gate 或 GitHub primary switch。
+45. 把 S4.9 owner response request template 當成 request sent、owner response received / accepted、audit emitted、Gitea inventory completed、Gitea write、repo / refs mutation、token collection、runtime gate 或 GitHub primary switch。
+46. 把 58% progress、contract count、mirror readiness 或前端可見狀態當成授權。
## 5. 驗證
diff --git a/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md b/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md
index c2ec35bc5..5954f98aa 100644
--- a/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md
+++ b/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md
@@ -35,7 +35,7 @@
| Owner response validation | S4.13 已建立;四包 owner response 目前 received/accepted 皆為 0;4 條 missing response lanes、4 步 collection order、next collection candidate、6 條 evidence routing rules、8 個 display sections、7 條 state transition rules、9 個 reviewer checklist items、7 條 reviewer outcome lanes、4 個 reviewer audit event templates、5 個 reviewer audit display sections、6 個 reviewer audit collection checks、5 個 reviewer audit redaction examples、5 條 reviewer audit retention rules、6 個 reviewer audit retention checks、6 個 reviewer audit handoff packets、6 個 reviewer audit handoff checks、6 個 parallel session sync checks、6 條 parallel session conflict lanes、6 個 parallel session recovery checks 與 7 條 parallel session recovery outcome lanes 可供 AwoooP 直接顯示;下一個建議收件為 S4.9 Gitea owner attestation;latest local validation 為 `SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK`,reviewer audit emitted 仍為 0,不代表 owner response 已收到或任何執行授權 |
| Low-friction rollout policy | S1.3 已補 7 條 non-blocking escalation lanes;LOW / MEDIUM、缺 owner response、partial mirror、source-control drift、Kali observe finding、workflow / secret name gap 與 headline holding 初期只能 observe / warn;`owner_review_required_before_blocking=true`、`runtime_blocking_allowed=false` |
| IwoooS frontend posture | S2.8 已新增 `/iwooos` read-only Information Security 入口;顯示 Security Posture / Exposure、source-control supply chain、Kali 112 Mesh、approval boundary、non-blocking lanes 與 evidence refs;不新增執行按鈕 |
-| IwoooS posture projection | S2.9 已新增 `iwooos_posture_projection_v1`;S2.10 已把 10 個既有前端資安相關頁面納入 projection;S2.11 已補 4 個 coverage groups 與 5 個 conflict controls;S2.12 已補 6 個只讀 operator journey steps;S2.13 已補 7 個 owner evidence readiness items;S2.14 已補 3 個 host coverage items:Kali 112、開發主機 168、開發主機 111;S2.15 已補 6 個 host action gate items;S2.16 已補 7 個 host evidence readiness items;S2.17 已補 7 個 host evidence collection order steps;S2.18 已補 7 個 host evidence intake preflight checks;S2.19 已補 7 個 host evidence review outcome lanes;S2.20 已補 7 個 host evidence review handoff packets;S2.21 已補 7 個 host evidence reviewer checklist items;S2.22 已補 7 個 host evidence reviewer outcome lanes;S2.23 已補 7 個 host owner decision candidate packets;S2.24 已補 7 個 host owner decision review checklist items;S2.25 已補 7 個 host owner decision review outcome lanes;S2.26 已補 7 個 host owner decision record draft packets;S2.27 已補 7 個 host owner decision record draft review checklist items;S2.28 已補 7 個 host owner decision record draft review outcome lanes;S2.29 已補 7 個 host owner decision record write-up packets;S2.30 已補 7 個 host owner decision record write-up review checklist items;S2.31 已補 7 個 host owner decision record write-up review outcome lanes;S2.32 已補 7 個 host owner decision record formal candidate packets;S2.33 已補 7 個 host owner decision record formal candidate review checklist items;S2.34 已補 8 個 host owner decision record formal candidate review outcome lanes;S2.35 已補 8 個 host owner decision record formal record queue packets;S2.36 已補 8 個 host owner decision record formal record queue review checklist items;S2.37 已補 8 個 host owner decision record formal record queue review outcome lanes;S2.38 已補 8 個 host owner decision record human handoff readiness packets;S2.39 已補 8 個 host owner decision record human handoff readiness review checklist items;S2.40 已補 9 個 host owner decision record human handoff readiness review outcome lanes;S2.41 已補 9 個 host owner decision record human record owner review candidate packets;S2.42 已補 9 個 host owner decision record human record owner review candidate checklist items;S2.43 已補 9 個 host owner decision record human record owner review candidate outcome lanes;S2.44 已補 9 個 host owner decision record human record owner review preparation packets;S2.45 已補 9 個 host owner decision record human record owner review preparation checklist items;S2.46 已補 6 條 progress acceleration lanes,顯示 58% holding 原因與下一個高層解鎖 gate;S2.47 已補 4 個 owner response next-action focus items,顯示 S4.9 為下一個收件焦點且 S4.10-S4.12 依序排隊;S2.48 已補 6 個 S4.9 owner response preflight checks,讓下一個 P0 owner response 的可收件條件可見;S2.49 已補 5 個 S4.9 owner response request templates,讓 owner 要逐項回覆的五題可見;S2.50 已補 5 個 progress hold movement gates,解釋為什麼 58% 仍維持且五個真實 movement signal 都是 0 / false;S2.51 已補 6 個 AwoooP read-only landing readiness items,讓另一個 AwoooP Session 可照 snapshot / evidence / guard / route / forbidden outputs 接入;仍不新增 action button |
