From 44ea892e4fb3e5847eaef30c8e9564d0acdafcea Mon Sep 17 00:00:00 2001 From: Your Name Date: Tue, 16 Jun 2026 10:14:23 +0800 Subject: [PATCH] =?UTF-8?q?feat(governance):=20=E6=96=B0=E5=A2=9E=20AI=20A?= =?UTF-8?q?gent=20TG=20canary=20=E6=89=B9=E5=87=86=E5=8C=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../ai_agent_professional_task_expansion.py | 120 +- ...st_ai_agent_professional_task_expansion.py | 89 +- ...i_agent_professional_task_expansion_api.py | 17 +- apps/web/messages/en.json | 21 +- apps/web/messages/zh-TW.json | 21 +- .../tabs/automation-inventory-tab.tsx | 53 + apps/web/src/lib/api-client.ts | 71 +- docs/LOGBOOK.md | 25 + .../AI_AGENT_12_AGENT_WAR_ROOM_2026-06-14.md | 2 +- ...AI_AGENT_AUTOMATION_WORKLIST_2026-06-04.md | 12 +- ..._PROFESSIONAL_TASK_EXPANSION_2026-06-15.md | 43 +- ...ask_expansion_2026-06-16_1015_p2_405c.json | 1486 +++++++++++++++++ ...professional_task_expansion_v1.schema.json | 175 +- ...-04-15-MASTER-ai-autonomous-flywheel-v2.md | 18 +- 14 files changed, 2110 insertions(+), 43 deletions(-) create mode 100644 docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json diff --git a/apps/api/src/services/ai_agent_professional_task_expansion.py b/apps/api/src/services/ai_agent_professional_task_expansion.py index 696cf9f5..27be1b91 100644 --- a/apps/api/src/services/ai_agent_professional_task_expansion.py +++ b/apps/api/src/services/ai_agent_professional_task_expansion.py @@ -1,7 +1,7 @@ """ AI Agent professional task expansion and Telegram runtime bridge snapshot. -Loads the latest committed P2-405B read-only contract. The contract expands +Loads the latest committed P2-405C read-only contract. The contract expands professional AI Agent work and defines Telegram no-send previews, but it does not write Telegram Gateway queues, send Telegram messages, call the Bot API, read secrets, or execute production changes. @@ -28,6 +28,7 @@ _EXPECTED_NO_SEND_PREVIEW_COUNT = 6 _EXPECTED_DEDUP_KEY_COUNT = 6 _EXPECTED_RECEIPT_EXPECTATION_COUNT = 6 _EXPECTED_CANARY_PACKAGE_COUNT = 1 +_EXPECTED_CANARY_APPROVAL_PACKET_COUNT = 1 _ZERO_ROLLUP_FIELDS = { "current_live_count", "gateway_queue_write_count", @@ -44,6 +45,14 @@ _ZERO_ROLLUP_FIELDS = { "preview_bot_api_call_enabled_count", "receipt_live_write_enabled_count", "canary_live_send_enabled_count", + "canary_approval_granted_count", + "canary_selected_message_type_count", + "canary_approved_time_window_count", + "canary_send_execution_enabled_count", + "canary_gateway_queue_write_enabled_count", + "canary_bot_api_call_enabled_count", + "canary_delivery_receipt_write_enabled_count", + "canary_secret_read_enabled_count", } _FORBIDDEN_PUBLIC_TERMS = { "work_window_transcript", @@ -91,11 +100,11 @@ def _require_schema(payload: dict[str, Any], label: str) -> None: status = payload.get("program_status") or {} expected = { "current_priority": "P2", - "current_task_id": "P2-405B", - "next_task_id": "P2-405C", + "current_task_id": "P2-405C", + "next_task_id": "P2-405D", "read_only_mode": True, "runtime_authority": _RUNTIME_AUTHORITY, - "overall_completion_percent": 88, + "overall_completion_percent": 92, } mismatches = _mismatches(status, expected) if mismatches: @@ -135,6 +144,7 @@ def _require_telegram_bridge(payload: dict[str, Any], label: str) -> None: _require_no_send_previews(bridge, label) _require_receipt_and_canary_package(bridge, label) + _require_canary_send_approval_packet(bridge, label) def _require_no_send_previews(bridge: dict[str, Any], label: str) -> None: @@ -233,6 +243,88 @@ def _require_receipt_and_canary_package(bridge: dict[str, Any], label: str) -> N raise ValueError(f"{label}: canary_approval_package.approval_checklist is required") +def _require_canary_send_approval_packet(bridge: dict[str, Any], label: str) -> None: + packet = bridge.get("canary_send_approval_packet") or {} + expected_packet = { + "packet_ready": True, + "approval_required": True, + "approval_granted": False, + "status": "waiting_explicit_commander_approval", + "target_room_env": "SRE_GROUP_CHAT_ID", + "target_room_value_visible": False, + "selected_message_type": "not_selected", + "proposed_time_window": "waiting_commander_input", + } + mismatches = _mismatches(packet, expected_packet) + if mismatches: + raise ValueError(f"{label}: canary_send_approval_packet mismatch: {mismatches}") + if not packet: + raise ValueError( + f"{label}: expected {_EXPECTED_CANARY_APPROVAL_PACKET_COUNT} canary send approval packet" + ) + + message_types = {item.get("message_type") for item in bridge.get("message_types") or []} + eligible = set(packet.get("eligible_message_types") or []) + if eligible != message_types: + raise ValueError(f"{label}: canary send packet must cover every eligible message type") + + fields = packet.get("operator_approval_fields") or [] + required_field_ids = { + "commander_approval", + "selected_message_type", + "scheduled_window", + "target_room_env_ref", + "mute_rollback_plan", + "receipt_readback_owner", + "failure_stop_condition", + } + field_ids = {field.get("field_id") for field in fields} + if field_ids != required_field_ids: + raise ValueError(f"{label}: canary send packet approval fields mismatch") + for field in fields: + field_id = field.get("field_id") + if field.get("required") is not True: + raise ValueError(f"{label}: {field_id}.required must be true") + if field.get("current_value_status") != "waiting_input": + raise ValueError(f"{label}: {field_id}.current_value_status must be waiting_input") + if field.get("value_display_allowed") is not False: + raise ValueError(f"{label}: {field_id}.value_display_allowed must remain false") + + execution_flags = packet.get("execution_flags") or {} + expected_execution = { + "canary_send_execution_enabled": False, + "gateway_queue_write_enabled": False, + "bot_api_call_enabled": False, + "delivery_receipt_write_enabled": False, + "production_write_enabled": False, + "secret_read_enabled": False, + "paid_api_enabled": False, + } + mismatches = _mismatches(execution_flags, expected_execution) + if mismatches: + raise ValueError(f"{label}: canary send execution flags mismatch: {mismatches}") + + rate_limit = packet.get("rate_limit_plan") or {} + if rate_limit.get("max_messages") != 1: + raise ValueError(f"{label}: canary send max_messages must be 1") + if rate_limit.get("live_rate_limit_write_enabled") is not False: + raise ValueError(f"{label}: live_rate_limit_write_enabled must remain false") + + receipt_plan = packet.get("receipt_readback_plan") or {} + if receipt_plan.get("production_receipt_write_enabled") is not False: + raise ValueError(f"{label}: production_receipt_write_enabled must remain false") + if receipt_plan.get("receipt_readback_enabled_before_send") is not False: + raise ValueError(f"{label}: receipt_readback_enabled_before_send must remain false") + if not receipt_plan.get("required_checks"): + raise ValueError(f"{label}: receipt_readback_plan.required_checks is required") + if not packet.get("stop_conditions"): + raise ValueError(f"{label}: canary send packet stop_conditions are required") + if not packet.get("mute_rollback_plan"): + raise ValueError(f"{label}: canary send packet mute_rollback_plan is required") + if packet.get("approval_decision_log") != []: + raise ValueError(f"{label}: canary send approval_decision_log must remain empty") + + def _require_professional_tasks(payload: dict[str, Any], label: str) -> None: domains = payload.get("professional_task_domains") or [] if len(domains) != _EXPECTED_DOMAIN_COUNT: @@ -326,6 +418,26 @@ def _require_rollups(payload: dict[str, Any], label: str) -> None: "canary_approval_package_count": 1 if bridge.get("canary_approval_package") else 0, + "canary_send_approval_packet_count": 1 + if bridge.get("canary_send_approval_packet") + else 0, + "canary_operator_approval_field_count": len( + (bridge.get("canary_send_approval_packet") or {}).get("operator_approval_fields") + or [] + ), + "canary_stop_condition_count": len( + (bridge.get("canary_send_approval_packet") or {}).get("stop_conditions") or [] + ), + "canary_rollback_mute_step_count": len( + (bridge.get("canary_send_approval_packet") or {}).get("mute_rollback_plan") or [] + ), + "canary_receipt_readback_check_count": len( + ( + (bridge.get("canary_send_approval_packet") or {}).get("receipt_readback_plan") + or {} + ).get("required_checks") + or [] + ), } mismatches = _mismatches(rollups, expected) if mismatches: diff --git a/apps/api/tests/test_ai_agent_professional_task_expansion.py b/apps/api/tests/test_ai_agent_professional_task_expansion.py index 52d4656e..d1676287 100644 --- a/apps/api/tests/test_ai_agent_professional_task_expansion.py +++ b/apps/api/tests/test_ai_agent_professional_task_expansion.py @@ -18,9 +18,9 @@ def test_load_latest_ai_agent_professional_task_expansion_snapshot() -> None: snapshot = load_latest_ai_agent_professional_task_expansion() assert snapshot["schema_version"] == "ai_agent_professional_task_expansion_v1" - assert snapshot["program_status"]["current_task_id"] == "P2-405B" - assert snapshot["program_status"]["next_task_id"] == "P2-405C" - assert snapshot["program_status"]["overall_completion_percent"] == 88 + assert snapshot["program_status"]["current_task_id"] == "P2-405C" + assert snapshot["program_status"]["next_task_id"] == "P2-405D" + assert snapshot["program_status"]["overall_completion_percent"] == 92 assert snapshot["program_status"]["runtime_authority"] == ( "professional_task_expansion_and_telegram_bridge_read_only_no_send" ) @@ -42,6 +42,10 @@ def test_load_latest_ai_agent_professional_task_expansion_snapshot() -> None: assert bridge["queue_preview_readback"]["write_enabled"] is False assert bridge["canary_approval_package"]["status"] == "blocked_until_explicit_approval" assert bridge["canary_approval_package"]["live_send_enabled"] is False + assert bridge["canary_send_approval_packet"]["status"] == "waiting_explicit_commander_approval" + assert bridge["canary_send_approval_packet"]["approval_granted"] is False + assert bridge["canary_send_approval_packet"]["selected_message_type"] == "not_selected" + assert bridge["canary_send_approval_packet"]["proposed_time_window"] == "waiting_commander_input" rollups = snapshot["rollups"] assert rollups["professional_task_count"] == 24 @@ -72,6 +76,19 @@ def test_load_latest_ai_agent_professional_task_expansion_snapshot() -> None: assert rollups["preview_bot_api_call_enabled_count"] == 0 assert rollups["receipt_live_write_enabled_count"] == 0 assert rollups["canary_live_send_enabled_count"] == 0 + assert rollups["canary_send_approval_packet_count"] == 1 + assert rollups["canary_operator_approval_field_count"] == 7 + assert rollups["canary_stop_condition_count"] == 6 + assert rollups["canary_rollback_mute_step_count"] == 5 + assert rollups["canary_receipt_readback_check_count"] == 6 + assert rollups["canary_approval_granted_count"] == 0 + assert rollups["canary_selected_message_type_count"] == 0 + assert rollups["canary_approved_time_window_count"] == 0 + assert rollups["canary_send_execution_enabled_count"] == 0 + assert rollups["canary_gateway_queue_write_enabled_count"] == 0 + assert rollups["canary_bot_api_call_enabled_count"] == 0 + assert rollups["canary_delivery_receipt_write_enabled_count"] == 0 + assert rollups["canary_secret_read_enabled_count"] == 0 def test_professional_tasks_cover_required_agents_and_reporting() -> None: @@ -146,6 +163,39 @@ def test_receipts_and_canary_package_remain_no_send() -> None: assert canary["production_write_enabled"] is False +def test_canary_send_approval_packet_waits_for_explicit_approval() -> None: + snapshot = load_latest_ai_agent_professional_task_expansion() + bridge = snapshot["telegram_runtime_bridge"] + packet = bridge["canary_send_approval_packet"] + + assert packet["packet_ready"] is True + assert packet["approval_required"] is True + assert packet["approval_granted"] is False + assert packet["target_room_env"] == "SRE_GROUP_CHAT_ID" + assert packet["target_room_value_visible"] is False + assert packet["selected_message_type"] == "not_selected" + assert packet["proposed_time_window"] == "waiting_commander_input" + assert set(packet["eligible_message_types"]) == { + message_type["message_type"] for message_type in bridge["message_types"] + } + assert len(packet["operator_approval_fields"]) == 7 + assert len(packet["stop_conditions"]) == 6 + assert len(packet["mute_rollback_plan"]) == 5 + assert len(packet["receipt_readback_plan"]["required_checks"]) == 6 + assert packet["approval_decision_log"] == [] + + for field in packet["operator_approval_fields"]: + assert field["required"] is True + assert field["current_value_status"] == "waiting_input" + assert field["value_display_allowed"] is False + + assert packet["rate_limit_plan"]["max_messages"] == 1 + assert packet["rate_limit_plan"]["live_rate_limit_write_enabled"] is False + assert packet["receipt_readback_plan"]["production_receipt_write_enabled"] is False + assert packet["receipt_readback_plan"]["receipt_readback_enabled_before_send"] is False + assert all(value is False for value in packet["execution_flags"].values()) + + def test_rejects_telegram_send_enabled(tmp_path: Path) -> None: snapshot = copy.deepcopy(load_latest_ai_agent_professional_task_expansion()) snapshot["telegram_runtime_bridge"]["telegram_send_enabled"] = True @@ -194,6 +244,39 @@ def