Files
awoooi/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md

26 KiB
Raw Blame History

資安供應鏈整體進度

項目 內容
日期 2026-05-17
狀態 S0/S1 read-only evidence 建置中
本階段完成 資安供應鏈 contract manifest + Source Control Approval Board + Draft Reconcile Plan + Ref Detail Diff + Ref Truth Classification + Source Control Ref Truth Owner Response 收件包 + GitHub Primary Readiness Gate + GitHub Primary Rollback ADR + GitHub Target Owner Decision Response 收件包 + Gitea 認證清冊匯出請求 + Gitea 認證清冊匯入驗收契約 + Gitea 清冊覆蓋 Owner Attestation + Gitea Owner Attestation Approval Lane 對齊 + Gitea Owner Attestation Response 收件包 + Workflow / Secret Name Inventory + Workflow / Secret Name Local Evidence + Workflow / Secret Name Redacted Export Request + Workflow / Secret Name Owner Response 收件包 + Kali 112 live integration status + Security Finding contract + Kali scan scope approval package + Security Approval Queue + S3 人工批准 Gate + S3 人工決策紀錄 + S3 人工審查封包 + S3 人工決策狀態轉移 + S3 後續 runtime gate 準備契約 + 鏡像 readiness index + 鏡像接收計畫 + 鏡像事件信封 + 鏡像路由矩陣 + 鏡像驗收契約 + 鏡像隔離契約 + 鏡像 dry-run 報告契約 + 鏡像狀態彙整契約
原則 低摩擦分階段文件、schema、read-only evidence 優先;不做 runtime enforcement、不切 primary

