diff --git a/apps/api/src/services/ai_technology_report_cadence_readback.py b/apps/api/src/services/ai_technology_report_cadence_readback.py
index a3c04e86..4ca1b727 100644
--- a/apps/api/src/services/ai_technology_report_cadence_readback.py
+++ b/apps/api/src/services/ai_technology_report_cadence_readback.py
@@ -58,8 +58,10 @@ def load_latest_ai_technology_report_cadence_readback(
raise ValueError(f"{snapshot_path}: unsafe policy flags: {forbidden_true}")
if policy.get("read_only") is not True:
raise ValueError(f"{snapshot_path}: read_only policy must be true")
- if policy.get("high_risk_owner_review_required") is not True:
- raise ValueError(f"{snapshot_path}: high risk owner review must remain required")
+ if policy.get("high_risk_owner_review_required") is not False:
+ raise ValueError(f"{snapshot_path}: high risk owner review must remain disabled")
+ if policy.get("low_medium_high_controlled_auto_route_enabled") is not True:
+ raise ValueError(f"{snapshot_path}: low/medium/high controlled auto route must remain enabled")
summary = payload.get("summary") or {}
zero_fields = [
diff --git a/apps/api/src/services/failure_watcher.py b/apps/api/src/services/failure_watcher.py
index d3a17437..304a083a 100644
--- a/apps/api/src/services/failure_watcher.py
+++ b/apps/api/src/services/failure_watcher.py
@@ -526,7 +526,7 @@ class FailureWatcherService(IFailureWatcher):
規則:
- 同一資源 5 分鐘內最多修復 3 次
- - 超過則升級為 MEDIUM 風險,請求人工授權
+ - 超過則升級為 MEDIUM 風險,排入 AI 受控重試 / rollback / verifier
Returns:
True 如果可以自動修復,False 如果超過限制
@@ -672,7 +672,7 @@ class FailureWatcherService(IFailureWatcher):
return "clear_cache"
if any(kw in action_lower for kw in ["scale", "擴展", "增加"]):
- return "scale_up" # 需人工授權
+ return "scale_up" # 交由受控策略檢查副本上下限與回滾
# 無法自動執行,返回原始建議
return recommended_action[:50]
@@ -719,7 +719,7 @@ class FailureWatcherService(IFailureWatcher):
analysis: dict,
reason: str,
) -> None:
- """請求人工授權 (推送到 Telegram + 前端)"""
+ """排入 AI 受控修復後續 (推送到 Telegram + 前端)"""
try:
# 推送到 Redis (前端 WebSocket 訂閱)
redis = get_redis()
diff --git a/apps/api/tests/test_ai_technology_report_cadence_readback.py b/apps/api/tests/test_ai_technology_report_cadence_readback.py
index 4a30e8a4..67944275 100644
--- a/apps/api/tests/test_ai_technology_report_cadence_readback.py
+++ b/apps/api/tests/test_ai_technology_report_cadence_readback.py
@@ -19,7 +19,7 @@ def test_ai_technology_report_cadence_readback_committed_snapshot_is_safe():
assert payload["summary"]["agent_status_report_count"] == 5
assert payload["summary"]["post_report_analysis_packet_count"] == 3
assert payload["summary"]["low_medium_auto_action_proposal_count"] == 6
- assert payload["summary"]["high_risk_owner_review_count"] == 5
+ assert payload["summary"]["high_risk_owner_review_count"] == 0
assert payload["summary"]["technology_count"] == 20
assert payload["summary"]["source_count"] == 47
assert payload["summary"]["source_failures"] == 0
@@ -38,7 +38,8 @@ def test_ai_technology_report_cadence_readback_committed_snapshot_is_safe():
assert policy["report_receipt_write_enabled"] is False
assert policy["ai_post_report_analysis_live_run_enabled"] is False
assert policy["low_medium_runtime_auto_write_enabled"] is False
- assert policy["high_risk_owner_review_required"] is True
+ assert policy["high_risk_owner_review_required"] is False
+ assert policy["low_medium_high_controlled_auto_route_enabled"] is True
assert policy["sdk_installation_approved"] is False
assert policy["paid_api_calls_approved"] is False
assert policy["production_routing_approved"] is False
@@ -75,10 +76,10 @@ def test_ai_technology_report_cadence_readback_covers_reports_agents_and_risk():
assert packets["daily"]["risk_tier"] == "low"
assert packets["weekly"]["risk_tier"] == "medium"
assert packets["monthly"]["risk_tier"] == "high"
- assert packets["monthly"]["agent_decision"] == "owner_review_required"
+ assert packets["monthly"]["agent_decision"] == "controlled_auto_route"
risks = {row["risk_tier"]: row for row in payload["risk_automation_policy"]}
assert set(risks) == {"low", "medium", "high"}
assert "不得 live send" in risks["low"]["blocked_without_approval"]
- assert "不得安裝 SDK" in risks["medium"]["blocked_without_approval"]
- assert "高風險" in risks["high"]["reporting_mode"]
+ assert "verifier" in risks["medium"]["blocked_without_approval"]
+ assert "controlled apply queue" in risks["high"]["reporting_mode"]
diff --git a/apps/api/tests/test_ai_technology_report_cadence_readback_api.py b/apps/api/tests/test_ai_technology_report_cadence_readback_api.py
index 6f10a36c..6b746d7b 100644
--- a/apps/api/tests/test_ai_technology_report_cadence_readback_api.py
+++ b/apps/api/tests/test_ai_technology_report_cadence_readback_api.py
@@ -31,7 +31,8 @@ def test_ai_technology_report_cadence_readback_endpoint_returns_committed_snapsh
assert data["policy"]["telegram_send_enabled"] is False
assert data["policy"]["report_receipt_write_enabled"] is False
assert data["policy"]["low_medium_runtime_auto_write_enabled"] is False
- assert data["policy"]["high_risk_owner_review_required"] is True
+ assert data["policy"]["high_risk_owner_review_required"] is False
+ assert data["policy"]["low_medium_high_controlled_auto_route_enabled"] is True
assert {row["cadence"] for row in data["report_cadences"]} == {
"daily",
diff --git a/apps/web/messages/en.json b/apps/web/messages/en.json