test_rejects_canary_live_send_enabled(tmp_path: Path) -> None: load_latest_ai_agent_professional_task_expansion(tmp_path) +def test_rejects_canary_send_approval_granted(tmp_path: Path) -> None: + snapshot = copy.deepcopy(load_latest_ai_agent_professional_task_expansion()) + packet = snapshot["telegram_runtime_bridge"]["canary_send_approval_packet"] + packet["approval_granted"] = True + snapshot["rollups"]["canary_approval_granted_count"] = 1 + _write_snapshot(tmp_path, snapshot) + + with pytest.raises(ValueError, match="canary_send_approval_packet mismatch"): + load_latest_ai_agent_professional_task_expansion(tmp_path) + + +def test_rejects_canary_send_execution_enabled(tmp_path: Path) -> None: + snapshot = copy.deepcopy(load_latest_ai_agent_professional_task_expansion()) + packet = snapshot["telegram_runtime_bridge"]["canary_send_approval_packet"] + packet["execution_flags"]["canary_send_execution_enabled"] = True + snapshot["rollups"]["canary_send_execution_enabled_count"] = 1 + _write_snapshot(tmp_path, snapshot) + + with pytest.raises(ValueError, match="canary send execution flags mismatch"): + load_latest_ai_agent_professional_task_expansion(tmp_path) + + +def test_rejects_selected_canary_message_type_without_approval(tmp_path: Path) -> None: + snapshot = copy.deepcopy(load_latest_ai_agent_professional_task_expansion()) + packet = snapshot["telegram_runtime_bridge"]["canary_send_approval_packet"] + packet["selected_message_type"] = "daily_agent_workload_digest" + snapshot["rollups"]["canary_selected_message_type_count"] = 1 + _write_snapshot(tmp_path, snapshot) + + with pytest.raises(ValueError, match="canary_send_approval_packet mismatch"): + load_latest_ai_agent_professional_task_expansion(tmp_path) + + def test_rejects_high_risk_without_approval(tmp_path: Path) -> None: snapshot = copy.deepcopy(load_latest_ai_agent_professional_task_expansion()) high_task = next(task for task in snapshot["professional_tasks"] if task["risk_tier"] == "high") diff --git a/apps/api/tests/test_ai_agent_professional_task_expansion_api.py b/apps/api/tests/test_ai_agent_professional_task_expansion_api.py index b2c9eccb..83419bf7 100644 --- a/apps/api/tests/test_ai_agent_professional_task_expansion_api.py +++ b/apps/api/tests/test_ai_agent_professional_task_expansion_api.py @@ -17,9 +17,9 @@ def test_ai_agent_professional_task_expansion_endpoint() -> None: assert response.status_code == 200 payload = response.json() assert payload["schema_version"] == "ai_agent_professional_task_expansion_v1" - assert payload["program_status"]["current_task_id"] == "P2-405B" - assert payload["program_status"]["next_task_id"] == "P2-405C" - assert payload["program_status"]["overall_completion_percent"] == 88 + assert payload["program_status"]["current_task_id"] == "P2-405C" + assert payload["program_status"]["next_task_id"] == "P2-405D" + assert payload["program_status"]["overall_completion_percent"] == 92 assert payload["program_status"]["runtime_authority"] == ( "professional_task_expansion_and_telegram_bridge_read_only_no_send" ) @@ -42,6 +42,17 @@ def test_ai_agent_professional_task_expansion_endpoint() -> None: assert payload["rollups"]["receipt_expectation_count"] == 6 assert payload["rollups"]["canary_approval_package_count"] == 1 assert payload["rollups"]["preview_send_enabled_count"] == 0 + assert payload["rollups"]["canary_send_approval_packet_count"] == 1 + assert payload["rollups"]["canary_operator_approval_field_count"] == 7 + assert payload["rollups"]["canary_approval_granted_count"] == 0 + assert payload["rollups"]["canary_send_execution_enabled_count"] == 0 + assert payload["rollups"]["canary_gateway_queue_write_enabled_count"] == 0 + assert payload["rollups"]["canary_bot_api_call_enabled_count"] == 0 assert payload["telegram_runtime_bridge"]["canary_approval_package"]["live_send_enabled"] is False + assert payload["telegram_runtime_bridge"]["canary_send_approval_packet"]["approval_granted"] is False + assert ( + payload["telegram_runtime_bridge"]["canary_send_approval_packet"]["selected_message_type"] + == "not_selected" + ) assert len(payload["telegram_runtime_bridge"]["no_send_message_previews"]) == 6 assert len(payload["telegram_runtime_bridge"]["receipt_expectations"]) == 6 diff --git a/apps/web/messages/en.json b/apps/web/messages/en.json index 15f8cb1a..ab00f329 100644 --- a/apps/web/messages/en.json +++ b/apps/web/messages/en.json @@ -6448,7 +6448,7 @@ } }, "professionalTaskExpansion": { - "title": "P2-405B AI Agent 專業任務與 TG 預覽", + "title": "P2-405C AI Agent TG Canary 批准包", "source": "產生 {generated};目前 {current};下一步 {next}", "runtime": "runtime={value}", "telegramTitle": "Telegram Runtime Bridge", @@ -6466,10 +6466,15 @@ "noSendPreviews": "no-send 預覽", "dedupKeys": "dedup key", "receipts": "receipt expectation", - "previewLiveWrites": "preview 實發" + "previewLiveWrites": "preview 實發", + "canaryPacket": "canary 批准包", + "canaryFields": "批准欄位", + "stopConditions": "停止條件", + "canaryApprovalGaps": "已批准 / 選擇 / 時間窗" }, "previewTitle": "Telegram no-send 訊息預覽", - "canaryTitle": "Canary approval package", + "canaryTitle": "Canary 批准包", + "canarySendPacketTitle": "P2-405C Canary 發送批准包", "labels": { "gateway": "Gateway required={value}", "noSend": "no-send preview={value}", @@ -6490,7 +6495,15 @@ "canaryApproval": "canary approval={value}", "arbiter": "仲裁={value}", "owner": "owner={value}", - "canarySend": "canary send={value}" + "canarySend": "canary 發送={value}", + "packetReady": "批准包就緒={value}", + "approvalGranted": "已批准={value}", + "recommendedMessage": "推薦訊息={value}", + "selectedMessage": "選定訊息={value}", + "timeWindow": "時間窗={value}", + "required": "必填={value}", + "inputStatus": "輸入狀態={value}", + "valueVisible": "值可見={value}" }, "riskTiers": { "low": "低風險", diff --git a/apps/web/messages/zh-TW.json b/apps/web/messages/zh-TW.json index 15f8cb1a..ab00f329 100644 --- a/apps/web/messages/zh-TW.json +++ b/apps/web/messages/zh-TW.json @@ -6448,7 +6448,7 @@ } }, "professionalTaskExpansion": { - "title": "P2-405B AI Agent 專業任務與 TG 預覽", + "title": "P2-405C AI Agent TG Canary 批准包", "source": "產生 {generated};目前 {current};下一步 {next}", "runtime": "runtime={value}", "telegramTitle": "Telegram Runtime Bridge", @@ -6466,10 +6466,15 @@ "noSendPreviews": "no-send 預覽", "dedupKeys": "dedup key", "receipts": "receipt expectation", - "previewLiveWrites": "preview 實發" + "previewLiveWrites": "preview 實發", + "canaryPacket": "canary 批准包", + "canaryFields": "批准欄位", + "stopConditions": "停止條件", + "canaryApprovalGaps": "已批准 / 選擇 / 時間窗" }, "previewTitle": "Telegram no-send 訊息預覽", - "canaryTitle": "Canary approval package", + "canaryTitle": "Canary 批准包", + "canarySendPacketTitle": "P2-405C Canary 發送批准包", "labels": { "gateway": "Gateway required={value}", "noSend": "no-send preview={value}", @@ -6490,7 +6495,15 @@ "canaryApproval": "canary approval={value}", "arbiter": "仲裁={value}", "owner": "owner={value}", - "canarySend": "canary send={value}" + "canarySend": "canary 發送={value}", + "packetReady": "批准包就緒={value}", + "approvalGranted": "已批准={value}", + "recommendedMessage": "推薦訊息={value}", + "selectedMessage": "選定訊息={value}", + "timeWindow": "時間窗={value}", + "required": "必填={value}", + "inputStatus": "輸入狀態={value}", + "valueVisible": "值可見={value}" }, "riskTiers": { "low": "低風險", diff --git a/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx b/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx index cf9ef358..9100eb76 100644 --- a/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx +++ b/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx @@ -3711,6 +3711,17 @@ export function AutomationInventoryTab() { + professionalTaskExpansion.rollups.preview_bot_api_call_enabled_count + professionalTaskExpansion.rollups.receipt_live_write_enabled_count + professionalTaskExpansion.rollups.canary_live_send_enabled_count + + professionalTaskExpansion.rollups.canary_send_execution_enabled_count + + professionalTaskExpansion.rollups.canary_gateway_queue_write_enabled_count + + professionalTaskExpansion.rollups.canary_bot_api_call_enabled_count + + professionalTaskExpansion.rollups.canary_delivery_receipt_write_enabled_count + + professionalTaskExpansion.rollups.canary_secret_read_enabled_count + ) + const professionalTaskCanarySendPacket = professionalTaskExpansion.telegram_runtime_bridge.canary_send_approval_packet + const professionalTaskCanaryApprovalGaps = ( + professionalTaskExpansion.rollups.canary_approval_granted_count + + professionalTaskExpansion.rollups.canary_selected_message_type_count + + professionalTaskExpansion.rollups.canary_approved_time_window_count ) const backlogProgressPercent = backlog.progress_summary.overall_percent const explicitApprovalItemCount = backlog.item_approval_boundary_rollup.items_requiring_explicit_approval.length @@ -4137,6 +4148,10 @@ export function AutomationInventoryTab() { } /> } /> } /> + } /> + } /> + } /> + } />
@@ -4223,6 +4238,44 @@ export function AutomationInventoryTab() {
+
+ {t('professionalTaskExpansion.canarySendPacketTitle')} +

+ {professionalTaskCanarySendPacket.packet_id} · {professionalTaskCanarySendPacket.status} +

+
+ + + + + + + + +
+
+ {professionalTaskCanarySendPacket.operator_approval_fields.map(field => ( +
+ + {field.label} + +
+ + + +
+
+ ))} +
+
+ {professionalTaskCanarySendPacket.stop_conditions.slice(0, 6).map(condition => ( +
+ {condition} +
+ ))} +
+
+ {t('professionalTaskExpansion.tasksTitle')}
{visibleProfessionalTasks.map(task => { diff --git a/apps/web/src/lib/api-client.ts b/apps/web/src/lib/api-client.ts index a2355375..9d4ac032 100644 --- a/apps/web/src/lib/api-client.ts +++ b/apps/web/src/lib/api-client.ts @@ -1429,8 +1429,8 @@ export interface AiAgentProfessionalTaskExpansionSnapshot { program_status: { overall_completion_percent: number current_priority: 'P0' | 'P1' | 'P2' | 'P3' - current_task_id: 'P2-405B' - next_task_id: 'P2-405C' + current_task_id: 'P2-405C' + next_task_id: 'P2-405D' read_only_mode: true runtime_authority: 'professional_task_expansion_and_telegram_bridge_read_only_no_send' status_note: string @@ -1539,8 +1539,61 @@ export interface AiAgentProfessionalTaskExpansionSnapshot { delivery_receipt_write_enabled: boolean production_write_enabled: boolean } + canary_send_approval_packet: { + packet_id: string + status: string + packet_ready: boolean + approval_required: boolean + approval_granted: boolean + recommended_first_message_type: string + selected_message_type: string + eligible_message_types: string[] + target_room_alias: string + target_room_env: string + target_room_value_visible: boolean + proposed_time_window: string + owner_agent: string + arbiter: string + reviewers: string[] + operator_approval_fields: Array<{ + field_id: string + label: string + required: boolean + current_value_status: string + value_display_allowed: boolean + }> + rate_limit_plan: { + max_messages: number + window: string + cooldown_after_attempt_minutes: number + duplicate_policy: string + live_rate_limit_write_enabled: boolean + } + mute_rollback_plan: string[] + receipt_readback_plan: { + owner_agent: string + required_checks: string[] + production_receipt_write_enabled: boolean + receipt_readback_enabled_before_send: boolean + } + stop_conditions: string[] + execution_flags: { + canary_send_execution_enabled: boolean + gateway_queue_write_enabled: boolean + bot_api_call_enabled: boolean + delivery_receipt_write_enabled: boolean + production_write_enabled: boolean + secret_read_enabled: boolean + paid_api_enabled: boolean + } + approval_decision_log: unknown[] + } no_send_preview_completion_percent: number canary_approval_package_completion_percent: number + canary_send_approval_packet_ready: boolean + canary_send_approval_granted: boolean + canary_send_execution_enabled: boolean + canary_send_approval_packet_completion_percent: number } professional_task_domains: Array<{ domain_id: string @@ -1576,6 +1629,7 @@ export interface AiAgentProfessionalTaskExpansionSnapshot { telegram_message_must_be_sanitized: boolean frontend_display_policy: string message_preview_redaction_checks: string[] + canary_packet_redaction_checks: string[] } rollups: { professional_task_count: number @@ -1609,6 +1663,19 @@ export interface AiAgentProfessionalTaskExpansionSnapshot { preview_bot_api_call_enabled_count: number receipt_live_write_enabled_count: number canary_live_send_enabled_count: number + canary_send_approval_packet_count: number + canary_operator_approval_field_count: number + canary_stop_condition_count: number + canary_rollback_mute_step_count: number + canary_receipt_readback_check_count: number + canary_approval_granted_count: number + canary_selected_message_type_count: number + canary_approved_time_window_count: number + canary_send_execution_enabled_count: number + canary_gateway_queue_write_enabled_count: number + canary_bot_api_call_enabled_count: number + canary_delivery_receipt_write_enabled_count: number + canary_secret_read_enabled_count: number } } diff --git a/docs/LOGBOOK.md b/docs/LOGBOOK.md index f627b2eb..ed1efd2e 100644 --- a/docs/LOGBOOK.md +++ b/docs/LOGBOOK.md @@ -49,6 +49,31 @@ - 本輪未連 live ArgoCD、未 `kubectl`、未 `helm`、未讀 live Secret、未改 NetworkPolicy / RBAC / NodePort / Ingress / route、未手動 sync、未 patch live manifest、未 active scan、未收 secrets 明文、未 force push。 - 下一優先:收 K8s / ArgoCD owner evidence 與事故後回讀包;同時把 Backup / Restore / Escrow、Monitoring / Alerting / Observability、Public gateway / Nginx、Gitea workflow / runner / deploy secret injection 的 owner evidence gate 往前推,且不得用 route 200、pod up、UI 可見或 CD success 當成資安 runtime 授權。 +## 2026-06-16|P2-405C AI Agent TG Canary 發送批准包 + +**背景**:P2-405B 已讓治理頁看見 Telegram no-send 訊息預覽、dedup key、receipt expectation 與 canary approval package;下一步需要把第一次 TG canary 實發前的人工批准輸入、停止條件、mute / rollback 與回執讀回要求固定成可測試 artifact,但不能因「批准包已就緒」就打開 Telegram 實發或 Gateway queue。 + +**完成項目**: +- 新增 `docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json`,`current_task_id=P2-405C`、`next_task_id=P2-405D`、整體完成度 `92%`。 +- `telegram_runtime_bridge.canary_send_approval_packet` 已固定 `packet_ready=true`、`approval_required=true`、`approval_granted=false`、`status=waiting_explicit_commander_approval`。 +- Canary 發送批准包要求 7 個統帥 / operator 必填欄位:統帥批准、單一訊息類型、發送時間窗、目標 env ref、mute / rollback plan、receipt readback owner、failure stop condition。 +- Canary 發送批准包固定 6 個 eligible message type、6 個停止條件、5 個 mute / rollback 步驟、6 個 receipt readback check;所有欄位值維持不可公開顯示。 +- 後端 loader / schema / 測試已要求 canary execution flags、Gateway queue write、Bot API call、delivery receipt production write、secret read、paid API 全部維持 `false / 0`。 +- `/zh-TW/governance?tab=automation-inventory` 的 AI Agent 專業任務卡片已顯示 canary 批准包、批准欄位、停止條件與批准缺口,並把 canary 實發 / queue / Bot API / receipt write 全部納入 live write 計數。 +- `zh-TW.json` 與 `en.json` 維持繁中鏡像;治理頁不顯示工作視窗對話、未遮罩 runtime payload、機密值或可直接執行的 Telegram 操作。 + +**本地驗證**: +- JSON parse 驗證 `docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json`、`docs/schemas/ai_agent_professional_task_expansion_v1.schema.json`、`apps/web/messages/zh-TW.json`、`apps/web/messages/en.json` 通過。 +- `python3 -m py_compile apps/api/src/services/ai_agent_professional_task_expansion.py apps/api/src/api/v1/agents.py` 通過。 +- `DATABASE_URL=postgresql+asyncpg://test:test@localhost/test pytest -q apps/api/tests/test_ai_agent_professional_task_expansion.py apps/api/tests/test_ai_agent_professional_task_expansion_api.py` → `16 passed`。 +- `pnpm --filter @awoooi/web typecheck` 通過。 + +**完成度與邊界**: +- AI Agent 專業任務擴展與 Telegram Runtime Bridge:`88% -> 92%`。 +- Telegram no-send preview、dedup、receipt expectation、canary approval package、canary send approval packet:皆為 `100%`。 +- Telegram 實發、Gateway queue write、Bot API call、delivery receipt production write、secret read、paid API、host write、kubectl action、production write 全部仍為 `0 / false`。 +- 下一步:P2-405D 只能在統帥明確提供 canary 發送批准、單一訊息類型、時間窗、目標 env ref 與回執讀回 owner 後,才進入受控 canary delivery gate;未批准前不得實發。 + ## 2026-06-15|Docker / systemd / Host Service 事故後回讀 Gate **背景**:110 / 188 類主機服務事故證明,Docker daemon、compose、systemd、repair-bot、Ansible、host config backup、port binding、public / admin route、AI provider 與 monitoring 可能互相影響。IwoooS 不能把「容器起來」、「route 200」、「服務健康」或「頁面可見」誤判成主機服務事故已驗收;本階段補上 host service post-incident readback plan,只建立事故後回讀候選、必填欄位、reviewer checks、outcome lanes、blocked actions 與前台 marker;不 SSH、不讀 live host、不碰 Docker / systemd / repair-bot / Ansible / Nginx / firewall、不做 route smoke、不收 secrets 明文。 diff --git a/docs/ai/AI_AGENT_12_AGENT_WAR_ROOM_2026-06-14.md b/docs/ai/AI_AGENT_12_AGENT_WAR_ROOM_2026-06-14.md index 9f6cf4c9..8c9609dd 100644 --- a/docs/ai/AI_AGENT_12_AGENT_WAR_ROOM_2026-06-14.md +++ b/docs/ai/AI_AGENT_12_AGENT_WAR_ROOM_2026-06-14.md @@ -184,5 +184,5 @@ Telegram Ops 工位負責 Telegram Gateway、Channel Hub、日報/週報/月報 狀態變更:12 位 Agent 只讀審查全部回收並彙整;已建立 `ai_agent_12_agent_war_room_v1` schema / committed snapshot / API / tests / governance UI 區塊。 證據:`docs/schemas/ai_agent_12_agent_war_room_v1.schema.json`、`docs/evaluations/ai_agent_12_agent_war_room_2026-06-14.json`、`GET /api/v1/agents/agent-12-agent-war-room`、治理頁 12-Agent War Room 區塊、12 位 Agent 只讀回饋。 阻擋:runtime writer、Telegram send、Bot API、production write、SDK 安裝、付費 API、shadow/canary、host update、DB migration、restore 仍未批准。 -下一步:P2-405C 承接 Telegram approved canary send approval packet;讓統帥先審核發送時間窗、單一訊息類型、dedup、receipt、mute / rollback plan 與停止條件。P2-146 owner response receipt preview 仍屬另一條 release gate 主線;兩者都不得直接打開 Gateway queue、Telegram send、Bot API 或 production write。 +下一步:P2-405D 承接 Telegram canary delivery gate;只有在統帥明確批准發送時間窗、單一訊息類型、目標 env ref、receipt readback owner、mute / rollback plan 與停止條件後,才可進入受控 canary delivery。P2-146 owner response receipt preview 仍屬另一條 release gate 主線;兩者都不得直接打開 Gateway queue、Telegram send、Bot API 或 production write。 ``` diff --git a/docs/ai/AI_AGENT_AUTOMATION_WORKLIST_2026-06-04.md b/docs/ai/AI_AGENT_AUTOMATION_WORKLIST_2026-06-04.md index ee485400..b521f174 100644 --- a/docs/ai/AI_AGENT_AUTOMATION_WORKLIST_2026-06-04.md +++ b/docs/ai/AI_AGENT_AUTOMATION_WORKLIST_2026-06-04.md @@ -15,11 +15,19 @@ | OpenClaw / Hermes / NemoTron 主動溝通、學習與成長證據 | 100% | P2-401A 到 P2-144 已完成只讀證據面、runtime / report / result-capture gates、no-write readback、promotion review、writer implementation review、writer dry-run fixture、writer dry-run readback、owner promotion execution gate、owner-approved execution rehearsal、owner acceptance / maintenance window gate、owner acceptance readback / preflight hold、owner-approved preflight release package、owner-approved release readiness readback、owner release approval gate、post-release verifier / rollback gate、final release candidate readback、release authorization hold / readback gate、release verifier preflight / owner review packet、release decision hold / readback、release decision next handoff、release decision input prep、12-Agent War Room、owner response 預檢與 owner response 回讀;P2-141 基線與 S4.9 owner release packet 補強皆已正式驗證,P2-142 12-Agent War Room 已完成 production readback 與 desktop / mobile smoke,P2-143 owner response 預檢已完成 production readback 與 in-app browser smoke,P2-144 owner response 回讀已完成 production API readback 與 desktop / mobile smoke。runtime worker、DB migration、production Redis consumer group、canonical runtime readback、live query、runtime score、result capture write、Telegram 實發、delivery receipt E2E、live report delivery、reviewer queue write、Gateway queue write、AI analysis runtime、中低風險 auto worker、KM / LOGBOOK / audit DB / timeline / PlayBook trust 寫入、SDK / 付費服務仍未開 gate | `ai_agent_result_capture_release_decision_owner_response_readback_v1`、`GET /api/v1/agents/agent-result-capture-release-decision-owner-response-readback`、`docs/evaluations/ai_agent_result_capture_release_decision_owner_response_readback_2026-06-14.json`、feature commit `8795f100`、deploy marker `ac938037`、Gitea code-review `2965` / CD `2964` success、5 個回覆讀回 lane、18 個 owner 必填欄位、6 個 readback validation check、6 個 rejection guard、5 個 operator action、等待外部回覆 `5`、未收件 lane `5`、正式寫入 / 發送 `0`;P2-142 feature commit `5de4b3f3`、deploy marker `1a2c9e36`、Gitea CD run `4232` success、production API readback、desktop / mobile in-app browser smoke;P2-143 feature commit `755b0a8d`、deploy marker `667d6329`、Gitea code-review `2961` / CD `2960` success、production API readback、desktop / mobile in-app browser smoke;MASTER §3.2.1b / §3.2.1d / §3.4.3 | | AI Agent 主動營運委派與版本生命週期 | 100% | P2-402A / P2-402B / P2-402C / P2-402D / P2-402E / P2-402F / P2-402G 已完成;已建立 repo-only 版本新鮮度快照、工具採用批准包、Telegram action-required digest policy、Gitea PR 草案 lane、host / K3s / stateful 版本只讀盤點、API 與 governance UI。定期排程、外部版本查詢、工具安裝、CI 變更、套件升級、主機更新、container pull、實際 PR creation、auto merge、Telegram 實發、SSH、kubectl、重啟仍未開 gate | `ai_agent_proactive_operations_contract_v1`、`ai_agent_version_freshness_snapshot_v1`、`ai_agent_tool_adoption_approval_package_v1`、`ai_agent_telegram_action_required_digest_policy_v1`、`ai_agent_gitea_pr_draft_lane_v1`、`ai_agent_host_stateful_version_inventory_v1`、`GET /api/v1/agents/agent-proactive-operations-contract`、`GET /api/v1/agents/agent-version-freshness-snapshot`、`GET /api/v1/agents/agent-tool-adoption-approval-package`、`GET /api/v1/agents/agent-telegram-action-required-digest-policy`、`GET /api/v1/agents/agent-gitea-pr-draft-lane`、`GET /api/v1/agents/agent-host-stateful-version-inventory`、`/zh-TW/governance?tab=automation-inventory`、MASTER §3.2.1c | | 12-Agent War Room 編組 | 72% | 12 個邏輯工位與分批派工規則已正式部署;OpenClaw / Hermes / NemoTron / SRE / Security / DevOps / Data/DR / Supply Chain / Product/UI / QA / Market / Telegram 共 12 份只讀審查已回收;schema / committed snapshot / API / tests / governance UI 區塊 / production API readback / desktop + mobile in-app browser smoke 已完成;runtime writer、Telegram send、Bot API、production write 仍未批准 | `ai_agent_12_agent_war_room_v1`、`docs/evaluations/ai_agent_12_agent_war_room_2026-06-14.json`、`GET /api/v1/agents/agent-12-agent-war-room`、feature commit `5de4b3f3`、deploy marker `1a2c9e36`、Gitea CD run `4232` success、`/zh-TW/governance?tab=automation-inventory`、12 份 Codex sub-agent 只讀回饋 | -| AI Agent 專業任務擴展與 Telegram Runtime Bridge | 88% | P2-405B 已完成只讀契約、正式 API、治理頁 P2-405B 卡片、6 種 Telegram no-send preview、6 個 dedup key、6 組 receipt expectation 與 1 份 canary approval package;24 類專業任務、8 個領域、5 段 Telegram bridge、6 種訊息類型、MCP/RAG stack、日報 / 週報 / 月報 / action-required 報告契約已固定;Telegram 實發、Gateway queue、Bot API、delivery receipt production write、secret read、paid API、host write、kubectl action 仍全部關閉 | `ai_agent_professional_task_expansion_v1`、`docs/evaluations/ai_agent_professional_task_expansion_2026-06-15_1445_p2_405b.json`、`GET /api/v1/agents/agent-professional-task-expansion`、`/zh-TW/governance?tab=automation-inventory`、`docs/ai/AI_AGENT_PROFESSIONAL_TASK_EXPANSION_2026-06-15.md`、需批准任務 `19`、no-send preview `6`、dedup key `6`、receipt expectation `6`、canary package `1`、preview live write `0`;下一步 P2-405C approved canary send approval packet | +| AI Agent 專業任務擴展與 Telegram Runtime Bridge | 92% | P2-405C 已完成只讀契約、正式 API、治理頁 P2-405C 卡片、6 種 Telegram no-send preview、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package、1 份 canary send approval packet、7 個批准欄位、6 個停止條件、5 步 mute / rollback 與 6 個 receipt readback check;24 類專業任務、8 個領域、5 段 Telegram bridge、6 種訊息類型、MCP/RAG stack、日報 / 週報 / 月報 / action-required 報告契約已固定;Telegram 實發、Gateway queue、Bot API、delivery receipt production write、secret read、paid API、host write、kubectl action 仍全部關閉 | `ai_agent_professional_task_expansion_v1`、`docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json`、`GET /api/v1/agents/agent-professional-task-expansion`、`/zh-TW/governance?tab=automation-inventory`、`docs/ai/AI_AGENT_PROFESSIONAL_TASK_EXPANSION_2026-06-15.md`、需批准任務 `19`、no-send preview `6`、dedup key `6`、receipt expectation `6`、canary package `1`、canary send approval packet `1`、批准欄位 `7`、停止條件 `6`、preview / canary live write `0`;下一步 P2-405D canary delivery gate | | Owner response 預檢與拒收邊界 | 100% | P2-143 已完成正式部署與 production readback;承接 P2-141 input prep 與 P2-142 War Room,只建立 owner / verifier / rollback / maintenance / live-apply 五類外部回覆的 intake 預檢、必填欄位與拒收規則;正式 owner response 尚未收到、未接受、未寫入 | `ai_agent_result_capture_release_decision_owner_response_preflight_v1`、`GET /api/v1/agents/agent-result-capture-release-decision-owner-response-preflight`、feature commit `755b0a8d`、deploy marker `667d6329`、Gitea code-review `2961` / CD `2960` success、5 個 response intake lane、18 個 required owner field、6 個 validation check、6 個 rejection guard、5 個 operator action;owner response received / accepted / redacted payload / reviewer queue / Gateway / Telegram / Bot API / production write / secret read / destructive operation 全為 `0` | | Owner response 回讀狀態 | 100% | P2-144 已完成正式部署與 production readback;承接 P2-143 preflight,只讀回五類外部回覆仍未收到、未接受、未拒絕、未保存 | `ai_agent_result_capture_release_decision_owner_response_readback_v1`、`GET /api/v1/agents/agent-result-capture-release-decision-owner-response-readback`、feature commit `8795f100`、deploy marker `ac938037`、Gitea code-review `2965` / CD `2964` success、5 個 response readback lane、18 個 required owner field、6 個 readback validation check、6 個 readback rejection guard、5 個 operator action、waiting external response `5`、no external response received `5`;owner response received / accepted / redacted payload / reviewer queue / Gateway / Telegram / Bot API / production write / secret read / destructive operation 全為 `0` | | 本工作清單與分析報告 | 100% | 已完成 | 本 MD 文件 | +### 2026-06-16 10:15 狀態同步 + +- `P2-405C` AI Agent TG Canary 發送批准包已本地完成:新增 `docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json`,current `P2-405C`、next `P2-405D`、completion `92`。 +- P2-405C 固定 1 份 canary send approval packet、7 個 operator approval field、6 個 eligible message type、6 個 stop condition、5 個 mute / rollback step、6 個 receipt readback check。 +- 治理頁 `automation-inventory` 已顯示 P2-405C canary 批准包、批准欄位、停止條件與批准缺口,並把 canary execution / queue / Bot API / receipt write 全部納入 live write 計數。 +- 本地證據:JSON parse、Python compile、AI Agent professional task expansion API/service regression `16 passed`、Web typecheck 通過。 +- Telegram send、Gateway queue write、Bot API call、delivery receipt production write、secret read、paid API、host write、kubectl action、production write 全部仍為 `0 / false`;P2-405D 只能在統帥明確批准 canary 發送欄位後才進入受控 delivery gate。 + ### 2026-06-14 15:45 狀態同步 - `P2-144` owner response 回讀狀態已完成正式部署與 production readback:feature commit `8795f100`、deploy marker `ac938037 chore(cd): deploy 8795f10 [skip ci]`。 @@ -1417,7 +1425,7 @@ UI: ## 13. 立即執行順序 1. P2-004:依賴 / 供應鏈漂移監控,保持只讀觀察與批准包邊界。 -2. P2-405C:AI Agent Telegram approved canary send approval packet,先讓統帥審核發送時間窗、單一訊息類型、dedup、receipt、mute / rollback plan 與停止條件;仍不得在未批准前實發。 +2. P2-405D:AI Agent Telegram canary delivery gate;只有統帥明確批准發送時間窗、單一訊息類型、目標 env ref、receipt readback owner、mute / rollback plan 與停止條件後,才可進入受控 canary delivery;未批准前仍不得實發。 