feat(governance): 新增 AI Agent TG canary 批准包
This commit is contained in:
Your Name
@@ -49,6 +49,31 @@
|
||||
- 本輪未連 live ArgoCD、未 `kubectl`、未 `helm`、未讀 live Secret、未改 NetworkPolicy / RBAC / NodePort / Ingress / route、未手動 sync、未 patch live manifest、未 active scan、未收 secrets 明文、未 force push。
|
||||
- 下一優先:收 K8s / ArgoCD owner evidence 與事故後回讀包;同時把 Backup / Restore / Escrow、Monitoring / Alerting / Observability、Public gateway / Nginx、Gitea workflow / runner / deploy secret injection 的 owner evidence gate 往前推,且不得用 route 200、pod up、UI 可見或 CD success 當成資安 runtime 授權。
|
||||
|
||||
## 2026-06-16|P2-405C AI Agent TG Canary 發送批准包
|
||||
|
||||
**背景**:P2-405B 已讓治理頁看見 Telegram no-send 訊息預覽、dedup key、receipt expectation 與 canary approval package;下一步需要把第一次 TG canary 實發前的人工批准輸入、停止條件、mute / rollback 與回執讀回要求固定成可測試 artifact,但不能因「批准包已就緒」就打開 Telegram 實發或 Gateway queue。
|
||||
|
||||
**完成項目**:
|
||||
- 新增 `docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json`,`current_task_id=P2-405C`、`next_task_id=P2-405D`、整體完成度 `92%`。
|
||||
- `telegram_runtime_bridge.canary_send_approval_packet` 已固定 `packet_ready=true`、`approval_required=true`、`approval_granted=false`、`status=waiting_explicit_commander_approval`。
|
||||
- Canary 發送批准包要求 7 個統帥 / operator 必填欄位:統帥批准、單一訊息類型、發送時間窗、目標 env ref、mute / rollback plan、receipt readback owner、failure stop condition。
|
||||
- Canary 發送批准包固定 6 個 eligible message type、6 個停止條件、5 個 mute / rollback 步驟、6 個 receipt readback check;所有欄位值維持不可公開顯示。
|
||||
- 後端 loader / schema / 測試已要求 canary execution flags、Gateway queue write、Bot API call、delivery receipt production write、secret read、paid API 全部維持 `false / 0`。
|
||||
- `/zh-TW/governance?tab=automation-inventory` 的 AI Agent 專業任務卡片已顯示 canary 批准包、批准欄位、停止條件與批准缺口,並把 canary 實發 / queue / Bot API / receipt write 全部納入 live write 計數。
|
||||
- `zh-TW.json` 與 `en.json` 維持繁中鏡像;治理頁不顯示工作視窗對話、未遮罩 runtime payload、機密值或可直接執行的 Telegram 操作。
|
||||
|
||||
**本地驗證**:
|
||||
- JSON parse 驗證 `docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json`、`docs/schemas/ai_agent_professional_task_expansion_v1.schema.json`、`apps/web/messages/zh-TW.json`、`apps/web/messages/en.json` 通過。
|
||||
- `python3 -m py_compile apps/api/src/services/ai_agent_professional_task_expansion.py apps/api/src/api/v1/agents.py` 通過。
|
||||
- `DATABASE_URL=postgresql+asyncpg://test:test@localhost/test pytest -q apps/api/tests/test_ai_agent_professional_task_expansion.py apps/api/tests/test_ai_agent_professional_task_expansion_api.py` → `16 passed`。
|
||||
- `pnpm --filter @awoooi/web typecheck` 通過。
|
||||
|
||||
**完成度與邊界**:
|
||||
- AI Agent 專業任務擴展與 Telegram Runtime Bridge:`88% -> 92%`。
|
||||
- Telegram no-send preview、dedup、receipt expectation、canary approval package、canary send approval packet:皆為 `100%`。
|
||||
- Telegram 實發、Gateway queue write、Bot API call、delivery receipt production write、secret read、paid API、host write、kubectl action、production write 全部仍為 `0 / false`。
|
||||
- 下一步:P2-405D 只能在統帥明確提供 canary 發送批准、單一訊息類型、時間窗、目標 env ref 與回執讀回 owner 後,才進入受控 canary delivery gate;未批准前不得實發。
|
||||
|
||||
## 2026-06-15|Docker / systemd / Host Service 事故後回讀 Gate
|
||||
|
||||
**背景**:110 / 188 類主機服務事故證明,Docker daemon、compose、systemd、repair-bot、Ansible、host config backup、port binding、public / admin route、AI provider 與 monitoring 可能互相影響。IwoooS 不能把「容器起來」、「route 200」、「服務健康」或「頁面可見」誤判成主機服務事故已驗收;本階段補上 host service post-incident readback plan,只建立事故後回讀候選、必填欄位、reviewer checks、outcome lanes、blocked actions 與前台 marker;不 SSH、不讀 live host、不碰 Docker / systemd / repair-bot / Ansible / Nginx / firewall、不做 route smoke、不收 secrets 明文。
|
||||
|
||||
@@ -184,5 +184,5 @@ Telegram Ops 工位負責 Telegram Gateway、Channel Hub、日報/週報/月報
|
||||
狀態變更:12 位 Agent 只讀審查全部回收並彙整;已建立 `ai_agent_12_agent_war_room_v1` schema / committed snapshot / API / tests / governance UI 區塊。
|
||||
證據:`docs/schemas/ai_agent_12_agent_war_room_v1.schema.json`、`docs/evaluations/ai_agent_12_agent_war_room_2026-06-14.json`、`GET /api/v1/agents/agent-12-agent-war-room`、治理頁 12-Agent War Room 區塊、12 位 Agent 只讀回饋。
|
||||
阻擋:runtime writer、Telegram send、Bot API、production write、SDK 安裝、付費 API、shadow/canary、host update、DB migration、restore 仍未批准。
|
||||
下一步:P2-405C 承接 Telegram approved canary send approval packet;讓統帥先審核發送時間窗、單一訊息類型、dedup、receipt、mute / rollback plan 與停止條件。P2-146 owner response receipt preview 仍屬另一條 release gate 主線;兩者都不得直接打開 Gateway queue、Telegram send、Bot API 或 production write。
|
||||
下一步:P2-405D 承接 Telegram canary delivery gate;只有在統帥明確批准發送時間窗、單一訊息類型、目標 env ref、receipt readback owner、mute / rollback plan 與停止條件後,才可進入受控 canary delivery。P2-146 owner response receipt preview 仍屬另一條 release gate 主線;兩者都不得直接打開 Gateway queue、Telegram send、Bot API 或 production write。
|
||||
```
|
||||
|
||||
@@ -15,11 +15,19 @@
|
||||