+| IwoooS posture projection | S2.9 已新增 `iwooos_posture_projection_v1`;S2.10 已把 10 個既有前端資安相關頁面納入 projection;S2.11 已補 4 個 coverage groups 與 5 個 conflict controls;S2.12 已補 6 個只讀 operator journey steps;S2.13 已補 7 個 owner evidence readiness items;S2.14 已補 3 個 host coverage items:Kali 112、開發主機 168、開發主機 111;S2.15 已補 6 個 host action gate items;S2.16 已補 7 個 host evidence readiness items;S2.17 已補 7 個 host evidence collection order steps;S2.18 已補 7 個 host evidence intake preflight checks;S2.19 已補 7 個 host evidence review outcome lanes;S2.20 已補 7 個 host evidence review handoff packets;S2.21 已補 7 個 host evidence reviewer checklist items;S2.22 已補 7 個 host evidence reviewer outcome lanes;S2.23 已補 7 個 host owner decision candidate packets;S2.24 已補 7 個 host owner decision review checklist items;S2.25 已補 7 個 host owner decision review outcome lanes;S2.26 已補 7 個 host owner decision record draft packets;S2.27 已補 7 個 host owner decision record draft review checklist items;S2.28 已補 7 個 host owner decision record draft review outcome lanes;S2.29 已補 7 個 host owner decision record write-up packets;S2.30 已補 7 個 host owner decision record write-up review checklist items;S2.31 已補 7 個 host owner decision record write-up review outcome lanes;S2.32 已補 7 個 host owner decision record formal candidate packets;S2.33 已補 7 個 host owner decision record formal candidate review checklist items;S2.34 已補 8 個 host owner decision record formal candidate review outcome lanes;S2.35 已補 8 個 host owner decision record formal record queue packets;S2.36 已補 8 個 host owner decision record formal record queue review checklist items;S2.37 已補 8 個 host owner decision record formal record queue review outcome lanes;S2.38 已補 8 個 host owner decision record human handoff readiness packets;S2.39 已補 8 個 host owner decision record human handoff readiness review checklist items;S2.40 已補 9 個 host owner decision record human handoff readiness review outcome lanes;S2.41 已補 9 個 host owner decision record human record owner review candidate packets;S2.42 已補 9 個 host owner decision record human record owner review candidate checklist items;S2.43 已補 9 個 host owner decision record human record owner review candidate outcome lanes;S2.44 已補 9 個 host owner decision record human record owner review preparation packets;S2.45 已補 9 個 host owner decision record human record owner review preparation checklist items;S2.46 已補 6 條 progress acceleration lanes,顯示 58% holding 原因與下一個高層解鎖 gate;S2.47 已補 4 個 owner response next-action focus items,顯示 S4.9 為下一個收件焦點且 S4.10-S4.12 依序排隊;S2.48 已補 6 個 S4.9 owner response preflight checks,讓下一個 P0 owner response 的可收件條件可見;S2.49 已補 5 個 S4.9 owner response request templates,讓 owner 要逐項回覆的五題可見;S2.50 已補 5 個 progress hold movement gates,解釋為什麼 58% 仍維持且五個真實 movement signal 都是 0 / false;S2.51 已補 6 個 AwoooP read-only landing readiness items,讓另一個 AwoooP Session 可照 snapshot / evidence / guard / route / forbidden outputs 接入;S2.52 已補 6 個 AwoooP cross-session handoff packets,固定 PR / branch anchor、progress semantics、guard commands、forbidden runtime actions、read-only inputs 與 next coordination gate;仍不新增 action button |
| Dry-run | `contract_defined_not_executed`;已納入 `CHECK_PROGRESS_GUARD` 與 `CHECK_OWNER_RESPONSE_GUARD`,latest local validation 為 `repo_snapshot_guard_pass`,仍不代表 production ingestion |
| Runtime actions | `false` |
| Payload ingestion | `false` |
@@ -135,6 +135,7 @@
| S2.49 IwoooS S4.9 owner response request templates | framework detail | 0 | 只顯示 S4.9 五個 request-ready-not-sent templates;request sent、received、accepted、rejected、audit emitted、Gitea inventory completed、Gitea write、repo / refs mutation、token collection、runtime gate、GitHub primary 與 action button 仍全部鎖住 |
| S2.50 IwoooS progress hold movement gates | framework detail | 0 | 只顯示 58% 維持的五個實質門檻;owner response accepted、redacted payload ingestion、active runtime gate、GitHub primary ready、AwoooP read-only landing 仍全部為 0 / false,不把 gate 顯示當授權、進度加分或 action button |
| S2.51 IwoooS AwoooP read-only landing readiness | framework detail | 0 | 只顯示 AwoooP 只讀接入前的六個條件;production_landing_enabled=false、execution_router_linked=false、progress_change_applied=false,不把 readiness 當 production consumption、guard skip、runtime gate 或 action button |