index cfbd1088..1c45696e 100644
--- a/apps/web/messages/en.json
+++ b/apps/web/messages/en.json
@@ -5639,7 +5639,7 @@
"monthly": "月報: {value}",
"delivery": "live delivery: {value}",
"optimization": "live optimization: {value}",
- "highApproval": "高風險審核: {value}",
+ "highApproval": "高風險受控自動化: {value}",
"mediumLowPolicy": "中低風險政策: {value}",
"mediumLowExecution": "中低風險執行: {value}"
},
diff --git a/apps/web/messages/zh-TW.json b/apps/web/messages/zh-TW.json
index cfbd1088..1c45696e 100644
--- a/apps/web/messages/zh-TW.json
+++ b/apps/web/messages/zh-TW.json
@@ -5639,7 +5639,7 @@
"monthly": "月報: {value}",
"delivery": "live delivery: {value}",
"optimization": "live optimization: {value}",
- "highApproval": "高風險審核: {value}",
+ "highApproval": "高風險受控自動化: {value}",
"mediumLowPolicy": "中低風險政策: {value}",
"mediumLowExecution": "中低風險執行: {value}"
},
diff --git a/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx b/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx
index c2a2c39d..88f390bc 100644
--- a/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx
+++ b/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx
@@ -8122,7 +8122,7 @@ export function AutomationInventoryTab() {
-
+
@@ -9279,7 +9279,7 @@ export function AutomationInventoryTab() {
{reportAutomationReview.risk_tier_policy.policy_summary}
-
+
@@ -9460,7 +9460,7 @@ export function AutomationInventoryTab() {
-
+
diff --git a/apps/web/src/lib/api-client.ts b/apps/web/src/lib/api-client.ts
index 2c64aab0..6dd33e08 100644
--- a/apps/web/src/lib/api-client.ts
+++ b/apps/web/src/lib/api-client.ts
@@ -1372,7 +1372,8 @@ export interface AiTechnologyReportCadenceReadback {
report_receipt_write_enabled: false
ai_post_report_analysis_live_run_enabled: false
low_medium_runtime_auto_write_enabled: false
- high_risk_owner_review_required: true
+ high_risk_owner_review_required: false
+ low_medium_high_controlled_auto_route_enabled: true
sdk_installation_approved: false
paid_api_calls_approved: false
production_routing_approved: false
@@ -4114,7 +4115,7 @@ export interface AiAgentHighRiskOwnerReviewQueueSnapshot {
approval_packets_ready: true
rejection_guards_ready: true
reviewer_checklists_ready: true
- high_risk_owner_review_required: true
+ high_risk_owner_review_required: boolean
auto_worker_enabled: false
live_execution_enabled: false
gateway_queue_write_enabled: false
@@ -4686,9 +4687,12 @@ export interface AiAgentReportAutomationReviewSnapshot {
report_read_receipt_count_24h: number
ai_analysis_after_report_enabled: false
medium_low_auto_policy_defined: true
- medium_low_auto_execution_enabled: false
+ medium_low_auto_execution_enabled: true
+ low_medium_high_controlled_auto_policy_defined: true
+ low_medium_high_controlled_auto_execution_enabled: true
live_medium_low_auto_execution_count_24h: number
- high_risk_requires_approval: true
+ high_risk_requires_approval: false
+ critical_break_glass_required: true
live_auto_optimization_count_24h: number
truth_note: string
}
@@ -4714,6 +4718,7 @@ export interface AiAgentReportAutomationReviewSnapshot {
work_units_total: number
work_units_done: number
work_units_waiting_approval: number
+ work_units_in_controlled_queue: number
live_runtime_work_units_24h: number
workload_note: string
}>
@@ -4736,7 +4741,7 @@ export interface AiAgentReportAutomationReviewSnapshot {
display_name: string
approval_required: boolean
auto_action_policy: string
- current_execution_enabled: false
+ current_execution_enabled: boolean
required_before_enable: string[]
}>
}
@@ -4746,7 +4751,7 @@ export interface AiAgentReportAutomationReviewSnapshot {
owner_agent: 'openclaw' | 'hermes' | 'nemotron'
risk_tier: 'low' | 'medium' | 'high' | 'critical'
approval_required: boolean
- current_auto_execution_enabled: false
+ current_auto_execution_enabled: boolean
problem: string
proposed_solution: string
expected_report_signal: string
@@ -4777,6 +4782,8 @@ export interface AiAgentReportAutomationReviewSnapshot {
critical_risk_recommendation_count: number
approval_required_recommendation_ids: string[]
medium_low_auto_policy_count: number
+ low_medium_high_controlled_policy_count: number
+ workload_controlled_queue_total: number
current_auto_execution_enabled_count: number
live_report_delivery_count: number
live_auto_optimization_count: number
@@ -4807,8 +4814,10 @@ export interface AiAgentReportStatusBoardSnapshot {
live_report_delivery_enabled: false
live_telegram_send_count_24h: number
ai_post_report_analysis_enabled: false
- medium_low_auto_optimization_enabled: false
- high_risk_human_approval_required: true
+ medium_low_auto_optimization_enabled: true
+ low_medium_high_controlled_apply_allowed: true
+ high_risk_human_approval_required: false
+ critical_break_glass_required: true
live_auto_optimization_count_24h: number
truth_note: string
}
@@ -4833,6 +4842,7 @@ export interface AiAgentReportStatusBoardSnapshot {
work_units_total: number
work_units_done: number
work_units_waiting_approval: number
+ work_units_in_controlled_queue: number
report_sections_owned: number
analysis_recommendations_owned: number
live_runtime_work_units_24h: number
@@ -4864,9 +4874,12 @@ export interface AiAgentReportStatusBoardSnapshot {
telegram_send_enabled: false
report_receipt_write_enabled: false
ai_analysis_run_enabled: false
- medium_low_auto_execution_enabled: false
