Files
awoooi/docs/security/source-control-owner-response-validation-rollup.snapshot.json
Your Name 01bde65df1
All checks were successful
Code Review / ai-code-review (push) Successful in 12s
CD Pipeline / tests (push) Successful in 1m25s
CD Pipeline / build-and-deploy (push) Successful in 4m28s
CD Pipeline / post-deploy-checks (push) Successful in 1m30s
docs(security): refresh S4.9 owner response gate
2026-06-13 11:36:33 +08:00

2279 lines
107 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"schema_version": "source_control_owner_response_validation_rollup_v1",
"status": "draft_waiting_owner_responses",
"date": "2026-06-13",
"mode": "owner_response_validation_rollup_only",
"runtime_execution_authorized": false,
"source_contracts": [
"gitea_inventory_owner_attestation_response_v1",
"github_target_owner_decision_response_v1",
"source_control_ref_truth_owner_response_v1",
"source_control_workflow_secret_name_owner_response_v1"
],
"source_indexes": [
"docs/security/gitea-inventory-owner-attestation-response.snapshot.json",
"docs/security/github-target-owner-decision-response.snapshot.json",
"docs/security/source-control-ref-truth-owner-response.snapshot.json",
"docs/security/source-control-workflow-secret-name-owner-response.snapshot.json",
"docs/security/security-mirror-status-rollup.snapshot.json",
"docs/security/source-control-primary-readiness-gate.snapshot.json",
"docs/security/security-approval-review-packet.snapshot.json",
"docs/security/security-followup-runtime-gate.snapshot.json"
],
"summary": {
"rollup_status": "waiting_owner_responses",
"response_packet_count": 4,
"validation_lane_count": 4,
"total_response_template_count": 24,
"total_received_response_count": 0,
"total_accepted_response_count": 0,
"total_rejected_response_count": 0,
"total_acceptance_check_count": 32,
"total_rejection_rule_count": 40,
"owner_response_evidence_routing_rule_count": 6,
"owner_response_validation_display_section_count": 8,
"owner_response_validation_state_transition_rule_count": 7,
"owner_response_validation_reviewer_checklist_count": 9,
"owner_response_validation_reviewer_outcome_lane_count": 7,
"owner_response_validation_reviewer_audit_event_template_count": 4,
"owner_response_validation_reviewer_audit_display_section_count": 5,
"owner_response_validation_reviewer_audit_collection_check_count": 6,
"owner_response_validation_reviewer_audit_redaction_example_count": 5,
"owner_response_validation_reviewer_audit_retention_rule_count": 5,
"owner_response_validation_reviewer_audit_retention_check_count": 6,
"quarantine_required": true,
"primary_ready_count": 0,
"runtime_execution_authorized": false,
"token_value_collection_allowed": false,
"secret_value_collection_allowed": false,
"write_token_allowed": false,
"repo_creation_authorized": false,
"visibility_change_authorized": false,
"gitea_repo_write_authorized": false,
"refs_sync_authorized": false,
"refs_delete_authorized": false,
"force_push_authorized": false,
"workflow_modification_authorized": false,
"runner_enablement_authorized": false,
"github_hosted_runner_enable_authorized": false,
"github_primary_switch_authorized": false,
"action_buttons_allowed": false,
"owner_response_validation_reviewer_audit_handoff_packet_count": 6,
"owner_response_validation_reviewer_audit_handoff_check_count": 6,
"owner_response_validation_parallel_session_sync_check_count": 6,
"owner_response_validation_parallel_session_conflict_lane_count": 6,
"owner_response_validation_parallel_session_recovery_check_count": 6,
"owner_response_validation_parallel_session_recovery_outcome_lane_count": 7
},
"validation_lanes": [
{
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
"source_contract": "gitea_inventory_owner_attestation_response_v1",
"response_packet": "docs/security/gitea-inventory-owner-attestation-response.snapshot.json",
"human_doc": "docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
"scope_summary": "5 個 Gitea coverage attestation itemspublic-only/local gap、org/user endpoint、110 adjacent scope、canonical owner、legacy/inaccessible disposition。",
"response_template_count": 5,
"received_response_count": 0,
"accepted_response_count": 0,
"rejected_response_count": 0,
"required_before_ready": [
"5 個 S4.7 attestation items 皆有可驗收 owner response",
"response 只能引用脫敏 evidence refs",
"不得保存 token value、raw secret、DB dump、git object 或 repo write payload"
],
"allowed_outputs": [
"更新 read-only Gitea coverage matrix wording",
"更新 owner / canonical / legacy disposition 欄位",
"維持 gitea_repo_inventory_v1.status=partial 直到 S4.6 payload 驗收通過"
],
"forbidden_actions": [
"store_token_value",
"write_gitea_repo",
"sync_refs",
"switch_github_primary"
],
"execution_authorized": false
},
{
"lane_id": "s4_10_github_target_owner_decision_response",
"source_contract": "github_target_owner_decision_response_v1",
"response_packet": "docs/security/github-target-owner-decision-response.snapshot.json",
"human_doc": "docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md",
"scope_summary": "9 個 approval-required GitHub targets 的 owner、visibility、canonical response。",
"response_template_count": 9,
"received_response_count": 0,
"accepted_response_count": 0,
"rejected_response_count": 0,
"required_before_ready": [
"9 個 target response 都有 owner / visibility / canonical disposition",
"not_found_or_private 不得自動解讀為可建立 repo",
"response 不得夾帶 repo creation、visibility change 或 refs sync payload"
],
"allowed_outputs": [
"更新 read-only GitHub target decision table wording",
"更新 repo-by-repo approval package 的 owner / visibility / canonical 欄位",
"維持 primary_ready_count=0"
],
"forbidden_actions": [
"create_github_repo",
"change_repo_visibility",
"sync_refs",
"switch_github_primary"
],
"execution_authorized": false
},
{
"lane_id": "s4_11_ref_truth_owner_response",
"source_contract": "source_control_ref_truth_owner_response_v1",
"response_packet": "docs/security/source-control-ref-truth-owner-response.snapshot.json",
"human_doc": "docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md",
"scope_summary": "S4.11 request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks加上 194 個 refs review items 的 main/dev truth、deprecated drift、release tag retention、GitHub-only refs disposition。",
"response_template_count": 5,
"received_response_count": 0,
"accepted_response_count": 0,
"rejected_response_count": 0,
"required_before_ready": [
"main/dev truth 與 release tags 必須有 deploy / artifact / rollback owner",
"deprecated candidate 只能更新 disposition不代表 delete approval",
"backfill candidate 只能更新 review wording不代表 push approval"
],
"allowed_outputs": [
"更新 read-only ref truth classification disposition",
"更新 draft reconcile plan wording",
"維持 refs sync / delete / force push disabled"
],
"forbidden_actions": [
"fetch_refs",
"push_refs",
"delete_refs",
"force_push",
"switch_github_primary"
],
"execution_authorized": false
},
{
"lane_id": "s4_12_workflow_secret_name_owner_response",
"source_contract": "source_control_workflow_secret_name_owner_response_v1",
"response_packet": "docs/security/source-control-workflow-secret-name-owner-response.snapshot.json",
"human_doc": "docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md",
"scope_summary": "webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parity 的 redacted owner response request / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks / response。",
"response_template_count": 5,
"received_response_count": 0,
"accepted_response_count": 0,
"rejected_response_count": 0,
"required_before_ready": [
"每個 lane 只能保存允許欄位與脫敏 metadata",
"GitHub hosted runner 只能進 risk review不得啟用或消耗 hosted minutes",
"secret name parity 只保存名稱、scope、owner 與 present/absent不保存 value/hash/partial token",
"request packet 只提示 owner 要回覆什麼,不代表 request sent、response received、secret value collection、workflow modification 或 runner enablement",
"template status ledger 只逐項顯示 waiting_owner_response不代表 request sent、response received 或 accepted",
"audit event templates 只定義 0 emitted 的脫敏 metadata不代表 production ingestion 或 runtime authorization",
"redaction examples 只示範安全回覆形狀,不代表 owner response received、accepted 或 secret value collection",
"collection checks 只維持 request / received / accepted 分離,不代表 owner response received、accepted 或 workflow / secret 執行授權",
"intake preflight checks 只分類可審、補證、隔離或拒收,不代表 owner response accepted 或 workflow / secret 執行授權"
],
"allowed_outputs": [
"更新 read-only workflow / secret name inventory wording",
"更新 redacted export request disposition",
"維持 workflow / secret parity blocker 直到實際 redacted evidence 完成"
],
"forbidden_actions": [
"store_secret_value",
"modify_workflow",
"enable_runner",
"enable_github_hosted_runner",
"switch_github_primary"
],
"execution_authorized": false
}
],
"cross_packet_acceptance_checks": [
{
"check_id": "all_source_packets_schema_valid",
"title": "四個 source response packets 都必須 JSON / schema 結構有效",
"required": true,
"pass_condition": "source packet 可被解析,且 summary 欄位存在",
"failure_lane": "mirror_quarantine",
"execution_authorized": false
},
{
"check_id": "template_counts_match",
"title": "response template count 必須與各 source packet summary 一致",
"required": true,
"pass_condition": "5 + 9 + 5 + 5 = 24",
"failure_lane": "mirror_quarantine",
"execution_authorized": false
},
{
"check_id": "response_counts_explicit",
"title": "received / accepted / rejected count 必須明確列出",
"required": true,
"pass_condition": "所有 source packets 目前皆為 0 / 0 / 0",
"failure_lane": "request_more_evidence",
"execution_authorized": false
},
{
"check_id": "accepted_response_does_not_unlock_runtime",
"title": "即使未來 response 被接受,也不得直接解鎖 runtime",
"required": true,
"pass_condition": "readiness effect 只允許更新 read-only wording 或 matrix 欄位",
"failure_lane": "block_candidate",
"execution_authorized": false
},
{
"check_id": "rejection_rules_present",
"title": "四個 packets 都必須保留 rejection rules",
"required": true,
"pass_condition": "每包 10 個 rejection rules總數 40",
"failure_lane": "mirror_quarantine",
