{ "schema_version": "agent99_enterprise_ai_automation_work_items_v1", "generated_at": "2026-07-11T20:34:00+08:00", "status": "in_progress_p0_agent99_canonical_completion_callback", "scope_complete": false, "north_star": "Make Windows host 192.168.0.99 the policy-controlled on-prem AI execution node for all hosts, VMs, services, products, sites, tools, packages, alerts and recovery workflows, with external monitoring when host 99 is unavailable.", "canonical_sources": { "human_plan": "docs/workplans/2026-07-10-agent99-enterprise-ai-automation-master-plan.md", "historical_requirement_ledger": "docs/workplans/2026-07-02-commander-inserted-requirements-priority-ledger.md", "agent99_sop": "AGENT99-AI-WORKSTATION-SOP.md", "reboot_sop": "HOST-REBOOT-AI-AUTOMATION-SOP.md", "cold_start_baseline": "ops/reboot-recovery/full-stack-cold-start-baseline.yml", "backup_baseline": "ops/reboot-recovery/full-stack-backup-baseline.yml", "product_repo_inventory": "docs/operations/gitea-all-product-dev-prod-repo-readback.snapshot.json", "runtime_enterprise_work_items_readback": "https://awoooi.wooo.work/api/v1/agents/agent99-enterprise-ai-automation-work-items", "runtime_priority_readback": "https://awoooi.wooo.work/api/v1/agents/awoooi-priority-work-order-readback", "runtime_reboot_slo_readback": "https://awoooi.wooo.work/api/v1/agents/reboot-auto-recovery-slo-scorecard" }, "current_p0": { "id": "AG99-P0-006", "title": "Agent99 canonical completion callback and cross-system incident closure", "reason": "P0-001 is now runtime-verified on Windows 99: required evidence is fresh, parseable and content-healthy; a production-principal Recover passed all seven phases and produced a real Telegram visual receipt. The next missing link is canonical Agent99-to-AWOOOI/AwoooP/IWOOOS writeback, because Telegram delivery alone is not a durable incident closure.", "implementation_status": "commit_d140e35d3_windows_validate_only_green_production_route_404_and_principal_token_provisioning_pending", "next_action": "Wait for the coordinated single-writer slot, rebase d140e35d3 onto latest Gitea main, deploy the API through Gitea CD, provision or verify callback authentication without exposing the token, then deploy the Windows client and replay one same-trace SRE alert." }, "current_runtime_truth": { "observed_at": "2026-07-11T20:25:26+08:00", "awoooi_health_http_status": 200, "awoooi_health_state": "recovered_late_currently_healthy", "awoooi_runtime_build_commit_sha": "4a4b95e5135e8cf71d807a54700a962f5490088f", "gitea_main_observed_sha": "f102616f0", "gitea_main_deployed_source_sha": "4a4b95e5135e8cf71d807a54700a962f5490088f", "runtime_work_items_generated_at": "2026-07-10T19:40:00+08:00", "windows99_agent99_manifest_observed_at": "2026-07-11T20:20:51+08:00", "windows99_agent99_source_revision": "06509e071c8b7c538feb112e4e4774ee22abf7d1", "windows99_agent99_runtime_matched": true, "windows99_agent99_runtime_file_count": 14, "windows99_agent99_runtime_mismatch_count": 0, "windows99_agent99_healthy_task_count": 9, "windows99_agent99_required_task_count": 9, "windows99_agent99_relay_listener_count": 1, "windows99_agent99_alert_incoming_count": 0, "windows99_agent99_command_pending_count": 0, "windows99_agent99_live_preflight_green": true, "windows99_agent99_required_evidence_fresh_count": 7, "windows99_agent99_required_evidence_usable_count": 7, "windows99_agent99_required_evidence_parse_failure_count": 0, "windows99_agent99_required_evidence_content_failure_count": 0, "windows99_agent99_recovery_run_id": "agent99-recovery-20260711-202159-3404b5b3", "windows99_agent99_recovery_completed": true, "windows99_agent99_recovery_elapsed_seconds": 42.9, "windows99_agent99_recovery_phase_count": 7, "windows99_agent99_recovery_telegram_sent": true, "windows99_agent99_recovery_visual_sent": true, "agent99_completion_callback_runtime_status": "source_validated_production_route_404_windows_client_not_promoted_callback_auth_principal_scope_pending", "agent99_completion_callback_source_commit": "d140e35d3", "agent99_completion_callback_focused_tests_passed": 40, "agent99_completion_callback_windows_validate_only_ok": true, "agent99_completion_callback_windows_validate_only_evidence": "C:\\Wooo\\Agent99\\evidence\\agent99-deploy-20260711-204625.json", "agent99_completion_callback_production_route_http_status": 404, "agent99_completion_callback_administrator_visible_token_present": false, "agent99_completion_callback_secret_value_read": false, "windows99_agent99_startup_recovery_execution_limit": "PT20M", "windows99_vmware_running_guests": "5/5", "public_surface_matrix": "23/23_http_2xx_or_expected_3xx", "reboot_slo_status": "slo_breached_recovered_late", "reboot_slo_readiness_percent": 89, "reboot_slo_primary_blocker": "all_required_hosts_not_in_10_minute_reboot_window", "reboot_slo_active_blockers": [ "all_required_hosts_not_in_10_minute_reboot_window", "fresh_all_host_reboot_event_missing", "host_boot_observation_older_than_target_window" ], "reboot_program_remaining_gaps": [ "external_l0_outage_supervisor_not_deployed", "windows99_out_of_band_power_control_missing", "external_public_maintenance_origin_not_deployed", "next_full_reboot_600_second_drill_not_yet_passed" ], "reboot_drill_receipt": "docs/operations/agent99-full-host-reboot-drill-20260711.snapshot.json", "claims_forbidden": [ "all_services_recovered_within_10_minutes_for_this_drill", "future_full_reboots_are_proven_within_10_minutes", "all_products_are_latest", "agent99_is_a_complete_ai_agent", "http_200_means_full_stack_healthy", "command_exit_zero_means_incident_resolved" ] }, "coverage": { "hosts": [ { "id": "99", "address": "192.168.0.99", "role": "Windows AI execution and VMware control node", "required_surfaces": ["Agent99", "VMware Workstation", "vmrun", "Task Scheduler", "PowerShell", "OpenSSH", "Windows Update policy", "desktop control center"] }, { "id": "110", "address": "192.168.0.110", "role": "DevOps, SCM, registry, observability and backup node", "required_surfaces": ["Gitea", "Gitea Actions runner", "Docker", "Harbor", "Registry", "Prometheus", "Alertmanager", "Sentry", "backup"] }, { "id": "111", "address": "192.168.0.111", "role": "Physical M1 Pro MacBook and Local Ollama node; not a VMware guest", "required_surfaces": ["Darwin boot identity", "uptime", "restricted forced-command readback", "LaunchAgent", "Ollama health"] }, { "id": "112", "address": "192.168.0.112", "role": "Kali and IWOOOS security node", "required_surfaces": ["VM power", "boot identity", "SSH", "security tool health", "IWOOOS evidence collector"] }, { "id": "120", "address": "192.168.0.120", "role": "K3s control plane, VIP and AWOOOI workload node", "required_surfaces": ["K3s", "containerd", "kubectl", "VIP", "AWOOOI deployments", "Velero", "CronJobs"] }, { "id": "121", "address": "192.168.0.121", "role": "K3s peer and DR drill node", "required_surfaces": ["K3s", "containerd", "peer readiness", "workload balance", "Velero restore drill"] }, { "id": "188", "address": "192.168.0.188", "role": "Data, AI, observability and web workload node", "required_surfaces": ["PostgreSQL", "Redis", "MOMO", "Nginx", "OpenClaw", "Ollama", "SignOz", "Langfuse", "AI providers", "backup"] } ], "products": [ {"id": "awoooi", "gitea_repo": "wooo/awoooi"}, {"id": "ewoooc", "gitea_repo": "wooo/ewoooc"}, {"id": "2026fifa", "gitea_repo": "wooo/2026FIFAWorldCup"}, {"id": "agent-bounty-protocol", "gitea_repo": "wooo/agent-bounty-protocol"}, {"id": "awooogo", "gitea_repo": "wooo/AwoooGo"}, {"id": "stockplatform-v2", "gitea_repo": "wooo/stockplatform-v2"}, {"id": "vibework", "gitea_repo": "wooo/vibework"}, {"id": "momo-pro-system", "gitea_repo": "wooo/momo-pro-system"}, {"id": "tsenyang-website", "gitea_repo": "wooo/tsenyang-website"}, {"id": "vtuber", "gitea_repo": "wooo/vtuber"}, {"id": "bitan-pharmacy", "gitea_repo": "wooo/bitan-pharmacy"}, {"id": "clawbot-openclaw", "gitea_repo": "wooo/clawbot-v5"} ], "platform_planes": ["AWOOOI", "AwoooP", "IWOOOS", "AISOC", "AgentOps", "OpenClaw", "KM", "RAG", "MCP", "PlayBook"], "public_surfaces": [ {"id": "awoooi-api", "url": "https://awoooi.wooo.work/api/v1/health", "owner": "awoooi"}, {"id": "awoooi-web", "url": "https://awoooi.wooo.work/", "owner": "awoooi"}, {"id": "iwooos", "url": "https://awoooi.wooo.work/zh-TW/iwooos", "owner": "awoooi"}, {"id": "vibework", "url": "https://vibework.wooo.work/", "owner": "vibework"}, {"id": "awooogo", "url": "https://awooogo.wooo.work/", "owner": "awooogo"}, {"id": "2026fifa", "url": "https://2026fifa.wooo.work/", "owner": "2026fifa"}, {"id": "agent", "url": "https://agent.wooo.work/", "owner": "ownership_contract_pending"}, {"id": "momo", "url": "https://mo.wooo.work/", "owner": "momo-pro-system"}, {"id": "momo-health", "url": "https://mo.wooo.work/health", "owner": "momo-pro-system"}, {"id": "stock", "url": "https://stock.wooo.work/", "owner": "stockplatform-v2"}, {"id": "stock-health", "url": "https://stock.wooo.work/healthz", "owner": "stockplatform-v2"}, {"id": "stock-api", "url": "https://stock.wooo.work/api/healthz", "owner": "stockplatform-v2"}, {"id": "bitan", "url": "https://bitan.wooo.work/", "owner": "bitan-pharmacy"}, {"id": "tsenyang", "url": "https://tsenyang.com/", "owner": "tsenyang-website"}, {"id": "tsenyang-www", "url": "https://www.tsenyang.com/", "owner": "tsenyang-website"}, {"id": "vtuber", "url": "https://vtuber.wooo.work/", "owner": "vtuber"}, {"id": "gitea", "url": "https://gitea.wooo.work/", "owner": "platform-110"}, {"id": "harbor", "url": "https://harbor.wooo.work/", "owner": "platform-110"}, {"id": "registry", "url": "https://registry.wooo.work/", "owner": "platform-110"}, {"id": "sentry", "url": "https://sentry.wooo.work/", "owner": "platform-observability"}, {"id": "signoz", "url": "https://signoz.wooo.work/", "owner": "platform-observability"}, {"id": "langfuse", "url": "https://langfuse.wooo.work/", "owner": "platform-ai"}, {"id": "aiops", "url": "https://aiops.wooo.work/", "owner": "ownership_contract_pending"} ], "service_domains": [ "windows_and_vmware", "network_and_dns", "linux_systemd_and_schedulers", "docker_containerd_and_k3s", "gitea_runner_harbor_registry_and_cd", "postgresql_redis_and_object_data", "nginx_tls_edge_and_maintenance", "prometheus_alertmanager_sentry_signoz_langfuse_and_wazuh", "openclaw_hermes_nemotron_elephantalpha_ollama_litellm_and_models", "backup_restic_rclone_velero_offsite_integrity_and_restore", "km_rag_mcp_playbook_and_agentops", "telegram_sre_and_operator_command_surfaces" ], "package_domains": [ "windows_updates_and_drivers", "linux_os_packages_and_kernels", "container_images_and_digests", "python_node_and_application_dependencies", "vmware_tools_and_guest_agents", "ai_models_adapters_and_provider_clients", "security_rules_signatures_and_sbom" ] }, "control_plane": [ {"node": "external_watcher_edge", "responsibility": "Detect host 99 or all-site outage outside the LAN, preserve the incident durably, invoke allowlisted out-of-band power and maintenance callbacks, then enqueue Agent99 Recover when 99 returns."}, {"node": "awoooi", "responsibility": "Canonical events, incidents, fingerprints, recurrence, product and SLO read models."}, {"node": "awooop", "responsibility": "Work Items, Runs, approvals, candidates, rollback, verifier and asset ledger."}, {"node": "iwooos_aisoc", "responsibility": "Security evidence, policy, investigation and controlled response."}, {"node": "agent99", "responsibility": "Evidence collection, planning, policy-bound execution, verification and callbacks for Windows, VMs, hosts, services and sites."}, {"node": "km_rag_mcp_playbook", "responsibility": "Replayable evidence, knowledge, tools, trusted remediation and learning."}, {"node": "telegram_sre", "responsibility": "Human-readable command and incident summary surface, never the only database or an arbitrary shell."} ], "automation_flow": [ "sense", "normalize", "group_and_dedupe", "collect_evidence", "plan", "policy_decision", "controlled_execute", "mode_specific_verify", "callback_and_notify", "learn_and_prevent_recurrence" ], "outcome_contract": { "states": ["received", "diagnosing", "candidate_ready", "executing", "verifying", "resolved", "degraded", "blocked", "failed"], "resolved_requires": ["verifier_passed", "source_event_resolved", "evidence_ref", "verified_at", "callback_written"], "exit_code_zero_semantics": "command_transport_completed_only", "observation_window_required_after_resolved": true }, "professional_controls": [ "external_failure_domain_monitoring", "zero_trust_authenticated_ingress", "event_sourcing_and_idempotency", "single_flight_and_concurrency_locks", "dependency_dag_and_recovery_state_machine", "mode_specific_verifiers", "progressive_remediation_and_canary", "circuit_breakers_timeouts_and_real_rollback", "immutable_redacted_evidence", "source_cd_runtime_and_data_freshness_provenance", "slo_error_budget_mtta_mttr_and_recurrence", "playbook_replay_shadow_canary_and_trust_promotion", "sbom_cve_eol_package_and_model_drift", "backup_integrity_offsite_and_restore_drills", "human_readable_traditional_chinese_incident_cards" ], "hard_boundaries": [ "secret_token_private_key_cookie_session_or_authorization_header_plaintext_access_or_exfiltration", "drop_truncate_destructive_migration_restore_prune_or_remote_delete", "host_reboot_vm_power_change_node_drain_or_irreversible_firewall_cutover", "credentialed_exploit_or_external_attack_scan", "paid_provider_cost_change_or_production_provider_route_switch", "unvalidated_openclaw_core_replacement", "force_push_repo_ref_visibility_or_source_history_destruction", "raw_runtime_secret_volume_session_sqlite_or_auth_database_access" ], "shared_acceptance_contract": [ "target_selector_present", "source_of_truth_diff_present", "before_evidence_present", "check_mode_or_dry_run_present", "rollback_present", "mode_specific_post_verifier_present", "timeout_and_single_flight_present", "callback_and_human_readable_notification_present", "km_rag_playbook_and_recurrence_writeback_present" ], "promotion_contract": { "applies_before_states": ["candidate_ready", "in_progress", "executing"], "required_item_fields": [ "id", "order", "priority", "status", "title", "owner_lane", "dependencies", "scope_refs", "problem", "trigger", "ai_role", "action_mode", "evidence_sources", "controlled_actions", "prohibited_actions", "rollback", "verifier", "callback", "acceptance", "next_action" ] }, "work_items": [ { "id": "AG99-P0-001", "order": 1, "priority": "P0", "status": "complete", "title": "Agent outcome truth, source-runtime reconciliation and false-green prevention", "owner_lane": "agent99_control_plane", "dependencies": [], "scope_refs": ["host:99", "platform:Agent99", "platform:AWOOOI", "platform:AwoooP"], "problem": "Command exit success can be counted as resolved, deployed Windows scripts can drift from source, and evidence freshness can