diff --git a/docs/LOGBOOK.md b/docs/LOGBOOK.md index 4692df7f..f3e84b28 100644 --- a/docs/LOGBOOK.md +++ b/docs/LOGBOOK.md @@ -1,3 +1,25 @@ +## 2026-05-13 | 資安供應鏈 S3.2:人工審查封包契約 + +**背景**:S3.1 已建立 `security_approval_decision_record_v1`,但 AwoooP 還需要一個清楚的審查封包,把 queue/gate 轉成 Operator 可讀的 review order、review lane、required reviewers、requested decision 與 still forbidden,避免把待審項目誤解成已批准或可執行。 + +**本次交付**: +- 新增 `docs/schemas/security_approval_review_packet_v1.schema.json`。 +- 新增 `docs/security/security-approval-review-packet.snapshot.json`,目前 8 個 review packets:7 個 ready for human review、1 個 block candidate、0 個 runtime action 授權。 +- 新增 `docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md`,以繁體中文說明 review packet 可做 / 不可做與階段定位。 +- 更新資安供應鏈 manifest,contract 數量從 29 增至 30。 +- 更新鏡像 readiness、接收計畫、事件範例、路由矩陣、驗收契約、隔離契約、dry-run、status rollup、approval gate、approval queue、AwoooP mirror-only checklist、AwoooP handoff 與整體進度。 + +**累積狀態**: +- 鏡像 readiness 目前為 30 個 contracts:27 個 ready for mirror、2 個 partial ready、1 個 contract-only、0 個 blocked。 +- Approval queue 仍是 8 items:7 個 pending approval、1 個 block candidate。 +- Decision records 目前 0 筆;review packet 不代表批准,也不授權執行。 + +**邊界**: +- 沒有新增 runtime endpoint、DB migration、model 或執行 action。 +- 沒有新增執行按鈕。 +- 沒有啟動 scan、呼叫 Kali `/execute`、建立 repo、修改 visibility、sync refs 或切 GitHub primary。 +- 沒有保存 raw secret、token、cookie、private key 或 exploit payload。 + ## 2026-05-13 | 資安供應鏈 S3.1:人工決策紀錄契約 **背景**:S3.0 已建立 `security_approval_gate_v1`,讓 AwoooP 可顯示人工批准 gate 與 follow-up runtime gate。本輪補上 `security_approval_decision_record_v1`,讓人工 approve / reject / defer / request more evidence / keep blocked 都能被稽核記錄,但不觸發執行。 diff --git a/docs/schemas/security_approval_review_packet_v1.schema.json b/docs/schemas/security_approval_review_packet_v1.schema.json new file mode 100644 index 00000000..414fc753 --- /dev/null +++ b/docs/schemas/security_approval_review_packet_v1.schema.json @@ -0,0 +1,218 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "urn:awoooi:security-approval-review-packet-v1", + "title": "資安供應鏈人工審查封包契約 v1", + "description": "定義 AwoooP 如何把 Security Supply Chain approval queue 與 approval gate 轉成可審查封包。此契約只準備人工審查資料,不授權 runtime execution。", + "type": "object", + "required": [ + "schema_version", + "status", + "date", + "mode", + "runtime_execution_authorized", + "source_indexes", + "summary", + "review_packets", + "packet_rules", + "forbidden_actions" + ], + "properties": { + "schema_version": { + "const": "security_approval_review_packet_v1" + }, + "status": { + "type": "string", + "enum": ["draft"] + }, + "date": { + "type": "string" + }, + "mode": { + "type": "string", + "enum": ["approval_review_packet_only"] + }, + "runtime_execution_authorized": { + "type": "boolean", + "const": false + }, + "source_indexes": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + }, + "summary": { + "type": "object", + "required": [ + "total_review_packets", + "ready_for_human_review_count", + "block_candidate_count", + "decision_records_created_count", + "runtime_actions_authorized", + "action_buttons_allowed", + "raw_secret_storage_authorized" + ], + "properties": { + "total_review_packets": { + "type": "integer", + "minimum": 0 + }, + "ready_for_human_review_count": { + "type": "integer", + "minimum": 0 + }, + "block_candidate_count": { + "type": "integer", + "minimum": 0 + }, + "decision_records_created_count": { + "type": "integer", + "minimum": 0 + }, + "runtime_actions_authorized": { + "type": "boolean", + "const": false + }, + "action_buttons_allowed": { + "type": "boolean", + "const": false + }, + "raw_secret_storage_authorized": { + "type": "boolean", + "const": false + } + }, + "additionalProperties": false + }, + "review_packets": { + "type": "array", + "minItems": 1, + "items": { + "type": "object", + "required": [ + "packet_id", + "review_order", + "gate_id", + "source_queue_item_id", + "risk", + "review_state", + "review_lane", + "requested_decision", + "required_reviewers", + "decision_options", + "evidence_refs", + "allowed_pre_decision_actions", + "allowed_after_decision_actions", + "still_forbidden", + "followup_runtime_gate_required", + "execution_authorized" + ], + "properties": { + "packet_id": { + "type": "string" + }, + "review_order": { + "type": "integer", + "minimum": 1 + }, + "gate_id": { + "type": "string" + }, + "source_queue_item_id": { + "type": "string" + }, + "risk": { + "type": "string", + "enum": ["MEDIUM", "HIGH", "CRITICAL"] + }, + "review_state": { + "type": "string", + "enum": ["ready_for_human_review", "block_candidate"] + }, + "review_lane": { + "type": "string", + "enum": [ + "design_or_draft_review", + "read_only_inventory_review", + "low_noise_scan_scope_review", + "manual_exception_review", + "blocked_by_default_review" + ] + }, + "requested_decision": { + "type": "string" + }, + "required_reviewers": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1, + "uniqueItems": true + }, + "decision_options": { + "type": "array", + "items": { + "type": "string", + "enum": ["approve_scope", "reject", "defer", "request_more_evidence", "keep_blocked"] + }, + "minItems": 1 + }, + "evidence_refs": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + }, + "allowed_pre_decision_actions": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + }, + "allowed_after_decision_actions": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + }, + "still_forbidden": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + }, + "followup_runtime_gate_required": { + "type": "boolean", + "const": true + }, + "execution_authorized": { + "type": "boolean", + "const": false + } + }, + "additionalProperties": false + } + }, + "packet_rules": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + }, + "forbidden_actions": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + } + }, + "additionalProperties": false +} diff --git a/docs/schemas/security_mirror_status_rollup_v1.schema.json b/docs/schemas/security_mirror_status_rollup_v1.schema.json index d3e76e1c..cd08add2 100644 --- a/docs/schemas/security_mirror_status_rollup_v1.schema.json +++ b/docs/schemas/security_mirror_status_rollup_v1.schema.json @@ -62,6 +62,7 @@ "contract_only_count", "blocked_count", "approval_queue_total", + "approval_review_packet_total", "pending_approval_count", "block_candidate_count", "dry_run_status", @@ -93,6 +94,10 @@ "type": "integer", "minimum": 0 }, + "approval_review_packet_total": { + "type": "integer", + "minimum": 0 + }, "pending_approval_count": { "type": "integer", "minimum": 0 diff --git a/docs/security/AWOOOP-MIRROR-ONLY-CONSUMPTION-CHECKLIST.md b/docs/security/AWOOOP-MIRROR-ONLY-CONSUMPTION-CHECKLIST.md index 1525de9d..56181979 100644 --- a/docs/security/AWOOOP-MIRROR-ONLY-CONSUMPTION-CHECKLIST.md +++ b/docs/security/AWOOOP-MIRROR-ONLY-CONSUMPTION-CHECKLIST.md @@ -31,6 +31,7 @@ AwoooP 初期不得直接啟動掃描、不得呼叫 Codex patch runner、不得 | `security_approval_queue_v1` | Security Supply Chain pending approval / block candidate 集中隊列 | Approval queue、Operator Console、Audit | approval-only | 只顯示 review order 與 blocked reason,不執行 queue item | | `security_approval_gate_v1` | S3 人工批准 gate | Approval queue、Operator Console、Audit | approval-only | 只記錄人工決策、批准範圍與 follow-up runtime gate,不執行 gate item | | `security_approval_decision_record_v1` | S3 人工決策紀錄 | Operator Console、Audit | approval-only | 只保存 approve / reject / defer / request more evidence / keep blocked 的稽核紀錄,不執行決策 | +| `security_approval_review_packet_v1` | S3 人工審查封包 | Approval queue、Operator Console、Audit | approval-only | 只顯示 review lane、required reviewers、requested decision 與 still forbidden,不代表批准 | | `security_mirror_readiness_v1` | Security Supply Chain contract mirror readiness index | Operator Console、Runtime State、Channel Event、Audit | mirror-only | 只顯示 ready / partial / contract-only,不執行 mirror item | | `security_mirror_intake_plan_v1` | AwoooP mirror-only intake waves / destinations / acceptance gates | Operator Console、Runtime State、Channel Event、Audit、Approval Queue | mirror-only | 只照 wave 讀取與顯示,不執行 intake item | | `security_mirror_event_v1` | AwoooP mirror-only event envelope | Operator Console、Runtime State、Channel Event、Audit、Approval Queue | mirror-only | 每筆 event 必須 `execution_authorized=false`、`action_buttons_allowed=false` | @@ -91,7 +92,8 @@ AwoooP 初期不得直接啟動掃描、不得呼叫 Codex patch runner、不得 | `security_approval_queue_v1.status=draft` | `approve_required` | 顯示 8 個 queue items、review order 與 blocked reason;不得執行 item | | `security_approval_gate_v1.mode=approval_gate_only` | `approve_required` | 顯示 8 個 gate items、批准範圍與 follow-up runtime gate;批准後不得自動執行 | | `security_approval_decision_record_v1.mode=decision_record_only` | `observe` | 顯示人工決策紀錄;每筆紀錄都必須 `execution_authorized=false` | -| `security_mirror_readiness_v1.status=draft` | `observe` | 顯示 29 個 contracts 的 readiness;不得把 readiness 當 execution authorization | +| `security_approval_review_packet_v1.mode=approval_review_packet_only` | `approve_required` | 顯示 8 個 review packets、review lane 與 still forbidden;不得當成批准或執行授權 | +| `security_mirror_readiness_v1.status=draft` | `observe` | 顯示 30 個 contracts 的 readiness;不得把 readiness 當 execution authorization | | `security_mirror_intake_plan_v1.status=draft` | `observe` | 顯示 5 個 intake waves 與 4 個 acceptance gates;不得執行 wave | | `security_mirror_event_v1.execution_authorized=false` | `observe` | 只包裝鏡像 payload,明確不授權執行、不顯示執行按鈕 | | `security_mirror_route_v1.status=draft` | `observe` | 顯示 5 個 route groups、channel policy 與 review lane;不得轉成 execution router | @@ -165,6 +167,7 @@ AwoooP 初期不得直接啟動掃描、不得呼叫 Codex patch runner、不得 | Security approval queue | `docs/security/security-approval-queue.snapshot.json` / `docs/security/SECURITY-APPROVAL-QUEUE.md` | | Security approval gate | `docs/security/security-approval-gate.snapshot.json` / `docs/security/SECURITY-APPROVAL-GATE.md` | | Security approval decision record | `docs/security/security-approval-decision-record.snapshot.json` / `docs/security/SECURITY-APPROVAL-DECISION-RECORD.md` | +| Security approval review packet | `docs/security/security-approval-review-packet.snapshot.json` / `docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md` | | Security mirror readiness | `docs/security/security-mirror-readiness.snapshot.json` / `docs/security/SECURITY-MIRROR-READINESS.md` | | Security mirror intake plan | `docs/security/security-mirror-intake-plan.snapshot.json` / `docs/security/SECURITY-MIRROR-INTAKE-PLAN.md` | | 資安鏡像事件契約 | `docs/security/security-mirror-event-sample.snapshot.json` / `docs/security/SECURITY-MIRROR-EVENT-CONTRACT.md` | diff --git a/docs/security/AWOOOP-SECURITY-SUPPLYCHAIN-INTEGRATION-HANDOFF.md b/docs/security/AWOOOP-SECURITY-SUPPLYCHAIN-INTEGRATION-HANDOFF.md index 0a864abc..96d422e8 100644 --- a/docs/security/AWOOOP-SECURITY-SUPPLYCHAIN-INTEGRATION-HANDOFF.md +++ b/docs/security/AWOOOP-SECURITY-SUPPLYCHAIN-INTEGRATION-HANDOFF.md @@ -73,7 +73,7 @@ ```text Kali / Code Review / GitHub / Gitea / Codex -> security_supply_chain_contract_manifest_v1 - -> security_mirror_readiness_v1 / security_mirror_intake_plan_v1 / security_mirror_event_v1 / security_mirror_route_v1 / security_mirror_acceptance_v1 / security_mirror_quarantine_v1 / security_mirror_dry_run_v1 / security_mirror_status_rollup_v1 / security_finding_v1 / kali_scan_scope_approval_v1 / security_approval_queue_v1 / security_approval_gate_v1 / security_approval_decision_record_v1 / coding_task_v1 / source_control_migration_event_v1 / gitea_repo_inventory_v1 / local_git_remote_inventory_v1 / github_target_probe_v1 / github_target_decision_v1 / github_target_repo_approval_package_v1 / security_rollout_policy_v1 + -> security_mirror_readiness_v1 / security_mirror_intake_plan_v1 / security_mirror_event_v1 / security_mirror_route_v1 / security_mirror_acceptance_v1 / security_mirror_quarantine_v1 / security_mirror_dry_run_v1 / security_mirror_status_rollup_v1 / security_finding_v1 / kali_scan_scope_approval_v1 / security_approval_queue_v1 / security_approval_gate_v1 / security_approval_decision_record_v1 / security_approval_review_packet_v1 / coding_task_v1 / source_control_migration_event_v1 / gitea_repo_inventory_v1 / local_git_remote_inventory_v1 / github_target_probe_v1 / github_target_decision_v1 / github_target_repo_approval_package_v1 / security_rollout_policy_v1 -> AWOOOI ingestion / asset_inventory / AIOps KPI / AOL -> mirror 到 AwoooP Runtime State / Channel Event / Audit -> AwoooP Policy / Approval / Exception / Operator Console @@ -159,6 +159,18 @@ Snapshot:`docs/security/security-approval-decision-record.snapshot.json` AwoooP 初期處理方式:只保存 reviewer、時間、evidence refs、批准範圍與決策結果;不得把 decision record 當成執行命令。 +### `security_approval_review_packet_v1` + +用途:定義 S3 人工審查封包,將 approval queue 與 approval gate 包成 AwoooP 可顯示的 review packet。 + +Schema:`docs/schemas/security_approval_review_packet_v1.schema.json` + +Snapshot:`docs/security/security-approval-review-packet.snapshot.json` + +目前 review packets:8 筆;7 個 ready for human review、1 個 block candidate。所有 packet 都必須維持 `execution_authorized=false`,且 `action_buttons_allowed=false`。 + +AwoooP 初期處理方式:只顯示 review order、review lane、required reviewers、requested decision、evidence refs 與 still forbidden;不得把 review packet 視為批准或執行授權。 + ### `security_mirror_readiness_v1` 用途:集中整理 Security Supply Chain contracts 的 mirror readiness,讓 AwoooP 先知道哪些可 mirror、哪些 partial、哪些 contract-only。 @@ -167,7 +179,7 @@ Schema:`docs/schemas/security_mirror_readiness_v1.schema.json` Snapshot:`docs/security/security-mirror-readiness.snapshot.json` -目前 readiness:29 個 contracts,26 個 ready for mirror,2 個 partial ready,1 個 contract-only,0 個 blocked。所有 contract 都是 `execution_allowed=false`。 +目前 readiness:30 個 contracts,27 個 ready for mirror,2 個 partial ready,1 個 contract-only,0 個 blocked。所有 contract 都是 `execution_allowed=false`。 AwoooP 初期處理方式:先 mirror readiness index,再依 readiness 分批 mirror 其他 snapshots;不得把 readiness 當 execution authorization。 @@ -203,7 +215,7 @@ Schema:`docs/schemas/security_mirror_route_v1.schema.json` Snapshot:`docs/security/security-mirror-route.snapshot.json` -目前 route:5 個 route groups,涵蓋 29 個 contracts;所有 route 都是 `runtime_execution_authorized=false`。 +目前 route:5 個 route groups,涵蓋 30 個 contracts;所有 route 都是 `runtime_execution_authorized=false`。 AwoooP 初期處理方式:只依 route group 顯示 Operator Console / Runtime State / Channel Event / Audit / Approval Queue,不把 route 轉成 execution router。 @@ -251,7 +263,7 @@ Schema:`docs/schemas/security_mirror_status_rollup_v1.schema.json` Snapshot:`docs/security/security-mirror-status-rollup.snapshot.json` -目前 rollup:`framework_ready_waiting_approval`;29 個 contracts、26 ready、2 partial、1 contract-only、0 blocked;approval queue 仍為 8 items,其中 7 pending approval、1 block candidate,decision records 目前 0 筆。 +目前 rollup:`framework_ready_waiting_approval`;30 個 contracts、27 ready、2 partial、1 contract-only、0 blocked;approval queue 仍為 8 items,其中 7 pending approval、1 block candidate;review packets 8 筆,decision records 目前 0 筆。 AwoooP 初期處理方式:只顯示階段狀態、下一個 gate 與禁止事項,可寫入 Audit evidence;不得把 rollup 當 runtime authorization。 @@ -287,7 +299,7 @@ Schema:`docs/schemas/security_supply_chain_contract_manifest_v1.schema.json` "schema_version": "security_supply_chain_contract_manifest_v1", "status": "draft", "default_enforcement_level": "mirror_only", - "contract_count": 29 + "contract_count": 30 } ``` @@ -702,7 +714,7 @@ Console 初期不提供高風險執行按鈕。 2026-05-12 contract manifest 追加:已新增 `docs/schemas/security_supply_chain_contract_manifest_v1.schema.json`、`docs/security/security-supply-chain-contract-manifest.snapshot.json` 與 `docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md`。AwoooP 應先讀 manifest 作為 mirror-only contract registry,不把 manifest 當 execution router。 -2026-05-13 mirror route 追加:已新增 `docs/schemas/security_mirror_route_v1.schema.json`、`docs/security/security-mirror-route.snapshot.json` 與 `docs/security/SECURITY-MIRROR-ROUTE.md`。AwoooP 可依 5 個 route groups 將 29 個 contracts 分流到 Operator Console、Runtime State、Channel Event、Audit evidence 與 Approval Queue;route 只決定目的地、channel policy 與 review lane,不是 execution router。 +2026-05-13 mirror route 追加:已新增 `docs/schemas/security_mirror_route_v1.schema.json`、`docs/security/security-mirror-route.snapshot.json` 與 `docs/security/SECURITY-MIRROR-ROUTE.md`。AwoooP 可依 5 個 route groups 將 30 個 contracts 分流到 Operator Console、Runtime State、Channel Event、Audit evidence 與 Approval Queue;route 只決定目的地、channel policy 與 review lane,不是 execution router。 2026-05-13 mirror acceptance 追加:已新增 `docs/schemas/security_mirror_acceptance_v1.schema.json`、`docs/security/security-mirror-acceptance.snapshot.json` 與 `docs/security/SECURITY-MIRROR-ACCEPTANCE.md`。AwoooP 可用 7 個 acceptance checks 驗收 mirror ingestion;blocking checks 只針對 contract count mismatch、缺 event envelope、route coverage 不完整或未脫敏 evidence,不得阻擋 runtime 流程。 @@ -710,12 +722,14 @@ Console 初期不提供高風險執行按鈕。 2026-05-13 mirror dry-run 追加:已新增 `docs/schemas/security_mirror_dry_run_v1.schema.json`、`docs/security/security-mirror-dry-run.snapshot.json` 與 `docs/security/SECURITY-MIRROR-DRY-RUN.md`。AwoooP 未來可用 6 個 dry-run steps 回報接入演練結果;本 snapshot 狀態為 `contract_defined_not_executed`,不得視為 production ingestion 已啟用。 -2026-05-13 mirror status rollup 追加:已新增 `docs/schemas/security_mirror_status_rollup_v1.schema.json`、`docs/security/security-mirror-status-rollup.snapshot.json` 與 `docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md`。AwoooP 與 Security Supply Chain Session 可用同一份 rollup 同步 S0-S4、29 個 contracts、approval queue summary 與下一個安全 gate;本契約不授權任何 runtime action。 +2026-05-13 mirror status rollup 追加:已新增 `docs/schemas/security_mirror_status_rollup_v1.schema.json`、`docs/security/security-mirror-status-rollup.snapshot.json` 與 `docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md`。AwoooP 與 Security Supply Chain Session 可用同一份 rollup 同步 S0-S4、30 個 contracts、approval queue summary、review packet summary 與下一個安全 gate;本契約不授權任何 runtime action。 2026-05-13 S3 approval gate 追加:已新增 `docs/schemas/security_approval_gate_v1.schema.json`、`docs/security/security-approval-gate.snapshot.json` 與 `docs/security/SECURITY-APPROVAL-GATE.md`。AwoooP 可用 8 個 gate items 記錄人工批准、拒絕、延後或補 evidence;批准後仍需 follow-up runtime gate,不得直接執行。 2026-05-13 S3 decision record 追加:已新增 `docs/schemas/security_approval_decision_record_v1.schema.json`、`docs/security/security-approval-decision-record.snapshot.json` 與 `docs/security/SECURITY-APPROVAL-DECISION-RECORD.md`。AwoooP 可保存人工決策稽核紀錄;目前 0 筆 decision records,所有紀錄都必須 `execution_authorized=false`。 +2026-05-13 S3 review packet 追加:已新增 `docs/schemas/security_approval_review_packet_v1.schema.json`、`docs/security/security-approval-review-packet.snapshot.json` 與 `docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md`。AwoooP 可顯示 8 個人工審查封包、review lane、required reviewers 與 still forbidden;review packet 不代表批准,也不授權執行。 + 2026-05-13 Kali 112 live 整合狀態追加:已在授權下登入 `192.168.0.112` 做 read-only 盤點與低風險更新,並新增 `docs/schemas/kali_integration_status_v1.schema.json`、`docs/security/kali-integration-status.snapshot.json` 與 `docs/security/KALI-INTEGRATION-STATUS.md`。Kali Scanner API `/health` healthy、`kali-scanner.service` active/enabled、node-exporter 與 wg-easy container up;已 targeted update `nmap`、`nikto`、`nuclei`、`curl`、`openssl`、CA 套件,安裝 `jq`,時區改為 `Asia/Taipei`,更新後無 reboot required。AwoooP 可 mirror health / update / gap evidence,但不得直接啟動 scan、credentialed scan 或 `/execute`。 本波仍不做: diff --git a/docs/security/SECURITY-APPROVAL-DECISION-RECORD.md b/docs/security/SECURITY-APPROVAL-DECISION-RECORD.md index 26d39e24..c1c06e58 100644 --- a/docs/security/SECURITY-APPROVAL-DECISION-RECORD.md +++ b/docs/security/SECURITY-APPROVAL-DECISION-RECORD.md @@ -17,6 +17,8 @@ 它不是 runner,也不是授權 token。任何決策紀錄都必須維持 `execution_authorized=false`。 +S3.2 的 `security_approval_review_packet_v1` 只負責把待審項目整理成封包。Review packet 不是決策;只有人工審完後,才可把結果寫入本契約。 + ## 1. 目前狀態 | 指標 | 數量 | @@ -36,6 +38,7 @@ 3. 顯示哪些決策仍需要 follow-up runtime gate。 4. 將決策紀錄寫入 Audit evidence。 5. 將拒絕、延後或補 evidence 的原因顯示給 Operator。 +6. 連回原始 `security_approval_review_packet_v1`,讓 Operator 可追溯決策前看到的 evidence 與限制。 ## 3. AwoooP 不可做 diff --git a/docs/security/SECURITY-APPROVAL-GATE.md b/docs/security/SECURITY-APPROVAL-GATE.md index c8f72ad7..1b603361 100644 --- a/docs/security/SECURITY-APPROVAL-GATE.md +++ b/docs/security/SECURITY-APPROVAL-GATE.md @@ -17,7 +17,7 @@ 批准後最多只能進入下一步設計、草案、只讀 inventory、低噪音 scope 或人工 exception;任何真正 runtime action 都還需要後續 runtime gate。 -S3.1 開始,實際人工決策紀錄由 `security_approval_decision_record_v1` 保存。Gate 定義可審項目與批准範圍;Decision Record 保存決策結果與 audit evidence。 +S3.1 開始,實際人工決策紀錄由 `security_approval_decision_record_v1` 保存。S3.2 開始,可用 `security_approval_review_packet_v1` 把 gate item 包成 review packet。Gate 定義可審項目與批准範圍;Review Packet 協助人工審查;Decision Record 保存決策結果與 audit evidence。 ## 1. 目前 Gate 狀態 @@ -52,6 +52,7 @@ S3.1 開始,實際人工決策紀錄由 `security_approval_decision_record_v1` 4. 顯示批准範圍與仍然禁止事項。 5. 提醒哪些項目需要 follow-up runtime gate。 6. 將決策結果寫成 `security_approval_decision_record_v1`,但維持 `execution_authorized=false`。 +7. 將 gate item 包成 `security_approval_review_packet_v1`,只顯示 review lane、required reviewers 與仍禁止事項。 ## 4. AwoooP 不可做 diff --git a/docs/security/SECURITY-APPROVAL-QUEUE.md b/docs/security/SECURITY-APPROVAL-QUEUE.md index 6a7cd44e..076231dd 100644 --- a/docs/security/SECURITY-APPROVAL-QUEUE.md +++ b/docs/security/SECURITY-APPROVAL-QUEUE.md @@ -15,7 +15,7 @@ 它不是授權清單。所有 queue item 都只能顯示、排序、建立 approval candidate,不能直接執行。 -S3.0 開始,人工批准範圍由 `security_approval_gate_v1` 承接。S3.1 開始,實際人工決策結果由 `security_approval_decision_record_v1` 保存。Queue 負責排序候選;Gate 負責限制批准範圍;Decision Record 負責稽核紀錄。 +S3.0 開始,人工批准範圍由 `security_approval_gate_v1` 承接。S3.1 開始,實際人工決策結果由 `security_approval_decision_record_v1` 保存。S3.2 開始,AwoooP 可用 `security_approval_review_packet_v1` 把 queue/gate 轉成可審查封包。Queue 負責排序候選;Gate 負責限制批准範圍;Review Packet 負責讓人好審;Decision Record 負責稽核紀錄。 目前狀態: @@ -48,7 +48,7 @@ S3.0 開始,人工批准範圍由 `security_approval_gate_v1` 承接。