"execution_authorized": false
},
{
"check_id": "no_secret_or_token_value",
"title": "不得收集 token、secret、private key、cookie、session 或 partial credential",
"required": true,
"pass_condition": "所有收件與輸出欄位只允許脫敏 evidence refs 或名稱 metadata",
"failure_lane": "hard_reject",
"execution_authorized": false
},
{
"check_id": "no_write_or_admin_action",
"title": "不得夾帶 write token、admin API、repo write、workflow 修改或 runner 啟用",
"required": true,
"pass_condition": "所有 write / admin / execution flags 皆為 false",
"failure_lane": "hard_reject",
"execution_authorized": false
},
{
"check_id": "no_refs_or_primary_action",
"title": "不得把 owner response 當成 refs sync、delete、force push 或 primary approval",
"required": true,
"pass_condition": "refs_sync / refs_delete / force_push / github_primary_switch 皆為 false",
"failure_lane": "hard_reject",
"execution_authorized": false
},
{
"check_id": "quarantine_uncertain_payload",
"title": "任何不確定是否含敏感值的 response 必須隔離",
"required": true,
"pass_condition": "quarantine_required=true 且 quarantine rules 已列出",
"failure_lane": "mirror_quarantine",
"execution_authorized": false
},
{
"check_id": "rollup_and_readiness_must_be_updated_together",
"title": "接受 response 後必須同步更新 rollup 與 readiness wording",
"required": true,
"pass_condition": "更新 source packet、validation rollup、security mirror rollup、primary readiness gate 與 LOGBOOK",
"failure_lane": "request_more_evidence",
"execution_authorized": false
}
],
"quarantine_rules": [
"response 夾帶 token、secret、cookie、session、private key、deploy key material、runner token 或 partial credential 時 hard reject。",
"response 夾帶完整 webhook URL、query token、header、body、未脫敏 screenshot 或 private URL credential 時 hard reject。",
"response 要求 write API、repo 建立、visibility change、workflow 修改、runner 啟用、secret rotate、refs sync、delete refs、force push 或 GitHub primary switch 時 hard reject。",
"response 缺 lane、repo、provider、owner、decision、decision_reason 或 evidence_refs 時 request_more_evidence。",
"response 的敏感性不確定時先 quarantine不猜測、不修補、不自動接受。"
],
"owner_response_evidence_routing_rules": [
{
"rule_id": "evidence-routing-known-lane",
"display_order": 1,
"title": "已知 owner response lane 才能進入對應 source packet preflight",
"match_condition": "evidence pointer 明確標示 S4.9 / S4.10 / S4.11 / S4.12 其中一個 lane且 template_id 屬於該 lane 的既有 response templates。",
"safe_route": "route_to_source_packet_intake_preflight",
"blocked_route": "request_more_evidence_if_lane_or_template_unknown",
"awooop_display_mode": "display_evidence_route_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "evidence-routing-required-fields",
"display_order": 2,
"title": "缺少 owner / decision / evidence refs 時只要求補證",
"match_condition": "lane 已知,但 owner、decision、decision_reason、repo/provider metadata 或 evidence_refs 缺漏。",
"safe_route": "request_more_evidence",
"blocked_route": "do_not_increment_received_or_accepted_count",
"awooop_display_mode": "display_evidence_route_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "evidence-routing-sensitive-payload",
"display_order": 3,
"title": "疑似敏感 payload 一律先送 mirror quarantine",
"match_condition": "evidence pointer、摘要或附件暗示 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential 或未脫敏截圖。",
"safe_route": "mirror_quarantine",
"blocked_route": "do_not_store_raw_payload_or_render_sensitive_material",
"awooop_display_mode": "display_evidence_route_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "evidence-routing-execution-request",
"display_order": 4,
"title": "夾帶執行要求時 hard reject",
"match_condition": "response 要求建立 repo、修改 visibility、write token、sync/delete/force push refs、修改 workflow/webhook/runner/deploy key/branch protection/repository secret、啟用 GitHub hosted runner、Kali scan 或 GitHub primary switch。",
"safe_route": "hard_reject_execution_request",
"blocked_route": "do_not_create_runtime_gate_or_action_button",
"awooop_display_mode": "display_evidence_route_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "evidence-routing-cross-packet-conflict",
"display_order": 5,
"title": "跨包互相矛盾時只進 owner review",
"match_condition": "S4.9 canonical owner、S4.10 GitHub target、S4.11 refs truth 或 S4.12 workflow / secret name parity 之間出現 owner、repo、visibility、truth source 或 secret 名稱矛盾。",
"safe_route": "cross_packet_owner_review",
"blocked_route": "do_not_auto_merge_or_override_source_packet",
"awooop_display_mode": "display_evidence_route_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "evidence-routing-accepted-metadata",
"display_order": 6,
"title": "通過驗收後只允許更新只讀 wording",
"match_condition": "source packet preflight、acceptance checks、cross-packet checks 與 quarantine rules 全部通過,且 evidence refs 完全脫敏。",
"safe_route": "read_only_readiness_wording_update",
"blocked_route": "do_not_unlock_repo_refs_workflow_secret_runner_or_primary_actions",
"awooop_display_mode": "display_evidence_route_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_display_sections": [
{
"section_id": "display-validation-summary",
"display_order": 1,
"title": "Owner response validation 總覽",
"content_source": "summaryresponse_packet_count、validation_lane_count、total_response_template_count、received / accepted / rejected count、runtime flags。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-missing-response-lanes",
"display_order": 2,
"title": "Missing owner response lanes",
"content_source": "missing_response_lanesS4.9 / S4.10 / S4.11 / S4.12 四條缺口、next_owner_action 與 still_forbidden。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-owner-response-collection-order",
"display_order": 3,
"title": "Owner response collection order",
"content_source": "owner_response_collection_order四步收件順序、required_packet、minimum_response 與 blocked_until_received。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-next-collection-candidate",
"display_order": 4,
"title": "Next collection candidate",
"content_source": "next_collection_candidate目前只顯示 S4.9 Gitea owner attestation responsereceived / accepted 皆為 0。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-cross-packet-acceptance-checks",
"display_order": 5,
"title": "Cross-packet acceptance checks",
"content_source": "cross_packet_acceptance_checks10 個跨包驗收檢查,只作 read-only validation不授權 runtime。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-evidence-routing-rules",
"display_order": 6,
"title": "Evidence routing rules",
"content_source": "owner_response_evidence_routing_rules6 條 evidence pointer 只讀路由,補證、隔離、拒收、跨包 review 或只讀更新。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-quarantine-and-forbidden-actions",
"display_order": 7,
"title": "Quarantine 與禁止事項",
"content_source": "quarantine_rules、forbidden_actions、summary false flags顯示敏感 payload、write/admin/action button 與 primary 禁令。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-latest-local-validation",
"display_order": 8,
"title": "最新本機只讀驗證",
"content_source": "latest_local_validationrepo_snapshot_only、SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK、received / accepted count 仍為 0。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_state_transition_rules": [
{
"rule_id": "transition-waiting-to-received-pending-validation",
"display_order": 1,
"from_state": "waiting_owner_response",
"trigger": "收到已知 S4.9 / S4.10 / S4.11 / S4.12 lane 的 owner response evidence pointer。",
"required_checks": [
"lane 與 template_id 已知",
"owner、decision、decision_reason、repo/provider metadata 與 evidence_refs 完整",
"evidence refs 已脫敏且沒有 raw secret/token/private URL credential"
],
"next_state": "received_pending_validation",
"allowed_update": "只允許 source packet 與 rollup 顯示 received_pending_validation 候選;不得增加 accepted count。",
"blocked_updates": [
"mark_accepted",
"create_runtime_gate",
"add_action_button",
"repo_or_refs_or_workflow_secret_change"
],
"awooop_display_mode": "display_state_transition_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "transition-missing-required-fields-to-request-more-evidence",
"display_order": 2,
"from_state": "waiting_owner_response",
"trigger": "response 缺少必填 owner、decision、reason、repo/provider metadata 或 evidence_refs。",
"required_checks": [
"已能判斷 lane 或 template 缺口",
"沒有敏感 payload",
"沒有執行要求"
],
"next_state": "request_more_evidence",
"allowed_update": "只允許顯示補證缺口與下一步 owner action。",
"blocked_updates": [
"increment_received_count",
"increment_accepted_count",
"store_raw_payload",
"unlock_primary_readiness"
],
"awooop_display_mode": "display_state_transition_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "transition-sensitive-payload-to-mirror-quarantine",
"display_order": 3,
"from_state": "waiting_owner_response_or_received_pending_validation",
"trigger": "response 或 evidence pointer 疑似含 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential 或未脫敏截圖。",
"required_checks": [
"敏感性不確定即視為需要隔離",
"不得渲染或保存 raw payload",
"不得把 masked/partial credential 當成可保存 evidence"
],
"next_state": "mirror_quarantine",
"allowed_update": "只允許顯示 quarantine pointer 與 redaction request。",
"blocked_updates": [
"store_sensitive_payload",
"render_sensitive_material",
"increment_received_count",
"increment_accepted_count"
],
"awooop_display_mode": "display_state_transition_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "transition-execution-request-to-hard-rejected",
"display_order": 4,
"from_state": "waiting_owner_response_or_received_pending_validation",
"trigger": "response 夾帶 repo creation、visibility change、refs sync/delete/force push、workflow/webhook/runner/deploy key/branch protection/repository secret、Kali scan、GitHub hosted runner 或 GitHub primary switch 要求。",
"required_checks": [
"偵測到任何 write/admin/runtime intent",
"blocked route 已指向 do_not_create_runtime_gate_or_action_button",
"仍保留 redacted rejection evidence"
],
"next_state": "hard_rejected_execution_request",
"allowed_update": "只允許顯示拒收原因與仍禁止事項。",
"blocked_updates": [
"create_runtime_gate",
"enqueue_execution",
"add_action_button",
"change_repo_refs_workflow_secret_runner_or_primary"
],
"awooop_display_mode": "display_state_transition_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "transition-cross-packet-conflict-to-owner-review",
