From 06b116c73f05adc11602e12f0cd405d1a643fdec Mon Sep 17 00:00:00 2001 From: Your Name Date: Fri, 12 Jun 2026 01:13:53 +0800 Subject: [PATCH] =?UTF-8?q?feat(governance):=20=E6=96=B0=E5=A2=9E=20post-w?= =?UTF-8?q?rite=20verifier=20package?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/api/src/api/v1/agents.py | 31 ++ .../ai_agent_post_write_verifier_package.py | 141 +++++++ ...est_ai_agent_interaction_learning_proof.py | 6 +- ...ai_agent_interaction_learning_proof_api.py | 6 +- ...st_ai_agent_post_write_verifier_package.py | 74 ++++ ...i_agent_post_write_verifier_package_api.py | 23 ++ ..._ai_agent_proactive_operations_contract.py | 6 +- ...agent_proactive_operations_contract_api.py | 6 +- apps/web/messages/en.json | 28 ++ apps/web/messages/zh-TW.json | 28 ++ .../tabs/automation-inventory-tab.tsx | 156 ++++++- apps/web/src/lib/api-client.ts | 87 ++++ docs/LOGBOOK.md | 25 ++ ...AI_AGENT_AUTOMATION_WORKLIST_2026-06-04.md | 9 +- ...T_INTERACTION_LEARNING_PROOF_2026-06-11.md | 15 +- ...I_AGENT_PROACTIVE_OPERATIONS_2026-06-11.md | 11 +- ...interaction_learning_proof_2026-06-11.json | 8 +- ...ost_write_verifier_package_2026-06-12.json | 197 +++++++++ ...active_operations_contract_2026-06-11.json | 26 +- ...post_write_verifier_package_v1.schema.json | 380 ++++++++++++++++++ ...-04-15-MASTER-ai-autonomous-flywheel-v2.md | 21 +- 21 files changed, 1245 insertions(+), 39 deletions(-) create mode 100644 apps/api/src/services/ai_agent_post_write_verifier_package.py create mode 100644 apps/api/tests/test_ai_agent_post_write_verifier_package.py create mode 100644 apps/api/tests/test_ai_agent_post_write_verifier_package_api.py create mode 100644 docs/evaluations/ai_agent_post_write_verifier_package_2026-06-12.json create mode 100644 docs/schemas/ai_agent_post_write_verifier_package_v1.schema.json diff --git a/apps/api/src/api/v1/agents.py b/apps/api/src/api/v1/agents.py index 16ad4212..ec897e9a 100644 --- a/apps/api/src/api/v1/agents.py +++ b/apps/api/src/api/v1/agents.py @@ -76,6 +76,9 @@ from src.services.ai_agent_owner_approved_fixture_dry_run import ( from src.services.ai_agent_owner_approved_learning_dry_run import ( load_latest_ai_agent_owner_approved_learning_dry_run, ) +from src.services.ai_agent_post_write_verifier_package import ( + load_latest_ai_agent_post_write_verifier_package, +) from src.services.ai_agent_proactive_operations_contract import ( load_latest_ai_agent_proactive_operations_contract, ) @@ -788,6 +791,34 @@ async def get_agent_runtime_write_gate_review() -> dict[str, Any]: ) from exc +@router.get( + "/agent-post-write-verifier-package", + response_model=dict[str, Any], + summary="取得 AI Agent post-write verifier package", + description=( + "讀取最新已提交的 post-write verifier implementation package;此端點只回傳 verifier package、" + "rollback lane、failure lane 與人工操作選項," + "不寫 KM、不更新 PlayBook trust、不寫 timeline、不寫 replay score、不發 Telegram、" + "不啟動 runtime worker、不讀 canonical target、不回傳未脫敏 payload。" + ), +) +async def get_agent_post_write_verifier_package() -> dict[str, Any]: + """Return the latest read-only AI Agent post-write verifier package.""" + try: + return await asyncio.to_thread(load_latest_ai_agent_post_write_verifier_package) + except FileNotFoundError as exc: + raise HTTPException( + status_code=status.HTTP_404_NOT_FOUND, + detail=str(exc), + ) from exc + except (json.JSONDecodeError, ValueError) as exc: + logger.error("ai_agent_post_write_verifier_package_invalid", error=str(exc)) + raise HTTPException( + status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, + detail="AI Agent post-write verifier package 無效", + ) from exc + + @router.get( "/agent-owner-approved-fixture-dry-run", response_model=dict[str, Any], diff --git a/apps/api/src/services/ai_agent_post_write_verifier_package.py b/apps/api/src/services/ai_agent_post_write_verifier_package.py new file mode 100644 index 00000000..6d947544 --- /dev/null +++ b/apps/api/src/services/ai_agent_post_write_verifier_package.py @@ -0,0 +1,141 @@ +""" +AI Agent post-write verifier package snapshot. + +Loads the latest committed P2-403H post-write verifier package. This module +never implements the verifier, reads canonical targets, writes rollback work +items, or sends Telegram receipts. +""" + +from __future__ import annotations + +import json +from pathlib import Path +from typing import Any + +from src.services.snapshot_paths import default_evaluations_dir + +_DEFAULT_EVALUATIONS_DIR = default_evaluations_dir(Path(__file__)) +_SNAPSHOT_PATTERN = "ai_agent_post_write_verifier_package_*.json" +_SCHEMA_VERSION = "ai_agent_post_write_verifier_package_v1" + + +def load_latest_ai_agent_post_write_verifier_package( + evaluations_dir: Path | None = None, +) -> dict[str, Any]: + """Load the newest committed AI Agent post-write verifier package.""" + directory = evaluations_dir or _DEFAULT_EVALUATIONS_DIR + candidates = sorted(directory.glob(_SNAPSHOT_PATTERN)) + if not candidates: + raise FileNotFoundError(f"no AI Agent post-write verifier package snapshots found in {directory}") + + latest = candidates[-1] + with latest.open(encoding="utf-8") as handle: + payload = json.load(handle) + + if not isinstance(payload, dict): + raise ValueError(f"{latest}: expected JSON object") + _require_schema(payload, str(latest)) + _require_runtime_boundaries(payload, str(latest)) + _require_verifier_contract(payload, str(latest)) + _require_rollup_consistency(payload, str(latest)) + return payload + + +def _require_schema(payload: dict[str, Any], label: str) -> None: + if payload.get("schema_version") != _SCHEMA_VERSION: + raise ValueError(f"{label}: expected schema_version={_SCHEMA_VERSION}") + status = payload.get("program_status") or {} + if status.get("read_only_mode") is not True: + raise ValueError(f"{label}: program_status.read_only_mode must be true") + if status.get("runtime_authority") != "post_write_verifier_package_only_no_runtime_write": + raise ValueError(f"{label}: runtime_authority must remain post_write_verifier_package_only_no_runtime_write") + + +def _require_runtime_boundaries(payload: dict[str, Any], label: str) -> None: + boundaries = payload.get("approval_boundaries") or {} + enabled = sorted(key for key, value in boundaries.items() if value is not False) + if enabled: + raise ValueError(f"{label}: approval boundaries must remain false: {enabled}") + + truth = payload.get("verifier_truth") or {} + false_flags = { + "runtime_write_allowed", + "post_write_verifier_implemented", + "canonical_readback_allowed", + } + unsafe = sorted(flag for flag in false_flags if truth.get(flag) is not False) + if unsafe: + raise ValueError(f"{label}: verifier runtime flags must remain false: {unsafe}") + + zero_counts = { + "post_write_verifier_executed_count", + "rollback_work_item_created_count", + "telegram_failure_receipt_sent_count", + } + non_zero = sorted(key for key in zero_counts if truth.get(key) != 0) + if non_zero: + raise ValueError(f"{label}: verifier counts must remain zero: {non_zero}") + + +def _require_verifier_contract(payload: dict[str, Any], label: str) -> None: + package = payload.get("verifier_package") or {} + required_inputs = set(package.get("required_inputs") or []) + required_minimum = { + "approved_write_event_id", + "dry_run_preview_hash", + "target_write_surface", + "canonical_readback_query", + "rollback_owner", + "failure_escalation_channel", + "redacted_evidence_refs", + } + missing = sorted(required_minimum - required_inputs) + if missing: + raise ValueError(f"{label}: verifier package missing required inputs: {missing}") + + if not payload.get("verification_targets"): + raise ValueError(f"{label}: verification targets must not be empty") + if not payload.get("failure_lanes"): + raise ValueError(f"{label}: failure lanes must not be empty") + if not payload.get("operator_actions"): + raise ValueError(f"{label}: operator actions must not be empty") + + redaction = payload.get("display_redaction_contract") or {} + if redaction.get("redaction_required") is not True: + raise ValueError(f"{label}: frontend redaction must be required") + for flag in ("raw_payload_display_allowed", "private_reasoning_display_allowed", "secret_value_display_allowed"): + if redaction.get(flag) is not False: + raise ValueError(f"{label}: {flag} must remain false") + + +def _require_rollup_consistency(payload: dict[str, Any], label: str) -> None: + rollups = payload.get("rollups") or {} + targets = payload.get("verification_targets") or [] + lanes = payload.get("failure_lanes") or [] + actions = payload.get("operator_actions") or [] + package = payload.get("verifier_package") or {} + expected_counts = { + "verification_target_count": len(targets), + "failure_lane_count": len(lanes), + "operator_action_count": len(actions), + "blocked_runtime_action_count": len({ + *(target.get("blocked_runtime_action") for target in targets), + *(lane.get("blocked_runtime_action") for lane in lanes), + *(action.get("blocked_runtime_action") for action in actions), + }), + "required_input_count": len(package.get("required_inputs") or []), + "forbidden_input_count": len(package.get("forbidden_inputs") or []), + } + mismatched = { + key: {"expected": expected, "actual": rollups.get(key)} + for key, expected in expected_counts.items() + if rollups.get(key) != expected + } + if mismatched: + raise ValueError(f"{label}: rollup counts must match payload sections: {mismatched}") + + approval_required = sorted(action.get("action_id") for action in actions if action.get("status") == "approval_required") + if sorted(rollups.get("approval_required_action_ids") or []) != approval_required: + raise ValueError(f"{label}: rollups.approval_required_action_ids mismatch") + if rollups.get("live_verifier_execution_count") != 0: + raise ValueError(f"{label}: live verifier execution count must remain zero") diff --git a/apps/api/tests/test_ai_agent_interaction_learning_proof.py b/apps/api/tests/test_ai_agent_interaction_learning_proof.py index cbe4a59e..0c2f2efc 100644 --- a/apps/api/tests/test_ai_agent_interaction_learning_proof.py +++ b/apps/api/tests/test_ai_agent_interaction_learning_proof.py @@ -13,9 +13,9 @@ def test_load_latest_ai_agent_interaction_learning_proof_reads_committed_snapsho data = load_latest_ai_agent_interaction_learning_proof() assert data["schema_version"] == "ai_agent_interaction_learning_proof_v1" - assert data["program_status"]["overall_completion_percent"] == 94 - assert data["program_status"]["current_task_id"] == "P2-403G" - assert data["program_status"]["next_task_id"] == "P2-403H" + assert data["program_status"]["overall_completion_percent"] == 97 + assert data["program_status"]["current_task_id"] == "P2-403H" + assert data["program_status"]["next_task_id"] == "P2-403I" assert