Files
awoooi/docs/security/AWOOOP-MIRROR-ONLY-CONSUMPTION-CHECKLIST.md

21 KiB
Raw Blame History

AwoooP 只讀鏡像消費清單

項目 內容
日期 2026-05-13
狀態 初版,供 AwoooP Session 只讀消費
範圍 Kali / Code Review / Codex / Gitea / GitHub 資安供應鏈事件
低摩擦 policy docs/security/SECURITY-LOW-FRICTION-ROLLOUT-POLICY.md
Contract manifest docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md
原則 低摩擦分階段AwoooP 初期只 mirror、只讀 policy、只建立必要的 approval candidate不直接執行

0. 核心結論

AwoooP 可以消費 Security Supply Chain Session 產出的事件,但初期只能做三件事:

  1. mirror 成 Runtime State / Channel Event / Audit evidence。
  2. 計算 read-only policy 建議,例如 observewarnapprove_required
  3. 產生 approval candidate等待人工核准。

AwoooP 初期不得直接啟動掃描、不得呼叫 Codex patch runner、不得切換 GitHub primary、不得修改 production runtime。

初期也不得把每個 observation 都變成阻擋條件。LOW / MEDIUM 且不涉及不可逆變更的項目,先以 observe / warn 累積 evidence只有 repo creation、visibility change、refs sync、secret、RBAC、NetworkPolicy、firewall、deploy、primary switch 等高風險動作才進 approval。