"display_order": 5,
"from_state": "received_pending_validation",
"trigger": "S4.9 owner/canonical、S4.10 target/visibility、S4.11 refs truth 或 S4.12 workflow/secret name parity 互相矛盾。",
"required_checks": [
"矛盾欄位可指向來源 packet",
"不得自動覆蓋 source packet",
"不得把任一 packet 視為較高權威"
],
"next_state": "cross_packet_owner_review",
"allowed_update": "只允許顯示 reviewer 需要確認的欄位與 evidence refs。",
"blocked_updates": [
"auto_merge_response",
"override_source_packet",
"mark_primary_ready",
"unlock_refs_or_workflow_actions"
],
"awooop_display_mode": "display_state_transition_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "transition-validation-pass-to-read-only-update",
"display_order": 6,
"from_state": "received_pending_validation",
"trigger": "source packet preflight、acceptance checks、cross-packet checks 與 quarantine rules 全部通過。",
"required_checks": [
"所有 evidence refs 完全脫敏",
"source packet、validation rollup、security mirror rollup、primary readiness wording 與 LOGBOOK 可同步更新",
"received / accepted count 的變更仍只限文件與 snapshot"
],
"next_state": "accepted_read_only_update",
"allowed_update": "只允許更新 read-only evidence、matrix、decision table、reconcile wording 或 readiness wording。",
"blocked_updates": [
"create_repo",
"sync_or_delete_refs",
"modify_workflow_or_secret",
"enable_runner_or_primary"
],
"awooop_display_mode": "display_state_transition_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "transition-post-update-stays-waiting-runtime-gate",
"display_order": 7,
"from_state": "accepted_read_only_update",
"trigger": "read-only wording 已更新,但仍未取得 runtime gate、owner approval、rollback ADR、redacted payload ingestion 或 primary readiness。",
"required_checks": [
"active_runtime_gate_count 仍為 0",
"github_primary_ready_count 仍為 0",
"action_buttons_allowed 仍為 false"
],
"next_state": "waiting_followup_runtime_gate",
"allowed_update": "只允許提示後續需要人工批准與獨立 runtime gate。",
"blocked_updates": [
"treat_read_only_update_as_runtime_approval",
"auto_execute_scan_or_migration",
"switch_github_primary",
"consume_github_hosted_runner_minutes"
],
"awooop_display_mode": "display_state_transition_rule_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_checklist": [
{
"checklist_id": "checklist-confirm-lane-and-template",
"display_order": 1,
"title": "確認 owner response lane 與 template 已知",
"reviewer_action": " evidence pointer S4.9 / S4.10 / S4.11 / S4.12 lane template_id",
"required_evidence": [
"lane_id",
"template_id",
"source_packet_path"
],
"pass_state": "received_pending_validation",
"fail_route": "request_more_evidence",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-required-owner-fields",
"display_order": 2,
"title": " owner / decision / reason / metadata ",
"reviewer_action": " ownerdecisiondecision_reasonrepo/provider metadata evidence_refs ",
"required_evidence": [
"owner",
"decision",
"decision_reason",
"repo_or_provider_metadata",
"evidence_refs"
],
"pass_state": "received_pending_validation",
"fail_route": "request_more_evidence",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-redacted-evidence-refs",
"display_order": 3,
"title": " evidence refs raw payload",
"reviewer_action": "ticket idhash tokensecretprivate URL credential ",
"required_evidence": [
"redacted_evidence_refs",
"no_raw_payload_statement"
],
"pass_state": "received_pending_validation",
"fail_route": "mirror_quarantine",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-source-packet-preflight",
"display_order": 4,
"title": " source packet preflight ",
"reviewer_action": " S4.9 / S4.10 / S4.11 / S4.12 intake preflight checks ",
"required_evidence": [
"source_packet_preflight_result",
"preflight_check_ids"
],
"pass_state": "received_pending_validation",
"fail_route": "source_packet_preflight_failure_route",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-cross-packet-consistency",
"display_order": 5,
"title": " S4.9-S4.12 ",
"reviewer_action": " ownerrepovisibilitytruth sourceworkflow / secret name parity ",
"required_evidence": [
"cross_packet_acceptance_check_ids",
"consistency_summary"
],
"pass_state": "received_pending_validation",
"fail_route": "cross_packet_owner_review",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-no-sensitive-payload",
"display_order": 6,
"title": " payload",
"reviewer_action": " response tokensecretprivate keycookiesessionrunner tokenwebhook secretdeploy key materialauthorization headerprivate URL credential partial credential",
"required_evidence": [
"sensitive_payload_scan_result",
"redaction_summary"
],
"pass_state": "received_pending_validation",
"fail_route": "mirror_quarantine",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-no-execution-intent",
"display_order": 7,
"title": "",
"reviewer_action": " response repo creationvisibility changerefs sync/delete/force pushworkflow/webhook/runner/deploy key/branch protection/repository secret Kali scanGitHub hosted runner GitHub primary switch",
"required_evidence": [
"execution_intent_review_result",
"blocked_action_summary"
],
"pass_state": "received_pending_validation",
"fail_route": "hard_rejected_execution_request",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-read-only-update-scope",
"display_order": 8,
"title": " read-only wording",
"reviewer_action": "使 response evidencematrixdecision tablereconcile wording readiness wording",
"required_evidence": [
"read_only_update_targets",
"no_runtime_unlock_statement"
],
"pass_state": "accepted_read_only_update",
"fail_route": "block_candidate",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-followup-runtime-gate-still-required",
"display_order": 9,
"title": " runtime gate ",
"reviewer_action": " active_runtime_gate_count 0github_primary_ready_count 0action_buttons_allowed false",
"required_evidence": [
"active_runtime_gate_count",
"github_primary_ready_count",
"action_buttons_allowed"
],
"pass_state": "waiting_followup_runtime_gate",
"fail_route": "block_candidate",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_outcome_lanes": [
{
"outcome_lane_id": "outcome-keep-waiting-owner-response",
"display_order": 1,
"title": " owner response",
"when_reviewer_finds": " owner response evidence pointer request packet / template status / audit template / redaction example / display section",
"safe_result": "keep_waiting_owner_response",
"allowed_update": " waiting next collection candidate",
"blocked_updates": [
"increment_received_count",
"increment_accepted_count",
"mark_primary_ready",
"create_runtime_gate"
],
"awooop_display_mode": "display_reviewer_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"outcome_lane_id": "outcome-request-more-evidence",
"display_order": 2,
"title": "",
"when_reviewer_finds": "lane / template ownerdecisionreasonrepo/provider metadataevidence refs source packet preflight ",
"safe_result": "request_more_evidence",
"allowed_update": " owner action",
"blocked_updates": [
"increment_accepted_count",
"unlock_primary_readiness",
"enqueue_execution",
"store_raw_payload"
],
"awooop_display_mode": "display_reviewer_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"outcome_lane_id": "outcome-mirror-quarantine-sensitive-payload",
"display_order": 3,
"title": " payload mirror quarantine",
"when_reviewer_finds": "evidence pointer response tokensecretprivate keycookiesessionrunner tokenwebhook secretdeploy key materialauthorization headerprivate URL credentialpartial credential ",
"safe_result": "mirror_quarantine",
"allowed_update": " quarantine pointerredaction request raw payload ",
"blocked_updates": [
"store_sensitive_payload",
"render_sensitive_material",
"increment_received_count",
"increment_accepted_count"
],
"awooop_display_mode": "display_reviewer_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"outcome_lane_id": "outcome-hard-reject-execution-request",
"display_order": 4,
"title": "",
"when_reviewer_finds": "response repo creationvisibility changerefs sync/delete/force pushworkflow/webhook/runner/deploy key/branch protection/repository secretKali scanGitHub hosted runner GitHub primary switch ",
"safe_result": "hard_rejected_execution_request",
"allowed_update": "blocked action summary ",
"blocked_updates": [
"create_runtime_gate",
"enqueue_execution",
"add_action_button",
"change_repo_refs_workflow_secret_runner_or_primary"
],
"awooop_display_mode": "display_reviewer_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"outcome_lane_id": "outcome-cross-packet-owner-review",
"display_order": 5,
"title": " owner review",
"when_reviewer_finds": "S4.9 / S4.10 / S4.11 / S4.12 ownerrepovisibilitytruth source workflow / secret name parity ",
"safe_result": "cross_packet_owner_review",
"allowed_update": " packet reviewer evidence refs",
"blocked_updates": [
"auto_merge_response",
"override_source_packet",
"mark_primary_ready",
"unlock_refs_or_workflow_actions"
],
"awooop_display_mode": "display_reviewer_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"outcome_lane_id": "outcome-read-only-update-candidate",
"display_order": 6,
"title": "",
"when_reviewer_finds": "source packet preflightacceptance checkscross-packet checksreviewer checklist quarantine rules evidence refs ",
"safe_result": "accepted_read_only_update_candidate",
"allowed_update": " evidencematrixdecision tablereconcile wordingreadiness wording LOGBOOK",
"blocked_updates": [
"create_repo",
"sync_or_delete_refs",
"modify_workflow_or_secret",
"enable_runner_or_primary"
],
"awooop_display_mode": "display_reviewer_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"outcome_lane_id": "outcome-waiting-followup-runtime-gate",
"display_order": 7,
"title": " runtime gate",
"when_reviewer_finds": " wording active_runtime_gate_count=0github_primary_ready_count=0action_buttons_allowed=false",
"safe_result": "waiting_followup_runtime_gate",
"allowed_update": "rollback / disable plan runtime gate",
"blocked_updates": [
"treat_read_only_update_as_runtime_approval",
