Files
awoooi/docs/security/source-control-owner-response-validation-rollup.snapshot.json
Your Name 01bde65df1
All checks were successful
Code Review / ai-code-review (push) Successful in 12s
CD Pipeline / tests (push) Successful in 1m25s
CD Pipeline / build-and-deploy (push) Successful in 4m28s
CD Pipeline / post-deploy-checks (push) Successful in 1m30s
docs(security): refresh S4.9 owner response gate
2026-06-13 11:36:33 +08:00

2279 lines
107 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"schema_version": "source_control_owner_response_validation_rollup_v1",
"status": "draft_waiting_owner_responses",
"date": "2026-06-13",
"mode": "owner_response_validation_rollup_only",
"runtime_execution_authorized": false,
"source_contracts": [
"gitea_inventory_owner_attestation_response_v1",
"github_target_owner_decision_response_v1",
"source_control_ref_truth_owner_response_v1",
"source_control_workflow_secret_name_owner_response_v1"
],
"source_indexes": [
"docs/security/gitea-inventory-owner-attestation-response.snapshot.json",
"docs/security/github-target-owner-decision-response.snapshot.json",
"docs/security/source-control-ref-truth-owner-response.snapshot.json",
"docs/security/source-control-workflow-secret-name-owner-response.snapshot.json",
"docs/security/security-mirror-status-rollup.snapshot.json",
"docs/security/source-control-primary-readiness-gate.snapshot.json",
"docs/security/security-approval-review-packet.snapshot.json",
"docs/security/security-followup-runtime-gate.snapshot.json"
],
"summary": {
"rollup_status": "waiting_owner_responses",
"response_packet_count": 4,
"validation_lane_count": 4,
"total_response_template_count": 24,
"total_received_response_count": 0,
"total_accepted_response_count": 0,
"total_rejected_response_count": 0,
"total_acceptance_check_count": 32,
"total_rejection_rule_count": 40,
"owner_response_evidence_routing_rule_count": 6,
"owner_response_validation_display_section_count": 8,
"owner_response_validation_state_transition_rule_count": 7,
"owner_response_validation_reviewer_checklist_count": 9,
"owner_response_validation_reviewer_outcome_lane_count": 7,
"owner_response_validation_reviewer_audit_event_template_count": 4,
"owner_response_validation_reviewer_audit_display_section_count": 5,
"owner_response_validation_reviewer_audit_collection_check_count": 6,
"owner_response_validation_reviewer_audit_redaction_example_count": 5,
"owner_response_validation_reviewer_audit_retention_rule_count": 5,
"owner_response_validation_reviewer_audit_retention_check_count": 6,
"quarantine_required": true,
"primary_ready_count": 0,
"runtime_execution_authorized": false,
"token_value_collection_allowed": false,
"secret_value_collection_allowed": false,
"write_token_allowed": false,
"repo_creation_authorized": false,
"visibility_change_authorized": false,
"gitea_repo_write_authorized": false,
"refs_sync_authorized": false,
"refs_delete_authorized": false,
"force_push_authorized": false,
"workflow_modification_authorized": false,
"runner_enablement_authorized": false,
"github_hosted_runner_enable_authorized": false,
"github_primary_switch_authorized": false,
"action_buttons_allowed": false,
"owner_response_validation_reviewer_audit_handoff_packet_count": 6,
"owner_response_validation_reviewer_audit_handoff_check_count": 6,
"owner_response_validation_parallel_session_sync_check_count": 6,
"owner_response_validation_parallel_session_conflict_lane_count": 6,
"owner_response_validation_parallel_session_recovery_check_count": 6,
"owner_response_validation_parallel_session_recovery_outcome_lane_count": 7
},
"validation_lanes": [
{
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
"source_contract": "gitea_inventory_owner_attestation_response_v1",
"response_packet": "docs/security/gitea-inventory-owner-attestation-response.snapshot.json",
"human_doc": "docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
"scope_summary": "5 個 Gitea coverage attestation itemspublic-only/local gap、org/user endpoint、110 adjacent scope、canonical owner、legacy/inaccessible disposition。",
"response_template_count": 5,
"received_response_count": 0,
"accepted_response_count": 0,
"rejected_response_count": 0,
"required_before_ready": [
"5 個 S4.7 attestation items 皆有可驗收 owner response",
"response 只能引用脫敏 evidence refs",
"不得保存 token value、raw secret、DB dump、git object 或 repo write payload"
],
"allowed_outputs": [
"更新 read-only Gitea coverage matrix wording",
"更新 owner / canonical / legacy disposition 欄位",
"維持 gitea_repo_inventory_v1.status=partial 直到 S4.6 payload 驗收通過"
],
"forbidden_actions": [
"store_token_value",
"write_gitea_repo",
"sync_refs",
"switch_github_primary"
],
"execution_authorized": false
},
{
"lane_id": "s4_10_github_target_owner_decision_response",
"source_contract": "github_target_owner_decision_response_v1",
"response_packet": "docs/security/github-target-owner-decision-response.snapshot.json",
"human_doc": "docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md",
"scope_summary": "9 個 approval-required GitHub targets 的 owner、visibility、canonical response。",
"response_template_count": 9,
"received_response_count": 0,
"accepted_response_count": 0,
"rejected_response_count": 0,
"required_before_ready": [
"9 個 target response 都有 owner / visibility / canonical disposition",
"not_found_or_private 不得自動解讀為可建立 repo",
"response 不得夾帶 repo creation、visibility change 或 refs sync payload"
],
"allowed_outputs": [
"更新 read-only GitHub target decision table wording",
"更新 repo-by-repo approval package 的 owner / visibility / canonical 欄位",
"維持 primary_ready_count=0"
],
"forbidden_actions": [
"create_github_repo",
"change_repo_visibility",
"sync_refs",
"switch_github_primary"
],
"execution_authorized": false
},
{
"lane_id": "s4_11_ref_truth_owner_response",
"source_contract": "source_control_ref_truth_owner_response_v1",
"response_packet": "docs/security/source-control-ref-truth-owner-response.snapshot.json",
"human_doc": "docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md",
"scope_summary": "S4.11 request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks加上 194 個 refs review items 的 main/dev truth、deprecated drift、release tag retention、GitHub-only refs disposition。",
"response_template_count": 5,
"received_response_count": 0,
"accepted_response_count": 0,
"rejected_response_count": 0,
"required_before_ready": [
"main/dev truth 與 release tags 必須有 deploy / artifact / rollback owner",
"deprecated candidate 只能更新 disposition不代表 delete approval",
"backfill candidate 只能更新 review wording不代表 push approval"
],
"allowed_outputs": [
"更新 read-only ref truth classification disposition",
"更新 draft reconcile plan wording",
"維持 refs sync / delete / force push disabled"
],
"forbidden_actions": [
"fetch_refs",
"push_refs",
"delete_refs",
"force_push",
"switch_github_primary"
],
"execution_authorized": false
},
{
"lane_id": "s4_12_workflow_secret_name_owner_response",
"source_contract": "source_control_workflow_secret_name_owner_response_v1",
"response_packet": "docs/security/source-control-workflow-secret-name-owner-response.snapshot.json",
"human_doc": "docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md",
"scope_summary": "webhook、runner、deploy key、branch protection / CODEOWNERS、repository secret name parity 的 redacted owner response request / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks / response。",
"response_template_count": 5,
"received_response_count": 0,
"accepted_response_count": 0,
"rejected_response_count": 0,
"required_before_ready": [
"每個 lane 只能保存允許欄位與脫敏 metadata",
"GitHub hosted runner 只能進 risk review不得啟用或消耗 hosted minutes",
"secret name parity 只保存名稱、scope、owner 與 present/absent不保存 value/hash/partial token",
"request packet 只提示 owner 要回覆什麼,不代表 request sent、response received、secret value collection、workflow modification 或 runner enablement",
"template status ledger 只逐項顯示 waiting_owner_response不代表 request sent、response received 或 accepted",
"audit event templates 只定義 0 emitted 的脫敏 metadata不代表 production ingestion 或 runtime authorization",
"redaction examples 只示範安全回覆形狀,不代表 owner response received、accepted 或 secret value collection",
"collection checks 只維持 request / received / accepted 分離,不代表 owner response received、accepted 或 workflow / secret 執行授權",
"intake preflight checks 只分類可審、補證、隔離或拒收,不代表 owner response accepted 或 workflow / secret 執行授權"
],
"allowed_outputs": [
"更新 read-only workflow / secret name inventory wording",
"更新 redacted export request disposition",
"維持 workflow / secret parity blocker 直到實際 redacted evidence 完成"
],
"forbidden_actions": [
"store_secret_value",
"modify_workflow",
"enable_runner",
"enable_github_hosted_runner",
"switch_github_primary"
],
"execution_authorized": false
}
],
"cross_packet_acceptance_checks": [
{
"check_id": "all_source_packets_schema_valid",
"title": "四個 source response packets 都必須 JSON / schema 結構有效",
"required": true,
"pass_condition": "source packet 可被解析,且 summary 欄位存在",
"failure_lane": "mirror_quarantine",
"execution_authorized": false
},
{
"check_id": "template_counts_match",
"title": "response template count 必須與各 source packet summary 一致",
"required": true,
"pass_condition": "5 + 9 + 5 + 5 = 24",
"failure_lane": "mirror_quarantine",
"execution_authorized": false
},
{
"check_id": "response_counts_explicit",
"title": "received / accepted / rejected count 必須明確列出",
"required": true,
"pass_condition": "所有 source packets 目前皆為 0 / 0 / 0",
"failure_lane": "request_more_evidence",
"execution_authorized": false
},
{
"check_id": "accepted_response_does_not_unlock_runtime",
"title": "即使未來 response 被接受,也不得直接解鎖 runtime",
"required": true,
"pass_condition": "readiness effect 只允許更新 read-only wording 或 matrix 欄位",
"failure_lane": "block_candidate",
"execution_authorized": false
},
{
"check_id": "rejection_rules_present",
"title": "四個 packets 都必須保留 rejection rules",
"required": true,
"pass_condition": "每包 10 個 rejection rules總數 40",
"failure_lane": "mirror_quarantine",
"execution_authorized": false
},
{
"check_id": "no_secret_or_token_value",
"title": "不得收集 token、secret、private key、cookie、session 或 partial credential",
"required": true,
"pass_condition": "所有收件與輸出欄位只允許脫敏 evidence refs 或名稱 metadata",