1. 允許消費的事件

事件 來源 AwoooP 目標 初期狀態 必要防護
security_finding_v1 Kali / Trivy / ZAP / Semgrep / detect-secrets / kube posture Runtime State、Channel Event、Audit mirror-only 不保存 raw secret、cookie、token、exploit payload
kali_integration_status_v1 192.168.0.112 live health / update / gap evidence Security posture、Operator Console、Approval candidate mirror-only 不保存 SSH 密碼或 API key、不直接啟動 scan 或 /execute
kali_scan_scope_approval_v1 Kali 112 scan scope、111/168 observe-only、safe/active/credentialed/execute/full-upgrade gates Approval queue、Operator Console、Audit approval-only 只顯示 scope 與 gate不啟動 scan、不呼叫 /execute
security_approval_queue_v1 Security Supply Chain pending approval / block candidate 集中隊列 Approval queue、Operator Console、Audit approval-only 只顯示 review order 與 blocked reason不執行 queue item
security_approval_gate_v1 S3 人工批准 gate Approval queue、Operator Console、Audit approval-only 只記錄人工決策、批准範圍與 follow-up runtime gate不執行 gate item
security_approval_decision_record_v1 S3 人工決策紀錄 Operator Console、Audit approval-only 只保存 approve / reject / defer / request more evidence / keep blocked 的稽核紀錄,不執行決策
security_approval_review_packet_v1 S3 人工審查封包 Approval queue、Operator Console、Audit approval-only 只顯示 review lane、required reviewers、requested decision 與 still forbidden不代表批准
security_mirror_readiness_v1 Security Supply Chain contract mirror readiness index Operator Console、Runtime State、Channel Event、Audit mirror-only 只顯示 ready / partial / contract-only不執行 mirror item
security_mirror_intake_plan_v1 AwoooP mirror-only intake waves / destinations / acceptance gates Operator Console、Runtime State、Channel Event、Audit、Approval Queue mirror-only 只照 wave 讀取與顯示,不執行 intake item
security_mirror_event_v1 AwoooP mirror-only event envelope Operator Console、Runtime State、Channel Event、Audit、Approval Queue mirror-only 每筆 event 必須 execution_authorized=falseaction_buttons_allowed=false
security_mirror_route_v1 AwoooP 鏡像路由矩陣 Operator Console、Runtime State、Channel Event、Audit、Approval Queue mirror-only 只決定目的地、channel policy 與 review lane不作 execution router
security_mirror_acceptance_v1 AwoooP 鏡像驗收契約 Operator Console、Runtime State、Audit mirror-only 只驗收 contract count、event envelope、route coverage、redaction不作 runtime blocker
security_mirror_quarantine_v1 AwoooP 鏡像隔離契約 Operator Console、Audit mirror-only 只隔離驗收失敗 payload、顯示 recovery request 與 retry gate不作 runtime blocker
security_mirror_dry_run_v1 AwoooP 鏡像 dry-run 報告契約 Operator Console、Audit mirror-only 只回報接入演練結果;不得轉成 production ingestion
security_mirror_status_rollup_v1 AwoooP 鏡像狀態彙整契約 Operator Console、Runtime State、Audit mirror-only 只顯示階段狀態、下一個 gate 與禁止事項;不得視為 runtime authorization
coding_task_v1 Code Review / Codex Security / manual review Approval candidate、Channel Event、Audit suggest-only 不自動開 patch runner、不自動 merge
source_control_migration_event_v1 Gitea/GitHub branch/tag/SHA diff Supply-chain evidence、Approval candidate mirror-only 不觸發 deploy、不切換 primary
gitea_repo_inventory_v1 Gitea org/user repo list 或管理匯出 Supply-chain evidence、migration matrix mirror-only 不保存 token value、不刪除或停用 Gitea repo
local_git_remote_inventory_v1 本機可見 Git working tree remote Source-control coverage evidence、migration matrix mirror-only 不視為 Gitea server 全量、不修改 remote
github_target_probe_v1 候選 GitHub repo read-only probe Migration target evidence mirror-only not_found_or_private 不等同確認不存在
github_target_decision_v1 GitHub target 建立與可見性決策草案 Approval candidate、Migration target evidence mirror-only approval 前不得建立 repo、修改 visibility、同步 refs
github_target_repo_approval_package_v1 GitHub target 逐 repo approval package Approval queue、Migration target evidence mirror-only 低摩擦,只 gate 高風險執行
source_control_approval_board_v1 逐 repo owner / visibility / canonical / refs 決策 board Approval queue、PR reviewer handoff approval-only 只顯示決策隊列,不執行 board item
source_control_reconcile_plan_v1 refs-blocked repo draft reconcile plan Approval candidate、migration reviewer handoff approval-only 只顯示草案,不 push refs、不切 primary
source_control_ref_detail_diff_v1 refs-blocked repo branch/tag 明細 diff Migration reviewer evidence mirror-only 只顯示 diff不 fetch、不 push、不刪 refs
source_control_ref_truth_classification_v1 refs diff 真相來源與 deprecated 候選分類 Repo owner review queue、migration reviewer handoff approval-only 只顯示分類與人工判定隊列,不執行 sync/delete
local_repo_canonical_probe_v1 本機 working tree lineage 比對 Canonical decision evidence mirror-only 不自動合併、不自動建 repo、不刪除
git_remote_refs_probe_v1 指定 repo remote refs read-only probe Source readiness evidence mirror-only 不 fetch、不 push、不自動 mirror
approval_required_event_v1 上述事件的高風險 gate Approval queue、Audit approval-only blocked_until_approved=true
security_rollout_policy_v1 低摩擦資安 rollout policy Read-only policy、Operator Console mirror-only 初期 observe-first不做 runtime enforcement
security_supply_chain_contract_manifest_v1 Security Supply Chain 契約索引 Contract registry、Operator Console mirror-only 只作路由索引,不作 execution router

2. AwoooP 可以做的處理

處理 允許 說明
Runtime State mirror 儲存脫敏後摘要、狀態、風險等級、evidence ref
Channel Event 發送資安 posture、遷移阻塞、approval pending 等通知
Read-only policy 計算建議,不改 firewall、RBAC、NetworkPolicy、secret、deploy
Approval candidate 讓人審核是否批准下一步
Audit evidence 保存可追溯事件,不保存敏感原文
Operator Console 顯示 初期只顯示,不提供高風險執行按鈕

3. 初期禁止動作

禁止動作 原因
直接啟動 Kali scan 掃描強度與範圍需人工批准,避免誤傷內網服務
直接啟動 active DAST / credentialed scan 會碰驗證狀態與服務負載,需 approval
直接呼叫 Codex patch runner coding 仍需 patch-only / human review gate
自動 merge / auto deploy 供應鏈與 production 風險太高
修改 secrets / RBAC / NetworkPolicy / firewall 高風險不可逆或半不可逆變更
切換 GitHub primary / Gitea mirror 主控 目前 Gitea/GitHub branch、tag、main SHA 尚未對齊
刪除、停用、歸檔 Gitea repo 需要完整 repo inventory 與人工確認
保存 raw secret / token / cookie / exploit payload 違反 evidence 脫敏原則