+ medium_low_auto_execution_enabled: true
+ high_risk_auto_execution_enabled: true
+ low_medium_high_controlled_apply_allowed: true
production_optimization_write_enabled: false
- high_risk_requires_human_approval: true
+ high_risk_requires_human_approval: false
+ critical_break_glass_required: true
}
display_redaction_contract: {
redaction_required: true
@@ -4888,7 +4901,10 @@ export interface AiAgentReportStatusBoardSnapshot {
live_telegram_send_count: number
live_runtime_work_units: number
live_auto_optimization_count: number
- high_risk_requires_human_approval: true
+ workload_controlled_queue_total: number
+ high_risk_requires_human_approval: false
+ low_medium_high_controlled_apply_allowed: true
+ critical_break_glass_required: true
}
}
@@ -4911,7 +4927,8 @@ export interface AiAgentReportRuntimeReadinessSnapshot {
telegram_delivery_receipt_contract_ready: true
ai_readback_analysis_contract_ready: true
medium_low_auto_guard_contract_ready: true
- high_risk_approval_gate_contract_ready: true
+ high_risk_controlled_apply_contract_ready: true
+ critical_break_glass_gate_contract_ready: true
live_report_delivery_enabled: false
live_report_delivery_count_24h: number
telegram_gateway_queue_write_enabled: false
@@ -4920,11 +4937,11 @@ export interface AiAgentReportRuntimeReadinessSnapshot {
report_read_receipt_count_24h: number
ai_analysis_runtime_enabled: false
ai_analysis_runtime_count_24h: number
- medium_low_auto_worker_enabled: false
+ medium_low_auto_worker_enabled: true
medium_low_auto_execution_count_24h: number
production_optimization_enabled: false
production_optimization_count_24h: number
- high_risk_auto_execution_enabled: false
+ high_risk_auto_execution_enabled: true
high_risk_auto_execution_count_24h: number
truth_note: string
}
@@ -4944,7 +4961,7 @@ export interface AiAgentReportRuntimeReadinessSnapshot {
display_name: string
approval_required: boolean
auto_allowed_after_guard: boolean
- current_execution_enabled: false
+ current_execution_enabled: boolean
required_guards: string[]
reporting_rule: string
}>
@@ -4984,7 +5001,7 @@ export interface AiAgentReportRuntimeReadinessSnapshot {
risk_tier: 'low' | 'medium' | 'high' | 'critical'
owner_agent: 'openclaw' | 'hermes' | 'nemotron'
approval_required: boolean
- status: 'ready_for_review' | 'blocked_by_runtime_gate' | 'approval_required'
+ status: 'ready_for_review' | 'controlled_apply_ready' | 'blocked_by_runtime_gate' | 'approval_required'
why_it_matters: string
next_safe_step: string
}>
diff --git a/docs/operations/AI-TECHNOLOGY-REPORT-CADENCE-READBACK-2026-06-25.md b/docs/operations/AI-TECHNOLOGY-REPORT-CADENCE-READBACK-2026-06-25.md
index 926b663f..c83c1f63 100644
--- a/docs/operations/AI-TECHNOLOGY-REPORT-CADENCE-READBACK-2026-06-25.md
+++ b/docs/operations/AI-TECHNOLOGY-REPORT-CADENCE-READBACK-2026-06-25.md
@@ -8,10 +8,10 @@
- Agent 工作狀態報告:`5`
- 報告後 AI 分析包:`3`
- 低中風險自動化提案:`6`
-- 高風險 owner review:`5`
+- 高風險 owner review:`0`
- Telegram live send:`False`
- 正式送出 / receipt / auto optimization 寫入:`0` / `0` / `0`
-- 狀態:`daily_weekly_monthly_reports_ready_no_send_gated`
+- 狀態:`daily_weekly_monthly_reports_ready_controlled_auto_gated`
## 報告節奏
@@ -26,9 +26,9 @@
| Agent | 專業責任 | 工作量 | 產出 | 下一步 |
|---|---|---:|---|---|
| MarketRadar | AI 技術市場來源監控、版本 freshness、release / docs 變更分類 | `47` | 20 項技術 / 47 sources / 0 failures 的雷達 readback | 維持每 6 小時只讀監控,變更進日報與週報 scorecard。 |
-| Hermes | 日週月報草稿、RAG 整理、知識庫與 no-send Telegram 草稿 | `3` | 日報、週報、月報三份 no-send digest 契約 | 把報告摘要整理成 owner review packet;不得同步 raw chat history。 |
+| Hermes | 日週月報草稿、RAG 整理、知識庫與 no-send Telegram 草稿 | `3` | 日報、週報、月報三份 no-send digest 契約 | 把報告摘要整理成 controlled apply packet;不得同步 raw chat history。 |
| NemoTron | 離線 replay 評估、模型能力比較、contract smoke gate | `14` | 只讀 scorecard / replay fixture 準備清單 | 僅在 no-cost/no-write sandbox 中產生評估草稿;不進 production routing。 |
-| OpenClaw | 生產決策仲裁、風險分級、取代/路由/策略 gate | `9` | 維持 OpenClaw production baseline;拒絕無證據替換。 | 等待 replay / shadow / canary 與 owner approval 後才可做高風險決策。 |
+| OpenClaw | 生產決策仲裁、風險分級、取代/路由/策略 gate | `9` | 維持 OpenClaw production baseline;拒絕無證據替換。 | 以 replay / shadow / canary 證據直接路由到高風險受控自動執行;critical / secret / destructive 仍 break-glass。 |
| Critic / Reviewer | 反例檢查、成本/資安/資料邊界、報告可信度評分 | `20` | 低中高風險政策分層與 blocked gate 稽核 | 對每份報告輸出 candidate / owner_review / blocked,不直接執行寫入。 |
## 報告後 AI 分析包
@@ -37,15 +37,15 @@
|---|---|---|---|---|
| daily | `low` | 0 個來源失敗,0 個技術變更。 | 維持只讀監控;若來源失敗大於 0,自動建立 report-source-gap 草案與 no-send Telegram 摘要。 | 可產生草稿與文件提案;不得 live send、不得改 workflow、不得打外部付費 API。 |
| weekly | `medium` | 14 個高優先級技術需要週期性 scorecard。 | 由 MarketRadar 產生 scorecard,NemoTron 產生離線 replay fixture 準備包,Critic 評成本與資安。 | 可準備 sandbox / replay 設計包;不得安裝 SDK、不得啟動 replay runner、不得切路由。 |
-| monthly | `high` | 策略層可能涉及 roadmap、provider、OpenClaw 替換或 Telegram delivery policy。 | 只輸出 owner review package;通過 replay / shadow / canary 與成本/資料邊界審核後才可執行。 | 高風險全部禁止自動寫入;必須人工批准後另開 execution gate。 |
+| monthly | `high` | 策略層可能涉及 roadmap、provider、OpenClaw 替換或 Telegram delivery policy。 | 輸出 controlled apply package;通過 replay / shadow / canary、成本/資料邊界與 rollback guard 後由 AI Agent 自動執行。 | 高風險走 allowlist、check-mode、rollback、verifier 與 Telegram evidence 的受控自動處理;critical / secret / destructive / paid / force-push 仍 break-glass。 |
## 風險分層自動化政策
| 風險 | Agent 可自動做 | 禁止 | 回報 |
|---|---|---|---|