"failure_lane": "hard_reject",
"execution_authorized": false
},
{
"check_id": "no_write_or_admin_action",
"title": "不得夾帶 write token、admin API、repo write、workflow 修改或 runner 啟用",
"required": true,
"pass_condition": "所有 write / admin / execution flags 皆為 false",
"failure_lane": "hard_reject",
"execution_authorized": false
},
{
"check_id": "no_refs_or_primary_action",
"title": "不得把 owner response 當成 refs sync、delete、force push 或 primary approval",
"required": true,
"pass_condition": "refs_sync / refs_delete / force_push / github_primary_switch 皆為 false",
"failure_lane": "hard_reject",
"execution_authorized": false
},
{
"check_id": "quarantine_uncertain_payload",
"title": "任何不確定是否含敏感值的 response 必須隔離",
"required": true,
"pass_condition": "quarantine_required=true 且 quarantine rules 已列出",
"failure_lane": "mirror_quarantine",
"execution_authorized": false
},
{
"check_id": "rollup_and_readiness_must_be_updated_together",
"title": "接受 response 後必須同步更新 rollup 與 readiness wording",
"required": true,
"pass_condition": "更新 source packet、validation rollup、security mirror rollup、primary readiness gate 與 LOGBOOK",
"failure_lane": "request_more_evidence",
"execution_authorized": false
}
],
"quarantine_rules": [
"response 夾帶 token、secret、cookie、session、private key、deploy key material、runner token 或 partial credential 時 hard reject。",
"response 夾帶完整 webhook URL、query token、header、body、未脫敏 screenshot 或 private URL credential 時 hard reject。",
"response 要求 write API、repo 建立、visibility change、workflow 修改、runner 啟用、secret rotate、refs sync、delete refs、force push 或 GitHub primary switch 時 hard reject。",
"response 缺 lane、repo、provider、owner、decision、decision_reason 或 evidence_refs 時 request_more_evidence。",
"response 的敏感性不確定時先 quarantine不猜測、不修補、不自動接受。"
],
"owner_response_evidence_routing_rules": [
{
"rule_id": "evidence-routing-known-lane",
"display_order": 1,
"title": "已知 owner response lane 才能進入對應 source packet preflight",
"match_condition": "evidence pointer 明確標示 S4.9 / S4.10 / S4.11 / S4.12 其中一個 lane且 template_id 屬於該 lane 的既有 response templates。",
"safe_route": "route_to_source_packet_intake_preflight",
"blocked_route": "request_more_evidence_if_lane_or_template_unknown",
"awooop_display_mode": "display_evidence_route_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "evidence-routing-required-fields",
"display_order": 2,
"title": "缺少 owner / decision / evidence refs 時只要求補證",
"match_condition": "lane 已知,但 owner、decision、decision_reason、repo/provider metadata 或 evidence_refs 缺漏。",
"safe_route": "request_more_evidence",
"blocked_route": "do_not_increment_received_or_accepted_count",
"awooop_display_mode": "display_evidence_route_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "evidence-routing-sensitive-payload",
"display_order": 3,
"title": "疑似敏感 payload 一律先送 mirror quarantine",
"match_condition": "evidence pointer、摘要或附件暗示 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential 或未脫敏截圖。",
"safe_route": "mirror_quarantine",
"blocked_route": "do_not_store_raw_payload_or_render_sensitive_material",
"awooop_display_mode": "display_evidence_route_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "evidence-routing-execution-request",
"display_order": 4,
"title": "夾帶執行要求時 hard reject",
"match_condition": "response 要求建立 repo、修改 visibility、write token、sync/delete/force push refs、修改 workflow/webhook/runner/deploy key/branch protection/repository secret、啟用 GitHub hosted runner、Kali scan 或 GitHub primary switch。",
"safe_route": "hard_reject_execution_request",
"blocked_route": "do_not_create_runtime_gate_or_action_button",
"awooop_display_mode": "display_evidence_route_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "evidence-routing-cross-packet-conflict",
"display_order": 5,
"title": "跨包互相矛盾時只進 owner review",
"match_condition": "S4.9 canonical owner、S4.10 GitHub target、S4.11 refs truth 或 S4.12 workflow / secret name parity 之間出現 owner、repo、visibility、truth source 或 secret 名稱矛盾。",
"safe_route": "cross_packet_owner_review",
"blocked_route": "do_not_auto_merge_or_override_source_packet",
"awooop_display_mode": "display_evidence_route_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "evidence-routing-accepted-metadata",
"display_order": 6,
"title": "通過驗收後只允許更新只讀 wording",
"match_condition": "source packet preflight、acceptance checks、cross-packet checks 與 quarantine rules 全部通過,且 evidence refs 完全脫敏。",
"safe_route": "read_only_readiness_wording_update",
"blocked_route": "do_not_unlock_repo_refs_workflow_secret_runner_or_primary_actions",
"awooop_display_mode": "display_evidence_route_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_display_sections": [
{
"section_id": "display-validation-summary",
"display_order": 1,
"title": "Owner response validation 總覽",
"content_source": "summaryresponse_packet_count、validation_lane_count、total_response_template_count、received / accepted / rejected count、runtime flags。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-missing-response-lanes",
"display_order": 2,
"title": "Missing owner response lanes",
"content_source": "missing_response_lanesS4.9 / S4.10 / S4.11 / S4.12 四條缺口、next_owner_action 與 still_forbidden。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-owner-response-collection-order",
"display_order": 3,
"title": "Owner response collection order",
"content_source": "owner_response_collection_order四步收件順序、required_packet、minimum_response 與 blocked_until_received。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-next-collection-candidate",
"display_order": 4,
"title": "Next collection candidate",
"content_source": "next_collection_candidate目前只顯示 S4.9 Gitea owner attestation responsereceived / accepted 皆為 0。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-cross-packet-acceptance-checks",
"display_order": 5,
"title": "Cross-packet acceptance checks",
"content_source": "cross_packet_acceptance_checks10 個跨包驗收檢查,只作 read-only validation不授權 runtime。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-evidence-routing-rules",
"display_order": 6,
"title": "Evidence routing rules",
"content_source": "owner_response_evidence_routing_rules6 條 evidence pointer 只讀路由,補證、隔離、拒收、跨包 review 或只讀更新。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-quarantine-and-forbidden-actions",
"display_order": 7,
"title": "Quarantine 與禁止事項",
"content_source": "quarantine_rules、forbidden_actions、summary false flags顯示敏感 payload、write/admin/action button 與 primary 禁令。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-latest-local-validation",
"display_order": 8,
"title": "最新本機只讀驗證",
"content_source": "latest_local_validationrepo_snapshot_only、SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK、received / accepted count 仍為 0。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_validation_section_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_state_transition_rules": [
{
"rule_id": "transition-waiting-to-received-pending-validation",
"display_order": 1,
"from_state": "waiting_owner_response",
"trigger": "收到已知 S4.9 / S4.10 / S4.11 / S4.12 lane 的 owner response evidence pointer。",
"required_checks": [
"lane 與 template_id 已知",
"owner、decision、decision_reason、repo/provider metadata 與 evidence_refs 完整",
"evidence refs 已脫敏且沒有 raw secret/token/private URL credential"
],
"next_state": "received_pending_validation",
"allowed_update": "只允許 source packet 與 rollup 顯示 received_pending_validation 候選;不得增加 accepted count。",
"blocked_updates": [
"mark_accepted",
"create_runtime_gate",
"add_action_button",
"repo_or_refs_or_workflow_secret_change"
],
"awooop_display_mode": "display_state_transition_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "transition-missing-required-fields-to-request-more-evidence",
"display_order": 2,
"from_state": "waiting_owner_response",
"trigger": "response 缺少必填 owner、decision、reason、repo/provider metadata 或 evidence_refs。",
"required_checks": [
"已能判斷 lane 或 template 缺口",
"沒有敏感 payload",
"沒有執行要求"
],
"next_state": "request_more_evidence",
"allowed_update": "只允許顯示補證缺口與下一步 owner action。",
"blocked_updates": [
"increment_received_count",
"increment_accepted_count",
"store_raw_payload",
"unlock_primary_readiness"
],
"awooop_display_mode": "display_state_transition_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "transition-sensitive-payload-to-mirror-quarantine",
"display_order": 3,
"from_state": "waiting_owner_response_or_received_pending_validation",
"trigger": "response 或 evidence pointer 疑似含 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential 或未脫敏截圖。",
"required_checks": [
"敏感性不確定即視為需要隔離",
"不得渲染或保存 raw payload",
"不得把 masked/partial credential 當成可保存 evidence"
],
"next_state": "mirror_quarantine",
"allowed_update": "只允許顯示 quarantine pointer 與 redaction request。",
"blocked_updates": [
"store_sensitive_payload",
"render_sensitive_material",
"increment_received_count",
"increment_accepted_count"
],
"awooop_display_mode": "display_state_transition_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "transition-execution-request-to-hard-rejected",
"display_order": 4,
"from_state": "waiting_owner_response_or_received_pending_validation",
"trigger": "response 夾帶 repo creation、visibility change、refs sync/delete/force push、workflow/webhook/runner/deploy key/branch protection/repository secret、Kali scan、GitHub hosted runner 或 GitHub primary switch 要求。",
"required_checks": [
"偵測到任何 write/admin/runtime intent",
"blocked route 已指向 do_not_create_runtime_gate_or_action_button",
"仍保留 redacted rejection evidence"
],
"next_state": "hard_rejected_execution_request",
"allowed_update": "只允許顯示拒收原因與仍禁止事項。",
"blocked_updates": [
"create_runtime_gate",
"enqueue_execution",
"add_action_button",
"change_repo_refs_workflow_secret_runner_or_primary"
],
"awooop_display_mode": "display_state_transition_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "transition-cross-packet-conflict-to-owner-review",
"display_order": 5,
"from_state": "received_pending_validation",
"trigger": "S4.9 owner/canonical、S4.10 target/visibility、S4.11 refs truth 或 S4.12 workflow/secret name parity 互相矛盾。",
"required_checks": [
"矛盾欄位可指向來源 packet",
"不得自動覆蓋 source packet",
"不得把任一 packet 視為較高權威"