0. 本階段完成後整體進度

階段 狀態 目前結果 下一個 gate
S0 文件與契約同步 完成 Kali / Codex / GitHub / Gitea / AwoooP 邊界已文件化,核心 schema 草案已建立 AwoooP 只讀 mirror 消費
S1 source-control read-only inventory 進行中 已有 Gitea/GitHub refs、Gitea public-only user repo list、本機 remote、GitHub target probe、canonical lineage、110 refs evidence Gitea private/internal 全量 repo list
S1.0 Gitea 全量 inventory approval 完成草案 已建立 read-only token / admin export approval package 統帥或 repo owner 批准
S1.1 GitHub target 決策 完成草案 8 個 target 候選7 個需人工批准3 個 not_found_or_private 不得自動建立S4.10 已補 owner response 收件包 owner / visibility / canonical response
S1.2 GitHub target 逐 repo approval 完成草案 7 個 approval-required targets 已拆成逐 repo pending package並彙整成 8-item approval boardS4.10 目前 response 0 筆 低摩擦逐項批准
S1.2a refs reconcile plan 完成草案 awoooiclawbot-v5wooo-aiops 已產生 draft plan狀態仍為 draft_blocked authenticated inventory + branch/tag diff + single-repo approval
S1.2b branch/tag detail diff 完成草案 3 個 refs-blocked mapped repos 已完成 branch/tag 明細 diff已忽略本 PR 分支避免 evidence 自我污染 人工判定真相來源與 deprecated refs
S1.2c refs 真相來源分類 完成草案 141 個 ref review items 已分類4 個真相來源、114 個 drift deprecated 候選、3 個 release tags、20 個 GitHub-only refsS4.11 已補 owner response 收件包 repo owner 單 ref / 單 repo 判定
S1.3 低摩擦 rollout policy 完成草案 observe-first / mirror-only matrix 已建立 AwoooP read-only policy 消費
S1.4 契約索引 完成草案 35 個主要 contract 已集中成 manifest AwoooP mirror-only contract registry
S1.5 Kali 112 live 整合狀態 完成第一波 112 已登入盤點、scanner API healthy、targeted scanner packages updated、Asia/Taipei timezone、no reboot required scan result ingestion + /execute high-risk gate
S1.6 Kali finding / scan scope approval 完成草案 security_finding_v1 sample snapshot 與 kali_scan_scope_approval_v1 approval package 已建立111/168 已納入 observe-only scope 人工批准 safe crawl / credentialed scan / runtime ingestion / full-upgrade gate
S1.7 Security approval queue 完成草案 8 個 approval queue items 已集中7 pending approval、1 block candidateAwoooP 可 mirror 但不得執行 先 review redacted finding ingestion再 review safe crawl / Gitea inventory
S2 AwoooP mirror-only readiness 完成草案 security_mirror_readiness_v1 已整理 35 個 contracts32 ready、2 partial、1 contract-only、0 blocked AwoooP 主線建立只讀入口
S2.1 AwoooP mirror-only intake plan 完成草案 security_mirror_intake_plan_v1 已建立 5 個 intake waves 與 4 個 acceptance gates AwoooP 主線照 wave mirror不新增 execution router
S2.2 AwoooP 鏡像事件信封 完成草案 security_mirror_event_v1 已建立,要求每筆鏡像 payload 標示 execution_authorized=falseaction_buttons_allowed=false AwoooP 鏡像 payload 統一信封
S2.3 AwoooP 鏡像路由矩陣 完成草案 security_mirror_route_v1 已建立 5 個 route groups定義目的地、channel policy 與 review lane AwoooP 消費時不猜路由、不新增執行入口
S2.4 AwoooP 鏡像驗收契約 完成草案 security_mirror_acceptance_v1 已建立 7 個 acceptance checksblocking 只針對鏡像資料不完整或未脫敏 AwoooP 接入時可驗收,不升級成 runtime enforcement
S2.5 AwoooP 鏡像隔離契約 完成草案 security_mirror_quarantine_v1 已建立 5 個 quarantine lanes失敗 payload 必須等新 snapshot commit 後才能 retry AwoooP 可隔離壞資料,不阻擋 runtime
S2.6 AwoooP 鏡像 dry-run 報告契約 完成草案 security_mirror_dry_run_v1 已建立 6 個 dry-run steps目前狀態為 contract defined not executed AwoooP 未來可回報演練結果,但不啟動 production ingestion
S2.7 AwoooP 鏡像狀態彙整契約 完成草案 security_mirror_status_rollup_v1 已建立,彙整 S0-S4、approval queue summary 與下一個安全 gate 兩個 Session 用同一份 rollup 同步,不誤啟執行面
S3 approval gate 進行中 security_approval_gate_v1 已建立 8 個人工 gate items7 pending、1 block candidate、0 approved 不得繞過人工批准;批准後仍需 follow-up runtime gate
S3.0 人工批准 Gate 契約 完成草案 定義批准範圍、決策選項、required reviewers、still forbidden 與 follow-up runtime gate AwoooP 可記錄決策,不可執行 gate item
S3.1 人工決策紀錄契約 完成草案 security_approval_decision_record_v1 已建立;目前 0 筆 decision records、0 個 runtime action 授權 AwoooP 可稽核決策,不可把決策當執行
S3.2 人工審查封包契約 完成草案 security_approval_review_packet_v1 已建立8 個 review packets、7 ready for human review、1 block candidate、0 個 runtime action 授權 AwoooP 可顯示 review lane不可把 packet 當批准或執行
S3.3 人工決策狀態轉移契約 完成草案 security_approval_state_transition_v1 已建立5 個 decision options 都有 next state、0 個 runtime action 授權 AwoooP 可顯示決策後狀態,不可把 transition 當執行
S3.4 後續 runtime gate 準備契約 完成草案 security_followup_runtime_gate_v1 已建立8 個 gate templates、0 個 active runtime gates、0 個 approved scope AwoooP 可顯示前置 evidence、preflight checks 與 rollback / disable requirement不可啟用 runtime gate