be reported green even when the safe summary cannot be parsed.", "trigger": "Any Agent99 command completion or source/runtime manifest mismatch.", "ai_role": "Outcome evaluator and runtime provenance verifier", "action_mode": "controlled_apply", "evidence_sources": ["Agent99 event store", "mode evidence JSON", "source file hashes", "host 99 runtime file hashes", "AWOOOI incident state"], "controlled_actions": ["replace outcome mapping", "add verifier contract", "deploy signed script set", "write runtime manifest"], "prohibited_actions": ["mark resolved from exit code alone", "read secrets", "reboot host 99"], "rollback": "Restore previous signed Agent99 script set and keep incidents degraded rather than resolved.", "verifier": "For every mode, require post-condition pass plus source event resolution; compare source and runtime manifest hashes.", "callback": "Write final outcome to AWOOOI incident and AwoooP Run/Verifier using the same trace id.", "acceptance": "No false-resolved regression cases; source/runtime drift count is zero; unresolved evidence stays degraded or blocked.", "completion_receipt": { "source_revision": "06509e071c8b7c538feb112e4e4774ee22abf7d1", "runtime_manifest_matched": true, "runtime_manifest_file_count": 14, "runtime_manifest_mismatch_count": 0, "self_health_runtime_manifest_severity": "ok", "outcome_self_test_ok": true, "operator_replay_state": "resolved", "operator_replay_verified_resolved": 1, "alert_replay_state": "verifying", "alert_replay_verified_resolved": 0, "alert_replay_source_event_resolved": false, "telegram_sent_count": 1, "telegram_visual_sent_count": 1, "required_evidence_usable_count": 7, "required_evidence_parse_failure_count": 0, "required_evidence_content_failure_count": 0, "recovery_run_id": "agent99-recovery-20260711-202159-3404b5b3", "recovery_completed": true, "recovery_elapsed_seconds": 42.9, "recovery_phase_count": 7, "rollback": "C:\\Wooo\\Agent99\\deploy\\backup-20260711-202021", "evidence": [ "C:\\Wooo\\Agent99\\evidence\\agent99-OutcomeContractSelfTest-20260710-161302.json", "C:\\Wooo\\Agent99\\evidence\\agent99-SelfCheck-20260710-161350.json", "C:\\Wooo\\Agent99\\queue\\processed\\processed-p0-001-operator-verifier-20260710-1615.json", "C:\\Wooo\\Agent99\\queue\\processed\\processed-p0-001-alert-verifier-20260710-1615.json", "C:\\Wooo\\Agent99\\evidence\\agent99-ControlTick-20260710-161919.json", "C:\\Wooo\\Agent99\\evidence\\agent99-deploy-20260711-202021.json", "C:\\Wooo\\Agent99\\evidence\\agent99-Recover-20260711-202159.json", "C:\\Wooo\\Agent99\\evidence\\telegram-cards\\agent99-card-recovery_slo_result-20260711-202159.png" ] }, "regression_reopened_at": "2026-07-11T20:02:00+08:00", "regression_evidence": ["Windows 99 live preflight returned green while latest SreAlertInbox and TelegramInbox safe summaries reported RuntimeException", "latest production-principal Recover was verifier-green but telegramAttemptCount=0", "dedupe suppression returned without a Telegram attempt receipt"], "closed_at": "2026-07-11T20:25:26+08:00", "next_action": "Keep parse/content health and lifecycle notification receipts under regression monitoring; continue with AG99-P0-006." }, { "id": "AG99-P0-002", "order": 2, "priority": "P0", "status": "complete", "title": "Alert taxonomy, routing, grouping and dedupe", "owner_lane": "awoooi_alert_router_agent99_ingress", "dependencies": ["AG99-P0-001"], "scope_refs": ["all:alerts", "platform:AWOOOI", "host:99", "surface:Telegram"], "problem": "Source text can contaminate routing, actionable Telegram cards can bypass Agent99, transport responses can be mistaken for accepted work, and wrong modes or duplicate incidents can result.", "trigger": "Any normalized Alertmanager event, AI automation card, ACTION REQUIRED incident card, or failed AWOOOI CI/CD card entering the AWOOOI-to-Agent99 bridge.", "ai_role": "Normalized incident classifier", "action_mode": "controlled_apply", "evidence_sources": ["Alertmanager payload", "Telegram outbound source envelope", "relay acceptance receipt", "suggestedMode", "event kind", "fingerprint", "five-minute grouping window"], "controlled_actions": ["prioritize explicit kind and suggested mode", "group before bridge", "single-flight by incident fingerprint", "mirror actionable cards", "retain sanitized dispatch receipt", "propagate source-event resolution policy"], "prohibited_actions": ["route from source name alone", "emit duplicate same-state incidents"], "rollback": "Restore previous router while keeping dedupe store and queued events intact.", "verifier": "Replay exact Alertmanager and Telegram card corpus; assert one active incident, expected mode, accepted relay receipt, runtime evidence and legal source-event closure per fingerprint.", "callback": "Publish normalized route decision and dedupe reason to AWOOOI and AwoooP.", "acceptance": "Known ACTION REQUIRED cold-start, CI/CD failure, backup, provider, reboot, PostgreSQL, host and K3s samples route to the correct lane with no duplicate same-state dispatch; every accepted dispatch has a durable receipt and runtime verifier outcome.", "completion_percent": 100, "completion_dimensions": { "source_contract_percent": 100, "test_contract_percent": 100, "gitea_cd_percent": 100, "windows99_runtime_percent": 100, "live_replay_percent": 100 }, "implementation_progress": "Dispatcher, receipt, taxonomy and resolution-policy contracts are deployed on Windows 99 at sourceRevision 34e32f6ed6f29952181cd7aa43ca19210d25339b; runtime manifest is 14/14 matched and live ingress queues are clear.", "evidence_refs": ["131 focused tests passed after Gitea main rebase", "276 expanded all-Telegram and Agent99/RepairCandidate tests passed after Telegram single-owner integration", "repository static governance suite passed", "synthetic relay HTTP 202 ok=true inboxTriggered=true", "Windows 99 runtime manifest 34e32f6ed6f29952181cd7aa43ca19210d25339b is 14/14 matched", "Windows 99 live preflight has 9/9 tasks healthy, relay listener 1, incoming 0 and command pending 0"], "next_action": "Keep the deployed dispatcher under recurrence monitoring; remediation depth now continues under AG99-P0-007, P0-003, P0-004, P0-005 and P0-006 rather than reopening routing." }, { "id": "AG99-P0-003", "order": 3, "priority": "P0", "status": "planned", "title": "Authenticated and policy-preserving Agent99 ingress", "owner_lane": "agent99_security", "dependencies": ["AG99-P0-002"], "scope_refs": ["host:99", "surface:Telegram", "surface:LAN relay", "platform:IWOOOS"], "problem": "Relay authentication is optional, the LAN is broadly trusted, producer repair policy can be overwritten and Telegram lacks a sender allowlist.", "trigger": "Any LAN relay, Telegram command or monitoring-event ingress request.", "ai_role": "Zero-trust command gate", "action_mode": "controlled_apply", "evidence_sources": ["relay auth metadata", "Telegram chat and sender metadata", "request policy", "idempotency key"], "controlled_actions": ["require relay token presence without exposing it", "enforce chat and sender allowlists", "preserve producer auto-repair policy", "single consumer lease"], "prohibited_actions": ["accept unauthenticated LAN writes", "log token or raw chat id", "force controlled apply at producer"], "rollback": "Disable remote ingress and retain local signed queue until authentication is healthy.", "verifier": "Negative auth tests, replay protection, allowlist tests and policy