+| S2.52 IwoooS AwoooP cross-session handoff packets | framework detail | 0 | 只顯示另一個 Session 接手前的 PR / branch、進度語義、guard commands、runtime 禁止動作、只讀輸入與下一個協調 gate;production_landing_enabled=false、execution_router_linked=false、progress_change_applied=false,不把 handoff 當 merge、deploy、primary switch、refs mutation、guard skip 或 production consumption |
headline 進度要再往上,至少需要下列任一高層 gate 有實質 evidence:
diff --git a/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md b/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md
index 513f190ad..c83d2d86b 100644
--- a/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md
+++ b/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md
@@ -4,7 +4,7 @@
|------|------|
| 日期 | 2026-05-17 |
| 狀態 | S0/S1 read-only evidence 建置中 |
-| 本階段完成 | 資安供應鏈 contract manifest + Source Control Approval Board + Draft Reconcile Plan + Ref Detail Diff + Ref Truth Classification + Source Control Ref Truth Owner Response 收件包 + GitHub Primary Readiness Gate + GitHub Primary Rollback ADR + GitHub Target Owner Decision Response 收件包 + Gitea 認證清冊匯出請求 + Gitea 認證清冊匯入驗收契約 + Gitea 清冊覆蓋 Owner Attestation + Gitea Owner Attestation Approval Lane 對齊 + Gitea Owner Attestation Response 收件包 + Workflow / Secret Name Inventory + Workflow / Secret Name Local Evidence + Workflow / Secret Name Redacted Export Request + Workflow / Secret Name Owner Response 收件包 + Source Control Owner Response Validation Rollup + Kali 112 live integration status + Security Finding contract + Kali scan scope approval package + Security Approval Queue + S3 人工批准 Gate + S3 人工決策紀錄 + S3 人工審查封包 + S3 人工決策狀態轉移 + S3 後續 runtime gate 準備契約 + 鏡像 readiness index + 鏡像接收計畫 + 鏡像事件信封 + 鏡像路由矩陣 + 鏡像驗收契約 + 鏡像隔離契約 + 鏡像 dry-run 報告契約 + 鏡像狀態彙整契約 + IwoooS 前端態勢入口 + IwoooS posture projection contract + IwoooS 既有前端資安頁面整合 + IwoooS 覆蓋與邊界矩陣 + IwoooS 只讀資安處理旅程 + IwoooS owner evidence readiness board + IwoooS host coverage view + IwoooS host action gate matrix + IwoooS host evidence readiness board + IwoooS host evidence collection order + IwoooS host evidence intake preflight + IwoooS host evidence review outcome lanes + IwoooS host evidence review handoff packets + IwoooS host evidence reviewer checklist + IwoooS host evidence reviewer outcome lanes + IwoooS host owner decision candidate packets + IwoooS host owner decision review checklist + IwoooS host owner decision review outcome lanes + IwoooS host owner decision record draft packets + IwoooS host owner decision record draft review checklist + IwoooS host owner decision record draft review outcome lanes + IwoooS host owner decision record write-up packets + IwoooS host owner decision record write-up review checklist + IwoooS host owner decision record write-up review outcome lanes + IwoooS host owner decision record formal candidate packets + IwoooS host owner decision record formal candidate review checklist + IwoooS host owner decision record formal candidate review outcome lanes + IwoooS host owner decision record formal record queue packets + IwoooS host owner decision record formal record queue review checklist + IwoooS host owner decision record formal record queue review outcome lanes + IwoooS host owner decision record human handoff readiness packets + IwoooS host owner decision record human handoff readiness review checklist + IwoooS host owner decision record human handoff readiness review outcome lanes + IwoooS host owner decision record human record owner review candidate packets + IwoooS host owner decision record human record owner review candidate checklist + IwoooS host owner decision record human record owner review candidate outcome lanes + IwoooS host owner decision record human record owner review preparation packets + IwoooS host owner decision record human record owner review preparation checklist + IwoooS progress acceleration lanes + IwoooS owner response next-action focus + IwoooS S4.9 owner response preflight + IwoooS S4.9 owner response request templates + IwoooS progress hold movement gates + IwoooS AwoooP read-only landing readiness |