3. P3-001:外部 Agent / SDK / API 相關能力仍需證據、費用批准與 shadow / canary 關卡。 ## 14. 目前風險 diff --git a/docs/ai/AI_AGENT_PROFESSIONAL_TASK_EXPANSION_2026-06-15.md b/docs/ai/AI_AGENT_PROFESSIONAL_TASK_EXPANSION_2026-06-15.md index ace5ffd3..6b1a15b3 100644 --- a/docs/ai/AI_AGENT_PROFESSIONAL_TASK_EXPANSION_2026-06-15.md +++ b/docs/ai/AI_AGENT_PROFESSIONAL_TASK_EXPANSION_2026-06-15.md @@ -1,14 +1,14 @@ # AI Agent 專業任務擴展與 Telegram Runtime Bridge 工作報告 -> 日期:2026-06-15(台北時間) -> 狀態:P2-405B 已完成 no-send 訊息預覽、dedup key、receipt expectation、canary approval package、API guard、測試與治理頁可視化;Telegram 實發仍未啟用。 +> 日期:2026-06-16(台北時間) +> 狀態:P2-405C 已完成 Canary 發送批准包、7 個必填批准欄位、6 個停止條件、5 步 mute / rollback、6 個 receipt readback check、API guard、測試與治理頁可視化;Telegram 實發仍未啟用。 > 事實來源:`ai_agent_professional_task_expansion_v1` ## 1. 結論 -本輪把「AI Agent 還能處理哪些專業工作」正式產品化成 24 類專業任務,並把 Telegram 群組 / TG Bot 整合拆成 5 段啟動前閘門。P2-405B 進一步把將來要送出的 Telegram 訊息長相、dedup key、receipt expectation 與 canary approval package 顯示到治理頁。 +本輪把「AI Agent 還能處理哪些專業工作」正式產品化成 24 類專業任務,並把 Telegram 群組 / TG Bot 整合拆成 5 段啟動前閘門。P2-405C 進一步把第一次 Canary 發送前必須由統帥確認的批准欄位、停止條件、mute / rollback 與 receipt readback plan 顯示到治理頁。 -這不是直接讓 AI Agent 發 Telegram 或改 production;目前只允許 no-send preview、queue preview readback、owner review 與批准包。真正送到 **AwoooI SRE 戰情室** 必須先通過 approved canary、dedup、receipt、redaction、OpenClaw 仲裁、Security gate 與 QA verifier。 +這不是直接讓 AI Agent 發 Telegram 或改 production;目前只允許 no-send preview、queue preview readback、owner review、canary approval package 與 canary send approval packet。真正送到 **AwoooI SRE 戰情室** 必須先通過統帥明確批准、approved canary、dedup、receipt、redaction、OpenClaw 仲裁、Security gate 與 QA verifier。 ## 2. 完成度 @@ -17,6 +17,7 @@ | 專業任務擴展契約 | 100% | 24 類任務已定義 owner、風險、MCP、RAG、Telegram policy 與 blocked actions | | Telegram Runtime Bridge 契約 | 100% | no-send preview、queue preview、approved canary、日週月報、action-required digest 已分段 | | Telegram no-send 訊息預覽 | 100% | 6 種訊息預覽、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package 已固定 | +| Canary 發送批准包 | 100% | 1 份 canary send approval packet、7 個批准欄位、6 個停止條件、5 步 mute / rollback、6 個 receipt readback check 已固定 | | API / loader | 100% | `GET /api/v1/agents/agent-professional-task-expansion` 只讀輸出 | | 治理頁可視化 | 100% | `/zh-TW/governance?tab=automation-inventory` 顯示任務、風險、TG bridge、preview、dedup、receipt、canary 與 live/send/write=0 | | Telegram 實發 | 0% | `telegram_send_count=0`、`bot_api_call_count=0`、`gateway_queue_write_count=0` | @@ -57,7 +58,23 @@ | receipt readback owner | 明確誰驗證收到 | | 失敗時停止條件 | 避免重試洗版 | -## 6. 專業任務總覽 +## 6. P2-405C Canary 發送批准包 + +目前 canary send approval packet 狀態為 `waiting_explicit_commander_approval`,`packet_ready=true`,但 `approval_granted=false`、`selected_message_type=not_selected`、`proposed_time_window=waiting_commander_input`。 + +| 必填項目 | 目前狀態 | 邊界 | +|---|---|---| +| 統帥批准 | waiting input | 未批准不得實發 | +| 單一訊息類型 | waiting input | 不允許一次開多種訊息 | +| 發送時間窗 | waiting input | 不允許無時間窗發送 | +| 目標 env ref | waiting input | 只顯示 env ref,不顯示 room value | +| mute / rollback plan | waiting input | 錯誤時可立即停止 | +| receipt readback owner | waiting input | 必須有人讀回驗證 | +| failure stop condition | waiting input | 任一失敗停止,不重試洗版 | + +Canary 發送批准包固定 6 個停止條件、5 步 mute / rollback plan、6 個 receipt readback check;`canary_send_execution_enabled`、`gateway_queue_write_enabled`、`bot_api_call_enabled`、`delivery_receipt_write_enabled`、`production_write_enabled`、`secret_read_enabled`、`paid_api_enabled` 全部仍為 `false`。 + +## 7. 專業任務總覽 | 領域 | 任務數 | 代表任務 | 主責 | |---|---:|---|---| @@ -70,7 +87,7 @@ | AI Governance / Replay / Market | 4 | market watch、NemoTron replay、cost forecast、runbook/postmortem | OpenClaw / NemoTron / Hermes | | Telegram / Reports / Receipts | 3 | digest preview、report truth gate、post-action verifier | Telegram Ops / Hermes / OpenClaw | -## 7. 專業能力層級 +## 8. 專業能力層級 | 層級 | AI Agent 可自動做 | Gate | |---|---|---| @@ -79,7 +96,7 @@ | 高風險 | 只產批准包、rollback plan、failure-only digest 草案 | 統帥批准 | | Critical | production write、kubectl、ArgoCD sync、Telegram 實發、secret、restore、host write | 預設 blocked | -## 8. MCP / RAG +## 9. MCP / RAG 首批 MCP:Gitea、Browser、Observability、Telegram Gateway、Package Registry、Database Readonly、Backup Status、ArgoCD Readonly、HTTP Probe、Fixture Store。 @@ -87,7 +104,7 @@ 成長指標:KM entries、PlayBook updates、recommendations、replay score delta、blocked action prevented count、receipt missing count。 -## 9. 邊界 +## 10. 邊界 - 不直接發 Telegram。 - 不寫 Telegram Gateway queue。 @@ -96,9 +113,9 @@ - 不把工作視窗對話、未遮罩提示、私人推理或未遮罩 runtime payload 放進前端或 Telegram。 - 不做 production write、host write、kubectl、ArgoCD sync、restore、rollback、paid API、SDK install。 -## 10. 下一步 +## 11. 下一步 -1. P2-405C:產生 approved canary send approval packet,明確列出發送時間窗、單一訊息類型、目標 env ref、dedup、receipt、rollback / mute plan 與停止條件。 -2. P2-405D:canary 通過後才開日報 / 週報 / 月報 digest delivery。 -3. P2-405E:Action-required digest 只對 failure / high-risk / approval-required 事件開啟。 -4. P2-405F:把 receipt readback 與 report status board 串起來,但仍需 canary gate 後才能寫正式 receipt。 +1. P2-405D:統帥明確批准 canary 發送時間窗、單一訊息類型、目標 env ref、receipt readback owner 與停止條件後,才進入受控 canary delivery gate。 +2. P2-405E:canary 通過後才開日報 / 週報 / 月報 digest delivery。 +3. P2-405F:Action-required digest 只對 failure / high-risk / approval-required 事件開啟。 +4. P2-405G:把 receipt readback 與 report status board 串起來,但仍需 canary gate 後才能寫正式 receipt。 diff --git a/docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json b/docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json new file mode 100644 index 00000000..63b902f1 --- /dev/null +++ b/docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json @@ -0,0 +1,1486 @@ +{ + "schema_version": "ai_agent_professional_task_expansion_v1", + "generated_at": "2026-06-16T10:15:00+08:00", + "program_status": { + "current_priority": "P2", + "current_task_id": "P2-405C", + "next_task_id": "P2-405D", + "overall_completion_percent": 92, + "read_only_mode": true, + "runtime_authority": "professional_task_expansion_and_telegram_bridge_read_only_no_send", + "status_note": "P2-405C 已把 approved canary send approval packet 固定成只讀審核封包;目前只能顯示候選訊息類型、時間窗欄位、mute / rollback plan、receipt readback plan 與停止條件,尚未取得統帥批准,不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 production receipt、不讀 secret。" + }, + "source_refs": [ + "docs/ai/AI_AGENT_12_AGENT_WAR_ROOM_2026-06-14.md", + "docs/ai/AI_AGENT_PROACTIVE_OPERATIONS_2026-06-11.md", + "docs/ai/AI_AGENT_INTERACTION_LEARNING_PROOF_2026-06-11.md", + "docs/ai/AI_AGENT_TELEGRAM_ACTION_REQUIRED_DIGEST_POLICY_2026-06-11.md", + "docs/ai/AI_AGENT_DEPLOYMENT_LAYOUT_2026-06-11.md", + "docs/security/MONITORING-OWNER-RESPONSE-ACCEPTANCE.md", + "apps/api/src/services/telegram_gateway.py", + ".gitea/workflows/cd.yaml", + ".gitea/workflows/code-review.yaml" + ], + "telegram_runtime_bridge": { + "canonical_room": "AwoooI SRE 戰情室", + "canonical_room_env": "SRE_GROUP_CHAT_ID", + "gateway_required": true, + "gateway_owner": "telegram_ops_liaison", + "arbiter": "openclaw", + "receipt_owner": "hermes", + "replay_owner": "nemotron", + "no_send_preview_ready": true, + "queue_preview_readback_ready": true, + "approved_canary_required": true, + "direct_bot_api_allowed": false, + "bot_api_call_enabled": false, + "gateway_queue_write_enabled": false, + "telegram_send_enabled": false, + "delivery_receipt_write_enabled": false, + "stages": [ + { + "stage_id": "tg_bridge_01_no_send_preview", + "title": "Telegram no-send preview", + "status": "ready_for_owner_review", + "allowed_output": "脫敏訊息預覽、dedup key、目標群組 metadata、風險層級、需審核選項", + "live_send_enabled": false, + "exit_condition": "OpenClaw + Security + QA 確認不含 secret、raw payload、工作視窗內容與誤導性執行按鈕。" + }, + { + "stage_id": "tg_bridge_02_queue_preview_readback", + "title": "Gateway queue preview readback", + "status": "ready_for_owner_review", + "allowed_output": "queue envelope hash、message type、receipt expectation、rate-limit / dedup plan", + "live_send_enabled": false, + "exit_condition": "Hermes 讀回 preview hash,QA 確認不會寫入 production queue。" + }, + { + "stage_id": "tg_bridge_03_approved_canary", + "title": "Approved canary delivery", + "status": "blocked_until_explicit_approval", + "allowed_output": "單一 approved canary 訊息與 receipt 驗證", + "live_send_enabled": false, + "exit_condition": "統帥明確批准 canary、指定時間窗與 rollback / mute plan。" + }, + { + "stage_id": "tg_bridge_04_daily_weekly_monthly_digest", + "title": "日報 / 週報 / 月報 digest delivery", + "status": "blocked_until_canary_receipt", + "allowed_output": "Agent 工作量、完成度、阻擋項、圖表摘要與 low-noise digest", + "live_send_enabled": false, + "exit_condition": "canary receipt 正常、dedup 有效、成功訊息壓制策略通過。" + }, + { + "stage_id": "tg_bridge_05_action_required_digest", + "title": "Action-required / high-risk approval digest", + "status": "blocked_until_dual_gate", + "allowed_output": "高風險審核卡、owner response 缺口、failure-only escalation", + "live_send_enabled": false, + "exit_condition": "OpenClaw 仲裁、Security gate、QA verifier 與 Telegram receipt 全通過。" + } + ], + "message_types": [ + { + "message_type": "daily_agent_workload_digest", + "cadence": "daily", + "risk_tier": "low", + "owner_agent": "hermes", + "send_policy": "send_after_canary_and_dedup_gate" + }, + { + "message_type": "weekly_governance_summary", + "cadence": "weekly", + "risk_tier": "medium", + "owner_agent": "hermes", + "send_policy": "send_after_canary_and_truth_gate" + }, + { + "message_type": "monthly_growth_report", + "cadence": "monthly", + "risk_tier": "medium", + "owner_agent": "hermes", + "send_policy": "send_after_owner_review" + }, + { + "message_type": "high_risk_approval_card", + "cadence": "event", + "risk_tier": "high", + "owner_agent": "openclaw", + "send_policy": "approval_required_before_send" + }, + { + "message_type": "failure_only_escalation", + "cadence": "event", + "risk_tier": "critical", + "owner_agent": "sre_sentinel", + "send_policy": "failure_only_after_route_lock" + }, + { + "message_type": "report_receipt_gap_alert", + "cadence": "event", + "risk_tier": "medium", + "owner_agent": "telegram_ops_liaison", + "send_policy": "no_send_preview_until_receipt_contract" + } + ], + "no_send_message_previews": [ + { + "preview_id": "p2_405b_preview_daily_agent_workload_digest_v1", + "message_type": "daily_agent_workload_digest", + "title": "AI Agent 日報 no-send 預覽", + "target_room_alias": "awoooi_sre_war_room_env_ref", + "target_room_env": "SRE_GROUP_CHAT_ID", + "owner_agent": "hermes", + "risk_tier": "low", + "status": "preview_ready_no_send", + "dedup_key": "awoooi:agent-report:daily:{yyyy-mm-dd}:v1", + "receipt_expectation_id": "p2_405b_receipt_daily_agent_workload_digest_v1", + "approval_required_before_send": false, + "canary_required_before_live": true, + "send_enabled": false, + "gateway_queue_write_enabled": false, + "bot_api_call_enabled": false, + "delivery_receipt_write_enabled": false, + "sanitized_body_lines": [ + "AWOOOI AI Agent 日報", + "今日完成度、工作量、阻擋項與低風險自動處理摘要。", + "所有成功煙霧訊號只彙整,不逐筆洗版。", + "live / send / write 計數維持 0,等待 canary gate。" + ], + "redaction_checks": [ + "不含機密明文", + "不含未遮罩工作上下文", + "不含未遮罩 runtime payload", + "不含可執行修復指令", + "不含誤導性成功宣告" + ] + }, + { + "preview_id": "p2_405b_preview_weekly_governance_summary_v1", + "message_type": "weekly_governance_summary", + "title": "AI Agent 週報 no-send 預覽", + "target_room_alias": "awoooi_sre_war_room_env_ref", + "target_room_env": "SRE_GROUP_CHAT_ID", + "owner_agent": "hermes", + "risk_tier": "medium", + "status": "preview_ready_no_send", + "dedup_key": "awoooi:agent-report:weekly:{iso-week}:v1", + "receipt_expectation_id": "p2_405b_receipt_weekly_governance_summary_v1", + "approval_required_before_send": false, + "canary_required_before_live": true, + "send_enabled": false, + "gateway_queue_write_enabled": false, + "bot_api_call_enabled": false, + "delivery_receipt_write_enabled": false, + "sanitized_body_lines": [ + "AWOOOI AI Agent 週報", + "本週專業任務、模型市場 watch、治理 gate 與未完成 owner response 摘要。", + "中風險項目只列 proposal / dry-run,不列正式執行結果。", + "任何需要批准的項目改送 action-required digest 草案。" + ], + "redaction_checks": [ + "不含機密明文", + "不含未遮罩工作上下文", + "不含未遮罩 runtime payload", + "不含可執行修復指令", + "不含誤導性成功宣告" + ] + }, + { + "preview_id": "p2_405b_preview_monthly_growth_report_v1", + "message_type": "monthly_growth_report", + "title": "AI Agent 月報 no-send 預覽", + "target_room_alias": "awoooi_sre_war_room_env_ref", + "target_room_env": "SRE_GROUP_CHAT_ID", + "owner_agent": "hermes", + "risk_tier": "medium", + "status": "preview_ready_no_send", + "dedup_key": "awoooi:agent-report:monthly:{yyyy-mm}:v1", + "receipt_expectation_id": "p2_405b_receipt_monthly_growth_report_v1", + "approval_required_before_send": true, + "canary_required_before_live": true, + "send_enabled": false, + "gateway_queue_write_enabled": false, + "bot_api_call_enabled": false, + "delivery_receipt_write_enabled": false, + "sanitized_body_lines": [ + "AWOOOI AI Agent 月報", + "智慧成長指標、PlayBook 更新、replay 分數變化與 blocked action 防護數。", + "成本、容量、版本更新與外部 Agent 市場候選以審核建議呈現。", + "月報首次實發前需要 owner review 與 canary receipt。" + ], + "redaction_checks": [ + "不含機密明文", + "不含未遮罩工作上下文", + "不含未遮罩 runtime payload", + "不含可執行修復指令", + "不含誤導性成功宣告" + ] + }, + { + "preview_id": "p2_405b_preview_high_risk_approval_card_v1", + "message_type": "high_risk_approval_card", + "title": "高風險審核卡 no-send 