data["program_status"]["read_only_mode"] is True assert data["program_status"]["runtime_authority"] == "proof_surface_only_no_live_worker" assert data["live_truth"]["runtime_loop_enabled"] is False diff --git a/apps/api/tests/test_ai_agent_interaction_learning_proof_api.py b/apps/api/tests/test_ai_agent_interaction_learning_proof_api.py index 1a7bb196..99e0dad8 100644 --- a/apps/api/tests/test_ai_agent_interaction_learning_proof_api.py +++ b/apps/api/tests/test_ai_agent_interaction_learning_proof_api.py @@ -16,9 +16,9 @@ def test_ai_agent_interaction_learning_proof_endpoint_returns_committed_snapshot assert response.status_code == 200 data = response.json() assert data["schema_version"] == "ai_agent_interaction_learning_proof_v1" - assert data["program_status"]["overall_completion_percent"] == 94 - assert data["program_status"]["current_task_id"] == "P2-403G" - assert data["program_status"]["next_task_id"] == "P2-403H" + assert data["program_status"]["overall_completion_percent"] == 97 + assert data["program_status"]["current_task_id"] == "P2-403H" + assert data["program_status"]["next_task_id"] == "P2-403I" assert data["program_status"]["read_only_mode"] is True assert data["live_truth"]["runtime_loop_enabled"] is False assert data["live_truth"]["active_live_agent_sessions"] == 0 diff --git a/apps/api/tests/test_ai_agent_post_write_verifier_package.py b/apps/api/tests/test_ai_agent_post_write_verifier_package.py new file mode 100644 index 00000000..445ee027 --- /dev/null +++ b/apps/api/tests/test_ai_agent_post_write_verifier_package.py @@ -0,0 +1,74 @@ +import copy +import json + +import pytest + +from src.services.ai_agent_post_write_verifier_package import ( + load_latest_ai_agent_post_write_verifier_package, +) + + +def _write_snapshot(tmp_path, payload): + path = tmp_path / "ai_agent_post_write_verifier_package_2026-06-12.json" + path.write_text(json.dumps(payload), encoding="utf-8") + return path + + +def test_load_latest_ai_agent_post_write_verifier_package(): + data = load_latest_ai_agent_post_write_verifier_package() + + assert data["schema_version"] == "ai_agent_post_write_verifier_package_v1" + assert data["program_status"]["current_task_id"] == "P2-403H" + assert data["program_status"]["next_task_id"] == "P2-403I" + assert data["program_status"]["overall_completion_percent"] == 97 + assert data["verifier_truth"]["runtime_write_allowed"] is False + assert data["verifier_truth"]["post_write_verifier_implemented"] is False + assert data["verifier_truth"]["post_write_verifier_executed_count"] == 0 + assert data["verifier_truth"]["rollback_work_item_created_count"] == 0 + assert data["rollups"]["verification_target_count"] == len(data["verification_targets"]) + assert data["rollups"]["failure_lane_count"] == len(data["failure_lanes"]) + assert data["rollups"]["operator_action_count"] == len(data["operator_actions"]) + assert data["rollups"]["live_verifier_execution_count"] == 0 + + +def test_rejects_post_write_verifier_implemented(tmp_path): + data = load_latest_ai_agent_post_write_verifier_package() + bad = copy.deepcopy(data) + bad["verifier_truth"]["post_write_verifier_implemented"] = True + _write_snapshot(tmp_path, bad) + + with pytest.raises(ValueError, match="verifier runtime flags"): + load_latest_ai_agent_post_write_verifier_package(tmp_path) + + +def test_rejects_rollback_count_increment(tmp_path): + data = load_latest_ai_agent_post_write_verifier_package() + bad = copy.deepcopy(data) + bad["verifier_truth"]["rollback_work_item_created_count"] = 1 + _write_snapshot(tmp_path, bad) + + with pytest.raises(ValueError, match="verifier counts"): + load_latest_ai_agent_post_write_verifier_package(tmp_path) + + +def test_rejects_missing_required_input(tmp_path): + data = load_latest_ai_agent_post_write_verifier_package() + bad = copy.deepcopy(data) + bad["verifier_package"]["required_inputs"] = [ + field for field in bad["verifier_package"]["required_inputs"] if field != "canonical_readback_query" + ] + bad["rollups"]["required_input_count"] = len(bad["verifier_package"]["required_inputs"]) + _write_snapshot(tmp_path, bad) + + with pytest.raises(ValueError, match="missing required inputs"): + load_latest_ai_agent_post_write_verifier_package(tmp_path) + + +def test_rejects_rollup_mismatch(tmp_path): + data = load_latest_ai_agent_post_write_verifier_package() + bad = copy.deepcopy(data) + bad["rollups"]["failure_lane_count"] = 999 + _write_snapshot(tmp_path, bad) + + with pytest.raises(ValueError, match="rollup counts"): + load_latest_ai_agent_post_write_verifier_package(tmp_path) diff --git a/apps/api/tests/test_ai_agent_post_write_verifier_package_api.py b/apps/api/tests/test_ai_agent_post_write_verifier_package_api.py new file mode 100644 index 00000000..1a934c8d --- /dev/null +++ b/apps/api/tests/test_ai_agent_post_write_verifier_package_api.py @@ -0,0 +1,23 @@ +from fastapi.testclient import TestClient + +from src.main import app + + +def test_get_ai_agent_post_write_verifier_package_api(): + client = TestClient(app) + response = client.get("/api/v1/agents/agent-post-write-verifier-package") + + assert response.status_code == 200 + data = response.json() + assert data["schema_version"] == "ai_agent_post_write_verifier_package_v1" + assert data["program_status"]["current_task_id"] == "P2-403H" + assert data["program_status"]["next_task_id"] == "P2-403I" + assert data["program_status"]["overall_completion_percent"] == 97 + assert data["verifier_truth"]["runtime_write_allowed"] is False + assert data["verifier_truth"]["post_write_verifier_implemented"] is False + assert data["verifier_truth"]["post_write_verifier_executed_count"] == 0 + assert data["verifier_truth"]["rollback_work_item_created_count"] == 0 + assert data["rollups"]["verification_target_count"] == 4 + assert data["rollups"]["failure_lane_count"] == 3 + assert data["rollups"]["operator_action_count"] == 4 + assert data["rollups"]["live_verifier_execution_count"] == 0 diff --git a/apps/api/tests/test_ai_agent_proactive_operations_contract.py b/apps/api/tests/test_ai_agent_proactive_operations_contract.py index dae5ec29..c13ec208 100644 --- a/apps/api/tests/test_ai_agent_proactive_operations_contract.py +++ b/apps/api/tests/test_ai_agent_proactive_operations_contract.py @@ -14,8 +14,8 @@ def test_load_latest_ai_agent_proactive_operations_contract_reads_committed_snap assert data["schema_version"] == "ai_agent_proactive_operations_contract_v1" assert data["program_status"]["overall_completion_percent"] == 100 - assert data["program_status"]["current_task_id"] == "P2-403G" - assert data["program_status"]["next_task_id"] == "P2-403H" + assert data["program_status"]["current_task_id"] == "P2-403H" + assert data["program_status"]["next_task_id"] == "P2-403I" assert data["program_status"]["read_only_mode"] is True assert data["program_status"]["runtime_authority"] == "contract_only_no_version_or_runtime_update" assert data["approval_boundaries"]["runtime_version_update_allowed"] is False @@ -25,7 +25,7 @@ def test_load_latest_ai_agent_proactive_operations_contract_reads_committed_snap assert data["approval_boundaries"]["telegram_direct_send_allowed"] is False assert data["rollups"]["version_domain_count"] == len(data["version_lifecycle_domains"]) == 12 assert data["rollups"]["delegable_capability_count"] == len(data["delegable_capabilities"]) == 24 - assert data["rollups"]["rollout_task_count"] == len(data["rollout_tasks"]) == 14 + assert data["rollups"]["rollout_task_count"] == len(data["rollout_tasks"]) == 15 assert data["rollups"]["auto_execute_allowed_count"] == 0 assert any(domain["domain_id"] == "ai_agents_models" for domain in data["version_lifecycle_domains"]) assert any( diff --git a/apps/api/tests/test_ai_agent_proactive_operations_contract_api.py b/apps/api/tests/test_ai_agent_proactive_operations_contract_api.py index 90accfe5..6de04d09 100644 --- a/apps/api/tests/test_ai_agent_proactive_operations_contract_api.py +++ b/apps/api/tests/test_ai_agent_proactive_operations_contract_api.py @@ -17,8 +17,8 @@ def test_ai_agent_proactive_operations_contract_endpoint_returns_committed_snaps data = response.json() assert data["schema_version"] == "ai_agent_proactive_operations_contract_v1" assert data["program_status"]["overall_completion_percent"] == 100 - assert data["program_status"]["current_task_id"] == "P2-403G" - assert data["program_status"]["next_task_id"] == "P2-403H" + assert data["program_status"]["current_task_id"] == "P2-403H" + assert data["program_status"]["next_task_id"] == "P2-403I" assert data["program_status"]["read_only_mode"] is True assert data["approval_boundaries"]["runtime_version_update_allowed"] is False assert data["approval_boundaries"]["package_upgrade_allowed"] is False @@ -26,7 +26,7 @@ def test_ai_agent_proactive_operations_contract_endpoint_returns_committed_snaps assert data["approval_boundaries"]["telegram_direct_send_allowed"] is False assert data["rollups"]["version_domain_count"] == 12 assert data["rollups"]["delegable_capability_count"] == 24 - assert data["rollups"]["rollout_task_count"] == 14 + assert data["rollups"]["rollout_task_count"] == 15 assert data["rollups"]["auto_execute_allowed_count"] == 0 assert any(domain["domain_id"] == "host_os_packages" for domain in data["version_lifecycle_domains"]) assert any( diff --git a/apps/web/messages/en.json b/apps/web/messages/en.json index 3eeb9ffb..28104703 100644 --- a/apps/web/messages/en.json +++ b/apps/web/messages/en.json @@ -3903,6 +3903,34 @@ "blocked_by_runtime_gate": "Runtime gate 阻擋", "ready_for_owner": "待 owner" } + }, + "postWriteVerifierPackage": { + "title": "P2-403H Post-write Verifier Package", + "source": "{generated} · {current} → {next}", + "packageTitle": "Verifier implementation package", + "truthTitle": "目前 verifier 真相", + "failureTitle": "失敗處置策略", + "metrics": { + "overall": "P2-403H 進度", + "targets": "驗證目標", + "lanes": "失敗 lanes", + "actions": "人工選項", + "approval": "需批准動作", + "blocked": "阻擋動作 {count}", + "live": "Live verifier" + }, + "flags": { + "implemented": "verifier implemented: {value}", + "canonical": "canonical readback: {value}", + "rollback": "rollback work item: {value}", + "telegram": "failure receipt: {value}" + }, + "labels": { + "requiredInputs": "必填輸入 {count}", + "forbiddenInputs": "禁止輸入 {count}", + "successPolicy": "success policy: {value}", + "failurePolicy": "failure policy: {value}" + } } } }, diff --git a/apps/web/messages/zh-TW.json b/apps/web/messages/zh-TW.json index 3eeb9ffb..28104703 100644 --- a/apps/web/messages/zh-TW.json +++ b/apps/web/messages/zh-TW.json @@ -3903,6 +3903,34 @@ "blocked_by_runtime_gate": "Runtime gate 阻擋", "ready_for_owner": "待 owner" } + }, + "postWriteVerifierPackage": { + "title": "P2-403H Post-write Verifier