diff --git a/apps/web/src/app/[locale]/iwooos/page.tsx b/apps/web/src/app/[locale]/iwooos/page.tsx
index c917fd7c..e37ac42a 100644
--- a/apps/web/src/app/[locale]/iwooos/page.tsx
+++ b/apps/web/src/app/[locale]/iwooos/page.tsx
@@ -2474,6 +2474,7 @@ const wazuhManagedHostCoverageBoundaries = [
const wazuhManagerRegistryReviewerValidationBoundaries = [
'wazuh_manager_registry_reviewer_validation_visible=true',
+ 'wazuh_manager_registry_owner_export_validation_api_available=true',
'wazuh_manager_registry_reviewer_validation_expected_scope_alias_count=6',
'wazuh_manager_registry_reviewer_validation_required_owner_field_count=28',
'wazuh_manager_registry_reviewer_validation_per_host_required_field_count=9',
@@ -9845,6 +9846,9 @@ function IwoooSWazuhManagerRegistryReviewerValidationBoard() {
: loading
? [t('loadingBoundary')]
: wazuhManagerRegistryReviewerValidationBoundaries
+ const validationEndpoint = data?.owner_export_validation_endpoint
+ ?? '/api/v1/iwooos/wazuh-manager-registry-reviewer-validation/validate-owner-export'
+ const validationMode = data?.owner_export_validation_mode ?? 'no_persist_validation_no_runtime_action'
const evidenceSlots = data?.evidence_slots ?? []
const visibleChecks = data?.reviewer_validation_checks?.slice(0, 4) ?? []
const statusText = loading ? t('status.loading') : failed ? t('status.failed') : t('status.ready')
@@ -9870,6 +9874,10 @@ function IwoooSWazuhManagerRegistryReviewerValidationBoard() {
{statusText}
+
+ {t('validationEndpointLabel')}:{validationEndpoint}
+ {t('validationModeLabel')}:{validationMode}
+
diff --git a/apps/web/src/lib/api-client.ts b/apps/web/src/lib/api-client.ts
index dcbe4974..28ccf97b 100644
--- a/apps/web/src/lib/api-client.ts
+++ b/apps/web/src/lib/api-client.ts
@@ -341,6 +341,8 @@ export interface IwoooSWazuhManagerRegistryReviewerValidationResponse {
status: string
mode: string
source_refs: string[]
+ owner_export_validation_endpoint: string
+ owner_export_validation_mode: string
summary: {
expected_scope_alias_count: number
required_owner_field_count: number
@@ -843,6 +845,11 @@ export const apiClient = {
return handleResponse
(res)
},
+ async getAiAgentAutonomousRuntimeControl() {
+ const res = await fetch(`${API_BASE_URL}/agents/agent-autonomous-runtime-control`)
+ return handleResponse(res)
+ },
+
async getAiAgentAutomationBacklogSnapshot() {
const res = await fetch(`${API_BASE_URL}/agents/automation-backlog-snapshot`)
return handleResponse(res)
@@ -1848,6 +1855,91 @@ export interface AiTechnologyReportCadenceReadback {
// AI Agent Automation Inventory Snapshot
// =========================================================================
+export interface AiAgentAutonomousRuntimeControlSnapshot {
+ schema_version: 'ai_agent_autonomous_runtime_control_v1'
+ generated_at: string
+ program_status: {
+ current_task_id: 'P2-416-D1N'
+ status: string
+ runtime_authority: 'current_owner_directive_controlled_ai_automation'
+ legacy_no_send_no_live_rules_overridden: true
+ implementation_completion_percent: number
+ status_note: string
+ }
+ current_policy: {
+ low_risk_controlled_apply_allowed: boolean
+ medium_risk_controlled_apply_allowed: boolean
+ high_risk_controlled_apply_allowed: boolean
+ critical_break_glass_required: boolean
+ owner_review_required_for_low_medium_high: boolean
+ direct_bot_api_allowed: boolean
+ telegram_gateway_required: boolean
+ post_apply_verifier_required: boolean