預覽", + "target_room_alias": "awoooi_sre_war_room_env_ref", + "target_room_env": "SRE_GROUP_CHAT_ID", + "owner_agent": "openclaw", + "risk_tier": "high", + "status": "preview_ready_no_send", + "dedup_key": "awoooi:agent-approval:{risk}:{work-item-id}:v1", + "receipt_expectation_id": "p2_405b_receipt_high_risk_approval_card_v1", + "approval_required_before_send": true, + "canary_required_before_live": true, + "send_enabled": false, + "gateway_queue_write_enabled": false, + "bot_api_call_enabled": false, + "delivery_receipt_write_enabled": false, + "sanitized_body_lines": [ + "AWOOOI 高風險 AI Agent 審核卡", + "列出候選動作、風險、rollback plan、verifier plan 與 owner 缺口。", + "審核卡不等於 runtime authorization,按鈕與指令預設不顯示。", + "OpenClaw 仲裁、Security gate 與 QA verifier 必須全部通過。" + ], + "redaction_checks": [ + "不含機密明文", + "不含未遮罩工作上下文", + "不含未遮罩 runtime payload", + "不含可執行修復指令", + "不含誤導性成功宣告" + ] + }, + { + "preview_id": "p2_405b_preview_failure_only_escalation_v1", + "message_type": "failure_only_escalation", + "title": "Failure-only 升級 no-send 預覽", + "target_room_alias": "awoooi_sre_war_room_env_ref", + "target_room_env": "SRE_GROUP_CHAT_ID", + "owner_agent": "sre_sentinel", + "risk_tier": "critical", + "status": "preview_ready_no_send", + "dedup_key": "awoooi:agent-failure:{alertname}:{target}:{window}:v1", + "receipt_expectation_id": "p2_405b_receipt_failure_only_escalation_v1", + "approval_required_before_send": true, + "canary_required_before_live": true, + "send_enabled": false, + "gateway_queue_write_enabled": false, + "bot_api_call_enabled": false, + "delivery_receipt_write_enabled": false, + "sanitized_body_lines": [ + "AWOOOI failure-only 升級通知", + "只在失敗、阻擋或高風險審核缺口時產生,不發成功噪音。", + "包含 blocker summary、下一步、owner 欄位與 verifier plan。", + "任何修復執行仍需獨立批准與 post-action verifier。" + ], + "redaction_checks": [ + "不含機密明文", + "不含未遮罩工作上下文", + "不含未遮罩 runtime payload", + "不含可執行修復指令", + "不含誤導性成功宣告" + ] + }, + { + "preview_id": "p2_405b_preview_report_receipt_gap_alert_v1", + "message_type": "report_receipt_gap_alert", + "title": "報表回執缺口 no-send 預覽", + "target_room_alias": "awoooi_sre_war_room_env_ref", + "target_room_env": "SRE_GROUP_CHAT_ID", + "owner_agent": "telegram_ops_liaison", + "risk_tier": "medium", + "status": "preview_ready_no_send", + "dedup_key": "awoooi:agent-receipt-gap:{message-type}:{window}:v1", + "receipt_expectation_id": "p2_405b_receipt_report_receipt_gap_alert_v1", + "approval_required_before_send": true, + "canary_required_before_live": true, + "send_enabled": false, + "gateway_queue_write_enabled": false, + "bot_api_call_enabled": false, + "delivery_receipt_write_enabled": false, + "sanitized_body_lines": [ + "AWOOOI 報表回執缺口提示", + "用來指出 preview hash、dedup key、canary receipt 或 readback evidence 不完整。", + "此提示本身仍是 no-send preview,不寫 delivery receipt。", + "修復方向只產生 owner review 項目,不自動改 Gateway。" + ], + "redaction_checks": [ + "不含機密明文", + "不含未遮罩工作上下文", + "不含未遮罩 runtime payload", + "不含可執行修復指令", + "不含誤導性成功宣告" + ] + } + ], + "dedup_policy": { + "required": true, + "key_count": 6, + "collision_policy": "drop_duplicate_and_raise_preview_gap_without_send", + "preview_hash_algorithm": "sha256_preview_only", + "live_cache_write_enabled": false, + "keys": [ + { + "message_type": "daily_agent_workload_digest", + "key_template": "awoooi:agent-report:daily:{yyyy-mm-dd}:v1", + "owner_agent": "hermes", + "risk_tier": "low", + "window": "daily", + "live_cache_write_enabled": false + }, + { + "message_type": "weekly_governance_summary", + "key_template": "awoooi:agent-report:weekly:{iso-week}:v1", + "owner_agent": "hermes", + "risk_tier": "medium", + "window": "event_or_cadence_window", + "live_cache_write_enabled": false + }, + { + "message_type": "monthly_growth_report", + "key_template": "awoooi:agent-report:monthly:{yyyy-mm}:v1", + "owner_agent": "hermes", + "risk_tier": "medium", + "window": "event_or_cadence_window", + "live_cache_write_enabled": false + }, + { + "message_type": "high_risk_approval_card", + "key_template": "awoooi:agent-approval:{risk}:{work-item-id}:v1", + "owner_agent": "openclaw", + "risk_tier": "high", + "window": "event_or_cadence_window", + "live_cache_write_enabled": false + }, + { + "message_type": "failure_only_escalation", + "key_template": "awoooi:agent-failure:{alertname}:{target}:{window}:v1", + "owner_agent": "sre_sentinel", + "risk_tier": "critical", + "window": "event_or_cadence_window", + "live_cache_write_enabled": false + }, + { + "message_type": "report_receipt_gap_alert", + "key_template": "awoooi:agent-receipt-gap:{message-type}:{window}:v1", + "owner_agent": "telegram_ops_liaison", + "risk_tier": "medium", + "window": "event_or_cadence_window", + "live_cache_write_enabled": false + } + ] + }, + "queue_preview_readback": { + "enabled": true, + "preview_only": true, + "write_enabled": false, + "readback_enabled": true, + "envelope_fields": [ + "message_type", + "dedup_key", + "sanitized_preview_hash", + "target_room_env_ref", + "risk_tier", + "approval_gate" + ], + "readback_checks": [ + "preview hash 必須與治理頁顯示一致", + "dedup key 必須唯一", + "target room 只能顯示 env ref", + "所有 send / queue / bot flags 必須為 false" + ] + }, + "receipt_expectations": [ + { + "receipt_id": "p2_405b_receipt_daily_agent_workload_digest_v1", + "message_type": "daily_agent_workload_digest", + "preview_id": "p2_405b_preview_daily_agent_workload_digest_v1", + "expected_signal": "preview_hash_and_dedup_key_match_after_approved_canary", + "required_evidence_refs": [ + "sanitized_preview_hash", + "dedup_key", + "target_room_env_ref", + "canary_window_ref", + "gateway_preview_readback_ref" + ], + "receipt_write_enabled": false, + "production_receipt_readback_enabled": false, + "missing_receipt_policy": "create_report_receipt_gap_alert_preview_only" + }, + { + "receipt_id": "p2_405b_receipt_weekly_governance_summary_v1", + "message_type": "weekly_governance_summary", + "preview_id": "p2_405b_preview_weekly_governance_summary_v1", + "expected_signal": "preview_hash_and_dedup_key_match_after_approved_canary", + "required_evidence_refs": [ + "sanitized_preview_hash", + "dedup_key", + "target_room_env_ref", + "canary_window_ref", + "gateway_preview_readback_ref" + ], + "receipt_write_enabled": false, + "production_receipt_readback_enabled": false, + "missing_receipt_policy": "create_report_receipt_gap_alert_preview_only" + }, + { + "receipt_id": "p2_405b_receipt_monthly_growth_report_v1", + "message_type": "monthly_growth_report", + "preview_id": "p2_405b_preview_monthly_growth_report_v1", + "expected_signal": "preview_hash_and_dedup_key_match_after_approved_canary", + "required_evidence_refs": [ + "sanitized_preview_hash", + "dedup_key", + "target_room_env_ref", + "canary_window_ref", + "gateway_preview_readback_ref" + ], + "receipt_write_enabled": false, + "production_receipt_readback_enabled": false, + "missing_receipt_policy": "create_report_receipt_gap_alert_preview_only" + }, + { + "receipt_id": "p2_405b_receipt_high_risk_approval_card_v1", + "message_type": "high_risk_approval_card", + "preview_id": "p2_405b_preview_high_risk_approval_card_v1", + "expected_signal": "preview_hash_and_dedup_key_match_after_approved_canary", + "required_evidence_refs": [ + "sanitized_preview_hash", + "dedup_key", + "target_room_env_ref", + "canary_window_ref", + "gateway_preview_readback_ref" + ], + "receipt_write_enabled": false, + "production_receipt_readback_enabled": false, + "missing_receipt_policy": "create_report_receipt_gap_alert_preview_only" + }, + { + "receipt_id": "p2_405b_receipt_failure_only_escalation_v1", + "message_type": "failure_only_escalation", + "preview_id": "p2_405b_preview_failure_only_escalation_v1", + "expected_signal": "preview_hash_and_dedup_key_match_after_approved_canary", + "required_evidence_refs": [ + "sanitized_preview_hash", + "dedup_key", + "target_room_env_ref", + "canary_window_ref", + "gateway_preview_readback_ref" + ], + "receipt_write_enabled": false, + "production_receipt_readback_enabled": false, + "missing_receipt_policy": "create_report_receipt_gap_alert_preview_only" + }, + { + "receipt_id": "p2_405b_receipt_report_receipt_gap_alert_v1", + "message_type": "report_receipt_gap_alert", + "preview_id": "p2_405b_preview_report_receipt_gap_alert_v1", + "expected_signal": "preview_hash_and_dedup_key_match_after_approved_canary", + "required_evidence_refs": [ + "sanitized_preview_hash", + "dedup_key", + "target_room_env_ref", + "canary_window_ref", + "gateway_preview_readback_ref" + ], + "receipt_write_enabled": false, + "production_receipt_readback_enabled": false, + "missing_receipt_policy": "create_report_receipt_gap_alert_preview_only" + } + ], + "canary_approval_package": { + "package_id": "p2_405b_telegram_canary_approval_package_v1", + "status": "blocked_until_explicit_approval", + "package_ready": true, + "approval_required": true, + "target_room_alias": "awoooi_sre_war_room_env_ref", + "target_room_env": "SRE_GROUP_CHAT_ID", + "arbiter": "openclaw", + "owner_agent": "telegram_ops_liaison", + "reviewers": [ + "security_sentinel", + "qa_verifier", + "hermes" + ], + "message_type_scope": [ + "daily_agent_workload_digest", + "weekly_governance_summary", + "monthly_growth_report", + "high_risk_approval_card", + "failure_only_escalation", + "report_receipt_gap_alert" + ], + "required_approval_inputs": [ + "統帥批准 canary 時間窗", + "可接受的單一訊息類型", + "mute / rollback plan", + "receipt readback owner", + "失敗時停止條件" + ], + "approval_checklist": [ + "OpenClaw 仲裁通過", + "Security redaction gate 通過", + "QA verifier 確認 no-send preview 與 receipt expectation", + "Hermes 確認報告真實性 gate", + "Telegram Ops 確認 dedup 與 rate-limit plan" + ], + "live_send_enabled": false, + "gateway_queue_write_enabled": false, + "bot_api_call_enabled": false, + "delivery_receipt_write_enabled": false, + "production_write_enabled": false + }, + "no_send_preview_completion_percent": 100, + "canary_approval_package_completion_percent": 100, + "canary_send_approval_packet": { + "packet_id": "p2_405c_approved_canary_send_approval_packet_v1", + "status": "waiting_explicit_commander_approval", + "packet_ready": true, + "approval_required": true, + "approval_granted": false, + "recommended_first_message_type": "daily_agent_workload_digest", + "selected_message_type": "not_selected", + "eligible_message_types": [ + "daily_agent_workload_digest", + "weekly_governance_summary", + "monthly_growth_report", + "high_risk_approval_card", + "failure_only_escalation", + "report_receipt_gap_alert" + ], + "target_room_alias": "awoooi_sre_war_room_env_ref", + "target_room_env": "SRE_GROUP_CHAT_ID", + "target_room_value_visible": false, + "proposed_time_window": "waiting_commander_input", + "owner_agent": "telegram_ops_liaison", + "arbiter": "openclaw", + "reviewers": [ + "security_sentinel", + "qa_verifier", + "hermes" + ], + "operator_approval_fields": [ + { + "field_id": "commander_approval", + "label": "統帥批准 canary 實發", + "required": true, + "current_value_status": "waiting_input", + "value_display_allowed": false + }, + { + "field_id": "selected_message_type", + "label": "單一訊息類型", + "required": true, + "current_value_status": "waiting_input", + "value_display_allowed": false + }, + { + "field_id": "scheduled_window", + "label": "發送時間窗", + "required": true, + "current_value_status": "waiting_input", + "value_display_allowed": false + }, + { + "field_id": "target_room_env_ref", + "label": "目標群組 env ref", + "required": true, + "current_value_status": "waiting_input", + "value_display_allowed": false + }, + { + "field_id": "mute_rollback_plan", + "label": "mute / rollback plan", + "required": true, + "current_value_status": "waiting_input", + "value_display_allowed": false + }, + { + "field_id": "receipt_readback_owner", + "label": "receipt readback owner", + "required": true, + "current_value_status": "waiting_input", + "value_display_allowed": false + }, + { + "field_id": "failure_stop_condition", + "label": "失敗停止條件", + "required": true, + "current_value_status": "waiting_input", + "value_display_allowed": false + } + ], + "rate_limit_plan": { + "max_messages": 1, + "window": "single_canary_only", + "cooldown_after_attempt_minutes": 60, + "duplicate_policy": "dedup_key_must_drop_duplicate_before_send", + "live_rate_limit_write_enabled": false + }, + "mute_rollback_plan": [ + "若 preview hash 與 approval packet 不一致,停止 canary。", + "若 dedup key collision 或 receipt expectation 缺欄位,停止 canary。", + "若 Telegram Gateway 回報未知錯誤,停止後只產 report_receipt_gap_alert preview。", + "若訊息內容被 Security / QA 判定含敏感或誤導語意,停止 canary。", + "若超過指定時間窗未發送,批准自動過期。" + ], + "receipt_readback_plan": { + "owner_agent": "hermes", + "required_checks": [ + "preview_id 對應已批准 message_type", + "dedup_key 對應 approved packet", + "target_room 只以 env ref 比對", + "gateway envelope hash 對應 no-send preview hash", + "delivery receipt 不含 token 或 chat id value", + "failure path 只產 no-send receipt gap preview" + ], + "production_receipt_write_enabled": false, + "receipt_readback_enabled_before_send": false + }, + "stop_conditions": [ + "未取得統帥明確批准", + "未選定單一訊息類型", + "未指定時間窗", + "redaction / QA / OpenClaw 任一 gate 失敗", + "dedup key 不唯一或 preview hash 不一致", + "Gateway、Bot API 或 receipt write 任一 flag 不是 false" + ], + "execution_flags": { + "canary_send_execution_enabled": false, + "gateway_queue_write_enabled": false, + "bot_api_call_enabled": false, + "delivery_receipt_write_enabled": false, + "production_write_enabled": false, + "secret_read_enabled": false, + "paid_api_enabled": false + }, + "approval_decision_log": [] + }, + "canary_send_approval_packet_ready": true, + "canary_send_approval_granted": false, + "canary_send_execution_enabled": false, + "canary_send_approval_packet_completion_percent": 