preservation tests.", "callback": "Record accepted or rejected ingress receipt without secret values.", "acceptance": "Unauthenticated, replayed or unauthorized requests are rejected; authorized requests preserve source policy and trace identity.", "next_action": "Make relay authentication mandatory and add Telegram sender authorization." }, { "id": "AG99-P0-004", "order": 4, "priority": "P0", "status": "planned", "title": "EvidenceCollect, MCP and RepairCandidate lanes", "owner_lane": "agent99_investigator_awooop_candidate", "dependencies": ["AG99-P0-001", "AG99-P0-002", "AG99-P0-003"], "scope_refs": ["all:incidents", "platform:MCP", "platform:AwoooP"], "problem": "Events with missing evidence are sent to unrelated fixed modes and repair candidates are not materialized or traceable.", "trigger": "An actionable incident lacks a trusted PlayBook, complete evidence or a safe executable candidate.", "ai_role": "Evidence investigator and controlled remediation planner", "action_mode": "observe_then_controlled_apply", "evidence_sources": ["metrics", "logs", "runtime state", "recent changes", "source and deploy provenance", "MCP references"], "controlled_actions": ["collect redacted evidence", "create candidate", "attach repair rollback and verifier", "queue owner review when required"], "prohibited_actions": ["execute generic fallback repair", "invent missing evidence", "switch provider"], "rollback": "Expire the candidate without runtime action and preserve the evidence packet.", "verifier": "Incident-to-candidate trace and required-field completeness checker.", "callback": "Create or update AwoooP Work Item and AWOOOI incident candidate status.", "acceptance": "Every actionable missing-evidence incident has a candidate or an explicit blocked reason, not a false resolved result.", "next_action": "Add first-class EvidenceCollect and RepairCandidate modes and state directories." }, { "id": "AG99-P0-005", "order": 5, "priority": "P0", "status": "planned", "title": "Mode-specific verifiers, rollback, cooldown and circuit breakers", "owner_lane": "agent99_remediation_runtime", "dependencies": ["AG99-P0-004"], "scope_refs": ["all:remediation_modes"], "problem": "Generic execution success and permissive verifier logic can write cooldown markers after failed repairs; rollback is often only recorded.", "trigger": "Any remediation mode reaches execution, verification, rollback or cooldown evaluation.", "ai_role": "Remediation executor and post-condition verifier", "action_mode": "controlled_apply", "evidence_sources": ["before state", "command receipt", "post state", "source alert", "observation window"], "controlled_actions": ["run allowlisted repair", "perform actual rollback", "open circuit on repeated failures", "write cooldown only after verified success"], "prohibited_actions": ["generic stateful restart", "cooldown on failed verify", "delete healthy pods"], "rollback": "Mode-specific executable rollback with its own verifier.", "verifier": "Recover, Perf, LoadShed, Harbor, AWOOOI, backup and provider modes each define independent post-conditions.", "callback": "Report execution and verification separately to AWOOOI and AwoooP.", "acceptance": "Failure, rollback and resolved states are distinguishable and regression-tested for every executable mode.", "next_action": "Replace OR-based load-shed success and add verifier interfaces per mode." }, { "id": "AG99-P0-006", "order": 6, "priority": "P0", "status": "in_progress", "title": "Agent99 completion callback and incident closure", "owner_lane": "agent99_awoooi_awooop_integration", "dependencies": ["AG99-P0-001", "AG99-P0-002"], "scope_refs": ["platform:AWOOOI", "platform:AwoooP", "platform:IWOOOS", "surface:Telegram"], "problem": "AWOOOI-to-Agent99 dispatch is not matched by a canonical Agent99-to-AWOOOI completion path.", "trigger": "Any Agent99 run changes state or produces a verifier result.", "ai_role": "Cross-system incident closer", "action_mode": "controlled_apply", "evidence_sources": ["incident id", "run id", "work item id", "verifier receipt", "recurrence state"], "controlled_actions": ["write signed callback", "update Run and Work Item", "render human notification", "reopen on recurrence"], "prohibited_actions": ["close by Telegram send success", "create unrelated incident ids"], "rollback": "Queue callback retry idempotently without repeating the repair.", "verifier": "Read back identical trace, final state and verifier evidence from AWOOOI and AwoooP.", "callback": "This work item creates the canonical callback contract.", "acceptance": "One trace is visible from alert receipt through final verifier, notification and recurrence counters.", "implementation_progress": "Recover lifecycle visibility is runtime verified on Windows 99. Commit d140e35d3 adds an authenticated callback endpoint, idempotent AWOOOI operation receipts, an AwoooP completed shadow run, durable DB readback, bounded Agent99 pending retries and no-secret payload validation. Focused callback/recovery tests pass 40/40 and Windows ValidateOnly passed parse/contract/synthetic/14-file staging. Production route is still HTTP 404 and the callback token is not visible to the Administrator/Machine scope, so API CD, production-principal auth verification and one live same-trace replay remain open.", "evidence_refs": ["commit d140e35d3", "40 focused tests passed", "ruff and JSON/diff checks passed", "C:\\Wooo\\Agent99\\evidence\\agent99-deploy-20260711-204625.json ValidateOnly ok", "production callback route HTTP 404", "Administrator/Machine scope token presence 0 with SECRET_VALUE_READ=0"], "next_action": "Wait for the coordinated single-writer slot, rebase and deploy the API through Gitea CD, verify or provision callback authentication under the production principal without exposing values, deploy the Windows client, then replay one SRE alert and verify AWOOOI/AwoooP/IWOOOS plus Telegram receipts share the same trace." }, { "id": "AG99-P0-007", "order": 7, "priority": "P0", "status": "in_progress", "title": "All-host ten-minute reboot recovery state machine", "owner_lane": "reboot_auto_recovery", "dependencies": ["AG99-P0-001", "AG99-P0-005", "AG99-P0-006"], "scope_refs": ["host:99", "host:110", "host:111", "host:112", "host:120", "host:121", "host:188", "all:public_surfaces"], "problem": "The real drill breached the ten-minute SLO and later recovered. Host 99 actually booted before the deadline, but observer TCP logic produced false host-down samples, Agent99 was terminated by its PT10M task limit, the boot event was consumed before terminal recovery, VMware startup was delayed and PostgreSQL/K3s dependencies recovered late. L1/L2 are now integrated; L0 and a passing 600-second drill remain open.", "trigger": "Fresh boot identity, host down/up transition, Windows startup task or all-host reboot correlation.", "ai_role": "Dependency-aware reboot recovery orchestrator", "action_mode": "controlled_apply", "evidence_sources": ["off-LAN public probes", "out-of-band power receipt", "boot id", "uptime", "VM power", "SSH", "exporters", "service DAG", "public and data freshness", "110 full-SOP artifact", "backup readback", "edge fallback", "host-188 hygiene", "Windows 99 runtime manifest"], "controlled_actions": ["detect outage outside the LAN", "invoke allowlisted out-of-band power restoration", "activate external maintenance origin", "detect reboot epoch", "enqueue Agent99 