| OpenClaw / Hermes / NemoTron 主動溝通、學習與成長證據 | 100% | P2-401A 到 P2-144 已完成只讀證據面、runtime / report / result-capture gates、no-write readback、promotion review、writer implementation review、writer dry-run fixture、writer dry-run readback、owner promotion execution gate、owner-approved execution rehearsal、owner acceptance / maintenance window gate、owner acceptance readback / preflight hold、owner-approved preflight release package、owner-approved release readiness readback、owner release approval gate、post-release verifier / rollback gate、final release candidate readback、release authorization hold / readback gate、release verifier preflight / owner review packet、release decision hold / readback、release decision next handoff、release decision input prep、12-Agent War Room、owner response 預檢與 owner response 回讀;P2-141 基線與 S4.9 owner release packet 補強皆已正式驗證,P2-142 12-Agent War Room 已完成 production readback 與 desktop / mobile smoke,P2-143 owner response 預檢已完成 production readback 與 in-app browser smoke,P2-144 owner response 回讀已完成 production API readback 與 desktop / mobile smoke。runtime worker、DB migration、production Redis consumer group、canonical runtime readback、live query、runtime score、result capture write、Telegram 實發、delivery receipt E2E、live report delivery、reviewer queue write、Gateway queue write、AI analysis runtime、中低風險 auto worker、KM / LOGBOOK / audit DB / timeline / PlayBook trust 寫入、SDK / 付費服務仍未開 gate | `ai_agent_result_capture_release_decision_owner_response_readback_v1`、`GET /api/v1/agents/agent-result-capture-release-decision-owner-response-readback`、`docs/evaluations/ai_agent_result_capture_release_decision_owner_response_readback_2026-06-14.json`、feature commit `8795f100`、deploy marker `ac938037`、Gitea code-review `2965` / CD `2964` success、5 個回覆讀回 lane、18 個 owner 必填欄位、6 個 readback validation check、6 個 rejection guard、5 個 operator action、等待外部回覆 `5`、未收件 lane `5`、正式寫入 / 發送 `0`;P2-142 feature commit `5de4b3f3`、deploy marker `1a2c9e36`、Gitea CD run `4232` success、production API readback、desktop / mobile in-app browser smoke;P2-143 feature commit `755b0a8d`、deploy marker `667d6329`、Gitea code-review `2961` / CD `2960` success、production API readback、desktop / mobile in-app browser smoke;MASTER §3.2.1b / §3.2.1d / §3.4.3 |
|
||||
| AI Agent 主動營運委派與版本生命週期 | 100% | P2-402A / P2-402B / P2-402C / P2-402D / P2-402E / P2-402F / P2-402G 已完成;已建立 repo-only 版本新鮮度快照、工具採用批准包、Telegram action-required digest policy、Gitea PR 草案 lane、host / K3s / stateful 版本只讀盤點、API 與 governance UI。定期排程、外部版本查詢、工具安裝、CI 變更、套件升級、主機更新、container pull、實際 PR creation、auto merge、Telegram 實發、SSH、kubectl、重啟仍未開 gate | `ai_agent_proactive_operations_contract_v1`、`ai_agent_version_freshness_snapshot_v1`、`ai_agent_tool_adoption_approval_package_v1`、`ai_agent_telegram_action_required_digest_policy_v1`、`ai_agent_gitea_pr_draft_lane_v1`、`ai_agent_host_stateful_version_inventory_v1`、`GET /api/v1/agents/agent-proactive-operations-contract`、`GET /api/v1/agents/agent-version-freshness-snapshot`、`GET /api/v1/agents/agent-tool-adoption-approval-package`、`GET /api/v1/agents/agent-telegram-action-required-digest-policy`、`GET /api/v1/agents/agent-gitea-pr-draft-lane`、`GET /api/v1/agents/agent-host-stateful-version-inventory`、`/zh-TW/governance?tab=automation-inventory`、MASTER §3.2.1c |
|
||||
| 12-Agent War Room 編組 | 72% | 12 個邏輯工位與分批派工規則已正式部署;OpenClaw / Hermes / NemoTron / SRE / Security / DevOps / Data/DR / Supply Chain / Product/UI / QA / Market / Telegram 共 12 份只讀審查已回收;schema / committed snapshot / API / tests / governance UI 區塊 / production API readback / desktop + mobile in-app browser smoke 已完成;runtime writer、Telegram send、Bot API、production write 仍未批准 | `ai_agent_12_agent_war_room_v1`、`docs/evaluations/ai_agent_12_agent_war_room_2026-06-14.json`、`GET /api/v1/agents/agent-12-agent-war-room`、feature commit `5de4b3f3`、deploy marker `1a2c9e36`、Gitea CD run `4232` success、`/zh-TW/governance?tab=automation-inventory`、12 份 Codex sub-agent 只讀回饋 |
|
||||
| AI Agent 專業任務擴展與 Telegram Runtime Bridge | 88% | P2-405B 已完成只讀契約、正式 API、治理頁 P2-405B 卡片、6 種 Telegram no-send preview、6 個 dedup key、6 組 receipt expectation 與 1 份 canary approval package;24 類專業任務、8 個領域、5 段 Telegram bridge、6 種訊息類型、MCP/RAG stack、日報 / 週報 / 月報 / action-required 報告契約已固定;Telegram 實發、Gateway queue、Bot API、delivery receipt production write、secret read、paid API、host write、kubectl action 仍全部關閉 | `ai_agent_professional_task_expansion_v1`、`docs/evaluations/ai_agent_professional_task_expansion_2026-06-15_1445_p2_405b.json`、`GET /api/v1/agents/agent-professional-task-expansion`、`/zh-TW/governance?tab=automation-inventory`、`docs/ai/AI_AGENT_PROFESSIONAL_TASK_EXPANSION_2026-06-15.md`、需批准任務 `19`、no-send preview `6`、dedup key `6`、receipt expectation `6`、canary package `1`、preview live write `0`;下一步 P2-405C approved canary send approval packet |
|
||||
| AI Agent 專業任務擴展與 Telegram Runtime Bridge | 92% | P2-405C 已完成只讀契約、正式 API、治理頁 P2-405C 卡片、6 種 Telegram no-send preview、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package、1 份 canary send approval packet、7 個批准欄位、6 個停止條件、5 步 mute / rollback 與 6 個 receipt readback check;24 類專業任務、8 個領域、5 段 Telegram bridge、6 種訊息類型、MCP/RAG stack、日報 / 週報 / 月報 / action-required 報告契約已固定;Telegram 實發、Gateway queue、Bot API、delivery receipt production write、secret read、paid API、host write、kubectl action 仍全部關閉 | `ai_agent_professional_task_expansion_v1`、`docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json`、`GET /api/v1/agents/agent-professional-task-expansion`、`/zh-TW/governance?tab=automation-inventory`、`docs/ai/AI_AGENT_PROFESSIONAL_TASK_EXPANSION_2026-06-15.md`、需批准任務 `19`、no-send preview `6`、dedup key `6`、receipt expectation `6`、canary package `1`、canary send approval packet `1`、批准欄位 `7`、停止條件 `6`、preview / canary live write `0`;下一步 P2-405D canary delivery gate |