],
"next_state": "cross_packet_owner_review",
"allowed_update": "只允許顯示 reviewer 需要確認的欄位與 evidence refs。",
"blocked_updates": [
"auto_merge_response",
"override_source_packet",
"mark_primary_ready",
"unlock_refs_or_workflow_actions"
],
"awooop_display_mode": "display_state_transition_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "transition-validation-pass-to-read-only-update",
"display_order": 6,
"from_state": "received_pending_validation",
"trigger": "source packet preflight、acceptance checks、cross-packet checks 與 quarantine rules 全部通過。",
"required_checks": [
"所有 evidence refs 完全脫敏",
"source packet、validation rollup、security mirror rollup、primary readiness wording 與 LOGBOOK 可同步更新",
"received / accepted count 的變更仍只限文件與 snapshot"
],
"next_state": "accepted_read_only_update",
"allowed_update": "只允許更新 read-only evidence、matrix、decision table、reconcile wording 或 readiness wording。",
"blocked_updates": [
"create_repo",
"sync_or_delete_refs",
"modify_workflow_or_secret",
"enable_runner_or_primary"
],
"awooop_display_mode": "display_state_transition_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "transition-post-update-stays-waiting-runtime-gate",
"display_order": 7,
"from_state": "accepted_read_only_update",
"trigger": "read-only wording 已更新,但仍未取得 runtime gate、owner approval、rollback ADR、redacted payload ingestion 或 primary readiness。",
"required_checks": [
"active_runtime_gate_count 仍為 0",
"github_primary_ready_count 仍為 0",
"action_buttons_allowed 仍為 false"
],
"next_state": "waiting_followup_runtime_gate",
"allowed_update": "只允許提示後續需要人工批准與獨立 runtime gate。",
"blocked_updates": [
"treat_read_only_update_as_runtime_approval",
"auto_execute_scan_or_migration",
"switch_github_primary",
"consume_github_hosted_runner_minutes"
],
"awooop_display_mode": "display_state_transition_rule_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_checklist": [
{
"checklist_id": "checklist-confirm-lane-and-template",
"display_order": 1,
"title": "確認 owner response lane 與 template 已知",
"reviewer_action": "確認 evidence pointer 只屬於 S4.9 / S4.10 / S4.11 / S4.12 的既有 lane 與 template_id。",
"required_evidence": [
"lane_id",
"template_id",
"source_packet_path"
],
"pass_state": "received_pending_validation",
"fail_route": "request_more_evidence",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-required-owner-fields",
"display_order": 2,
"title": "確認 owner / decision / reason / metadata 欄位完整",
"reviewer_action": "確認 owner、decision、decision_reason、repo/provider metadata 與 evidence_refs 都存在且可追溯。",
"required_evidence": [
"owner",
"decision",
"decision_reason",
"repo_or_provider_metadata",
"evidence_refs"
],
"pass_state": "received_pending_validation",
"fail_route": "request_more_evidence",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-redacted-evidence-refs",
"display_order": 3,
"title": "確認 evidence refs 已脫敏且不含 raw payload",
"reviewer_action": "只接受文件路徑、ticket id、hash 或摘要;不得貼入 token、secret、private URL credential 或未脫敏截圖。",
"required_evidence": [
"redacted_evidence_refs",
"no_raw_payload_statement"
],
"pass_state": "received_pending_validation",
"fail_route": "mirror_quarantine",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-source-packet-preflight",
"display_order": 4,
"title": "確認 source packet preflight 通過",
"reviewer_action": "依對應 S4.9 / S4.10 / S4.11 / S4.12 intake preflight checks 判定可審、補證、隔離或拒收。",
"required_evidence": [
"source_packet_preflight_result",
"preflight_check_ids"
],
"pass_state": "received_pending_validation",
"fail_route": "source_packet_preflight_failure_route",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-cross-packet-consistency",
"display_order": 5,
"title": "確認 S4.9-S4.12 跨包一致性",
"reviewer_action": "確認 owner、repo、visibility、truth source、workflow / secret name parity 沒有互相矛盾。",
"required_evidence": [
"cross_packet_acceptance_check_ids",
"consistency_summary"
],
"pass_state": "received_pending_validation",
"fail_route": "cross_packet_owner_review",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-no-sensitive-payload",
"display_order": 6,
"title": "確認沒有敏感 payload",
"reviewer_action": "確認 response 不含 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential 或 partial credential。",
"required_evidence": [
"sensitive_payload_scan_result",
"redaction_summary"
],
"pass_state": "received_pending_validation",
"fail_route": "mirror_quarantine",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-no-execution-intent",
"display_order": 7,
"title": "確認沒有執行意圖",
"reviewer_action": "確認 response 沒有要求 repo creation、visibility change、refs sync/delete/force push、workflow/webhook/runner/deploy key/branch protection/repository secret 變更、Kali scan、GitHub hosted runner 或 GitHub primary switch。",
"required_evidence": [
"execution_intent_review_result",
"blocked_action_summary"
],
"pass_state": "received_pending_validation",
"fail_route": "hard_rejected_execution_request",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-read-only-update-scope",
"display_order": 8,
"title": "確認通過後只更新 read-only wording",
"reviewer_action": "確認即使 response 通過,也只更新 evidence、matrix、decision table、reconcile wording 或 readiness wording。",
"required_evidence": [
"read_only_update_targets",
"no_runtime_unlock_statement"
],
"pass_state": "accepted_read_only_update",
"fail_route": "block_candidate",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
},
{
"checklist_id": "checklist-confirm-followup-runtime-gate-still-required",
"display_order": 9,
"title": "確認後續 runtime gate 仍需獨立批准",
"reviewer_action": "確認 active_runtime_gate_count 仍為 0、github_primary_ready_count 仍為 0、action_buttons_allowed 仍為 false。",
"required_evidence": [
"active_runtime_gate_count",
"github_primary_ready_count",
"action_buttons_allowed"
],
"pass_state": "waiting_followup_runtime_gate",
"fail_route": "block_candidate",
"awooop_display_mode": "display_reviewer_checklist_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_outcome_lanes": [
{
"outcome_lane_id": "outcome-keep-waiting-owner-response",
"display_order": 1,
"title": "繼續等待 owner response",
"when_reviewer_finds": "尚未收到 owner response evidence pointer或目前只看到 request packet / template status / audit template / redaction example / display section。",
"safe_result": "keep_waiting_owner_response",
"allowed_update": "只顯示 waiting 狀態、缺口摘要與 next collection candidate。",
"blocked_updates": [
"increment_received_count",
"increment_accepted_count",
"mark_primary_ready",
"create_runtime_gate"
],
"awooop_display_mode": "display_reviewer_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"outcome_lane_id": "outcome-request-more-evidence",
"display_order": 2,
"title": "要求補證",
"when_reviewer_finds": "lane / template 已知但缺 owner、decision、reason、repo/provider metadata、evidence refs 或 source packet preflight 結果。",
"safe_result": "request_more_evidence",
"allowed_update": "只顯示缺哪些欄位與下一步 owner action。",
"blocked_updates": [
"increment_accepted_count",
"unlock_primary_readiness",
"enqueue_execution",
"store_raw_payload"
],
"awooop_display_mode": "display_reviewer_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"outcome_lane_id": "outcome-mirror-quarantine-sensitive-payload",
"display_order": 3,
"title": "敏感 payload 進 mirror quarantine",
"when_reviewer_finds": "evidence pointer 或 response 疑似含 token、secret、private key、cookie、session、runner token、webhook secret、deploy key material、authorization header、private URL credential、partial credential 或未脫敏截圖。",
"safe_result": "mirror_quarantine",
"allowed_update": "只顯示 quarantine pointer、redaction request 與不得保存 raw payload 的提示。",
"blocked_updates": [
"store_sensitive_payload",
"render_sensitive_material",
"increment_received_count",
"increment_accepted_count"
],
"awooop_display_mode": "display_reviewer_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"outcome_lane_id": "outcome-hard-reject-execution-request",
"display_order": 4,
"title": "拒收執行要求",
"when_reviewer_finds": "response 夾帶 repo creation、visibility change、refs sync/delete/force push、workflow/webhook/runner/deploy key/branch protection/repository secret、Kali scan、GitHub hosted runner 或 GitHub primary switch 要求。",
"safe_result": "hard_rejected_execution_request",
"allowed_update": "只顯示拒收原因、blocked action summary 與仍禁止事項。",
"blocked_updates": [
"create_runtime_gate",
"enqueue_execution",
"add_action_button",
"change_repo_refs_workflow_secret_runner_or_primary"
],
"awooop_display_mode": "display_reviewer_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"outcome_lane_id": "outcome-cross-packet-owner-review",
"display_order": 5,
"title": "跨包 owner review",
"when_reviewer_finds": "S4.9 / S4.10 / S4.11 / S4.12 之間的 owner、repo、visibility、truth source 或 workflow / secret name parity 互相矛盾。",
"safe_result": "cross_packet_owner_review",
"allowed_update": "只顯示矛盾欄位、來源 packet 與 reviewer 需要確認的 evidence refs。",
"blocked_updates": [
"auto_merge_response",
"override_source_packet",
"mark_primary_ready",
"unlock_refs_or_workflow_actions"
],
"awooop_display_mode": "display_reviewer_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"outcome_lane_id": "outcome-read-only-update-candidate",
"display_order": 6,
"title": "只讀更新候選",
"when_reviewer_finds": "source packet preflight、acceptance checks、cross-packet checks、reviewer checklist 與 quarantine rules 全部通過,且 evidence refs 完全脫敏。",
"safe_result": "accepted_read_only_update_candidate",
"allowed_update": "只允許更新 evidence、matrix、decision table、reconcile wording、readiness wording 與 LOGBOOK。",
"blocked_updates": [
"create_repo",
"sync_or_delete_refs",
"modify_workflow_or_secret",
"enable_runner_or_primary"
],
"awooop_display_mode": "display_reviewer_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"outcome_lane_id": "outcome-waiting-followup-runtime-gate",
"display_order": 7,
"title": "仍等待後續 runtime gate",
"when_reviewer_finds": "只讀 wording 已完成或可完成,但 active_runtime_gate_count=0、github_primary_ready_count=0、action_buttons_allowed=false。",
"safe_result": "waiting_followup_runtime_gate",
"allowed_update": "只顯示後續仍需人工批准、rollback / disable plan 與獨立 runtime gate。",
"blocked_updates": [
"treat_read_only_update_as_runtime_approval",
"auto_execute_scan_or_migration",
"switch_github_primary",
"consume_github_hosted_runner_minutes"