"auto_execute_scan_or_migration",
"switch_github_primary",
"consume_github_hosted_runner_minutes"
],
"awooop_display_mode": "display_reviewer_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_event_templates": [
{
"event_template_id": "audit-reviewer-outcome-review-opened",
"display_order": 1,
"title": "Reviewer owner response outcome",
"event_status": "template_only_not_emitted",
"event_trigger": "Reviewer S4.13 owner response validation rollup checklist / outcome lanes ",
"allowed_metadata": [
"reviewer_id_or_role",
"lane_id",
"template_id",
"source_packet_path",
"review_started_at_taipei",
"redacted_evidence_ref_count"
],
"forbidden_payloads": [
"raw_owner_response_body",
"token_or_secret_value",
"private_key_or_deploy_key_material",
"cookie_or_session",
"authorization_header",
"private_url_credential",
"unredacted_screenshot"
],
"emitted_event_count": 0,
"stored_raw_payload_allowed": false,
"awooop_display_mode": "display_reviewer_audit_template_only",
"execution_authorized": false,
"not_approval": true
},
{
"event_template_id": "audit-reviewer-outcome-classified",
"display_order": 2,
"title": "Reviewer outcome lane ",
"event_status": "template_only_not_emitted",
"event_trigger": "Reviewer 7 outcome lanes evidence pointer review runtime gate",
"allowed_metadata": [
"outcome_lane_id",
"classification_reason",
"checklist_pass_count",
"checklist_fail_count",
"redacted_evidence_refs",
"reviewed_at_taipei"
],
"forbidden_payloads": [
"raw_owner_response_body",
"token_or_secret_value",
"secret_hash_or_masked_token",
"partial_credential",
"runner_token",
"webhook_secret",
"deploy_key_value",
"private_url_credential"
],
"emitted_event_count": 0,
"stored_raw_payload_allowed": false,
"awooop_display_mode": "display_reviewer_audit_template_only",
"execution_authorized": false,
"not_approval": true
},
{
"event_template_id": "audit-reviewer-quarantine-or-reject-recorded",
"display_order": 3,
"title": "",
"event_status": "template_only_not_emitted",
"event_trigger": "Reviewer response mirror quarantine hard rejected execution request",
"allowed_metadata": [
"outcome_lane_id",
"blocked_reason_code",
"redaction_required",
"quarantine_pointer",
"blocked_action_summary",
"reviewed_at_taipei"
],
"forbidden_payloads": [
"sensitive_payload",
"raw_request_body",
"raw_response_body",
"credential_value",
"private_key",
"authorization_header",
"cookie_or_session",
"execution_payload"
],
"emitted_event_count": 0,
"stored_raw_payload_allowed": false,
"awooop_display_mode": "display_reviewer_audit_template_only",
"execution_authorized": false,
"not_approval": true
},
{
"event_template_id": "audit-reviewer-readonly-update-noted",
"display_order": 4,
"title": "",
"event_status": "template_only_not_emitted",
"event_trigger": "Reviewer response read-only update candidate waiting follow-up runtime gate",
"allowed_metadata": [
"outcome_lane_id",
"read_only_update_targets",
"followup_runtime_gate_required",
"active_runtime_gate_count",
"github_primary_ready_count",
"action_buttons_allowed"
],
"forbidden_payloads": [
"runtime_approval",
"execution_command",
"repo_write_token",
"refs_update_payload",
"workflow_secret_value",
"runner_registration_token",
"github_primary_switch_payload"
],
"emitted_event_count": 0,
"stored_raw_payload_allowed": false,
"awooop_display_mode": "display_reviewer_audit_template_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_display_sections": [
{
"section_id": "display-reviewer-audit-template-summary",
"display_order": 1,
"title": "Reviewer audit template ",
"content_source": " 4 reviewer audit event templatestemplate_only_not_emittedemitted_event_count=0 not approval ",
"section_status": "display_contract_only",
"awooop_display_mode": "display_reviewer_audit_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-reviewer-audit-metadata-fields",
"display_order": 2,
"title": " metadata ",
"content_source": " reviewer rolelanetemplatesource packetclassification reasonchecklist pass/fail countredacted evidence refsread-only targets gate count metadata raw owner response",
"section_status": "display_contract_only",
"awooop_display_mode": "display_reviewer_audit_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-reviewer-audit-forbidden-payloads",
"display_order": 3,
"title": " payload ",
"content_source": " forbidden_payloads tokensecretprivate keydeploy key materialcookiesessionauthorization headerprivate URL credentialpartial credentialrunner tokenwebhook secretraw request / response body execution payload",
"section_status": "display_contract_only",
"awooop_display_mode": "display_reviewer_audit_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-reviewer-audit-emission-status",
"display_order": 4,
"title": "Reviewer audit emitted ",
"content_source": " reviewer audit templates emitted_event_count=0stored_raw_payload_allowed=false production ingestion",
"section_status": "display_contract_only",
"awooop_display_mode": "display_reviewer_audit_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-reviewer-audit-non-authorization-boundary",
"display_order": 5,
"title": "",
"content_source": " reviewer audit display sections UI owner response receivedacceptedapprovalruntime gateexecution queueaction buttonrepo / refs / workflow / secret / runner Kali scan GitHub primary switch",
"section_status": "display_contract_only",
"awooop_display_mode": "display_reviewer_audit_section_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_collection_checks": [
{
"check_id": "check-reviewer-audit-template-visible",
"display_order": 1,
"title": "Reviewer audit templates ",
"check_requirement": "AwoooP 4 reviewer audit event templates 5 reviewer audit display sections reviewer audit collection check ",
"safe_result": "display_collection_check_waiting_not_ingested",
"blocked_interpretations": [
"treat_template_visible_as_event_emitted",
"treat_display_section_as_audit_ingestion",
"skip_template_boundary_before_collection_check"
],
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-metadata-only",
"display_order": 2,
"title": "Reviewer audit metadata",
"check_requirement": "collection check allowed_metadata redacted evidence refs count raw owner response",
"safe_result": "metadata_only_check_pass_or_waiting",
"blocked_interpretations": [
"request_raw_owner_response",
"store_unredacted_evidence",
"accept_sensitive_value_as_metadata"
],
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-forbidden-payloads-blocked",
"display_order": 3,
"title": "Forbidden payload ",
"check_requirement": " tokensecretprivate keydeploy key materialcookiesessionauthorization headerprivate URL credentialpartial credentialrunner tokenwebhook secretraw body execution payload quarantine / reject ",
"safe_result": "forbidden_payloads_blocked_or_quarantined",
"blocked_interpretations": [
"store_sensitive_payload_for_audit",
"mask_then_accept_secret_value",
"turn_execution_payload_into_action"
],
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-emitted-remains-zero",
"display_order": 4,
"title": "Reviewer audit emitted 0",
"check_requirement": " production ingestion reviewer audit event templates emitted_event_count 0stored_raw_payload_allowed false",
"safe_result": "template_only_not_emitted",
"blocked_interpretations": [
"treat_zero_emitted_template_as_production_ingestion",
"increment_emitted_count_from_display",
"store_raw_payload_after_collection_check"
],
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-no-runtime-side-effect",
"display_order": 5,
"title": "Reviewer audit runtime side effect",
"check_requirement": "collection checks pass / waiting / blocked runtime gateexecution queueaction buttonscan requestrepo action workflow / secret change",
"safe_result": "read_only_check_no_runtime_side_effect",
"blocked_interpretations": [
"create_runtime_gate",
"enqueue_execution",
"add_action_button",
"start_kali_scan",
"modify_repo_or_workflow"
],
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-owner-response-counts-unchanged",
"display_order": 6,
"title": "Owner response counters audit check ",
"check_requirement": "reviewer audit collection checks received_response_countaccepted_response_countreviewer_audit_events_emittedprimary_ready_count active_runtime_gate_count",
"safe_result": "counters_unchanged_waiting_owner_response",
"blocked_interpretations": [
"treat_collection_check_pass_as_owner_response_received",
"treat_collection_check_pass_as_owner_response_accepted",
"treat_collection_check_pass_as_primary_ready",
"treat_collection_check_pass_as_runtime_gate"
],
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_redaction_examples": [
{
"example_id": "redaction-reviewer-role-lane-template-metadata",
"display_order": 1,
"title": "Reviewer / lane / template metadata ",
"unsafe_input_shape": "Reviewer owner response URL evidence ",
"safe_metadata_shape": " reviewer_rolelane_idtemplate_idsource_packet_pathreview_started_at_taipei redacted_evidence_ref_count",
"blocked_payloads": [
"raw_owner_response_body",
"unredacted_screenshot",
"private_url_credential",
"authorization_header",
"cookie_or_session"
],
"redaction_status": "example_only_not_response",
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
"execution_authorized": false,
"not_approval": true
},
{
"example_id": "redaction-classification-reason-summary",
"display_order": 2,
"title": "Outcome classification reason ",
"unsafe_input_shape": "Reviewer token secret hashpartial credentialrunner token webhook secret",
"safe_metadata_shape": " outcome_lane_idclassification_reason_summarychecklist_pass_countchecklist_fail_countredacted_evidence_ref_ids reviewed_at_taipei",
"blocked_payloads": [
"token_or_secret_value",
"secret_hash_or_masked_token",
"partial_credential",
"runner_token",
"webhook_secret"
],
"redaction_status": "example_only_not_response",
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
"execution_authorized": false,
"not_approval": true