|
||||
| Owner response 預檢與拒收邊界 | 100% | P2-143 已完成正式部署與 production readback;承接 P2-141 input prep 與 P2-142 War Room,只建立 owner / verifier / rollback / maintenance / live-apply 五類外部回覆的 intake 預檢、必填欄位與拒收規則;正式 owner response 尚未收到、未接受、未寫入 | `ai_agent_result_capture_release_decision_owner_response_preflight_v1`、`GET /api/v1/agents/agent-result-capture-release-decision-owner-response-preflight`、feature commit `755b0a8d`、deploy marker `667d6329`、Gitea code-review `2961` / CD `2960` success、5 個 response intake lane、18 個 required owner field、6 個 validation check、6 個 rejection guard、5 個 operator action;owner response received / accepted / redacted payload / reviewer queue / Gateway / Telegram / Bot API / production write / secret read / destructive operation 全為 `0` |
|
||||
| Owner response 回讀狀態 | 100% | P2-144 已完成正式部署與 production readback;承接 P2-143 preflight,只讀回五類外部回覆仍未收到、未接受、未拒絕、未保存 | `ai_agent_result_capture_release_decision_owner_response_readback_v1`、`GET /api/v1/agents/agent-result-capture-release-decision-owner-response-readback`、feature commit `8795f100`、deploy marker `ac938037`、Gitea code-review `2965` / CD `2964` success、5 個 response readback lane、18 個 required owner field、6 個 readback validation check、6 個 readback rejection guard、5 個 operator action、waiting external response `5`、no external response received `5`;owner response received / accepted / redacted payload / reviewer queue / Gateway / Telegram / Bot API / production write / secret read / destructive operation 全為 `0` |
|
||||
| 本工作清單與分析報告 | 100% | 已完成 | 本 MD 文件 |
|
||||
|
||||
### 2026-06-16 10:15 狀態同步
|
||||
|
||||
- `P2-405C` AI Agent TG Canary 發送批准包已本地完成:新增 `docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json`,current `P2-405C`、next `P2-405D`、completion `92`。
|
||||
- P2-405C 固定 1 份 canary send approval packet、7 個 operator approval field、6 個 eligible message type、6 個 stop condition、5 個 mute / rollback step、6 個 receipt readback check。
|
||||
- 治理頁 `automation-inventory` 已顯示 P2-405C canary 批准包、批准欄位、停止條件與批准缺口,並把 canary execution / queue / Bot API / receipt write 全部納入 live write 計數。
|
||||
- 本地證據:JSON parse、Python compile、AI Agent professional task expansion API/service regression `16 passed`、Web typecheck 通過。
|
||||
- Telegram send、Gateway queue write、Bot API call、delivery receipt production write、secret read、paid API、host write、kubectl action、production write 全部仍為 `0 / false`;P2-405D 只能在統帥明確批准 canary 發送欄位後才進入受控 delivery gate。
|
||||
|
||||
### 2026-06-14 15:45 狀態同步
|
||||
|
||||
- `P2-144` owner response 回讀狀態已完成正式部署與 production readback:feature commit `8795f100`、deploy marker `ac938037 chore(cd): deploy 8795f10 [skip ci]`。
|
||||
@@ -1417,7 +1425,7 @@ UI:
|
||||
## 13. 立即執行順序
|
||||
|
||||
1. P2-004:依賴 / 供應鏈漂移監控,保持只讀觀察與批准包邊界。
|
||||
2. P2-405C:AI Agent Telegram approved canary send approval packet,先讓統帥審核發送時間窗、單一訊息類型、dedup、receipt、mute / rollback plan 與停止條件;仍不得在未批准前實發。
|
||||
2. P2-405D:AI Agent Telegram canary delivery gate;只有統帥明確批准發送時間窗、單一訊息類型、目標 env ref、receipt readback owner、mute / rollback plan 與停止條件後,才可進入受控 canary delivery;未批准前仍不得實發。
|
||||
3. P3-001:外部 Agent / SDK / API 相關能力仍需證據、費用批准與 shadow / canary 關卡。
|
||||
|
||||
## 14. 目前風險
|
||||
|
||||
@@ -1,14 +1,14 @@
|
||||
# AI Agent 專業任務擴展與 Telegram Runtime Bridge 工作報告
|
||||
|
||||
> 日期:2026-06-15(台北時間)
|
||||
> 狀態:P2-405B 已完成 no-send 訊息預覽、dedup key、receipt expectation、canary approval package、API guard、測試與治理頁可視化;Telegram 實發仍未啟用。
|
||||
> 日期:2026-06-16(台北時間)
|
||||
> 狀態:P2-405C 已完成 Canary 發送批准包、7 個必填批准欄位、6 個停止條件、5 步 mute / rollback、6 個 receipt readback check、API guard、測試與治理頁可視化;Telegram 實發仍未啟用。
|
||||
> 事實來源:`ai_agent_professional_task_expansion_v1`
|
||||
|
||||
## 1. 結論
|
||||
|
||||
本輪把「AI Agent 還能處理哪些專業工作」正式產品化成 24 類專業任務,並把 Telegram 群組 / TG Bot 整合拆成 5 段啟動前閘門。P2-405B 進一步把將來要送出的 Telegram 訊息長相、dedup key、receipt expectation 與 canary approval package 顯示到治理頁。
|
||||
本輪把「AI Agent 還能處理哪些專業工作」正式產品化成 24 類專業任務,並把 Telegram 群組 / TG Bot 整合拆成 5 段啟動前閘門。P2-405C 進一步把第一次 Canary 發送前必須由統帥確認的批准欄位、停止條件、mute / rollback 與 receipt readback plan 顯示到治理頁。
|
||||
|
||||
這不是直接讓 AI Agent 發 Telegram 或改 production;目前只允許 no-send preview、queue preview readback、owner review 與批准包。真正送到 **AwoooI SRE 戰情室** 必須先通過 approved canary、dedup、receipt、redaction、OpenClaw 仲裁、Security gate 與 QA verifier。
|
||||
這不是直接讓 AI Agent 發 Telegram 或改 production;目前只允許 no-send preview、queue preview readback、owner review、canary approval package 與 canary send approval packet。真正送到 **AwoooI SRE 戰情室** 必須先通過統帥明確批准、approved canary、dedup、receipt、redaction、OpenClaw 仲裁、Security gate 與 QA verifier。
|
||||
|
||||
## 2. 完成度
|
||||
|
||||
@@ -17,6 +17,7 @@
|
||||
| 專業任務擴展契約 | 100% | 24 類任務已定義 owner、風險、MCP、RAG、Telegram policy 與 blocked actions |
|
||||
| Telegram Runtime Bridge 契約 | 100% | no-send preview、queue preview、approved canary、日週月報、action-required digest 已分段 |
|
||||