Recover after 99 returns", "start dependency phases", "correlate the latest 110 full-SOP artifact", "retry bounded stateless recovery", "fail closed without fresh reboot scorecard", "emit ETA and blockers"], "prohibited_actions": ["blind host reboot", "declare green from route 200", "skip data and backup checks"], "rollback": "Stop at last verified phase, activate maintenance state and preserve dependent workloads.", "verifier": "Measure off-LAN detection time, host-99 power-on receipt, first availability and full green time; require seven host rows, service/data/backup, host-188 hygiene, external maintenance lifecycle, VMware/update policy, fresh artifact, fresh reboot window, zero active blockers and can_claim_slo=true.", "callback": "Write reboot incident phase and SLO result to AWOOOI, AwoooP and Telegram.", "acceptance": "A fresh all-host reboot drill is detected and all required gates recover within 600 seconds or report a precise blocker and ETA.", "implementation_progress": "Agent99 runtime revision 442b319bb80e009291ced7afa4f704cbe3b64886 is live with 14/14 matched files, nine tasks, PT20M Startup-Recovery and durable pending reboot state. Principal-aware VMware evidence and scorecard parsing are live. Production-principal Recover completed service recovery in 10.3 seconds with the full-SOP coordinator verified and rebootSloClaimed=false. Seven hosts and 23/23 public surfaces are currently green; the original T+10 breach remains and external L0/OOB/maintenance plus a passing repeat drill are still required.", "evidence_refs": ["Windows deployment C:\\Wooo\\Agent99\\evidence\\agent99-deploy-20260711-173023.json", "Windows production-principal Recover C:\\Wooo\\Agent99\\evidence\\agent99-Recover-20260711-173543.json", "Windows VMware controlled apply C:\\Wooo\\Agent99\\evidence\\windows99-vmware-autostart-apply-20260711-173505.json", "source commits 0a4ddb133, 442b319bb and 801a50b01", "reboot-recovery suite 141 passed", "/home/wooo/reboot-recovery/reboot-auto-recovery-slo-20260711-172623", "docs/operations/agent99-full-host-reboot-drill-20260711.snapshot.json", "/tmp/awoooi-full-host-reboot-drill/agent99-20260711-observer-fixed"], "next_action": "Deploy external L0 outside the local failure domain with OOB power, maintenance and Agent99 resume callbacks, then run one incident-correlated reboot drill and require L0, L1 and L2 to close with zero blockers within 600 seconds." }, { "id": "AG99-P0-008", "order": 8, "priority": "P0", "status": "in_progress", "title": "Windows 99 VMware autostart, VMX, 112 guest readiness, lock and update policy", "owner_lane": "windows99_vmware", "dependencies": ["AG99-P0-003", "AG99-P0-005"], "scope_refs": ["host:99", "host:110", "host:111", "host:112", "host:120", "host:121", "host:188"], "problem": "The drill showed an 18-minute-45-second delay between Windows boot and the VMware autostart task, a principal visibility mismatch for the Kali VM and two later VIX SoftReboot actions without an attributable trace. The 2026-07-11 follow-up proved that VMX, Ping, SSH and node-exporter were insufficient for host 112: Kali booted to multi-user.target without LightDM, Wazuh Indexer timed out during boot, and the Administrator VMware UI falsely displayed Powered off while a SYSTEM-owned VMX process was running.", "trigger": "Windows startup, VMware exclusive-lock error, guest power mismatch, VMX drift or Windows Update policy drift.", "ai_role": "Windows and VMware control agent", "action_mode": "check_mode_then_controlled_apply", "evidence_sources": ["VMX inventory and process principal", "vmrun list", "guest boot identity and uptime", "112 forced-command readiness", "graphical target and LightDM", "VMware Tools", "Wazuh services", "scheduled tasks", "lock owners", "Windows Update policy"], "controlled_actions": ["repair stale lock after owner proof", "configure autostart order", "verify guest tools and network", "start host 112 graphical target, LightDM and VMware Tools", "retry Wazuh Indexer after boot with cooldown", "apply reversible update policy"], "prohibited_actions": ["delete unknown lock", "guess VMX path", "power off VM", "reset stop or suspend a VM without trace and verifier", "reboot Windows without break-glass"], "rollback": "Restore previous task, service and policy exports; keep guest power unchanged during check mode.", "verifier": "All required VMX paths exist; guests report running and reachable; host 112 returns systemd running, graphical target, LightDM, Xorg, VMware Tools, Wazuh stack and recovery timer green through a forced-command readback; tasks survive reboot; update policy drift is zero.", "callback": "Update reboot SLO VMware and Windows policy gates.", "acceptance": "99 startup automatically launches VMware guests 110/188/112/120/121 in order; physical host 111 is verified separately; 112 must pass Console-ready and Wazuh service gates rather than only Ping or SSH; no exclusive-lock failure occurs; Windows Update cannot surprise-reboot the host.", "implementation_progress": "The controlled VMware apply remains green with five running VMX processes. The 112 follow-up restored graphical.target, LightDM and Wazuh Indexer, deployed a bounded guest recovery timer, restricted 110 forced-command readback, exact-command sudo executor and durable rollback installer. The 110 scorecard reads systemd running plus Console/Wazuh/timer/guest 1/1/1/1, all five host112 Prometheus gauges are 1, host112 blockers are zero, both dedicated alert rules are healthy/inactive, and Windows99 records the SYSTEM session VMX as runtime_running_gui_session_isolated. Agent99 revision d0e364bfa42947190cf1e88d1d85623e23f84858 is live with 14/14 manifest parity; production-principal Recover includes host112_guest_readiness, verified ready before and after without unnecessary apply, completed all seven phases in 44.6 seconds, and correctly did not claim a fresh reboot SLO. SRE routing is 17/17 and Telegram ingest is 16/16 in no-send validation. Agent99 tests pass 49/49 and reboot-recovery tests pass 142/142.", "evidence_refs": ["C:\\Wooo\\Agent99\\evidence\\windows99-vmware-autostart-apply-20260711-173505.json", "C:\\Wooo\\Agent99\\deploy\\vmware-autostart-backup-20260711-173505", "C:\\Wooo\\Agent99\\evidence\\agent99-deploy-20260711-200939.json", "C:\\Wooo\\Agent99\\evidence\\agent99-Recover-20260711-200320.json", "/home/wooo/reboot-recovery/reboot-auto-recovery-slo-20260711-200338", "/var/lib/awoooi-host112-recovery/backups/host112-guest-recovery-20260711T195449+0800-43505", "/home/wooo/monitoring/alerts-unified.canonical.yml.host112-v2.bak.20260711200617", "docs/operations/host112-guest-recovery-20260711.snapshot.json", "Agent99 suite 49 passed", "reboot-recovery suite 142 passed"], "next_action": "Keep guest power unchanged and retain the closed host112 controlled-recovery route. The remaining program verifier is one fresh all-host 600-second drill; the separate VMware UI must also stop presenting the SYSTEM-owned running VMX as an actionable powered-off state." }, { "id": "AG99-P0-009", "order": 9, "priority": "P0", "status": "in_progress", "title": "External outage watcher and maintenance failover", "owner_lane": "edge_external_observability", "dependencies": ["AG99-P0-002", "AG99-P0-006"], "scope_refs": ["host:99", "all:hosts", "all:public_surfaces"], "problem": "The real drill proved the external lane is absent: the local edge and product origins failed