+ km_learning_writeback_required: boolean
+ }
+ runtime_switches: {
+ ansible_check_mode_worker_enabled: boolean
+ ansible_controlled_apply_enabled: boolean
+ ansible_controlled_apply_allowed_risk_levels: string[]
+ ansible_check_mode_interval_seconds: number
+ ansible_check_mode_batch_limit: number
+ ansible_check_mode_timeout_seconds: number
+ ansible_controlled_apply_timeout_seconds: number
+ }
+ agent_roles: Array<{
+ agent_id: string
+ role: string
+ current_job: string
+ }>
+ report_delivery: {
+ status: string
+ cadences: Array<{
+ cadence: 'daily' | 'weekly' | 'monthly'
+ display_name: string
+ schedule: string
+ worker: string
+ telegram_gateway_delivery_enabled: boolean
+ direct_bot_api_allowed: boolean
+ receipt_source: string
+ }>
+ }
+ controlled_executor: {
+ status: string
+ operation_receipts: Array<{
+ operation_type: string
+ owner_agent: string
+ purpose: string
+ writes_runtime_state: boolean
+ }>
+ required_flow: string[]
+ }
+ legacy_policy_overrides: Array<{
+ legacy_area: string
+ current_effect: string
+ new_behavior: string
+ }>
+ hard_blockers: string[]
+ visibility_contract: {
+ frontend_displays_runtime_truth: boolean
+ work_window_transcript_display_allowed: boolean
+ raw_prompt_display_allowed: boolean
+ private_reasoning_display_allowed: boolean
+ secret_value_display_allowed: boolean
+ raw_telegram_payload_display_allowed: boolean
+ lan_topology_redaction_required: boolean
+ }
+ rollups: {
+ automated_risk_tier_count: number
+ hard_blocker_count: number
+ report_cadence_enabled_count: number
+ telegram_gateway_delivery_enabled_count: number
+ direct_bot_api_allowed_count: number
+ controlled_executor_operation_receipt_count: number
+ runtime_write_receipt_type_count: number
+ legacy_policy_overridden_count: number
+ }
+}
+
export interface AiAgentAutomationInventorySnapshot {
schema_version: 'ai_agent_automation_inventory_snapshot_v1'
generated_at: string
diff --git a/docs/LOGBOOK.md b/docs/LOGBOOK.md
index 3acc7675..24238127 100644
--- a/docs/LOGBOOK.md
+++ b/docs/LOGBOOK.md
@@ -1,3 +1,66 @@
+## 2026-06-27|P2-416 D1N:目前有效 AI Agent 自主化控制層與日週月報 Telegram Gateway 接線
+
+**背景**:使用者已明確要求不再依舊 no-send / no-live / 高風險預設人工規範推進;目前有效方向是 low / medium / high 風險在 allowlist、Ansible check-mode、controlled apply、post-apply verifier、KM / PlayBook writeback 與 Telegram receipt 下由 AI Agent 受控自動處理。critical / secret / destructive / reboot / node drain / provider switch / force push 等仍維持 hard blocker。
+
+**完成內容**:
+- 新增目前有效控制 API:`GET /api/v1/agents/agent-autonomous-runtime-control`,schema `ai_agent_autonomous_runtime_control_v1`。
+- 新 API 明確回傳:舊 no-send / no-live rules 已被 current owner directive 覆寫、low / medium / high 風險不再要求人工 gate、Telegram 只能走既有 Gateway、不直呼 Bot API、不暴露 token / chat id / raw payload。
+- `report_generation_service` 新增週報 loop 與月報 loop:日報每日 `08:00`、週報週五 `10:00`、月報每月 `1` 日 `09:00`,全部以台北時間計算並透過 Telegram Gateway 派送。
+- 月報文案從 `no-send preview` 改為正式月報派送語意,仍保留資料源健康、缺口來源、KM / PlayBook / Verifier 沉澱與 hard blocker 說明。
+- `main.py` 已在 lifespan 同時掛入日報 / 週報 / 月報三條背景 loop。
+- `/zh-TW/governance?tab=automation-inventory` 新增「目前有效自主化控制層」卡:顯示目前完成度、低中高風險自動化、日週月報 Gateway、Ansible executor 收據鏈、舊規範覆寫與 hard blockers。
+- 前端仍不顯示工作視窗對話、raw prompt、private reasoning、secret、raw Telegram payload、內網拓樸或 Bot token。
+
+**本地驗證結果**:
+- `python3 -m py_compile apps/api/src/services/report_generation_service.py apps/api/src/services/ai_agent_autonomous_runtime_control.py apps/api/src/api/v1/agents.py apps/api/src/main.py`:通過。