Package", + "source": "{generated} · {current} → {next}", + "packageTitle": "Verifier implementation package", + "truthTitle": "目前 verifier 真相", + "failureTitle": "失敗處置策略", + "metrics": { + "overall": "P2-403H 進度", + "targets": "驗證目標", + "lanes": "失敗 lanes", + "actions": "人工選項", + "approval": "需批准動作", + "blocked": "阻擋動作 {count}", + "live": "Live verifier" + }, + "flags": { + "implemented": "verifier implemented: {value}", + "canonical": "canonical readback: {value}", + "rollback": "rollback work item: {value}", + "telegram": "failure receipt: {value}" + }, + "labels": { + "requiredInputs": "必填輸入 {count}", + "forbiddenInputs": "禁止輸入 {count}", + "successPolicy": "success policy: {value}", + "failurePolicy": "failure policy: {value}" + } } } }, diff --git a/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx b/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx index 74a5d55d..8074df9b 100644 --- a/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx +++ b/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx @@ -42,6 +42,7 @@ import { type AiAgentLiveReadModelGateSnapshot, type AiAgentOwnerApprovedFixtureDryRunSnapshot, type AiAgentOwnerApprovedLearningDryRunSnapshot, + type AiAgentPostWriteVerifierPackageSnapshot, type AiAgentProactiveOperationsContractSnapshot, type AiAgentRedisDryRunGateSnapshot, type AiAgentRuntimeWriteGateReviewSnapshot, @@ -331,6 +332,7 @@ export function AutomationInventoryTab() { const [telegramReceiptPackage, setTelegramReceiptPackage] = useState(null) const [ownerApprovedLearningDryRun, setOwnerApprovedLearningDryRun] = useState(null) const [runtimeWriteGateReview, setRuntimeWriteGateReview] = useState(null) + const [postWriteVerifierPackage, setPostWriteVerifierPackage] = useState(null) const [ownerDryRunPackage, setOwnerDryRunPackage] = useState(null) const [hostStatefulInventory, setHostStatefulInventory] = useState(null) const [serviceHealthGapMatrix, setServiceHealthGapMatrix] = useState(null) @@ -360,6 +362,7 @@ export function AutomationInventoryTab() { apiClient.getAiAgentTelegramReceiptApprovalPackage(), apiClient.getAiAgentOwnerApprovedLearningDryRun(), apiClient.getAiAgentRuntimeWriteGateReview(), + apiClient.getAiAgentPostWriteVerifierPackage(), apiClient.getAiAgentOwnerApprovedFixtureDryRun(), apiClient.getAiAgentHostStatefulVersionInventory(), apiClient.getServiceHealthGapMatrix(), @@ -388,6 +391,7 @@ export function AutomationInventoryTab() { telegramReceiptPackageResult, ownerApprovedLearningDryRunResult, runtimeWriteGateReviewResult, + postWriteVerifierPackageResult, ownerDryRunPackageResult, hostStatefulInventoryResult, serviceHealthGapMatrixResult, @@ -413,6 +417,7 @@ export function AutomationInventoryTab() { setTelegramReceiptPackage(telegramReceiptPackageResult.status === 'fulfilled' ? telegramReceiptPackageResult.value : null) setOwnerApprovedLearningDryRun(ownerApprovedLearningDryRunResult.status === 'fulfilled' ? ownerApprovedLearningDryRunResult.value : null) setRuntimeWriteGateReview(runtimeWriteGateReviewResult.status === 'fulfilled' ? runtimeWriteGateReviewResult.value : null) + setPostWriteVerifierPackage(postWriteVerifierPackageResult.status === 'fulfilled' ? postWriteVerifierPackageResult.value : null) setOwnerDryRunPackage(ownerDryRunPackageResult.status === 'fulfilled' ? ownerDryRunPackageResult.value : null) setHostStatefulInventory(hostStatefulInventoryResult.status === 'fulfilled' ? hostStatefulInventoryResult.value : null) setServiceHealthGapMatrix(serviceHealthGapMatrixResult.status === 'fulfilled' ? serviceHealthGapMatrixResult.value : null) @@ -436,6 +441,7 @@ export function AutomationInventoryTab() { telegramReceiptPackageResult, ownerApprovedLearningDryRunResult, runtimeWriteGateReviewResult, + postWriteVerifierPackageResult, ownerDryRunPackageResult, hostStatefulInventoryResult, serviceHealthGapMatrixResult, @@ -750,6 +756,42 @@ export function AutomationInventoryTab() { }) }, [runtimeWriteGateReview]) + const visiblePostWriteVerifierTargets = useMemo(() => { + if (!postWriteVerifierPackage) return [] + const priority = { approval_required: 0, blocked_by_runtime_gate: 1, contract_ready: 2 } as Record + return [...postWriteVerifierPackage.verification_targets] + .sort((a, b) => { + const left = priority[a.status] ?? 3 + const right = priority[b.status] ?? 3 + if (left !== right) return left - right + return a.target_id.localeCompare(b.target_id) + }) + }, [postWriteVerifierPackage]) + + const visiblePostWriteVerifierLanes = useMemo(() => { + if (!postWriteVerifierPackage) return [] + const priority = { approval_required: 0, blocked_by_runtime_gate: 1, contract_ready: 2 } as Record + return [...postWriteVerifierPackage.failure_lanes] + .sort((a, b) => { + const left = priority[a.status] ?? 3 + const right = priority[b.status] ?? 3 + if (left !== right) return left - right + return a.lane_id.localeCompare(b.lane_id) + }) + }, [postWriteVerifierPackage]) + + const visiblePostWriteVerifierActions = useMemo(() => { + if (!postWriteVerifierPackage) return [] + const priority = { approval_required: 0, ready_for_owner: 1, blocked_by_runtime_gate: 2 } as Record + return [...postWriteVerifierPackage.operator_actions] + .sort((a, b) => { + const left = priority[a.status] ?? 3 + const right = priority[b.status] ?? 3 + if (left !== right) return left - right + return a.action_id.localeCompare(b.action_id) + }) + }, [postWriteVerifierPackage]) + const visibleOwnerDryRunGates = useMemo(() => { if (!ownerDryRunPackage) return [] const priority = { approval_required: 0, approved_for_fixture_only: 1, fixture_only: 2, ready: 3 } as Record @@ -929,7 +971,7 @@ export function AutomationInventoryTab() { ) } - if (error || !snapshot || !backlog || !backupTargets || !backupReadiness || !backupPolicy || !offsiteEscrow || !giteaHealth || !observabilityMatrix || !providerRouteMatrix || !deploymentLayout || !proactiveOperations || !interactionLearningProof || !liveReadModelGate || !redisDryRunGate || !learningWritebackPackage || !telegramReceiptPackage || !ownerApprovedLearningDryRun || !runtimeWriteGateReview || !ownerDryRunPackage || !hostStatefulInventory || !serviceHealthGapMatrix || !serviceHealthNotificationPolicy) { + if (error || !snapshot || !backlog || !backupTargets || !backupReadiness || !backupPolicy || !offsiteEscrow || !giteaHealth || !observabilityMatrix || !providerRouteMatrix || !deploymentLayout || !proactiveOperations || !interactionLearningProof || !liveReadModelGate || !redisDryRunGate || !learningWritebackPackage || !telegramReceiptPackage || !ownerApprovedLearningDryRun || !runtimeWriteGateReview || !postWriteVerifierPackage || !ownerDryRunPackage || !hostStatefulInventory || !serviceHealthGapMatrix || !serviceHealthNotificationPolicy) { return (
@@ -1054,6 +1096,13 @@ export function AutomationInventoryTab() { const runtimeWriteApprovals = runtimeWriteGateReview.rollups.approval_required_gate_ids.length const runtimeWriteBlockedActions = runtimeWriteGateReview.rollups.blocked_runtime_action_count const runtimeWriteLiveTotal = runtimeWriteGateReview.rollups.live_write_count_total + const postWriteVerifierOverall = postWriteVerifierPackage.program_status.overall_completion_percent + const postWriteVerifierTargets = postWriteVerifierPackage.rollups.verification_target_count + const postWriteVerifierFailureLanes = postWriteVerifierPackage.rollups.failure_lane_count + const postWriteVerifierActions = postWriteVerifierPackage.rollups.operator_action_count + const postWriteVerifierApprovals = postWriteVerifierPackage.rollups.approval_required_action_ids.length + const postWriteVerifierBlockedActions = postWriteVerifierPackage.rollups.blocked_runtime_action_count + const postWriteVerifierLiveTotal = postWriteVerifierPackage.rollups.live_verifier_execution_count const ownerDryRunOverall = ownerDryRunPackage.program_status.overall_completion_percent const ownerDryRunFixtures = ownerDryRunPackage.rollups.fixture_set_count const ownerDryRunGates = ownerDryRunPackage.rollups.dry_run_gate_count @@ -1745,6 +1794,111 @@ export function AutomationInventoryTab() {
+
+
+
+ + + {t('postWriteVerifierPackage.title')} + +
+ +
+ +
+ } /> + } /> + } /> + } /> + 0 ? 'danger' : 'ok'} icon={} /> + } /> +
+ +
+
+
+ {t('postWriteVerifierPackage.packageTitle')} + + {postWriteVerifierPackage.verifier_package.operator_meaning} + +
+ + + +
+
+ +
+ {t('postWriteVerifierPackage.truthTitle')} + + {postWriteVerifierPackage.verifier_truth.truth_note} + +
+ + + + +
+
+ +
+ {t('postWriteVerifierPackage.failureTitle')} + + {postWriteVerifierPackage.verifier_package.failure_policy} + + +
+
+ +
+ {visiblePostWriteVerifierTargets.map(target => ( +
+
+ + {target.target_id} + + +
+ + {target.display_name} + + + {target.operator_instruction} + +
+ + +
+
+ ))} +
+
+ +
+ {[...visiblePostWriteVerifierLanes, ...visiblePostWriteVerifierActions].map(item => ( +
+
+ + {item.display_name} + + +
+ + {'required_evidence' in item ? item.required_evidence : item.operator_instruction} + + +
+ ))} +
+
+
diff --git a/apps/web/src/lib/api-client.ts b/apps/web/src/lib/api-client.ts index c7fe8920..ef5c1156 100644 --- a/apps/web/src/lib/api-client.ts +++ b/apps/web/src/lib/api-client.ts @@ -307,6 +307,11 @@ export const apiClient = { return handleResponse(res) }, + async getAiAgentPostWriteVerifierPackage() { + const res = await fetch(`${API_BASE_URL}/agents/agent-post-write-verifier-package`) + return handleResponse(res) + }, + async getAiAgentOwnerApprovedFixtureDryRun() { const res = await fetch(`${API_BASE_URL}/agents/agent-owner-approved-fixture-dry-run`) return handleResponse(res) @@ -1675,6 +1680,88 @@ export interface AiAgentRuntimeWriteGateReviewSnapshot { } } +export interface AiAgentPostWriteVerifierPackageSnapshot { + schema_version: 'ai_agent_post_write_verifier_package_v1' + generated_at: string + program_status: { + overall_completion_percent: number + current_priority: 'P0' | 'P1' | 'P2' | 'P3' + current_task_id: string + next_task_id: string + read_only_mode: true + runtime_authority: 'post_write_verifier_package_only_no_runtime_write' + status_note: string + } + source_refs: string[] + verifier_truth: { + runtime_write_allowed: false + post_write_verifier_implemented: false + post_write_verifier_executed_count: number + rollback_work_item_created_count: number + telegram_failure_receipt_sent_count: number + canonical_readback_allowed: false + truth_note: string + } + verifier_package: { + package_id: string + display_name: string + owner_agent: 'openclaw' | 'hermes' | 'nemotron' + status: string + operator_meaning: string + required_inputs: string[] + forbidden_inputs: string[] + success_policy: string + failure_policy: string + } + verification_targets: Array<{ + target_id: string + display_name: string + target_surface: string + status: string + owner_agent: 'openclaw' | 'hermes' | 'nemotron' + required_readback: string + blocked_runtime_action: string + operator_instruction: string + }> + failure_lanes: Array<{ + lane_id: string + display_name: string + status: string + required_evidence: string + blocked_runtime_action: string + operator_instruction: string + }> + operator_actions: Array<{ + action_id: string + display_name: string + action_type: 'review' | 'collect_evidence' | 'approve_implementation' | 'reject_or_rework' + status: string + owner_agent: 'openclaw' | 'hermes' | 'nemotron' + operator_instruction: string + blocked_runtime_action: string + }> + approval_boundaries: Record + display_redaction_contract: { + redaction_required: true + raw_payload_display_allowed: false + private_reasoning_display_allowed: false + secret_value_display_allowed: false + allowed_frontend_content: string[] + forbidden_frontend_content: string[] + frontend_display_policy: string + } + rollups: { + verification_target_count: number + failure_lane_count: number + operator_action_count: number + approval_required_action_ids: string[] + blocked_runtime_action_count: number + required_input_count: number + forbidden_input_count: number + live_verifier_execution_count: number + } +} + export interface AiAgentOwnerApprovedFixtureDryRunSnapshot { schema_version: 'ai_agent_owner_approved_fixture_dry_run_v1' generated_at: string diff --git a/docs/LOGBOOK.md b/docs/LOGBOOK.md index 200af909..68911096 100644 --- a/docs/LOGBOOK.md +++ b/docs/LOGBOOK.md @@ -1,3 +1,28 @@ +## 2026-06-12|P2-403H Post-write Verifier Package + +**背景**:統帥指出 Telegram / AwoooP 批准後仍沒有真正自動化,也沒有清楚的人工作業選項。P2-403G 已把 runtime write 前的雙重批准、dry-run hash 與 post-write verifier gate 固定下來;本段把批准後應該執行的 verifier package、rollback lane、failure lane 與人工操作選項補成可審查契約,避免 approval resolved 後仍只得到 no-action 結論。 + +**完成**: + +- 新增 `ai_agent_post_write_verifier_package_v1` schema、committed snapshot、只讀 loader、API route 與測試。 +- 新增 `GET /api/v1/agents/agent-post-write-verifier-package`,只回傳 post-write verifier package;不讀 canonical target、不寫 rollback work item、不發 Telegram、不寫 KM / PlayBook trust / timeline / replay score、不啟動 runtime worker。 +- Snapshot 固定 `4` 個 verification target、`3` 個 failure lane、`4` 個 operator action、`8` 個必填輸入、`6` 個禁止輸入與 live verifier execution `0`。 +- Governance automation inventory 頁新增 P2-403H 區塊,顯示 verifier package、目前 verifier 真相、失敗處置策略、readback 目標、failure lane 與人工操作選項,仍不提供任何執行按鈕。 +- `agent-interaction-learning-proof` 與 `agent-proactive-operations-contract` 已同步 current / next:`P2-403H -> P2-403I`;三 Agent 互動學習證據完成度 `94% -> 97%`。 +- MASTER §3.2.1c / §3.2.1d、AI Agent 自動化工作清單、互動學習證據報告與主動營運報告已同步 P2-403H;下一步為 `P2-403I` runtime verifier evidence implementation review。 + +**本地驗證**:待執行。 + +**Gitea / deploy**:待推送。 + +**完成度同步**: + +- P2-403H Post-write verifier package:本地進行中,正式站待驗證。 +- 三 Agent 主動溝通、學習與成長證據:`94% -> 97%`。 +- IwoooS 整體仍維持 `64%`;active runtime gate 仍 `0`。 + +**邊界**:本段未讀 canonical target、未寫 rollback work item、未發 Telegram、未寫 KM、未更新 PlayBook trust、未寫 timeline learning、未寫 replay score、未啟動 runtime worker、未讀 secret value、未新增任何前端執行按鈕。 + ## 2026-06-12|P2-403G Governance UI 欄位對齊與紅線顯示修補 **背景**:P2-403G Runtime Write Gate Review 已正式部署後,正式治理頁 live DOM 檢查發現 `write_gate_review.owner_agent` 與 snapshot 實際 schema 不一致,導致前端 i18n 產生 `agents.undefined` console error;同時 P2-402 主動營運能力卡仍直接顯示 `secret_value_handling_forbidden` 原始 gate id。這兩者都不影響 runtime gate 真相,但治理頁應顯示可讀狀態與安全標籤,不應讓 operator 看到 undefined 或看似內部欄位名的 raw id。 diff --git a/docs/ai/AI_AGENT_AUTOMATION_WORKLIST_2026-06-04.md b/docs/ai/AI_AGENT_AUTOMATION_WORKLIST_2026-06-04.md index d0236f3b..3bca7751 100644 --- a/docs/ai/AI_AGENT_AUTOMATION_WORKLIST_2026-06-04.md +++ b/docs/ai/AI_AGENT_AUTOMATION_WORKLIST_2026-06-04.md @@ -12,7 +12,7 @@ | Nemotron 實際整合應用 | 30% | 完整回放前仍被關卡擋下 | `blocked_needs_evidence`,下一關是 `refresh_source_evidence_then_5_record_smoke_only` | | 工具 / 服務 / 套件 AI 自動化 | 92% | P0 已完成;P1 服務 / runtime / 監控 / provider / service health / 備份 / DR / 套件與供應鏈只讀基線已完成;P1-007 失敗限定通知合約與前端 redaction 合約已完成;下一主線是 P2-004 依賴 / 供應鏈漂移監控 | 狀態分類、盤點 schema、權限矩陣、靜態盤點種子、只讀 API、UI 骨架、驗證、自動化待辦 schema / 快照 / API / 分組 UI、Backup / DR 目標盤點、準備度矩陣、備份通知政策、Backup / DR 證據 UI、復原演練批准包模板、異地 / escrow 準備度狀態、任務批准邊界、確定性進度彙總、Python 套件 / 供應鏈只讀基線、JS pnpm/npm 只讀基線、Docker build surface 只讀基線、CVE / license / drift 嚴重度政策、定期依賴漂移與外部資料來源檢查設計、依賴升級批准包模板、runtime_surface_inventory_v1 schema / snapshot / API / UI、gitea_workflow_runner_health_v1 schema / snapshot / API / UI、observability_contract_matrix_v1 schema / snapshot / API / UI、ai_provider_route_matrix_v1 schema / snapshot / API / UI、service_health_gap_matrix_v1 schema / snapshot / API / UI、service health evidence cards UI、service_health_failure_notification_policy_v1 schema / snapshot / API / UI 已完成 | | OpenClaw / Hermes / NemoTron 佈建布局 | 45% | P1-401 / P1-402 已完成;仍是只讀 layout 與治理頁顯示,不是 runtime deploy | `ai_agent_deployment_layout_v1` schema、`ai_agent_deployment_layout_2026-06-11.json`、`GET /api/v1/agents/agent-deployment-layout`、治理頁自動化盤點 UI、`AI_AGENT_DEPLOYMENT_LAYOUT_2026-06-11.md` | -| OpenClaw / Hermes / NemoTron 主動溝通、學習與成長證據 | 94% | P2-401A 已完成只讀 contract;P2-403A 已完成互動 / 接手 / 學習 / 成長證據面板;P2-403B 已完成 AgentSession / Redis Streams live read model gate;P2-403C 已完成 Redis Streams consumer group dry-run、handoff envelope、ack / dead-letter / replay gate;P2-403D 已完成 learning writeback approval package;P2-403E 已完成 Telegram receipt approval package;P2-403F 已完成 owner-approved learning dry-run preview、人工操作選項與 fixture-only dry-run 總包;P2-403G 已完成 runtime write gate review,固定雙重批准、dry-run hash、post-write verifier 與 redaction 欄位。runtime worker、DB migration、production Redis consumer group、Telegram 實發、KM / PlayBook trust / timeline / replay score 寫入、SDK / 付費服務仍未開 gate | `ai_agent_communication_learning_contract_v1`、`ai_agent_interaction_learning_proof_v1`、`ai_agent_live_read_model_gate_v1`、`ai_agent_redis_dry_run_gate_v1`、`ai_agent_learning_writeback_approval_package_v1`、`ai_agent_telegram_receipt_approval_package_v1`、`ai_agent_owner_approved_learning_dry_run_v1`、`ai_agent_owner_approved_fixture_dry_run_v1`、`GET /api/v1/agents/agent-communication-learning-contract`、`GET /api/v1/agents/agent-interaction-learning-proof`、`GET /api/v1/agents/agent-live-read-model-gate`、`GET /api/v1/agents/agent-redis-dry-run-gate`、`GET /api/v1/agents/agent-learning-writeback-approval-package`、`GET /api/v1/agents/agent-telegram-receipt-approval-package`、`GET /api/v1/agents/agent-owner-approved-learning-dry-run`、`GET /api/v1/agents/agent-owner-approved-fixture-dry-run`、`ai_agent_runtime_write_gate_review_v1`、`GET /api/v1/agents/agent-runtime-write-gate-review`、`/zh-TW/governance?tab=automation-inventory`、MASTER §3.2.1b / §3.2.1d / §3.4.3 | +| OpenClaw / Hermes / NemoTron 主動溝通、學習與成長證據 | 97% | P2-401A 已完成只讀 contract;P2-403A 已完成互動 / 接手 / 學習 / 成長證據面板;P2-403B 已完成 AgentSession / Redis Streams live read model gate;P2-403C 已完成 Redis Streams consumer group dry-run、handoff envelope、ack / dead-letter / replay gate;P2-403D 已完成 learning writeback approval package;P2-403E 已完成 Telegram receipt approval package;P2-403F 已完成 owner-approved learning dry-run preview、人工操作選項與 fixture-only dry-run 總包;P2-403G 已完成 runtime write gate review,固定雙重批准、dry-run hash、post-write verifier 與 redaction 欄位;P2-403H 已完成 post-write verifier implementation package、rollback lane、failure lane 與人工操作選項。runtime worker、DB migration、production Redis consumer group、Telegram 實發、KM / PlayBook trust / timeline / replay score 寫入、SDK / 付費服務仍未開 gate | `ai_agent_communication_learning_contract_v1`、`ai_agent_interaction_learning_proof_v1`、`ai_agent_live_read_model_gate_v1`、`ai_agent_redis_dry_run_gate_v1`、`ai_agent_learning_writeback_approval_package_v1`、`ai_agent_telegram_receipt_approval_package_v1`、`ai_agent_owner_approved_learning_dry_run_v1`、`ai_agent_owner_approved_fixture_dry_run_v1`、`GET /api/v1/agents/agent-communication-learning-contract`、`GET /api/v1/agents/agent-interaction-learning-proof`、`GET /api/v1/agents/agent-live-read-model-gate`、`GET /api/v1/agents/agent-redis-dry-run-gate`、`GET /api/v1/agents/agent-learning-writeback-approval-package`、`GET /api/v1/agents/agent-telegram-receipt-approval-package`、`GET /api/v1/agents/agent-owner-approved-learning-dry-run`、`GET /api/v1/agents/agent-owner-approved-fixture-dry-run`、`ai_agent_runtime_write_gate_review_v1`、`GET /api/v1/agents/agent-runtime-write-gate-review`、`ai_agent_post_write_verifier_package_v1`、`GET /api/v1/agents/agent-post-write-verifier-package`、`/zh-TW/governance?tab=automation-inventory`、MASTER §3.2.1b / §3.2.1d / §3.4.3 | | AI Agent 主動營運委派與版本生命週期 | 100% | P2-402A / P2-402B / P2-402C / P2-402D / P2-402E / P2-402F / P2-402G 已完成;已建立 repo-only 版本新鮮度快照、工具採用批准包、Telegram action-required digest policy、Gitea PR 草案 lane、host / K3s / stateful 版本只讀盤點、API 與 governance UI。定期排程、外部版本查詢、工具安裝、CI 變更、套件升級、主機更新、container pull、實際 PR creation、auto merge、Telegram 實發、SSH、kubectl、重啟仍未開 gate | `ai_agent_proactive_operations_contract_v1`、`ai_agent_version_freshness_snapshot_v1`、`ai_agent_tool_adoption_approval_package_v1`、`ai_agent_telegram_action_required_digest_policy_v1`、`ai_agent_gitea_pr_draft_lane_v1`、`ai_agent_host_stateful_version_inventory_v1`、`GET /api/v1/agents/agent-proactive-operations-contract`、`GET /api/v1/agents/agent-version-freshness-snapshot`、`GET /api/v1/agents/agent-tool-adoption-approval-package`、`GET /api/v1/agents/agent-telegram-action-required-digest-policy`、`GET /api/v1/agents/agent-gitea-pr-draft-lane`、`GET /api/v1/agents/agent-host-stateful-version-inventory`、`/zh-TW/governance?tab=automation-inventory`、MASTER §3.2.1c | | 本工作清單與分析報告 | 100% | 已完成 | 本 MD 文件 | @@ -20,9 +20,9 @@ AI Agent 自動化工作包目前完成度:**92%**。本工作清單文件本 三 Agent 佈建布局目前完成度:**45%**。第一波已完成只讀 schema / snapshot / API / 測試 / 報告,第二波已接入治理頁自動化盤點 UI;正式 runtime 佈署、Telegram E2E 發送與 AgentSession 工作流仍需逐項 gate。 -三 Agent 主動溝通、學習與成長證據目前完成度:**94%**。已完成只讀契約、互動 / 接手 / 學習 / 成長證據面板、P2-403B live read model gate、P2-403C Redis dry-run gate、P2-403D learning writeback approval package、P2-403E Telegram receipt approval package、P2-403F owner-approved learning dry-run preview、人工操作選項與 fixture-only dry-run 總包、P2-403G runtime write gate review、API、治理頁顯示、測試與 MASTER 同步;目前 live AgentSession、Agent message、handoff、learning write、Telegram receipt、Gateway queue write 與 Telegram send 仍全部為 `0`,下一步依優先順序推 `P2-403H` post-write verifier implementation package,但在批准前仍不得啟動 runtime loop。 +三 Agent 主動溝通、學習與成長證據目前完成度:**97%**。已完成只讀契約、互動 / 接手 / 學習 / 成長證據面板、P2-403B live read model gate、P2-403C Redis dry-run gate、P2-403D learning writeback approval package、P2-403E Telegram receipt approval package、P2-403F owner-approved learning dry-run preview、人工操作選項與 fixture-only dry-run 總包、P2-403G runtime write gate review、P2-403H post-write verifier implementation package、API、治理頁顯示、測試與 MASTER 同步;目前 live AgentSession、Agent message、handoff、learning write、Telegram receipt、Gateway queue write 與 Telegram send 仍全部為 `0`,下一步依優先順序推 `P2-403I` runtime verifier evidence implementation review,但在批准前仍不得啟動 runtime loop。 -AI Agent 主動營運委派與版本生命週期目前完成度:**100%**。已完成 12 類版本 domain、24 類可委派能力、5 種 cadence、8 類 MCP、4 類 RAG memory、只讀 API、`P2-402B` repo-only daily version freshness snapshot、`P2-402C` Renovate / OSV-Scanner / Trivy / Syft / Grype 工具採用批准包、`P2-402D` Telegram action-required digest policy、`P2-402E` Gitea PR 草案 lane、`P2-402F` host OS / K3s / stateful services 版本只讀盤點,以及 `P2-402G` governance UI 顯示可委派能力;`P2-403A`、`P2-403B`、`P2-403C`、`P2-403D`、`P2-403E`、`P2-403F` 與 `P2-403G` 已先補互動、學習證據面、live read model gate、Redis dry-run gate、learning writeback approval package、Telegram receipt approval package、owner-approved learning dry-run preview 與 runtime write gate review。下一步是 `P2-403H` post-write verifier implementation package,外部 registry / package source / host probe / SSH / kubectl / 工具安裝 / CI 變更 / 實際 PR creation / Telegram 實發與 learning write 仍需 gate。 +AI Agent 主動營運委派與版本生命週期目前完成度:**100%**。已完成 12 類版本 domain、24 類可委派能力、5 種 cadence、8 類 MCP、4 類 RAG memory、只讀 API、`P2-402B` repo-only daily version freshness snapshot、`P2-402C` Renovate / OSV-Scanner / Trivy / Syft / Grype 工具採用批准包、`P2-402D` Telegram action-required digest policy、`P2-402E` Gitea PR 草案 lane、`P2-402F` host OS / K3s / stateful services 版本只讀盤點,以及 `P2-402G` governance UI 顯示可委派能力;`P2-403A`、`P2-403B`、`P2-403C`、`P2-403D`、`P2-403E`、`P2-403F` 、`P2-403G` 與 `P2-403H` 已先補互動、學習證據面、live read model gate、Redis dry-run gate、learning writeback approval package、Telegram receipt approval package、owner-approved learning dry-run preview、runtime write gate review 與 post-write verifier package。下一步是 `P2-403I` runtime verifier evidence implementation review,外部 registry / package source / host probe / SSH / kubectl / 工具安裝 / CI 變更 / 實際 PR creation / Telegram 實發與 learning write 仍需 gate。 完成度計算模型: @@ -76,7 +76,7 @@ AI Agent 主動營運委派與版本生命週期目前完成度:**100%**。已 | AgentSession / Redis Streams runtime loop | 待辦:P2-401,需 migration / worker gate | | 主動溝通與學習契約 | 已完成:P2-401A,`ai_agent_communication_learning_contract_v1` + `GET /api/v1/agents/agent-communication-learning-contract` | | 主動營運委派與版本生命週期契約 | 已完成:P2-402A,`ai_agent_proactive_operations_contract_v1` + `GET /api/v1/agents/agent-proactive-operations-contract` | -| 互動、接手、學習與成長證據面 | 已完成:P2-403A + P2-403B + P2-403C + P2-403D + P2-403E + P2-403F + P2-403G,`ai_agent_interaction_learning_proof_v1`、`ai_agent_live_read_model_gate_v1`、`ai_agent_redis_dry_run_gate_v1`、`GET /api/v1/agents/agent-interaction-learning-proof`、`GET /api/v1/agents/agent-live-read-model-gate`、`GET /api/v1/agents/agent-redis-dry-run-gate`、`GET /api/v1/agents/agent-learning-writeback-approval-package`、`GET /api/v1/agents/agent-telegram-receipt-approval-package` + governance UI;live count 仍為 0 | +| 互動、接手、學習與成長證據面 | 已完成:P2-403A + P2-403B + P2-403C + P2-403D + P2-403E + P2-403F + P2-403G + P2-403H,`ai_agent_interaction_learning_proof_v1`、`ai_agent_live_read_model_gate_v1`、`ai_agent_redis_dry_run_gate_v1`、`GET /api/v1/agents/agent-interaction-learning-proof`、`GET /api/v1/agents/agent-live-read-model-gate`、`GET /api/v1/agents/agent-redis-dry-run-gate`、`GET /api/v1/agents/agent-learning-writeback-approval-package`、`GET /api/v1/agents/agent-telegram-receipt-approval-package`、`GET /api/v1/agents/agent-post-write-verifier-package` + governance UI;live count 仍為 0 | | NemoTron 3 Ultra smoke | 待辦:P3-401,需 source refresh + cost/data approval | ## 4. 工作流總覽 @@ -966,6 +966,7 @@ UI: | P2-403E | 完成 | 100 | OpenClaw + Hermes | Telegram receipt approval package、queue / delivery / ack / failure / retry gate | `ai_agent_telegram_receipt_approval_package_v1` / snapshot / 只讀 API / governance UI;owner review、delivery correlation、retry、redaction、blocked runtime actions | 不寫 Gateway queue、不呼叫 Bot API、不改 receiver route、不發 Telegram、不啟動 receipt worker | | P2-403F | 完成 | 100 | Hermes + OpenClaw | Owner-approved learning dry-run preview、人工操作選項與驗證 / rollback gate | `ai_agent_owner_approved_learning_dry_run_v1` / snapshot / 只讀 API / governance UI;dry-run preview 欄位、operator actions、evidence gate、rollback / verification contract | 不產生 live preview、不寫 KM、不更新 PlayBook trust、不寫 timeline / replay score、不發 Telegram | | P2-403G | 完成 | 100 | OpenClaw | Runtime write gate review、雙重批准、dry-run hash、post-write verifier 與 redaction gate | `ai_agent_runtime_write_gate_review_v1` / snapshot / 只讀 API / governance UI;4 個 write target、4 個 approval gate、9 個必填欄位與 live write total `0` | 不寫 KM、不更新 PlayBook trust、不寫 timeline / replay score、不發 Telegram;runtime write 仍未授權 | +| P2-403H | 完成 | 100 | OpenClaw | Post-write verifier implementation package、rollback lane、failure lane 與人工操作選項 | `ai_agent_post_write_verifier_package_v1` / snapshot / 只讀 API / governance UI;4 個 verification target、3 個 failure lane、4 個 operator action 與 live verifier execution `0` | 不讀 canonical target、不寫 rollback work item、不發 Telegram、不寫 KM / PlayBook trust / timeline / replay score;runtime verifier 仍未授權 | | P2-101 | 待辦 | 0 | OpenClaw | 定義操作類別權限模型 | 操作政策 schema | HITL 關卡 | | P2-102 | 待辦 | 0 | OpenClaw | 所有候選操作都要有 dry-run 證據 | dry-run 合約 | 不直接 apply | | P2-103 | 待辦 | 0 | Hermes | 把任務結果接回 KM / LOGBOOK / 稽核軌跡 | 證據寫入器 | 不洩漏 secret | diff --git a/docs/ai/AI_AGENT_INTERACTION_LEARNING_PROOF_2026-06-11.md b/docs/ai/AI_AGENT_INTERACTION_LEARNING_PROOF_2026-06-11.md index bc0ff62a..eac85850 100644 --- a/docs/ai/AI_AGENT_INTERACTION_LEARNING_PROOF_2026-06-11.md +++ b/docs/ai/AI_AGENT_INTERACTION_LEARNING_PROOF_2026-06-11.md @@ -1,12 +1,12 @@ # AI Agent 互動、溝通、學習與成長證據報告 > 日期:2026-06-11(台北時間) -> 文件定位:P2-403A 證據面 + P2-403B AgentSession / Redis Streams live read model gate + P2-403C Redis dry-run gate + P2-403D learning writeback approval package + P2-403E Telegram receipt approval package + P2-403F owner-approved learning dry-run / fixture dry-run、P2-403G runtime write gate review、API、治理頁 UI 與後續 post-write verifier 分析。 +> 文件定位:P2-403A 證據面 + P2-403B AgentSession / Redis Streams live read model gate + P2-403C Redis dry-run gate + P2-403D learning writeback approval package + P2-403E Telegram receipt approval package + P2-403F owner-approved learning dry-run / fixture dry-run、P2-403G runtime write gate review、P2-403H post-write verifier package、API 與治理頁 UI。 > 事實邊界:本波只建立可見證據面與 read model gate,不啟動 runtime worker、不建立 DB migration、不開 Redis consumer group、不發 Telegram、不顯示工作視窗對話內容。 ## 1. 結論 -已完成 P2-403A、P2-403B、P2-403C、P2-403D、P2-403E、P2-403F 與 P2-403G:讓統帥能在治理頁看到 OpenClaw / Hermes / NemoTron 的互動、接手、學習與成長是否真的有證據,並看到 live read model、Redis dry-run、handoff envelope、ack / dead-letter / replay、learning writeback approval、Telegram receipt approval、fixture dry-run 與 runtime write gate review 下一步要通過哪些 gate。 +已完成 P2-403A、P2-403B、P2-403C、P2-403D、P2-403E、P2-403F、P2-403G 與 P2-403H:讓統帥能在治理頁看到 OpenClaw / Hermes / NemoTron 的互動、接手、學習與成長是否真的有證據,並看到 live read model、Redis dry-run、handoff envelope、ack / dead-letter / replay、learning writeback approval、Telegram receipt approval、fixture dry-run、runtime write gate review 與 post-write verifier package 下一步要通過哪些 gate。 目前真相: @@ -51,7 +51,7 @@ | 產物 | 內容 | |---|---| | `docs/schemas/ai_agent_interaction_learning_proof_v1.schema.json` | 強制 live flags / counts / Telegram / transcript / 私有推理維持安全邊界 | -| `docs/evaluations/ai_agent_interaction_learning_proof_2026-06-11.json` | P2-403A + P2-403B + P2-403C + P2-403D + P2-403E + P2-403F + P2-403G committed snapshot,完成度 `94%`,live count 全為 `0` | +| `docs/evaluations/ai_agent_interaction_learning_proof_2026-06-11.json` | P2-403A + P2-403B + P2-403C + P2-403D + P2-403E + P2-403F + P2-403G + P2-403H committed snapshot,完成度 `97%`,live count 全為 `0` | | `docs/schemas/ai_agent_live_read_model_gate_v1.schema.json` | 強制 DB / Redis / worker / Telegram / learning writeback gate 維持未批准 | | `docs/evaluations/ai_agent_live_read_model_gate_2026-06-11.json` | P2-403B committed snapshot,完成度 `55%`,live count 全為 `0` | | `docs/evaluations/ai_agent_redis_dry_run_gate_2026-06-11.json` | P2-403C committed snapshot,完成度 `65%`,live count 全為 `0` | @@ -60,18 +60,21 @@ | `docs/schemas/ai_agent_runtime_write_gate_review_v1.schema.json` | P2-403G runtime write gate review schema;強制 runtime write、KM / PlayBook / timeline / replay / Telegram 全部維持未授權 | | `docs/evaluations/ai_agent_runtime_write_gate_review_2026-06-12.json` | P2-403G committed snapshot,完成度 `94%`,4 個 write target、4 個 approval gate、雙重批准 / dry-run hash / post-write verifier counts 全為 `0` | | `GET /api/v1/agents/agent-runtime-write-gate-review` | 只讀 API;不寫 KM、不更新 PlayBook trust、不寫 timeline / replay score、不發 Telegram | +| `docs/schemas/ai_agent_post_write_verifier_package_v1.schema.json` | P2-403H post-write verifier package schema;強制 canonical readback、rollback work item、Telegram failure receipt 與 verifier execution 全部維持未授權 | +| `docs/evaluations/ai_agent_post_write_verifier_package_2026-06-12.json` | P2-403H committed snapshot,完成度 `97%`,4 個 verification target、3 個 failure lane、4 個 operator action 與 live verifier execution `0` | +| `GET /api/v1/agents/agent-post-write-verifier-package` | 只讀 API;不讀 canonical target、不寫 rollback work item、不發 Telegram、不寫 KM / PlayBook trust / timeline / replay score | | `apps/api/src/services/ai_agent_interaction_learning_proof.py` | 只讀 loader 與安全驗證 | | `apps/api/src/services/ai_agent_live_read_model_gate.py` | P2-403B 只讀 loader;拒絕 live DB query、Redis consumer、unsafe fields、Telegram 與 writeback | | `GET /api/v1/agents/agent-interaction-learning-proof` | 只讀 API,不啟動 worker、不碰 Redis / DB runtime、不發 Telegram | | `GET /api/v1/agents/agent-live-read-model-gate` | 只讀 API,不連 DB、不讀寫 Redis、不發 Telegram | -| governance UI | 新增證據階梯、目前真相、P2-403B live read gate、P2-403C Redis dry-run gate、P2-403D learning writeback approval package、P2-403E Telegram receipt approval package、P2-403F owner-approved learning dry-run / fixture dry-run、P2-403G runtime write gate review、Agent lane、可觀測訊號、runtime gates、前端 redaction | +| governance UI | 新增證據階梯、目前真相、P2-403B live read gate、P2-403C Redis dry-run gate、P2-403D learning writeback approval package、P2-403E Telegram receipt approval package、P2-403F owner-approved learning dry-run / fixture dry-run、P2-403G runtime write gate review、P2-403H post-write verifier package、Agent lane、可觀測訊號、runtime gates、前端 redaction | ## 5. 後續優先順序 | 優先 | ID | 工作 | gate | |---:|---|---|---| -| 1 | P2-403H | post-write verifier implementation package、rollback owner 與 verifier evidence | runtime write gate review | -| 2 | P2-403I | 成長趨勢週報與 operator feedback applied 指標 | trend evidence | +| 1 | P2-403I | runtime verifier evidence implementation review、rollback work item 與 failure receipt gate | post-write verifier package | +| 2 | P2-403J | 成長趨勢週報與 operator feedback applied 指標 | trend evidence | ## 6. 