together, no external Agent received the outage, no verified out-of-band power callback existed and several public products exposed raw failure instead of an external maintenance origin. Host 99 later returned, but that does not close the off-LAN dependency.", "trigger": "External synthetic failure, local recovery incident or raw public 5xx threshold breach.", "ai_role": "External availability observer and maintenance-state controller", "action_mode": "controlled_apply", "evidence_sources": ["external synthetic probes", "edge health", "maintenance headers", "local recovery state"], "controlled_actions": ["send down and up incidents", "activate pre-provisioned maintenance origin", "withdraw fallback after verifier"], "prohibited_actions": ["daily DNS mutation", "hide partial outage", "depend on 99 for all-host-down detection"], "rollback": "Restore previous edge origin and keep status page incident open until public verifier passes.", "verifier": "External probe sees maintenance content instead of raw 502 during outage and normal routes after recovery.", "callback": "Correlate external outage with reboot incident and Telegram lifecycle card.", "acceptance": "Down, recovering and recovered remain observable outside the LAN, and public users never receive unmanaged 502 for a known full-stack recovery.", "implementation_progress": "The local 188 edge helper was green before reboot but is in the same failure domain. A repo-owned off-LAN supervisor state machine, callback allowlist contract, systemd unit/timer and synthetic transition tests are now source-ready; no external runtime host, power callback or maintenance callback is deployed yet.", "evidence_refs": ["docs/operations/agent99-full-host-reboot-drill-20260711.snapshot.json", "scripts/reboot-recovery/external-l0-recovery-supervisor.py", "ops/reboot-recovery/external-l0-recovery-supervisor.example.json"], "next_action": "Deploy the supervisor to an authorized off-LAN host, bind host-local Telegram, maintenance, OOB power and Agent99 resume wrappers, then verify down, recovering and recovered callbacks with the same incident id." }, { "id": "AG99-P0-010", "order": 10, "priority": "P0", "status": "in_progress", "title": "All-product version and data freshness matrix", "owner_lane": "product_runtime_governance", "dependencies": ["AG99-P0-006"], "scope_refs": ["all:products", "all:public_surfaces", "all:data_sources"], "problem": "Repository presence and HTTP 200 do not prove that every product runtime and dataset is current.", "trigger": "Source change, CD completion, scheduled freshness audit or product stale/degraded alert.", "ai_role": "Release and freshness auditor", "action_mode": "observe_then_controlled_apply", "evidence_sources": ["Gitea main and dev SHA", "Gitea CD run", "deploy marker", "runtime image digest", "public smoke", "data last seen"], "controlled_actions": ["flag drift", "queue product-specific deploy candidate", "rerun freshness ingestion verifier"], "prohibited_actions": ["claim latest from repo alone", "force deploy without product verifier", "switch paid provider"], "rollback": "Use product-specific previous image or release marker and rerun functional/data verifiers.", "verifier": "One row per product and route with source, CD, runtime, HTTP, feature and data-freshness evidence in the same window.", "callback": "Project matrix status to AWOOOI product governance and AwoooP Work Items.", "acceptance": "All 12 product rows and all public surfaces are either verified current or explicitly degraded with owner and next action.", "next_action": "Generate a fresh matrix and close route ownership_contract_pending rows." }, { "id": "AG99-P0-011", "order": 11, "priority": "P0", "status": "planned", "title": "Global log registry, anomaly analysis and correlation", "owner_lane": "aiops_log_intelligence", "dependencies": ["AG99-P0-002", "AG99-P0-004"], "scope_refs": ["all:hosts", "all:products", "all:sites", "all:services", "all:tools", "all:packages"], "problem": "Logs are distributed and noisy; Agent99 lacks a complete freshness-aware source registry and cross-signal causal correlation.", "trigger": "New log source registration, source freshness breach or incident evidence collection.", "ai_role": "Log analyst and root-cause correlator", "action_mode": "observe_then_controlled_apply", "evidence_sources": ["redacted log metadata", "metrics", "traces", "deploy events", "backup events", "host events"], "controlled_actions": ["tag and cluster", "identify primary and secondary signals", "create evidence packet", "route to playbook"], "prohibited_actions": ["ingest secrets", "read raw sessions or SQLite", "auto-execute from untrusted log text"], "rollback": "Disable faulty adapter or model route while retaining raw-source pointers and normalized receipts.", "verifier": "Coverage, freshness, redaction, cluster precision and incident linkage readback.", "callback": "Write cluster, root-cause confidence and evidence refs to incident and KM/RAG.", "acceptance": "Every registered domain has owner, adapter, freshness and redaction status; primary issue and noise are distinguishable.", "next_action": "Build metadata-only registry and first adapters for Telegram, reboot, CPU, backup and provider freshness." }, { "id": "AG99-P0-012", "order": 12, "priority": "P0", "status": "in_progress", "title": "Backup observability, integrity, offsite and restore drills", "owner_lane": "backup_dr", "dependencies": ["AG99-P0-006", "AG99-P0-011"], "scope_refs": ["all:backup_domains", "all:hosts", "all:products"], "problem": "Backup activity and restore readiness are not consistently visible or understandable across host, DB, site, service, package, tool, log and AI artifacts.", "trigger": "Backup schedule window, freshness breach, integrity failure, offsite failure or restore drill due date.", "ai_role": "Backup auditor and safe restore planner", "action_mode": "observe_then_controlled_apply", "evidence_sources": ["schedule", "last success", "snapshot metadata", "integrity result", "offsite receipt", "restore drill"], "controlled_actions": ["rerun non-destructive verifier", "repair stale status marker", "queue isolated restore drill"], "prohibited_actions": ["read backup contents or secrets", "prune", "restore over production", "delete remote copies"], "rollback": "Stop verifier or isolated drill without changing source repositories.", "verifier": "Each baseline domain has schedule, freshness, integrity and isolated restore evidence.", "callback": "Report one lifecycle incident per failed backup domain and update DR scorecard.", "acceptance": "No unknown backup target; failures name the domain, age, SLA, owner, evidence and safe next action.", "completion_percent": 78, "implementation_progress": "The 110/188 backup heartbeat, Gitea full-dump isolated restore, private bundle off-host copy, sample restore, Velero missed-run backfill and Prometheus alert slice are live green.", "evidence_refs": ["110 backup 13/13", "188 backup 4/4", "Gitea dump CRC and inventory 15/15", "Gitea product bundles and remote SHA-256 12/12 on 188", "Velero backfill job succeeded", "Prometheus source/canonical/active/runtime SHA matched", "Backup/Gitea non-inactive alerts 0"], "next_action": "Merge and deploy the source branch through Gitea, then complete the remaining DB, registry, package, tool, log and AI-artifact restore-receipt matrix." }, { "id": "AG99-P0-013", "order": 