+| 本階段完成 | 資安供應鏈 contract manifest + Source Control Approval Board + Draft Reconcile Plan + Ref Detail Diff + Ref Truth Classification + Source Control Ref Truth Owner Response 收件包 + GitHub Primary Readiness Gate + GitHub Primary Rollback ADR + GitHub Target Owner Decision Response 收件包 + Gitea 認證清冊匯出請求 + Gitea 認證清冊匯入驗收契約 + Gitea 清冊覆蓋 Owner Attestation + Gitea Owner Attestation Approval Lane 對齊 + Gitea Owner Attestation Response 收件包 + Workflow / Secret Name Inventory + Workflow / Secret Name Local Evidence + Workflow / Secret Name Redacted Export Request + Workflow / Secret Name Owner Response 收件包 + Source Control Owner Response Validation Rollup + Kali 112 live integration status + Security Finding contract + Kali scan scope approval package + Security Approval Queue + S3 人工批准 Gate + S3 人工決策紀錄 + S3 人工審查封包 + S3 人工決策狀態轉移 + S3 後續 runtime gate 準備契約 + 鏡像 readiness index + 鏡像接收計畫 + 鏡像事件信封 + 鏡像路由矩陣 + 鏡像驗收契約 + 鏡像隔離契約 + 鏡像 dry-run 報告契約 + 鏡像狀態彙整契約 + IwoooS 前端態勢入口 + IwoooS posture projection contract + IwoooS 既有前端資安頁面整合 + IwoooS 覆蓋與邊界矩陣 + IwoooS 只讀資安處理旅程 + IwoooS owner evidence readiness board + IwoooS host coverage view + IwoooS host action gate matrix + IwoooS host evidence readiness board + IwoooS host evidence collection order + IwoooS host evidence intake preflight + IwoooS host evidence review outcome lanes + IwoooS host evidence review handoff packets + IwoooS host evidence reviewer checklist + IwoooS host evidence reviewer outcome lanes + IwoooS host owner decision candidate packets + IwoooS host owner decision review checklist + IwoooS host owner decision review outcome lanes + IwoooS host owner decision record draft packets + IwoooS host owner decision record draft review checklist + IwoooS host owner decision record draft review outcome lanes + IwoooS host owner decision record write-up packets + IwoooS host owner decision record write-up review checklist + IwoooS host owner decision record write-up review outcome lanes + IwoooS host owner decision record formal candidate packets + IwoooS host owner decision record formal candidate review checklist + IwoooS host owner decision record formal candidate review outcome lanes + IwoooS host owner decision record formal record queue packets + IwoooS host owner decision record formal record queue review checklist + IwoooS host owner decision record formal record queue review outcome lanes + IwoooS host owner decision record human handoff readiness packets + IwoooS host owner decision record human handoff readiness review checklist + IwoooS host owner decision record human handoff readiness review outcome lanes + IwoooS host owner decision record human record owner review candidate packets + IwoooS host owner decision record human record owner review candidate checklist + IwoooS host owner decision record human record owner review candidate outcome lanes + IwoooS host owner decision record human record owner review preparation packets + IwoooS host owner decision record human record owner review preparation checklist + IwoooS progress acceleration lanes + IwoooS owner response next-action focus + IwoooS S4.9 owner response preflight + IwoooS S4.9 owner response request templates + IwoooS progress hold movement gates + IwoooS AwoooP read-only landing readiness + IwoooS AwoooP cross-session handoff packets |
| 原則 | 低摩擦分階段;文件、schema、read-only evidence 優先;不做 runtime enforcement、不切 primary |
## 0. 本階段完成後整體進度
@@ -27,7 +27,7 @@ python3 scripts/security/security-mirror-progress-guard.py
### 0.2 Headline 58% 不代表停滯
-近期 S4.10 request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks、S4.11 request packet / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks、S4.12 request packet / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks、S4.13 evidence routing rules / display sections / state transition rules / reviewer checklist / reviewer outcome lanes / reviewer audit event templates / reviewer audit display sections / reviewer audit collection checks / reviewer audit redaction examples / reviewer audit retention rules / reviewer audit retention checks / reviewer audit handoff packets / reviewer audit handoff checks / parallel session sync checks / parallel session conflict lanes / parallel session recovery checks / recovery outcome lanes、S1.3 non-blocking escalation lanes、S2.8 IwoooS frontend posture entry,以及 S2.9-S2.51 IwoooS posture projection contract 都是有效進展,但它們是 framework detail,不是 owner response、runtime gate、production ingestion 或 GitHub primary readiness。因此 headline 仍維持 58%,避免把只讀框架誤算成已落地執行。
+近期 S4.10 request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks、S4.11 request packet / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks、S4.12 request packet / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks、S4.13 evidence routing rules / display sections / state transition rules / reviewer checklist / reviewer outcome lanes / reviewer audit event templates / reviewer audit display sections / reviewer audit collection checks / reviewer audit redaction examples / reviewer audit retention rules / reviewer audit retention checks / reviewer audit handoff packets / reviewer audit handoff checks / parallel session sync checks / parallel session conflict lanes / parallel session recovery checks / recovery outcome lanes、S1.3 non-blocking escalation lanes、S2.8 IwoooS frontend posture entry,以及 S2.9-S2.52 IwoooS posture projection contract 都是有效進展,但它們是 framework detail,不是 owner response、runtime gate、production ingestion 或 GitHub primary readiness。因此 headline 仍維持 58%,避免把只讀框架誤算成已落地執行。