},
{
"example_id": "redaction-quarantine-pointer",
"display_order": 3,
"title": "Quarantine pointer ",
"unsafe_input_shape": " raw request bodyraw response bodycredential valueprivate key execution payload",
"safe_metadata_shape": " outcome_lane_idblocked_reason_coderedaction_required=truequarantine_pointer_idblocked_action_summary reviewed_at_taipei",
"blocked_payloads": [
"raw_request_body",
"raw_response_body",
"credential_value",
"private_key",
"execution_payload"
],
"redaction_status": "example_only_not_response",
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
"execution_authorized": false,
"not_approval": true
},
{
"example_id": "redaction-readonly-update-targets",
"display_order": 4,
"title": "Read-only update targets ",
"unsafe_input_shape": " execution commandrefs update payloadworkflow secret value GitHub primary switch payload",
"safe_metadata_shape": " outcome_lane_idread_only_update_target_idsfollowup_runtime_gate_requiredactive_runtime_gate_countgithub_primary_ready_count action_buttons_allowed=false",
"blocked_payloads": [
"execution_command",
"repo_write_token",
"refs_update_payload",
"workflow_secret_value",
"github_primary_switch_payload"
],
"redaction_status": "example_only_not_response",
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
"execution_authorized": false,
"not_approval": true
},
{
"example_id": "redaction-runtime-gate-counter-summary",
"display_order": 5,
"title": "Runtime gate counter summary ",
"unsafe_input_shape": "Reviewer audit summary collection check pass owner response receivedacceptedprimary ready runtime gate active",
"safe_metadata_shape": " received_response_count=0accepted_response_count=0reviewer_audit_events_emitted=0primary_ready_count=0active_runtime_gate_count=0 not_authorization=true",
"blocked_payloads": [
"runtime_approval",
"execution_queue_id",
"action_button_payload",
"scan_request_payload",
"primary_switch_payload"
],
"redaction_status": "example_only_not_response",
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_retention_rules": [
{
"rule_id": "retention-reviewer-start-metadata-only",
"display_order": 1,
"title": "Reviewer start metadata retention",
"retained_metadata_shape": " reviewer_rolelane_idtemplate_idsource_packet_pathreview_started_at_taipei redacted_evidence_ref_count",
"retention_boundary": " reviewer audit metadata owner response URL credential session ",
"blocked_payloads": [
"raw_owner_response_body",
"unredacted_screenshot",
"private_url_credential",
"authorization_header",
"cookie_or_session"
],
"retention_status": "metadata_retention_rule_only",
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "retention-classification-summary-only",
"display_order": 2,
"title": "Classification summary retention",
"retained_metadata_shape": " outcome_lane_idclassification_reason_summarychecklist_pass_countchecklist_fail_countredacted_evidence_ref_ids reviewed_at_taipei",
"retention_boundary": " token secret hashpartial credentialrunner token webhook secret",
"blocked_payloads": [
"token_or_secret_value",
"secret_hash_or_masked_token",
"partial_credential",
"runner_token",
"webhook_secret"
],
"retention_status": "metadata_retention_rule_only",
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "retention-quarantine-pointer-only",
"display_order": 3,
"title": "Quarantine pointer retention",
"retained_metadata_shape": " outcome_lane_idblocked_reason_coderedaction_requiredquarantine_pointer_idblocked_action_summary reviewed_at_taipei",
"retention_boundary": " pointer reason code raw request / response bodycredential valueprivate key execution payload",
"blocked_payloads": [
"raw_request_body",
"raw_response_body",
"credential_value",
"private_key",
"execution_payload"
],
"retention_status": "metadata_retention_rule_only",
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "retention-readonly-update-targets-only",
"display_order": 4,
"title": "Read-only update target retention",
"retained_metadata_shape": " outcome_lane_idread_only_update_target_idsfollowup_runtime_gate_requiredactive_runtime_gate_countgithub_primary_ready_count action_buttons_allowed=false",
"retention_boundary": " ID gate counter execution commandrepo write tokenrefs update payloadworkflow secret value primary switch payload",
"blocked_payloads": [
"execution_command",
"repo_write_token",
"refs_update_payload",
"workflow_secret_value",
"github_primary_switch_payload"
],
"retention_status": "metadata_retention_rule_only",
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "retention-counter-snapshot-only",
"display_order": 5,
"title": "Counter snapshot retention",
"retained_metadata_shape": " received_response_count=0accepted_response_count=0reviewer_audit_events_emitted=0primary_ready_count=0active_runtime_gate_count=0 not_authorization=true",
"retention_boundary": "counter snapshot counter check pass runtime approvalexecution queueaction buttonscan request primary switch",
"blocked_payloads": [
"runtime_approval",
"execution_queue_id",
"action_button_payload",
"scan_request_payload",
"primary_switch_payload"
],
"retention_status": "metadata_retention_rule_only",
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_retention_checks": [
{
"check_id": "check-reviewer-audit-retention-rules-visible",
"display_order": 1,
"title": "Retention rules visible before retention check",
"check_requirement": "AwoooP 5 reviewer audit retention rules retention check ",
"safe_result": "display_retention_check_waiting_not_ingested",
"blocked_interpretations": [
"run_retention_check_before_rules_visible",
"treat_retention_check_as_ingestion_ready",
"enable_audit_storage_from_check"
],
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-retained-metadata-only",
"display_order": 2,
"title": "Retained metadata shape only",
"check_requirement": "retention check retained_metadata_shapereason codepointercounter redacted evidence refs raw payload",
"safe_result": "metadata_only_retention_check",
"blocked_interpretations": [
"store_raw_owner_response_for_retention",
"store_unredacted_evidence_for_retention",
"store_private_url_or_session"
],
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-raw-payloads-blocked",
"display_order": 3,
"title": "Raw payload retention blocked",
"check_requirement": "raw request bodyraw response bodyunredacted screenshotexecution payloadprivate key credential value ",
"safe_result": "raw_payload_retention_blocked",
"blocked_interpretations": [
"retain_raw_request_body",
"retain_raw_response_body",
"retain_unredacted_screenshot",
"retain_execution_payload"
],
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-secret-retention-blocked",
"display_order": 4,
"title": "Secret retention blocked",
"check_requirement": "tokensecretsecret hashpartial credentialrunner tokenwebhook secretauthorization header cookie / session retention",
"safe_result": "secret_retention_blocked",
"blocked_interpretations": [
"retain_token_value",
"retain_secret_hash",
"retain_partial_credential",
"retain_authorization_header"
],
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-counter-snapshot-only",
"display_order": 5,
"title": "Counter snapshot only",
"check_requirement": "retention checks received_response_countaccepted_response_countreviewer_audit_events_emittedprimary_ready_count active_runtime_gate_count",
"safe_result": "counter_snapshot_only",
"blocked_interpretations": [
"treat_retention_check_pass_as_owner_response_received",
"treat_retention_check_pass_as_owner_response_accepted",
"treat_retention_check_pass_as_audit_event_emitted",
"treat_retention_check_pass_as_runtime_gate"
],
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-no-runtime-retention-side-effect",
"display_order": 6,
"title": "No runtime retention side effect",
"check_requirement": "retention checks pass / waiting / blocked runtime gateexecution queueaction buttonscan requestrepo action workflow / secret change",
"safe_result": "read_only_retention_check_no_side_effect",
"blocked_interpretations": [
"create_runtime_gate_from_retention_check",
"create_execution_queue_from_retention_check",
"add_action_button_from_retention_check",
"start_scan_from_retention_check"
],
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_handoff_packets": [
{
"packet_id": "handoff-current-counters-and-boundary",
"display_order": 1,
"title": " counters ",
"handoff_content": " received=0accepted=0reviewer audit emitted=0primary ready=0active runtime gate=0 headline 58%",
"safe_consumer_action": "AwoooP / Session resume pointer",
"blocked_interpretations": [
"treat_handoff_as_progress_approval",
"treat_handoff_as_runtime_gate",
"increase_received_or_accepted_count"
],
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
"execution_authorized": false,
"not_approval": true
},
{
"packet_id": "handoff-required-source-packets",
"display_order": 2,
"title": " source packets",
"handoff_content": " S4.9 GiteaS4.10 GitHub targetS4.11 refs truthS4.12 workflow / secret name owner response snapshot S4.13 validation rollup security mirror status rollup",
"safe_consumer_action": " review source packet preflight",
"blocked_interpretations": [
"accept_owner_response_from_handoff_only",
"skip_source_packet_preflight",
"treat_handoff_packet_as_source_of_truth_override"
],
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
"execution_authorized": false,
"not_approval": true
},
{
"packet_id": "handoff-safe-display-fields",
"display_order": 3,
"title": "",
"handoff_content": " lane idtemplate idcountwaiting / blocked / quarantine evidence refsreason codepointer metadata shape",
"safe_consumer_action": "Operator Console reviewer audit metadata ",
"blocked_interpretations": [
"render_raw_owner_response",
"render_unredacted_screenshot",
"render_private_url_or_authorization_header"
],
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
"execution_authorized": false,
"not_approval": true
},
{
"packet_id": "handoff-forbidden-runtime-interpretations",