13, "priority": "P0", "status": "in_progress", "title": "All-host performance AIOps and safe load shedding", "owner_lane": "performance_aiops", "dependencies": ["AG99-P0-001", "AG99-P0-005", "AG99-P0-011"], "scope_refs": ["all:hosts", "all:services", "host:110", "host:188"], "problem": "110 and 188 have recurring pressure, some readbacks are empty, and one-time load drops are treated as closure without causal proof.", "trigger": "Sustained CPU, memory, disk, IO, queue or database threshold breach, or a performance readback failure.", "ai_role": "Performance diagnostician and load-shed controller", "action_mode": "controlled_apply", "evidence_sources": ["CPU per core", "memory", "disk", "IO", "process and container attribution", "DB queries", "queue", "backup and crawler schedules"], "controlled_actions": ["throttle allowlisted batch work", "pause duplicate jobs", "apply existing resource limits", "resume after verifier"], "prohibited_actions": ["kill unknown process", "restart stateful service generically", "emit empty-value alerts"], "rollback": "Restore prior quotas or resume paused jobs after health and queue checks.", "verifier": "Sustained observation window plus service SLO, queue, data freshness and process attribution.", "callback": "Update performance incident and Telegram only on state change or action result.", "acceptance": "Pressure is attributed, safely reduced and stays within threshold without service or freshness regression.", "next_action": "Fix perf readback failures and complete 110/188 process, DB and backup/crawler correlation." }, { "id": "AG99-P0-014", "order": 14, "priority": "P0", "status": "in_progress", "title": "Gitea, Harbor, Registry, Gitea-only CD and complete DR", "owner_lane": "source_control_registry_cd_dr", "dependencies": ["AG99-P0-005", "AG99-P0-006", "AG99-P0-012"], "scope_refs": ["host:110", "all:products", "surface:gitea", "surface:harbor", "surface:registry"], "problem": "Repository refs are currently present, but complete Gitea state, registry, runner/CD and full restore coverage must be proven continuously.", "trigger": "SCM, registry or CD health failure; scheduled backup/restore audit; repository visibility complaint; release drift.", "ai_role": "SCM, registry and release recovery engineer", "action_mode": "controlled_apply", "evidence_sources": ["Gitea SSH refs", "main and dev branches", "Gitea full dump", "DB settings issues packages LFS", "Harbor manifest", "runner queue", "deploy marker", "sample restore"], "controlled_actions": ["repair stateless exporter", "queue bounded runner action", "verify repository and registry", "perform isolated restore dry run"], "prohibited_actions": ["create replacement repo to hide loss", "change visibility", "force push", "restore production", "use GitHub"], "rollback": "Restore previous runner/CD config and keep registry/source incident open; never rewrite repository history.", "verifier": "All expected repos and refs, full dump components, registry artifacts, CD run and runtime markers read back successfully.", "callback": "Update source-control, release and DR scorecards with one trace.", "acceptance": "All 12 products have source and release proof and the platform can be reconstructed in isolation from verified backups.", "completion_percent": 72, "implementation_progress": "Gitea full dump and off-host private bundle restore-confidence are live verified; Harbor/Registry artifacts, runner/CD and complete platform reconstruction remain open.", "evidence_refs": ["Gitea full dump 6928031514 bytes", "regular repository inventory 15/15", "product bundle manifest 12/12", "188 sample clone and fsck passed"], "next_action": "Merge/deploy the Gitea DR source, then add Harbor/Registry artifact restore receipts and runner/CD/runtime-marker reconstruction proof." }, { "id": "AG99-P1-001", "order": 15, "priority": "P1", "status": "planned", "title": "Model-backed planner, reviewer and tool loop", "owner_lane": "agent_ai_runtime", "dependencies": ["AG99-P0-004", "AG99-P0-005"], "scope_refs": ["platform:OpenClaw", "platform:Hermes", "platform:NemoTron", "platform:ElephantAlpha", "platform:Ollama"], "action_mode": "shadow_then_canary", "verifier": "Replay, shadow agreement, unsafe-action rejection, canary success and cost/latency limits.", "acceptance": "The planner emits structured allowlisted tool plans with evidence, risk, rollback and verifier, and cannot bypass policy.", "next_action": "Define planner tool schema and replay corpus from verified incidents." }, { "id": "AG99-P1-002", "order": 16, "priority": "P1", "status": "planned", "title": "PlayBook trust, promotion and recurrence prevention", "owner_lane": "knowledge_governance", "dependencies": ["AG99-P0-006", "AG99-P1-001"], "scope_refs": ["platform:KM", "platform:RAG", "platform:MCP", "platform:PlayBook"], "action_mode": "controlled_apply", "verifier": "Trust score is derived from replay, execution, rollback, recurrence and human override receipts.", "acceptance": "Repeated incidents promote verified automation or create a permanent-fix work item; failed playbooks are demoted automatically.", "next_action": "Define trust and promotion schema with minimum replay/shadow/canary evidence." }, { "id": "AG99-P1-003", "order": 17, "priority": "P1", "status": "in_progress", "title": "Human-readable Traditional Chinese Telegram incident cards", "owner_lane": "telegram_incident_experience", "dependencies": ["AG99-P0-006"], "scope_refs": ["surface:Telegram", "all:incidents"], "action_mode": "controlled_apply", "problem": "Current Agent99 Telegram output exposes verifier field names, Windows paths, truncated summaries and duplicated screenshot text. It does not give operators a concise impact statement, lifecycle state, actual AI action, verified result, duration or next update, and duplicate same-state messages create alert fatigue.", "controlled_actions": ["render detected, investigating, remediating and recovered lifecycle cards", "use Traditional Chinese operator summary", "attach real trend chart, topology or screenshot only when it adds evidence", "edit or thread the same incident message", "suppress duplicate fingerprints until state changes"], "prohibited_actions": ["send raw verifier dumps", "repeat the same text as an image", "expose internal paths or secrets", "declare resolved from send success", "send periodic same-state noise"], "verifier": "Message snapshot tests, duplicate suppression, state-change delivery and evidence-link checks.", "acceptance": "Every card explains severity, affected service or host, user impact, lifecycle state, AI diagnosis, controlled action, verifier result, duration, recurrence count and next update in Traditional Chinese. Charts or real screenshots are attached only when they improve understanding; one fingerprint produces one lifecycle thread and no same-state spam.", "implementation_progress": "The v5 source now normalizes every Agent99 alert into one Traditional Chinese incident model with deterministic incident ID/fingerprint, severity, lifecycle, affected asset, user impact, actual Agent99 action, independent verifier result, duration, recurrence and next update. Operator-command captions no longer expose Windows evidence paths, KM paths or raw verifier fields. Warning/critical and verified recovery events render 1200x760 evidence views for recovery phases, performance metrics, backup freshness and automation/freshness