# IwoooS 高價值配置控管覆蓋矩陣 | 項目 | 內容 | |------|------| | 日期 | 2026-06-15 | | 狀態 | `coverage_matrix_ready` | | 工具 | `scripts/security/high-value-config-control-coverage.py` | | Snapshot | `docs/security/high-value-config-control-coverage.snapshot.json` | | Schema | `docs/schemas/high_value_config_control_coverage_v1.schema.json` | | runtime gate | `0` | ## 1. 目的 此矩陣把「所有重要配置都要被資安控管」從人讀清冊推進成可重跑 snapshot。它直接讀取 `high-value-config-change-gate.py` 的配置分類,避免變更 Gate 與長期覆蓋清冊各自漂移。 本階段仍是只讀覆蓋矩陣,不接 blocking CI、不 SSH、不讀 live host、不執行 `nginx -t`、不 reload Nginx、不做 DNS / TLS probe、不 renew cert、不同步 refs、不修改 workflow、不收 secret value、不啟動 agent-bounty runtime。 ## 1.1 2026-06-14 P0 pattern 覆蓋同步 本輪 snapshot 已從最新 `high-value-config-change-gate.py` 讀回 P0 pattern 補強: | 類別 | 新增覆蓋 | 目前解讀 | |------|----------|----------| | `nginx_public_gateway` | `k8s/nginx/**` | K8s 內 Nginx 公開入口設定納入 P0 / C0 owner response 與 rollback 管控 | | `dns_tls_certbot` | `scripts/ops/**/*cert*`、`scripts/ops/**/*tls*` | 憑證修復、renewal 與 TLS 腳本納入 P0 / C0 owner response 與維護窗口管控 | 此同步只修正長期覆蓋矩陣與變更 Gate 的一致性,不代表 live evidence 已收到,也不代表可執行 `nginx -t`、reload、certbot renew 或 DNS / TLS 變更。 ## 1.1a 2026-06-24 exporter restore helper 覆蓋同步 `high-value-config-change-gate.py` 追加 `scripts/ops/**/*exporter*` 到 `monitoring_alerting_observability`,讓 `scripts/ops/188-nginx-exporter-restore.sh` 這類 exporter restore helper 進入 P1 / C1 owner response 與 monitoring evidence 管控。這次 snapshot 固定數字仍為 `categories=14`、`c0=8`、平均成熟度 `73%`、`runtime_gate=0`;變更只修正 path coverage,不代表 owner response received / accepted、Prometheus reload、Alertmanager reload、host write、Docker action、route smoke、production write 或 runtime gate 已授權。 ## 1.2 2026-06-14 K8s / ArgoCD manifest repo-only 清冊 已新增 `docs/security/K8S-ARGOCD-MANIFEST-INVENTORY.md` 與 `docs/security/k8s-argocd-manifest-inventory.snapshot.json`,將 `k8s/awoooi-prod`、`k8s/argocd`、`k8s/velero`、`k8s/monitoring` 轉成 repo-only manifest inventory。 目前固定為 `file_count=49`、`c0_file_count=36`、`yaml_manifest_file_count=45`、`unique_kind_count=20`、`top_level_kind_marker_count=56`、`blocked_action_count=13`、`runtime_gate_count=0`。此 artifact 只補上 K8s / ArgoCD source inventory 的可重跑基線;owner request、rendered manifest diff、ArgoCD health readback、ArgoCD sync、kubectl action、live cluster read 與 production write 仍全部未授權。 2026-06-14 P0-21 再新增 `docs/security/K8S-ARGOCD-OWNER-REQUEST-DRAFT.md` 與 `docs/security/k8s-argocd-owner-request-draft.snapshot.json`,將四個 scan group 轉成 `request_draft_count=4`、`c0_request_draft_count=3`、`required_owner_field_count=11`、`evidence_gap_count=8`、`blocked_action_count=13` 的 request draft。此更新仍不是 request sent、owner response received / accepted、ArgoCD readback、sync、kubectl action 或 runtime gate。 2026-06-15 P0-25 再新增 `docs/security/K8S-ARGOCD-OWNER-RESPONSE-ACCEPTANCE.md` 與 `docs/security/k8s-argocd-owner-response-acceptance.snapshot.json`,將 manifest inventory 與 owner request draft 轉成 `acceptance_candidate_count=4`、`c0_acceptance_candidate_count=3`、`required_owner_field_count=11`、`reviewer_check_count=12`、`outcome_lane_count=7`、`blocked_action_count=18` 的 owner response acceptance 只讀帳本。此更新讓 `k8s_production_gitops` 從 `58%` 推進到 `62%`;owner response received / accepted、rendered manifest diff、ArgoCD API read、ArgoCD sync、kubectl action、live cluster read、secret collection、runtime gate 與 action button 仍全部為 `0 / false`。 2026-06-15 再新增 `docs/security/K8S-ARGOCD-CHANGE-EVIDENCE-ACCEPTANCE.md` 與 `docs/security/k8s-argocd-change-evidence-acceptance.snapshot.json`,將四個 K8s / ArgoCD scan group 轉成 GitOps 變更證據驗收只讀帳本。固定 `change_evidence_candidate_count=4`、`c0_change_evidence_candidate_count=3`、`write_capable_candidate_count=4`、`required_evidence_field_count=18`、`reviewer_check_count=18`、`outcome_lane_count=8`、`blocked_action_count=28`,讓 `k8s_production_gitops` 從 `62%` 推進到 `64%`;proposed commit、rendered manifest diff、ArgoCD app / sync revision、health before / after、rollout status、route smoke、metrics / alert、secret metadata parity、blast radius、maintenance window、rollback revision、postcheck owner、runtime approval package、ArgoCD sync、kubectl action、Helm upgrade、NetworkPolicy / NodePort / RBAC 變更、production write 與 runtime gate 仍全部為 `0 / false`。 2026-06-15 再新增 `docs/security/K8S-ARGOCD-POST-INCIDENT-READBACK-PLAN.md` 與 `docs/security/k8s-argocd-post-incident-readback-plan.snapshot.json`,把同一批 `awoooi_prod`、`argocd`、`velero`、`monitoring` 轉成事故後回讀計畫。固定 `readback_candidate_count=4`、`c0_readback_candidate_count=3`、`c1_readback_candidate_count=1`、`write_capable_readback_candidate_count=4`、`required_readback_field_count=31`、`reviewer_check_count=28`、`outcome_lane_count=10`、`blocked_action_count=41`,讓 `k8s_production_gitops` 從 `64%` 推進到 `66%`,高價值配置平均維持 `71%`,需 live evidence 類別仍為 `9`。此更新只補上 ArgoCD health / sync、Degraded / Pending、image pull / scheduling、rollout 前後、event / metrics / alert、drift scanner、CronJob、NetworkPolicy / RBAC / Secret metadata、public/admin route、AI provider / monitoring、backup / restore、跨專案同步、postcheck、防再發與 no-false-green 的脫敏回讀欄位;post-incident readback received / accepted、ArgoCD API read、ArgoCD sync、live cluster read、kubectl、Helm、NetworkPolicy / NodePort / RBAC 變更、secret value collection、route smoke、production write、runtime gate 與 action button 仍全部為 `0 / false`。 ## 1.2a 2026-06-15 CD / Runner / Secret 注入變更證據驗收 已新增 `docs/security/CD-RUNNER-SECRET-INJECTION-CHANGE-EVIDENCE-ACCEPTANCE.md` 與 `docs/security/cd-runner-secret-injection-change-evidence-acceptance.snapshot.json`,將 CD pipeline、Code Review、Deploy alerts、Runner attestation 與 Secret parity / injection owner 轉成 metadata-only 變更證據驗收帳本。 固定數字為 `change_evidence_candidate_count=5`、`c0_change_evidence_candidate_count=4`、`c1_change_evidence_candidate_count=1`、`write_capable_candidate_count=5`、`local_workflow_file_count=33`、`local_referenced_secret_name_count=42`、`runner_label_count=5`、`required_evidence_field_count=19`、`reviewer_check_count=19`、`outcome_lane_count=8`、`blocked_action_count=32`。此更新讓 `secret_metadata` 從 `66%` 推進到 `68%`,讓 `gitea_workflow_runner_source_control` 從 `70%` 推進到 `72%`;workflow diff、runner attestation、secret name parity、secret injection route、deploy marker readback、guard result、post-check evidence、runtime approval package、workflow 修改、runner 啟用、secret rotation、repo secret change、Gitea action dispatch、production deploy 與 runtime gate 仍全部為 `0 / false`。 2026-06-16 再新增 `docs/security/CD-RUNNER-SECRET-INJECTION-POST-INCIDENT-READBACK-PLAN.md` 與 `docs/security/cd-runner-secret-injection-post-incident-readback-plan.snapshot.json`,將同一批 CD pipeline、Code Review、Deploy alerts、Runner attestation 與 Secret parity / injection owner 轉成事故後回讀計畫。固定 `readback_candidate_count=5`、`c0_readback_candidate_count=4`、`c1_readback_candidate_count=1`、`write_capable_readback_candidate_count=5`、`required_readback_field_count=33`、`reviewer_check_count=30`、`outcome_lane_count=11`、`blocked_action_count=52`,讓 `secret_metadata` 從 `68%` 推進到 `70%`,讓 `gitea_workflow_runner_source_control` 從 `72%` 推進到 `74%`,高價值配置平均維持 `71%`,需 live evidence 類別仍為 `9`。此更新只補上 actor、時間窗、workflow diff state、runner executor / host、workspace cleanup、permission scope、secret name parity、secret injection route、step-env secret guard、log redaction、deploy marker / Gitea run、webhook / notification receipt、before / after deploy state、跨專案同步、rollback、post-check、防再發與 no-false-green 的脫敏回讀欄位;post-incident readback received / accepted、workflow 修改、dispatch、runner 變更、repo secret 變更、secret value collection、secret injection change、webhook / deploy key / branch protection / CODEOWNERS 變更、Gitea action dispatch、K8s secret injection、ArgoCD sync、production deploy、runtime gate 與 action button 仍全部為 `0 / false`。 