| Telegram no-send 訊息預覽 | 100% | 6 種訊息預覽、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package 已固定 |
|
||||
| Canary 發送批准包 | 100% | 1 份 canary send approval packet、7 個批准欄位、6 個停止條件、5 步 mute / rollback、6 個 receipt readback check 已固定 |
|
||||
| API / loader | 100% | `GET /api/v1/agents/agent-professional-task-expansion` 只讀輸出 |
|
||||
| 治理頁可視化 | 100% | `/zh-TW/governance?tab=automation-inventory` 顯示任務、風險、TG bridge、preview、dedup、receipt、canary 與 live/send/write=0 |
|
||||
| Telegram 實發 | 0% | `telegram_send_count=0`、`bot_api_call_count=0`、`gateway_queue_write_count=0` |
|
||||
@@ -57,7 +58,23 @@
|
||||
| receipt readback owner | 明確誰驗證收到 |
|
||||
| 失敗時停止條件 | 避免重試洗版 |
|
||||
|
||||
## 6. 專業任務總覽
|
||||
## 6. P2-405C Canary 發送批准包
|
||||
|
||||
目前 canary send approval packet 狀態為 `waiting_explicit_commander_approval`,`packet_ready=true`,但 `approval_granted=false`、`selected_message_type=not_selected`、`proposed_time_window=waiting_commander_input`。
|
||||
|
||||
| 必填項目 | 目前狀態 | 邊界 |
|
||||
|---|---|---|
|
||||
| 統帥批准 | waiting input | 未批准不得實發 |
|
||||
| 單一訊息類型 | waiting input | 不允許一次開多種訊息 |
|
||||
| 發送時間窗 | waiting input | 不允許無時間窗發送 |
|
||||
| 目標 env ref | waiting input | 只顯示 env ref,不顯示 room value |
|
||||
| mute / rollback plan | waiting input | 錯誤時可立即停止 |
|
||||
| receipt readback owner | waiting input | 必須有人讀回驗證 |
|
||||
| failure stop condition | waiting input | 任一失敗停止,不重試洗版 |
|
||||
|
||||
Canary 發送批准包固定 6 個停止條件、5 步 mute / rollback plan、6 個 receipt readback check;`canary_send_execution_enabled`、`gateway_queue_write_enabled`、`bot_api_call_enabled`、`delivery_receipt_write_enabled`、`production_write_enabled`、`secret_read_enabled`、`paid_api_enabled` 全部仍為 `false`。
|
||||
|
||||
## 7. 專業任務總覽
|
||||
|
||||
| 領域 | 任務數 | 代表任務 | 主責 |
|
||||
|---|---:|---|---|
|
||||
@@ -70,7 +87,7 @@
|
||||
| AI Governance / Replay / Market | 4 | market watch、NemoTron replay、cost forecast、runbook/postmortem | OpenClaw / NemoTron / Hermes |
|
||||
| Telegram / Reports / Receipts | 3 | digest preview、report truth gate、post-action verifier | Telegram Ops / Hermes / OpenClaw |
|
||||
|
||||
## 7. 專業能力層級
|
||||
## 8. 專業能力層級
|
||||
|
||||
| 層級 | AI Agent 可自動做 | Gate |
|
||||
|---|---|---|
|
||||
@@ -79,7 +96,7 @@
|
||||
| 高風險 | 只產批准包、rollback plan、failure-only digest 草案 | 統帥批准 |
|
||||
| Critical | production write、kubectl、ArgoCD sync、Telegram 實發、secret、restore、host write | 預設 blocked |
|
||||
|
||||
## 8. MCP / RAG
|
||||
## 9. MCP / RAG
|
||||
|
||||
首批 MCP:Gitea、Browser、Observability、Telegram Gateway、Package Registry、Database Readonly、Backup Status、ArgoCD Readonly、HTTP Probe、Fixture Store。
|
||||
|
||||
@@ -87,7 +104,7 @@
|
||||
|
||||
成長指標:KM entries、PlayBook updates、recommendations、replay score delta、blocked action prevented count、receipt missing count。
|
||||
|
||||
## 9. 邊界
|
||||
## 10. 邊界
|
||||
|
||||
- 不直接發 Telegram。
|
||||
- 不寫 Telegram Gateway queue。
|
||||
@@ -96,9 +113,9 @@
|
||||
- 不把工作視窗對話、未遮罩提示、私人推理或未遮罩 runtime payload 放進前端或 Telegram。
|
||||
- 不做 production write、host write、kubectl、ArgoCD sync、restore、rollback、paid API、SDK install。
|
||||
|
||||
## 10. 下一步
|
||||
## 11. 下一步
|
||||
|
||||
1. P2-405C:產生 approved canary send approval packet,明確列出發送時間窗、單一訊息類型、目標 env ref、dedup、receipt、rollback / mute plan 與停止條件。
|
||||
2. P2-405D:canary 通過後才開日報 / 週報 / 月報 digest delivery。
|
||||
3. P2-405E:Action-required digest 只對 failure / high-risk / approval-required 事件開啟。
|
||||
4. P2-405F:把 receipt readback 與 report status board 串起來,但仍需 canary gate 後才能寫正式 receipt。
|
||||
1. P2-405D:統帥明確批准 canary 發送時間窗、單一訊息類型、目標 env ref、receipt readback owner 與停止條件後,才進入受控 canary delivery gate。
|
||||
2. P2-405E:canary 通過後才開日報 / 週報 / 月報 digest delivery。
|
||||
3. P2-405F:Action-required digest 只對 failure / high-risk / approval-required 事件開啟。
|
||||
4. P2-405G:把 receipt readback 與 report status board 串起來,但仍需 canary gate 後才能寫正式 receipt。
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -41,10 +41,10 @@
|
||||
"enum": ["P0", "P1", "P2", "P3"]
|
||||
},
|
||||
"current_task_id": {
|
||||
"const": "P2-405B"
|
||||
"const": "P2-405C"
|
||||
},
|
||||
"next_task_id": {
|
||||
"const": "P2-405C"
|
||||
"const": "P2-405D"
|
||||
},
|
||||
"overall_completion_percent": {
|
||||
"type": "integer",
|
||||
@@ -91,7 +91,8 @@
|
||||
"dedup_policy",
|
||||
"queue_preview_readback",
|
||||
"receipt_expectations",
|
||||
"canary_approval_package"
|
||||
"canary_approval_package",
|
||||
"canary_send_approval_packet"
|
||||
],
|
||||
"properties": {
|
||||
"canonical_room": {
|
||||
@@ -320,6 +321,120 @@
|
||||
}
|
||||
},
|
||||
"additionalProperties": true
|
||||
},
|
||||
"canary_send_approval_packet": {
|
||||
"type": "object",
|
||||
"required": [
|
||||
"packet_id",
|
||||
"status",
|
||||
"packet_ready",
|
||||
"approval_required",
|
||||
"approval_granted",
|
||||
"recommended_first_message_type",
|
||||
"selected_message_type",
|
||||
"eligible_message_types",
|
||||
"target_room_alias",
|
||||
"target_room_env",
|
||||
"target_room_value_visible",
|
||||
"proposed_time_window",
|
||||
"owner_agent",
|
||||
"arbiter",
|
||||
"reviewers",
|
||||
"operator_approval_fields",
