diff --git a/apps/web/messages/en.json b/apps/web/messages/en.json
index ae8246ad..3eeb9ffb 100644
--- a/apps/web/messages/en.json
+++ b/apps/web/messages/en.json
@@ -3228,6 +3228,16 @@
           "L1_report_only": "L1 僅報告",
           "L2_approval_package_only": "L2 僅批准包",
           "L3_draft_change_after_gate": "L3 批准後草案"
+        },
+        "approvalGates": {
+          "read_only_allowed": "只讀允許",
+          "km_write_owner_review_required": "KM 寫入需 owner 審查",
+          "secret_value_handling_forbidden": "機密值處理禁止",
+          "owner_review_required": "需 owner 審查",
+          "runtime_worker_gate_required": "需 runtime worker 關卡",
+          "db_migration_required": "需 DB migration 關卡",
+          "replay_shadow_canary_gate_required": "需 replay / shadow / canary 關卡",
+          "cost_data_approval_required": "需費用與資料邊界批准"
         }
       },
       "hostStateful": {
@@ -3847,7 +3857,8 @@
         },
         "labels": {
           "requiredFields": "必填欄位 {count}",
-          "forbiddenFields": "禁止欄位 {count}"
+          "forbiddenFields": "禁止欄位 {count}",
+          "reviewOnly": "只讀審查"
         }
       },
       "ownerDryRunPackage": {
diff --git a/apps/web/messages/zh-TW.json b/apps/web/messages/zh-TW.json
index ae8246ad..3eeb9ffb 100644
--- a/apps/web/messages/zh-TW.json
+++ b/apps/web/messages/zh-TW.json
@@ -3228,6 +3228,16 @@
           "L1_report_only": "L1 僅報告",
           "L2_approval_package_only": "L2 僅批准包",
           "L3_draft_change_after_gate": "L3 批准後草案"
+        },
+        "approvalGates": {
+          "read_only_allowed": "只讀允許",
+          "km_write_owner_review_required": "KM 寫入需 owner 審查",
+          "secret_value_handling_forbidden": "機密值處理禁止",
+          "owner_review_required": "需 owner 審查",
+          "runtime_worker_gate_required": "需 runtime worker 關卡",
+          "db_migration_required": "需 DB migration 關卡",
+          "replay_shadow_canary_gate_required": "需 replay / shadow / canary 關卡",
+          "cost_data_approval_required": "需費用與資料邊界批准"
         }
       },
       "hostStateful": {
@@ -3847,7 +3857,8 @@
         },
         "labels": {
           "requiredFields": "必填欄位 {count}",
-          "forbiddenFields": "禁止欄位 {count}"
+          "forbiddenFields": "禁止欄位 {count}",
+          "reviewOnly": "只讀審查"
         }
       },
       "ownerDryRunPackage": {
diff --git a/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx b/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx
index f556bde3..74a5d55d 100644
--- a/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx
+++ b/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx
@@ -1249,6 +1249,14 @@ export function AutomationInventoryTab() {
     }
   }
 
+  const proactiveApprovalGateLabel = (value: string) => {
+    try {
+      return t(`proactiveOperations.approvalGates.${value}` as never)
+    } catch {
+      return value
+    }
+  }
+
   const proofValueLabel = (group: string, value: string) => {
     try {
       return t(`interactionProof.${group}.${value}` as never)
@@ -1666,7 +1674,7 @@ export function AutomationInventoryTab() {
                   <div style={{ display: 'flex', flexWrap: 'wrap', gap: 6 }}>
                     <Chip value={t('runtimeWriteGateReview.labels.requiredFields', { count: runtimeWriteGateReview.rollups.required_field_count })} />
                     <Chip value={t('runtimeWriteGateReview.labels.forbiddenFields', { count: runtimeWriteGateReview.rollups.forbidden_field_count })} muted />
-                    <Chip value={redisDryRunValueLabel('agents', runtimeWriteGateReview.write_gate_review.owner_agent)} muted />
+                    <Chip value={t('runtimeWriteGateReview.labels.reviewOnly')} muted />
                   </div>
                 </div>
 