],
"awooop_display_mode": "display_reviewer_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_event_templates": [
{
"event_template_id": "audit-reviewer-outcome-review-opened",
"display_order": 1,
"title": "Reviewer 開始檢查 owner response outcome",
"event_status": "template_only_not_emitted",
"event_trigger": "Reviewer 打開 S4.13 owner response validation rollup 並準備依 checklist / outcome lanes 做只讀分類。",
"allowed_metadata": [
"reviewer_id_or_role",
"lane_id",
"template_id",
"source_packet_path",
"review_started_at_taipei",
"redacted_evidence_ref_count"
],
"forbidden_payloads": [
"raw_owner_response_body",
"token_or_secret_value",
"private_key_or_deploy_key_material",
"cookie_or_session",
"authorization_header",
"private_url_credential",
"unredacted_screenshot"
],
"emitted_event_count": 0,
"stored_raw_payload_allowed": false,
"awooop_display_mode": "display_reviewer_audit_template_only",
"execution_authorized": false,
"not_approval": true
},
{
"event_template_id": "audit-reviewer-outcome-classified",
"display_order": 2,
"title": "Reviewer outcome lane 已分類",
"event_status": "template_only_not_emitted",
"event_trigger": "Reviewer 依 7 條 outcome lanes 將 evidence pointer 分類為等待、補證、隔離、拒收、跨包 review、只讀候選或等待 runtime gate。",
"allowed_metadata": [
"outcome_lane_id",
"classification_reason",
"checklist_pass_count",
"checklist_fail_count",
"redacted_evidence_refs",
"reviewed_at_taipei"
],
"forbidden_payloads": [
"raw_owner_response_body",
"token_or_secret_value",
"secret_hash_or_masked_token",
"partial_credential",
"runner_token",
"webhook_secret",
"deploy_key_value",
"private_url_credential"
],
"emitted_event_count": 0,
"stored_raw_payload_allowed": false,
"awooop_display_mode": "display_reviewer_audit_template_only",
"execution_authorized": false,
"not_approval": true
},
{
"event_template_id": "audit-reviewer-quarantine-or-reject-recorded",
"display_order": 3,
"title": "隔離或拒收原因已留痕模板",
"event_status": "template_only_not_emitted",
"event_trigger": "Reviewer 將 response 分類為 mirror quarantine 或 hard rejected execution request。",
"allowed_metadata": [
"outcome_lane_id",
"blocked_reason_code",
"redaction_required",
"quarantine_pointer",
"blocked_action_summary",
"reviewed_at_taipei"
],
"forbidden_payloads": [
"sensitive_payload",
"raw_request_body",
"raw_response_body",
"credential_value",
"private_key",
"authorization_header",
"cookie_or_session",
"execution_payload"
],
"emitted_event_count": 0,
"stored_raw_payload_allowed": false,
"awooop_display_mode": "display_reviewer_audit_template_only",
"execution_authorized": false,
"not_approval": true
},
{
"event_template_id": "audit-reviewer-readonly-update-noted",
"display_order": 4,
"title": "只讀更新候選已記錄模板",
"event_status": "template_only_not_emitted",
"event_trigger": "Reviewer 將 response 分類為 read-only update candidate 或 waiting follow-up runtime gate。",
"allowed_metadata": [
"outcome_lane_id",
"read_only_update_targets",
"followup_runtime_gate_required",
"active_runtime_gate_count",
"github_primary_ready_count",
"action_buttons_allowed"
],
"forbidden_payloads": [
"runtime_approval",
"execution_command",
"repo_write_token",
"refs_update_payload",
"workflow_secret_value",
"runner_registration_token",
"github_primary_switch_payload"
],
"emitted_event_count": 0,
"stored_raw_payload_allowed": false,
"awooop_display_mode": "display_reviewer_audit_template_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_display_sections": [
{
"section_id": "display-reviewer-audit-template-summary",
"display_order": 1,
"title": "Reviewer audit template 總覽",
"content_source": "顯示 4 個 reviewer audit event templates、template_only_not_emitted、emitted_event_count=0 與 not approval 邊界。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_reviewer_audit_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-reviewer-audit-metadata-fields",
"display_order": 2,
"title": "允許顯示的脫敏 metadata 欄位",
"content_source": "只顯示 reviewer role、lane、template、source packet、classification reason、checklist pass/fail count、redacted evidence refs、read-only targets 與 gate count 等 metadata 名稱;不得顯示 raw owner response。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_reviewer_audit_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-reviewer-audit-forbidden-payloads",
"display_order": 3,
"title": "禁止 payload 顯示與保存",
"content_source": "顯示 forbidden_payloads 清單,明確擋住 token、secret、private key、deploy key material、cookie、session、authorization header、private URL credential、partial credential、runner token、webhook secret、raw request / response body、未脫敏截圖與 execution payload。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_reviewer_audit_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-reviewer-audit-emission-status",
"display_order": 4,
"title": "Reviewer audit emitted 狀態",
"content_source": "顯示全部 reviewer audit templates 目前 emitted_event_count=0、stored_raw_payload_allowed=false代表尚未啟用 production ingestion。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_reviewer_audit_section_only",
"execution_authorized": false,
"not_approval": true
},
{
"section_id": "display-reviewer-audit-non-authorization-boundary",
"display_order": 5,
"title": "非授權邊界",
"content_source": "顯示 reviewer audit display sections 只固定 UI 呈現,不代表 owner response received、accepted、approval、runtime gate、execution queue、action button、repo / refs / workflow / secret / runner 變更、Kali scan 或 GitHub primary switch。",
"section_status": "display_contract_only",
"awooop_display_mode": "display_reviewer_audit_section_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_collection_checks": [
{
"check_id": "check-reviewer-audit-template-visible",
"display_order": 1,
"title": "Reviewer audit templates 必須先可見",
"check_requirement": "AwoooP 只能在顯示 4 個 reviewer audit event templates 與 5 個 reviewer audit display sections 後,才顯示 reviewer audit collection check 狀態。",
"safe_result": "display_collection_check_waiting_not_ingested",
"blocked_interpretations": [
"treat_template_visible_as_event_emitted",
"treat_display_section_as_audit_ingestion",
"skip_template_boundary_before_collection_check"
],
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-metadata-only",
"display_order": 2,
"title": "Reviewer audit 僅允許 metadata",
"check_requirement": "collection check 只能確認 allowed_metadata 欄位名稱、redacted evidence refs 與 count 類數值,不得要求或保存 raw owner response。",
"safe_result": "metadata_only_check_pass_or_waiting",
"blocked_interpretations": [
"request_raw_owner_response",
"store_unredacted_evidence",
"accept_sensitive_value_as_metadata"
],
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-forbidden-payloads-blocked",
"display_order": 3,
"title": "Forbidden payload 必須阻擋",
"check_requirement": "任何 token、secret、private key、deploy key material、cookie、session、authorization header、private URL credential、partial credential、runner token、webhook secret、raw body、未脫敏截圖或 execution payload 都只能進 quarantine / reject 顯示。",
"safe_result": "forbidden_payloads_blocked_or_quarantined",
"blocked_interpretations": [
"store_sensitive_payload_for_audit",
"mask_then_accept_secret_value",
"turn_execution_payload_into_action"
],
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-emitted-remains-zero",
"display_order": 4,
"title": "Reviewer audit emitted 必須仍為 0",
"check_requirement": "在 production ingestion 未另行批准前,所有 reviewer audit event templates 的 emitted_event_count 必須維持 0stored_raw_payload_allowed 必須維持 false。",
"safe_result": "template_only_not_emitted",
"blocked_interpretations": [
"treat_zero_emitted_template_as_production_ingestion",
"increment_emitted_count_from_display",
"store_raw_payload_after_collection_check"
],
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-no-runtime-side-effect",
"display_order": 5,
"title": "Reviewer audit 檢查不得有 runtime side effect",
"check_requirement": "collection checks 只顯示 pass / waiting / blocked 的只讀狀態,不得建立 runtime gate、execution queue、action button、scan request、repo action 或 workflow / secret change。",
"safe_result": "read_only_check_no_runtime_side_effect",
"blocked_interpretations": [
"create_runtime_gate",
"enqueue_execution",
"add_action_button",
"start_kali_scan",
"modify_repo_or_workflow"
],
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-owner-response-counts-unchanged",
"display_order": 6,
"title": "Owner response counters 不得因 audit check 增加",
"check_requirement": "reviewer audit collection checks 通過也不能增加 received_response_count、accepted_response_count、reviewer_audit_events_emitted、primary_ready_count 或 active_runtime_gate_count。",
"safe_result": "counters_unchanged_waiting_owner_response",
"blocked_interpretations": [
"treat_collection_check_pass_as_owner_response_received",
"treat_collection_check_pass_as_owner_response_accepted",
"treat_collection_check_pass_as_primary_ready",
"treat_collection_check_pass_as_runtime_gate"
],
"awooop_display_mode": "display_reviewer_audit_collection_check_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_redaction_examples": [
{
"example_id": "redaction-reviewer-role-lane-template-metadata",
"display_order": 1,
"title": "Reviewer / lane / template metadata 脫敏範例",
"unsafe_input_shape": "Reviewer 開始檢查時可能附帶原始 owner response 文字、內部截圖、私有 URL 或未脫敏 evidence 內容。",
"safe_metadata_shape": "只顯示 reviewer_role、lane_id、template_id、source_packet_path、review_started_at_taipei 與 redacted_evidence_ref_count。",
"blocked_payloads": [
"raw_owner_response_body",
"unredacted_screenshot",
"private_url_credential",
"authorization_header",
"cookie_or_session"
],
"redaction_status": "example_only_not_response",
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
"execution_authorized": false,
"not_approval": true
},
{
"example_id": "redaction-classification-reason-summary",
"display_order": 2,
"title": "Outcome classification reason 脫敏範例",
"unsafe_input_shape": "Reviewer 分類理由可能引用 token 片段、secret hash、partial credential、runner token 或 webhook secret。",
"safe_metadata_shape": "只顯示 outcome_lane_id、classification_reason_summary、checklist_pass_count、checklist_fail_count、redacted_evidence_ref_ids 與 reviewed_at_taipei。",
"blocked_payloads": [
"token_or_secret_value",
"secret_hash_or_masked_token",
"partial_credential",
"runner_token",
"webhook_secret"