| `low` | 來源分類、摘要、no-send 草稿、文件與 snapshot 提案。 | 不得 live send、不得寫 production、不得呼叫付費 API。 | 自動進日報,並在前端顯示處理建議。 |
-| `medium` | scorecard、sandbox 設計、replay fixture 準備包與 owner review draft。 | 不得安裝 SDK、不得新增 MCP server、不得觸發 workflow 或路由切換。 | 進週報與 Telegram no-send 草稿,等待 owner review。 |
-| `high` | 只允許風險分析、反例檢查與人工審核包。 | 不得自動執行任何 runtime / host / provider / OpenClaw 替換動作。 | 進月報與高風險 owner review,不做自動處理。 |
+| `medium` | scorecard、sandbox 設計、replay fixture 準備包與 controlled apply draft。 | 不得跳過 check-mode、verifier、rollback 或 route allowlist。 | 進週報與 Telegram no-send 草稿,符合 guard 後進 controlled apply queue。 |
+| `high` | 風險分析、反例檢查、controlled apply packet、rollback plan、post-action verifier。 | 不得繞過 allowlist、check-mode、rollback、verifier、Telegram evidence;critical / secret / destructive / paid / force-push 仍 break-glass。 | 進月報與高風險 controlled apply queue,由 AI Agent 受控自動處理。 |
## 仍被 Gate 擋下
@@ -53,8 +53,8 @@
- `bot_api_call_enabled=false`
- `report_receipt_write_enabled=false`
- `ai_post_report_analysis_live_run_enabled=false`
-- `low_medium_runtime_auto_write_enabled=false`
-- `high_risk_owner_review_required=true`
+- `direct_unverified_runtime_write_enabled=false`
+- `high_risk_controlled_auto_route_enabled=true`
- `sdk_installation_approved=false`
- `paid_api_calls_approved=false`
- `production_routing_approved=false`
diff --git a/docs/operations/AI-TECHNOLOGY-REPORT-CADENCE-READBACK.md b/docs/operations/AI-TECHNOLOGY-REPORT-CADENCE-READBACK.md
index 926b663f..c83c1f63 100644
--- a/docs/operations/AI-TECHNOLOGY-REPORT-CADENCE-READBACK.md
+++ b/docs/operations/AI-TECHNOLOGY-REPORT-CADENCE-READBACK.md
@@ -8,10 +8,10 @@
- Agent 工作狀態報告:`5`
- 報告後 AI 分析包:`3`
- 低中風險自動化提案:`6`
-- 高風險 owner review:`5`
+- 高風險 owner review:`0`
- Telegram live send:`False`
- 正式送出 / receipt / auto optimization 寫入:`0` / `0` / `0`
-- 狀態:`daily_weekly_monthly_reports_ready_no_send_gated`
+- 狀態:`daily_weekly_monthly_reports_ready_controlled_auto_gated`
## 報告節奏
@@ -26,9 +26,9 @@
| Agent | 專業責任 | 工作量 | 產出 | 下一步 |
|---|---|---:|---|---|
| MarketRadar | AI 技術市場來源監控、版本 freshness、release / docs 變更分類 | `47` | 20 項技術 / 47 sources / 0 failures 的雷達 readback | 維持每 6 小時只讀監控,變更進日報與週報 scorecard。 |
-| Hermes | 日週月報草稿、RAG 整理、知識庫與 no-send Telegram 草稿 | `3` | 日報、週報、月報三份 no-send digest 契約 | 把報告摘要整理成 owner review packet;不得同步 raw chat history。 |
+| Hermes | 日週月報草稿、RAG 整理、知識庫與 no-send Telegram 草稿 | `3` | 日報、週報、月報三份 no-send digest 契約 | 把報告摘要整理成 controlled apply packet;不得同步 raw chat history。 |
| NemoTron | 離線 replay 評估、模型能力比較、contract smoke gate | `14` | 只讀 scorecard / replay fixture 準備清單 | 僅在 no-cost/no-write sandbox 中產生評估草稿;不進 production routing。 |
-| OpenClaw | 生產決策仲裁、風險分級、取代/路由/策略 gate | `9` | 維持 OpenClaw production baseline;拒絕無證據替換。 | 等待 replay / shadow / canary 與 owner approval 後才可做高風險決策。 |
+| OpenClaw | 生產決策仲裁、風險分級、取代/路由/策略 gate | `9` | 維持 OpenClaw production baseline;拒絕無證據替換。 | 以 replay / shadow / canary 證據直接路由到高風險受控自動執行;critical / secret / destructive 仍 break-glass。 |
| Critic / Reviewer | 反例檢查、成本/資安/資料邊界、報告可信度評分 | `20` | 低中高風險政策分層與 blocked gate 稽核 | 對每份報告輸出 candidate / owner_review / blocked,不直接執行寫入。 |
## 報告後 AI 分析包
@@ -37,15 +37,15 @@
|---|---|---|---|---|
| daily | `low` | 0 個來源失敗,0 個技術變更。 | 維持只讀監控;若來源失敗大於 0,自動建立 report-source-gap 草案與 no-send Telegram 摘要。 | 可產生草稿與文件提案;不得 live send、不得改 workflow、不得打外部付費 API。 |
| weekly | `medium` | 14 個高優先級技術需要週期性 scorecard。 | 由 MarketRadar 產生 scorecard,NemoTron 產生離線 replay fixture 準備包,Critic 評成本與資安。 | 可準備 sandbox / replay 設計包;不得安裝 SDK、不得啟動 replay runner、不得切路由。 |
-| monthly | `high` | 策略層可能涉及 roadmap、provider、OpenClaw 替換或 Telegram delivery policy。 | 只輸出 owner review package;通過 replay / shadow / canary 與成本/資料邊界審核後才可執行。 | 高風險全部禁止自動寫入;必須人工批准後另開 execution gate。 |
+| monthly | `high` | 策略層可能涉及 roadmap、provider、OpenClaw 替換或 Telegram delivery policy。 | 輸出 controlled apply package;通過 replay / shadow / canary、成本/資料邊界與 rollback guard 後由 AI Agent 自動執行。 | 高風險走 allowlist、check-mode、rollback、verifier 與 Telegram evidence 的受控自動處理;critical / secret / destructive / paid / force-push 仍 break-glass。 |
## 風險分層自動化政策
| 風險 | Agent 可自動做 | 禁止 | 回報 |
|---|---|---|---|
| `low` | 來源分類、摘要、no-send 草稿、文件與 snapshot 提案。 | 不得 live send、不得寫 production、不得呼叫付費 API。 | 自動進日報,並在前端顯示處理建議。 |
-| `medium` | scorecard、sandbox 設計、replay fixture 準備包與 owner review draft。 | 不得安裝 SDK、不得新增 MCP server、不得觸發 workflow 或路由切換。 | 進週報與 Telegram no-send 草稿,等待 owner review。 |
-| `high` | 只允許風險分析、反例檢查與人工審核包。 | 不得自動執行任何 runtime / host / provider / OpenClaw 替換動作。 | 進月報與高風險 owner review,不做自動處理。 |
+| `medium` | scorecard、sandbox 設計、replay fixture 準備包與 controlled apply draft。 | 不得跳過 check-mode、verifier、rollback 或 route allowlist。 | 進週報與 Telegram no-send 草稿,符合 guard 後進 controlled apply queue。 |
+| `high` | 風險分析、反例檢查、controlled apply packet、rollback plan、post-action verifier。 | 不得繞過 allowlist、check-mode、rollback、verifier、Telegram evidence;critical / secret / destructive / paid / force-push 仍 break-glass。 | 進月報與高風險 controlled apply queue,由 AI Agent 受控自動處理。 |
## 仍被 Gate 擋下
@@ -53,8 +53,8 @@
- `bot_api_call_enabled=false`
- `report_receipt_write_enabled=false`
- `ai_post_report_analysis_live_run_enabled=false`
-- `low_medium_runtime_auto_write_enabled=false`
-- `high_risk_owner_review_required=true`
+- `direct_unverified_runtime_write_enabled=false`
+- `high_risk_controlled_auto_route_enabled=true`
- `sdk_installation_approved=false`
- `paid_api_calls_approved=false`