100 + }, + "professional_task_domains": [ + { + "domain_id": "sre_observability", + "label": "SRE / Observability", + "owner_agent": "sre_sentinel" + }, + { + "domain_id": "security_iwooos", + "label": "Security / IwoooS", + "owner_agent": "security_sentinel" + }, + { + "domain_id": "devops_release", + "label": "DevOps / Release", + "owner_agent": "devops_commander" + }, + { + "domain_id": "data_dr", + "label": "Data / Backup / DR", + "owner_agent": "data_dr_guardian" + }, + { + "domain_id": "supply_chain", + "label": "Supply Chain / Versions", + "owner_agent": "supply_chain_scout" + }, + { + "domain_id": "product_quality", + "label": "Product / UI / QA", + "owner_agent": "product_ui_curator" + }, + { + "domain_id": "ai_governance", + "label": "AI Governance / Replay / Market", + "owner_agent": "openclaw" + }, + { + "domain_id": "telegram_reporting", + "label": "Telegram / Reports / Receipts", + "owner_agent": "telegram_ops_liaison" + } + ], + "professional_tasks": [ + { + "task_id": "pro_task_001_incident_correlation", + "title": "跨來源 incident correlation 與根因候選排序", + "domain_id": "sre_observability", + "owner_agent": "sre_sentinel", + "supporting_agents": [ + "openclaw", + "hermes" + ], + "risk_tier": "medium", + "automation_mode": "no_write_dry_run", + "telegram_policy": "action_required_preview", + "required_mcp": [ + "observability", + "gitea", + "browser" + ], + "required_rag": [ + "incident_traces", + "runbooks" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "alert_rule_change", + "silence_change", + "restart_service" + ] + }, + { + "task_id": "pro_task_002_alert_noise_budget", + "title": "告警噪音預算與降噪提案", + "domain_id": "sre_observability", + "owner_agent": "sre_sentinel", + "supporting_agents": [ + "hermes", + "openclaw" + ], + "risk_tier": "medium", + "automation_mode": "proposal_only", + "telegram_policy": "weekly_digest", + "required_mcp": [ + "prometheus", + "alertmanager" + ], + "required_rag": [ + "alert_traces", + "runbooks" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "receiver_route_change", + "silence_policy_change", + "prometheus_reload" + ] + }, + { + "task_id": "pro_task_003_synthetic_check_plan", + "title": "公開路由 synthetic check 與失敗分類計畫", + "domain_id": "sre_observability", + "owner_agent": "qa_verifier", + "supporting_agents": [ + "product_ui_curator", + "sre_sentinel" + ], + "risk_tier": "low", + "automation_mode": "auto_summary_after_guard", + "telegram_policy": "daily_digest", + "required_mcp": [ + "browser", + "http_probe" + ], + "required_rag": [ + "route_runbooks" + ], + "approval_required": false, + "current_live_count_24h": 0, + "blocked_actions": [ + "active_scan", + "production_write" + ] + }, + { + "task_id": "pro_task_004_backup_restore_readiness", + "title": "備份 freshness、restore drill 與 DR readiness 報告", + "domain_id": "data_dr", + "owner_agent": "data_dr_guardian", + "supporting_agents": [ + "hermes", + "openclaw" + ], + "risk_tier": "high", + "automation_mode": "approval_required_before_execution", + "telegram_policy": "action_required_preview", + "required_mcp": [ + "backup_status", + "gitea" + ], + "required_rag": [ + "dr_runbooks" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "restore_run", + "offsite_sync", + "credential_escrow_marker_write" + ] + }, + { + "task_id": "pro_task_005_non_secret_escrow_evidence", + "title": "credential escrow 非敏感證據補件路由", + "domain_id": "data_dr", + "owner_agent": "data_dr_guardian", + "supporting_agents": [ + "security_sentinel", + "hermes" + ], + "risk_tier": "critical", + "automation_mode": "blocked_until_owner_response", + "telegram_policy": "action_required_preview", + "required_mcp": [ + "gitea" + ], + "required_rag": [ + "dr_runbooks", + "hard_rules" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "secret_value_collection", + "credential_read", + "marker_write_without_owner" + ] + }, + { + "task_id": "pro_task_006_dependency_cve_triage", + "title": "依賴 CVE / EOL / license 風險分流", + "domain_id": "supply_chain", + "owner_agent": "supply_chain_scout", + "supporting_agents": [ + "openclaw", + "security_sentinel" + ], + "risk_tier": "medium", + "automation_mode": "proposal_only", + "telegram_policy": "weekly_digest", + "required_mcp": [ + "package_registry", + "osv" + ], + "required_rag": [ + "dependency_policy" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "package_upgrade", + "lockfile_write", + "external_scan_without_approval" + ] + }, + { + "task_id": "pro_task_007_sbom_license_drift", + "title": "SBOM / license / Docker surface drift 批准包", + "domain_id": "supply_chain", + "owner_agent": "supply_chain_scout", + "supporting_agents": [ + "hermes", + "security_sentinel" + ], + "risk_tier": "medium", + "automation_mode": "proposal_only", + "telegram_policy": "weekly_digest", + "required_mcp": [ + "syft", + "trivy" + ], + "required_rag": [ + "supply_chain_runbooks" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "tool_install", + "image_pull", + "sbom_upload" + ] + }, + { + "task_id": "pro_task_008_image_digest_pin_plan", + "title": "Docker image digest pinning 與 rollback 計畫", + "domain_id": "supply_chain", + "owner_agent": "devops_commander", + "supporting_agents": [ + "supply_chain_scout", + "qa_verifier" + ], + "risk_tier": "high", + "automation_mode": "approval_required_before_execution", + "telegram_policy": "action_required_preview", + "required_mcp": [ + "registry", + "gitea" + ], + "required_rag": [ + "release_runbooks" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "image_pull", + "image_push", + "kustomization_write_without_review" + ] + }, + { + "task_id": "pro_task_009_gitops_diff_review", + "title": "K8s / ArgoCD manifest diff 與 blast-radius review", + "domain_id": "devops_release", + "owner_agent": "devops_commander", + "supporting_agents": [ + "openclaw", + "qa_verifier" + ], + "risk_tier": "critical", + "automation_mode": "approval_required_before_execution", + "telegram_policy": "action_required_preview", + "required_mcp": [ + "gitea", + "argocd" + ], + "required_rag": [ + "gitops_runbooks" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "argocd_sync", + "kubectl_apply", + "helm_upgrade" + ] + }, + { + "task_id": "pro_task_010_gateway_route_impact", + "title": "Nginx / public gateway route impact analysis", + "domain_id": "devops_release", + "owner_agent": "devops_commander", + "supporting_agents": [ + "security_sentinel", + "qa_verifier" + ], + "risk_tier": "critical", + "automation_mode": "approval_required_before_execution", + "telegram_policy": "action_required_preview", + "required_mcp": [ + "gitea", + "browser" + ], + "required_rag": [ + "gateway_runbooks" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "nginx_reload", + "route_change", + "certbot_renew" + ] + }, + { + "task_id": "pro_task_011_public_bundle_redaction", + "title": "前台 bundle / DOM / i18n 敏感資訊防洩漏掃描", + "domain_id": "security_iwooos", + "owner_agent": "security_sentinel", + "supporting_agents": [ + "product_ui_curator", + "qa_verifier" + ], + "risk_tier": "medium", + "automation_mode": "no_write_dry_run", + "telegram_policy": "daily_digest", + "required_mcp": [ + "browser", + "gitea" + ], + "required_rag": [ + "hard_rules" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "frontend_deploy_without_smoke", + "secret_storage" + ] + }, + { + "task_id": "pro_task_012_secret_metadata_parity", + "title": "Secret name parity、injection route 與 redaction gate", + "domain_id": "security_iwooos", + "owner_agent": "security_sentinel", + "supporting_agents": [ + "devops_commander", + "openclaw" + ], + "risk_tier": "critical", + "automation_mode": "blocked_until_owner_response", + "telegram_policy": "action_required_preview", + "required_mcp": [ + "gitea" + ], + "required_rag": [ + "secret_runbooks" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "secret_value_read", + "secret_rotation", + "workflow_modification" + ] + }, + { + "task_id": "pro_task_013_telegram_digest_preview", + "title": "AI Agent 日週月報 Telegram no-send preview", + "domain_id": "telegram_reporting", + "owner_agent": "telegram_ops_liaison", + "supporting_agents": [ + "hermes", + "qa_verifier" + ], + "risk_tier": "medium", + "automation_mode": "no_write_dry_run", + "telegram_policy": "no_direct_telegram", + "required_mcp": [ + "telegram_gateway" + ], + "required_rag": [ + "logbook_chunks" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "telegram_send", + "bot_api_call", + "gateway_queue_write" + ] + }, + { + "task_id": "pro_task_014_report_truth_gate", + "title": "日報 / 週報 / 月報 truth gate 與可處置性審查", + "domain_id": "telegram_reporting", + "owner_agent": "hermes", + "supporting_agents": [ + "openclaw", + "sre_sentinel" + ], + "risk_tier": "medium", + "automation_mode": "auto_summary_after_guard", + "telegram_policy": "weekly_digest", + "required_mcp": [ + "gitea", + "observability" + ], + "required_rag": [ + "logbook_chunks", + "incident_traces" + ], + "approval_required": false, + "current_live_count_24h": 0, + "blocked_actions": [ + "false_green_report", + "report_send_without_truth_gate" + ] + }, + { + "task_id": "pro_task_015_agent_market_watch", + "title": "主流 AI Agent / SDK / 模型版本市場雷達", + "domain_id": "ai_governance", + "owner_agent": "market_scout", + "supporting_agents": [ + "openclaw", + "nemotron" + ], + "risk_tier": "medium", + "automation_mode": "proposal_only", + "telegram_policy": "weekly_digest", + "required_mcp": [ + "web_primary_sources", + "gitea" + ], + "required_rag": [ + "agent_market_evidence" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "sdk_install", + "paid_api_call", + "production_route_change" + ] + }, + { + "task_id": "pro_task_016_model_replay_scorecard", + "title": "NemoTron / 候選模型 replay scorecard 與 failure mode 分析", + "domain_id": "ai_governance", + "owner_agent": "nemotron", + "supporting_agents": [ + "openclaw", + "qa_verifier" + ], + "risk_tier": "high", + "automation_mode": "no_write_dry_run", + "telegram_policy": "action_required_preview", + "required_mcp": [ + "fixture_store", + "gitea" + ], + "required_rag": [ + "replay_fixtures" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "shadow_route", + "canary_route", + "full_replay_without_approval" + ] + }, + { + "task_id": "pro_task_017_cost_capacity_forecast", + "title": "AI provider、主機、K3s 與外部服務成本 / 容量預測", + "domain_id": "ai_governance", + "owner_agent": "openclaw", + "supporting_agents": [ + "supply_chain_scout", + "sre_sentinel" + ], + "risk_tier": "high", + "automation_mode": "proposal_only", + "telegram_policy": "monthly_digest", + "required_mcp": [ + "observability", + "billing_metadata" + ], + "required_rag": [ + "cost_policy" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "paid_provider_switch", + "limit_increase", + "paid_api_call" + ] + }, + { + "task_id": "pro_task_018_db_query_triage", + "title": "PostgreSQL 慢查詢、索引與資料新鮮度異常 triage", + "domain_id": "sre_observability", + "owner_agent": "sre_sentinel", + "supporting_agents": [ + "data_dr_guardian", + "openclaw" + ], + "risk_tier": "high", + "automation_mode": "proposal_only", + "telegram_policy": "action_required_preview", + "required_mcp": [ + "database_readonly", + "observability" + ], + "required_rag": [ + "db_runbooks" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "migration", + "reindex", + "write_query" + ] + }, + { + "task_id": "pro_task_019_data_freshness_source_reliability", + "title": "資料來源新鮮度、fallback 與來源可信度監控", + "domain_id": "data_dr", + "owner_agent": "hermes", + "supporting_agents": [ + "sre_sentinel", + "qa_verifier" + ], + "risk_tier": "medium", + "automation_mode": "auto_summary_after_guard", + "telegram_policy": "daily_digest", + "required_mcp": [ + "http_probe", + "database_readonly" + ], + "required_rag": [ + "data_quality_runbooks" + ], + "approval_required": false, + "current_live_count_24h": 0, + "blocked_actions": [ + "source_switch_without_owner", + "data_write" + ] + }, + { + "task_id": "pro_task_020_ui_accessibility_regression", + "title": "前後台 mobile overflow、console error、可讀性與 a11y regression", + "domain_id": "product_quality", + "owner_agent": "product_ui_curator", + "supporting_agents": [ + "qa_verifier", + "security_sentinel" + ], + "risk_tier": "low", + "automation_mode": "auto_summary_after_guard", + "telegram_policy": "daily_digest", + "required_mcp": [ + "browser" + ], + "required_rag": [ + "frontend_guidelines" + ], + "approval_required": false, + "current_live_count_24h": 0, + "blocked_actions": [ + "unrelated_redesign", + "public_secret_display" + ] + }, + { + "task_id": "pro_task_021_runbook_postmortem_draft", + "title": "Runbook、postmortem 與 owner handoff 草稿", + "domain_id": "ai_governance", + "owner_agent": "hermes", + "supporting_agents": [ + "openclaw", + "sre_sentinel" + ], + "risk_tier": "low", + "automation_mode": "auto_summary_after_guard", + "telegram_policy": "weekly_digest", + "required_mcp": [ + "gitea" + ], + "required_rag": [ + "logbook_chunks", + "runbooks" + ], + "approval_required": false, + "current_live_count_24h": 0, + "blocked_actions": [ + "canonical_km_write_without_review", + "secret_in_doc" + ] + }, + { + "task_id": "pro_task_022_owner_response_completeness", + "title": "Owner response 欄位完整性、補件與拒收分流", + "domain_id": "security_iwooos", + "owner_agent": "security_sentinel", + "supporting_agents": [ + "hermes", + "openclaw" + ], + "risk_tier": "high", + "automation_mode": "proposal_only", + "telegram_policy": "action_required_preview", + "required_mcp": [ + "gitea" + ], + "required_rag": [ + "owner_response_templates" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "mark_accepted_without_reviewer", + "runtime_gate_open" + ] + }, + { + "task_id": "pro_task_023_candidate_pr_draft_packaging", + "title": "低 / 中風險候選 PR 草案、測試與 rollback 封包", + "domain_id": "devops_release", + "owner_agent": "devops_commander", + "supporting_agents": [ + "qa_verifier", + "openclaw" + ], + "risk_tier": "medium", + "automation_mode": "proposal_only", + "telegram_policy": "action_required_preview", + "required_mcp": [ + "gitea" + ], + "required_rag": [ + "release_runbooks" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "branch_push_without_approval", + "auto_merge", + "workflow_trigger" + ] + }, + { + "task_id": "pro_task_024_post_action_verifier", + "title": "Post-action verifier、rollback trigger 與 receipt reconciliation", + "domain_id": "telegram_reporting", + "owner_agent": "openclaw", + "supporting_agents": [ + "telegram_ops_liaison", + "qa_verifier" + ], + "risk_tier": "critical", + "automation_mode": "approval_required_before_execution", + "telegram_policy": "failure_only_preview", + "required_mcp": [ + "telegram_gateway", + "observability", + "gitea" + ], + "required_rag": [ + "verification_runbooks" + ], + "approval_required": true, + "current_live_count_24h": 0, + "blocked_actions": [ + "verifier_live_readback_without_gate", + "rollback_without_owner", + "telegram_send_without_receipt" + ] + } + ], + "mcp_rag_stack": { + "mcp_connectors": [ + "gitea", + "browser", + "observability", + "telegram_gateway", + "package_registry", + "database_readonly", + "backup_status", + "argocd_readonly", + "http_probe", + "fixture_store" + ], + "rag_sources": [ + "LOGBOOK chunks", + "HARD_RULES / ADR chunks", + "runbook chunks", + "incident / alert traces", + "agent market evidence", + "owner response templates" + ], + "growth_metrics": [ + "km_entries_created", + "playbook_updates", + "recommendations_created", + "replay_score_delta", + "blocked_action_prevented_count", + "receipt_missing_count" + ] + }, + "risk_policy": { + "low": "文件、報表、UI smoke 與只讀摘要可在 guard 後自動處理並進每日 digest。", + "medium": "中風險只能先產 proposal、no-write dry-run 或 PR 草案;涉及設定、外部服務、成本、路由或未知狀態時升級審核。", + "high": "高風險必須 OpenClaw 仲裁、QA / Security gate 與統帥批准;不得自動執行。", + "critical": "production write、kubectl、ArgoCD sync、Telegram 實發、secret、付費 API、restore、rollback、host write 均維持 blocked until explicit approval。" + }, + "reporting_contract": { + "daily": { + "required": true, + "owner_agent": "hermes", + "telegram_stage": "tg_bridge_04_daily_weekly_monthly_digest" + }, + "weekly": { + "required": true, + "owner_agent": "hermes", + "telegram_stage": "tg_bridge_04_daily_weekly_monthly_digest" + }, + "monthly": { + "required": true, + "owner_agent": "hermes", + "telegram_stage": "tg_bridge_04_daily_weekly_monthly_digest" + }, + "action_required": { + "required": true, + "owner_agent": "openclaw", + "telegram_stage": "tg_bridge_05_action_required_digest" + } + }, + "redaction_contract": { + "redaction_required": true, + "conversation_transcript_display_allowed": false, + "raw_prompt_display_allowed": false, + "private_reasoning_display_allowed": false, + "secret_value_display_allowed": false, + "raw_runtime_payload_display_allowed": false, + "telegram_message_must_be_sanitized": true, + "forbidden_terms": [ + "work_window_transcript", + "raw prompt", + "private reasoning", + "chain-of-thought", + "telegram token", + "authorization header", + "secret value" + ], + "frontend_display_policy": "前端與 Telegram preview 只顯示脫敏摘要、env ref、dedup key、preview hash 與審核狀態;不得顯示工作視窗對話、未遮罩提示、私有推理、機密明文或未遮罩 runtime payload。", + "message_preview_redaction_checks": [ + "conversation_context_redacted", + "prompt_surface_redacted", + "runtime_payload_redacted", + "credential_material_absent", + "action_button_absent", + "execution_claim_absent" + ], + "canary_packet_redaction_checks": [ + "target_room_value_hidden", + "bot_token_absent", + "operator_input_value_hidden", + "no_runtime_payload", + "collaboration_context_redacted", + "no_action_button" + ] + }, + "rollups": { + "professional_task_count": 24, + "domain_count": 8, + "telegram_stage_count": 5, + "telegram_message_type_count": 6, + "approval_required_count": 19, + "low_risk_task_count": 3, + "medium_risk_task_count": 10, + "high_risk_task_count": 6, + "critical_risk_task_count": 5, + "current_live_count": 0, + "gateway_queue_write_count": 0, + "telegram_send_count": 0, + "bot_api_call_count": 0, + "delivery_receipt_write_count": 0, + "production_write_count": 0, + "secret_read_count": 0, + "paid_api_call_count": 0, + "host_write_count": 0, + "kubectl_action_count": 0, + "no_send_preview_count": 6, + "dedup_key_count": 6, + "receipt_expectation_count": 6, + "canary_approval_package_count": 1, + "queue_preview_envelope_field_count": 6, + "canary_required_preview_count": 6, + "approval_required_preview_count": 4, + "preview_send_enabled_count": 0, + "preview_queue_write_enabled_count": 0, + "preview_bot_api_call_enabled_count": 0, + "receipt_live_write_enabled_count": 0, + "canary_live_send_enabled_count": 0, + "canary_send_approval_packet_count": 1, + "canary_operator_approval_field_count": 7, + "canary_stop_condition_count": 6, + "canary_rollback_mute_step_count": 5, + "canary_receipt_readback_check_count": 6, + "canary_approval_granted_count": 0, + "canary_selected_message_type_count": 0, + "canary_approved_time_window_count": 0, + "canary_send_execution_enabled_count": 0, + "canary_gateway_queue_write_enabled_count": 0, + "canary_bot_api_call_enabled_count": 0, + "canary_delivery_receipt_write_enabled_count": 0, + "canary_secret_read_enabled_count": 0 + } +} diff --git a/docs/schemas/ai_agent_professional_task_expansion_v1.schema.json b/docs/schemas/ai_agent_professional_task_expansion_v1.schema.json index eaa547a7..81176a59 100644 --- a/docs/schemas/ai_agent_professional_task_expansion_v1.schema.json +++ b/docs/schemas/ai_agent_professional_task_expansion_v1.schema.json @@ -41,10 +41,10 @@ "enum": ["P0", "P1", "P2", "P3"] }, "current_task_id": { - "const": "P2-405B" + "const": "P2-405C" }, "next_task_id": { - "const": "P2-405C" + "const": "P2-405D" }, "overall_completion_percent": { "type": "integer", @@ -91,7 +91,8 @@ "dedup_policy", "queue_preview_readback", "receipt_expectations", - "canary_approval_package" + "canary_approval_package", + "canary_send_approval_packet" ], "properties": { "canonical_room": { @@ -320,6 +321,120 @@ } }, "additionalProperties": true + }, + "canary_send_approval_packet": { + "type": "object", + "required": [ + "packet_id", + "status", + "packet_ready", + "approval_required", + "approval_granted", + "recommended_first_message_type", + "selected_message_type", + "eligible_message_types", + "target_room_alias", + "target_room_env", + "target_room_value_visible", + "proposed_time_window", + "owner_agent", + "arbiter", + "reviewers", + "operator_approval_fields", + "rate_limit_plan", + "mute_rollback_plan", + "receipt_readback_plan", + "stop_conditions", + "execution_flags", + "approval_decision_log" + ], + "properties": { + "status": { + "const": "waiting_explicit_commander_approval" + }, + "packet_ready": { + "const": true + }, + "approval_required": { + "const": true + }, + "approval_granted": { + "const": false + }, + "selected_message_type": { + "const": "not_selected" + }, + "target_room_env": { + "const": "SRE_GROUP_CHAT_ID" + }, + "target_room_value_visible": { + "const": false + }, + "proposed_time_window": { + "const": "waiting_commander_input" + }, + "operator_approval_fields": { + "type": "array", + "minItems": 7, + "maxItems": 7 + }, + "rate_limit_plan": { + "type": "object", + "properties": { + "max_messages": { + "const": 1 + }, + "live_rate_limit_write_enabled": { + "const": false + } + }, + "additionalProperties": true + }, + "receipt_readback_plan": { + "type": "object", + "properties": { + "production_receipt_write_enabled": { + "const": false + }, + "receipt_readback_enabled_before_send": { + "const": false + } + }, + "additionalProperties": true + }, + "execution_flags": { + "type": "object", + "properties": { + "canary_send_execution_enabled": { + "const": false + }, + "gateway_queue_write_enabled": { + "const": false + }, + "bot_api_call_enabled": { + "const": false + }, + "delivery_receipt_write_enabled": { + "const": false + }, + "production_write_enabled": { + "const": false + }, + "secret_read_enabled": { + "const": false + }, + "paid_api_enabled": { + "const": false + } + }, + "additionalProperties": true + }, + "approval_decision_log": { + "type": "array", + "maxItems": 0 + } + }, + "additionalProperties": true } }, "additionalProperties": true @@ -455,7 +570,20 @@ "preview_queue_write_enabled_count", "preview_bot_api_call_enabled_count", "receipt_live_write_enabled_count", - "canary_live_send_enabled_count" + "canary_live_send_enabled_count", + "canary_send_approval_packet_count", + "canary_operator_approval_field_count", + "canary_stop_condition_count", + "canary_rollback_mute_step_count", + "canary_receipt_readback_check_count", + "canary_approval_granted_count", + "canary_selected_message_type_count", + "canary_approved_time_window_count", + "canary_send_execution_enabled_count", + "canary_gateway_queue_write_enabled_count", + "canary_bot_api_call_enabled_count", + "canary_delivery_receipt_write_enabled_count", + "canary_secret_read_enabled_count" ], "properties": { "professional_task_count": { @@ -541,6 +669,45 @@ }, "canary_live_send_enabled_count": { "const": 0 + }, + "canary_send_approval_packet_count": { + "const": 1 + }, + "canary_operator_approval_field_count": { + "const": 7 + }, + "canary_stop_condition_count": { + "const": 6 + }, + "canary_rollback_mute_step_count": { + "const": 5 + }, + "canary_receipt_readback_check_count": { + "const": 6 + }, + "canary_approval_granted_count": { + "const": 0 + }, + "canary_selected_message_type_count": { + "const": 0 + }, + "canary_approved_time_window_count": { + "const": 0 + }, + "canary_send_execution_enabled_count": { + "const": 0 + }, + "canary_gateway_queue_write_enabled_count": { + "const": 0 + }, + "canary_bot_api_call_enabled_count": { + "const": 0 + }, + "canary_delivery_receipt_write_enabled_count": { + "const": 0 + }, + "canary_secret_read_enabled_count": { + "const": 0 } }, "additionalProperties": true diff --git a/docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md b/docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md index b79e7470..c14dcf0e 100644 --- a/docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md +++ b/docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md @@ -638,7 +638,7 @@ Alert / Sentry / SigNoz / Gitea / Market Watch / Operator | `docs/evaluations/ai_agent_report_runtime_dry_run_2026-06-12.json` + `GET /api/v1/agents/agent-report-runtime-dry-run` | P2-403M 報表 runtime no-write dry-run 證據包;建立 5 個 dry-run artifact、3 個 SRE 戰情室 queue digest 草案、4 個 readback verifier case、3 個 Agent dry-run role 與 6 個 operator checkpoint;不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 delivery receipt、不啟動 worker、不跑 verifier live readback、不讀 secret,已由 P2-403N fixture readback 承接 | | `docs/evaluations/ai_agent_report_runtime_fixture_readback_2026-06-12.json` + `GET /api/v1/agents/agent-report-runtime-fixture-readback` | P2-403N fixture smoke / queue preview readback / verifier dry-run 證據包;建立 5 個 fixture smoke、3 個 SRE 戰情室 queue preview readback、4 個 verifier dry-run case、3 個 Agent fixture role 與 5 個 operator checkpoint;不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 delivery receipt、不啟動 worker、不跑 verifier live readback、不讀 secret,下一步 P2-404 | | `docs/evaluations/ai_agent_runtime_worker_shadow_gate_2026-06-12.json` + `GET /api/v1/agents/agent-runtime-worker-shadow-gate` | P2-404 runtime worker shadow / no-write execution evidence gate;建立 5 個 shadow candidate、4 個 no-write replay、4 個 verifier shadow case、3 個 Agent shadow role 與 6 個 operator checkpoint;shadow live worker、Gateway queue write、Telegram send、Bot API、delivery receipt、auto worker、verifier live readback、production write 與 secret read 全部 `0 / false`,下一步 P2-101 | -| `docs/evaluations/ai_agent_professional_task_expansion_2026-06-15_1445_p2_405b.json` + `GET /api/v1/agents/agent-professional-task-expansion` | P2-405B AI Agent 專業任務擴展與 Telegram Runtime Bridge;承接 12-Agent War Room、P2-403 report/runtime 鏈與 monitoring owner response acceptance,固定 24 類專業任務、8 個任務領域、5 段 Telegram bridge、6 種訊息類型、6 個 no-send preview、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package、MCP/RAG stack、日報 / 週報 / 月報 / action-required 報告契約,並接入 governance automation inventory 卡片;需批准任務 `19`、preview live write `0`;Gateway queue write、Telegram send、Bot API、delivery receipt production write、production write、secret read、paid API、host write 與 kubectl action 全部 `0 / false`,下一步 P2-405C approved canary send approval packet | +| `docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json` + `GET /api/v1/agents/agent-professional-task-expansion` | P2-405C AI Agent 專業任務擴展與 Telegram Runtime Bridge;承接 12-Agent War Room、P2-403 report/runtime 鏈與 monitoring owner response acceptance,固定 24 類專業任務、8 個任務領域、5 段 Telegram bridge、6 