2026-06-18 再新增 `docs/security/TELEGRAM-NOTIFICATION-EGRESS-INVENTORY.md` 與 `docs/security/telegram-notification-egress-inventory.snapshot.json`,把 repo 內 direct Telegram Bot API `sendMessage` 旁路固定成 notification egress 清冊。固定 `direct_bot_api_call_count=18`、`direct_bot_api_file_count=11`、workflow `13`、ops script `4`、API direct `1`、`gateway_normalized_callsite_count=56`、`gateway_final_exit_formatter_present_count=1`、`required_owner_field_count=18`、`reviewer_check_count=14`、`outcome_lane_count=9`、`blocked_action_count=22`。此更新只表示旁路已可重跑盤點;owner response、formatter convergence accepted、delivery receipt accepted、workflow / script modification、Telegram send、Bot API call、secret collection、production write、runtime gate 與 action button 仍全部為 `0 / false`。 同日再新增 `docs/security/TELEGRAM-NOTIFICATION-EGRESS-OWNER-REQUEST-DRAFT.md` 與 `docs/security/telegram-notification-egress-owner-request-draft.snapshot.json`,將 11 個 direct egress 檔案轉成人工送件前草稿。固定 `request_draft_count=11`、workflow `6`、ops script `4`、API direct `1`、`required_owner_field_count=19`、`preflight_check_count=16`、`outcome_lane_count=9`、`forbidden_payload_count=14`、`blocked_action_count=26`;request sent、recipient confirmed、owner response accepted、formatter convergence accepted、Telegram send、Bot API call、workflow / script modification、API sender refactor、secret collection、production write、runtime gate 與 action button 仍全部為 `0 / false`。 同日再新增 `docs/security/TELEGRAM-NOTIFICATION-EGRESS-MIGRATION-PLAN-DRAFT.md` 與 `docs/security/telegram-notification-egress-migration-plan-draft.snapshot.json`,將 11 份草稿排成三個 no-runtime 遷移波次。固定 `migration_candidate_count=11`、workflow `6`、ops script `4`、API direct `1`、`proposed_wave_count=3`、`reviewer_check_count=15`、`blocked_action_count=21`;owner response、migration authorized、workflow / script modification、API sender refactor、Telegram send、Bot API call、secret collection、production write、runtime gate 與 action button 仍全部為 `0 / false`。 2026-06-19 再新增 `docs/security/TELEGRAM-NOTIFICATION-EGRESS-NO-NEW-BYPASS-GUARD.md` 與 `docs/security/telegram-notification-egress-no-new-bypass-guard.snapshot.json`,把既有 18 個 direct send 固定為 no-new-bypass baseline。固定 `guarded_method_count=9`、`current_direct_bot_api_call_count=18`、`new_bypass_count=0`、`sendDocument_call_count=0`、`sendPhoto_call_count=0`、`sendMediaGroup_call_count=0`、`runtime_gate_count=0`。這是 repo source 防新增旁路 guard,不代表既有 direct send 已收斂。 同日再新增 `docs/security/TELEGRAM-NOTIFICATION-EGRESS-OWNER-RESPONSE-ACCEPTANCE.md` 與 `docs/security/telegram-notification-egress-owner-response-acceptance.snapshot.json`,把 11 份 direct egress 檔案轉成 owner response acceptance 候選。2026-06-19 已補 `message_readability_guard_ref`,固定指向 `docs/security/telegram-alert-readability-guard.snapshot.json`,避免 direct egress 遷移審查繞過告警卡片化、脫敏、`runtime_write_gate=controlled` 事件卡語意與 no-false-green;Telegram send、Bot API call、production write、runtime gate 與 action button 仍全部維持 `0 / false`。固定 `acceptance_candidate_count=11`、workflow `6`、ops script `4`、API direct `1`、`acceptance_field_count=33`、`required_owner_field_count=19`、`reviewer_check_count=23`、`outcome_lane_count=10`、`blocked_action_count=35`;owner response received / accepted、formatter convergence accepted、redaction contract accepted、delivery receipt accepted、migration authorized、workflow / script / API sender modification、Telegram send、Bot API call、secret collection、production write、runtime gate 與 action button 仍全部為 `0 / false`。 同日再新增 `docs/security/TELEGRAM-ALERT-READABILITY-GUARD.md`、`docs/security/telegram-alert-readability-guard.snapshot.json` 與 `scripts/security/telegram-alert-readability-guard.py`,把 Telegram 告警最後出口可讀性固定成可重跑 guard。固定 `source_formatter_marker_count=11`、`final_exit_contract_count=3`、`test_contract_count=11`、`ai_signal_lane_count=7`、`host_resource_lane_count=6`、`blocked_raw_output_marker_count=12`、`required_output_marker_count=7`。此更新鎖住 Host CPU / root Node.js / Prisma / Next build、Wazuh、Kali、Nginx drift、backup / restore、provider freshness 與 supply-chain 類訊號必須轉成 AI 事件卡,且不得把 process list、raw JSON、內網 IP、完整路徑、URL、token 或 raw Wazuh / Nginx path 直接送進 Telegram;但 Telegram send、Bot API call、delivery receipt、direct egress migration、workflow / script / API sender 修改、production write、runtime gate 與 action button 仍全部為 `0 / false`。 ## 1.2c 2026-06-18 Backup / Restore / Escrow 事故後回讀計畫 已新增 `docs/security/BACKUP-RESTORE-POST-INCIDENT-READBACK-PLAN.md` 與 `docs/security/backup-restore-post-incident-readback-plan.snapshot.json`,將 38 個 backup / restore / escrow / retention surface 轉成事故後回讀計畫。固定 `readback_candidate_count=38`、`write_capable_readback_candidate_count=27`、`live_evidence_required_readback_candidate_count=38`、`restore_drill_readback_required_candidate_count=38`、`offsite_or_escrow_readback_required_candidate_count=20`、`retention_or_remote_delete_readback_required_candidate_count=17`、`required_readback_field_count=34`、`reviewer_check_count=32`、`outcome_lane_count=11`、`blocked_action_count=51`,讓 `backup_restore_credential` 從 `64%` 推進到 `66%`,高價值配置平均維持 `71%`,需 live evidence 類別仍為 `9`。 此更新只補上 actor、時間窗、改前改後 freshness、backup status readback、restore drill、隔離 restore target、offsite sync、remote delete guard、credential escrow non-secret proof、credential recovery metadata、retention runway、retention / prune decision、dependency map、data classification、restore observer、alert textfile、cold-start scorecard、cross-project sync、rollback、post-change monitoring、防再發與 no-false-green 的脫敏回讀欄位;post-incident readback received / accepted、backup run、restore run、offsite sync、remote delete、credential escrow marker write、retention change、restic prune、rclone config、Velero、kubectl、SSH、secret value collection、production write、runtime gate 與 action button 仍全部為 `0 / false`。 ## 1.2b 2026-06-15 Public / Admin / API runtime config 變更證據驗收 已新增 `docs/security/PUBLIC-RUNTIME-CONFIG-CHANGE-EVIDENCE-ACCEPTANCE.md` 與 `docs/security/public-runtime-config-change-evidence-acceptance.snapshot.json`,將公開產品頁、AwoooP 後台、API / CORS、frontend env、Sentry tunnel、webhook / callback 與跨產品 runtime route 轉成 metadata-only 變更證據驗收帳本。 固定數字為 `change_evidence_candidate_count=6`、`c0_change_evidence_candidate_count=5`、`c1_change_evidence_candidate_count=1`、`write_capable_candidate_count=6`、`source_ref_count=20`、`required_evidence_field_count=21`、`reviewer_check_count=21`、`outcome_lane_count=8`、`blocked_action_count=32`。此更新讓 `public_admin_api_runtime_config` 從 `62%` 推進到 `64%`,但 affected route、admin/auth boundary、API contract readback、CORS diff、frontend env diff、i18n redaction review、webhook / callback owner、desktop / mobile smoke、sensitive string scan、post-check evidence、runtime approval package、route / CORS / env / auth / webhook 變更、production deploy 與 runtime gate 仍全部為 `0 / false`。 此帳本明確把 raw owner namespace、repo slug、內部狀態碼、內部協作文字、cookie、token、secret value、DSN value、raw payload 與未脫敏截圖列為拒收或隔離條件。前台可以顯示產品 / 專案脫敏名稱與控管狀態,但不得顯示個人 namespace、內部狀態碼、內部協作內容或抱怨語句。 2026-06-15 再新增 `docs/security/public-frontend-sensitive-surface-guard.snapshot.json`,並將 `scripts/security/public-frontend-env-guard.py` 擴充為前台 source / messages 敏感資訊防洩漏 guard。