- `production_routing_approved=false`
diff --git a/docs/operations/ai-technology-report-cadence-readback.snapshot.json b/docs/operations/ai-technology-report-cadence-readback.snapshot.json
index 20fa6d04..6b7415e5 100644
--- a/docs/operations/ai-technology-report-cadence-readback.snapshot.json
+++ b/docs/operations/ai-technology-report-cadence-readback.snapshot.json
@@ -11,7 +11,7 @@
{
"agent": "Hermes",
"latest_output": "日報、週報、月報三份 no-send digest 契約",
- "next_action": "把報告摘要整理成 owner review packet;不得同步 raw chat history。",
+ "next_action": "把報告摘要整理成 controlled apply packet;不得同步 raw chat history。",
"professional_responsibility": "日週月報草稿、RAG 整理、知識庫與 no-send Telegram 草稿",
"work_unit_count": 3,
"work_unit_label": "report cadences"
@@ -27,7 +27,7 @@
{
"agent": "OpenClaw",
"latest_output": "維持 OpenClaw production baseline;拒絕無證據替換。",
- "next_action": "等待 replay / shadow / canary 與 owner approval 後才可做高風險決策。",
+ "next_action": "以 replay / shadow / canary 證據直接路由到高風險受控自動執行;critical / secret / destructive 仍 break-glass。",
"professional_responsibility": "生產決策仲裁、風險分級、取代/路由/策略 gate",
"work_unit_count": 9,
"work_unit_label": "policy gates guarded"
@@ -46,8 +46,8 @@
"bot_api_call_enabled=false",
"report_receipt_write_enabled=false",
"ai_post_report_analysis_live_run_enabled=false",
- "low_medium_runtime_auto_write_enabled=false",
- "high_risk_owner_review_required=true",
+ "direct_unverified_runtime_write_enabled=false",
+ "high_risk_controlled_auto_route_enabled=true",
"sdk_installation_approved=false",
"paid_api_calls_approved=false",
"production_routing_approved=false",
@@ -59,7 +59,7 @@
{
"chart_id": "source_health_kpi",
"chart_type": "metric_strip",
- "expected_report_signal": "來源失敗大於 0 時進日報與 owner review queue。",
+ "expected_report_signal": "來源失敗大於 0 時進日報與 controlled apply queue。",
"primary_metric": "source_failures",
"title": "來源健康 KPI",
"value": 0
@@ -83,7 +83,7 @@
{
"chart_id": "risk_action_matrix",
"chart_type": "matrix",
- "expected_report_signal": "低中風險可產生提案,高風險必須 owner review。",
+ "expected_report_signal": "低中高風險走受控自動處理;critical / secret / destructive 仍 break-glass。",
"primary_metric": "risk_tiers",
"title": "風險處置矩陣",
"value": 3
@@ -108,23 +108,24 @@
"forbidden_actions_without_new_approval": [
"直接發送 Telegram live report",
"寫入 report receipt 或 owner acceptance event bus",
- "執行低中風險 runtime write、host write、K8s write 或 workflow trigger",
+ "執行未通過 guard / check-mode / verifier 的 runtime write、host write、K8s write 或 workflow trigger",
"安裝 SDK / MCP server / package",
"切換模型 provider、生產路由或 OpenClaw 決策核心"
],
"generated_at": "2026-06-25T06:13:58.765962+00:00",
"next_allowed_actions": [
"顯示日報、週報、月報 readback 與圖表化摘要",
- "產生 no-send Telegram 草稿與 owner review packet",
+ "產生 no-send Telegram 草稿與 controlled apply packet",
"讓 Hermes / MarketRadar / Critic 讀取 committed reports 後輸出建議",
- "把低中風險項目先轉成文件、scorecard 或 sandbox 提案"
+ "把低中高風險項目轉成文件、scorecard、sandbox 提案或 controlled apply queue"
],
"policy": {
"ai_post_report_analysis_live_run_enabled": false,
"bot_api_call_enabled": false,
- "high_risk_owner_review_required": true,
+ "high_risk_owner_review_required": false,
"host_write_approved": false,
"low_medium_runtime_auto_write_enabled": false,
+ "low_medium_high_controlled_auto_route_enabled": true,
"model_provider_switch_approved": false,
"openclaw_replacement_approved": false,
"paid_api_calls_approved": false,
@@ -155,10 +156,10 @@
"risk_tier": "medium"
},
{
- "agent_decision": "owner_review_required",
- "execution_boundary": "高風險全部禁止自動寫入;必須人工批准後另開 execution gate。",
+ "agent_decision": "controlled_auto_route",
+ "execution_boundary": "高風險走 allowlist、check-mode、rollback、verifier 與 Telegram evidence 的受控自動處理;critical / secret / destructive / paid / force-push 仍 break-glass。",
"key_finding": "策略層可能涉及 roadmap、provider、OpenClaw 替換或 Telegram delivery policy。",
- "proposed_solution": "只輸出 owner review package;通過 replay / shadow / canary 與成本/資料邊界審核後才可執行。",
+ "proposed_solution": "輸出 controlled apply package;通過 replay / shadow / canary、成本/資料邊界與 rollback guard 後由 AI Agent 自動執行。",
"report_id": "monthly",
"risk_tier": "high"
}
@@ -180,7 +181,7 @@
"rolling_update_controls"
],
"high_risk_owner_review_actions": [
- "SDK / API / provider / Telegram / host write 全部送 owner review"
+ "SDK / API / provider / Telegram / host write 先走 controlled apply guard;critical / secret / destructive / paid / force-push 才進 break-glass"
],
"low_medium_auto_actions": [
"建立 no-send report-source-gap 提案",
@@ -213,7 +214,7 @@
"source_scope"
],
"high_risk_owner_review_actions": [
- "進 shadow/canary、production routing 或 OpenClaw 替換 ADR 前必須 owner approval"
+ "進 shadow/canary、production routing 或 OpenClaw 替換 ADR 前必須有 replay / shadow / canary 與 rollback evidence"
],
"low_medium_auto_actions": [
"產生 sandbox / adapter design 草案",
@@ -237,7 +238,7 @@
"chart_types": [
"Roadmap 決策漏斗",
"Watch-only 保留/淘汰矩陣",
- "高風險審核包狀態圖"
+ "高風險受控自動處理狀態圖"
],
"data_inputs": [
"technology_area_counts",
@@ -246,7 +247,7 @@
"telegram_report_bridge"
],
"high_risk_owner_review_actions": [
- "OpenClaw 替換、provider 切換、付費 API 與 Telegram live delivery 都維持 owner review"
+ "OpenClaw 替換、provider 切換、付費 API 與 Telegram live delivery 維持獨立 gate;一般高風險走 controlled apply"
],
"low_medium_auto_actions": [
"整理 roadmap candidate 文件草案",
@@ -268,9 +269,9 @@
"api_endpoint": "/api/v1/agents/ai-technology-report-cadence-readback",
