Files
awoooi/docs/security/security-approval-gate.snapshot.json

319 lines
13 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"schema_version": "security_approval_gate_v1",
"status": "draft",
"date": "2026-05-17",
"mode": "approval_gate_only",
"runtime_execution_authorized": false,
"source_indexes": [
"docs/security/security-approval-queue.snapshot.json",
"docs/security/security-followup-runtime-gate.snapshot.json",
"docs/security/security-mirror-status-rollup.snapshot.json",
"docs/security/security-rollout-policy.snapshot.json",
"docs/security/kali-scan-scope-approval.snapshot.json",
"docs/security/source-control-approval-board.snapshot.json",
"docs/security/source-control-ref-truth-classification.snapshot.json",
"docs/security/source-control-ref-truth-owner-response.snapshot.json",
"docs/security/gitea-inventory-coverage-attestation.snapshot.json",
"docs/security/gitea-inventory-owner-attestation-response.snapshot.json"
],
"summary": {
"total_gate_items": 8,
"pending_human_decision_count": 7,
"block_candidate_count": 1,
"approved_count": 0,
"runtime_actions_authorized": false,
"immediate_execution_after_approval_allowed": false,
"raw_secret_storage_authorized": false
},
"gate_items": [
{
"gate_id": "gate-redacted-finding-ingestion-20260513",
"source_queue_item_id": "kali-finding-runtime-ingestion-approval-20260513",
"source_contract": "security_approval_queue_v1",
"risk": "MEDIUM",
"gate_state": "pending_human_decision",
"approval_scope": "design_or_draft_only",
"required_reviewers": [
"security-commander",
"human-owner"
],
"decision_options": ["approve_scope", "reject", "defer", "request_more_evidence"],
"allowed_after_approval": [
"設計 redacted security_finding_v1 ingestion adapter",
"建立 draft PR 或 patch-only backlog",
"只定義摘要欄位與 evidence_ref"
],
"still_forbidden": [
"保存 raw secret/token/cookie/private key/exploit payload",
"讓 AwoooP 直接啟動 scan",
"自動修復或自動封鎖 deploy"
],
"requires_followup_runtime_gate": true,
"evidence_refs": [
"docs/security/SECURITY-FINDING-CONTRACT.md",
"docs/security/security-finding-kali-sample.snapshot.json",
"docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md"
]
},
{
"gate_id": "gate-safe-web-crawl-20260513",
"source_queue_item_id": "kali-safe-web-crawl-approval-20260513",
"source_contract": "security_approval_queue_v1",
"risk": "MEDIUM",
"gate_state": "pending_human_decision",
"approval_scope": "low_noise_scan_scope_only",
"required_reviewers": [
"security-commander",
"human-owner"
],
"decision_options": ["approve_scope", "reject", "defer", "request_more_evidence"],
"allowed_after_approval": [
"定義 TLS/header/basic crawl 的目標清單",
"限制掃描頻率與時間窗",
"只輸出 redacted findings"
],
"still_forbidden": [
"active DAST fuzz",
"auth flow 改狀態測試",
"credentialed scan",
"阻擋 release"
],
"requires_followup_runtime_gate": true,
"evidence_refs": [
"docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md",
"docs/security/KALI-SECURITY-MESH-BLUEPRINT.md"
]
},
{
"gate_id": "gate-gitea-readonly-inventory-20260513",
"source_queue_item_id": "gitea-private-internal-server-side-inventory-2026-05-12",
"source_contract": "security_approval_queue_v1",
"risk": "MEDIUM",
"gate_state": "pending_human_decision",
"approval_scope": "read_only_inventory_only",
"required_reviewers": [
"migration-engineer",
"security-commander",
"human-owner"
],
"decision_options": ["approve_scope", "reject", "defer", "request_more_evidence"],
"allowed_after_approval": [