2026-06-18 新增 Wazuh read-only API code path 後,固定 `public_surface_file_count=226`、`forbidden_pattern_count=12`、`allowlisted_match_count=2`、`violation_count=0`、`env_violation_count=0`、`runtime_gate_count=0`。此更新讓 `public_admin_api_runtime_config` 從 `64%` 推進到 `66%`,高價值配置平均只讀成熟度從 `69%` 推進到 `70%`;但 production bundle scan、desktop / mobile production smoke accepted、owner response、route / CORS / env / auth / webhook 變更、frontend / API deploy、production deploy 與 runtime gate 仍全部為 `0 / false`。 ## 1.3 2026-06-14 agent-bounty-protocol owner request draft 已新增 `docs/security/AGENT-BOUNTY-OWNER-REQUEST-DRAFT.md` 與 `docs/security/agent-bounty-owner-request-draft.snapshot.json`,將 `agent-bounty-protocol` onboarding handoff 轉成 11 份 owner request draft。 固定數字為 `request_draft_count=11`、`control_boundary_request_count=4`、`product_surface_request_count=7`、`write_capable_request_draft_count=8`、`treasury_related_request_draft_count=4`、`mcp_a2a_related_request_draft_count=5`、`required_owner_field_count=22`、`forbidden_input_count=25`、`blocked_action_count=28`、`runtime_gate_count=0`。此更新不提高 `agent_bounty_protocol_runtime` 成熟度,仍維持 `68%`;owner response、repo / refs truth、deployment boundary、MCP / A2A boundary、treasury boundary、claim / submit、payout / withdrawal、cron / daemon、runtime gate 與 action button 仍全部為 `0 / false`。 ## 1.4 2026-06-14 Public Gateway owner response acceptance 只讀帳本 已新增 `docs/security/PUBLIC-GATEWAY-OWNER-RESPONSE-ACCEPTANCE.md` 與 `docs/security/public-gateway-owner-response-acceptance.snapshot.json`,將 Public Gateway live conf 匯出請求、redacted export 收件預檢與 rendered diff / `nginx -t` gate 草稿串成 owner response acceptance 只讀帳本。 固定數字為 `acceptance_candidate_count=3`、`c0_acceptance_candidate_count=2`、`c1_acceptance_candidate_count=1`、`acceptance_field_count=33`、`required_owner_response_field_count=22`、`reviewer_check_count=22`、`outcome_lane_count=8`、`blocked_action_count=28`、`owner_response_received_count=0`、`owner_response_accepted_count=0`、`runtime_gate_count=0`。2026-06-15 已補手動 / 緊急 gateway 變更 metadata gate,要求 change actor/source、change time window、cross-project impact、communication sync、change intent / ticket、pre-change approval 或 break-glass reason、route health impact、rollback validation 與 post-change monitoring window 的脫敏 ref;此更新讓 `nginx_public_gateway` 從 `88%` 推進到 `90%`,因為亂改 Nginx 後不再只看 owner 口頭回覆,而會要求事前意圖或事後 break-glass、健康影響、回滾驗證與監控窗口。不過 live conf、rendered diff、`nginx -t`、reload、route smoke、DNS / TLS probe、certbot renew、maintenance window、rollback owner、runtime gate 與 action button 仍全部為 `0 / false`。 2026-06-14 再新增 `docs/security/PUBLIC-GATEWAY-RENDERED-DIFF-ACCEPTANCE.md` 與 `docs/security/public-gateway-rendered-diff-acceptance.snapshot.json`,把 owner response acceptance 後的 rendered diff evidence、owner-provided `nginx -t` readback、route smoke evidence、TLS / ACME impact、maintenance window、rollback owner 與 post-check evidence 轉成只讀驗收帳本。 固定數字為 `diff_acceptance_candidate_count=3`、`c0_diff_acceptance_candidate_count=2`、`c1_diff_acceptance_candidate_count=1`、`diff_acceptance_field_count=25`、`required_evidence_field_count=14`、`reviewer_check_count=15`、`outcome_lane_count=8`、`blocked_action_count=22`、`rendered_diff_accepted_count=0`、`nginx_test_evidence_accepted_count=0`、`route_smoke_result_accepted_count=0`、`runtime_gate_count=0`。此更新只讓 `nginx_public_gateway` 從 `86%` 推進到 `88%`;owner response accepted、redacted live conf accepted、rendered diff accepted、`nginx -t`、reload、route smoke、DNS / TLS probe、certbot renew、production write、runtime gate 與 action button 仍全部為 `0 / false`。 2026-06-15 再新增 `docs/security/PUBLIC-GATEWAY-POST-INCIDENT-READBACK-PLAN.md` 與 `docs/security/public-gateway-post-incident-readback-plan.snapshot.json`,把同一批三份 Public Gateway config 轉成 Nginx / gateway 事故後回讀計畫。固定 `readback_candidate_count=3`、`c0_readback_candidate_count=2`、`c1_readback_candidate_count=1`、`write_capable_readback_candidate_count=3`、`required_readback_field_count=30`、`reviewer_check_count=28`、`outcome_lane_count=10`、`blocked_action_count=41`,讓 `nginx_public_gateway` 從 `90%` 推進到 `92%`,高價值配置平均維持 `71%`,需 live evidence 類別仍為 `9`。此更新只補上 actor、變更時間窗、change intent / break-glass、改前改後 route、source-to-live diff、`nginx -t` readback、reload / no-reload、route smoke、TLS / ACME、WebSocket、upstream、AI provider、monitoring、跨專案同步、回滾、防再發與 no-false-green 的脫敏回讀欄位;readback received / accepted、live conf read、`nginx -t`、reload、route smoke、DNS / TLS probe、certbot renew、host write、runtime gate 與 action button 仍全部為 `0 / false`。 ## 1.5 2026-06-14 DNS / TLS / certbot owner response acceptance 只讀帳本 已新增 `docs/security/DOMAIN-TLS-CERTBOT-OWNER-RESPONSE-ACCEPTANCE.md` 與 `docs/security/domain-tls-certbot-owner-response-acceptance.snapshot.json`,將 4 份 DNS / TLS / certbot owner confirmation request 轉成 metadata-only owner response acceptance 只讀帳本。 固定數字為 `acceptance_candidate_count=4`、`c0_acceptance_candidate_count=4`、`acceptance_field_count=23`、`required_owner_response_field_count=13`、`reviewer_check_count=13`、`outcome_lane_count=7`、`blocked_action_count=20`、`owner_response_received_count=0`、`owner_response_accepted_count=0`、`certificate_coverage_confirmed_count=0`、`dns_query_authorized_count=0`、`live_tls_probe_authorized_count=0`、`certbot_renew_authorized_count=0`、`nginx_reload_authorized_count=0`、`route_smoke_authorized_count=0`、`runtime_gate_count=0`。此更新讓 `dns_tls_certbot` 從 `74%` 推進到 `78%`,代表未來 owner 回覆可被補件、隔離、拒收或送 reviewer review;它不代表 DNS query、TLS probe、certbot renew、Nginx reload、route smoke、host write 或 runtime gate 已授權。 ## 1.6 2026-06-14 Docker / systemd / host service owner response acceptance 只讀帳本 已新增 `docs/security/HOST-SERVICE-OWNER-RESPONSE-ACCEPTANCE.md` 與 `docs/security/host-service-owner-response-acceptance.snapshot.json`,將 9 份 Docker / systemd / host service owner request draft 轉成 metadata-only owner response acceptance 只讀帳本。 固定數字為 `acceptance_candidate_count=9`、`write_capable_acceptance_candidate_count=3`、`live_evidence_required_candidate_count=8`、`acceptance_field_count=34`、`required_owner_field_count=18`、`reviewer_check_count=21`、`outcome_lane_count=8`、`blocked_action_count=27`、`owner_response_received_count=0`、`owner_response_accepted_count=0`、`live_host_read_authorized_count=0`、`docker_compose_action_authorized_count=0`、`systemctl_action_authorized_count=0`、`repair_bot_execution_authorized_count=0`、`ansible_apply_authorized_count=0`、`runtime_gate_count=0`。此更新讓 `docker_compose_systemd_host_config` 從 `54%` 推進到 `58%`;它不代表 live host read、restart、repair-bot、Ansible、sudo、host write 或 runtime gate 已授權。 2026-06-15 再新增 `docs/security/HOST-SERVICE-CHANGE-EVIDENCE-ACCEPTANCE.md` 與 `docs/security/host-service-change-evidence-acceptance.snapshot.json`,將 9 個 Docker / systemd / host service surface 轉成變更 / 事故證據驗收只讀帳本。固定 `change_evidence_candidate_count=9`、`write_capable_change_evidence_candidate_count=3`、`live_evidence_required_candidate_count=8`、`change_evidence_field_count=45`、`required_evidence_field_count=25`、`reviewer_check_count=26`、`outcome_lane_count=10`、`blocked_action_count=39`,讓 `docker_compose_systemd_host_config` 從 `58%` 推進到 `62%`。此帳本補齊重啟 actor、before / after service state、Docker daemon state、compose / systemd state、failed unit review、port binding、dependency、cold-start、route recovery、operator notification、cross-project sync 與 no-false-green service health;change evidence、owner response、live host read、Docker / systemd、repair-bot、Ansible、route smoke、host write、runtime gate 與 action button 仍全部為 `0 / false`。 ## 1.7 2026-06-15 端口 / 防火牆變更證據驗收只讀帳本 已新增 `docs/security/PORT-FIREWALL-CHANGE-EVIDENCE-ACCEPTANCE.md` 與 `docs/security/port-firewall-change-evidence-acceptance.snapshot.json`,將 SSH / Firewall / Network Access owner response acceptance 裡的端口、防火牆、NodePort、NetworkPolicy、WireGuard、deploy SSH、sudo 與 alert action surface 轉成 change evidence acceptance 只讀帳本。 固定數字為 `change_evidence_candidate_count=14`、`write_capable_change_evidence_candidate_count=6`、`policy_or_exposure_candidate_count=5`、`change_evidence_field_count=40`、`required_evidence_field_count=21`、`reviewer_check_count=21`、`outcome_lane_count=9`、`blocked_action_count=28`、`change_evidence_received_count=0`、`change_evidence_accepted_count=0`、`service_health_impact_accepted_count=0`、`operator_notification_accepted_count=0`、`firewall_change_authorized_count=0`、`port_close_authorized_count=0`、`port_open_authorized_count=0`、`runtime_gate_count=0`。此更新讓 `ssh_firewall_network_access` 從 `58%` 推進到 `62%`;它補齊端口 / 防火牆變更與事故回補的 actor、before / after state、service dependency、customer impact、service health impact、operator notification、cross-project sync、rollback 與 post-check evidence 驗收規則,不代表 SSH、live firewall read、firewall change、port close / open、route smoke、host restart、production write 或 runtime gate 已授權。 2026-06-15 再新增 `docs/security/SSH-NETWORK-POST-INCIDENT-READBACK-PLAN.md` 與 `docs/security/ssh-network-post-incident-readback-plan.snapshot.json`,把同一批端口 / 防火牆 / NodePort / NetworkPolicy / WireGuard / deploy SSH / sudo / alert action surface 補成事故後回讀計畫。固定 `readback_candidate_count=14`、`write_capable_readback_candidate_count=6`、`policy_or_exposure_readback_candidate_count=5`、`required_readback_field_count=24`、`reviewer_check_count=24`、`outcome_lane_count=10`、`blocked_action_count=34`,並要求 actor attribution、before / after state、service / public route / AI provider / monitoring impact、operator notification、cross-project sync、restoration evidence、post-check、recurrence guard 與 no-false-green attestation。此更新讓 `ssh_firewall_network_access` 從 `62%` 推進到 `64%`;但 post-incident readback received / accepted、actor attribution accepted、before / after accepted、impact accepted、notification accepted、cross-project sync accepted、restoration accepted、recurrence guard accepted、runtime gate 與 action button 仍全部為 `0 / false`。 ## 1.7a 2026-06-15 AI provider / model routing owner response acceptance 只讀帳本 已新增 `docs/security/AI-PROVIDER-OWNER-RESPONSE-ACCEPTANCE.md` 與 `docs/security/ai-provider-owner-response-acceptance.snapshot.json`,將 AI router provider policy、Ollama proxy gateway、fallback order / circuit breaker、cost budget / quota、privacy / data egress、benchmark / dry-run、model card / version inventory 與 agent replacement candidate boundary 轉成 metadata-only owner response acceptance 帳本。 固定數字為 `acceptance_candidate_count=8`、`write_capable_acceptance_candidate_count=5`、`paid_provider_related_candidate_count=5`、`data_egress_candidate_count=6`、`live_evidence_required_candidate_count=6`、`acceptance_field_count=37`、`required_owner_field_count=24`、`reviewer_check_count=24`、`outcome_lane_count=10`、`blocked_action_count=38`。此更新讓 `ai_provider_model_routing` 從 `60%` 推進到 `64%`;provider owner、fallback order、dry-run、benchmark、cost review、privacy review、data classification、prompt redaction、secret handling、quota budget、quality gate、rollback owner、post-check evidence、owner response received / accepted、provider switch、external provider call、paid provider call、prompt send、live endpoint probe、secret value collection、runtime gate 與 action button 仍全部為 `0 / false`。 ## 1.8 2026-06-15 高價值配置集中 Guard 已新增 `docs/security/IWOOOS-CONFIG-CONTROL-GUARD.md` 與 `scripts/security/iwooos-config-control-guard.py`,把 14 類高價值配置、C0 類別、evidence refs、owner response / change evidence 帳本、supply-chain contract manifest 與 `0 / false` 邊界串成集中驗證。 此 guard 已由 `security-mirror-progress-guard.py` 呼叫。後續只要跑主進度 guard,就會同步檢查 Nginx、DNS / TLS、K8s / ArgoCD、Secrets / runner、Public runtime、SSH / firewall、Backup / DR、Monitoring、agent-bounty-protocol 與 supply-chain contract 的 repo snapshot 基線。 此更新只讓「配置控管集中驗證」從 `0%` 推進到 `100%`;owner response 收件、live evidence、Nginx reload、firewall change、workflow / runner / secret 變更、backup / restore、active scan、agent-bounty runtime 與 production deploy 仍全部維持 `0 / false`。 ## 1.9 2026-06-18 Wazuh / 主機入侵 readback 接入 已新增 `docs/security/WAZUH-IWOOOS-INTRUSION-READBACK-PLAN.md`、`docs/security/wazuh-iwooos-intrusion-readback-plan.snapshot.json`、`scripts/security/wazuh-iwooos-intrusion-readback-plan.py` 與 `apps/web/src/app/api/iwooos/wazuh/route.ts`。 此接入承認 Wazuh 已建置,但不把平台存在誤判成事件已驗收。固定 `readback_candidate_count=6`、`c0_readback_candidate_count=6`、`affected_host_alias_count=2`、`wazuh_event_required_candidate_count=5`、`host_forensics_required_candidate_count=5`、`required_readback_field_count=30`、`reviewer_check_count=24`、`outcome_lane_count=12`、`blocked_action_count=49`。此更新讓 `monitoring_alerting_observability` 從 `70%` 推進到 `72%`,高價值配置平均由 `71%` 推進到 `72%`,需 live evidence 類別仍為 `9`。 此 artifact 明確拒收硬編碼 Wazuh URL / 使用者 / 密碼、關閉 TLS 驗證、raw Wazuh payload、raw log、private key、runner token、外部 Agent 口頭宣稱、agent active 當結案、route `200` 當恢復,以及任何未經批准的 active response、host write、firewall drop、process kill、runner / workflow / secret 變更。Wazuh event refs、host forensic refs、containment decision、recovery proof、postcheck、recurrence guard、read-only API enabled、active response、host write、runtime gate 與 action button 仍全部為 `0`。 ## 1.10 2026-06-18 外部入侵主機防堵控制矩陣 已新增 `docs/security/EXTERNAL-HOST-INTRUSION-PREVENTION-CONTROL.md`、`docs/security/external-host-intrusion-prevention-control.snapshot.json` 與 `scripts/security/external-host-intrusion-prevention-control.py`,把公開入口、SSH、端口、防火牆、Nginx、runner、secret、Docker / systemd、K8s、Wazuh、套件更新、backup / restore、監控與跨專案同步收斂成同一張 P0 防堵矩陣。 固定 `prevention_domain_count=12`、`control_candidate_count=14`、`c0_control_candidate_count=10`、`host_alias_count=4`、`sensor_alias_count=1`、`required_owner_field_count=36`、`reviewer_check_count=34`、`outcome_lane_count=12`、`blocked_action_count=82`。此更新讓 `docker_compose_systemd_host_config` 從 `64%` 推進到 `68%`、`ssh_firewall_network_access` 從 `64%` 推進到 `70%`、`monitoring_alerting_observability` 從 `72%` 推進到 `74%`;高價值配置平均仍為 `72%`,因為 headline 與 runtime gate 不因框架補強而假性提高。 此 artifact 只建立防堵控制、拒收條件與 owner packet 欄位;owner response、evidence refs、prevention control accepted、containment decision、maintenance window、rollback plan、postcheck、Wazuh active response、host write、firewall change、Nginx reload、package upgrade、active scan、production write、runtime gate 與 action button 仍全部為 `0 / false`。 ## 1.11 2026-06-18 SOC / SIEM / Kali 112 / Wazuh 整合控制 已新增 `docs/security/SOC-SIEM-KALI-WAZUH-INTEGRATION-CONTROL.md`、`docs/security/soc-siem-kali-wazuh-integration-control.snapshot.json` 與 `scripts/security/soc-siem-kali-wazuh-integration-control.py`,把 Wazuh、Kali 112、Prometheus / Alertmanager、SigNoz、Sentry、Nginx / gateway、host forensic、Docker / systemd、K8s / ArgoCD、Gitea / runner、Harbor / SBOM、backup / DR 收斂成 SOC / SIEM 只讀控制矩陣。 固定 `standard_framework_count=14`、`operating_role_count=9`、`incident_lifecycle_stage_count=8`、`maturity_stage_count=7`、`validation_gate_count=18`、`control_domain_count=16`、`signal_source_count=12`、`control_candidate_count=20`、`c0_control_candidate_count=12`、`required_owner_field_count=42`、`reviewer_check_count=36`、`outcome_lane_count=14`、`blocked_action_count=103`。