紅線 diff --git a/docs/ai/AI_AGENT_PROACTIVE_OPERATIONS_2026-06-11.md b/docs/ai/AI_AGENT_PROACTIVE_OPERATIONS_2026-06-11.md index 8fa7321b..fefc7b71 100644 --- a/docs/ai/AI_AGENT_PROACTIVE_OPERATIONS_2026-06-11.md +++ b/docs/ai/AI_AGENT_PROACTIVE_OPERATIONS_2026-06-11.md @@ -1,7 +1,7 @@ # AI Agent 主動營運委派與版本生命週期分析報告 > 日期:2026-06-11(台北時間) -> 文件定位:P2-402A / P2-402B / P2-402C / P2-402D / P2-402E / P2-402F / P2-402G / P2-403A / P2-403B / P2-403C / P2-403D / P2-403E / P2-403F / P2-403G 只讀契約與治理 UI 摘要。權威細節以 MASTER §3.2.1c / §3.2.1d、`ai_agent_proactive_operations_contract_v1`、`ai_agent_interaction_learning_proof_v1`、`ai_agent_live_read_model_gate_v1`、`ai_agent_redis_dry_run_gate_v1`、`ai_agent_learning_writeback_approval_package_v1`、`ai_agent_telegram_receipt_approval_package_v1`、`ai_agent_owner_approved_learning_dry_run_v1`、`ai_agent_owner_approved_fixture_dry_run_v1`、`ai_agent_runtime_write_gate_review_v1`、`ai_agent_version_freshness_snapshot_v1`、`ai_agent_tool_adoption_approval_package_v1`、`ai_agent_telegram_action_required_digest_policy_v1`、`ai_agent_gitea_pr_draft_lane_v1` 與 `ai_agent_host_stateful_version_inventory_v1` 為準。 +> 文件定位:P2-402A / P2-402B / P2-402C / P2-402D / P2-402E / P2-402F / P2-402G / P2-403A / P2-403B / P2-403C / P2-403D / P2-403E / P2-403F / P2-403G / P2-403H 只讀契約與治理 UI 摘要。權威細節以 MASTER §3.2.1c / §3.2.1d、`ai_agent_proactive_operations_contract_v1`、`ai_agent_interaction_learning_proof_v1`、`ai_agent_live_read_model_gate_v1`、`ai_agent_redis_dry_run_gate_v1`、`ai_agent_learning_writeback_approval_package_v1`、`ai_agent_telegram_receipt_approval_package_v1`、`ai_agent_owner_approved_learning_dry_run_v1`、`ai_agent_owner_approved_fixture_dry_run_v1`、`ai_agent_runtime_write_gate_review_v1`、`ai_agent_post_write_verifier_package_v1`、`ai_agent_version_freshness_snapshot_v1`、`ai_agent_tool_adoption_approval_package_v1`、`ai_agent_telegram_action_required_digest_policy_v1`、`ai_agent_gitea_pr_draft_lane_v1` 與 `ai_agent_host_stateful_version_inventory_v1` 為準。 ## 1. 本波完成度 @@ -17,7 +17,7 @@ | Agent 互動與學習證據面 | 100% | P2-403A 已把目前真相、證據階梯、三 Agent lane、可觀測訊號、runtime gates 與 redaction policy 接入治理頁;live counts 全為 `0` | | Redis dry-run gate | 100% | P2-403C 已把 consumer group dry-run、handoff envelope、ack / dead-letter / replay idempotency 與治理頁顯示接入;live counts 全為 `0` | | Learning writeback approval package | 100% | P2-403D 已把 KM / PlayBook trust / timeline learning / replay score 的 owner review、rollback、redaction 與 blocked write actions 接入;live writes 全為 `0` | -| 整體主動營運與版本生命週期 | 100% | P2-402A~G、P2-403A、P2-403B、P2-403C、P2-403D、P2-403E、P2-403F 與 P2-403G 只讀契約、snapshot、API、測試與治理 UI 已完成;runtime 排程、工具安裝、CI 變更、實際 PR 建立與更新、host probe、升級、重啟、learning write、Telegram receipt 仍未開 gate | +| 整體主動營運與版本生命週期 | 100% | P2-402A~G、P2-403A、P2-403B、P2-403C、P2-403D、P2-403E、P2-403F、P2-403G 與 P2-403H 只讀契約、snapshot、API、測試與治理 UI 已完成;runtime 排程、工具安裝、CI 變更、實際 PR 建立與更新、host probe、升級、重啟、learning write、Telegram receipt、post-write verifier execution 仍未開 gate | ## 2. 可交給 AI Agent 的工作分類 @@ -55,8 +55,10 @@ | `docs/evaluations/ai_agent_host_stateful_version_inventory_2026-06-11.json` | 5 台主機、2 個 K3s 節點、12 個 stateful / ops 服務、6 個只讀 probe 步驟、maintenance window approval package | | `GET /api/v1/agents/agent-host-stateful-version-inventory` | 只讀 API;不 SSH、不 kubectl、不升級、不 drain、不 reboot、不重啟 stateful、不發 Telegram | | `docs/schemas/ai_agent_interaction_learning_proof_v1.schema.json` | P2-403A Agent 互動、接手、學習、成長與 Telegram receipt 證據面 schema | -| `docs/evaluations/ai_agent_interaction_learning_proof_2026-06-11.json` | 證據階梯、live truth、三 Agent lane、可觀測訊號、runtime gates;P2-403G 後完成度 `94%`,live counts 全部 `0` | +| `docs/evaluations/ai_agent_interaction_learning_proof_2026-06-11.json` | 證據階梯、live truth、三 Agent lane、可觀測訊號、runtime gates;P2-403H 後完成度 `97%`,live counts 全部 `0` | | `GET /api/v1/agents/agent-interaction-learning-proof` | 只讀 API;不啟動 worker、不開 Redis consumer、不 DB migration、不發 Telegram、不顯示工作視窗對話 | +| `docs/schemas/ai_agent_post_write_verifier_package_v1.schema.json` | P2-403H post-write verifier package schema;canonical readback、rollback work item、Telegram failure receipt 與 live verifier execution 全部 false | +| `GET /api/v1/agents/agent-post-write-verifier-package` | 只讀 API;只回傳 verifier package、failure lane 與人工操作選項,不讀 canonical target、不寫 rollback、不發 Telegram | | `docs/schemas/ai_agent_live_read_model_gate_v1.schema.json` | P2-403B AgentSession / Redis Streams live read model gate schema | | `docs/evaluations/ai_agent_live_read_model_gate_2026-06-11.json` | AgentSession safe fields、Redis envelope、worker gate、rollback plan、no-write smoke、frontend redaction;live counts 全部 `0` | | `GET /api/v1/agents/agent-live-read-model-gate` | 只讀 API;不連 DB、不讀寫 Redis、不啟動 worker、不發 Telegram | @@ -70,7 +72,7 @@ | Dockerfiles | Hermes | action_required | P2-402C 評估 Trivy / Syft / Grype / Docker Scout 採用,不 build / pull | | Committed evaluation snapshots | Hermes | action_required | 將 2026-06-04~06-05 舊基線列入 stale refs,不假裝是外部最新 | | Agent / model governance snapshots | NemoTron | action_required | 只做離線 freshness note,不進 shadow / canary / production route | -| K8s / Gitea / observability / Ansible / backup / web surfaces | OpenClaw + Hermes | baseline_ready / planned_next | 下一步進入 P2-403H post-write verifier implementation package;現階段仍只讀 | +| K8s / Gitea / observability / Ansible / backup / web surfaces | OpenClaw + Hermes | baseline_ready / planned_next | 下一步進入 P2-403I runtime verifier evidence implementation review;現階段仍只讀 | 本波只把「每天要看哪些 repo 內版本來源」定義成可驗證資料面。每日排程、外部 registry 查詢、主機/K3s live probe、Telegram digest 與 Gitea PR lane 都仍是下一階段 gate。 @@ -146,6 +148,7 @@ P2-402G 的重點是把前面六個資料契約接回治理頁,讓統帥可以 | P2-403E | 8 | Telegram receipt approval package、queue / delivery / ack / failure / retry | 已完成,只讀;Gateway queue / Bot API / delivery receipt / retry worker 未啟用 | | P2-403F | 9 | Owner-approved learning dry-run preview、fixture dry-run、人工操作選項、驗證與 rollback | 已完成,只讀;owner approval / dry-run preview generation / KM / PlayBook trust / timeline / replay score write / Gateway queue / Telegram send 未啟用 | | P2-403G | 10 | Runtime write gate review、雙重批准、dry-run hash、post-write verifier、redaction gate | 已完成,只讀;KM / PlayBook trust / timeline / replay score / Telegram send 未啟用,live write total `0` | +| P2-403H | 11 | Post-write verifier package、rollback lane、failure lane、人工操作選項 | 已完成,只讀;canonical readback / rollback work item / Telegram failure receipt / verifier execution 未啟用,live verifier execution `0` | ## 11. 仍維持 false 的安全邊界 diff --git a/docs/evaluations/ai_agent_interaction_learning_proof_2026-06-11.json b/docs/evaluations/ai_agent_interaction_learning_proof_2026-06-11.json index 17526447..8de65f49 100644 --- a/docs/evaluations/ai_agent_interaction_learning_proof_2026-06-11.json +++ b/docs/evaluations/ai_agent_interaction_learning_proof_2026-06-11.json @@ -2,13 +2,13 @@ "schema_version": "ai_agent_interaction_learning_proof_v1", "generated_at": "2026-06-11T23:20:00+08:00", "program_status": { - "overall_completion_percent": 94, + "overall_completion_percent": 97, "current_priority": "P2", - "current_task_id": "P2-403G", - "next_task_id": "P2-403H", + "current_task_id": "P2-403H", + "next_task_id": "P2-403I", "read_only_mode": true, "runtime_authority": "proof_surface_only_no_live_worker", - "status_note": "P2-403G 已把 runtime write gate review 接入;雙重批准、dry-run hash、post-write verifier 與 redaction 欄位齊備,但 live AgentSession、message、handoff、learning write、Telegram receipt 仍全部為 0。" + "status_note": "P2-403H 已把 post-write verifier implementation package 接入;verifier package、rollback lane、failure lane 與人工操作選項齊備,但 live AgentSession、message、handoff、learning write、Telegram receipt 與 verifier execution 仍全部為 0。" }, "live_truth": { "runtime_loop_enabled": false, diff --git a/docs/evaluations/ai_agent_post_write_verifier_package_2026-06-12.json b/docs/evaluations/ai_agent_post_write_verifier_package_2026-06-12.json new file mode 100644 index 00000000..8651eab3 --- /dev/null +++ b/docs/evaluations/ai_agent_post_write_verifier_package_2026-06-12.json @@ -0,0 +1,197 @@ +{ + "schema_version": "ai_agent_post_write_verifier_package_v1", + "generated_at": "2026-06-12T01:18:00+08:00", + "program_status": { + "overall_completion_percent": 97, + "current_priority": "P2", + "current_task_id": "P2-403H", + "next_task_id": "P2-403I", + "read_only_mode": true, + "runtime_authority": "post_write_verifier_package_only_no_runtime_write", + "status_note": "P2-403H 已把 post-write verifier、rollback work item 與 failure-only notification 的 implementation package 固定為只讀契約;尚未執行 runtime write、尚未讀回 canonical target、尚未建立 rollback work item、尚未發 Telegram。" + }, + "source_refs": [ + "docs/evaluations/ai_agent_runtime_write_gate_review_2026-06-12.json", + "docs/evaluations/ai_agent_interaction_learning_proof_2026-06-11.json", + "docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md" + ], + "verifier_truth": { + "runtime_write_allowed": false, + "post_write_verifier_implemented": false, + "post_write_verifier_executed_count": 0, + "rollback_work_item_created_count": 0, + "telegram_failure_receipt_sent_count": 0, + "canonical_readback_allowed": false, + "truth_note": "目前只建立 verifier implementation package;未通過 runtime write gate 前,不能讀寫 canonical target、不能建立 rollback work item、不能發 Telegram failure receipt。" + }, + "verifier_package": { + "required_inputs": [ + "approved_write_event_id", + "dry_run_preview_hash", + "target_write_surface", + "canonical_readback_query", + "expected_diff_summary", + "rollback_owner", + "failure_escalation_channel", + "redacted_evidence_refs" + ], + "forbidden_inputs": [ + "secret_value", + "authorization_header", + "raw_tool_output", + "private_reasoning", + "raw_telegram_payload", + "unredacted_incident_log" + ], + "operator_meaning": "這份 package 定義未來真的寫入後要如何驗證成功、如何判定失敗、如何產生 rollback work item 與 failure-only 通知;目前只讀,不做任何 write。", + "success_policy": "成功只回寫治理證據與每日摘要,不即時洗版 Telegram。", + "failure_policy": "失敗必須建立 rollback work item 草案與 failure-only notification 草案,不能靜默標記完成。" + }, + "verification_targets": [ + { + "target_id": "km_canonical_readback", + "display_name": "KM canonical readback", + "status": "approval_required", + "owner_agent": "hermes", + "verifier_check": "讀回 canonical KM 條目,確認 hash、source refs、owner review reason 與 dry-run preview 一致。", + "failure_escalation": "建立 KM rollback work item 草案,標記 stale / wrong knowledge risk。", + "blocked_runtime_action": "knowledge_entries_readback_and_write" + }, + { + "target_id": "playbook_trust_guard", + "display_name": "PlayBook trust guard", + "status": "approval_required", + "owner_agent": "openclaw", + "verifier_check": "只有 verifier 證明修復成功時才能調整 trust;no-action / no-repair 不得加分。", + "failure_escalation": "建立 PlayBook trust rollback 草案,要求 owner