"先依 S4.9 request packet 要求 owner 回覆,用 template status ledger / collection checks 維持 request / received / accepted 分離,並完成 preflight / outcome lane 判定 / 驗收 S4.7 owner coverage attestation response保留 scope decision evidence",
"使用 read-only token 或 redacted admin export 補齊 repo list",
"只保存 token_present=true/false",
"更新 migration matrix 與 repo decision table"
],
"still_forbidden": [
"保存 token value",
"使用 write-capable token",
"未完成 S4.7 owner attestation 就標記 inventory complete",
"把 owner attestation 當成 repo migration 或 primary cutover approval",
"把 S4.9 owner response request packet、template status ledger 或 response packet 當成 inventory 執行授權",
"建立 GitHub repo",
"sync refs",
"切 GitHub primary"
],
"requires_followup_runtime_gate": true,
"evidence_refs": [
"docs/security/GITEA-READONLY-INVENTORY-APPROVAL-PACKAGE.md",
"docs/security/gitea-readonly-inventory-approval.snapshot.json",
"docs/security/GITEA-ORG-REPO-INVENTORY-BLOCKED-SNAPSHOT.md",
"docs/security/GITEA-INVENTORY-COVERAGE-ATTESTATION.md",
"docs/security/gitea-inventory-coverage-attestation.snapshot.json",
"docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
"docs/security/gitea-inventory-owner-attestation-response.snapshot.json",
"docs/security/GITEA-AUTHENTICATED-INVENTORY-IMPORT-ACCEPTANCE.md"
]
},
{
"gate_id": "gate-github-target-decisions-20260513",
"source_queue_item_id": "source-control-target-repo-approval-bundle-20260513",
"source_contract": "security_approval_queue_v1",
"risk": "HIGH",
"gate_state": "pending_human_decision",
"approval_scope": "design_or_draft_only",
"required_reviewers": [
"migration-engineer",
"security-commander",
"human-owner"
],
"decision_options": ["approve_scope", "reject", "defer", "request_more_evidence"],
"allowed_after_approval": [
"依 S4.10 驗收 owner decision response",
"依 S4.12 驗收 workflow / secret 名稱 owner response",
"逐 repo 更新 owner/visibility/canonical decision",
"更新 workflow / secret name parity read-only wording",
"產生 draft reconcile plan 或 ADR",
"更新 GitHub target decision snapshot"
],
"still_forbidden": [
"建立 repo",
"修改 visibility",
"把 S4.10 response packet 當成 repo creation 或 visibility approval",
"把 S4.12 response packet 當成 secret value collection、workflow modification 或 runner enablement approval",
"push refs",
"delete refs",
"切 GitHub primary"
],
"requires_followup_runtime_gate": true,
"evidence_refs": [
"docs/security/SOURCE-CONTROL-APPROVAL-BOARD.md",
"docs/security/source-control-approval-board.snapshot.json",
"docs/security/GITHUB-TARGET-REPO-APPROVAL-PACKAGE.md",
"docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md",
"docs/security/github-target-owner-decision-response.snapshot.json",
"docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md",
"docs/security/source-control-workflow-secret-name-owner-response.snapshot.json"
]
},
{
"gate_id": "gate-ref-truth-review-20260513",
"source_queue_item_id": "source-control-ref-truth-review-bundle-20260513",
"source_contract": "security_approval_queue_v1",
"risk": "HIGH",
"gate_state": "pending_human_decision",
"approval_scope": "design_or_draft_only",
"required_reviewers": [
"migration-engineer",
"security-commander",
"human-owner"
],
"decision_options": ["approve_scope", "reject", "defer", "request_more_evidence"],
"allowed_after_approval": [
"依 S4.11 驗收 owner response",
"標記單 ref 真相來源候選",
"更新 source control reconcile plan",
"產生人工 review checklist"
],
"still_forbidden": [
" S4.11 response packet refs sync/delete/force push approval",
"push refs",
"delete refs",
"force push",
" GitHub primary"
],
"requires_followup_runtime_gate": true,
"evidence_refs": [