此更新導入 NIST CSF 2.0、NIST SP 800-61 Rev. 3、CIS Controls v8.1、CISA Zero Trust / KEV、MITRE ATT&CK / D3FEND、OWASP ASVS / SAMM、Wazuh XDR / SIEM、Wazuh Active Response 能力模型、Prometheus Alertmanager、OpenTelemetry、SLSA / Sigstore / SBOM、Suricata / Zeek 與 Kali tooling 映射,讓 `monitoring_alerting_observability` 維持 `78%`、`security_evidence_tooling` 維持 `88%`;高價值配置平均只讀成熟度仍維持 `73%`,避免因制度補強而假性提高 runtime 完成度。 此 artifact 只代表 SOC 控制面、證據欄位、拒收條件與前台 marker 已建立;Wazuh event refs、Kali scope / finding envelope、SIEM correlation rule、alert route、incident case、forensic evidence、owner response、active response、Kali active scan、Kali `/execute`、Prometheus / Alertmanager reload、Telegram 實發、SOAR case、auto block、runtime gate 與 action button 仍全部為 `0 / false`。 ## 2. 覆蓋摘要 | 指標 | 目前值 | 說明 | |------|--------|------| | 註冊配置類別 | `14` | 全部來自高價值配置 Gate 的 CATEGORIES | | C0 類別 | `8` | Nginx、DNS / TLS、K8s、secret、workflow / runner、runtime config、backup、agent-bounty runtime | | C1 類別 | `4` | 監控、Docker / systemd、SSH / network、AI provider | | C2 類別 | `1` | 產品 runtime route 與跨產品邊界 | | C3 類別 | `1` | security evidence / snapshot / guard tooling | | 平均只讀控管成熟度 | `73%` | 僅代表框架 / evidence / owner packet / acceptance ledger / source guard / post-incident readback / 防堵控制矩陣 / SOC 整合控制準備度,不代表 runtime 可執行 | | 需要 live / owner evidence 的類別 | `10` | 只能等 owner-provided redacted evidence 或維護窗口,不主動修改 workflow、secret、runner、route、CORS、env、備份或主機 | | owner response required | `14` | 每類都需要 owner response 才能往 accepted 前進 | | owner response received / accepted | `0 / 0` | 不得假性提高 | | runtime gate | `0` | 不得產生執行按鈕 | ## 3. 低成熟與高風險追蹤優先順序 | 優先 | 類別 | 目前成熟度 | 下一步 | |------|------|------------|--------| | P1-1 | Docker Compose / systemd / host service config | `68%` | repo-only 清冊、owner response acceptance、host service change evidence acceptance、post-incident readback plan 與外部入侵防堵矩陣已納入;主機 runtime、process、port binding、package、persistence、AI provider、monitoring、operator notification、cross-project sync、防再發與 no-false-green 已納入;仍缺 owner response、live hash、Wazuh / host forensic refs、maintenance / restart window、rollback owner、post-check plan、disable switch 與 no-secret-value evidence | | P1-2 | SSH / sudoers / known_hosts / firewall / WireGuard / NodePort | `70%` | repo-only 清冊、owner response acceptance、端口 / 防火牆變更證據驗收、post-incident readback plan 與外部入侵防堵矩陣已固定;SSH / sudo、known_hosts、firewall、WireGuard、NodePort、NetworkPolicy、before / after state、break-glass 與維護窗口皆已納入;仍缺 owner-provided change / incident ref、actor、Wazuh / host forensic refs、service impact、notification、cross-project sync、maintenance window、rollback owner 與 post-check evidence | | P1-3 | AI provider / model routing / Ollama proxy / cost and privacy | `64%` | 已新增 owner response acceptance 帳本,固定 8 個候選、24 個 owner 必填欄位、24 個 reviewer checks、10 條 outcome lanes、38 類 blocked actions;仍缺 provider owner、fallback order、dry-run、benchmark、cost review、privacy review、data classification、prompt redaction、quality gate、rollback owner 與 post-check evidence,不切 production | | P1-4 | K8s / ArgoCD / production manifests | `66%` | manifest inventory、owner response acceptance、GitOps change evidence acceptance 與 post-incident readback plan 已完成;仍缺 proposed commit ref、rendered manifest diff、ArgoCD app / sync revision、health before / after、rollout、route smoke、metrics / alert、blast radius、rollback revision、maintenance window 與 post-check owner | | P1-5 | Backup / restore / escrow / retention | `66%` | repo-only 清冊、owner response acceptance 與事故後回讀計畫已納入 38 個 surface;freshness before-after、backup status readback、restore drill、offsite sync、credential escrow non-secret proof、retention runway、cold-start scorecard、防再發與 no-false-green 已納入;仍缺 owner response、事故回讀包、restore drill approval package、offsite / escrow owner、rollback owner、validation plan 與 no-secret-value evidence | | P1-6 | Wazuh / Kali 112 / SOC / Prometheus / Alertmanager / Grafana / SigNoz / Sentry / Langfuse | `78%` | repo-only 清冊、owner response acceptance、事故後回讀計畫、Wazuh / 主機入侵 readback plan、外部入侵防堵矩陣與 SOC / SIEM / Kali 112 / Wazuh 整合控制已納入;NIST CSF、CIS Controls、CISA KEV、OWASP ASVS、Wazuh、Suricata 與 Kali tooling 已映射;仍缺 Wazuh event refs、Kali scope refs、host forensic refs、SIEM correlation、alert route owner、incident case owner、postcheck、owner response、noise budget owner 與 maintenance window | ## 4. 固定 0 / false 邊界 以下旗標必須維持 `false`: ```text runtime_execution_authorized=false host_write_authorized=false host_live_conf_read_authorized=false nginx_test_authorized=false public_gateway_reload_authorized=false public_route_change_authorized=false admin_route_change_authorized=false websocket_route_change_authorized=false acme_challenge_change_authorized=false route_smoke_authorized=false rollback_executed=false nginx_reload_authorized=false dns_tls_change_authorized=false certbot_renew_authorized=false argocd_sync_authorized=false kubectl_action_authorized=false backup_run_authorized=false restore_run_authorized=false restore_drill_authorized=false offsite_sync_authorized=false offsite_remote_delete_authorized=false credential_escrow_marker_write_authorized=false retention_change_authorized=false restic_prune_authorized=false rclone_config_authorized=false velero_restore_authorized=false workflow_modification_authorized=false runner_change_authorized=false refs_sync_authorized=false force_push_authorized=false gitea_action_dispatch_authorized=false cd_pipeline_run_authorized=false github_hosted_runner_enable_authorized=false repo_secret_change_authorized=false secret_store_read_authorized=false secret_injection_change_authorized=false secret_value_collection_allowed=false secret_hash_collection_allowed=false partial_token_collection_allowed=false secret_rotation_authorized=false runtime_config_change_authorized=false api_route_change_authorized=false cors_change_authorized=false frontend_env_change_authorized=false middleware_auth_change_authorized=false callback_url_change_authorized=false webhook_secret_change_authorized=false security_header_change_authorized=false cookie_policy_change_authorized=false csrf_disable_authorized=false rate_limit_disable_authorized=false api_contract_change_authorized=false i18n_public_text_internal_identity_allowed=false internal_ip_exposure_allowed=false repo_namespace_exposure_allowed=false owner_namespace_exposure_allowed=false internal_status_code_exposure_allowed=false internal_transcript_exposure_allowed=false raw_payload_storage_allowed=false desktop_mobile_smoke_authorized=false database_migration_authorized=false active_scan_authorized=false agent_bounty_runtime_authorized=false payout_or_withdrawal_authorized=false action_buttons_allowed=false prometheus_reload_authorized=false alertmanager_reload_authorized=false grafana_dashboard_apply_authorized=false signoz_rule_apply_authorized=false sentry_deploy_authorized=false langfuse_config_change_authorized=false otel_collector_reload_authorized=false receiver_route_change_authorized=false silence_policy_change_authorized=false telegram_send_authorized=false notification_route_change_authorized=false webhook_receiver_change_authorized=false remote_write_change_authorized=false exporter_deploy_authorized=false live_alert_fire_authorized=false alert_chain_smoke_authorized=false ``` ## 5. 