S4.0 GitHub primary readiness gate 完成草案 source_control_primary_readiness_gate_v1 已建立8 個 candidate repos、7 個 in-scope blocked、0 個 primary readyS4.10 已補 target owner response gateS4.11 已補 refs truth owner response gateS4.12 已補 workflow / secret 名稱 owner response gate AwoooP 可顯示 parity、owner、rollback ADR 缺口,不可切 primary
S4.1 Workflow / Secret 名稱 inventory 契約 完成草案 source_control_workflow_secret_name_inventory_v1 已建立8 個 candidate repos、7 個 in-scope repos 尚缺實際 inventory、0 個 complete、禁止收集 secret value AwoooP 可顯示 workflow / webhook / runner / deploy key / branch protection / CODEOWNERS / secret 名稱缺口,不可修改 workflow 或 secret
S4.2 Workflow / Secret 名稱 local evidence 完成草案 已建立 local read-only collector 與 snapshot7 個 local repos visible、4 個 local evidence repos、31 個 workflow files、43 個 referenced secret names、secret value detected=false 補 webhook / deploy key / branch protection / repository secret parity 的 redacted evidence仍不可切 primary
S4.3 Workflow / Secret 名稱 redacted export request 完成草案 已建立 export request schema / snapshot / 人讀版7 個 in-scope repos、5 類 export laneswebhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name paritywrite token allowed=false repo owner 或未來只讀 API 依 request 補 redacted export仍不可收 secret value、不可修改 GitHub/Gitea
S4.12 Workflow / Secret Name Owner Response 收件包 完成草案 已建立 owner response schema / snapshot / 人讀版5 個 response templates、8 個 acceptance checks、10 個 rejection rules、candidate repos 8、in-scope repos 7、received response 0、accepted 0、execution authorized=false owner 依模板回覆 webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parityresponse 通過只更新 read-only inventory / export request / readiness wording不代表收 secret value、改 workflow、啟用 runner 或 primary approval
S4.4 GitHub Primary rollback ADR 完成草案 已建立 rollback ADR schema / snapshot / 人讀版7 個 in-scope rollback drafts、0 owner approved、0 dry-run completed、0 active cutover repo owner 審查 rollback owner、validation window 與 triggers仍不可切 primary 或執行 rollback
S4.5 Gitea 認證清冊匯出請求 完成草案 已建立匯出請求 schema / snapshot / 人讀版;目前未認證公開範圍 repo 2 個、本機可見 Gitea unique repo 4 個、覆蓋缺口 2 個、匯出來源選項 2 類;允許收集 token value=false repo owner 依只讀 token API 或已脫敏管理匯出補私有 / 內部全量 repo list仍不可保存 token、不可 write Gitea、不可 refs sync
S4.6 Gitea 認證清冊匯入驗收契約 完成草案 已建立匯入驗收 schema / snapshot / 人讀版;目前 received payload 0、accepted 0、rejected 0定義 10 個驗收檢查、10 個拒收規則與 4 個 quarantine lanes owner 提供脫敏 payload 後先驗收 / 拒收 / 隔離;仍不可把驗收當 primary approval
S4.7 Gitea 清冊覆蓋 Owner Attestation 完成草案 已建立 coverage attestation schema / snapshot / 人讀版5 個 owner decision items、received attestation 0、accepted 0、execution authorized=false owner 判定 public-only / local remote gap、org/user endpoint、110 adjacent source、canonical owner 與 legacy/inaccessible disposition仍不可把 attestation 當 migration approval
S4.8 Gitea Owner Attestation Approval Lane 對齊 完成草案 已將既有 Gitea approval queue / gate / review packet / follow-up runtime gate 對齊 S4.7 先行條件queue items 維持 8、review packets 維持 8、active runtime gates 維持 0 AwoooP 先顯示 5 個 attestation itemsowner decision 接受前不得執行 read-only inventory 或標記 complete
S4.9 Gitea Owner Attestation Response 收件包 完成草案 已建立 owner response schema / snapshot / 人讀版5 個 response templates、8 個 acceptance checks、10 個 rejection rules、received response 0、accepted 0、execution authorized=false owner 依模板回覆 S4.7 五個 itemsresponse 通過只更新 read-only matrix / decision table / readiness gate不代表 inventory 執行或 primary approval
S4.10 GitHub Target Owner Decision Response 收件包 完成草案 已建立 owner decision response schema / snapshot / 人讀版7 個 response templates、8 個 acceptance checks、10 個 rejection rules、received response 0、accepted 0、execution authorized=false owner 依模板回覆 7 個 GitHub target 的 owner / visibility / canonicalresponse 通過只更新 read-only decision table / approval package / approval board / readiness gate不代表 repo creation、visibility change、refs sync 或 primary approval
S4.11 Source Control Ref Truth Owner Response 收件包 完成草案 已建立 owner response schema / snapshot / 人讀版5 個 response templates、8 個 acceptance checks、10 個 rejection rules、total ref review items 141、received response 0、accepted 0、execution authorized=false owner 依模板回覆 main/dev truth、deprecated drift、release tag、GitHub-only refsresponse 通過只更新 read-only classification / reconcile / readiness wording不代表 refs sync、delete、force push 或 primary approval
S4 migration execution 未開始 GitHub primary 長期方向已確認,但 refs / tags / workflow / secret 名稱尚未全量驗證rollback ADR 仍待 owner approval SHA/tag/workflow parity、rollback ADR owner approval 與 runtime gate