"docs/security/SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md",
"docs/security/source-control-ref-truth-classification.snapshot.json",
"docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md",
"docs/security/source-control-ref-truth-owner-response.snapshot.json",
"docs/security/SOURCE-CONTROL-REF-DETAIL-DIFF.md"
]
},
{
"gate_id": "gate-credentialed-scan-20260513",
"source_queue_item_id": "kali-credentialed-scan-approval-20260513",
"source_contract": "security_approval_queue_v1",
"risk": "HIGH",
"gate_state": "pending_human_decision",
"approval_scope": "manual_exception_only",
"required_reviewers": [
"security-commander",
"vuln-verifier",
"human-owner"
],
"decision_options": ["approve_scope", "reject", "defer", "request_more_evidence"],
"allowed_after_approval": [
" credential sourcescopeaudit trail ",
" asset",
" redacted finding summary"
],
"still_forbidden": [
" credential value",
"",
"",
" firewall/RBAC/NetworkPolicy"
],
"requires_followup_runtime_gate": true,
"evidence_refs": [
"docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md",
"docs/security/SECURITY-LOW-FRICTION-ROLLOUT-POLICY.md"
]
},
{
"gate_id": "gate-kali-full-upgrade-reboot-20260513",
"source_queue_item_id": "kali-full-upgrade-reboot-approval-20260513",
"source_contract": "security_approval_queue_v1",
"risk": "HIGH",
"gate_state": "pending_human_decision",
"approval_scope": "manual_exception_only",
"required_reviewers": [
"security-commander",
"human-owner"
],
"decision_options": ["approve_scope", "reject", "defer", "request_more_evidence"],
"allowed_after_approval": [
"",
" snapshot rollback",
" post-health gate"
],
"still_forbidden": [
" reboot",
" snapshot full-upgrade",
" scanner health "
],
"requires_followup_runtime_gate": true,
"evidence_refs": [
"docs/security/KALI-INTEGRATION-STATUS.md",
"docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md"
]
},
{
"gate_id": "gate-kali-execute-endpoint-20260513",
"source_queue_item_id": "kali-execute-endpoint-approval-20260513",
"source_contract": "security_approval_queue_v1",
"risk": "CRITICAL",
"gate_state": "block_candidate",
"approval_scope": "blocked_by_default",
"required_reviewers": [
"critic",
"security-commander",
"human-owner"
],
"decision_options": ["keep_blocked", "defer", "request_more_evidence"],
"allowed_after_approval": [
" disable/allowlist/audit gate",
" exception ",
" AwoooP runtime "
],
"still_forbidden": [
"AwoooP runtime /execute",
" /execute MCP action",
" shell command ",
" command "
],
"requires_followup_runtime_gate": true,
"evidence_refs": [
"docs/security/KALI-INTEGRATION-STATUS.md",
"docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md"
]
}
],
"decision_recording_rules": [
" gate item reviewerevidence refs ",
" gate item security_approval_review_packet_v1 review packet ",
" next state security_approval_state_transition_v1 ",
"security_followup_runtime_gate_v1 runtime gate evidencepreflight checks rollback / disable requirement",
" scope inventory exception runtime action",
" scan/executereporefsdeploysecretRBACNetworkPolicyfirewall follow-up runtime gate",
" evidence gate audit evidence"
],
"forbidden_actions": [
"execute_gate_item",
"auto_approve",
"execute_after_approval_without_runtime_gate",
"start_kali_scan",
"call_kali_execute_endpoint",
"run_credentialed_scan",
"create_github_repo",
"change_repo_visibility",
"sync_git_refs",
"switch_github_primary",
"auto_merge",
"production_deploy",
"store_secret_token_cookie_private_key_or_exploit_payload",
"turn_low_medium_observations_into_blocking_gates"
]
}