判讀規則 1. `coverage_percent` 只代表只讀框架成熟度,不代表已收到 owner response。 2. `coverage_status` 是下一步分流用語,不是 runtime approval state。 3. C0 / C1 類別若缺 live evidence,只能等待 owner-provided redacted evidence、維護窗口與 rollback owner。 4. `agent-bounty-protocol` 已是 C0 runtime / MCP / A2A / treasury boundary,且 owner request draft 已完成;目前仍不得 claim / submit / payout / daemon / webhook / runtime execution。 5. IwoooS 前端可顯示覆蓋矩陣,但不得提供可執行按鈕,也不得把可見狀態解讀成資安批准。 ## 6. 指令 ```bash python3 scripts/security/high-value-config-control-coverage.py \ --root . \ --output docs/security/high-value-config-control-coverage.snapshot.json ``` 固定 committed snapshot 時間: ```bash python3 scripts/security/high-value-config-control-coverage.py \ --root . \ --generated-at 2026-06-11T21:30:00+08:00 \ --output docs/security/high-value-config-control-coverage.snapshot.json ``` 集中驗證 guard: ```bash python3 scripts/security/iwooos-config-control-guard.py --root . ``` ## 7. 完成度 | 工作 | 完成度 | 說明 | |------|--------|------| | 全高價值配置類別註冊 | `100%` | 14 類全部來自既有 Gate 定義 | | 覆蓋 snapshot / schema | `100%` | 已新增可重跑 snapshot 與 JSON schema | | 高價值配置集中 guard | `100%` | 已新增 `scripts/security/iwooos-config-control-guard.py`,並串接 `security-mirror-progress-guard.py`;14 類配置、主要 owner / change evidence 帳本、supply-chain manifest 與 `0 / false` 邊界可集中驗證 | | DNS / TLS / certbot owner response acceptance | `100%` | 已新增 `domain_tls_certbot_owner_response_acceptance_v1`,4 個 C0 candidate、13 個 owner 必填欄位、13 個 reviewer checks、7 條 outcome lanes、20 類 blocked action;成熟度 `74% -> 78%` | | Docker / systemd / host service owner response acceptance | `100%` | 已新增 `host_service_owner_response_acceptance_v1`,9 個 candidate、3 個 write-capable、21 個 reviewer checks、8 條 outcome lanes、27 類 blocked action;成熟度 `54% -> 58%` | | CD / Runner / Secret injection change evidence acceptance | `100%` | 已新增 `cd_runner_secret_injection_change_evidence_acceptance_v1`,5 個 candidate、4 個 C0、19 個 reviewer checks、8 條 outcome lanes、32 類 blocked action;secret metadata 成熟度 `66% -> 68%`,workflow / runner 成熟度 `70% -> 72%` | | Public / Admin / API runtime config 變更證據驗收 | `100%` | 已新增 `public_runtime_config_change_evidence_acceptance_v1` 與前台 source / messages 防洩漏 guard;6 個 candidate、5 個 C0、21 個 reviewer checks、8 條 outcome lanes、32 類 blocked action,另掃 226 個前端檔案、12 類禁字、違規 0;public/admin/API runtime config 成熟度 `62% -> 66%`,raw namespace / repo slug / 內部狀態碼 / 內部協作內容外洩列為拒收或隔離條件 | | Backup / restore / escrow owner response acceptance backfill | `100%` | 已將 `backup_restore_owner_response_acceptance_v1` 補強為 38 個 candidate、27 個 write-capable、23 個 owner 必填欄位、22 個 reviewer checks、9 條 outcome lanes、31 類 blocked action;backup / restore / credential 成熟度 `62% -> 64%` | | Backup / restore / escrow post-incident readback plan | `100%` | 已新增 `backup_restore_post_incident_readback_plan_v1`,38 個事故回讀 candidate、27 個 write-capable、34 個必填欄位、32 個 reviewer checks、11 條 outcome lanes、51 類 blocked action;成熟度 `64% -> 66%`,readback received / accepted、backup status、restore drill、offsite sync、credential escrow、retention runway、no-false-green 與 runtime gate 仍為 `0` | | Monitoring / alerting / observability owner response acceptance backfill | `100%` | 已將 `monitoring_owner_response_acceptance_v1` 補強為 60 個 candidate、11 個 write-capable、38 個 acceptance fields、23 個 reviewer checks、12 條 outcome lanes、34 類 blocked action;monitoring / alerting / observability 成熟度 `66% -> 68%` | | Monitoring / alerting / observability post-incident readback plan | `100%` | 已新增 `monitoring_post_incident_readback_plan_v1`,60 個事故回讀 candidate、11 個 write-capable、30 個必填欄位、28 個 reviewer checks、11 條 outcome lanes、53 類 blocked action;成熟度 `68% -> 70%`,readback received / accepted、receiver receipt、stale / silence、alert chain health、reload、Telegram send、alert chain smoke 與 runtime gate 仍為 `0` | | Wazuh / 主機入侵 readback plan | `100%` | 已新增 `wazuh_iwooos_intrusion_readback_plan_v1`,6 個 P0 candidate、2 個 host alias、30 個必填欄位、24 個 reviewer checks、12 條 outcome lanes、49 類 blocked action;monitoring / alerting / observability 成熟度 `70% -> 72%`,Wazuh event、主機鑑識、containment、recovery proof、active response、host write 與 runtime gate 仍為 `0` | | 外部入侵主機防堵控制矩陣 | `100%` | 已新增 `external_host_intrusion_prevention_control_v1`,12 個控制域、14 個 P0 防堵候選、4 個 host alias、1 個 sensor alias、36 個 owner 必填欄位、34 個 reviewer checks、12 條 outcome lanes、82 類 blocked action;Docker / systemd 成熟度 `64% -> 68%`、SSH / firewall 成熟度 `64% -> 70%`、monitoring / Wazuh 成熟度 `72% -> 74%`;Wazuh active response、host write、firewall change、Nginx reload、package upgrade、active scan、runtime gate 與 action button 仍為 `0` | | AI provider / model routing owner response acceptance | `100%` | 已新增 `ai_provider_owner_response_acceptance_v1`,8 個 candidate、5 個 write-capable、24 個 owner 必填欄位、24 個 reviewer checks、10 條 outcome lanes、38 類 blocked action;AI provider / model routing 成熟度 `60% -> 64%` | | Public Gateway / Nginx post-incident readback plan | `100%` | 已新增 `public_gateway_post_incident_readback_plan_v1`,3 個事故回讀 candidate、2 個 C0、30 個必填欄位、28 個 reviewer checks、10 條 outcome lanes、41 類 blocked action;成熟度 `90% -> 92%`,readback received / accepted、`nginx -t`、reload、route smoke、DNS / TLS、certbot 與 runtime gate 仍為 `0` | | SSH / firewall / network post-incident readback plan | `100%` | 已新增 `ssh_network_post_incident_readback_plan_v1`,14 個事故回讀 candidate、6 個 write-capable、24 個必填欄位、24 個 reviewer checks、10 條 outcome lanes、34 類 blocked action;成熟度 `62% -> 64%`,readback received / accepted、actor、before / after、impact、通知、同步、恢復、防再發與 runtime gate 仍為 `0` | | Docker / systemd / host service post-incident readback plan | `100%` | 已新增 `host_service_post_incident_readback_plan_v1`,9 個事故回讀 candidate、3 個 write-capable、28 個必填欄位、28 個 reviewer checks、10 條 outcome lanes、41 類 blocked action;成熟度 `62% -> 64%`,readback received / accepted、Docker daemon、compose、systemd、failed unit、port binding、public/admin route、AI provider、monitoring、同步、防再發與 runtime gate 仍為 `0` | | K8s / ArgoCD post-incident readback plan | `100%` | 已新增 `k8s_argocd_post_incident_readback_plan_v1`,4 個事故回讀 candidate、3 個 C0、4 個 write-capable、31 個必填欄位、28 個 reviewer checks、10 條 outcome lanes、41 類 blocked action;成熟度 `64% -> 66%`,readback received / accepted、ArgoCD health / sync、Pending、image pull / scheduling、drift、impact、同步、防再發與 runtime gate 仍為 `0` | | owner response 收件 | `0%` | 尚未收到或接受任何 owner response | | live evidence collection | `0%` | 未 SSH、未 live probe、未 active scan | | runtime gate | `0%` | 未開啟任何執行期閘門 | ## 8. P1-1 Docker / systemd 清冊更新 `host_service_config_inventory_v1` 已把 Docker Compose、systemd / repair-bot、Ansible service role 與 host config backup capture 納入 repo-only 清冊,共 `9` 個 surface、`3` 個 write-capable surface、`2` 個 repair-bot whitelist、`1` 個 systemd restart surface。此更新只讓 `docker_compose_systemd_host_config` 從 `42%` 推進到 `50%`;owner response、live evidence、restart window、rollback owner、runtime gate 與 action button 仍全部為 `0`。 2026-06-14 再新增 `host_service_owner_request_draft_v1`,把 9 個 surface 轉成 `request_draft_count=9`、`write_capable_request_draft_count=3`、`live_evidence_required_request_count=8`、`required_owner_field_count=12`、`blocked_action_count=14` 的人工送件前草稿。此更新仍不調高類別成熟度,因為 request sent、owner response received / accepted、live evidence、restart window、rollback owner、runtime gate 與 action button 仍全部為 `0`。 2026-06-15 追加事故回補欄位,將 `host_service_owner_response_acceptance_v1` 固定為 `acceptance_field_count=34`、`required_owner_field_count=18`、`reviewer_check_count=21`、`outcome_lane_count=8`、`blocked_action_count=27`。