S2.50 也把「為什麼 58% 還不動」拆成五個可見 gate:owner response accepted、redacted payload ingestion、active runtime gate、GitHub primary ready、AwoooP read-only landing。這五個 gate 目前仍全部是 0 / false,所以 headline 不應被灌水提高。
@@ -113,6 +113,7 @@ S2.50 也把「為什麼 58% 還不動」拆成五個可見 gate:owner respons
| S2.49 IwoooS S4.9 owner response request templates | 已完成草案,將 S4.9 五個 request-ready-not-sent templates 顯示在 IwoooS;request sent、received / accepted / rejected、audit emitted 仍為 0 | 0 |
| S2.50 IwoooS progress hold movement gates | 已完成草案,將 58% 維持原因拆成 owner response accepted、redacted payload ingestion、active runtime gate、GitHub primary ready、AwoooP read-only landing 五個 gate;全部仍為 0 / false | 0 |
| S2.51 IwoooS AwoooP read-only landing readiness | 已完成草案,將 AwoooP 只讀接入前的 rollup snapshot、evidence refs、guard checks、route groups、forbidden outputs 與 production handoff pending 顯示在 IwoooS;production_landing_enabled 仍為 false | 0 |
+| S2.52 IwoooS AwoooP cross-session handoff packets | 已完成草案,將另一個 Session 接手前的 PR / branch、progress semantics、guard commands、forbidden runtime actions、read-only inputs 與 next coordination gate 顯示在 IwoooS;production_landing_enabled 仍為 false | 0 |
headline 要再往上,需要 S4.9 / S4.10 / S4.11 / S4.12 任一 owner response 收到並通過脫敏驗收,或人工批准後出現 active runtime gate、redacted payload ingestion、GitHub primary readiness 這類落地 evidence。
@@ -183,6 +184,7 @@ headline 要再往上,需要 S4.9 / S4.10 / S4.11 / S4.12 任一 owner respons
| S2.49 IwoooS S4.9 Owner Response Request Templates | 完成草案 | `/iwooos` 新增 S4.9 owner response 五個回覆 template,顯示 public-only / local gap、org/user endpoint、110 adjacent source scope、repo owner / canonical scope、legacy / inaccessible disposition | 使用者能理解第一個 owner response 要回哪五題;templates 仍不是 request sent、received、accepted、audit emitted、Gitea inventory completed、Gitea write、refs sync、token collection、runtime gate 或 GitHub primary |
| S2.50 IwoooS Progress Hold Movement Gates | 完成草案 | `/iwooos` 新增「為什麼 58% 還不動」五個 movement gates,顯示 owner response accepted、redacted payload ingestion、active runtime gate、GitHub primary ready、AwoooP read-only landing 仍全部未滿足 | 使用者能理解 58% 維持不是卡死,而是不灌水;gate 顯示仍不是進度加分、授權、payload ingestion、runtime gate、GitHub primary 或 production landing |
| S2.51 IwoooS AwoooP Read-Only Landing Readiness | 完成草案 | `/iwooos` 新增 AwoooP 只讀 landing readiness,顯示 snapshot、evidence refs、guard checks、route groups、forbidden outputs 與 production handoff pending 六個接入條件 | 使用者與另一個 AwoooP Session 能看懂主線接入要消費什麼;readiness 仍不是 production landing enabled、execution router、action button、guard skip 或 headline 加分 |
+| S2.52 IwoooS AwoooP Cross-Session Handoff Packets | 完成草案 | `/iwooos` 新增 AwoooP 跨 Session handoff,顯示 PR / branch anchor、progress semantics、required guard commands、forbidden runtime actions、read-only inputs 與 next coordination gate 六個接手 packets | 另一個 Session 可用同一 PR / branch / guard / rollup 口徑同步;handoff 仍不是 merge、deploy、primary switch、refs mutation、guard skip、production consumption 或 headline 加分 |
| S3 approval gate | 進行中 | `security_approval_gate_v1` 已建立 8 個人工 gate items:7 pending、1 block candidate、0 approved | 不得繞過人工批准;批准後仍需 follow-up runtime gate |
| S3.0 人工批准 Gate 契約 | 完成草案 | 定義批准範圍、決策選項、required reviewers、still forbidden 與 follow-up runtime gate | AwoooP 可記錄決策,不可執行 gate item |
| S3.1 人工決策紀錄契約 | 完成草案 | `security_approval_decision_record_v1` 已建立;目前 0 筆 decision records、0 個 runtime action 授權 | AwoooP 可稽核決策,不可把決策當執行 |
diff --git a/docs/security/iwooos-posture-projection.snapshot.json b/docs/security/iwooos-posture-projection.snapshot.json
index 042f103c9..d136f60fe 100644
--- a/docs/security/iwooos-posture-projection.snapshot.json
+++ b/docs/security/iwooos-posture-projection.snapshot.json
@@ -73,6 +73,7 @@
"host_owner_decision_record_human_record_owner_review_preparation_packet_count": 9,
"host_owner_decision_record_human_record_owner_review_preparation_checklist_item_count": 9,
"awooop_read_only_landing_readiness_item_count": 6,
+ "awooop_cross_session_handoff_packet_count": 6,
"progress_hold_movement_gate_count": 5,
"progress_acceleration_lane_count": 6,
"owner_response_next_action_focus_item_count": 4,
@@ -146,6 +147,7 @@
"display_security_posture",
"display_progress_estimate",
"display_awooop_read_only_landing_readiness",
+ "display_awooop_cross_session_handoff_packets",
"display_progress_hold_movement_gates",
"display_progress_acceleration_lanes",