|
||||
"rate_limit_plan",
|
||||
"mute_rollback_plan",
|
||||
"receipt_readback_plan",
|
||||
"stop_conditions",
|
||||
"execution_flags",
|
||||
"approval_decision_log"
|
||||
],
|
||||
"properties": {
|
||||
"status": {
|
||||
"const": "waiting_explicit_commander_approval"
|
||||
},
|
||||
"packet_ready": {
|
||||
"const": true
|
||||
},
|
||||
"approval_required": {
|
||||
"const": true
|
||||
},
|
||||
"approval_granted": {
|
||||
"const": false
|
||||
},
|
||||
"selected_message_type": {
|
||||
"const": "not_selected"
|
||||
},
|
||||
"target_room_env": {
|
||||
"const": "SRE_GROUP_CHAT_ID"
|
||||
},
|
||||
"target_room_value_visible": {
|
||||
"const": false
|
||||
},
|
||||
"proposed_time_window": {
|
||||
"const": "waiting_commander_input"
|
||||
},
|
||||
"operator_approval_fields": {
|
||||
"type": "array",
|
||||
"minItems": 7,
|
||||
"maxItems": 7
|
||||
},
|
||||
"rate_limit_plan": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"max_messages": {
|
||||
"const": 1
|
||||
},
|
||||
"live_rate_limit_write_enabled": {
|
||||
"const": false
|
||||
}
|
||||
},
|
||||
"additionalProperties": true
|
||||
},
|
||||
"receipt_readback_plan": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"production_receipt_write_enabled": {
|
||||
"const": false
|
||||
},
|
||||
"receipt_readback_enabled_before_send": {
|
||||
"const": false
|
||||
}
|
||||
},
|
||||
"additionalProperties": true
|
||||
},
|
||||
"execution_flags": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"canary_send_execution_enabled": {
|
||||
"const": false
|
||||
},
|
||||
"gateway_queue_write_enabled": {
|
||||
"const": false
|
||||
},
|
||||
"bot_api_call_enabled": {
|
||||
"const": false
|
||||
},
|
||||
"delivery_receipt_write_enabled": {
|
||||
"const": false
|
||||
},
|
||||
"production_write_enabled": {
|
||||
"const": false
|
||||
},
|
||||
"secret_read_enabled": {
|
||||
"const": false
|
||||
},
|
||||
"paid_api_enabled": {
|
||||
"const": false
|
||||
}
|
||||
},
|
||||
"additionalProperties": true
|
||||
},
|
||||
"approval_decision_log": {
|
||||
"type": "array",
|
||||
"maxItems": 0
|
||||
}
|
||||
},
|
||||
"additionalProperties": true
|
||||
}
|
||||
},
|
||||
"additionalProperties": true
|
||||
@@ -455,7 +570,20 @@
|
||||
"preview_queue_write_enabled_count",
|
||||
"preview_bot_api_call_enabled_count",
|
||||
"receipt_live_write_enabled_count",
|
||||
"canary_live_send_enabled_count"
|
||||
"canary_live_send_enabled_count",
|
||||
"canary_send_approval_packet_count",
|
||||
"canary_operator_approval_field_count",
|
||||
"canary_stop_condition_count",
|
||||
"canary_rollback_mute_step_count",
|
||||
"canary_receipt_readback_check_count",
|
||||
"canary_approval_granted_count",
|
||||
"canary_selected_message_type_count",
|
||||
"canary_approved_time_window_count",
|
||||
"canary_send_execution_enabled_count",
|
||||
"canary_gateway_queue_write_enabled_count",
|
||||
"canary_bot_api_call_enabled_count",
|
||||
"canary_delivery_receipt_write_enabled_count",
|
||||
"canary_secret_read_enabled_count"
|
||||
],
|
||||
"properties": {
|
||||
"professional_task_count": {
|
||||
@@ -541,6 +669,45 @@
|
||||
},
|
||||
"canary_live_send_enabled_count": {
|
||||
"const": 0
|
||||
},
|
||||
"canary_send_approval_packet_count": {
|
||||
"const": 1
|
||||
},
|
||||
"canary_operator_approval_field_count": {
|
||||
"const": 7
|
||||
},
|
||||
"canary_stop_condition_count": {
|
||||
"const": 6
|
||||
},
|
||||
"canary_rollback_mute_step_count": {
|
||||
"const": 5
|
||||
},
|
||||
"canary_receipt_readback_check_count": {
|
||||
"const": 6
|
||||
},
|
||||
"canary_approval_granted_count": {
|
||||
"const": 0
|
||||
},
|
||||
"canary_selected_message_type_count": {
|
||||
"const": 0
|
||||
},
|
||||
"canary_approved_time_window_count": {
|
||||
"const": 0
|
||||
},
|
||||
"canary_send_execution_enabled_count": {
|
||||
"const": 0
|
||||
},
|
||||
"canary_gateway_queue_write_enabled_count": {
|
||||
"const": 0
|
||||
},
|
||||
"canary_bot_api_call_enabled_count": {
|
||||
"const": 0
|
||||
},
|
||||
"canary_delivery_receipt_write_enabled_count": {
|
||||
"const": 0
|
||||
},
|
||||
"canary_secret_read_enabled_count": {
|
||||
"const": 0
|
||||
}
|
||||
},
|
||||
"additionalProperties": true
|
||||
|
||||
@@ -638,7 +638,7 @@ Alert / Sentry / SigNoz / Gitea / Market Watch / Operator
|
||||
| `docs/evaluations/ai_agent_report_runtime_dry_run_2026-06-12.json` + `GET /api/v1/agents/agent-report-runtime-dry-run` | P2-403M 報表 runtime no-write dry-run 證據包;建立 5 個 dry-run artifact、3 個 SRE 戰情室 queue digest 草案、4 個 readback verifier case、3 個 Agent dry-run role 與 6 個 operator checkpoint;不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 delivery receipt、不啟動 worker、不跑 verifier live readback、不讀 secret,已由 P2-403N fixture readback 承接 |
|
||||
| `docs/evaluations/ai_agent_report_runtime_fixture_readback_2026-06-12.json` + `GET /api/v1/agents/agent-report-runtime-fixture-readback` | P2-403N fixture smoke / queue preview readback / verifier dry-run 證據包;建立 5 個 fixture smoke、3 個 SRE 戰情室 queue preview readback、4 個 verifier dry-run case、3 個 Agent fixture role 與 5 個 operator checkpoint;不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 delivery receipt、不啟動 worker、不跑 verifier live readback、不讀 secret,下一步 P2-404 |