新增要求包含 source-of-truth、服務依賴圖、port binding、cold-start sequence、incident recovery evidence 與 daemon / runner contention review。此更新讓 `docker_compose_systemd_host_config` 從 `54%` 推進到 `58%`,但 owner response received / accepted、live hash、maintenance / restart window、rollback owner、post-check plan、disable switch、live host read、SSH、Docker Compose、systemctl、repair-bot、Ansible、sudo、host write、runtime gate 與 action button 仍全部為 `0`。 2026-06-15 再新增 `host_service_post_incident_readback_plan_v1`,將同一批 Docker / systemd / compose / repair-bot / Ansible / host config surface 轉成 `readback_candidate_count=9`、`write_capable_readback_candidate_count=3`、`live_evidence_required_readback_candidate_count=8`、`required_readback_field_count=28`、`reviewer_check_count=28`、`outcome_lane_count=10`、`blocked_action_count=41` 的事故後回讀計畫。此更新讓 `docker_compose_systemd_host_config` 從 `62%` 推進到 `64%`,但 post-incident readback received / accepted、actor attribution、before / after state、Docker daemon、compose、systemd、failed unit、port binding、public/admin route recovery、AI provider health、monitoring alert、operator notification、cross-project sync、restoration evidence、post-check、recurrence guard、no-false-green、runtime gate 與 action button 仍全部為 `0`。 ## 9. P1-2 SSH / network access 清冊更新 `ssh_network_access_inventory_v1` 已把 SSH target、known_hosts workflow、CI deploy SSH、monitoring SSH、backup SSH capture、sudoers wrapper、NetworkPolicy、NodePort、WireGuard runbook 與 alert SSH action catalog 納入 repo-only 清冊,共 `16` 個 surface、`6` 個 write-capable surface、`2` 個 NetworkPolicy、`2` 個 NodePort、`1` 個 sudoers surface 與 `1` 個 WireGuard surface。此更新只讓 `ssh_firewall_network_access` 從 `48%` 推進到 `54%`;owner response、live evidence、maintenance window、rollback owner、runtime gate 與 action button 仍全部為 `0`。 2026-06-14 再新增 `ssh_network_owner_request_draft_v1`,把 16 個 surface 轉成 `request_draft_count=16`、`write_capable_request_draft_count=6`、`live_evidence_required_request_count=16`、`required_owner_field_count=13`、`blocked_action_count=16` 的人工送件前草稿。此更新仍不調高類別成熟度,因為 request sent、owner response received / accepted、live access state、firewall / port / NetworkPolicy / NodePort / WireGuard 變更、runtime gate 與 action button 仍全部為 `0`。 2026-06-15 再新增 `ssh_network_owner_response_acceptance_v1`,把 16 份 request draft 轉成 `acceptance_candidate_count=16`、`write_capable_acceptance_candidate_count=6`、`live_evidence_required_candidate_count=16`、`required_owner_field_count=13`、`reviewer_check_count=15`、`outcome_lane_count=7`、`blocked_action_count=22` 的 owner response acceptance 只讀帳本。此更新讓 `ssh_firewall_network_access` 從 `54%` 推進到 `58%`,但 owner response received / accepted、live access state、host key pinning、port policy、firewall owner、NetworkPolicy / NodePort、WireGuard cutover、SSH、keyscan、known_hosts patch、firewall / port 變更、runtime gate 與 action button 仍全部為 `0`。 2026-06-15 再新增 `port_firewall_change_evidence_acceptance_v1`,把 14 個端口、防火牆、NodePort、NetworkPolicy、WireGuard、deploy SSH、sudo 與 alert action surface 轉成 `change_evidence_candidate_count=14`、`write_capable_change_evidence_candidate_count=6`、`policy_or_exposure_candidate_count=5`、`required_evidence_field_count=21`、`reviewer_check_count=21`、`outcome_lane_count=9`、`blocked_action_count=28` 的 change evidence acceptance 只讀帳本;同日再補事故型欄位,要求 severity、service health impact、operator notification、restoration time 與 break-glass backfill。此更新讓 `ssh_firewall_network_access` 從 `58%` 推進到 `62%`,但 change evidence received / accepted、actor identified、before / after state、service health impact accepted、operator notification accepted、cross-project sync、post-check evidence、firewall change、port close / open、NetworkPolicy apply、NodePort change、WireGuard change、route smoke、host restart、runtime gate 與 action button 仍全部為 `0`。 2026-06-15 再新增 `ssh_network_post_incident_readback_plan_v1`,將同一批端口 / 防火牆事故 surface 轉成 `readback_candidate_count=14`、`write_capable_readback_candidate_count=6`、`policy_or_exposure_readback_candidate_count=5`、`required_readback_field_count=24`、`reviewer_check_count=24`、`outcome_lane_count=10`、`blocked_action_count=34` 的事故後回讀計畫。此更新讓 `ssh_firewall_network_access` 從 `62%` 推進到 `64%`,但 post-incident readback received / accepted、actor attribution、before / after state、service / public route / AI provider / monitoring impact、operator notification、cross-project sync、restoration evidence、post-check、recurrence guard、no-false-green、runtime gate 與 action button 仍全部為 `0`。 ## 10. P1-3 Backup / restore / escrow / retention 清冊更新 `backup_restore_escrow_inventory_v1` 已把 backup orchestration、service backup scripts、restic retention、offsite sync、credential escrow、Velero restore drill、backup health alert 與 cold-start / DR runbook 納入 repo-only 清冊,共 `38` 個 surface、`15` 個 backup script surface、`8` 個 offsite / escrow surface、`5` 個 Velero surface 與 `27` 個 write-capable surface。此更新只讓 `backup_restore_credential` 從 `52%` 推進到 `58%`;owner response、live evidence、restore drill acceptance、offsite sync acceptance、credential escrow acceptance、retention change acceptance、runtime gate 與 action button 仍全部為 `0`。 2026-06-14 再新增 `backup_restore_owner_request_draft_v1`,把 38 個 surface 轉成 `request_draft_count=38`、`write_capable_request_draft_count=27`、`live_evidence_required_request_count=38`、`required_owner_field_count=14`、`blocked_action_count=18` 的人工送件前草稿。此更新仍不調高類別成熟度,因為 request sent、owner response received / accepted、live backup evidence、backup run、restore run、offsite sync、escrow marker write、retention change、runtime gate 與 action button 仍全部為 `0`。 2026-06-15 再新增 `backup_restore_owner_response_acceptance_v1`,把 38 份 request draft 轉成 `acceptance_candidate_count=38`、`write_capable_acceptance_candidate_count=27`、`live_evidence_required_candidate_count=38`、`required_owner_field_count=14`、`reviewer_check_count=13`、`outcome_lane_count=7`、`blocked_action_count=22` 的 owner response acceptance 只讀帳本。此更新讓 `backup_restore_credential` 從 `58%` 推進到 `62%`,但 owner response received / accepted、live backup evidence、restore drill acceptance、offsite sync acceptance、credential escrow acceptance、retention change acceptance、backup run、restore run、runtime gate 與 action button 仍全部為 `0`。 2026-06-15 再補 restore recovery backfill 欄位,將 `backup_restore_owner_response_acceptance_v1` 固定為 `acceptance_field_count=33`、`required_owner_field_count=23`、`reviewer_check_count=22`、`outcome_lane_count=9`、`blocked_action_count=31`。新增要求包含 freshness SLO、隔離 restore target、backup dependency map、data classification、remote delete guard、retention runway、restore observer / stop condition、credential recovery non-secret proof 與 backup health no-false-green review。此更新讓 `backup_restore_credential` 從 `62%` 推進到 `64%`,但 owner response received / accepted、freshness SLO accepted、restore target isolation accepted、remote delete guard accepted、retention runway accepted、credential recovery drill accepted、backup health no-false-green accepted、backup run、restore run、offsite sync、remote delete、retention change、secret collection、runtime gate 與 action button 仍全部為 `0`。 ## 11. P1-4 Monitoring / alerting / observability 清冊更新 `monitoring_alerting_observability_inventory_v1` 已把 Prometheus、Alertmanager、Grafana、SigNoz、Sentry、Langfuse、OTEL、Telegram / notification policy、deploy / reload scripts 與 alert chain smoke scripts 納入 repo-only 清冊,共 `60` 個 surface、`13` 個 alert rule surface、`6` 個 deploy / reload surface、`11` 個 write-capable surface 與 `1` 個 drift guard surface。