],
"redaction_status": "example_only_not_response",
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
"execution_authorized": false,
"not_approval": true
},
{
"example_id": "redaction-quarantine-pointer",
"display_order": 3,
"title": "Quarantine pointer 脫敏範例",
"unsafe_input_shape": "隔離或拒收原因可能包含 raw request body、raw response body、credential value、private key 或 execution payload。",
"safe_metadata_shape": "只顯示 outcome_lane_id、blocked_reason_code、redaction_required=true、quarantine_pointer_id、blocked_action_summary 與 reviewed_at_taipei。",
"blocked_payloads": [
"raw_request_body",
"raw_response_body",
"credential_value",
"private_key",
"execution_payload"
],
"redaction_status": "example_only_not_response",
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
"execution_authorized": false,
"not_approval": true
},
{
"example_id": "redaction-readonly-update-targets",
"display_order": 4,
"title": "Read-only update targets 脫敏範例",
"unsafe_input_shape": "只讀更新候選可能被誤寫成 execution command、refs update payload、workflow secret value 或 GitHub primary switch payload。",
"safe_metadata_shape": "只顯示 outcome_lane_id、read_only_update_target_ids、followup_runtime_gate_required、active_runtime_gate_count、github_primary_ready_count 與 action_buttons_allowed=false。",
"blocked_payloads": [
"execution_command",
"repo_write_token",
"refs_update_payload",
"workflow_secret_value",
"github_primary_switch_payload"
],
"redaction_status": "example_only_not_response",
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
"execution_authorized": false,
"not_approval": true
},
{
"example_id": "redaction-runtime-gate-counter-summary",
"display_order": 5,
"title": "Runtime gate counter summary ",
"unsafe_input_shape": "Reviewer audit summary collection check pass owner response receivedacceptedprimary ready runtime gate active",
"safe_metadata_shape": " received_response_count=0accepted_response_count=0reviewer_audit_events_emitted=0primary_ready_count=0active_runtime_gate_count=0 not_authorization=true",
"blocked_payloads": [
"runtime_approval",
"execution_queue_id",
"action_button_payload",
"scan_request_payload",
"primary_switch_payload"
],
"redaction_status": "example_only_not_response",
"awooop_display_mode": "display_reviewer_audit_redaction_example_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_retention_rules": [
{
"rule_id": "retention-reviewer-start-metadata-only",
"display_order": 1,
"title": "Reviewer start metadata retention",
"retained_metadata_shape": " reviewer_rolelane_idtemplate_idsource_packet_pathreview_started_at_taipei redacted_evidence_ref_count",
"retention_boundary": " reviewer audit metadata owner response URL credential session ",
"blocked_payloads": [
"raw_owner_response_body",
"unredacted_screenshot",
"private_url_credential",
"authorization_header",
"cookie_or_session"
],
"retention_status": "metadata_retention_rule_only",
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "retention-classification-summary-only",
"display_order": 2,
"title": "Classification summary retention",
"retained_metadata_shape": " outcome_lane_idclassification_reason_summarychecklist_pass_countchecklist_fail_countredacted_evidence_ref_ids reviewed_at_taipei",
"retention_boundary": " token secret hashpartial credentialrunner token webhook secret",
"blocked_payloads": [
"token_or_secret_value",
"secret_hash_or_masked_token",
"partial_credential",
"runner_token",
"webhook_secret"
],
"retention_status": "metadata_retention_rule_only",
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "retention-quarantine-pointer-only",
"display_order": 3,
"title": "Quarantine pointer retention",
"retained_metadata_shape": " outcome_lane_idblocked_reason_coderedaction_requiredquarantine_pointer_idblocked_action_summary reviewed_at_taipei",
"retention_boundary": " pointer reason code raw request / response bodycredential valueprivate key execution payload",
"blocked_payloads": [
"raw_request_body",
"raw_response_body",
"credential_value",
"private_key",
"execution_payload"
],
"retention_status": "metadata_retention_rule_only",
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "retention-readonly-update-targets-only",
"display_order": 4,
"title": "Read-only update target retention",
"retained_metadata_shape": " outcome_lane_idread_only_update_target_idsfollowup_runtime_gate_requiredactive_runtime_gate_countgithub_primary_ready_count action_buttons_allowed=false",
"retention_boundary": " ID gate counter execution commandrepo write tokenrefs update payloadworkflow secret value primary switch payload",
"blocked_payloads": [
"execution_command",
"repo_write_token",
"refs_update_payload",
"workflow_secret_value",
"github_primary_switch_payload"
],
"retention_status": "metadata_retention_rule_only",
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
"execution_authorized": false,
"not_approval": true
},
{
"rule_id": "retention-counter-snapshot-only",
"display_order": 5,
"title": "Counter snapshot retention",
"retained_metadata_shape": " received_response_count=0accepted_response_count=0reviewer_audit_events_emitted=0primary_ready_count=0active_runtime_gate_count=0 not_authorization=true",
"retention_boundary": "counter snapshot counter check pass runtime approvalexecution queueaction buttonscan request primary switch",
"blocked_payloads": [
"runtime_approval",
"execution_queue_id",
"action_button_payload",
"scan_request_payload",
"primary_switch_payload"
],
"retention_status": "metadata_retention_rule_only",
"awooop_display_mode": "display_reviewer_audit_retention_rule_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_retention_checks": [
{
"check_id": "check-reviewer-audit-retention-rules-visible",
"display_order": 1,
"title": "Retention rules visible before retention check",
"check_requirement": "AwoooP 5 reviewer audit retention rules retention check ",
"safe_result": "display_retention_check_waiting_not_ingested",
"blocked_interpretations": [
"run_retention_check_before_rules_visible",
"treat_retention_check_as_ingestion_ready",
"enable_audit_storage_from_check"
],
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-retained-metadata-only",
"display_order": 2,
"title": "Retained metadata shape only",
"check_requirement": "retention check retained_metadata_shapereason codepointercounter redacted evidence refs raw payload",
"safe_result": "metadata_only_retention_check",
"blocked_interpretations": [
"store_raw_owner_response_for_retention",
"store_unredacted_evidence_for_retention",
"store_private_url_or_session"
],
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-raw-payloads-blocked",
"display_order": 3,
"title": "Raw payload retention blocked",
"check_requirement": "raw request bodyraw response bodyunredacted screenshotexecution payloadprivate key credential value ",
"safe_result": "raw_payload_retention_blocked",
"blocked_interpretations": [
"retain_raw_request_body",
"retain_raw_response_body",
"retain_unredacted_screenshot",
"retain_execution_payload"
],
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-secret-retention-blocked",
"display_order": 4,
"title": "Secret retention blocked",
"check_requirement": "tokensecretsecret hashpartial credentialrunner tokenwebhook secretauthorization header cookie / session retention",
"safe_result": "secret_retention_blocked",
"blocked_interpretations": [
"retain_token_value",
"retain_secret_hash",
"retain_partial_credential",
"retain_authorization_header"
],
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-counter-snapshot-only",
"display_order": 5,
"title": "Counter snapshot only",
"check_requirement": "retention checks received_response_countaccepted_response_countreviewer_audit_events_emittedprimary_ready_count active_runtime_gate_count",
"safe_result": "counter_snapshot_only",
"blocked_interpretations": [
"treat_retention_check_pass_as_owner_response_received",
"treat_retention_check_pass_as_owner_response_accepted",
"treat_retention_check_pass_as_audit_event_emitted",
"treat_retention_check_pass_as_runtime_gate"
],
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-reviewer-audit-no-runtime-retention-side-effect",
"display_order": 6,
"title": "No runtime retention side effect",
"check_requirement": "retention checks pass / waiting / blocked runtime gateexecution queueaction buttonscan requestrepo action workflow / secret change",
"safe_result": "read_only_retention_check_no_side_effect",
"blocked_interpretations": [
"create_runtime_gate_from_retention_check",
"create_execution_queue_from_retention_check",
"add_action_button_from_retention_check",
"start_scan_from_retention_check"
],
"awooop_display_mode": "display_reviewer_audit_retention_check_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_handoff_packets": [
{
"packet_id": "handoff-current-counters-and-boundary",
"display_order": 1,
"title": " counters ",
"handoff_content": " received=0accepted=0reviewer audit emitted=0primary ready=0active runtime gate=0 headline 58%",
"safe_consumer_action": "AwoooP / Session resume pointer",
"blocked_interpretations": [
"treat_handoff_as_progress_approval",
"treat_handoff_as_runtime_gate",
"increase_received_or_accepted_count"
],
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
"execution_authorized": false,
"not_approval": true
},
{
"packet_id": "handoff-required-source-packets",
"display_order": 2,
"title": " source packets",
"handoff_content": " S4.9 GiteaS4.10 GitHub targetS4.11 refs truthS4.12 workflow / secret name owner response snapshot S4.13 validation rollup security mirror status rollup",
"safe_consumer_action": " review source packet preflight",
"blocked_interpretations": [
"accept_owner_response_from_handoff_only",
"skip_source_packet_preflight",
"treat_handoff_packet_as_source_of_truth_override"
],
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
"execution_authorized": false,
"not_approval": true
},
{
"packet_id": "handoff-safe-display-fields",
"display_order": 3,
"title": "",
"handoff_content": " lane idtemplate idcountwaiting / blocked / quarantine evidence refsreason codepointer metadata shape",
"safe_consumer_action": "Operator Console reviewer audit metadata ",