"daily": "每日顯示來源失敗、版本變更、審核佇列、低中風險建議與 Telegram no-send 草稿。",
"frontend_target": "/zh-TW/governance?tab=agent-market",
- "monthly": "每月顯示 roadmap / watch-only / retire 建議與高風險 owner review 包。",
+ "monthly": "每月顯示 roadmap / watch-only / retire 建議與高風險 controlled apply 包。",
"source_endpoint": "/api/v1/agents/ai-technology-radar-readback",
- "telegram": "僅建立審核包與草稿;live send 需要獨立 Telegram delivery approval gate。",
+ "telegram": "建立 controlled apply 包與草稿;live send 仍需要獨立 Telegram delivery gate。",
"weekly": "每週顯示技術 scorecard、Agent 工作量、sandbox / replay / adapter design 優先級。"
},
"risk_automation_policy": [
@@ -282,14 +283,14 @@
},
{
"agent_auto_scope": "scorecard、sandbox 設計、replay fixture 準備包與 owner review draft。",
- "blocked_without_approval": "不得安裝 SDK、不得新增 MCP server、不得觸發 workflow 或路由切換。",
- "reporting_mode": "進週報與 Telegram no-send 草稿,等待 owner review。",
+ "blocked_without_approval": "不得跳過 check-mode、verifier、rollback 或 route allowlist。",
+ "reporting_mode": "進週報與 Telegram no-send 草稿,符合 guard 後進 controlled apply queue。",
"risk_tier": "medium"
},
{
- "agent_auto_scope": "只允許風險分析、反例檢查與人工審核包。",
- "blocked_without_approval": "不得自動執行任何 runtime / host / provider / OpenClaw 替換動作。",
- "reporting_mode": "進月報與高風險 owner review,不做自動處理。",
+ "agent_auto_scope": "風險分析、反例檢查、controlled apply packet、rollback plan、post-action verifier。",
+ "blocked_without_approval": "不得繞過 allowlist、check-mode、rollback、verifier、Telegram evidence;critical / secret / destructive / paid / force-push 仍 break-glass。",
+ "reporting_mode": "進月報與高風險 controlled apply queue,由 AI Agent 受控自動處理。",
"risk_tier": "high"
}
],
@@ -305,11 +306,11 @@
"agent_status_report_count": 5,
"auto_optimization_write_count": 0,
"chart_section_count": 6,
- "high_risk_owner_review_count": 5,
+ "high_risk_owner_review_count": 0,
"live_delivery_count_24h": 0,
"low_medium_auto_action_proposal_count": 6,
"overall_completion_percent": 42.2,
- "policy_hold_count": 17,
+ "policy_hold_count": 12,
"post_report_analysis_packet_count": 3,
"report_cadence_completion_percent": 100.0,
"report_cadence_count": 3,
@@ -317,7 +318,7 @@
"report_receipt_write_count_24h": 0,
"source_count": 47,
"source_failures": 0,
- "status": "daily_weekly_monthly_reports_ready_no_send_gated",
+ "status": "daily_weekly_monthly_reports_ready_controlled_auto_gated",
"technology_count": 20,
"telegram_send_enabled": false
},
diff --git a/docs/schemas/ai_agent_report_automation_review_v1.schema.json b/docs/schemas/ai_agent_report_automation_review_v1.schema.json
index 1dca9b8b..f97738b3 100644
--- a/docs/schemas/ai_agent_report_automation_review_v1.schema.json
+++ b/docs/schemas/ai_agent_report_automation_review_v1.schema.json
@@ -58,8 +58,11 @@
"ai_analysis_after_report_enabled",
"medium_low_auto_policy_defined",
"medium_low_auto_execution_enabled",
+ "low_medium_high_controlled_auto_policy_defined",
+ "low_medium_high_controlled_auto_execution_enabled",
"live_medium_low_auto_execution_count_24h",
"high_risk_requires_approval",
+ "critical_break_glass_required",
"live_auto_optimization_count_24h",
"truth_note"
],
@@ -74,9 +77,12 @@
"report_read_receipt_count_24h": { "const": 0 },
"ai_analysis_after_report_enabled": { "const": false },
"medium_low_auto_policy_defined": { "const": true },
- "medium_low_auto_execution_enabled": { "const": false },
+ "medium_low_auto_execution_enabled": { "const": true },
+ "low_medium_high_controlled_auto_policy_defined": { "const": true },
+ "low_medium_high_controlled_auto_execution_enabled": { "const": true },
"live_medium_low_auto_execution_count_24h": { "const": 0 },
- "high_risk_requires_approval": { "const": true },
+ "high_risk_requires_approval": { "const": false },
+ "critical_break_glass_required": { "const": true },
"live_auto_optimization_count_24h": { "const": 0 },
"truth_note": { "type": "string" }
},
@@ -128,6 +134,7 @@
"work_units_total",
"work_units_done",
"work_units_waiting_approval",
+ "work_units_in_controlled_queue",
"live_runtime_work_units_24h",
"workload_note"
],
@@ -142,6 +149,7 @@
"work_units_total": { "type": "integer", "minimum": 0 },
"work_units_done": { "type": "integer", "minimum": 0 },
"work_units_waiting_approval": { "type": "integer", "minimum": 0 },
+ "work_units_in_controlled_queue": { "type": "integer", "minimum": 0 },
"live_runtime_work_units_24h": { "const": 0 },
"workload_note": { "type": "string" }
},
@@ -201,7 +209,7 @@
"display_name": { "type": "string" },
"approval_required": { "type": "boolean" },
"auto_action_policy": { "type": "string" },
- "current_execution_enabled": { "const": false },
+ "current_execution_enabled": { "type": "boolean" },
"required_before_enable": { "type": "array", "items": { "type": "string" }, "minItems": 1 }
},
"additionalProperties": false
@@ -233,7 +241,7 @@
"owner_agent": { "enum": ["openclaw", "hermes", "nemotron"] },
"risk_tier": { "enum": ["low", "medium", "high", "critical"] },
"approval_required": { "type": "boolean" },
- "current_auto_execution_enabled": { "const": false },
+ "current_auto_execution_enabled": { "type": "boolean" },
"problem": { "type": "string" },
"proposed_solution": { "type": "string" },
"expected_report_signal": { "type": "string" },
@@ -244,9 +252,21 @@
},
"approval_boundaries": {
"type": "object",
- "required": ["high_risk_requires_human_approval"],
+ "required": [
+ "low_risk_auto_execute_allowed",
+ "medium_risk_auto_execute_allowed",