此更新只讓 `monitoring_alerting_observability` 從 `56%` 推進到 `62%`;owner response、live evidence、reload owner、receiver owner、route smoke、runtime gate 與 action button 仍全部為 `0`。 2026-06-14 再新增 `monitoring_owner_request_draft_v1`,把 60 個 surface 轉成 `request_draft_count=60`、`write_capable_request_draft_count=11`、`live_evidence_required_request_count=60`、`required_owner_field_count=14`、`blocked_action_count=24` 的人工送件前草稿。此更新仍不調高類別成熟度,因為 request sent、owner response received / accepted、live evidence、reload、receiver route change、silence change、Telegram send、alert chain smoke、runtime gate 與 action button 仍全部為 `0`。 2026-06-15 再新增 `monitoring_owner_response_acceptance_v1`,把 60 份 request draft 轉成 `acceptance_candidate_count=60`、`write_capable_acceptance_candidate_count=11`、`live_evidence_required_candidate_count=60`、`required_owner_field_count=14`、`reviewer_check_count=15`、`outcome_lane_count=7`、`blocked_action_count=28` 的 owner response acceptance 只讀帳本。此更新讓 `monitoring_alerting_observability` 從 `62%` 推進到 `66%`,高價值配置平均成熟度從 `68%` 推進到 `69%`;但 owner response received / accepted / rejected、live evidence、reload、receiver route change、silence change、Telegram send、alert chain smoke、runtime gate 與 action button 仍全部為 `0`。 2026-06-15 再補告警鏈路 no-false-green 回補欄位,將 `monitoring_owner_response_acceptance_v1` 固定為 `acceptance_field_count=38`、`reviewer_check_count=23`、`outcome_lane_count=12`、`blocked_action_count=34`。新增要求包含 incident context、alert chain health 不得只用 route 200 或 UI 可見判定、receiver receipt proof、stale alert review、silence / dedup review、false-green risk review、post-reload readback plan 與 cross-project notification ref。此更新讓 `monitoring_alerting_observability` 從 `66%` 推進到 `68%`;但 owner response received / accepted / rejected、receiver receipt accepted、stale alert review accepted、silence / dedup review accepted、false-green risk review accepted、post-reload readback accepted、reload、receiver route change、silence change、Telegram send、alert chain smoke、runtime gate 與 action button 仍全部為 `0`。 2026-06-15 再新增 `monitoring_post_incident_readback_plan_v1`,把同一批 60 個 monitoring / alerting / observability surface 轉成 `readback_candidate_count=60`、`write_capable_readback_candidate_count=11`、`live_evidence_required_readback_candidate_count=60`、`alert_rule_readback_candidate_count=13`、`deploy_or_reload_readback_candidate_count=6`、`required_readback_field_count=30`、`reviewer_check_count=28`、`outcome_lane_count=11`、`blocked_action_count=53` 的事故後回讀計畫。此更新讓 `monitoring_alerting_observability` 從 `68%` 推進到 `70%`;但 post-incident readback received / accepted、actor attribution、before / after alert state、rule / datasource / scrape state、receiver route、receiver receipt、stale / pending / resolved review、silence / mute / dedup / inhibit review、dashboard / trace / log freshness、notification delivery、alert chain health、cross-project sync、rollback、post-change monitoring、防再發、no-false-green、reload、receiver route change、Telegram send、alert chain smoke、production write、runtime gate 與 action button 仍全部為 `0`。 2026-06-18 再新增 `wazuh_iwooos_intrusion_readback_plan_v1`,把已建置的 Wazuh、host-110 / host-188 入侵訊號、外部 Agent 宣稱、Runner / gateway / secret 連動與 containment / recovery proof 轉成 `readback_candidate_count=6`、`affected_host_alias_count=2`、`required_readback_field_count=30`、`reviewer_check_count=24`、`outcome_lane_count=12`、`blocked_action_count=49` 的只讀接入計畫。此更新讓 `monitoring_alerting_observability` 從 `70%` 推進到 `72%`;但 Wazuh event refs、host forensic refs、containment decision、recovery proof、postcheck、recurrence guard、read-only API enabled、active response、host write、secret collection、runtime gate 與 action button 仍全部為 `0`。 ## 12. P0 Public Gateway Preflight 清冊更新 `public_gateway_preflight_inventory_v1` 已把 Nginx public gateway reload / route change 前置 Gate 固定成只讀清冊,共 `3` 份 source config、`14` 個 route impact、`14` 個 unique upstream、`12` 個 preflight gate,其中 `2` 個 gate 只代表 repo-only ready,`10` 個 gate 仍需 owner acceptance。此更新讓 `nginx_public_gateway` 從 `78%` 推進到 `84%`;owner response、owner-provided live conf、rendered diff、`nginx -t` evidence、route smoke、maintenance window、rollback owner、runtime gate 與 action button 仍全部為 `0`。 2026-06-14 再新增 `public_gateway_owner_response_acceptance_v1`,把 3 份 public gateway config 轉成 owner response acceptance 只讀帳本;2026-06-15 已強化手動 / 緊急 gateway 變更 metadata gate,固定 `acceptance_candidate_count=3`、`c0_acceptance_candidate_count=2`、`required_owner_response_field_count=22`、`reviewer_check_count=22`、`outcome_lane_count=8`、`blocked_action_count=28`。此更新要求 change actor/source、change time window、cross-project impact、communication sync、change intent / ticket、pre-change approval 或 break-glass reason、route health impact、rollback validation 與 post-change monitoring window 的脫敏 ref;`nginx_public_gateway` 從 `88%` 推進到 `90%`,因為亂改 Nginx 後不再只看 owner 口頭回覆,而會要求事前意圖或事後 break-glass、健康影響、回滾驗證與監控窗口。不過 owner response received / accepted、redacted export received / accepted、rendered diff ready、`nginx -t`、reload、route smoke、DNS / TLS probe、certbot renew、runtime gate 與 action button 仍全部為 `0`。 2026-06-14 再新增 `public_gateway_rendered_diff_acceptance_v1`,把 3 份 public gateway config 轉成 `diff_acceptance_candidate_count=3`、`c0_diff_acceptance_candidate_count=2`、`required_evidence_field_count=14`、`reviewer_check_count=15`、`outcome_lane_count=8`、`blocked_action_count=22` 的 rendered diff evidence acceptance 只讀帳本。此更新只讓 `nginx_public_gateway` 從 `86%` 推進到 `88%`;owner response accepted、rendered diff accepted、owner-provided `nginx -t` evidence accepted、route smoke evidence accepted、reload、DNS / TLS probe、certbot renew、runtime gate 與 action button 仍全部為 `0`。 2026-06-15 再新增 `public_gateway_post_incident_readback_plan_v1`,把 3 份 public gateway config 轉成 `readback_candidate_count=3`、`c0_readback_candidate_count=2`、`required_readback_field_count=30`、`reviewer_check_count=28`、`outcome_lane_count=10`、`blocked_action_count=41` 的事故後回讀計畫。此更新讓 `nginx_public_gateway` 從 `90%` 推進到 `92%`;readback received / accepted、actor attribution accepted、before / after route state accepted、source-live diff accepted、owner-provided `nginx -t` readback accepted、reload / no-reload accepted、route smoke readback accepted、TLS / ACME accepted、WebSocket accepted、upstream accepted、AI provider impact accepted、monitoring accepted、cross-project sync accepted、no-false-green accepted、`nginx -t`、reload、route smoke、DNS / TLS probe、certbot renew、host write、runtime gate 與 action button 仍全部為 `0`。 ## 13. P0 DNS / TLS / certbot owner response acceptance 更新 `domain_tls_certbot_owner_response_acceptance_v1` 已把 4 份 DNS / TLS / certbot owner confirmation request 轉成 owner response acceptance 只讀帳本。四份候選全部為 `C0`,固定 `acceptance_candidate_count=4`、`required_owner_response_field_count=13`、`reviewer_check_count=13`、`outcome_lane_count=7`、`blocked_action_count=20`,讓 `dns_tls_certbot` 從 `74%` 推進到 `78%`。 此更新只補齊 SAN / wildcard / 共用憑證覆蓋關係、certificate expiry metadata ref、renewal owner、ACME route owner、maintenance window、rollback owner 與 validation plan 的收件驗收規則;owner response received / accepted、certificate coverage confirmed、DNS query、live TLS probe、certbot renew、Nginx reload、route smoke、DNS record 修改、certificate path 修改、ACME challenge route 修改、host write、runtime gate 與 action button 仍全部為 `0 / false`。