1. 已建立的主要 evidence

類型 檔案
AwoooP handoff docs/security/AWOOOP-SECURITY-SUPPLYCHAIN-INTEGRATION-HANDOFF.md
Mirror-only 清單 docs/security/AWOOOP-MIRROR-ONLY-CONSUMPTION-CHECKLIST.md
Gitea/GitHub migration inventory docs/security/GITEA-GITHUB-MIGRATION-INVENTORY.md
Gitea server-side inventory runbook docs/security/GITEA-SERVER-SIDE-INVENTORY-RUNBOOK.md
Gitea read-only inventory approval package docs/security/GITEA-READONLY-INVENTORY-APPROVAL-PACKAGE.md
Gitea read-only inventory approval JSON docs/security/gitea-readonly-inventory-approval.snapshot.json
Gitea 認證清冊匯出請求 docs/security/GITEA-AUTHENTICATED-INVENTORY-EXPORT-REQUEST.md
Gitea 認證清冊匯出請求 JSON docs/security/gitea-authenticated-inventory-export-request.snapshot.json
Gitea 認證清冊匯入驗收契約 docs/security/GITEA-AUTHENTICATED-INVENTORY-IMPORT-ACCEPTANCE.md
Gitea 認證清冊匯入驗收契約 JSON docs/security/gitea-authenticated-inventory-import-acceptance.snapshot.json
Gitea 清冊覆蓋 owner attestation docs/security/GITEA-INVENTORY-COVERAGE-ATTESTATION.md
Gitea 清冊覆蓋 owner attestation JSON docs/security/gitea-inventory-coverage-attestation.snapshot.json
Gitea owner attestation response 收件包 docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md
Gitea owner attestation response JSON docs/security/gitea-inventory-owner-attestation-response.snapshot.json
Gitea 管理匯出 redaction checklist docs/security/GITEA-ADMIN-EXPORT-REDACTION-CHECKLIST.md
Gitea org endpoint blocked evidence docs/security/GITEA-ORG-REPO-INVENTORY-BLOCKED-SNAPSHOT.md
Source-control migration matrix docs/security/SOURCE-CONTROL-MIGRATION-MATRIX.md
Canonical repo 判定表 docs/security/SOURCE-CONTROL-CANONICAL-DECISION-TABLE.md
GitHub target 決策表 docs/security/GITHUB-TARGET-VISIBILITY-DECISION-TABLE.md
GitHub target 決策 JSON docs/security/github-target-decision.snapshot.json
GitHub target owner decision response 收件包 docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md
GitHub target owner decision response JSON docs/security/github-target-owner-decision-response.snapshot.json
GitHub target repo approval package docs/security/GITHUB-TARGET-REPO-APPROVAL-PACKAGE.md
GitHub target repo approval JSON docs/security/github-target-repo-approval-package.snapshot.json
Source Control approval board docs/security/SOURCE-CONTROL-APPROVAL-BOARD.md
Source Control approval board JSON docs/security/source-control-approval-board.snapshot.json
Source Control draft reconcile plan docs/security/SOURCE-CONTROL-RECONCILE-PLAN.md
Source Control draft reconcile plan JSON docs/security/source-control-reconcile-plan.snapshot.json
Source Control branch/tag detail diff docs/security/SOURCE-CONTROL-REF-DETAIL-DIFF.md
Source Control branch/tag detail diff JSON docs/security/source-control-ref-detail-diff.snapshot.json
Source Control ref truth classification docs/security/SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md
Source Control ref truth classification JSON docs/security/source-control-ref-truth-classification.snapshot.json
Source Control ref truth owner response 收件包 docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md
Source Control ref truth owner response JSON docs/security/source-control-ref-truth-owner-response.snapshot.json
Source Control GitHub primary readiness gate docs/security/SOURCE-CONTROL-PRIMARY-READINESS-GATE.md
Source Control GitHub primary readiness gate JSON docs/security/source-control-primary-readiness-gate.snapshot.json
Source Control GitHub primary rollback ADR docs/security/SOURCE-CONTROL-PRIMARY-ROLLBACK-ADR.md
Source Control GitHub primary rollback ADR JSON docs/security/source-control-primary-rollback-adr.snapshot.json
Source Control workflow / secret name inventory docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-INVENTORY.md
Source Control workflow / secret name inventory JSON docs/security/source-control-workflow-secret-name-inventory.snapshot.json