"display_non_blocking_lanes",
@@ -394,7 +396,14 @@
"mark_production_landing_enabled_from_readiness",
"create_action_button_from_awooop_landing_readiness",
"skip_guard_from_awooop_landing_readiness",
- "mark_progress_changed_from_awooop_landing_readiness"
+ "mark_progress_changed_from_awooop_landing_readiness",
+ "treat_awooop_handoff_as_production_consumption",
+ "merge_from_awooop_handoff",
+ "deploy_from_awooop_handoff",
+ "switch_primary_from_awooop_handoff",
+ "modify_refs_from_awooop_handoff",
+ "skip_guard_from_awooop_handoff",
+ "mark_progress_changed_from_awooop_handoff"
],
"runtime_execution_authorized": false,
"action_buttons_allowed": false,
@@ -5991,6 +6000,104 @@
"not_authorization": true
}
],
+ "awooop_cross_session_handoff_packets": [
+ {
+ "packet_id": "awooop_handoff_branch_and_pr_anchor",
+ "display_order": 1,
+ "handoff_axis": "branch_and_pr_anchor",
+ "current_state": "ready_for_parallel_session_sync",
+ "handoff_instruction": "另一個 Session 先確認 PR #117、codex/security-supply-chain-contracts-20260512 與 latest commit,再讀 LOGBOOK 與 rollup ledger。",
+ "guardrail": "不得從 handoff 自動 merge、deploy、switch primary 或 modify refs。",
+ "display_mode": "awooop_cross_session_handoff_packet_only",
+ "headline_percent_delta": 0,
+ "production_landing_enabled": false,
+ "execution_router_linked": false,
+ "progress_change_applied": false,
+ "runtime_execution_authorized": false,
+ "action_buttons_allowed": false,
+ "not_authorization": true
+ },
+ {
+ "packet_id": "awooop_handoff_progress_semantics",
+ "display_order": 2,
+ "handoff_axis": "progress_semantics",
+ "current_state": "ready_for_parallel_session_sync",
+ "handoff_instruction": "headline 維持 58%,framework 80-85%,runtime / ingestion / GitHub primary / AwoooP production landing 維持 35-40%;新增 UI / docs / snapshot 只能進 framework_detail ledger。",
+ "guardrail": "不得把 framework detail、readiness、handoff 或 guard pass 當 headline delta。",
+ "display_mode": "awooop_cross_session_handoff_packet_only",
+ "headline_percent_delta": 0,
+ "production_landing_enabled": false,
+ "execution_router_linked": false,
+ "progress_change_applied": false,
+ "runtime_execution_authorized": false,
+ "action_buttons_allowed": false,
+ "not_authorization": true
+ },
+ {
+ "packet_id": "awooop_handoff_required_guard_commands",
+ "display_order": 3,
+ "handoff_axis": "required_guard_commands",
+ "current_state": "ready_for_parallel_session_sync",
+ "handoff_instruction": "接手前先跑 security-mirror-progress-guard.py 與 source-control-owner-response-guard.py;兩者通過才繼續 read-only projection。",
+ "guardrail": "不得跳過 guard,也不得把 guard pass 當 runtime approval。",
+ "display_mode": "awooop_cross_session_handoff_packet_only",
+ "headline_percent_delta": 0,
+ "production_landing_enabled": false,
+ "execution_router_linked": false,
+ "progress_change_applied": false,
+ "runtime_execution_authorized": false,
+ "action_buttons_allowed": false,
+ "not_authorization": true
+ },
+ {
+ "packet_id": "awooop_handoff_forbidden_runtime_actions",
+ "display_order": 4,
+ "handoff_axis": "forbidden_runtime_actions",
+ "current_state": "ready_for_parallel_session_sync",
+ "handoff_instruction": "另一個 Session 只能新增 read-only evidence、UI projection、docs、snapshot、guard,不可做 Kali /execute、SSH、host update、active scan、credentialed scan、blocking control、repo / refs / workflow 動作。",
+ "guardrail": "runtime_execution_authorized=false;action_buttons_allowed=false。",
+ "display_mode": "awooop_cross_session_handoff_packet_only",
+ "headline_percent_delta": 0,
+ "production_landing_enabled": false,
+ "execution_router_linked": false,
+ "progress_change_applied": false,
+ "runtime_execution_authorized": false,
+ "action_buttons_allowed": false,
+ "not_authorization": true
+ },
+ {
+ "packet_id": "awooop_handoff_read_only_inputs",
+ "display_order": 5,
+ "handoff_axis": "read_only_inputs",
+ "current_state": "ready_for_parallel_session_sync",
+ "handoff_instruction": "AwoooP 主線只能消費 rollup snapshot、IwoooS projection、owner response validation rollup、Kali status 與 rollout policy,並顯示狀態、evidence refs、route group 與 forbidden actions。",
+ "guardrail": "不得保存 raw payload、credential plaintext、token value 或 execution payload。",
+ "display_mode": "awooop_cross_session_handoff_packet_only",
+ "headline_percent_delta": 0,
+ "production_landing_enabled": false,
+ "execution_router_linked": false,
+ "progress_change_applied": false,
+ "runtime_execution_authorized": false,
+ "action_buttons_allowed": false,
+ "not_authorization": true
+ },
+ {
+ "packet_id": "awooop_handoff_next_coordination_gate",
+ "display_order": 6,
+ "handoff_axis": "next_coordination_gate",