"display_order": 4,
"title": " runtime ",
"handoff_content": "handoff packet repo creationvisibility changerefs sync/delete/force pushworkflow/webhook/runner/deploy key/branch protection/repository secret Kali scanGitHub hosted runner GitHub primary switch",
"safe_consumer_action": " blocked reason action buttonexecution queue runner job",
"blocked_interpretations": [
"create_action_button_from_handoff",
"enqueue_runtime_job_from_handoff",
"start_scan_or_repo_action_from_handoff"
],
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
"execution_authorized": false,
"not_approval": true
},
{
"packet_id": "handoff-next-owner-response-focus",
"display_order": 5,
"title": " owner response focus",
"handoff_content": " S4.9 Gitea owner attestation response 5 Gitea coverage attestation templates evidence refs",
"safe_consumer_action": "AwoooP next_collection_candidate=S4.9 request packet response",
"blocked_interpretations": [
"auto_collect_owner_response_from_handoff",
"mark_s4_9_received_from_handoff",
"accept_owner_decision_without_redacted_evidence"
],
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
"execution_authorized": false,
"not_approval": true
},
{
"packet_id": "handoff-post-review-followup-gates",
"display_order": 6,
"title": " follow-up gates",
"handoff_content": "使 owner response redacted payload rollback ADR owner approval repo runtime gate",
"safe_consumer_action": " gate waiting / approval required handoff completion ",
"blocked_interpretations": [
"treat_handoff_complete_as_primary_ready",
"treat_handoff_complete_as_payload_ingested",
"treat_handoff_complete_as_runtime_approved"
],
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_handoff_checks": [
{
"check_id": "check-handoff-packets-visible",
"display_order": 1,
"title": "Handoff packets visible before consumption",
"check_requirement": "AwoooP 6 reviewer audit handoff packets handoff consumption check ",
"safe_result": "display_handoff_check_waiting_not_consumed",
"blocked_interpretations": [
"consume_handoff_before_packets_visible",
"treat_handoff_check_as_runtime_ready",
"hide_missing_handoff_packet"
],
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-handoff-counters-remain-zero",
"display_order": 2,
"title": "Counters remain zero",
"check_requirement": "handoff checks received_response_countaccepted_response_countreviewer_audit_events_emittedprimary_ready_count active_runtime_gate_count",
"safe_result": "handoff_counter_snapshot_only",
"blocked_interpretations": [
"treat_handoff_check_pass_as_owner_response_received",
"treat_handoff_check_pass_as_owner_response_accepted",
"treat_handoff_check_pass_as_audit_event_emitted",
"treat_handoff_check_pass_as_runtime_gate"
],
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-handoff-source-packets-required",
"display_order": 3,
"title": "Source packets required before review",
"check_requirement": " S4.9S4.10S4.11S4.12 owner response source packets S4.13 rollup handoff response",
"safe_result": "source_packet_preflight_required",
"blocked_interpretations": [
"accept_owner_response_from_handoff_only",
"skip_source_packet_preflight",
"override_source_packet_from_handoff"
],
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-handoff-safe-display-only",
"display_order": 4,
"title": "Safe display fields only",
"check_requirement": "handoff consumption lane idtemplate idcount evidence refsreason codepointer metadata shape",
"safe_result": "safe_display_only",
"blocked_interpretations": [
"render_raw_owner_response",
"render_unredacted_screenshot",
"render_authorization_header_or_private_url"
],
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-handoff-runtime-interpretations-blocked",
"display_order": 5,
"title": "Runtime interpretations blocked",
"check_requirement": "handoff consumption runtime gateexecution queueaction buttonscan requestrepo actionrefs actionworkflow / secret changerunner enablement primary switch",
"safe_result": "handoff_runtime_interpretation_blocked",
"blocked_interpretations": [
"create_action_button_from_handoff_check",
"enqueue_runtime_job_from_handoff_check",
"start_scan_or_repo_action_from_handoff_check",
"switch_primary_from_handoff_check"
],
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-handoff-next-focus-not-received",
"display_order": 6,
"title": "Next focus remains not received",
"check_requirement": "handoff checks next_collection_candidate=S4.9 received accepted follow-up runtime gate",
"safe_result": "next_focus_display_only_not_received",
"blocked_interpretations": [
"auto_collect_owner_response_from_handoff_check",
"mark_s4_9_received_from_handoff_check",
"mark_s4_9_accepted_from_handoff_check",
"create_followup_runtime_gate_from_handoff_check"
],
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_parallel_session_sync_checks": [
{
"check_id": "check-parallel-session-same-pr-branch",
"display_order": 1,
"title": "Same PR branch before continuing",
"check_requirement": "AwoooP Security Supply Chain Session PR #117 codex/security-supply-chain-contracts-20260512",
"safe_result": "same_branch_read_only_sync_required",
"blocked_interpretations": [
"continue_on_unfetched_branch",
"treat_parallel_session_as_runtime_owner",
"merge_without_branch_sync"
],
"awooop_display_mode": "display_parallel_session_sync_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-parallel-session-latest-delta-visible",
"display_order": 2,
"title": "Latest delta visible",
"check_requirement": " latest progress delta Session handoff packets ledger",
"safe_result": "latest_delta_display_only",
"blocked_interpretations": [
"continue_from_stale_delta",
"skip_progress_ledger_review",
"treat_delta_visibility_as_authorization"
],
"awooop_display_mode": "display_parallel_session_sync_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-parallel-session-owner-response-counters-zero",
"display_order": 3,
"title": "Owner response counters remain zero",
"check_requirement": " received_response_countaccepted_response_countreviewer_audit_events_emittedprimary_ready_count active_runtime_gate_count",
"safe_result": "parallel_sync_counter_snapshot_only",
"blocked_interpretations": [
"treat_parallel_sync_as_owner_response_received",
"treat_parallel_sync_as_owner_response_accepted",
"treat_parallel_sync_as_audit_event_emitted",
"treat_parallel_sync_as_runtime_gate"
],
"awooop_display_mode": "display_parallel_session_sync_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-parallel-session-runtime-flags-false",
"display_order": 4,
"title": "Runtime flags stay false",
"check_requirement": " Session runtime_execution_authorizedrepo_creation_authorizedrefs_sync_authorizedworkflow_modification_authorizedgithub_primary_switch_authorized action_buttons_allowed false",
"safe_result": "parallel_sync_runtime_flags_false",
"blocked_interpretations": [
"treat_sync_complete_as_runtime_authorized",
"create_action_button_from_parallel_sync",
"enqueue_runtime_job_from_parallel_sync",
"start_kali_or_repo_action_from_parallel_sync"
],
"awooop_display_mode": "display_parallel_session_sync_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-parallel-session-source-control-mutations-blocked",
"display_order": 5,
"title": "Source-control mutations blocked",
"check_requirement": " docs/schema/snapshot/guard repo visibilitysync/delete refsforce push workflow/secret/runner GitHub primary Gitea",
"safe_result": "parallel_sync_source_control_mutations_blocked",
"blocked_interpretations": [
"create_repo_from_parallel_sync",
"sync_refs_from_parallel_sync",
"modify_workflow_or_secret_from_parallel_sync",
"switch_primary_from_parallel_sync"
],
"awooop_display_mode": "display_parallel_session_sync_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-parallel-session-next-focus-stays-s4-9",
"display_order": 6,
"title": "Next focus stays S4.9",
"check_requirement": " next_collection_candidate=S4.9 Gitea owner attestation response Session receivedaccepted follow-up runtime gate",
"safe_result": "parallel_sync_next_focus_s4_9_display_only",
"blocked_interpretations": [
"auto_collect_owner_response_from_parallel_sync",
"mark_s4_9_received_from_parallel_sync",
"mark_s4_9_accepted_from_parallel_sync",
"create_followup_runtime_gate_from_parallel_sync"
],
"awooop_display_mode": "display_parallel_session_sync_check_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_parallel_session_conflict_lanes": [
{
"lane_id": "conflict-stale-or-diverged-branch",
"display_order": 1,
"title": "Stale or diverged PR branch",
"conflict_condition": " Session HEAD gitea/codex/security-supply-chain-contracts-20260512 0/0 PR #117 ",
"safe_result": "pause_and_resync_branch_read_only",
"required_operator_action": " fetch / rebase planning / mergeforce push Session ",
"blocked_actions": [
"auto_merge_diverged_branch",
"force_push_to_reconcile_sessions",
"overwrite_other_session_changes"
],
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "conflict-stale-progress-delta",
"display_order": 2,
"title": "Stale progress delta",
"conflict_condition": " Session latest deltaledger length LOGBOOK latest entry rollup ",
"safe_result": "refresh_rollup_and_logbook_before_continue",
"required_operator_action": " status rollupLOGBOOKhandoff guard output delta ",
"blocked_actions": [
"continue_from_stale_delta",
"skip_logbook_refresh",
"treat_stale_delta_as_authorization"
],
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "conflict-owner-response-counter-drift",
"display_order": 3,
"title": "Owner response counter drift",
"conflict_condition": " Session receivedacceptedreviewer audit emittedprimary ready active runtime gate count 0 source packet ",
"safe_result": "hold_as_counter_drift_until_evidence_review",
"required_operator_action": " counter drift source packetaudit metadata LOGBOOK counter",
"blocked_actions": [
"auto_accept_counter_drift",
"mark_owner_response_received_without_source_packet",