Source Control workflow / secret name local evidence docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-LOCAL-EVIDENCE.md
Source Control workflow / secret name local evidence JSON docs/security/source-control-workflow-secret-name-local-evidence.snapshot.json
Source Control workflow / secret name local collector scripts/security/source-control-workflow-secret-name-local-inventory.py
Source Control workflow / secret name export request docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-EXPORT-REQUEST.md
Source Control workflow / secret name export request JSON docs/security/source-control-workflow-secret-name-export-request.snapshot.json
Source Control workflow / secret name owner response 收件包 docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md
Source Control workflow / secret name owner response JSON docs/security/source-control-workflow-secret-name-owner-response.snapshot.json
Kali 112 integration status docs/security/KALI-INTEGRATION-STATUS.md
Kali 112 integration status JSON docs/security/kali-integration-status.snapshot.json
Security finding contract docs/security/SECURITY-FINDING-CONTRACT.md
Security finding sample JSON docs/security/security-finding-kali-sample.snapshot.json
Kali scan scope approval package docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md
Kali scan scope approval JSON docs/security/kali-scan-scope-approval.snapshot.json
Security approval queue docs/security/SECURITY-APPROVAL-QUEUE.md
Security approval queue JSON docs/security/security-approval-queue.snapshot.json
Security approval gate docs/security/SECURITY-APPROVAL-GATE.md
Security approval gate JSON docs/security/security-approval-gate.snapshot.json
Security approval decision record docs/security/SECURITY-APPROVAL-DECISION-RECORD.md
Security approval decision record JSON docs/security/security-approval-decision-record.snapshot.json
Security approval review packet docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md
Security approval review packet JSON docs/security/security-approval-review-packet.snapshot.json
Security approval state transition docs/security/SECURITY-APPROVAL-STATE-TRANSITION.md
Security approval state transition JSON docs/security/security-approval-state-transition.snapshot.json
Security follow-up runtime gate preparation docs/security/SECURITY-FOLLOWUP-RUNTIME-GATE.md
Security follow-up runtime gate preparation JSON docs/security/security-followup-runtime-gate.snapshot.json
Security mirror readiness docs/security/SECURITY-MIRROR-READINESS.md
Security mirror readiness JSON docs/security/security-mirror-readiness.snapshot.json
Security mirror intake plan docs/security/SECURITY-MIRROR-INTAKE-PLAN.md
Security mirror intake plan JSON docs/security/security-mirror-intake-plan.snapshot.json
資安鏡像事件契約 docs/security/SECURITY-MIRROR-EVENT-CONTRACT.md
資安鏡像事件範例 JSON docs/security/security-mirror-event-sample.snapshot.json
資安鏡像路由矩陣 docs/security/SECURITY-MIRROR-ROUTE.md
資安鏡像路由矩陣 JSON docs/security/security-mirror-route.snapshot.json
資安鏡像驗收契約 docs/security/SECURITY-MIRROR-ACCEPTANCE.md
資安鏡像驗收契約 JSON docs/security/security-mirror-acceptance.snapshot.json
資安鏡像隔離契約 docs/security/SECURITY-MIRROR-QUARANTINE.md
資安鏡像隔離契約 JSON docs/security/security-mirror-quarantine.snapshot.json
資安鏡像 dry-run 報告契約 docs/security/SECURITY-MIRROR-DRY-RUN.md
資安鏡像 dry-run 報告契約 JSON docs/security/security-mirror-dry-run.snapshot.json
資安鏡像狀態彙整契約 docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md
資安鏡像狀態彙整契約 JSON docs/security/security-mirror-status-rollup.snapshot.json
低摩擦 rollout policy docs/security/SECURITY-LOW-FRICTION-ROLLOUT-POLICY.md
低摩擦 rollout policy JSON docs/security/security-rollout-policy.snapshot.json
Security Supply Chain contract manifest docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md
Security Supply Chain contract manifest JSON docs/security/security-supply-chain-contract-manifest.snapshot.json