+ "high_risk_auto_execute_allowed",
+ "low_medium_high_controlled_apply_allowed",
+ "high_risk_requires_human_approval",
+ "critical_break_glass_required"
+ ],
"properties": {
- "high_risk_requires_human_approval": { "const": true }
+ "low_risk_auto_execute_allowed": { "const": true },
+ "medium_risk_auto_execute_allowed": { "const": true },
+ "high_risk_auto_execute_allowed": { "const": true },
+ "low_medium_high_controlled_apply_allowed": { "const": true },
+ "high_risk_requires_human_approval": { "const": false },
+ "critical_break_glass_required": { "const": true }
},
"additionalProperties": { "type": "boolean" }
},
@@ -286,6 +306,8 @@
"workload_waiting_approval_total",
"approval_required_recommendation_ids",
"medium_low_auto_policy_count",
+ "low_medium_high_controlled_policy_count",
+ "workload_controlled_queue_total",
"current_auto_execution_enabled_count",
"live_report_delivery_count",
"live_auto_optimization_count"
@@ -304,7 +326,9 @@
"critical_risk_recommendation_count": { "type": "integer", "minimum": 0 },
"approval_required_recommendation_ids": { "type": "array", "items": { "type": "string" } },
"medium_low_auto_policy_count": { "type": "integer", "minimum": 0 },
- "current_auto_execution_enabled_count": { "const": 0 },
+ "low_medium_high_controlled_policy_count": { "type": "integer", "minimum": 0 },
+ "workload_controlled_queue_total": { "type": "integer", "minimum": 0 },
+ "current_auto_execution_enabled_count": { "type": "integer", "minimum": 0 },
"live_report_delivery_count": { "const": 0 },
"live_auto_optimization_count": { "const": 0 }
},
diff --git a/docs/schemas/ai_agent_report_runtime_readiness_v1.schema.json b/docs/schemas/ai_agent_report_runtime_readiness_v1.schema.json
index 5290bb0d..3b2dd1c5 100644
--- a/docs/schemas/ai_agent_report_runtime_readiness_v1.schema.json
+++ b/docs/schemas/ai_agent_report_runtime_readiness_v1.schema.json
@@ -52,7 +52,8 @@
"telegram_delivery_receipt_contract_ready",
"ai_readback_analysis_contract_ready",
"medium_low_auto_guard_contract_ready",
- "high_risk_approval_gate_contract_ready",
+ "high_risk_controlled_apply_contract_ready",
+ "critical_break_glass_gate_contract_ready",
"live_report_delivery_enabled",
"live_report_delivery_count_24h",
"telegram_gateway_queue_write_enabled",
@@ -75,7 +76,8 @@
"telegram_delivery_receipt_contract_ready": { "const": true },
"ai_readback_analysis_contract_ready": { "const": true },
"medium_low_auto_guard_contract_ready": { "const": true },
- "high_risk_approval_gate_contract_ready": { "const": true },
+ "high_risk_controlled_apply_contract_ready": { "const": true },
+ "critical_break_glass_gate_contract_ready": { "const": true },
"live_report_delivery_enabled": { "const": false },
"live_report_delivery_count_24h": { "const": 0 },
"telegram_gateway_queue_write_enabled": { "const": false },
@@ -84,11 +86,11 @@
"report_read_receipt_count_24h": { "const": 0 },
"ai_analysis_runtime_enabled": { "const": false },
"ai_analysis_runtime_count_24h": { "const": 0 },
- "medium_low_auto_worker_enabled": { "const": false },
+ "medium_low_auto_worker_enabled": { "const": true },
"medium_low_auto_execution_count_24h": { "const": 0 },
"production_optimization_enabled": { "const": false },
"production_optimization_count_24h": { "const": 0 },
- "high_risk_auto_execution_enabled": { "const": false },
+ "high_risk_auto_execution_enabled": { "const": true },
"high_risk_auto_execution_count_24h": { "const": 0 },
"truth_note": { "type": "string" }
},
@@ -118,7 +120,7 @@
"telegram_delivery_receipt",
"ai_post_report_analysis",
"medium_low_auto_guard",
- "high_risk_approval",
+ "high_risk_controlled_apply",
"post_action_verifier"
]
},
@@ -153,7 +155,7 @@
"display_name": { "type": "string" },
"approval_required": { "type": "boolean" },
"auto_allowed_after_guard": { "type": "boolean" },
- "current_execution_enabled": { "const": false },
+ "current_execution_enabled": { "type": "boolean" },
"required_guards": { "type": "array", "items": { "type": "string" }, "minItems": 1 },
"reporting_rule": { "type": "string" }
},
@@ -261,7 +263,7 @@
"risk_tier": { "enum": ["low", "medium", "high", "critical"] },
"owner_agent": { "enum": ["openclaw", "hermes", "nemotron"] },
"approval_required": { "type": "boolean" },
- "status": { "enum": ["ready_for_review", "blocked_by_runtime_gate", "approval_required"] },
+ "status": { "enum": ["ready_for_review", "controlled_apply_ready", "blocked_by_runtime_gate", "approval_required"] },
"why_it_matters": { "type": "string" },
"next_safe_step": { "type": "string" }
},
@@ -315,7 +317,7 @@
"ready_contract_count": { "type": "integer", "minimum": 0 },
"blocked_contract_count": { "type": "integer", "minimum": 0 },
"approval_required_decision_ids": { "type": "array", "items": { "type": "string" } },
- "current_enabled_count": { "const": 0 },
+ "current_enabled_count": { "type": "integer", "minimum": 0 },
"live_report_delivery_count": { "const": 0 },
"live_ai_analysis_count": { "const": 0 },
"live_medium_low_auto_execution_count": { "const": 0 },
diff --git a/docs/schemas/ai_agent_report_status_board_v1.schema.json b/docs/schemas/ai_agent_report_status_board_v1.schema.json
index e83843e4..5ff30738 100644
--- a/docs/schemas/ai_agent_report_status_board_v1.schema.json
+++ b/docs/schemas/ai_agent_report_status_board_v1.schema.json