gates; external screenshots are accepted only when visualEvidenceVerified=true. Telegram source message IDs are preserved through the SRE inbox so Agent99 replies under the original alert, incident root/message state is persisted, same lifecycle state is suppressed until state changes, and failed sends do not create a dedupe marker. Windows 99 staging parser reports zero errors; the no-send self-test reports incident_card_zh_tw_v5, operator lifecycle recovered, visual generated, lifecycle state test passed, same_lifecycle_state suppression and root message preservation. Runtime atomic deployment and a production-principal lifecycle receipt remain open.", "evidence_refs": ["C:\\Wooo\\Agent99\\staging\\codex-alert-v5-20260711-202853\\evidence\\agent99-TelegramCardSelfTest-*.json", "Windows PowerShell 5.1 parser errors=0", "Agent99 tests 59 passed", "reboot-recovery tests 145 passed", "apps/api/tests/test_agent99_transport_recovery_deploy_contract.py", "scripts/reboot-recovery/agent99-recover-receipt-readback.ps1"], "next_action": "Create a local audited source commit, atomically deploy it to Windows 99, then run one production-principal Recover and require the v5 recovery lifecycle card, visual delivery or explicit same-state suppression, Telegram message receipt, persistent incident state and independent recovery verifier to pass. Do not send periodic test noise." }, { "id": "AG99-P1-004", "order": 18, "priority": "P1", "status": "planned", "title": "Agent99 desktop, Telegram and API command surfaces", "owner_lane": "agent99_operator_experience", "dependencies": ["AG99-P0-003", "AG99-P0-006"], "scope_refs": ["host:99", "surface:Telegram", "surface:Agent99 desktop"], "action_mode": "controlled_apply", "verifier": "The same request has identical policy, trace, execution and result across all command surfaces.", "acceptance": "Operators can issue natural-language tasks without Codex quota and cannot escape allowlisted tools or audit.", "next_action": "Unify Submit Request, Telegram and API behind the authenticated task schema." }, { "id": "AG99-P1-005", "order": 19, "priority": "P1", "status": "planned", "title": "AWOOOI, AwoooP and IWOOOS product integration", "owner_lane": "platform_product_integration", "dependencies": ["AG99-P0-006", "AG99-P1-002"], "scope_refs": ["platform:AWOOOI", "platform:AwoooP", "platform:IWOOOS", "platform:AISOC"], "action_mode": "controlled_apply", "verifier": "Runs, Work Items, Incidents, Observability and Knowledge show the same asset ids, owners, states and next actions.", "acceptance": "No remediation exists only in Telegram or Windows files; all lifecycle assets are visible and queryable in the products.", "next_action": "Add shared incident/run/work-item/asset projections and deep links." }, { "id": "AG99-P1-006", "order": 20, "priority": "P1", "status": "planned", "title": "Tool, package, image and model lifecycle governance", "owner_lane": "supply_chain_governance", "dependencies": ["AG99-P0-010", "AG99-P0-014"], "scope_refs": ["all:tools", "all:packages", "all:container_images", "all:ai_models"], "action_mode": "observe_then_controlled_apply", "verifier": "Version, digest, SBOM, CVE, EOL, compatibility, rollback and runtime readback per managed artifact.", "acceptance": "Drift and vulnerable or unsupported artifacts are visible, prioritized and updated only through canary and rollback-aware plans.", "next_action": "Build package-domain inventory and freshness policy without automatic major upgrades." }, { "id": "AG99-P1-007", "order": 21, "priority": "P1", "status": "planned", "title": "AISOC security triage and controlled response", "owner_lane": "iwooos_aisoc", "dependencies": ["AG99-P0-003", "AG99-P0-011", "AG99-P1-001"], "scope_refs": ["host:112", "platform:IWOOOS", "platform:AISOC", "all:security_signals"], "action_mode": "observe_then_controlled_apply", "verifier": "Evidence integrity, rule/model agreement, containment scope, rollback and service impact checks.", "acceptance": "Security incidents receive evidence-backed triage and safe containment candidates without autonomous attack scans or credential actions.", "next_action": "Map IWOOOS/Wazuh signal taxonomy to the shared incident and candidate schema." }, { "id": "AG99-P1-008", "order": 22, "priority": "P1", "status": "planned", "title": "Automation metrics, incident reporting and permanent fixes", "owner_lane": "agentops_reporting", "dependencies": ["AG99-P0-006", "AG99-P1-002", "AG99-P1-005"], "scope_refs": ["all:incidents", "all:work_items", "platform:AgentOps"], "action_mode": "observe", "verifier": "Counts reconcile with event and verifier receipts; reports distinguish current, resolved, failed, avoided and recurrent problems.", "acceptance": "Daily, incident and weekly reports expose MTTA, MTTR, SLO, recurrence, false positives, coverage and human intervention.", "next_action": "Define counters and report schema from canonical event and verifier data." }, { "id": "AG99-P2-001", "order": 23, "priority": "P2", "status": "planned", "title": "Cold-start, restore and chaos game days", "owner_lane": "resilience_engineering", "dependencies": ["AG99-P0-007", "AG99-P0-012", "AG99-P1-008"], "scope_refs": ["all:hosts", "all:products", "all:backup_domains"], "action_mode": "isolated_then_controlled_apply", "verifier": "Preflight, abort criteria, SLO timing, rollback and post-drill data integrity.", "acceptance": "Recovery claims are proven by scheduled isolated drills and explicitly approved production game days.", "next_action": "Create isolated drill calendar and evidence templates." }, { "id": "AG99-P2-002", "order": 24, "priority": "P2", "status": "planned", "title": "Capacity, cost and model quality optimization", "owner_lane": "capacity_finops_agentops", "dependencies": ["AG99-P0-013", "AG99-P1-001", "AG99-P1-008"], "scope_refs": ["all:hosts", "all:models", "all:automation_lanes"], "action_mode": "observe_then_controlled_apply", "verifier": "Capacity headroom, service SLO, automation success, model quality, latency and approved cost limits.", "acceptance": "Resource and model routing changes improve measured outcomes without hidden provider or cost changes.", "next_action": "Establish baselines before any optimization action." }, { "id": "AG99-P2-003", "order": 25, "priority": "P2", "status": "planned", "title": "Controlled GUI, VM Console and browser automation", "owner_lane": "agent99_desktop_automation", "dependencies": ["AG99-P0-003", "AG99-P0-008", "AG99-P1-004"], "scope_refs": ["host:99", "surface:VMware Console", "surface:Windows desktop", "surface:browser"], "action_mode": "controlled_apply", "verifier": "App identity, allowed action, before/after screenshot, target-state readback and rollback.", "acceptance": "GUI automation is used only where no reliable API or CLI exists and remains fully policy-bound and auditable.", "next_action": "Define an allowlisted desktop tool catalog and screenshot evidence contract." } ], "summary": { "host_count": 7, "product_count": 12, "public_surface_count": 23, "work_item_count": 25, "p0_count": 14, "p1_count": 8, "p2_count": 3, "in_progress_count": 9, "in_progress_blocked_count": 0, "planned_count": 14, "complete_count": 2, "current_p0_count": 1 }, "next_execution_order": [ "AG99-P0-006", "AG99-P0-003", "AG99-P0-004", "AG99-P0-005", "AG99-P0-007", "AG99-P0-008", "AG99-P0-009", "AG99-P0-013", "AG99-P0-012", "AG99-P0-014", "AG99-P0-010", "AG99-P0-011" ] }