+ "current_state": "waiting_external_production_evidence",
+ "handoff_instruction": "若另一個 Session 要推進 production landing,必須提交 read-only consumption evidence 與 deployment proof;真正會推動 headline 的 gate 仍是 owner response accepted、redacted payload ingestion、active runtime gate、GitHub primary ready 或 AwoooP production landing。",
+ "guardrail": "不得把 handoff packet 當 production consumption。",
+ "display_mode": "awooop_cross_session_handoff_packet_only",
+ "headline_percent_delta": 0,
+ "production_landing_enabled": false,
+ "execution_router_linked": false,
+ "progress_change_applied": false,
+ "runtime_execution_authorized": false,
+ "action_buttons_allowed": false,
+ "not_authorization": true
+ }
+ ],
"progress_hold_movement_gates": [
{
"gate_id": "progress_hold_owner_response_accepted",
diff --git a/docs/security/security-mirror-status-rollup.snapshot.json b/docs/security/security-mirror-status-rollup.snapshot.json
index 2b7bad92e..45d8af561 100644
--- a/docs/security/security-mirror-status-rollup.snapshot.json
+++ b/docs/security/security-mirror-status-rollup.snapshot.json
@@ -1082,6 +1082,18 @@
"runtime_delta": false,
"execution_authorized": false,
"not_authorization": true
+ },
+ {
+ "delta_id": "s2_52_iwooos_awooop_cross_session_handoff_packets",
+ "display_order": 81,
+ "completed_stage": "S2.52 IwoooS AwoooP cross-session handoff packets",
+ "progress_axis": "framework_detail",
+ "headline_percent_delta": 0,
+ "framework_delta_visible": true,
+ "why_headline_unchanged": "AwoooP cross-session handoff packets 只整理另一個 Session 接手前的 PR/branch、progress semantics、guard commands、forbidden runtime actions、read-only inputs 與下一個 coordination gate;production_landing_enabled 仍為 false。",
+ "runtime_delta": false,
+ "execution_authorized": false,
+ "not_authorization": true
}
],
"next_safe_actions": [
@@ -1482,7 +1494,8 @@
"S2.48 新增 IwoooS S4.9 owner response preflight;s4_9_owner_response_preflight_check_count=6,顯示 known item、required owner fields、allowed decision、redacted evidence only、no execution request、all five items before accepted 六個收件前檢查;request sent、owner response received/accepted/rejected、preflight passed 與 audit events emitted 仍為 0,不標記 sent/received/accepted、不建立 approval record、不寫 Gitea、不 sync refs、不開 runtime gate 或切 GitHub primary。",
"S2.49 新增 IwoooS S4.9 owner response request templates;s4_9_owner_response_request_template_count=5,顯示 public-only/local gap、org/user endpoint、110 adjacent scope、repo owner/canonical scope、legacy/inaccessible disposition 五個 request-ready-not-sent templates;request sent、owner response received/accepted/rejected 與 audit events emitted 仍為 0,不自動催收、代填、送出 request、標記 received/accepted、完成 Gitea inventory、寫 Gitea、sync refs 或切 GitHub primary。",
"S2.50 新增 IwoooS progress hold movement gates;progress_hold_movement_gate_count=5,顯示 owner_response_accepted、redacted_payload_ingested、active_runtime_gate、github_primary_ready、awooop_read_only_landing 五個真正會讓 58% 進入下一輪重估的 gate;owner response received/accepted、payloads_ingested、active_runtime_gate_count、github_primary_ready_count、production_landing_enabled 仍全部為 0/false,不把 gate 顯示當進度加分、授權或 runtime execution。",
- "S2.51 新增 IwoooS AwoooP read-only landing readiness;awooop_read_only_landing_readiness_item_count=6,顯示 rollup snapshot、evidence refs、guard checks、route groups、forbidden outputs 與 production handoff pending;production_landing_enabled=false、execution_router_linked=false、progress_change_applied=false,不把 readiness 當 production consumption、runtime authorization 或 action button。"
+ "S2.51 新增 IwoooS AwoooP read-only landing readiness;awooop_read_only_landing_readiness_item_count=6,顯示 rollup snapshot、evidence refs、guard checks、route groups、forbidden outputs 與 production handoff pending;production_landing_enabled=false、execution_router_linked=false、progress_change_applied=false,不把 readiness 當 production consumption、runtime authorization 或 action button。",
+ "S2.52 新增 IwoooS AwoooP cross-session handoff packets;awooop_cross_session_handoff_packet_count=6,顯示 PR/branch anchor、progress semantics、required guard commands、forbidden runtime actions、read-only inputs 與 next coordination gate;production_landing_enabled=false、execution_router_linked=false、progress_change_applied=false,不把 handoff 當 merge、deploy、primary switch、refs mutation、guard skip 或 production consumption。"
],
"forbidden_actions": [
"start_kali_scan",
diff --git a/scripts/security/security-mirror-progress-guard.py b/scripts/security/security-mirror-progress-guard.py
index 79466def4..9c7f7e603 100755
--- a/scripts/security/security-mirror-progress-guard.py
+++ b/scripts/security/security-mirror-progress-guard.py