"blocked_interpretations": [
"render_raw_owner_response",
"render_unredacted_screenshot",
"render_private_url_or_authorization_header"
],
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
"execution_authorized": false,
"not_approval": true
},
{
"packet_id": "handoff-forbidden-runtime-interpretations",
"display_order": 4,
"title": " runtime ",
"handoff_content": "handoff packet repo creationvisibility changerefs sync/delete/force pushworkflow/webhook/runner/deploy key/branch protection/repository secret Kali scanGitHub hosted runner GitHub primary switch",
"safe_consumer_action": " blocked reason action buttonexecution queue runner job",
"blocked_interpretations": [
"create_action_button_from_handoff",
"enqueue_runtime_job_from_handoff",
"start_scan_or_repo_action_from_handoff"
],
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
"execution_authorized": false,
"not_approval": true
},
{
"packet_id": "handoff-next-owner-response-focus",
"display_order": 5,
"title": " owner response focus",
"handoff_content": " S4.9 Gitea owner attestation response 5 Gitea coverage attestation templates evidence refs",
"safe_consumer_action": "AwoooP next_collection_candidate=S4.9 request packet response",
"blocked_interpretations": [
"auto_collect_owner_response_from_handoff",
"mark_s4_9_received_from_handoff",
"accept_owner_decision_without_redacted_evidence"
],
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
"execution_authorized": false,
"not_approval": true
},
{
"packet_id": "handoff-post-review-followup-gates",
"display_order": 6,
"title": " follow-up gates",
"handoff_content": "使 owner response redacted payload rollback ADR owner approval repo runtime gate",
"safe_consumer_action": " gate waiting / approval required handoff completion ",
"blocked_interpretations": [
"treat_handoff_complete_as_primary_ready",
"treat_handoff_complete_as_payload_ingested",
"treat_handoff_complete_as_runtime_approved"
],
"awooop_display_mode": "display_reviewer_audit_handoff_packet_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_reviewer_audit_handoff_checks": [
{
"check_id": "check-handoff-packets-visible",
"display_order": 1,
"title": "Handoff packets visible before consumption",
"check_requirement": "AwoooP 6 reviewer audit handoff packets handoff consumption check ",
"safe_result": "display_handoff_check_waiting_not_consumed",
"blocked_interpretations": [
"consume_handoff_before_packets_visible",
"treat_handoff_check_as_runtime_ready",
"hide_missing_handoff_packet"
],
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-handoff-counters-remain-zero",
"display_order": 2,
"title": "Counters remain zero",
"check_requirement": "handoff checks received_response_countaccepted_response_countreviewer_audit_events_emittedprimary_ready_count active_runtime_gate_count",
"safe_result": "handoff_counter_snapshot_only",
"blocked_interpretations": [
"treat_handoff_check_pass_as_owner_response_received",
"treat_handoff_check_pass_as_owner_response_accepted",
"treat_handoff_check_pass_as_audit_event_emitted",
"treat_handoff_check_pass_as_runtime_gate"
],
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-handoff-source-packets-required",
"display_order": 3,
"title": "Source packets required before review",
"check_requirement": " S4.9S4.10S4.11S4.12 owner response source packets S4.13 rollup handoff response",
"safe_result": "source_packet_preflight_required",
"blocked_interpretations": [
"accept_owner_response_from_handoff_only",
"skip_source_packet_preflight",
"override_source_packet_from_handoff"
],
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-handoff-safe-display-only",
"display_order": 4,
"title": "Safe display fields only",
"check_requirement": "handoff consumption lane idtemplate idcount evidence refsreason codepointer metadata shape",
"safe_result": "safe_display_only",
"blocked_interpretations": [
"render_raw_owner_response",
"render_unredacted_screenshot",
"render_authorization_header_or_private_url"
],
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-handoff-runtime-interpretations-blocked",
"display_order": 5,
"title": "Runtime interpretations blocked",
"check_requirement": "handoff consumption runtime gateexecution queueaction buttonscan requestrepo actionrefs actionworkflow / secret changerunner enablement primary switch",
"safe_result": "handoff_runtime_interpretation_blocked",
"blocked_interpretations": [
"create_action_button_from_handoff_check",
"enqueue_runtime_job_from_handoff_check",
"start_scan_or_repo_action_from_handoff_check",
"switch_primary_from_handoff_check"
],
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-handoff-next-focus-not-received",
"display_order": 6,
"title": "Next focus remains not received",
"check_requirement": "handoff checks next_collection_candidate=S4.9 received accepted follow-up runtime gate",
"safe_result": "next_focus_display_only_not_received",
"blocked_interpretations": [
"auto_collect_owner_response_from_handoff_check",
"mark_s4_9_received_from_handoff_check",
"mark_s4_9_accepted_from_handoff_check",
"create_followup_runtime_gate_from_handoff_check"
],
"awooop_display_mode": "display_reviewer_audit_handoff_check_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_parallel_session_sync_checks": [
{
"check_id": "check-parallel-session-same-pr-branch",
"display_order": 1,
"title": "Same PR branch before continuing",
"check_requirement": "AwoooP Security Supply Chain Session PR #117 codex/security-supply-chain-contracts-20260512",
"safe_result": "same_branch_read_only_sync_required",
"blocked_interpretations": [
"continue_on_unfetched_branch",
"treat_parallel_session_as_runtime_owner",
"merge_without_branch_sync"
],
"awooop_display_mode": "display_parallel_session_sync_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-parallel-session-latest-delta-visible",
"display_order": 2,
"title": "Latest delta visible",
"check_requirement": " latest progress delta Session handoff packets ledger",
"safe_result": "latest_delta_display_only",
"blocked_interpretations": [
"continue_from_stale_delta",
"skip_progress_ledger_review",
"treat_delta_visibility_as_authorization"
],
"awooop_display_mode": "display_parallel_session_sync_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-parallel-session-owner-response-counters-zero",
"display_order": 3,
"title": "Owner response counters remain zero",
"check_requirement": " received_response_countaccepted_response_countreviewer_audit_events_emittedprimary_ready_count active_runtime_gate_count",
"safe_result": "parallel_sync_counter_snapshot_only",
"blocked_interpretations": [
"treat_parallel_sync_as_owner_response_received",
"treat_parallel_sync_as_owner_response_accepted",
"treat_parallel_sync_as_audit_event_emitted",
"treat_parallel_sync_as_runtime_gate"
],
"awooop_display_mode": "display_parallel_session_sync_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-parallel-session-runtime-flags-false",
"display_order": 4,
"title": "Runtime flags stay false",
"check_requirement": " Session runtime_execution_authorizedrepo_creation_authorizedrefs_sync_authorizedworkflow_modification_authorizedgithub_primary_switch_authorized action_buttons_allowed false",
"safe_result": "parallel_sync_runtime_flags_false",
"blocked_interpretations": [
"treat_sync_complete_as_runtime_authorized",
"create_action_button_from_parallel_sync",
"enqueue_runtime_job_from_parallel_sync",
"start_kali_or_repo_action_from_parallel_sync"
],
"awooop_display_mode": "display_parallel_session_sync_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-parallel-session-source-control-mutations-blocked",
"display_order": 5,
"title": "Source-control mutations blocked",
"check_requirement": " docs/schema/snapshot/guard repo visibilitysync/delete refsforce push workflow/secret/runner GitHub primary Gitea",
"safe_result": "parallel_sync_source_control_mutations_blocked",
"blocked_interpretations": [
"create_repo_from_parallel_sync",
"sync_refs_from_parallel_sync",
"modify_workflow_or_secret_from_parallel_sync",
"switch_primary_from_parallel_sync"
],
"awooop_display_mode": "display_parallel_session_sync_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-parallel-session-next-focus-stays-s4-9",
"display_order": 6,
"title": "Next focus stays S4.9",
"check_requirement": " next_collection_candidate=S4.9 Gitea owner attestation response Session receivedaccepted follow-up runtime gate",
"safe_result": "parallel_sync_next_focus_s4_9_display_only",
"blocked_interpretations": [
"auto_collect_owner_response_from_parallel_sync",
"mark_s4_9_received_from_parallel_sync",
"mark_s4_9_accepted_from_parallel_sync",
"create_followup_runtime_gate_from_parallel_sync"
],
"awooop_display_mode": "display_parallel_session_sync_check_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_parallel_session_conflict_lanes": [
{
"lane_id": "conflict-stale-or-diverged-branch",
"display_order": 1,
"title": "Stale or diverged PR branch",
"conflict_condition": " Session HEAD gitea/codex/security-supply-chain-contracts-20260512 0/0 PR #117 ",
"safe_result": "pause_and_resync_branch_read_only",
"required_operator_action": " fetch / rebase planning / mergeforce push Session ",
"blocked_actions": [
"auto_merge_diverged_branch",
"force_push_to_reconcile_sessions",
"overwrite_other_session_changes"
],
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "conflict-stale-progress-delta",
"display_order": 2,
"title": "Stale progress delta",
"conflict_condition": " Session latest deltaledger length LOGBOOK latest entry rollup ",
"safe_result": "refresh_rollup_and_logbook_before_continue",
"required_operator_action": " status rollupLOGBOOKhandoff guard output delta ",
"blocked_actions": [
"continue_from_stale_delta",
"skip_logbook_refresh",
"treat_stale_delta_as_authorization"
],
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "conflict-owner-response-counter-drift",
"display_order": 3,
"title": "Owner response counter drift",
"conflict_condition": " Session receivedacceptedreviewer audit emittedprimary ready active runtime gate count 0 source packet ",
"safe_result": "hold_as_counter_drift_until_evidence_review",