2. 現在不能做的事

  1. 不建立或刪除 GitHub / Gitea repo。
  2. 不修改 repo visibility。
  3. 不同步 refs、branch、tag。
  4. 不切 GitHub primary。
  5. 不把 Codex patch runner、Kali scan 或 deploy 接進 AwoooP runtime。
  6. 不保存 secret / token value。

2.1 初期不要過度收緊

  1. Read-only inventory、文件化、risk label、mirror evidence 可持續推進。
  2. 初期不把 LOW / MEDIUM observation 變成阻擋條件。
  3. 初期不要求所有 repo 一次完成最高等級 controls。
  4. 只針對不可逆或高風險動作設 approval gate。
  5. 每階段完成後再逐步收斂,避免讓產品、架構與部署流程突然變複雜。

3. 下一階段建議

  1. 先依 S4.9 GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md 收到並驗收 S4.7 GITEA-INVENTORY-COVERAGE-ATTESTATION.md 的 owner responseS4.8 已把這件事接到既有 approval queue / gate / review packet / follow-up runtime gate。之後再依 S4.5 GITEA-AUTHENTICATED-INVENTORY-EXPORT-REQUEST.md 取得 Gitea 認證清冊;收到 payload 後依 S4.6 GITEA-AUTHENTICATED-INVENTORY-IMPORT-ACCEPTANCE.md 驗收 / 拒收 / 隔離。目前未認證公開範圍 2 個、本機可見 Gitea unique 4 個、覆蓋缺口 2 個、attestation items 5 個、owner response 0 筆;只能用只讀 token API 或已脫敏管理匯出補私有 / 內部 server-side 全量 repo list不保存 token value。
  2. 依 S4.10 GITHUB-TARGET-OWNER-DECISION-RESPONSE.mdSOURCE-CONTROL-APPROVAL-BOARD.md 對 7 個 approval_required=true 的 GitHub target 做 owner / visibility / canonical response目前 response 0 筆、accepted 0 筆,通過後也只更新 read-only decision table / approval package / readiness gate不代表 repo creation、visibility change、refs sync 或 primary approval。
  3. 依 S4.11 SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.mdSOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.mdawoooiclawbot-v5wooo-aiops 做單 repo / 單 ref owner response 驗收response 通過也只更新 read-only classification / reconcile / readiness wording仍不得 push/delete refs 或 force push。
  4. 依 S4.12 SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.mdSOURCE-CONTROL-WORKFLOW-SECRET-NAME-EXPORT-REQUEST.md 對 webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parity 做 owner response 驗收response 通過也只更新 read-only inventory / export request / readiness wording仍不得收 secret value、改 workflow 或啟用 runner。
  5. ewoooc / momo-pro-system 完成 server-side canonical 判定。
  6. KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md 取得 safe crawl、credentialed scan、runtime ingestion、full-upgrade / reboot 等 gate 的人工批准;不得直接接 /execute
  7. AwoooP 主線先讀 security_mirror_readiness_v1security_mirror_intake_plan_v1security_mirror_event_v1security_mirror_route_v1security_mirror_acceptance_v1security_mirror_quarantine_v1security_mirror_dry_run_v1security_mirror_status_rollup_v1security_approval_gate_v1security_approval_decision_record_v1security_approval_review_packet_v1security_approval_state_transition_v1security_followup_runtime_gate_v1source_control_primary_readiness_gate_v1source_control_primary_rollback_adr_v1source_control_workflow_secret_name_inventory_v1,只建立 mirror-only / read-only policy 入口,不新增執行按鈕;其中 Gitea inventory 需同時顯示 S4.5 認證清冊匯出請求、S4.6 匯入驗收契約、S4.7 owner coverage attestation 與 S4.9 owner response 收件包GitHub target 決策需同時顯示 S4.10 owner decision response templatesrefs truth 需同時顯示 S4.11 owner response templatesworkflow / secret inventory 需同時顯示 S4.3 redacted export request 與 S4.12 owner response templatesprimary readiness 需同時顯示 S4.4 rollback ADR 草案。
  8. AwoooP 主線消費 security_rollout_policy_v1 時,只做 read-only policy不做 runtime blocking。
  9. AwoooP 主線再讀 security_approval_queue_v1security_approval_gate_v1security_approval_decision_record_v1security_approval_review_packet_v1security_approval_state_transition_v1security_followup_runtime_gate_v1source_control_primary_readiness_gate_v1source_control_primary_rollback_adr_v1source_control_workflow_secret_name_inventory_v1security_supply_chain_contract_manifest_v1,顯示 review order、批准範圍、審查封包、決策紀錄、決策後狀態、後續 runtime gate 準備條件、Gitea inventory 覆蓋缺口、S4.5 認證匯出請求、S4.6 匯入驗收 / 隔離規則、S4.7 owner attestation items、S4.9 owner response templates、S4.10 GitHub target owner response templates、S4.11 refs truth owner response templates、S4.12 workflow / secret 名稱 owner response templates、GitHub primary readiness blockers、rollback ADR 草案、workflow / secret 名稱 inventory 缺口、redacted export request 與 blocked reason不新增 execution router。