@@ -203,6 +203,7 @@ def validate(root: Path) -> None:
"s2_49_iwooos_s4_9_owner_response_request_templates",
"s2_50_iwooos_progress_hold_movement_gates",
"s2_51_iwooos_awooop_read_only_landing_readiness",
+ "s2_52_iwooos_awooop_cross_session_handoff_packets",
]
assert_equal(
"progress_delta_ledger.delta_ids",
@@ -969,6 +970,89 @@ def validate(root: Path) -> None:
f"iwooos_projection.awooop_read_only_landing_readiness_items.{item['item_id']}.not_authorization",
item["not_authorization"],
)
+ expected_awooop_cross_session_handoff_packet_ids = [
+ "awooop_handoff_branch_and_pr_anchor",
+ "awooop_handoff_progress_semantics",
+ "awooop_handoff_required_guard_commands",
+ "awooop_handoff_forbidden_runtime_actions",
+ "awooop_handoff_read_only_inputs",
+ "awooop_handoff_next_coordination_gate",
+ ]
+ assert_equal(
+ "iwooos_projection.summary.awooop_cross_session_handoff_packet_count",
+ iwooos_projection["summary"]["awooop_cross_session_handoff_packet_count"],
+ len(expected_awooop_cross_session_handoff_packet_ids),
+ )
+ awooop_cross_session_handoff_packets = iwooos_projection["awooop_cross_session_handoff_packets"]
+ assert_equal(
+ "iwooos_projection.awooop_cross_session_handoff_packets.packet_ids",
+ [item["packet_id"] for item in awooop_cross_session_handoff_packets],
+ expected_awooop_cross_session_handoff_packet_ids,
+ )
+ assert_equal(
+ "iwooos_projection.awooop_cross_session_handoff_packets.display_order",
+ [item["display_order"] for item in awooop_cross_session_handoff_packets],
+ list(range(1, len(expected_awooop_cross_session_handoff_packet_ids) + 1)),
+ )
+ assert_equal(
+ "iwooos_projection.awooop_cross_session_handoff_packets.handoff_axes",
+ [item["handoff_axis"] for item in awooop_cross_session_handoff_packets],
+ [
+ "branch_and_pr_anchor",
+ "progress_semantics",
+ "required_guard_commands",
+ "forbidden_runtime_actions",
+ "read_only_inputs",
+ "next_coordination_gate",
+ ],
+ )
+ assert_equal(
+ "iwooos_projection.awooop_cross_session_handoff_packets.current_states",
+ [item["current_state"] for item in awooop_cross_session_handoff_packets],
+ [
+ "ready_for_parallel_session_sync",
+ "ready_for_parallel_session_sync",
+ "ready_for_parallel_session_sync",
+ "ready_for_parallel_session_sync",
+ "ready_for_parallel_session_sync",
+ "waiting_external_production_evidence",
+ ],
+ )
+ for item in awooop_cross_session_handoff_packets:
+ assert_equal(
+ f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.display_mode",
+ item["display_mode"],
+ "awooop_cross_session_handoff_packet_only",
+ )
+ assert_equal(
+ f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.headline_percent_delta",
+ item["headline_percent_delta"],
+ 0,
+ )
+ assert_false(
+ f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.production_landing_enabled",
+ item["production_landing_enabled"],
+ )
+ assert_false(
+ f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.execution_router_linked",
+ item["execution_router_linked"],
+ )
+ assert_false(
+ f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.progress_change_applied",
+ item["progress_change_applied"],
+ )
+ assert_false(
+ f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.runtime_execution_authorized",
+ item["runtime_execution_authorized"],
+ )
+ assert_false(
+ f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.action_buttons_allowed",
+ item["action_buttons_allowed"],
+ )
+ assert_true(
+ f"iwooos_projection.awooop_cross_session_handoff_packets.{item['packet_id']}.not_authorization",
+ item["not_authorization"],
+ )
expected_progress_hold_movement_gate_ids = [
"progress_hold_owner_response_accepted",
"progress_hold_redacted_payload_ingested",
@@ -4417,6 +4501,7 @@ def validate(root: Path) -> None:
"display_security_posture",
"display_progress_estimate",
"display_awooop_read_only_landing_readiness",
+ "display_awooop_cross_session_handoff_packets",
"display_progress_hold_movement_gates",
"display_progress_acceleration_lanes",
"display_owner_response_next_action_focus",
@@ -4621,6 +4706,13 @@ def validate(root: Path) -> None:
"create_action_button_from_awooop_landing_readiness",
"skip_guard_from_awooop_landing_readiness",
"mark_progress_changed_from_awooop_landing_readiness",
+ "treat_awooop_handoff_as_production_consumption",
+ "merge_from_awooop_handoff",
+ "deploy_from_awooop_handoff",
+ "switch_primary_from_awooop_handoff",
+ "modify_refs_from_awooop_handoff",
+ "skip_guard_from_awooop_handoff",
+ "mark_progress_changed_from_awooop_handoff",
"treat_progress_hold_gate_as_percent_increase",
"increase_headline_without_gate_evidence",
"mark_owner_response_received_from_hold_gate",