"create_runtime_gate_from_counter_drift"
],
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "conflict-runtime-flag-drift",
"display_order": 4,
"title": "Runtime flag drift",
"conflict_condition": " Session runtime_execution_authorizedrepo_creation_authorizedrefs_sync_authorizedworkflow_modification_authorizedgithub_primary_switch_authorized action_buttons_allowed true",
"safe_result": "block_runtime_flag_drift_for_manual_review",
"required_operator_action": " false flag drift review action buttonruntime queue scan request",
"blocked_actions": [
"treat_true_flag_as_approved",
"create_action_button_from_flag_drift",
"enqueue_runtime_job_from_flag_drift"
],
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "conflict-source-control-mutation-request",
"display_order": 5,
"title": "Source-control mutation request",
"conflict_condition": " Session repo creationvisibility changerefs sync/delete/force pushworkflow/secret/runner changeGitea disable GitHub primary switch",
"safe_result": "reject_mutation_request_in_mirror_phase",
"required_operator_action": "blocked action summary owner response / runtime gate",
"blocked_actions": [
"create_repo_from_conflict_lane",
"sync_refs_from_conflict_lane",
"modify_workflow_secret_runner_from_conflict_lane",
"disable_gitea_or_switch_primary_from_conflict_lane"
],
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "conflict-next-focus-drift",
"display_order": 6,
"title": "Next focus drift",
"conflict_condition": " Session next_collection_candidate S4.9 S4.10 / S4.11 / S4.12 accepted",
"safe_result": "restore_next_focus_to_s4_9_display_only",
"required_operator_action": " S4.9 Gitea owner attestation response received/accepted follow-up runtime gate",
"blocked_actions": [
"auto_collect_owner_response_from_focus_drift",
"mark_later_lane_accepted_from_focus_drift",
"create_followup_runtime_gate_from_focus_drift"
],
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_parallel_session_recovery_checks": [
{
"check_id": "check-recovery-fetch-and-compare-branch",
"display_order": 1,
"title": "Fetch and compare branch before recovery",
"check_requirement": " conflict lane AwoooP Session git fetch HEAD gitea/codex/security-supply-chain-contracts-20260512 0/0 0/0",
"safe_result": "recovery_branch_compare_read_only",
"blocked_interpretations": [
"auto_rebase_after_conflict",
"auto_merge_after_conflict",
"force_push_after_conflict"
],
"awooop_display_mode": "display_parallel_session_recovery_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-recovery-read-latest-ledger",
"display_order": 2,
"title": "Read latest ledger and LOGBOOK",
"check_requirement": " status rollup latest deltaprogress_delta_ledger lengthLOGBOOK latest entry handoff summary",
"safe_result": "recovery_latest_ledger_read_only",
"blocked_interpretations": [
"continue_from_pre_conflict_context",
"skip_logbook_after_conflict",
"treat_ledger_read_as_authorization"
],
"awooop_display_mode": "display_parallel_session_recovery_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-recovery-rerun-readonly-guards",
"display_order": 3,
"title": "Rerun read-only guards",
"check_requirement": " source-control-owner-response guard security-mirror-progress guardguard pass snapshot owner responseruntime gate source-control mutation ",
"safe_result": "recovery_guards_pass_display_only",
"blocked_interpretations": [
"treat_guard_pass_as_owner_response",
"treat_guard_pass_as_runtime_gate",
"treat_guard_pass_as_primary_approval"
],
"awooop_display_mode": "display_parallel_session_recovery_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-recovery-review-staged-diff-only",
"display_order": 4,
"title": "Review staged diff before continuing",
"check_requirement": " staged unstaged diff docs/schema/snapshot/guard Session ",
"safe_result": "recovery_diff_review_read_only",
"blocked_interpretations": [
"overwrite_other_session_changes",
"drop_unreviewed_changes",
"stage_runtime_or_secret_change_from_recovery"
],
"awooop_display_mode": "display_parallel_session_recovery_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-recovery-keep-runtime-flags-false",
"display_order": 5,
"title": "Keep runtime flags false after recovery",
"check_requirement": " runtime_execution_authorizedrepo_creation_authorizedrefs_sync_authorizedworkflow_modification_authorizedgithub_primary_switch_authorized action_buttons_allowed false",
"safe_result": "recovery_runtime_flags_false",
"blocked_interpretations": [
"create_action_button_after_recovery",
"enqueue_runtime_job_after_recovery",
"start_kali_or_repo_action_after_recovery"
],
"awooop_display_mode": "display_parallel_session_recovery_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-recovery-record-next-focus-s4-9",
"display_order": 6,
"title": "Record next focus remains S4.9",
"check_requirement": " next_collection_candidate S4.9 Gitea owner attestation responsereceivedaccepted follow-up runtime gate",
"safe_result": "recovery_next_focus_s4_9_display_only",
"blocked_interpretations": [
"auto_collect_owner_response_after_recovery",
"mark_s4_9_received_after_recovery",
"create_followup_runtime_gate_after_recovery"
],
"awooop_display_mode": "display_parallel_session_recovery_check_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_parallel_session_recovery_outcome_lanes": [
{
"lane_id": "outcome-recovery-ready-readonly",
"display_order": 1,
"title": "Recovery ready for read-only continuation",
"outcome_condition": "branch compare 0/0latest ledger / LOGBOOK guard diff docs/schema/snapshot/guard false flags false next_collection_candidate S4.9",
"safe_result": "continue_read_only_from_latest_head",
"allowed_next_step": " HEAD mirror-only docs/schema/snapshot/guard recovery ready owner response receivedaccepted runtime gate",
"blocked_interpretations": [
"treat_recovery_ready_as_merge_approval",
"treat_recovery_ready_as_owner_response",
"treat_recovery_ready_as_runtime_gate"
],
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "outcome-recovery-branch-still-diverged",
"display_order": 2,
"title": "Branch still diverged after fetch",
"outcome_condition": "git fetch HEAD PR 0/0 codex/security-supply-chain-contracts-20260512 ",
"safe_result": "pause_for_manual_branch_review",
"allowed_next_step": " rebasemergeforce push Session ",
"blocked_interpretations": [
"auto_rebase_still_diverged_branch",
"auto_merge_still_diverged_branch",
"force_push_still_diverged_branch"
],
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "outcome-recovery-ledger-still-stale",
"display_order": 3,
"title": "Ledger or handoff still stale",
"outcome_condition": "latest deltaprogress_delta_ledger lengthLOGBOOK latest entry AwoooP handoff summary ",
"safe_result": "pause_and_reread_handoff_sources",
"allowed_next_step": " rollupLOGBOOKhandoff guard output owner response received/accepted",
"blocked_interpretations": [
"continue_from_stale_ledger",
"skip_latest_logbook_after_recovery",
"mark_response_received_from_stale_handoff"
],
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "outcome-recovery-guard-failed",
"display_order": 4,
"title": "Read-only guard failed",
"outcome_condition": "source-control-owner-response guardsecurity-mirror-progress guardJSON parse targeted jq ",
"safe_result": "block_recovery_until_snapshot_fixed",
"allowed_next_step": " docs/schema/snapshot/guard guard failed runtime actionsource-control mutation ",
"blocked_interpretations": [
"ignore_guard_failure",
"treat_guard_failure_as_runtime_incident",
"open_action_button_from_guard_failure"
],
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "outcome-recovery-diff-out-of-scope",
"display_order": 5,
"title": "Diff out of mirror-only scope",
"outcome_condition": "staged unstaged diff runtime codeworkflowsecretrunnerrefsdeployKali executeGitHub primary Gitea disable ",
"safe_result": "quarantine_diff_for_human_review",
"allowed_next_step": " out-of-scope diff review stagecommitpush",
"blocked_interpretations": [
"stage_out_of_scope_diff",
"commit_out_of_scope_diff",
"drop_out_of_scope_diff_without_review"
],
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "outcome-recovery-runtime-flag-drift",
"display_order": 6,
"title": "Runtime flag drift after recovery",
"outcome_condition": "runtime_execution_authorizedrepo_creation_authorizedrefs_sync_authorizedworkflow_modification_authorizedgithub_primary_switch_authorized action_buttons_allowed true",
"safe_result": "block_runtime_interpretation_and_review_flags",
"allowed_next_step": " snapshot false flag action buttonruntime queue source-control operation",
"blocked_interpretations": [
"accept_runtime_flag_drift",
"create_action_button_from_flag_drift",
"enqueue_runtime_job_from_flag_drift"
],
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "outcome-recovery-next-focus-drift",
"display_order": 7,
"title": "Next focus drift after recovery",
"outcome_condition": " next_collection_candidate S4.9 S4.10 / S4.11 / S4.12 received / accepted",
"safe_result": "restore_s4_9_display_only_focus",
"allowed_next_step": " owner response focus S4.9 Gitea owner attestation response received/accepted follow-up runtime gate",
"blocked_interpretations": [
"advance_next_focus_without_owner_response",
"mark_later_packet_received_after_recovery",
"create_followup_gate_from_focus_drift"
],
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
}
],
"readiness_effects": [
{
"effect_id": "gitea_owner_response_accepted",
"when_all_checks_pass": "S4.9 request packet template status ledger / audit event templates / redaction examples / display sections / collection checks request / received / accepted audit events emitted=0 5 response templates S4.6 redacted payload ",
"allowed_update": " Gitea coverage matrixowner / canonical disposition readiness wordinggitea_repo_inventory_v1 ok",
"still_forbidden": [
"store_token_value",
"write_gitea_repo",
"sync_refs",
"switch_github_primary"
]
},
{
"effect_id": "github_target_owner_response_accepted",