|
||||
| `docs/evaluations/ai_agent_runtime_worker_shadow_gate_2026-06-12.json` + `GET /api/v1/agents/agent-runtime-worker-shadow-gate` | P2-404 runtime worker shadow / no-write execution evidence gate;建立 5 個 shadow candidate、4 個 no-write replay、4 個 verifier shadow case、3 個 Agent shadow role 與 6 個 operator checkpoint;shadow live worker、Gateway queue write、Telegram send、Bot API、delivery receipt、auto worker、verifier live readback、production write 與 secret read 全部 `0 / false`,下一步 P2-101 |
|
||||
| `docs/evaluations/ai_agent_professional_task_expansion_2026-06-15_1445_p2_405b.json` + `GET /api/v1/agents/agent-professional-task-expansion` | P2-405B AI Agent 專業任務擴展與 Telegram Runtime Bridge;承接 12-Agent War Room、P2-403 report/runtime 鏈與 monitoring owner response acceptance,固定 24 類專業任務、8 個任務領域、5 段 Telegram bridge、6 種訊息類型、6 個 no-send preview、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package、MCP/RAG stack、日報 / 週報 / 月報 / action-required 報告契約,並接入 governance automation inventory 卡片;需批准任務 `19`、preview live write `0`;Gateway queue write、Telegram send、Bot API、delivery receipt production write、production write、secret read、paid API、host write 與 kubectl action 全部 `0 / false`,下一步 P2-405C approved canary send approval packet |
|
||||
| `docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json` + `GET /api/v1/agents/agent-professional-task-expansion` | P2-405C AI Agent 專業任務擴展與 Telegram Runtime Bridge;承接 12-Agent War Room、P2-403 report/runtime 鏈與 monitoring owner response acceptance,固定 24 類專業任務、8 個任務領域、5 段 Telegram bridge、6 種訊息類型、6 個 no-send preview、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package、1 份 canary send approval packet、7 個批准欄位、6 個停止條件、5 步 mute / rollback、6 個 receipt readback check、MCP/RAG stack、日報 / 週報 / 月報 / action-required 報告契約,並接入 governance automation inventory 卡片;需批准任務 `19`、preview / canary live write `0`;Gateway queue write、Telegram send、Bot API、delivery receipt production write、production write、secret read、paid API、host write 與 kubectl action 全部 `0 / false`,下一步 P2-405D canary delivery gate |
|
||||
| `docs/evaluations/ai_agent_operation_permission_model_2026-06-12.json` + `GET /api/v1/agents/agent-operation-permission-model` | P2-101 操作類別權限模型;建立 5 條 permission lane、13 類 operation category、3 個 Agent permission role、8 個 gate transition 與 5 個 operator decision template;runtime execution、Gateway queue write、Telegram send、Bot API、delivery receipt、auto worker、verifier live readback、production write、secret / paid provider、host command 與 destructive action 全部 `0 / false`,已由 P2-102 承接 |
|
||||
| `docs/evaluations/ai_agent_candidate_operation_dry_run_evidence_2026-06-12.json` + `GET /api/v1/agents/agent-candidate-operation-dry-run-evidence` | P2-102 候選操作 dry-run 證據;13 類候選操作全部具備 input / output evidence hash、side-effect count、verifier plan、rollback/no-op plan 與人工 handoff;6 個 verifier plan、7 個 gate evidence requirement、5 個 operator handoff;runtime、Gateway queue、Telegram、production write、secret / paid provider 與 destructive action 全部 `0 / false`,已由 P2-103 承接 |
|
||||
| `docs/evaluations/ai_agent_task_result_audit_trail_2026-06-13.json` + `GET /api/v1/agents/agent-task-result-audit-trail` | P2-103 任務結果稽核軌跡;8 條 result route、6 個 writeback contract、7 個 audit checkpoint、5 個 operator handoff;把 diagnostic-only、repair candidate、execution failed、provider unmatched、report zero-signal 等結果固定到 KM 草稿、LOGBOOK 證據、audit trail、timeline 與人工下一步;KM / LOGBOOK / audit DB / timeline / PlayBook trust / Gateway queue / Telegram 寫入全為 `0 / false`,已由 P2-104 承接 |
|
||||
@@ -841,7 +841,7 @@ Repo / registry / release notes / K8s / host / observability / backup evidence
|
||||
64. 建立 owner response preflight 與拒收邊界。✅ P2-143 已完成正式驗證;承接 P2-141 decision input prep 與 P2-142 War Room 基線,固定 response intake lane `5`、required owner field `18`、intake validation check `6`、rejection guard `6`、operator action `5`、waiting external response `5`;owner response received / accepted / rejected、redacted payload ingested、reviewer queue write、Gateway queue write、Telegram send、Bot API、result capture、learning、PlayBook trust、production write、secret read、destructive operation 仍為 `0 / false`;feature commit `755b0a8d`、deploy marker `667d6329`、Gitea code-review `2961` / CD `2960` success、本地 P2-142 War Room + P2-139 至 P2-143 regression `37 passed`、JSON parse、Python compile、Web typecheck、guard、doc secret sanity、禁用外露值掃描、production API readback 與 desktop / mobile smoke 通過。下一步 P2-144 owner response readback。
|
||||
65. 建立 owner response readback。✅ P2-144 已完成正式驗證;承接 P2-143 preflight,固定 response readback lane `5`、required owner field `18`、readback validation check `6`、readback rejection guard `6`、operator action `5`、waiting external response `5`、no external response received lane `5`;owner response received / accepted / rejected、redacted payload ingested、reviewer queue write、Gateway queue write、Telegram send、Bot API、result capture、learning、PlayBook trust、production write、secret read、destructive operation 仍為 `0 / false`;feature commit `8795f100`、deploy marker `ac938037`、Gitea code-review `2965` / CD `2964` success;本地 P2-139 至 P2-144 regression `45 passed`,rebase 後含 tenants regression 的推送前回歸 `47 passed`、JSON parse、Python compile、Web typecheck、guard、doc secret sanity、value-only 禁用外露值掃描、i18n key parity 與 diff check 通過;production API readback、desktop / mobile smoke、水平溢位 `0`、危險控制 `0`、工作溝通片語命中 `0` 已完成。下一步 P2-145 owner response acceptance gate。