S3.1 3. 建立 approval candidate。 4. 保存人工決策結果與 audit evidence。 5. 依 review order 提醒下一個低摩擦 gate。 -6. 將批准範圍對齊 `security_approval_gate_v1`,再把決策結果寫入 `security_approval_decision_record_v1`,但不觸發執行。 +6. 將批准範圍對齊 `security_approval_gate_v1`,用 `security_approval_review_packet_v1` 顯示審查封包,再把決策結果寫入 `security_approval_decision_record_v1`,但不觸發執行。 ## 3. AwoooP 不可以做 diff --git a/docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md b/docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md new file mode 100644 index 00000000..f9b8393b --- /dev/null +++ b/docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md @@ -0,0 +1,64 @@ +# 資安人工審查封包契約 + +| 項目 | 內容 | +|------|------| +| 日期 | 2026-05-13 | +| 狀態 | 草案 | +| Schema | `docs/schemas/security_approval_review_packet_v1.schema.json` | +| Snapshot | `docs/security/security-approval-review-packet.snapshot.json` | +| 模式 | `approval_review_packet_only` | +| runtime 執行授權 | `false` | + +## 0. 核心結論 + +`security_approval_review_packet_v1` 是 S3.2 的人工審查封包格式。 + +它把 `security_approval_queue_v1` 與 `security_approval_gate_v1` 的 8 個審查項目整理成 AwoooP 可以顯示的 review packet,讓 Operator 看得懂「現在要審什麼、由誰審、可以做哪些決策、仍然禁止哪些動作」。 + +它不是批准結果,也不是執行授權。真正的人工決策仍必須另外寫入 `security_approval_decision_record_v1`,而且每筆紀錄都必須維持 `execution_authorized=false`。 + +## 1. 目前狀態 + +| 指標 | 數量 | +|------|------| +| Review packets | 8 | +| Ready for human review | 7 | +| Block candidate | 1 | +| Decision records created | 0 | +| Runtime actions authorized | `false` | +| Action buttons allowed | `false` | + +## 2. Review Packet 順序 + +| 順序 | Packet | Review lane | 初期定位 | +|------|--------|-------------|----------| +| 1 | Redacted finding ingestion | `design_or_draft_review` | 只審是否可設計或建立 draft PR | +| 2 | Safe web crawl | `low_noise_scan_scope_review` | 只審低噪音 scope 定義 | +| 3 | Gitea read-only inventory | `read_only_inventory_review` | 只審只讀 token 或 redacted export | +| 4 | GitHub target decisions | `design_or_draft_review` | 只審 owner / visibility / canonical 草案 | +| 5 | Ref truth review | `design_or_draft_review` | 只審人工分類與 reconcile 草案 | +| 6 | Credentialed scan | `manual_exception_review` | 只審 exception 設計 | +| 7 | Kali full-upgrade / reboot | `manual_exception_review` | 只審維護窗口與 rollback 計畫 | +| 8 | Kali `/execute` | `blocked_by_default_review` | 預設維持 block candidate | + +## 3. AwoooP 可做 + +1. 顯示 review packet、review order、risk、review lane 與 required reviewers。 +2. 顯示 requested decision、decision options、evidence refs 與 still forbidden。 +3. 讓人工 reviewer 選擇 approve / reject / defer / request more evidence / keep blocked。 +4. 將實際決策另寫成 `security_approval_decision_record_v1`。 +5. 將 packet 作為 Operator Console / Audit evidence,不新增執行按鈕。 + +## 4. AwoooP 不可做 + +1. 不把 review packet 視為批准。 +2. 不把 review packet 視為 runtime authorization。 +3. 不因為 packet 存在就啟動 scan、credentialed scan 或 Kali `/execute`。 +4. 不建立 GitHub repo、不改 visibility、不 sync refs、不切 GitHub primary。 +5. 不保存 raw secret、token、cookie、private key、credential value 或 exploit payload。 + +## 5. 階段定位 + +S3.2 只補上「讓人好審」的封包,不提高資安阻力。 + +低風險與中風險仍以 observe / warn / draft review 為主;只有不可逆或高風險動作才持續留在 approval gate,且批准後仍必須再過 runtime gate。 diff --git a/docs/security/SECURITY-MIRROR-ACCEPTANCE.md b/docs/security/SECURITY-MIRROR-ACCEPTANCE.md index 790379a8..1abef676 100644 --- a/docs/security/SECURITY-MIRROR-ACCEPTANCE.md +++ b/docs/security/SECURITY-MIRROR-ACCEPTANCE.md @@ -27,7 +27,7 @@ | Check | 目的 | 失敗時是否阻擋鏡像 | |-------|------|--------------------| -| `CONTRACT_COUNT_MATCH` | 確認 manifest、readiness、route coverage 對齊 29 個 contracts | 是 | +| `CONTRACT_COUNT_MATCH` | 確認 manifest、readiness、route coverage 對齊 30 個 contracts | 是 | | `EVENT_ENVELOPE_REQUIRED` | 確認每筆 payload 都不可執行、不可顯示執行按鈕 | 是 | | `ROUTE_GROUP_COVERAGE` | 確認 5 個 route groups 覆蓋所有 contracts | 是 | | `REDACTION_ONLY` | 確認不保存 raw sensitive value | 是 | diff --git a/docs/security/SECURITY-MIRROR-INTAKE-PLAN.md b/docs/security/SECURITY-MIRROR-INTAKE-PLAN.md index 7af7eac8..70aec3e2 100644 --- a/docs/security/SECURITY-MIRROR-INTAKE-PLAN.md +++ b/docs/security/SECURITY-MIRROR-INTAKE-PLAN.md @@ -19,10 +19,10 @@ | Wave | 目的 | 主要 contracts | Exit gate | |------|------|----------------|-----------| -| `M0_index_bootstrap` | 先載入 readiness、manifest、低摩擦 policy、鏡像事件信封、鏡像路由矩陣、驗收契約、隔離契約、dry-run 報告格式、status rollup、approval gate 與 decision record | readiness / manifest / rollout policy / mirror event / mirror route / acceptance / quarantine / dry-run / status rollup / approval gate / decision record | 顯示 29 個 contract 且 `execution_allowed=false` | +| `M0_index_bootstrap` | 先載入 readiness、manifest、低摩擦 policy、鏡像事件信封、鏡像路由矩陣、驗收契約、隔離契約、dry-run 報告格式、status rollup、approval gate、decision record 與 review packet | readiness / manifest / rollout policy / mirror event / mirror route / acceptance / quarantine / dry-run / status rollup / approval gate / decision record / review packet | 顯示 30 個 contract 且 `execution_allowed=false` | | `M1_kali_visibility` | 顯示 Kali 112、scan scope、approval queue | Kali status / scan scope / approval queue / finding sample | 顯示 5 個 scope groups 與 8 個 queue items,沒有執行按鈕 | | `M2_source_control_visibility` | 顯示 Gitea/GitHub source-control evidence | migration / inventory / refs / approval board | 顯示 blocking reasons,repo/refs actions 全 disabled | -| `M3_approval_candidates` | 顯示 approval candidates、S3 gate、decision record 與人工決策留痕 | approval events / approval queue / approval gate / decision record / source-control board | 可留痕,不可自動批准或執行 | +| `M3_approval_candidates` | 顯示 approval candidates、S3 gate、decision record、review packet 與人工決策留痕 | approval events / approval queue / approval gate / decision record / review packet / source-control board | 可留痕,不可自動批准或執行 | | `M4_patch_only_backlog` | 顯示 Codex patch-only backlog lane | coding task | 只顯示 lane,不接 Codex runner action | ## 2. AwoooP 可做 @@ -38,7 +38,7 @@ 9. 將 approval-only contracts mirror 到 Approval Queue。 10. 使用 `security_approval_gate_v1` 顯示批准範圍與 follow-up runtime gate。 11. 使用 `security_approval_decision_record_v1` 保存人工決策紀錄。 -12. 顯示 required reviewers、blocked reason、evidence refs、review order。 +12. 使用 `security_approval_review_packet_v1` 顯示 review packet、required reviewers、blocked reason、evidence refs、review order。 13. 記錄人工決策結果,但不自動執行後續動作。 ## 3. AwoooP 不可做 diff --git a/docs/security/SECURITY-MIRROR-READINESS.md b/docs/security/SECURITY-MIRROR-READINESS.md index 4eb5a0d9..0c9ce79f 100644 --- a/docs/security/SECURITY-MIRROR-READINESS.md +++ b/docs/security/SECURITY-MIRROR-READINESS.md @@ -23,7 +23,7 @@ | 狀態 | 數量 | 說明 | |------|------|------| -| `ready_for_mirror` | 26 | 可直接 mirror 成 Operator Console / Runtime State / Channel Event / Audit evidence | +| `ready_for_mirror` | 27 | 可直接 mirror 成 Operator Console / Runtime State / Channel Event / Audit evidence | | `partial_ready` | 2 | 可 mirror,但 evidence 仍不完整 | | `contract_only` | 1 | 有 schema / handoff,尚無正式 snapshot | | `blocked` | 0 | 目前沒有禁止 mirror 的 contract | @@ -77,7 +77,8 @@ AwoooP 可以將 ready / partial contracts mirror 到: 9. 再 mirror `security_approval_queue_v1`,只顯示 review order。 10. 再 mirror `security_approval_gate_v1`,只記錄人工決策與 follow-up runtime gate。 11. 再 mirror `security_approval_decision_record_v1`,只保存人工決策紀錄,不觸發執行。 -12. 再 mirror `kali_integration_status_v1` 與 `kali_scan_scope_approval_v1`。 -13. 最後再 mirror source-control 相關 contracts。 +12. 再 mirror `security_approval_review_packet_v1`,只顯示人工審查封包、review lane 與仍然禁止事項。 +13. 再 mirror `kali_integration_status_v1` 與 `kali_scan_scope_approval_v1`。 +14. 最後再 mirror source-control 相關 contracts。 整個 S2 不新增 execution router、不新增執行按鈕、不新增 runtime blocker。 diff --git a/docs/security/SECURITY-MIRROR-ROUTE.md b/docs/security/SECURITY-MIRROR-ROUTE.md index ee1884b3..9b4d43de 100644 --- a/docs/security/SECURITY-MIRROR-ROUTE.md +++ b/docs/security/SECURITY-MIRROR-ROUTE.md @@ -25,10 +25,10 @@ | Route group | 目的 | 初期 channel policy | review lane | |-------------|------|---------------------|-------------| -| `M0_index_bootstrap` | 載入 readiness、manifest、policy、event、intake、route、acceptance、quarantine、dry-run、status rollup | `no_channel_event` | `observe` | +| `M0_index_bootstrap` | 載入 readiness、manifest、policy、event、intake、route、acceptance、quarantine、dry-run、status rollup 與 S3 review packet 位置 | `no_channel_event` | `observe` | | `M1_kali_visibility` | 顯示 Kali 112、111 / 168 scope、approval queue 與 finding sample | `approval_required_only` | `approval_required` | | `M2_source_control_visibility` | 顯示 Gitea / GitHub repo、branch、tag、canonical 差異 | `low_noise_status` | `source_control_review` | -| `M3_approval_candidates` | 顯示人工批准候選、S3 gate、decision record 與留痕 | `approval_required_only` | `approval_required` | +| `M3_approval_candidates` | 顯示人工批准候選、S3 gate、decision record、review packet 與留痕 | `approval_required_only` | `approval_required` | | `M4_patch_only_backlog` | 顯示 Code Review 後的 Codex patch-only backlog lane | `no_channel_event` | `patch_only` | ## 2. AwoooP 可做 @@ -52,7 +52,7 @@ S2.7 後,AwoooP 主線只需要能讀到: -1. 