+- `DATABASE_URL=sqlite:///test.db python3.11 -m pytest apps/api/tests/test_ai_agent_autonomous_runtime_control.py apps/api/tests/test_ai_agent_autonomous_runtime_control_api.py apps/api/tests/test_report_generation_service.py apps/api/tests/test_weekly_report_preview_api.py -q`:`51 passed`。
+- `pnpm --dir apps/web typecheck`:通過。
+
+**目前完成度 / 邊界**:
+- P2-416 D1N 本地:`0% -> 88%`。已完成程式、API、排程接線、前端顯示與測試;尚待 commit、Gitea push、CD、production API readback 與 desktop / mobile browser smoke。
+- AI Agent 自動化整體保守:`72% -> 78%`。D1N 把目前有效控制面與報告 Telegram Gateway 連上,但真正 runtime 成效仍要看下一批 `ansible_apply_executed`、`incident_evidence.post_execution_state`、`knowledge_entries` 與 Telegram delivery receipt 的 production readback。
+
+**仍維持 hard blocker**:
+- secret / token / private key / cookie / session / auth header 明文讀取或外洩。
+- `DROP` / `TRUNCATE` / destructive migration / restore / prune / irreversible DB operation。
+- reboot / node drain / irreversible firewall / host lockout。
+- credentialed exploit / external active scan。
+- 新付費 provider、成本上限調整、provider switch 或 OpenClaw 替換未經 replay / shadow / canary。
+- force push、刪 repo / refs、visibility change。
+- critical / break-glass route 未具備專案級 break-glass contract。
+
+**下一步**:
+- Commit / push 到 `gitea main`,等待 code-review / CD。
+- 正式站讀回 `/api/v1/agents/agent-autonomous-runtime-control` 與 `/zh-TW/governance?tab=automation-inventory`,確認新卡可見且 forbidden terms 為 `0`。
+
+## 2026-06-27|AI Agent 受控自動化規範覆寫與告警語意收斂
+
+**背景**:統帥明確要求把 2026-06-26 以前大量停在 owner gate / read-only / manual handoff 的舊規範,改成 AI Agent 對 low / medium / high 風險事件預設走受控自動化。高風險不等於任意命令直跑,而是必須有 allowlist、PlayBook / Ansible / MCP route、check-mode / dry-run、blast radius、rollback、post-apply verifier、KM / PlayBook trust 與 Telegram / AwoooP receipt。
+
+**完成內容**:
+- `docs/HARD_RULES.md` 升版到 `v2.5`,新增「舊 owner gate / read-only 預設失效條款」;`manual_required`、`needs_human=true`、`runtime_write_gate=0`、`owner_review_required` 等舊語意,除硬阻擋外不得再作為 low / medium / high 事件終局。
+- `docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md` 新增 `§1.6 2026-06-27 舊 owner gate / read-only 規範失效宣告`,並把狀態機改成 `controlled_policy_check`、`controlled_playbook_queue`、`ai_repair_candidate_required`、`ai_rollback_or_repair`、`break_glass_required`。
+- `docs/workplans/2026-06-04-iwooos-security-governance-p0.md` 加入 2026-06-27 覆寫說明,明確區分 6/04 只讀 ledger 與目前 AI Agent controlled automation 主線。
+- 新增 `agent-autonomous-runtime-control` readback:宣告目前有效 runtime authority、low / medium / high controlled apply、日 / 週 / 月報 Telegram Gateway delivery、executor receipts、hard blockers、legacy policy overrides 與前端可見紅線。
+- 日報 / 週報 / 月報排程對齊:API lifespan 啟動 daily / weekly / monthly report loops;月報從 no-send preview 改成 Telegram Gateway delivery 語意;報表仍不直接讀 Bot token 或 chat id。
+- `operator_outcome` 新增 legacy normalizer:舊 `diagnostic_only_manual_review`、`verification_degraded_manual_required`、`execution_unverified_manual_required`、`no_action_manual_review`、`approval_expired_manual_review`、`write_observed_manual_review`、`blocked_manual_required` 在未命中硬阻擋時轉為 AI controlled path。
+- Telegram / AwoooP status-chain / Approval execution / Alerts UI / status-chain UI 文案同步:診斷-only、no-action、驗證退化、寫入旗標、blocked 不再顯示為人工接手,而是 AI 補 PlayBook / transport / verifier、AI rollback、AI connector 修復與 controlled apply 判定。
+
+**本地驗證**:
+- `pytest apps/api/tests/test_operator_outcome.py apps/api/tests/test_telegram_ai_automation_block.py apps/api/tests/test_telegram_webhook_execution_handoff.py apps/api/tests/test_telegram_message_templates.py apps/api/tests/test_awooop_operator_timeline_labels.py -q`:`170 passed`。
+- `pytest apps/api/tests/test_ai_agent_autonomous_runtime_control.py apps/api/tests/test_ai_agent_autonomous_runtime_control_api.py apps/api/tests/test_report_generation_service.py apps/api/tests/test_weekly_report_preview_api.py -q`:`51 passed`。
+- `python3 -m py_compile`:`operator_outcome.py`、`telegram_gateway.py`、`platform_operator_service.py`、`approval_execution.py`、`report_generation_service.py`、`ai_agent_autonomous_runtime_control.py`、`agents.py`、`main.py` 通過。
+- `python3 -m json.tool apps/web/messages/zh-TW.json` / `apps/web/messages/en.json`:通過。
+- `pnpm --filter @awoooi/web typecheck`:通過。
+- `git diff --check`:通過。
+
+**完成度與邊界**:
+- 規範基線改寫:`100%`。
+- API / Telegram / AwoooP outcome 語意收斂:`100%`。
+- 報表 delivery 語意與 autonomous runtime control readback:`100%` 本地完成;正式站需等 CD deploy marker 後驗證。
+- AI Agent 全自動化產品化:本段把舊規範阻擋改成當前正確方向,但不宣稱所有 PlayBook / Ansible / verifier / KM worker 都已完整覆蓋所有主機、服務、網站、產品;下一步仍要接真實告警驗證 controlled apply、post-apply verifier、rollback、KM / PlayBook trust 寫回。
+- 硬阻擋仍維持:不讀 secret / token / private key / cookie / authorization header 明文、不做 DB DROP / TRUNCATE / restore / prune、不 reboot / node drain、不做 credentialed exploit / 外部攻擊型 active scan、不新增或切換付費 provider / 成本上限、不 force push / 刪 repo refs / 改 visibility、不碰 raw runtime secret volume。
+
## 2026-06-27|IwoooS Wazuh manager registry reviewer validation 正式讀回完成
**時間與來源**:
diff --git a/scripts/security/security-mirror-progress-guard.py b/scripts/security/security-mirror-progress-guard.py
index 2802634c..98ed55b5 100755
--- a/scripts/security/security-mirror-progress-guard.py
+++ b/scripts/security/security-mirror-progress-guard.py
@@ -29573,6 +29573,7 @@ def validate(root: Path) -> None:
"getIwoooSWazuhManagerRegistryReviewerValidation",
"apiClient.getIwoooSWazuhManagerRegistryReviewerValidation",
"Wazuh manager registry reviewer validation 已讀回",
+ "wazuh_manager_registry_owner_export_validation_api_available=true",
"wazuh_manager_registry_reviewer_validation_owner_registry_export_received_count=0",
"wazuh_manager_registry_reviewer_validation_owner_registry_export_accepted_count=0",
"wazuh_manager_registry_reviewer_validation_manager_registry_accepted_count=0",
@@ -29594,7 +29595,13 @@ def validate(root: Path) -> None:
"/api/v1/iwooos/wazuh-manager-registry-reviewer-validation",
"wazuh_manager_registry_reviewer_validation_v1",
"iwooos_wazuh_manager_registry_reviewer_validation_readback_v1",
+ "/api/v1/iwooos/wazuh-manager-registry-reviewer-validation/validate-owner-export",
+ "iwooos_wazuh_manager_registry_owner_export_validation_result_v1",
+ "validate_iwooos_wazuh_manager_registry_owner_export",
"test_iwooos_wazuh_manager_registry_reviewer_validation_api_is_public_safe",
+ "test_iwooos_wazuh_manager_registry_owner_export_validation_accepts_redacted_payload",
+ "test_iwooos_wazuh_manager_registry_owner_export_validation_quarantines_sensitive_payload",
+ "test_iwooos_wazuh_manager_registry_owner_export_validation_rejects_runtime_action_request",
"wazuh_manager_registry_reviewer_validation_owner_registry_export_received_count=0",
"wazuh_manager_registry_reviewer_validation_owner_registry_export_accepted_count=0",
"wazuh_manager_registry_reviewer_validation_manager_registry_accepted_count=0",