|
||||
66. 建立 owner response acceptance gate。✅ P2-145 已完成並正式驗證;承接 P2-144 readback,固定 acceptance gate lane `5`、required owner field `18`、acceptance validation check `6`、acceptance rejection guard `6`、operator action `5`、blocked no external response `5`、no acceptable external response `5`;owner response received / accepted / rejected、redacted payload ingested、reviewer queue write、Gateway queue write、Telegram send、Bot API、result capture、learning、PlayBook trust、production write、secret read、destructive operation 仍為 `0 / false`;feature commit `386dbd07`、deploy marker `36fbfc6b`、Gitea code-review `2969` / CD `2968` success;P2-144 + P2-145 regression `16 passed`、JSON parse、Python compile、Web typecheck、guard、doc secret sanity、顯示值工作視窗污染掃描、i18n key parity、diff check、production API readback、in-app browser smoke、desktop / mobile smoke、水平溢位 `0`、P2-145 卡片操作控制 `0`、工作溝通片語命中 `0` 已完成。下一步 P2-146 acceptance receipt preview,且必須等合格、遮罩、欄位完整、可驗證來源的外部正式回覆後才能建立 receipt preview。
|
||||
66a. 建立 AI Agent 專業任務擴展與 Telegram Runtime Bridge。✅ P2-405B 本地完成;承接 12-Agent War Room、P2-403 report/runtime 鏈與 monitoring owner response acceptance,固定 24 類專業任務、8 個領域、5 段 Telegram bridge、6 種訊息類型、6 個 no-send preview、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package 與 MCP/RAG stack,並接入 governance automation inventory 卡片;需批准任務 `19`、low / medium / high / critical = `3 / 10 / 6 / 5`;Gateway queue write、Telegram send、Bot API、delivery receipt production write、production write、secret read、paid API、host write、kubectl action 仍為 `0 / false`。下一步 P2-405C approved canary send approval packet;這不占用 P2-146 owner response receipt preview。
|
||||
66a. 建立 AI Agent 專業任務擴展與 Telegram Runtime Bridge。✅ P2-405C 本地完成;承接 12-Agent War Room、P2-403 report/runtime 鏈與 monitoring owner response acceptance,固定 24 類專業任務、8 個領域、5 段 Telegram bridge、6 種訊息類型、6 個 no-send preview、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package、1 份 canary send approval packet、7 個批准欄位、6 個停止條件、5 步 mute / rollback、6 個 receipt readback check 與 MCP/RAG stack,並接入 governance automation inventory 卡片;需批准任務 `19`、low / medium / high / critical = `3 / 10 / 6 / 5`;Gateway queue write、Telegram send、Bot API、delivery receipt production write、production write、secret read、paid API、host write、kubectl action 仍為 `0 / false`。下一步 P2-405D canary delivery gate;這不占用 P2-146 owner response receipt preview。
|
||||
67. 新增 P0 配置控管優先序前台可視化。✅ 正式驗證完成;`/zh-TW/iwooos` 已集中顯示 Nginx public gateway、DNS / TLS / certbot、K8s / ArgoCD / production manifests、Workflow / runner / secret metadata、Public / admin / API runtime config、agent-bounty runtime / treasury 六類即時風險配置;owner response `0 / 0`、live evidence `0`、執行期 `0`、操作按鈕 `0`;feature commit `e992af89`、deploy marker `ed651a98`、Gitea code-review `2971` / CD `2970` success;本地與正式 in-app browser、desktop `1440x1100`、mobile `390x844` smoke 通過。這不是 Nginx live conf 讀取、`nginx -t`、reload、DNS / TLS probe、certbot renew、ArgoCD sync、kubectl、workflow / secret 修改、public route change、agent-bounty runtime、payout / withdrawal、production write 或 runtime gate。
|
||||
68. 補強 P0 高價值配置 Gate path pattern、工作樹 preflight、owner packet 與 coverage snapshot。✅ 本地完成;`k8s/nginx/**`、`scripts/ops/**/*cert*`、`scripts/ops/**/*tls*` 已納入 high-value config classification,Nginx public gateway 與 DNS / TLS / certbot sample 從 `matched=0 / C0=0` 收斂到 `matched=3 / C0=2`;gate snapshot 顯示 `changed_files=6`、`matched=6`、`categories=3`、`c0=2`、`c1=0`;預設模式已可讀取 staged / unstaged / untracked,臨時 `k8s/nginx/*` smoke 命中 C0;owner packet snapshot `packets=3 / c0=2 / runtime_gate=0`;coverage snapshot `categories=14 / c0=8 / avg=67 / runtime_gate=0`;owner evidence 仍 `provided=false / complete=false`,runtime execution 仍 `false`。這不是 live config read、`nginx -t`、reload、certbot renew、DNS / TLS probe、host write、active scan、workflow 修改、secret 收集、production write 或 runtime gate。
|
||||
69. 同步高價值配置 Owner Packet 前台 projection。✅ 已完成並正式驗證;`/zh-TW/iwooos` 與 `/zh-TW/awooop` 已顯示 owner packet snapshot `packet=3 / c0=2`、最高命中 `C0 / P0`、Nginx public gateway、DNS / TLS / certbot 與 security tooling 影響範圍;feature commit `e999c16b`、deploy marker `16c6b983`、Gitea code-review `2973` / CD `2972` success;request sent、received、accepted、runtime gate 與 action buttons 仍為 `0`;本地與正式 desktop / mobile / in-app browser smoke 已通過,水平溢位 `0`、卡片內操作控制 `0`、危險連結 `0`、工作溝通片語命中 `0`。不得因此調高 IwoooS headline。
|
||||
@@ -894,7 +894,7 @@ Repo / registry / release notes / K8s / host / observability / backup evidence
|
||||
| `docs/evaluations/ai_agent_report_runtime_dry_run_2026-06-12.json` + `GET /api/v1/agents/agent-report-runtime-dry-run` | P2-403M 報表 runtime no-write dry-run 證據包;5 個 dry-run artifact、3 個 queue digest 草案、4 個 readback verifier case、3 個 Agent dry-run role、6 個 operator checkpoint;不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 delivery receipt、不啟動 worker、不跑 verifier live readback |