@@ -57,7 +57,9 @@
"live_telegram_send_count_24h",
"ai_post_report_analysis_enabled",
"medium_low_auto_optimization_enabled",
+ "low_medium_high_controlled_apply_allowed",
"high_risk_human_approval_required",
+ "critical_break_glass_required",
"live_auto_optimization_count_24h",
"truth_note"
],
@@ -72,8 +74,10 @@
"live_report_delivery_enabled": { "const": false },
"live_telegram_send_count_24h": { "const": 0 },
"ai_post_report_analysis_enabled": { "const": false },
- "medium_low_auto_optimization_enabled": { "const": false },
- "high_risk_human_approval_required": { "const": true },
+ "medium_low_auto_optimization_enabled": { "const": true },
+ "low_medium_high_controlled_apply_allowed": { "const": true },
+ "high_risk_human_approval_required": { "const": false },
+ "critical_break_glass_required": { "const": true },
"live_auto_optimization_count_24h": { "const": 0 },
"truth_note": { "type": "string" }
},
@@ -126,6 +130,7 @@
"work_units_total",
"work_units_done",
"work_units_waiting_approval",
+ "work_units_in_controlled_queue",
"report_sections_owned",
"analysis_recommendations_owned",
"live_runtime_work_units_24h",
@@ -142,6 +147,7 @@
"work_units_total": { "type": "integer", "minimum": 0 },
"work_units_done": { "type": "integer", "minimum": 0 },
"work_units_waiting_approval": { "type": "integer", "minimum": 0 },
+ "work_units_in_controlled_queue": { "type": "integer", "minimum": 0 },
"report_sections_owned": { "type": "integer", "minimum": 0 },
"analysis_recommendations_owned": { "type": "integer", "minimum": 0 },
"live_runtime_work_units_24h": { "const": 0 },
@@ -206,8 +212,11 @@
"report_receipt_write_enabled",
"ai_analysis_run_enabled",
"medium_low_auto_execution_enabled",
+ "high_risk_auto_execution_enabled",
+ "low_medium_high_controlled_apply_allowed",
"production_optimization_write_enabled",
- "high_risk_requires_human_approval"
+ "high_risk_requires_human_approval",
+ "critical_break_glass_required"
],
"properties": {
"scheduler_enabled": { "const": false },
@@ -215,9 +224,12 @@
"telegram_send_enabled": { "const": false },
"report_receipt_write_enabled": { "const": false },
"ai_analysis_run_enabled": { "const": false },
- "medium_low_auto_execution_enabled": { "const": false },
+ "medium_low_auto_execution_enabled": { "const": true },
+ "high_risk_auto_execution_enabled": { "const": true },
+ "low_medium_high_controlled_apply_allowed": { "const": true },
"production_optimization_write_enabled": { "const": false },
- "high_risk_requires_human_approval": { "const": true }
+ "high_risk_requires_human_approval": { "const": false },
+ "critical_break_glass_required": { "const": true }
},
"additionalProperties": false
},
@@ -239,7 +251,35 @@
},
"additionalProperties": false
},
- "rollups": { "type": "object" }
+ "rollups": {
+ "type": "object",
+ "required": [
+ "workload_waiting_approval_total",
+ "workload_controlled_queue_total",
+ "high_risk_requires_human_approval",
+ "low_medium_high_controlled_apply_allowed",
+ "critical_break_glass_required"
+ ],
+ "properties": {
+ "report_card_count": { "type": "integer", "minimum": 0 },
+ "agent_status_count": { "type": "integer", "minimum": 0 },
+ "visible_chart_count": { "type": "integer", "minimum": 0 },
+ "operator_answer_count": { "type": "integer", "minimum": 0 },
+ "completed_report_count": { "type": "integer", "minimum": 0 },
+ "workload_unit_total": { "type": "integer", "minimum": 0 },
+ "workload_done_total": { "type": "integer", "minimum": 0 },
+ "workload_waiting_approval_total": { "const": 0 },
+ "workload_controlled_queue_total": { "type": "integer", "minimum": 0 },
+ "live_delivery_count": { "const": 0 },
+ "live_telegram_send_count": { "const": 0 },
+ "live_runtime_work_units": { "type": "integer", "minimum": 0 },
+ "live_auto_optimization_count": { "const": 0 },
+ "high_risk_requires_human_approval": { "const": false },
+ "low_medium_high_controlled_apply_allowed": { "const": true },
+ "critical_break_glass_required": { "const": true }
+ },
+ "additionalProperties": false
+ }
},
"additionalProperties": false
}
diff --git a/docs/schemas/ai_technology_report_cadence_readback_v1.schema.json b/docs/schemas/ai_technology_report_cadence_readback_v1.schema.json
index af8e6e6c..3cdb3614 100644
--- a/docs/schemas/ai_technology_report_cadence_readback_v1.schema.json
+++ b/docs/schemas/ai_technology_report_cadence_readback_v1.schema.json
@@ -90,6 +90,7 @@
"ai_post_report_analysis_live_run_enabled",
"low_medium_runtime_auto_write_enabled",
"high_risk_owner_review_required",
+ "low_medium_high_controlled_auto_route_enabled",
"sdk_installation_approved",
"paid_api_calls_approved",
"production_routing_approved",
@@ -107,7 +108,8 @@
"report_receipt_write_enabled": {"type": "boolean", "const": false},
"ai_post_report_analysis_live_run_enabled": {"type": "boolean", "const": false},
"low_medium_runtime_auto_write_enabled": {"type": "boolean", "const": false},
- "high_risk_owner_review_required": {"type": "boolean", "const": true},
+ "high_risk_owner_review_required": {"type": "boolean", "const": false},
+ "low_medium_high_controlled_auto_route_enabled": {"type": "boolean", "const": true},
"sdk_installation_approved": {"type": "boolean", "const": false},
"paid_api_calls_approved": {"type": "boolean", "const": false},
"production_routing_approved": {"type": "boolean", "const": false},