"required_operator_action": " counter drift source packetaudit metadata LOGBOOK counter",
"blocked_actions": [
"auto_accept_counter_drift",
"mark_owner_response_received_without_source_packet",
"create_runtime_gate_from_counter_drift"
],
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "conflict-runtime-flag-drift",
"display_order": 4,
"title": "Runtime flag drift",
"conflict_condition": " Session runtime_execution_authorizedrepo_creation_authorizedrefs_sync_authorizedworkflow_modification_authorizedgithub_primary_switch_authorized action_buttons_allowed true",
"safe_result": "block_runtime_flag_drift_for_manual_review",
"required_operator_action": " false flag drift review action buttonruntime queue scan request",
"blocked_actions": [
"treat_true_flag_as_approved",
"create_action_button_from_flag_drift",
"enqueue_runtime_job_from_flag_drift"
],
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "conflict-source-control-mutation-request",
"display_order": 5,
"title": "Source-control mutation request",
"conflict_condition": " Session repo creationvisibility changerefs sync/delete/force pushworkflow/secret/runner changeGitea disable GitHub primary switch",
"safe_result": "reject_mutation_request_in_mirror_phase",
"required_operator_action": "blocked action summary owner response / runtime gate",
"blocked_actions": [
"create_repo_from_conflict_lane",
"sync_refs_from_conflict_lane",
"modify_workflow_secret_runner_from_conflict_lane",
"disable_gitea_or_switch_primary_from_conflict_lane"
],
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "conflict-next-focus-drift",
"display_order": 6,
"title": "Next focus drift",
"conflict_condition": " Session next_collection_candidate S4.9 S4.10 / S4.11 / S4.12 accepted",
"safe_result": "restore_next_focus_to_s4_9_display_only",
"required_operator_action": " S4.9 Gitea owner attestation response received/accepted follow-up runtime gate",
"blocked_actions": [
"auto_collect_owner_response_from_focus_drift",
"mark_later_lane_accepted_from_focus_drift",
"create_followup_runtime_gate_from_focus_drift"
],
"awooop_display_mode": "display_parallel_session_conflict_lane_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_parallel_session_recovery_checks": [
{
"check_id": "check-recovery-fetch-and-compare-branch",
"display_order": 1,
"title": "Fetch and compare branch before recovery",
"check_requirement": " conflict lane AwoooP Session git fetch HEAD gitea/codex/security-supply-chain-contracts-20260512 0/0 0/0",
"safe_result": "recovery_branch_compare_read_only",
"blocked_interpretations": [
"auto_rebase_after_conflict",
"auto_merge_after_conflict",
"force_push_after_conflict"
],
"awooop_display_mode": "display_parallel_session_recovery_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-recovery-read-latest-ledger",
"display_order": 2,
"title": "Read latest ledger and LOGBOOK",
"check_requirement": " status rollup latest deltaprogress_delta_ledger lengthLOGBOOK latest entry handoff summary",
"safe_result": "recovery_latest_ledger_read_only",
"blocked_interpretations": [
"continue_from_pre_conflict_context",
"skip_logbook_after_conflict",
"treat_ledger_read_as_authorization"
],
"awooop_display_mode": "display_parallel_session_recovery_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-recovery-rerun-readonly-guards",
"display_order": 3,
"title": "Rerun read-only guards",
"check_requirement": " source-control-owner-response guard security-mirror-progress guardguard pass snapshot owner responseruntime gate source-control mutation ",
"safe_result": "recovery_guards_pass_display_only",
"blocked_interpretations": [
"treat_guard_pass_as_owner_response",
"treat_guard_pass_as_runtime_gate",
"treat_guard_pass_as_primary_approval"
],
"awooop_display_mode": "display_parallel_session_recovery_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-recovery-review-staged-diff-only",
"display_order": 4,
"title": "Review staged diff before continuing",
"check_requirement": " staged unstaged diff docs/schema/snapshot/guard Session ",
"safe_result": "recovery_diff_review_read_only",
"blocked_interpretations": [
"overwrite_other_session_changes",
"drop_unreviewed_changes",
"stage_runtime_or_secret_change_from_recovery"
],
"awooop_display_mode": "display_parallel_session_recovery_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-recovery-keep-runtime-flags-false",
"display_order": 5,
"title": "Keep runtime flags false after recovery",
"check_requirement": " runtime_execution_authorizedrepo_creation_authorizedrefs_sync_authorizedworkflow_modification_authorizedgithub_primary_switch_authorized action_buttons_allowed false",
"safe_result": "recovery_runtime_flags_false",
"blocked_interpretations": [
"create_action_button_after_recovery",
"enqueue_runtime_job_after_recovery",
"start_kali_or_repo_action_after_recovery"
],
"awooop_display_mode": "display_parallel_session_recovery_check_only",
"execution_authorized": false,
"not_approval": true
},
{
"check_id": "check-recovery-record-next-focus-s4-9",
"display_order": 6,
"title": "Record next focus remains S4.9",
"check_requirement": " next_collection_candidate S4.9 Gitea owner attestation responsereceivedaccepted follow-up runtime gate",
"safe_result": "recovery_next_focus_s4_9_display_only",
"blocked_interpretations": [
"auto_collect_owner_response_after_recovery",
"mark_s4_9_received_after_recovery",
"create_followup_runtime_gate_after_recovery"
],
"awooop_display_mode": "display_parallel_session_recovery_check_only",
"execution_authorized": false,
"not_approval": true
}
],
"owner_response_validation_parallel_session_recovery_outcome_lanes": [
{
"lane_id": "outcome-recovery-ready-readonly",
"display_order": 1,
"title": "Recovery ready for read-only continuation",
"outcome_condition": "branch compare 0/0latest ledger / LOGBOOK guard diff docs/schema/snapshot/guard false flags false next_collection_candidate S4.9",
"safe_result": "continue_read_only_from_latest_head",
"allowed_next_step": " HEAD mirror-only docs/schema/snapshot/guard recovery ready owner response receivedaccepted runtime gate",
"blocked_interpretations": [
"treat_recovery_ready_as_merge_approval",
"treat_recovery_ready_as_owner_response",
"treat_recovery_ready_as_runtime_gate"
],
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "outcome-recovery-branch-still-diverged",
"display_order": 2,
"title": "Branch still diverged after fetch",
"outcome_condition": "git fetch HEAD PR 0/0 codex/security-supply-chain-contracts-20260512 ",
"safe_result": "pause_for_manual_branch_review",
"allowed_next_step": " rebasemergeforce push Session ",
"blocked_interpretations": [
"auto_rebase_still_diverged_branch",
"auto_merge_still_diverged_branch",
"force_push_still_diverged_branch"
],
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "outcome-recovery-ledger-still-stale",
"display_order": 3,
"title": "Ledger or handoff still stale",
"outcome_condition": "latest deltaprogress_delta_ledger lengthLOGBOOK latest entry AwoooP handoff summary ",
"safe_result": "pause_and_reread_handoff_sources",
"allowed_next_step": " rollupLOGBOOKhandoff guard output owner response received/accepted",
"blocked_interpretations": [
"continue_from_stale_ledger",
"skip_latest_logbook_after_recovery",
"mark_response_received_from_stale_handoff"
],
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "outcome-recovery-guard-failed",
"display_order": 4,
"title": "Read-only guard failed",
"outcome_condition": "source-control-owner-response guardsecurity-mirror-progress guardJSON parse targeted jq ",
"safe_result": "block_recovery_until_snapshot_fixed",
"allowed_next_step": " docs/schema/snapshot/guard guard failed runtime actionsource-control mutation ",
"blocked_interpretations": [
"ignore_guard_failure",
"treat_guard_failure_as_runtime_incident",
"open_action_button_from_guard_failure"
],
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "outcome-recovery-diff-out-of-scope",
"display_order": 5,
"title": "Diff out of mirror-only scope",
"outcome_condition": "staged unstaged diff runtime codeworkflowsecretrunnerrefsdeployKali executeGitHub primary Gitea disable ",
"safe_result": "quarantine_diff_for_human_review",
"allowed_next_step": " out-of-scope diff review stagecommitpush",
"blocked_interpretations": [
"stage_out_of_scope_diff",
"commit_out_of_scope_diff",
"drop_out_of_scope_diff_without_review"
],
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "outcome-recovery-runtime-flag-drift",
"display_order": 6,
"title": "Runtime flag drift after recovery",
"outcome_condition": "runtime_execution_authorizedrepo_creation_authorizedrefs_sync_authorizedworkflow_modification_authorizedgithub_primary_switch_authorized action_buttons_allowed true",
"safe_result": "block_runtime_interpretation_and_review_flags",
"allowed_next_step": " snapshot false flag action buttonruntime queue source-control operation",
"blocked_interpretations": [
"accept_runtime_flag_drift",
"create_action_button_from_flag_drift",
"enqueue_runtime_job_from_flag_drift"
],
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
},
{
"lane_id": "outcome-recovery-next-focus-drift",
"display_order": 7,
"title": "Next focus drift after recovery",
"outcome_condition": " next_collection_candidate S4.9 S4.10 / S4.11 / S4.12 received / accepted",
"safe_result": "restore_s4_9_display_only_focus",
"allowed_next_step": " owner response focus S4.9 Gitea owner attestation response received/accepted follow-up runtime gate",
"blocked_interpretations": [
"advance_next_focus_without_owner_response",
"mark_later_packet_received_after_recovery",
"create_followup_gate_from_focus_drift"
],
"awooop_display_mode": "display_parallel_session_recovery_outcome_lane_only",
"execution_authorized": false,
"not_approval": true
}
],
"readiness_effects": [
{
"effect_id": "gitea_owner_response_accepted",
"when_all_checks_pass": "S4.9 request packet template status ledger / audit event templates / redaction examples / display sections / collection checks request / received / accepted audit events emitted=0 5 response templates S4.6 redacted payload ",