4. 事件到處理模式對照

條件 AwoooP recommended mode 後續
`security_finding_v1.severity=LOW MEDIUMconfidence=LOW MEDIUM`
`security_finding_v1.severity=HIGH CRITICAL` approve_required
kali_integration_status_v1.status=partial_runtime_health_integrated observe 顯示 Kali 112 health、更新紀錄、缺口與 approval gates不得直接掃描
kali_scan_scope_approval_v1.status=draft_waiting_approval approve_required 顯示 Kali 112、111/168、核心主機、公開網站 scope 與 gate不得執行 scan
security_approval_queue_v1.status=draft approve_required 顯示 8 個 queue items、review order 與 blocked reason不得執行 item
security_approval_gate_v1.mode=approval_gate_only approve_required 顯示 8 個 gate items、批准範圍與 follow-up runtime gate批准後不得自動執行
security_approval_decision_record_v1.mode=decision_record_only observe 顯示人工決策紀錄;每筆紀錄都必須 execution_authorized=false
security_approval_review_packet_v1.mode=approval_review_packet_only approve_required 顯示 8 個 review packets、review lane 與 still forbidden不得當成批准或執行授權
security_mirror_readiness_v1.status=draft observe 顯示 30 個 contracts 的 readiness不得把 readiness 當 execution authorization
security_mirror_intake_plan_v1.status=draft observe 顯示 5 個 intake waves 與 4 個 acceptance gates不得執行 wave
security_mirror_event_v1.execution_authorized=false observe 只包裝鏡像 payload明確不授權執行、不顯示執行按鈕
security_mirror_route_v1.status=draft observe 顯示 5 個 route groups、channel policy 與 review lane不得轉成 execution router
security_mirror_acceptance_v1.status=draft observe 顯示 7 個 acceptance checks只可驗收鏡像資料不得阻擋 runtime
security_mirror_quarantine_v1.status=draft observe 顯示 5 個 quarantine lanes、recovery request 與 retry gate不得自動重試失敗 payload
security_mirror_dry_run_v1.dry_run_status=contract_defined_not_executed observe 顯示 6 個 dry-run steps不得視為 production ingestion 已啟用
security_mirror_status_rollup_v1.rollup_status=framework_ready_waiting_approval observe 顯示 S0-S4 階段、approval queue summary 與下一個 gate不得新增 execution action
`coding_task_v1.risk=LOW MEDIUM` warn
`coding_task_v1.risk=HIGH CRITICAL` approve_required
source_control_migration_event_v1.status=blocked observe 顯示 blocking reason不允許切 primary
source_control_migration_event_v1.status=verified approve_required 仍需人工批准主控切換
gitea_repo_inventory_v1.status=blocked observe 補只讀 token 或管理匯出,不做同步
gitea_repo_inventory_v1.status=partial observe 視為 public-only evidence不做同步
gitea_repo_inventory_v1.status=ok warn 進入 repo mapping / branch tag diff
approval_required_event_v1.requested_action=run_gitea_readonly_inventory approve_required 只允許 read-only token 或 redacted admin export不保存 token value
local_git_remote_inventory_v1.status=partial observe 補 server-side inventory不做主控切換
github_target_probe_v1.status=ok 且有 not_found_or_private observe 補 GitHub target 決策,不自動建立 repo
github_target_decision_v1.approval_required_count>0 approve_required 產生 approval candidate但不執行 repo 建立或 visibility 修改
github_target_repo_approval_package_v1.status=draft observe 建立 approval queue draft不阻擋 read-only evidence
source_control_approval_board_v1.pending_approval_count>0 approve_required 顯示逐 repo 決策隊列,不執行 repo 建立、visibility 修改、refs sync
source_control_reconcile_plan_v1.status=draft_blocked approve_required 只顯示 refs reconcile 草案與 gate不執行 sync
source_control_ref_detail_diff_v1.status=draft_blocked observe 顯示 branch/tag 明細 diff支援人工 review
source_control_ref_truth_classification_v1.status=draft_blocked approve_required 顯示 main/dev 真相來源、drift deprecated 候選、release / UAT tag review lane不執行分類結果
local_repo_canonical_probe_v1.status=unrelated approve_required 禁止自動合併,需人工 canonical 判定
git_remote_refs_probe_v1.status=ok observe 可作 source evidence但仍需 GitHub target 與 approval
security_rollout_policy_v1.enforcement_level=mirror_only observe 只顯示 policy不阻擋既有流程
security_supply_chain_contract_manifest_v1.default_enforcement_level=mirror_only observe 只載入契約索引,不新增執行入口