種訊息類型、6 個 no-send preview、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package、1 份 canary send approval packet、7 個批准欄位、6 個停止條件、5 步 mute / rollback、6 個 receipt readback check、MCP/RAG stack、日報 / 週報 / 月報 / action-required 報告契約,並接入 governance automation inventory 卡片;需批准任務 `19`、preview / canary live write `0`;Gateway queue write、Telegram send、Bot API、delivery receipt production write、production write、secret read、paid API、host write 與 kubectl action 全部 `0 / false`,下一步 P2-405D canary delivery gate | | `docs/evaluations/ai_agent_operation_permission_model_2026-06-12.json` + `GET /api/v1/agents/agent-operation-permission-model` | P2-101 操作類別權限模型;建立 5 條 permission lane、13 類 operation category、3 個 Agent permission role、8 個 gate transition 與 5 個 operator decision template;runtime execution、Gateway queue write、Telegram send、Bot API、delivery receipt、auto worker、verifier live readback、production write、secret / paid provider、host command 與 destructive action 全部 `0 / false`,已由 P2-102 承接 | | `docs/evaluations/ai_agent_candidate_operation_dry_run_evidence_2026-06-12.json` + `GET /api/v1/agents/agent-candidate-operation-dry-run-evidence` | P2-102 候選操作 dry-run 證據;13 類候選操作全部具備 input / output evidence hash、side-effect count、verifier plan、rollback/no-op plan 與人工 handoff;6 個 verifier plan、7 個 gate evidence requirement、5 個 operator handoff;runtime、Gateway queue、Telegram、production write、secret / paid provider 與 destructive action 全部 `0 / false`,已由 P2-103 承接 | | `docs/evaluations/ai_agent_task_result_audit_trail_2026-06-13.json` + `GET /api/v1/agents/agent-task-result-audit-trail` | P2-103 任務結果稽核軌跡;8 條 result route、6 個 writeback contract、7 個 audit checkpoint、5 個 operator handoff;把 diagnostic-only、repair candidate、execution failed、provider unmatched、report zero-signal 等結果固定到 KM 草稿、LOGBOOK 證據、audit trail、timeline 與人工下一步;KM / LOGBOOK / audit DB / timeline / PlayBook trust / Gateway queue / Telegram 寫入全為 `0 / false`,已由 P2-104 承接 | @@ -841,7 +841,7 @@ Repo / registry / release notes / K8s / host / observability / backup evidence 64. 建立 owner response preflight 與拒收邊界。✅ P2-143 已完成正式驗證;承接 P2-141 decision input prep 與 P2-142 War Room 基線,固定 response intake lane `5`、required owner field `18`、intake validation check `6`、rejection guard `6`、operator action `5`、waiting external response `5`;owner response received / accepted / rejected、redacted payload ingested、reviewer queue write、Gateway queue write、Telegram send、Bot API、result capture、learning、PlayBook trust、production write、secret read、destructive operation 仍為 `0 / false`;feature commit `755b0a8d`、deploy marker `667d6329`、Gitea code-review `2961` / CD `2960` success、本地 P2-142 War Room + P2-139 至 P2-143 regression `37 passed`、JSON parse、Python compile、Web typecheck、guard、doc secret sanity、禁用外露值掃描、production API readback 與 desktop / mobile smoke 通過。下一步 P2-144 owner response readback。 65. 建立 owner response readback。✅ P2-144 已完成正式驗證;承接 P2-143 preflight,固定 response readback lane `5`、required owner field `18`、readback validation check `6`、readback rejection guard `6`、operator action `5`、waiting external response `5`、no external response received lane `5`;owner response received / accepted / rejected、redacted payload ingested、reviewer queue write、Gateway queue write、Telegram send、Bot API、result capture、learning、PlayBook trust、production write、secret read、destructive operation 仍為 `0 / false`;feature commit `8795f100`、deploy marker `ac938037`、Gitea code-review `2965` / CD `2964` success;本地 P2-139 至 P2-144 regression `45 passed`,rebase 後含 tenants regression 的推送前回歸 `47 passed`、JSON parse、Python compile、Web typecheck、guard、doc secret sanity、value-only 禁用外露值掃描、i18n key parity 與 diff check 通過;production API readback、desktop / mobile smoke、水平溢位 `0`、危險控制 `0`、工作溝通片語命中 `0` 已完成。下一步 P2-145 owner response acceptance gate。 66. 建立 owner response acceptance gate。✅ P2-145 已完成並正式驗證;承接 P2-144 readback,固定 acceptance gate lane `5`、required owner field `18`、acceptance validation check `6`、acceptance rejection guard `6`、operator action `5`、blocked no external response `5`、no acceptable external response `5`;owner response received / accepted / rejected、redacted payload ingested、reviewer queue write、Gateway queue write、Telegram send、Bot API、result capture、learning、PlayBook trust、production write、secret read、destructive operation 仍為 `0 / false`;feature commit `386dbd07`、deploy marker `36fbfc6b`、Gitea code-review `2969` / CD `2968` success;P2-144 + P2-145 regression `16 passed`、JSON parse、Python compile、Web typecheck、guard、doc secret sanity、顯示值工作視窗污染掃描、i18n key parity、diff check、production API readback、in-app browser smoke、desktop / mobile smoke、水平溢位 `0`、P2-145 卡片操作控制 `0`、工作溝通片語命中 `0` 已完成。下一步 P2-146 acceptance receipt preview,且必須等合格、遮罩、欄位完整、可驗證來源的外部正式回覆後才能建立 receipt preview。 -66a. 建立 AI Agent 專業任務擴展與 Telegram Runtime Bridge。✅ P2-405B 本地完成;承接 12-Agent War Room、P2-403 report/runtime 鏈與 monitoring owner response acceptance,固定 24 類專業任務、8 個領域、5 段 Telegram bridge、6 種訊息類型、6 個 no-send preview、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package 與 MCP/RAG stack,並接入 governance automation inventory 卡片;需批准任務 `19`、low / medium / high / critical = `3 / 10 / 6 / 5`;Gateway queue write、Telegram send、Bot API、delivery receipt production write、production write、secret read、paid API、host write、kubectl action 仍為 `0 / false`。下一步 P2-405C approved canary send approval packet;這不占用 P2-146 owner response receipt preview。 +66a. 建立 AI Agent 專業任務擴展與 Telegram Runtime Bridge。✅ P2-405C 本地完成;承接 12-Agent War Room、P2-403 report/runtime 鏈與 monitoring owner response acceptance,固定 24 類專業任務、8 個領域、5 段 Telegram bridge、6 種訊息類型、6 個 no-send preview、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package、1 份 canary send approval packet、7 個批准欄位、6 個停止條件、5 步 mute / rollback、6 個 receipt readback check 與 MCP/RAG stack,並接入 governance automation inventory 卡片;需批准任務 `19`、low / medium / high / critical = `3 / 10 / 6 / 5`;Gateway queue write、Telegram send、Bot API、delivery receipt production write、production write、secret read、paid API、host write、kubectl action 仍為 `0 / false`。下一步 P2-405D canary delivery gate;這不占用 P2-146 owner response receipt preview。 67. 新增 P0 配置控管優先序前台可視化。✅ 正式驗證完成;`/zh-TW/iwooos` 已集中顯示 Nginx public gateway、DNS / TLS / certbot、K8s / ArgoCD / production manifests、Workflow / runner / secret metadata、Public / admin / API runtime config、agent-bounty runtime / treasury 六類即時風險配置;owner response `0 / 0`、live evidence `0`、執行期 `0`、操作按鈕 `0`;feature commit `e992af89`、deploy marker `ed651a98`、Gitea code-review `2971` / CD `2970` success;本地與正式 in-app browser、desktop `1440x1100`、mobile `390x844` smoke 通過。這不是 Nginx live conf 讀取、`nginx -t`、reload、DNS / TLS probe、certbot renew、ArgoCD sync、kubectl、workflow / secret 修改、public route change、agent-bounty runtime、payout / withdrawal、production write 或 runtime gate。 68. 補強 P0 高價值配置 Gate path pattern、工作樹 preflight、owner packet 與 coverage snapshot。✅ 本地完成;`k8s/nginx/**`、`scripts/ops/**/*cert*`、`scripts/ops/**/*tls*` 已納入 high-value config classification,Nginx public gateway 與 DNS / TLS / certbot sample 從 `matched=0 / C0=0` 收斂到 `matched=3 / C0=2`;gate snapshot 顯示 `changed_files=6`、`matched=6`、`categories=3`、`c0=2`、`c1=0`;預設模式已可讀取 staged / unstaged / untracked,臨時 `k8s/nginx/*` smoke 命中 C0;owner packet snapshot `packets=3 / c0=2 / runtime_gate=0`;coverage snapshot `categories=14 / c0=8 / avg=67 / runtime_gate=0`;owner evidence 仍 `provided=false / complete=false`,runtime execution 仍 `false`。這不是 live config read、`nginx -t`、reload、certbot renew、DNS / TLS probe、host write、active scan、workflow 修改、secret 收集、production write 或 runtime gate。 69. 同步高價值配置 Owner Packet 前台 projection。✅ 已完成並正式驗證;`/zh-TW/iwooos` 與 `/zh-TW/awooop` 已顯示 owner packet snapshot `packet=3 / c0=2`、最高命中 `C0 / P0`、Nginx public gateway、DNS / TLS / certbot 與 security tooling 影響範圍;feature commit `e999c16b`、deploy marker `16c6b983`、Gitea code-review `2973` / CD `2972` success;request sent、received、accepted、runtime gate 與 action buttons 仍為 `0`;本地與正式 desktop / mobile / in-app browser smoke 已通過,水平溢位 `0`、卡片內操作控制 `0`、危險連結 `0`、工作溝通片語命中 `0`。不得因此調高 IwoooS headline。 @@ -894,7 +894,7 @@ Repo / registry / release notes / K8s / host / observability / backup evidence | `docs/evaluations/ai_agent_report_runtime_dry_run_2026-06-12.json` + `GET /api/v1/agents/agent-report-runtime-dry-run` | P2-403M 報表 runtime no-write dry-run 證據包;5 個 dry-run artifact、3 個 queue digest 草案、4 個 readback verifier case、3 個 Agent dry-run role、6 個 operator checkpoint;不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 delivery receipt、不啟動 worker、不跑 verifier live readback | | `docs/evaluations/ai_agent_report_runtime_fixture_readback_2026-06-12.json` + `GET /api/v1/agents/agent-report-runtime-fixture-readback` | P2-403N fixture smoke / queue preview readback / verifier dry-run 證據包;5 個 fixture smoke、3 個 queue preview readback、4 個 verifier dry-run case、3 個 Agent fixture role、5 個 operator checkpoint;不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 delivery receipt、不啟動 worker、不跑 verifier live readback | | `docs/evaluations/ai_agent_runtime_worker_shadow_gate_2026-06-12.json` + `GET /api/v1/agents/agent-runtime-worker-shadow-gate` | P2-404 runtime worker shadow / no-write execution evidence gate;5 個 shadow candidate、4 個 no-write replay、4 個 verifier shadow case、3 個 Agent shadow role、6 個 operator checkpoint;不啟動 live worker、不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 production target | -| `docs/evaluations/ai_agent_professional_task_expansion_2026-06-15_1445_p2_405b.json` + `GET /api/v1/agents/agent-professional-task-expansion` | P2-405B AI Agent 專業任務擴展與 Telegram Runtime Bridge;24 類專業任務、8 個領域、5 段 Telegram bridge、6 種訊息類型、6 個 no-send preview、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package、MCP/RAG stack、治理頁 P2-405B 卡片;不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 production target、不讀 secret、不用 paid API | +| `docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json` + `GET /api/v1/agents/agent-professional-task-expansion` | P2-405C AI Agent 專業任務擴展與 Telegram Runtime Bridge;24 類專業任務、8 個領域、5 段 Telegram bridge、6 種訊息類型、6 個 no-send preview、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package、1 份 canary send approval packet、7 個批准欄位、6 個停止條件、5 步 mute / rollback、6 個 receipt readback check、MCP/RAG stack、治理頁 P2-405C 卡片;不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 production target、不讀 secret、不用 paid API | | `docs/evaluations/ai_agent_operation_permission_model_2026-06-12.json` + `GET /api/v1/agents/agent-operation-permission-model` | P2-101 操作類別權限模型;5 條 permission lane、13 類 operation category、3 個 Agent permission role、8 個 gate transition、5 個 operator decision template;不啟動 runtime worker、不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 production target、不讀 secret | | `docs/evaluations/ai_agent_candidate_operation_dry_run_evidence_2026-06-12.json` + `GET /api/v1/agents/agent-candidate-operation-dry-run-evidence` | P2-102 候選操作 dry-run 證據;13 類候選操作、13 組 dry-run evidence、6 個 verifier plan、7 個 gate evidence requirement、5 個 operator handoff;不啟動 runtime worker、不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 production target、不讀 secret、不執行 destructive action | | `docs/evaluations/ai_agent_task_result_audit_trail_2026-06-13.json` + `GET /api/v1/agents/agent-task-result-audit-trail` | P2-103 任務結果稽核軌跡;8 條 result route、6 個 writeback contract、7 個 audit checkpoint、5 個 operator handoff;不寫 KM、不 runtime append LOGBOOK、不寫 audit DB、不寫 timeline、不更新 PlayBook trust、不寫 Gateway queue、不送 Telegram | @@ -5005,3 +5005,15 @@ Trigger commit `f5cd37b7` 與 deploy marker `0ba92357` 已把 governance UI 的 - 新增 / 更新測試,明確拒絕 preview send enabled、duplicate dedup key、canary live send enabled、queue write、Bot API call 或 receipt production write。 **裁決:** 這是 Telegram no-send preview 與 canary approval package,不是 Telegram send、Gateway queue write、Bot API call、delivery receipt production write、approved canary、production write、secret read、host write、kubectl action 或 runtime authorization;下一步 P2-405C 只能產生 approved canary send approval packet 與人工批准欄位,未批准前不得實發。 + +### 2026-06-16 10:15 (台北) — §3.2 / §5 — 新增 P2-405C Canary 發送批准包 — 把第一次 TG canary 實發前的統帥批准欄位固定成可 guard artifact + +**觸發**:P2-405B 已讓治理頁看見 Telegram no-send preview、dedup、receipt expectation 與 canary approval package;下一步需要把第一次 Canary 實發前的統帥批准欄位、時間窗、單一訊息類型、目標 env ref、receipt readback owner、mute / rollback plan 與停止條件固定成可測試 artifact,避免把「批准包已就緒」誤判成 Telegram 已可實發。 + +**已推進:** +- 新增 `docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json`,`current_task_id=P2-405C`、`next_task_id=P2-405D`、overall `92%`。 +- `ai_agent_professional_task_expansion_v1` schema 與 API loader 已要求 1 份 canary send approval packet、7 個 operator approval field、6 個 eligible message type、6 個 stop condition、5 個 mute / rollback step、6 個 receipt readback check。 +- `/zh-TW/governance?tab=automation-inventory` P2-405C 卡片顯示 canary 批准包、批准欄位、停止條件與批准缺口;preview / canary live write 計數仍為 `0`。 +- 新增 / 更新測試,明確拒絕 canary approval granted、selected message type、canary execution enabled、Gateway queue write、Bot API call、delivery receipt production write、secret read 或 paid API 被提前打開。 + +**裁決:** 這是 canary send approval packet,不是 Telegram send、Gateway queue write、Bot API call、delivery receipt production write、approved canary delivery、production write、secret read、host write、kubectl action 或 runtime authorization;下一步 P2-405D 只能在統帥明確填入 canary 發送批准欄位後進入受控 delivery gate,未批准前不得實發。