"allowed_update": " Gitea coverage matrixowner / canonical disposition readiness wordinggitea_repo_inventory_v1 ok",
"still_forbidden": [
"store_token_value",
"write_gitea_repo",
"sync_refs",
"switch_github_primary"
]
},
{
"effect_id": "github_target_owner_response_accepted",
"when_all_checks_pass": "S4.10 9 target response ",
"allowed_update": " GitHub target decision tablerepo approval package primary readiness blocker wording",
"still_forbidden": [
"create_github_repo",
"change_visibility",
"sync_refs",
"switch_github_primary"
]
},
{
"effect_id": "ref_truth_owner_response_accepted",
"when_all_checks_pass": "S4.11 request packet template status ledger request / received / accepted audit event templates 0 emittedredaction examples responsecollection checks approvalintake preflight checks execution authorization5 lane response batch scope ",
"allowed_update": " ref truth classification disposition draft reconcile plan wording",
"still_forbidden": [
"fetch_refs",
"push_refs",
"delete_refs",
"force_push",
"switch_github_primary"
]
},
{
"effect_id": "workflow_secret_owner_response_accepted",
"when_all_checks_pass": "S4.12 request packettemplate status ledgeraudit event templatesredaction examplescollection checks intake preflight checks 5 workflow / secret lanes evidence ",
"allowed_update": " workflow / secret name inventoryredacted export request readiness wording",
"still_forbidden": [
"store_secret_value",
"modify_workflow",
"enable_runner",
"enable_github_hosted_runner",
"switch_github_primary"
]
}
],
"allowed_outputs": [
"mirror_owner_response_validation_rollup",
"display_cross_packet_counts",
"display_missing_owner_response_lanes",
"display_next_collection_candidate",
"display_owner_response_evidence_routing_rules",
"display_owner_response_validation_sections",
"display_owner_response_validation_state_transition_rules",
"display_owner_response_validation_reviewer_checklist",
"display_owner_response_validation_reviewer_outcome_lanes",
"display_owner_response_validation_reviewer_audit_event_templates",
"display_owner_response_validation_reviewer_audit_display_sections",
"display_owner_response_validation_reviewer_audit_collection_checks",
"display_owner_response_validation_reviewer_audit_redaction_examples",
"display_owner_response_validation_reviewer_audit_retention_rules",
"display_owner_response_validation_reviewer_audit_retention_checks",
"display_owner_response_validation_reviewer_audit_handoff_packets",
"display_owner_response_validation_reviewer_audit_handoff_checks",
"display_owner_response_validation_parallel_session_sync_checks",
"display_owner_response_validation_parallel_session_conflict_lanes",
"display_owner_response_validation_parallel_session_recovery_checks",
"display_owner_response_validation_parallel_session_recovery_outcome_lanes",
"route_invalid_response_to_quarantine",
"update_read_only_readiness_wording_after_accepted_response"
],
"missing_response_lanes": [
{
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
"source_contract": "gitea_inventory_owner_attestation_response_v1",
"response_template_count": 5,
"received_response_count": 0,
"accepted_response_count": 0,
"current_status": "waiting_owner_response",
"next_owner_action": "Owner S4.9 owner response request packet 5 Gitea coverage attestation itemsAwoooP template status ledger / audit event templates / redaction examples / display sections / collection checks evidence refs",
"awooop_display_mode": "observe_missing_response",
"still_forbidden": [
"store_token_value",
"write_gitea_repo",
"sync_refs",
"switch_github_primary"
]
},
{
"lane_id": "s4_10_github_target_owner_decision_response",
"source_contract": "github_target_owner_decision_response_v1",
"response_template_count": 9,
"received_response_count": 0,
"accepted_response_count": 0,
"current_status": "waiting_owner_response",
"next_owner_action": "Owner S4.10 request packettemplate status ledgeraudit event templatesredaction examplescollection checks intake preflight checks 9 GitHub target owner / visibility / canonical disposition",
"awooop_display_mode": "observe_missing_response",
"still_forbidden": [
"create_github_repo",
"change_repo_visibility",
"sync_refs",
"switch_github_primary"
]
},
{
"lane_id": "s4_11_ref_truth_owner_response",
"source_contract": "source_control_ref_truth_owner_response_v1",
"response_template_count": 5,
"received_response_count": 0,
"accepted_response_count": 0,
"current_status": "waiting_owner_response",
"next_owner_action": "Owner S4.11 request packettemplate status ledgeraudit event templatesredaction examplescollection checks intake preflight checks refs truthdeprecated driftrelease tags GitHub-only refs disposition",
"awooop_display_mode": "observe_missing_response",
"still_forbidden": [
"fetch_refs",
"push_refs",
"delete_refs",
"force_push",
"switch_github_primary"
]
},
{
"lane_id": "s4_12_workflow_secret_name_owner_response",
"source_contract": "source_control_workflow_secret_name_owner_response_v1",
"response_template_count": 5,
"received_response_count": 0,
"accepted_response_count": 0,
"current_status": "waiting_owner_response",
"next_owner_action": "Owner S4.12 request packettemplate status ledgeraudit event templatesredaction examplescollection checks intake preflight checks webhookrunnerdeploy keybranch protection / CODEOWNERSrepository secret name parity template status ledger waitingaudit event templates 0 emittedredaction examples response",
"awooop_display_mode": "observe_missing_response",
"still_forbidden": [
"store_secret_value",
"modify_workflow",
"enable_runner",
"enable_github_hosted_runner",
"switch_github_primary"
]
}
],
"owner_response_collection_order": [
{
"order": 1,
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
"reason": " Gitea canonical owner GitHub target / refs inventory ",
"required_packet": "docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
"minimum_response": [
"public-only/local gap disposition",
"org/user endpoint disposition",
"110 adjacent source scope",
"canonical owner",
"legacy/inaccessible disposition"
],
"awooop_action": "display_next_collection_item",
"blocked_until_received": true,
"execution_authorized": false,
"still_forbidden": [
"store_token_value",
"write_gitea_repo",
"sync_refs",
"switch_github_primary"
]
},
{
"order": 2,
"lane_id": "s4_10_github_target_owner_decision_response",
"reason": " GitHub target owner / visibility / canonical not_found_or_private repo",
"required_packet": "docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md",
"minimum_response": [
"repo owner",
"target visibility",
"canonical target disposition",
"not_found_or_private handling",
"new VibeWork / agent-bounty-protocol target disposition"
],
"awooop_action": "display_next_collection_item",
"blocked_until_received": true,
"execution_authorized": false,
"still_forbidden": [
"create_github_repo",
"change_repo_visibility",
"sync_refs",
"switch_github_primary"
]
},
{
"order": 3,
"lane_id": "s4_11_ref_truth_owner_response",
"reason": "GitHub target owner / visibility branch / tag refs sync delete ",
"required_packet": "docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md",
"minimum_response": [
"main/dev truth disposition",
"deprecated drift disposition",
"release tag retention",
"GitHub-only refs disposition"
],
"awooop_action": "display_next_collection_item",
"blocked_until_received": true,
"execution_authorized": false,
"still_forbidden": [
"fetch_refs",
"push_refs",
"delete_refs",
"force_push",
"switch_github_primary"
]
},
{
"order": 4,
"lane_id": "s4_12_workflow_secret_name_owner_response",
"reason": " workflow / webhook / runner / deploy key / branch protection / CODEOWNERS / secret parity secret runner source truth",
"required_packet": "docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md",
"minimum_response": [
"webhook redacted state",
"runner label owner",
"deploy key redacted state",
"branch protection / CODEOWNERS state",
"repository secret name parity"
],
"awooop_action": "display_next_collection_item",
"blocked_until_received": true,
"execution_authorized": false,
"still_forbidden": [
"store_secret_value",
"modify_workflow",
"enable_runner",
"enable_github_hosted_runner",
"switch_github_primary"
]
}
],
"next_collection_candidate": {
"order": 1,
"lane_id": "s4_9_gitea_inventory_owner_attestation_response",
"display_status": "next_owner_response_required",
"source_contract": "gitea_inventory_owner_attestation_response_v1",
"required_packet": "docs/security/GITEA-INVENTORY-OWNER-ATTESTATION-RESPONSE.md",
"required_response_template_count": 5,
"received_response_count": 0,
"accepted_response_count": 0,
"minimum_response": [
"public-only/local gap disposition",
"org/user endpoint disposition",
"110 adjacent source scope",
"canonical owner",
"legacy/inaccessible disposition"
],
"awooop_display_mode": "display_next_collection_item_only",
"why_next": "S4.9 GitHub targetrefs truth workflow / secret parity scope / canonical owner source-control owner response ",
"blocked_until_received": true,
"execution_authorized": false,
"not_approval": true,
"still_forbidden": [
"store_token_value",
"write_gitea_repo",
"sync_refs",
"switch_github_primary"
]
},
"latest_local_validation": {
"status": "repo_snapshot_guard_pass",
"date": "2026-06-13",
"scope": "repo_snapshot_only",
"command": "python3 scripts/security/source-control-owner-response-guard.py --root .",
"result": "SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK",
"validated_lanes": [
"s4_9_gitea_inventory_owner_attestation_response",
"s4_10_github_target_owner_decision_response",
"s4_11_ref_truth_owner_response",
"s4_12_workflow_secret_name_owner_response"
],
"received_response_count": 0,
"accepted_response_count": 0,
"runtime_actions_authorized": false,
"repo_or_refs_actions_authorized": false,
"workflow_or_secret_actions_authorized": false,
"not_authorization": true
},
"forbidden_actions": [
"runtime_execution",
"store_token_or_secret_value",
"use_write_token",
"create_repo",
"change_repo_visibility",
"write_gitea_repo",
"sync_refs",
"delete_refs",
"force_push",
"modify_workflow_or_secret",
"enable_runner",
"enable_github_hosted_runner",
"switch_github_primary",
"add_action_button"
]
}