@@ -1708,11 +1716,11 @@ export function AutomationInventoryTab() {
                       {target.display_name}
                     </span>
                     <span style={{ fontFamily: "'DM Mono', monospace", fontSize: 10, color: '#87867f', lineHeight: 1.45, overflowWrap: 'anywhere' }}>
-                      {target.operator_instruction}
+                      {target.required_before_write}
                     </span>
                     <div style={{ display: 'flex', flexWrap: 'wrap', gap: 6 }}>
                       <Chip value={redisDryRunValueLabel('agents', target.owner_agent)} muted />
-                      <Chip value={target.blocked_runtime_action} muted />
+                      <Chip value={target.blocked_write_action} muted />
                     </div>
                   </div>
                 ))}
@@ -2583,7 +2591,7 @@ export function AutomationInventoryTab() {
                       <div style={{ display: 'flex', flexWrap: 'wrap', gap: 6, minWidth: 0 }}>
                         <Chip value={`${t('proactiveOperations.labels.owner')}: ${proactiveValueLabel('agents', capability.primary_owner)}`} />
                         <Chip value={`${t('proactiveOperations.labels.level')}: ${proactiveValueLabel('autonomyLevels', capability.automation_level)}`} muted />
-                        <Chip value={`${t('proactiveOperations.labels.gate')}: ${capability.approval_gate}`} muted={capability.approval_gate === 'read_only_allowed'} />
+                        <Chip value={`${t('proactiveOperations.labels.gate')}: ${proactiveApprovalGateLabel(capability.approval_gate)}`} muted={capability.approval_gate === 'read_only_allowed'} />
                         <Chip value={`${t('proactiveOperations.labels.outputs')}: ${capability.outputs.length}`} muted />
                       </div>
                       <SmallLabel>{t('proactiveOperations.labels.telegram')}</SmallLabel>
diff --git a/apps/web/src/lib/api-client.ts b/apps/web/src/lib/api-client.ts
index 9ad6bc5c..c7fe8920 100644
--- a/apps/web/src/lib/api-client.ts
+++ b/apps/web/src/lib/api-client.ts
@@ -1630,10 +1630,6 @@ export interface AiAgentRuntimeWriteGateReviewSnapshot {
     truth_note: string
   }
   write_gate_review: {
-    review_id: string
-    display_name: string
-    owner_agent: 'openclaw' | 'hermes' | 'nemotron'
-    status: string
     operator_meaning: string
     required_fields: string[]
     forbidden_fields: string[]
@@ -1641,12 +1637,10 @@ export interface AiAgentRuntimeWriteGateReviewSnapshot {
   write_targets: Array<{
     target_id: string
     display_name: string
-    target_surface: string
     status: string
     owner_agent: 'openclaw' | 'hermes' | 'nemotron'
-    required_approval: string
-    blocked_runtime_action: string
-    operator_instruction: string
+    required_before_write: string
+    blocked_write_action: string
   }>
   approval_gates: Array<{
     gate_id: string
@@ -1654,13 +1648,11 @@ export interface AiAgentRuntimeWriteGateReviewSnapshot {
     status: string
     required_evidence: string
     blocked_runtime_action: string
-    operator_instruction: string
   }>
   post_write_verification: {
     verification_required: true
     rollback_required: true
     verification_steps: string[]
-    failure_escalation: string
   }
   approval_boundaries: Record<string, false>
   display_redaction_contract: {
diff --git a/docs/LOGBOOK.md b/docs/LOGBOOK.md
index d713a3ec..200af909 100644
--- a/docs/LOGBOOK.md
+++ b/docs/LOGBOOK.md
@@ -1,3 +1,28 @@
+## 2026-06-12｜P2-403G Governance UI 欄位對齊與紅線顯示修補
+
+**背景**：P2-403G Runtime Write Gate Review 已正式部署後，正式治理頁 live DOM 檢查發現 `write_gate_review.owner_agent` 與 snapshot 實際 schema 不一致，導致前端 i18n 產生 `agents.undefined` console error；同時 P2-402 主動營運能力卡仍直接顯示 `secret_value_handling_forbidden` 原始 gate id。這兩者都不影響 runtime gate 真相，但治理頁應顯示可讀狀態與安全標籤，不應讓 operator 看到 undefined 或看似內部欄位名的 raw id。
+
+**完成**：
+
+- `AiAgentRuntimeWriteGateReviewSnapshot` 前端型別已對齊 committed snapshot：`write_gate_review` 不再宣告不存在的 `owner_agent` / `review_id` / `display_name` / `status`；`write_targets` 改用實際欄位 `required_before_write` 與 `blocked_write_action`。
+- Governance automation inventory 的 P2-403G review chip 改為 `只讀審查`，不再讀不存在的 agent 欄位。
+- P2-403G write target 內容改顯示 `required_before_write` 與 `blocked_write_action`，避免空白 / undefined。
+- P2-402 proactive approval gate 顯示改走 i18n label，`secret_value_handling_forbidden` 顯示為 `機密值處理禁止`。
+- `zh-TW.json` / `en.json` 維持繁中鏡像，同步新增 proactive approval gate 與 runtime write gate review label。
+
+**本地驗證**：
+
+- `python3 -m json.tool apps/web/messages/zh-TW.json` / `apps/web/messages/en.json`：通過。
+- zh-TW / en message mirror：`True`。
+- 靜態 grep：`write_gate_review.owner_agent`、`target.operator_instruction`、`target.blocked_runtime_action`、`agents.undefined` 命中 `0`。
+- `pnpm --filter @awoooi/web typecheck`：通過。
+- `NEXT_PUBLIC_API_URL=https://awoooi.wooo.work NEXT_PRIVATE_BUILD_WORKER_COUNT=1 SENTRY_SUPPRESS_GLOBAL_ERROR_HANDLER_FILE_WARNING=1 pnpm --filter @awoooi/web build`：通過；`92/92` static pages，`/zh-TW/governance` First Load JS `397 kB`。
+- 本機 `next start` 可載入治理 route，但 local origin 對正式 API / SSE 仍停在 `無法載入自動化盤點快照`；正式 DOM 驗證需 deploy 後以 `https://awoooi.wooo.work` 重跑。
+
+**正式站驗證**：待 code commit 觸發 Gitea CD 後補。
+
+**邊界**：本段未寫 KM、未更新 PlayBook trust、未寫 timeline learning、未寫 replay score、未發 Telegram、未寫 Gateway queue、未啟動 runtime worker、未讀 secret value、未 SSH、未 kubectl、未 active scan、未新增任何前端執行按鈕。
+
 ## 2026-06-12｜IwoooS P1-4 Monitoring / alerting / observability repo-only 清冊
 
 **背景**：統帥要求所有重要配置都要被資安控管；Prometheus / Alertmanager / Grafana / SigNoz / Sentry / Langfuse / OTEL / Telegram notification route 會直接影響即時資安事件是否能被發現、路由、降噪與送達。本段延續「先建立框架、只讀證據、低摩擦流程，再階段性收攏」原則，只做 repo-only 清冊，不碰 live monitoring stack、不 reload、不發 Telegram、不建立 silence。