|
||||
| `docs/evaluations/ai_agent_report_runtime_fixture_readback_2026-06-12.json` + `GET /api/v1/agents/agent-report-runtime-fixture-readback` | P2-403N fixture smoke / queue preview readback / verifier dry-run 證據包;5 個 fixture smoke、3 個 queue preview readback、4 個 verifier dry-run case、3 個 Agent fixture role、5 個 operator checkpoint;不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 delivery receipt、不啟動 worker、不跑 verifier live readback |
|
||||
| `docs/evaluations/ai_agent_runtime_worker_shadow_gate_2026-06-12.json` + `GET /api/v1/agents/agent-runtime-worker-shadow-gate` | P2-404 runtime worker shadow / no-write execution evidence gate;5 個 shadow candidate、4 個 no-write replay、4 個 verifier shadow case、3 個 Agent shadow role、6 個 operator checkpoint;不啟動 live worker、不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 production target |
|
||||
| `docs/evaluations/ai_agent_professional_task_expansion_2026-06-15_1445_p2_405b.json` + `GET /api/v1/agents/agent-professional-task-expansion` | P2-405B AI Agent 專業任務擴展與 Telegram Runtime Bridge;24 類專業任務、8 個領域、5 段 Telegram bridge、6 種訊息類型、6 個 no-send preview、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package、MCP/RAG stack、治理頁 P2-405B 卡片;不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 production target、不讀 secret、不用 paid API |
|
||||
| `docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json` + `GET /api/v1/agents/agent-professional-task-expansion` | P2-405C AI Agent 專業任務擴展與 Telegram Runtime Bridge;24 類專業任務、8 個領域、5 段 Telegram bridge、6 種訊息類型、6 個 no-send preview、6 個 dedup key、6 組 receipt expectation、1 份 canary approval package、1 份 canary send approval packet、7 個批准欄位、6 個停止條件、5 步 mute / rollback、6 個 receipt readback check、MCP/RAG stack、治理頁 P2-405C 卡片;不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 production target、不讀 secret、不用 paid API |
|
||||
| `docs/evaluations/ai_agent_operation_permission_model_2026-06-12.json` + `GET /api/v1/agents/agent-operation-permission-model` | P2-101 操作類別權限模型;5 條 permission lane、13 類 operation category、3 個 Agent permission role、8 個 gate transition、5 個 operator decision template;不啟動 runtime worker、不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 production target、不讀 secret |
|
||||
| `docs/evaluations/ai_agent_candidate_operation_dry_run_evidence_2026-06-12.json` + `GET /api/v1/agents/agent-candidate-operation-dry-run-evidence` | P2-102 候選操作 dry-run 證據;13 類候選操作、13 組 dry-run evidence、6 個 verifier plan、7 個 gate evidence requirement、5 個 operator handoff;不啟動 runtime worker、不寫 Gateway queue、不送 Telegram、不呼叫 Bot API、不寫 production target、不讀 secret、不執行 destructive action |
|
||||
| `docs/evaluations/ai_agent_task_result_audit_trail_2026-06-13.json` + `GET /api/v1/agents/agent-task-result-audit-trail` | P2-103 任務結果稽核軌跡;8 條 result route、6 個 writeback contract、7 個 audit checkpoint、5 個 operator handoff;不寫 KM、不 runtime append LOGBOOK、不寫 audit DB、不寫 timeline、不更新 PlayBook trust、不寫 Gateway queue、不送 Telegram |
|
||||
@@ -5005,3 +5005,15 @@ Trigger commit `f5cd37b7` 與 deploy marker `0ba92357` 已把 governance UI 的
|
||||
- 新增 / 更新測試,明確拒絕 preview send enabled、duplicate dedup key、canary live send enabled、queue write、Bot API call 或 receipt production write。
|
||||
|
||||
**裁決:** 這是 Telegram no-send preview 與 canary approval package,不是 Telegram send、Gateway queue write、Bot API call、delivery receipt production write、approved canary、production write、secret read、host write、kubectl action 或 runtime authorization;下一步 P2-405C 只能產生 approved canary send approval packet 與人工批准欄位,未批准前不得實發。
|
||||
|
||||
### 2026-06-16 10:15 (台北) — §3.2 / §5 — 新增 P2-405C Canary 發送批准包 — 把第一次 TG canary 實發前的統帥批准欄位固定成可 guard artifact
|
||||
|
||||
**觸發**:P2-405B 已讓治理頁看見 Telegram no-send preview、dedup、receipt expectation 與 canary approval package;下一步需要把第一次 Canary 實發前的統帥批准欄位、時間窗、單一訊息類型、目標 env ref、receipt readback owner、mute / rollback plan 與停止條件固定成可測試 artifact,避免把「批准包已就緒」誤判成 Telegram 已可實發。
|
||||
|
||||
**已推進:**
|
||||
- 新增 `docs/evaluations/ai_agent_professional_task_expansion_2026-06-16_1015_p2_405c.json`,`current_task_id=P2-405C`、`next_task_id=P2-405D`、overall `92%`。
|
||||
- `ai_agent_professional_task_expansion_v1` schema 與 API loader 已要求 1 份 canary send approval packet、7 個 operator approval field、6 個 eligible message type、6 個 stop condition、5 個 mute / rollback step、6 個 receipt readback check。
|
||||
- `/zh-TW/governance?tab=automation-inventory` P2-405C 卡片顯示 canary 批准包、批准欄位、停止條件與批准缺口;preview / canary live write 計數仍為 `0`。
|
||||
- 新增 / 更新測試,明確拒絕 canary approval granted、selected message type、canary execution enabled、Gateway queue write、Bot API call、delivery receipt production write、secret read 或 paid API 被提前打開。
|
||||
|
||||
**裁決:** 這是 canary send approval packet,不是 Telegram send、Gateway queue write、Bot API call、delivery receipt production write、approved canary delivery、production write、secret read、host write、kubectl action 或 runtime authorization;下一步 P2-405D 只能在統帥明確填入 canary 發送批准欄位後進入受控 delivery gate,未批准前不得實發。
|
||||
|
||||
Reference in New Issue
Block a user