5. Evidence 脫敏要求

資料 保存方式
repo URL 移除 username、password、token
API token 只保存 `token_present=true
secret 名稱 可保存名稱與 owner
secret value 禁止保存
exploit payload 禁止保存 raw payload只保存 redacted evidence ref
scan result 保存 finding 摘要、severity、confidence、asset key
host IP 內網資產可保存,但外部分享需改 asset key

6. 目前可立即 mirror 的檔案

類型 檔案
source control event snapshot docs/security/gitea-github-awoooi-inventory.snapshot.json
source control event 人讀版 docs/security/GITEA-GITHUB-MIGRATION-SNAPSHOT.md
clawbot-v5 source control snapshot docs/security/source-control-clawbot-v5.snapshot.json / docs/security/SOURCE-CONTROL-CLAWBOT-V5-SNAPSHOT.md
wooo-aiops source control snapshot docs/security/source-control-wooo-aiops.snapshot.json / docs/security/SOURCE-CONTROL-WOOO-AIOPS-SNAPSHOT.md
Gitea repo inventory snapshot docs/security/gitea-repo-inventory.snapshot.json
Gitea repo inventory 人讀版 docs/security/GITEA-REPO-INVENTORY-SNAPSHOT.md
Gitea org endpoint blocked snapshot docs/security/gitea-org-repo-inventory-blocked.snapshot.json / docs/security/GITEA-ORG-REPO-INVENTORY-BLOCKED-SNAPSHOT.md
Gitea server-side inventory runbook docs/security/GITEA-SERVER-SIDE-INVENTORY-RUNBOOK.md
Gitea read-only inventory approval package docs/security/GITEA-READONLY-INVENTORY-APPROVAL-PACKAGE.md
Gitea read-only inventory approval snapshot docs/security/gitea-readonly-inventory-approval.snapshot.json
Gitea admin export redaction checklist docs/security/GITEA-ADMIN-EXPORT-REDACTION-CHECKLIST.md
Gitea public repo search snapshot docs/security/gitea-public-repo-search.snapshot.json / docs/security/GITEA-PUBLIC-REPO-SEARCH-SNAPSHOT.md
本機 Git remote inventory snapshot docs/security/local-git-remote-inventory.snapshot.json
本機 Git remote inventory 人讀版 docs/security/LOCAL-GIT-REMOTE-INVENTORY-SNAPSHOT.md
Source Control 遷移矩陣 docs/security/SOURCE-CONTROL-MIGRATION-MATRIX.md
Source Control Canonical Repo 判定表 docs/security/SOURCE-CONTROL-CANONICAL-DECISION-TABLE.md
GitHub target probe snapshot docs/security/github-target-probe.snapshot.json / docs/security/GITHUB-TARGET-PROBE-SNAPSHOT.md
GitHub target 決策 snapshot docs/security/github-target-decision.snapshot.json / docs/security/GITHUB-TARGET-VISIBILITY-DECISION-TABLE.md
GitHub target repo approval package docs/security/github-target-repo-approval-package.snapshot.json / docs/security/GITHUB-TARGET-REPO-APPROVAL-PACKAGE.md
Source Control approval board docs/security/source-control-approval-board.snapshot.json / docs/security/SOURCE-CONTROL-APPROVAL-BOARD.md
Source Control draft reconcile plan docs/security/source-control-reconcile-plan.snapshot.json / docs/security/SOURCE-CONTROL-RECONCILE-PLAN.md
Source Control branch/tag detail diff docs/security/source-control-ref-detail-diff.snapshot.json / docs/security/SOURCE-CONTROL-REF-DETAIL-DIFF.md
Source Control ref truth classification docs/security/source-control-ref-truth-classification.snapshot.json / docs/security/SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md
Kali 112 integration status docs/security/kali-integration-status.snapshot.json / docs/security/KALI-INTEGRATION-STATUS.md