review。", + "blocked_runtime_action": "playbook_trust_history_write" + }, + { + "target_id": "timeline_learning_readback", + "display_name": "Timeline learning readback", + "status": "contract_ready", + "owner_agent": "hermes", + "verifier_check": "確認 learning event 可追溯 incident id、approval id、redacted evidence refs 與 verifier result。", + "failure_escalation": "建立 timeline correction work item 草案。", + "blocked_runtime_action": "incident_timeline_learning_write" + }, + { + "target_id": "replay_score_regression", + "display_name": "Replay score regression", + "status": "blocked_by_runtime_gate", + "owner_agent": "nemotron", + "verifier_check": "比較 baseline replay score 與 candidate score,避免錯誤 learning 讓模型路由變差。", + "failure_escalation": "建立 NemoTron replay regression review 草案。", + "blocked_runtime_action": "agent_replay_score_write" + } + ], + "failure_lanes": [ + { + "lane_id": "rollback_work_item_lane", + "display_name": "Rollback work item draft", + "status": "approval_required", + "trigger": "post-write verifier failed or readback mismatch", + "operator_instruction": "產生 rollback work item 草案,列出 target、diff、owner、deadline 與 evidence refs。", + "blocked_runtime_action": "rollback_work_item_write" + }, + { + "lane_id": "failure_only_notification_lane", + "display_name": "Failure-only notification draft", + "status": "approval_required", + "trigger": "verifier failed after approved write", + "operator_instruction": "只產生 Telegram / AwoooP failure notification 草案;成功不即時通知。", + "blocked_runtime_action": "telegram_send_or_receipt_write" + }, + { + "lane_id": "no_action_guard_lane", + "display_name": "No-action guard", + "status": "contract_ready", + "trigger": "diagnostic_only_no_repair_or_no_write", + "operator_instruction": "若沒有執行修復或寫入,必須明確標記 no-action,不得更新 trust 或 learning score。", + "blocked_runtime_action": "playbook_trust_history_write" + } + ], + "operator_actions": [ + { + "action_id": "review_verifier_package", + "display_name": "審查 verifier package", + "status": "ready_for_owner", + "operator_instruction": "確認 verifier target、readback query、failure lane 與 rollback owner 是否完整。", + "owner_agent": "openclaw", + "blocked_runtime_action": "runtime_learning_write" + }, + { + "action_id": "collect_readback_evidence", + "display_name": "補齊讀回證據", + "status": "ready_for_owner", + "operator_instruction": "補 canonical readback query 與 redacted evidence refs;目前不執行查詢。", + "owner_agent": "hermes", + "blocked_runtime_action": "canonical_readback_query" + }, + { + "action_id": "approve_verifier_implementation", + "display_name": "批准 verifier implementation", + "status": "approval_required", + "operator_instruction": "只有獨立批准後,下一階段才可討論 verifier implementation;不是批准 live write。", + "owner_agent": "openclaw", + "blocked_runtime_action": "post_write_verifier_implementation" + }, + { + "action_id": "reject_or_rework_verifier", + "display_name": "退回 verifier 契約", + "status": "ready_for_owner", + "operator_instruction": "若 failure lane、rollback owner 或 redaction 不完整,退回重做,不進 runtime gate。", + "owner_agent": "nemotron", + "blocked_runtime_action": "runtime_learning_write" + } + ], + "approval_boundaries": { + "runtime_write_allowed": false, + "canonical_readback_allowed": false, + "post_write_verifier_implemented": false, + "rollback_work_item_write_allowed": false, + "telegram_send_allowed": false, + "awooop_event_write_allowed": false, + "playbook_trust_write_allowed": false, + "km_write_allowed": false, + "timeline_learning_write_allowed": false, + "agent_replay_score_write_allowed": false, + "secret_plaintext_allowed": false + }, + "display_redaction_contract": { + "redaction_required": true, + "raw_payload_display_allowed": false, + "private_reasoning_display_allowed": false, + "secret_value_display_allowed": false, + "allowed_frontend_content": [ + "verification target", + "failure lane", + "operator action", + "required input count", + "forbidden input count", + "blocked runtime action", + "failure policy" + ], + "forbidden_frontend_content": [ + "secret value", + "authorization header", + "raw tool output", + "private reasoning", + "raw Telegram payload", + "unredacted incident log" + ], + "frontend_display_policy": "治理頁只顯示 verifier target、failure lane、operator action、blocked runtime action 與 failure policy;不顯示 secret、authorization header、raw tool output、private reasoning、raw Telegram payload 或未脫敏 incident log。" + }, + "rollups": { + "verification_target_count": 4, + "failure_lane_count": 3, + "operator_action_count": 4, + "approval_required_action_ids": [ + "approve_verifier_implementation" + ], + "blocked_runtime_action_count": 9, + "required_input_count": 8, + "forbidden_input_count": 6, + "live_verifier_execution_count": 0 + } +} diff --git a/docs/evaluations/ai_agent_proactive_operations_contract_2026-06-11.json b/docs/evaluations/ai_agent_proactive_operations_contract_2026-06-11.json index d3f368ae..3dd89e9f 100644 --- a/docs/evaluations/ai_agent_proactive_operations_contract_2026-06-11.json +++ b/docs/evaluations/ai_agent_proactive_operations_contract_2026-06-11.json @@ -4,11 +4,11 @@ "program_status": { "overall_completion_percent": 100, "current_priority": "P2", - "current_task_id": "P2-403G", - "next_task_id": "P2-403H", + "current_task_id": "P2-403H", + "next_task_id": "P2-403I", "read_only_mode": true, "runtime_authority": "contract_only_no_version_or_runtime_update", - "status_note": "P2-403G 已把 runtime write gate review 接入治理證據;live AgentSession / Redis consumer / runtime worker / learning write / Telegram receipt 目前全為 0,下一步是 P2-403H post-write verifier implementation package。" + "status_note": "P2-403H 已把 post-write verifier implementation package 接入治理證據;live AgentSession / Redis consumer / runtime worker / learning write / Telegram receipt / verifier execution 目前全為 0,下一步是 P2-403I runtime verifier evidence implementation review。" }, "external_source_evidence": [ { @@ -902,6 +902,24 @@ "agent_replay_score_write", "telegram_send_or_receipt_write" ] + }, + { + "task_id": "P2-403H", + "sequence": 11, + "display_name": "Post-write verifier package", + "status": "done", + "owner_agent": "openclaw", + "completion_percent": 100, + "runtime_authority": "post_write_verifier_package_only_no_runtime_write", + "blocked_runtime_actions": [ + "canonical_readback_query", + "rollback_work_item_write", + "telegram_send_or_receipt_write", + "knowledge_entries_readback_and_write", + "playbook_trust_history_write", + "incident_timeline_learning_write", + "agent_replay_score_write" + ] } ], "approval_boundaries": { @@ -922,7 +940,7 @@ "cadence_count": 5, "mcp_tool_count": 8, "rag_memory_count": 4, - "rollout_task_count": 14, + "rollout_task_count": 15, "auto_execute_allowed_count": 0, "approval_required_capability_count": 23, "blocked_update_domain_ids": [ diff --git a/docs/schemas/ai_agent_post_write_verifier_package_v1.schema.json b/docs/schemas/ai_agent_post_write_verifier_package_v1.schema.json new file mode 100644 index 00000000..96f9ad9c --- /dev/null +++ b/docs/schemas/ai_agent_post_write_verifier_package_v1.schema.json @@ -0,0 +1,380 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://awoooi.local/schemas/ai_agent_post_write_verifier_package_v1.schema.json", + "title": "AI Agent Post-write Verifier Package", + "type": "object", + "required": [ + "schema_version", + "generated_at", + "program_status", + "source_refs", + "verifier_truth", + "verifier_package", + "verification_targets", + "failure_lanes", + "operator_actions", + "approval_boundaries", + "display_redaction_contract", + "rollups" + ], + "properties": { + "schema_version": { + "const": "ai_agent_post_write_verifier_package_v1" + }, + "generated_at": { + "type": "string" + }, + "program_status": { + "type": "object", + "required": [ + "overall_completion_percent", + "current_priority", + "current_task_id", + "next_task_id", + "read_only_mode", + "runtime_authority", + "status_note" + ], + "properties": { + "overall_completion_percent": { + "type": "integer", + "minimum": 0, + "maximum": 100 + }, + "current_priority": { + "enum": [ + "P0", + "P1", + "P2", + "P3" + ] + }, + "current_task_id": { + "const": "P2-403H" + }, + "next_task_id": { + "const": "P2-403I" + }, + "read_only_mode": { + "const": true + }, + "runtime_authority": { + "const": "post_write_verifier_package_only_no_runtime_write" + }, + "status_note": { + "type": "string" + } + }, + "additionalProperties": false + }, + "source_refs": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + }, + "verifier_truth": { + "type": "object", + "required": [ + "runtime_write_allowed", + "post_write_verifier_implemented", + "post_write_verifier_executed_count", + "rollback_work_item_created_count", + "telegram_failure_receipt_sent_count", + "canonical_readback_allowed", + "truth_note" + ], + "properties": { + "runtime_write_allowed": { + "const": false + }, + "post_write_verifier_implemented": { + "const": false + }, + "post_write_verifier_executed_count": { + "const": 0 + }, + "rollback_work_item_created_count": { + "const": 0 + }, + "telegram_failure_receipt_sent_count": { + "const": 0 + }, + "canonical_readback_allowed": { + "const": false + }, + "truth_note": { + "type": "string" + } + }, + "additionalProperties": false + }, + "verifier_package": { + "type": "object", + "required": [ + "required_inputs", + "forbidden_inputs", + "operator_meaning", + "success_policy", + "failure_policy" + ], + "properties": { + "required_inputs": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + }, + "forbidden_inputs": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + }, + "operator_meaning": { + "type": "string" + }, + "success_policy": { + "type": "string" + }, + "failure_policy": { + "type": "string" + } + }, + "additionalProperties": false + }, + "verification_targets": { + "type": "array", + "items": { + "type": "object", + "required": [ + "target_id", + "display_name", + "status", + "owner_agent", + "verifier_check", + "failure_escalation", + "blocked_runtime_action" + ], + "properties": { + "target_id": { + "type": "string" + }, + "display_name": { + "type": "string" + }, + "status": { + "enum": [ + "contract_ready", + "approval_required", + "blocked_by_runtime_gate" + ] + }, + "owner_agent": { + "enum": [ + "openclaw", + "hermes", + "nemotron" + ] + }, + "verifier_check": { + "type": "string" + }, + "failure_escalation": { + "type": "string" + }, + "blocked_runtime_action": { + "type": "string" + } + }, + "additionalProperties": false + }, + "minItems": 1 + }, + "failure_lanes": { + "type": "array", + "items": { + "type": "object", + "required": [ + "lane_id", + "display_name", + "status", + "trigger", + "operator_instruction", + "blocked_runtime_action" + ], + "properties": { + "lane_id": { + "type": "string" + }, + "display_name": { + "type": "string" + }, + "status": { + "enum": [ + "contract_ready", + "approval_required", + "blocked_by_runtime_gate" + ] + }, + "trigger": { + "type": "string" + }, + "operator_instruction": { + "type": "string" + }, + "blocked_runtime_action": { + "type": "string" + } + }, + "additionalProperties": false + }, + "minItems": 1 + }, + "operator_actions": { + "type": "array", + "items": { + "type": "object", + "required": [ + "action_id", + "display_name", + "status", + "operator_instruction", + "owner_agent", + "blocked_runtime_action" + ], + "properties": { + "action_id": { + "type": "string" + }, + "display_name": { + "type": "string" + }, + "status": { + "enum": [ + "ready_for_owner", + "approval_required", + "blocked_by_runtime_gate" + ] + }, + "operator_instruction": { + "type": "string" + }, + "owner_agent": { + "enum": [ + "openclaw", + "hermes", + "nemotron" + ] + }, + "blocked_runtime_action": { + "type": "string" + } + }, + "additionalProperties": false + }, + "minItems": 1 + }, + "approval_boundaries": { + "type": "object", + "additionalProperties": { + "const": false + } + }, + "display_redaction_contract": { + "type": "object", + "required": [ + "redaction_required", + "raw_payload_display_allowed", + "private_reasoning_display_allowed", + "secret_value_display_allowed", + "allowed_frontend_content", + "forbidden_frontend_content", + "frontend_display_policy" + ], + "properties": { + "redaction_required": { + "const": true + }, + "raw_payload_display_allowed": { + "const": false + }, + "private_reasoning_display_allowed": { + "const": false + }, + "secret_value_display_allowed": { + "const": false + }, + "allowed_frontend_content": { + "type": "array", + "items": { + "type": "string" + } + }, + "forbidden_frontend_content": { + "type": "array", + "items": { + "type": "string" + } + }, + "frontend_display_policy": { + "type": "string" + } + }, + "additionalProperties": false + }, + "rollups": { + "type": "object", + "required": [ + "verification_target_count", + "failure_lane_count", + "operator_action_count", + "approval_required_action_ids", + "blocked_runtime_action_count", + "required_input_count", + "forbidden_input_count", + "live_verifier_execution_count" + ], + "properties": { + "verification_target_count": { + "type": "integer", + "minimum": 0 + }, + "failure_lane_count": { + "type": "integer", + "minimum": 0 + }, + "operator_action_count": { + "type": "integer", + "minimum": 0 + }, + "approval_required_action_ids": { + "type": "array", + "items": { + "type": "string" + } + }, + "blocked_runtime_action_count": { + "type": "integer", + "minimum": 0 + }, + "required_input_count": { + "type": "integer", + "minimum": 0 + }, + "forbidden_input_count": { + "type": "integer", + "minimum": 0 + }, + "live_verifier_execution_count": { + "const": 0 + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false +} diff --git a/docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md b/docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md index f1efdbbd..4b0a5535 100644 --- a/docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md +++ b/docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md @@ -634,7 +634,7 @@ Alert / Sentry / SigNoz / Gitea / Market Watch / Operator | `docs/evaluations/ai_agent_communication_learning_contract_2026-06-11.json` | 2026-06-11 committed snapshot;完成度 `35%`,runtime worker / DB migration / Telegram direct send 全部 false | | `apps/api/src/services/ai_agent_communication_learning_contract.py` | 只讀 loader;強制驗證 runtime / migration / Telegram / SDK / route 權限都未開 | | `GET /api/v1/agents/agent-communication-learning-contract` | 治理 API;只回傳 committed contract,不啟動 worker、不碰 DB/Redis、不呼叫外部服務 | -| `docs/evaluations/ai_agent_interaction_learning_proof_2026-06-11.json` + `GET /api/v1/agents/agent-interaction-learning-proof` | P2-403A / P2-403B / P2-403C / P2-403D / P2-403E / P2-403F / P2-403G 互動、接手、學習、成長、read model gate、Redis dry-run gate、learning writeback approval package、Telegram receipt approval package、owner-approved learning dry-run、fixture dry-run 與 runtime write gate review 證據面;目前 live session、message、handoff、learning write、Gateway queue、Telegram send 全部 `0`,下一步 P2-403H | +| `docs/evaluations/ai_agent_interaction_learning_proof_2026-06-11.json` + `GET /api/v1/agents/agent-interaction-learning-proof` | P2-403A / P2-403B / P2-403C / P2-403D / P2-403E / P2-403F / P2-403G / P2-403H 互動、接手、學習、成長、read model gate、Redis dry-run gate、learning writeback approval package、Telegram receipt approval package、owner-approved learning dry-run、fixture dry-run 與 runtime write gate review 與 post-write verifier package 證據面;目前 live session、message、handoff、learning write、Gateway queue、Telegram send、verifier execution 全部 `0`,下一步 P2-403I | | `docs/evaluations/ai_agent_live_read_model_gate_2026-06-11.json` + `GET /api/v1/agents/agent-live-read-model-gate` | P2-403B AgentSession / Redis Streams live read model gate;定義 safe fields、Redis envelope、worker gate、rollback plan 與 no-write smoke,不連 DB、不讀寫 Redis、不啟動 worker | #### 3.2.1c 2026-06-11 AI Agent 主動營運委派與版本生命週期契約 @@ -716,7 +716,8 @@ Repo / registry / release notes / K8s / host / observability / backup evidence 11. 建立 Telegram receipt approval package,先固定 queue、delivery、ack、failure、retry 與 redaction。✅ P2-403E 已完成;Gateway queue write、Bot API、delivery receipt write、retry worker 仍未授權。 12. 建立 owner-approved learning dry-run preview,先固定批准後可產生的 dry-run preview、人工操作選項、驗證與 rollback。✅ P2-403F 已完成;owner approval received、dry-run preview generated、KM / PlayBook trust / timeline / replay score write、Telegram send 仍為 `0 / false`。 13. 建立 owner-approved fixture dry-run 總包,將 learning writeback、Telegram receipt、handoff replay、operator feedback 的乾跑證據收斂到治理頁。✅ P2-403F 補強完成;Gateway queue、Telegram send、Redis consumer、runtime worker 仍為 `0 / false`。 -14. 建立 runtime write gate review,固定雙重批准、dry-run hash、post-write verifier、rollback 與 redaction 欄位。✅ P2-403G 已完成;KM / PlayBook trust / timeline / replay score / Telegram live write 仍為 `0 / false`。下一步 P2-403H post-write verifier implementation package。 +14. 建立 runtime write gate review,固定雙重批准、dry-run hash、post-write verifier、rollback 與 redaction 欄位。✅ P2-403G 已完成;KM / PlayBook trust / timeline / replay score / Telegram live write 仍為 `0 / false`。 +15. 建立 post-write verifier implementation package,固定 canonical readback、rollback lane、failure lane 與人工操作選項。✅ P2-403H 已完成;canonical readback、rollback work item、Telegram failure receipt 與 verifier execution 仍為 `0 / false`。下一步 P2-403I runtime verifier evidence implementation review。 #### 3.2.1d 2026-06-11 Agent 互動、學習與成長證據面 @@ -739,7 +740,7 @@ Repo / registry / release notes / K8s / host / observability / backup evidence | 檔案 / API | 用途 | |---|---| | `docs/schemas/ai_agent_interaction_learning_proof_v1.schema.json` | 互動、接手、學習、成長、Telegram receipt 與前端 redaction schema | -| `docs/evaluations/ai_agent_interaction_learning_proof_2026-06-11.json` | P2-403A + P2-403B + P2-403C + P2-403D + P2-403E + P2-403F + P2-403G committed snapshot;完成度 `94%`,live truth counts 全部 `0` | +| `docs/evaluations/ai_agent_interaction_learning_proof_2026-06-11.json` | P2-403A + P2-403B + P2-403C + P2-403D + P2-403E + P2-403F + P2-403G + P2-403H committed snapshot;完成度 `97%`,live truth counts 全部 `0` | | `apps/api/src/services/ai_agent_interaction_learning_proof.py` | 只讀 loader;強制 live flags / DB / Redis / Telegram / transcript / 私有推理全部關閉 | | `GET /api/v1/agents/agent-interaction-learning-proof` | 治理 API;只回傳證據面,不啟動 worker、不碰 live DB/Redis、不發 Telegram | | `docs/schemas/ai_agent_live_read_model_gate_v1.schema.json` | P2-403B live read model gate schema;強制 DB / Redis / worker / Telegram / learning writeback 仍需批准 | @@ -768,7 +769,11 @@ Repo / registry / release notes / K8s / host / observability / backup evidence | `docs/evaluations/ai_agent_runtime_write_gate_review_2026-06-12.json` | P2-403G committed snapshot;4 個 write target、4 個 approval gate、9 個必填欄位、6 個禁止欄位與 live write total `0` | | `apps/api/src/services/ai_agent_runtime_write_gate_review.py` | 只讀 loader;拒絕 runtime write、批准數假性增加、欄位缺失與 rollup 不一致 | | `GET /api/v1/agents/agent-runtime-write-gate-review` | 治理 API;只回傳 runtime write gate review,不寫 KM、不更新 PlayBook trust、不寫 timeline / replay score、不發 Telegram | -| `/zh-TW/governance?tab=automation-inventory` | 顯示證據階梯、目前真相、三 Agent lane、可觀測訊號、P2-403G runtime write gate review、runtime gates 與 redaction policy | +| `docs/schemas/ai_agent_post_write_verifier_package_v1.schema.json` | P2-403H post-write verifier package schema;強制 canonical readback、rollback work item、Telegram failure receipt 與 verifier execution 全部維持未授權 | +| `docs/evaluations/ai_agent_post_write_verifier_package_2026-06-12.json` | P2-403H committed snapshot;4 個 verification target、3 個 failure lane、4 個 operator action、8 個必填輸入與 live verifier execution `0` | +| `apps/api/src/services/ai_agent_post_write_verifier_package.py` | 只讀 loader;拒絕 verifier 執行、rollback count、Telegram failure receipt、必填欄位缺失與 rollup 不一致 | +| `GET /api/v1/agents/agent-post-write-verifier-package` | 治理 API;只回傳 post-write verifier package,不讀 canonical target、不寫 rollback work item、不發 Telegram | +| `/zh-TW/governance?tab=automation-inventory` | 顯示證據階梯、目前真相、三 Agent lane、可觀測訊號、P2-403G runtime write gate review、P2-403H post-write verifier package、runtime gates 與 redaction policy | **硬性紅線:** @@ -1852,6 +1857,14 @@ Phase 6 完成後 +### 2026-06-12 01:20 (台北) — §3.2 / §5 — 完成 P2-403H Post-write Verifier Package — 把批准後的驗證、回滾與人工處置固定成可審查契約 + +- 新增 `ai_agent_post_write_verifier_package_v1` schema / committed snapshot / loader / API / 測試,定義 verifier package、canonical readback 輸入、rollback lane、failure lane、operator actions 與 redaction 欄位。 +- `apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx` 接入 `GET /api/v1/agents/agent-post-write-verifier-package`,顯示 4 個 verification target、3 個 failure lane、4 個人工操作選項、truth flags 與 live verifier execution `0`。 +- 更新 `ai_agent_interaction_learning_proof_2026-06-11.json`:整體完成度 `97%`,current task `P2-403H`,next task `P2-403I`;live AgentSession / Redis events / handoff / learning write / Telegram digest receipt / verifier execution 全部仍為 `0`。 +- 更新 `ai_agent_proactive_operations_contract_2026-06-11.json`:新增 rollout task `P2-403H`,blocked runtime actions 包含 canonical readback、rollback work item、Telegram failure receipt、KM / PlayBook trust / timeline / replay score write。 +- 本波仍不讀 canonical target、不寫 rollback work item、不發 Telegram、不寫 KM、不更新 PlayBook trust、不寫 timeline learning、不寫 replay score、不啟動 runtime worker、不讀取或輸出 secret;下一步 P2-403I 才進 runtime verifier evidence implementation review。 + ### 2026-06-12 00:35 (台北) — §3.2 / §5 — 完成 P2-403G Runtime Write Gate Review — 把批准後可寫入前的最後安全閘門固定成可審查契約 - 新增 `ai_agent_runtime_write_gate_review_v1` schema / committed snapshot / loader / API / 測試,定義雙重批准、dry-run hash、post-write verifier、rollback owner、target write surface 與 redaction 欄位。