"when_all_checks_pass": "S4.10 9 target response ",
"allowed_update": " GitHub target decision tablerepo approval package primary readiness blocker wording",
"still_forbidden": [
"create_github_repo",
"change_visibility",
"sync_refs",
"switch_github_primary"
]
},
{
"effect_id": "ref_truth_owner_response_accepted",
"when_all_checks_pass": "S4.11 request packet template status ledger request / received / accepted audit event templates 0 emittedredaction examples responsecollection checks approvalintake preflight checks execution authorization5 lane response batch scope ",
"allowed_update": " ref truth classification disposition draft reconcile plan wording",
"still_forbidden": [
"fetch_refs",
"push_refs",
"delete_refs",
"force_push",
"switch_github_primary"
]
},
{
"effect_id": "workflow_secret_owner_response_accepted",
"when_all_checks_pass": "S4.12 request packettemplate status ledgeraudit event templatesredaction examplescollection checks intake preflight checks 5 workflow / secret lanes evidence ",
"allowed_update": " workflow / secret name inventoryredacted export request readiness wording",
"still_forbidden": [
"store_secret_value",
"modify_workflow",
"enable_runner",
"enable_github_hosted_runner",
"switch_github_primary"
]
}
],
"allowed_outputs": [
"mirror_owner_response_validation_rollup",
"display_cross_packet_counts",
"display_missing_owner_response_lanes",
"display_next_collection_candidate",
"display_owner_response_evidence_routing_rules",
"display_owner_response_validation_sections",
"display_owner_response_validation_state_transition_rules",
"display_owner_response_validation_reviewer_checklist",
"display_owner_response_validation_reviewer_outcome_lanes",
"display_owner_response_validation_reviewer_audit_event_templates",
"display_owner_response_validation_reviewer_audit_display_sections",
"display_owner_response_validation_reviewer_audit_collection_checks",
"display_owner_response_validation_reviewer_audit_redaction_examples",
"display_owner_response_validation_reviewer_audit_retention_rules",
"display_owner_response_validation_reviewer_audit_retention_checks",
"display_owner_response_validation_reviewer_audit_handoff_packets",
"display_owner_response_validation_reviewer_audit_handoff_checks",
"display_owner_response_validation_parallel_session_sync_checks",
"display_owner_response_validation_parallel_session_conflict_lanes",
"display_owner_response_validation_parallel_session_recovery_checks",
"display_owner_response_validation_parallel_session_recovery_outcome_lanes",
"route_invalid_response_to_quarantine",
"update_read_only_readiness_wording_after_accepted_response"
],
"missing_response_lanes": [
{
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
"source_contract": "gitea_inventory_owner_attestation_response_v1",
"response_template_count": 5,
"received_response_count": 0,
"accepted_response_count": 0,
"current_status": "waiting_owner_response",
"next_owner_action": "Owner S4.9 owner response request packet 5 Gitea coverage attestation itemsAwoooP template status ledger / audit event templates / redaction examples / display sections / collection checks evidence refs",
"awooop_display_mode": "observe_missing_response",
"still_forbidden": [
"store_token_value",
"write_gitea_repo",
"sync_refs",
"switch_github_primary"
]
},
{
"lane_id": "s4_10_github_target_owner_decision_response",
"source_contract": "github_target_owner_decision_response_v1",
"response_template_count": 9,
"received_response_count": 0,
"accepted_response_count": 0,
"current_status": "waiting_owner_response",
"next_owner_action": "Owner S4.10 request packettemplate status ledgeraudit event templatesredaction examplescollection checks intake preflight checks 9 GitHub target owner / visibility / canonical disposition",
"awooop_display_mode": "observe_missing_response",
"still_forbidden": [
"create_github_repo",
"change_repo_visibility",
"sync_refs",
"switch_github_primary"
]
},
{
"lane_id": "s4_11_ref_truth_owner_response",
"source_contract": "source_control_ref_truth_owner_response_v1",
"response_template_count": 5,
"received_response_count": 0,
"accepted_response_count": 0,
"current_status": "waiting_owner_response",
"next_owner_action": "Owner S4.11 request packettemplate status ledgeraudit event templatesredaction examplescollection checks intake preflight checks refs truthdeprecated driftrelease tags GitHub-only refs disposition",
"awooop_display_mode": "observe_missing_response",
"still_forbidden": [
"fetch_refs",
"push_refs",
"delete_refs",
"force_push",
"switch_github_primary"
]
},
{
"lane_id": "s4_12_workflow_secret_name_owner_response",
"source_contract": "source_control_workflow_secret_name_owner_response_v1",
"response_template_count": 5,
"received_response_count": 0,
"accepted_response_count": 0,
"current_status": "waiting_owner_response",
"next_owner_action": "Owner S4.12 request packettemplate status ledgeraudit event templatesredaction examplescollection checks intake preflight checks webhookrunnerdeploy keybranch protection / CODEOWNERSrepository secret name parity template status ledger waitingaudit event templates 0 emittedredaction examples response",
"awooop_display_mode": "observe_missing_response",
"still_forbidden": [
"store_secret_value",
"modify_workflow",
"enable_runner",
"enable_github_hosted_runner",
"switch_github_primary"
]
}
],
"owner_response_collection_order": [
{
"order": 1,
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
"reason": " Gitea canonical owner GitHub target / refs inventory ",
"required_packet": "docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
"minimum_response": [
"public-only/local gap disposition",
"org/user endpoint disposition",
"110 adjacent source scope",
"canonical owner",
"legacy/inaccessible disposition"
],
"awooop_action": "display_next_collection_item",
"blocked_until_received": true,
"execution_authorized": false,
"still_forbidden": [
"store_token_value",
"write_gitea_repo",
"sync_refs",
"switch_github_primary"
]
},
{
"order": 2,
"lane_id": "s4_10_github_target_owner_decision_response",
"reason": " GitHub target owner / visibility / canonical not_found_or_private repo",
"required_packet": "docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md",
"minimum_response": [
"repo owner",
"target visibility",
"canonical target disposition",
"not_found_or_private handling",
"new VibeWork / agent-bounty-protocol target disposition"
],
"awooop_action": "display_next_collection_item",
"blocked_until_received": true,
"execution_authorized": false,
"still_forbidden": [
"create_github_repo",
"change_repo_visibility",
"sync_refs",
"switch_github_primary"
]
},
{
"order": 3,
"lane_id": "s4_11_ref_truth_owner_response",
"reason": "GitHub target owner / visibility branch / tag refs sync delete ",
"required_packet": "docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md",
"minimum_response": [
"main/dev truth disposition",
"deprecated drift disposition",
"release tag retention",
"GitHub-only refs disposition"
],
"awooop_action": "display_next_collection_item",
"blocked_until_received": true,
"execution_authorized": false,
"still_forbidden": [
"fetch_refs",
"push_refs",
"delete_refs",
"force_push",
"switch_github_primary"
]
},
{
"order": 4,
"lane_id": "s4_12_workflow_secret_name_owner_response",
"reason": " workflow / webhook / runner / deploy key / branch protection / CODEOWNERS / secret parity secret runner source truth",
"required_packet": "docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md",
"minimum_response": [
"webhook redacted state",
"runner label owner",
"deploy key redacted state",
"branch protection / CODEOWNERS state",
"repository secret name parity"
],
"awooop_action": "display_next_collection_item",
"blocked_until_received": true,
"execution_authorized": false,
"still_forbidden": [
"store_secret_value",
"modify_workflow",
"enable_runner",
"enable_github_hosted_runner",
"switch_github_primary"
]
}
],
"next_collection_candidate": {
"order": 1,
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
"display_status": "next_owner_response_required",
"source_contract": "gitea_inventory_owner_attestation_response_v1",
"required_packet": "docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
"required_response_template_count": 5,
"received_response_count": 0,
"accepted_response_count": 0,
"minimum_response": [
"public-only/local gap disposition",
"org/user endpoint disposition",
"110 adjacent source scope",
"canonical owner",
"legacy/inaccessible disposition"
],
"awooop_display_mode": "display_next_collection_item_only",
"why_next": "S4.9 GitHub targetrefs truth workflow / secret parity scope / canonical owner source-control owner response ",
"blocked_until_received": true,
"execution_authorized": false,
"not_approval": true,
"still_forbidden": [
"store_token_value",
"write_gitea_repo",
"sync_refs",
"switch_github_primary"
]
},
"latest_local_validation": {
"status": "repo_snapshot_guard_pass",
"date": "2026-06-13",
"scope": "repo_snapshot_only",
"command": "python3 scripts/security/source-control-owner-response-guard.py --root .",
"result": "SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK",
"validated_lanes": [
"s4_9_gitea_inventory_owner_attestation_response",
"s4_10_github_target_owner_decision_response",
"s4_11_ref_truth_owner_response",
"s4_12_workflow_secret_name_owner_response"
],
"received_response_count": 0,
"accepted_response_count": 0,
"runtime_actions_authorized": false,
"repo_or_refs_actions_authorized": false,
"workflow_or_secret_actions_authorized": false,
"not_authorization": true
},
"forbidden_actions": [
"runtime_execution",
"store_token_or_secret_value",
"use_write_token",
"create_repo",
"change_repo_visibility",
"write_gitea_repo",
"sync_refs",
"delete_refs",
"force_push",
"modify_workflow_or_secret",
"enable_runner",
"enable_github_hosted_runner",
"switch_github_primary",
"add_action_button"
]
}