Security finding contract docs/security/security-finding-kali-sample.snapshot.json / docs/security/SECURITY-FINDING-CONTRACT.md
Kali scan scope approval package docs/security/kali-scan-scope-approval.snapshot.json / docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md
Security approval queue docs/security/security-approval-queue.snapshot.json / docs/security/SECURITY-APPROVAL-QUEUE.md
Security approval gate docs/security/security-approval-gate.snapshot.json / docs/security/SECURITY-APPROVAL-GATE.md
Security approval decision record docs/security/security-approval-decision-record.snapshot.json / docs/security/SECURITY-APPROVAL-DECISION-RECORD.md
Security approval review packet docs/security/security-approval-review-packet.snapshot.json / docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md
Security mirror readiness docs/security/security-mirror-readiness.snapshot.json / docs/security/SECURITY-MIRROR-READINESS.md
Security mirror intake plan docs/security/security-mirror-intake-plan.snapshot.json / docs/security/SECURITY-MIRROR-INTAKE-PLAN.md
資安鏡像事件契約 docs/security/security-mirror-event-sample.snapshot.json / docs/security/SECURITY-MIRROR-EVENT-CONTRACT.md
資安鏡像路由矩陣 docs/security/security-mirror-route.snapshot.json / docs/security/SECURITY-MIRROR-ROUTE.md
資安鏡像驗收契約 docs/security/security-mirror-acceptance.snapshot.json / docs/security/SECURITY-MIRROR-ACCEPTANCE.md
資安鏡像隔離契約 docs/security/security-mirror-quarantine.snapshot.json / docs/security/SECURITY-MIRROR-QUARANTINE.md
資安鏡像 dry-run 報告契約 docs/security/security-mirror-dry-run.snapshot.json / docs/security/SECURITY-MIRROR-DRY-RUN.md
資安鏡像狀態彙整契約 docs/security/security-mirror-status-rollup.snapshot.json / docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md
本機 repo canonical lineage snapshot docs/security/local-repo-canonical-ewoooc-momo.snapshot.json / docs/security/LOCAL-REPO-CANONICAL-EWOOOC-MOMO-SNAPSHOT.md
Internal 110 refs snapshot docs/security/git-remote-refs-bitan-tsenyang.snapshot.json / docs/security/GIT-REMOTE-REFS-BITAN-TSENYANG-SNAPSHOT.md
wooo-infra-config refs snapshot docs/security/git-remote-refs-wooo-infra-config.snapshot.json / docs/security/GIT-REMOTE-REFS-WOOO-INFRA-CONFIG-SNAPSHOT.md
Gitea/GitHub migration inventory docs/security/GITEA-GITHUB-MIGRATION-INVENTORY.md
AwoooP handoff docs/security/AWOOOP-SECURITY-SUPPLYCHAIN-INTEGRATION-HANDOFF.md
低摩擦資安 rollout policy docs/security/SECURITY-LOW-FRICTION-ROLLOUT-POLICY.md / docs/security/security-rollout-policy.snapshot.json
Security Supply Chain contract manifest docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md / docs/security/security-supply-chain-contract-manifest.snapshot.json

7. 下一步

  1. AwoooP 主線先把本清單視為契約消費檢查清單。
  2. Security Supply Chain Session 補齊 Gitea 全量 repo inventory 的只讀 token 或管理匯出來源。
  3. AwoooP 只建立 mirror/read-only policy 入口,不新增 execution action。
  4. 任一方要把事件升級成實際執行,都必須先產出 approval_required_event_v1,並在 security_approval_queue_v1 中維持 blocked_until_approved=true 直到人工決策完成。