29 個 contracts。 +1. 30 個 contracts。 2. 5 個 route groups。 3. 所有 route group 都是 `runtime_execution_authorized=false`。 4. Channel Event 初期低噪音。 diff --git a/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md b/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md index f989a2a4..a7688747 100644 --- a/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md +++ b/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md @@ -19,11 +19,12 @@ | 類型 | 狀態 | |------|------| -| Contract manifest | 29 個 contracts | -| Mirror readiness | 26 ready、2 partial、1 contract-only、0 blocked | +| Contract manifest | 30 個 contracts | +| Mirror readiness | 27 ready、2 partial、1 contract-only、0 blocked | | Approval queue | 8 items:7 pending approval、1 block candidate | | Approval gate | S3.0 已建立;0 approved、7 pending、1 block candidate | | Decision records | S3.1 已建立;目前 0 筆決策紀錄 | +| Review packets | S3.2 已建立;8 packets、7 ready for human review、1 block candidate | | Dry-run | `contract_defined_not_executed` | | Runtime actions | `false` | | Payload ingestion | `false` | @@ -48,7 +49,7 @@ 下一步仍不是 runtime enforcement。 -建議先讓 AwoooP 主線只讀消費本 rollup、`security_approval_gate_v1` 與 `security_approval_decision_record_v1`,並由人工依序 review: +建議先讓 AwoooP 主線只讀消費本 rollup、`security_approval_gate_v1`、`security_approval_decision_record_v1` 與 `security_approval_review_packet_v1`,並由人工依序 review: 1. redacted finding ingestion adapter。 2. safe web crawl scope。 diff --git a/docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md b/docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md index 0d862bb7..a4c22e44 100644 --- a/docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md +++ b/docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md @@ -11,7 +11,7 @@ ## 0. 核心結論 -目前 Security Supply Chain 已有 29 個主要契約可交給 AwoooP 消費。Manifest 的用途是把分散的 schema、snapshot、人讀文件、允許動作與禁止動作收成一份入口,避免不同 Session 各自解讀。 +目前 Security Supply Chain 已有 30 個主要契約可交給 AwoooP 消費。Manifest 的用途是把分散的 schema、snapshot、人讀文件、允許動作與禁止動作收成一份入口,避免不同 Session 各自解讀。 初期預設仍是 `mirror_only`。Manifest 不授權 runtime enforcement、不授權 GitHub/Gitea 主控切換、不授權 repo 建立或 refs sync。 @@ -26,6 +26,7 @@ | `security_approval_queue_v1` | approval-only | AwoooP 可 mirror 的 Security Supply Chain approval queue | `security-approval-queue.snapshot.json` | | `security_approval_gate_v1` | approval-only | S3 人工批准 gate 與 follow-up runtime gate 邊界 | `security-approval-gate.snapshot.json` | | `security_approval_decision_record_v1` | approval-only | S3 人工決策稽核紀錄 | `security-approval-decision-record.snapshot.json` | +| `security_approval_review_packet_v1` | approval-only | S3 人工審查封包與 review lane | `security-approval-review-packet.snapshot.json` | | `security_mirror_readiness_v1` | mirror-only | AwoooP mirror/read-only readiness index | `security-mirror-readiness.snapshot.json` | | `security_mirror_intake_plan_v1` | mirror-only | AwoooP mirror-only intake waves 與 acceptance gates | `security-mirror-intake-plan.snapshot.json` | | `security_mirror_event_v1` | mirror-only | AwoooP mirror event envelope | `security-mirror-event-sample.snapshot.json` | @@ -54,7 +55,7 @@ 1. 先讀 `security_rollout_policy_v1`,確認目前仍是 `mirror_only`。 2. 再讀本 manifest,取得可消費 contract 與禁止動作。 3. 將 snapshot mirror 成 Runtime State / Channel Event / Audit evidence。 -4. 只對 `approval_required_event_v1` 與 repo approval package 建 approval candidate。 +4. 只對 `approval_required_event_v1`、repo approval package 與 `security_approval_review_packet_v1` 建 approval candidate / review lane。 5. 不新增執行按鈕,不做 runtime enforcement。 ## 3. 永久禁止 diff --git a/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md b/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md index 8482d0ee..eba152c7 100644 --- a/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md +++ b/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md @@ -4,7 +4,7 @@ |------|------| | 日期 | 2026-05-13 | | 狀態 | S0/S1 read-only evidence 建置中 | -| 本階段完成 | 資安供應鏈 contract manifest + Source Control Approval Board + Draft Reconcile Plan + Ref Detail Diff + Ref Truth Classification + Kali 112 live integration status + Security Finding contract + Kali scan scope approval package + Security Approval Queue + S3 人工批准 Gate + S3 人工決策紀錄 + 鏡像 readiness index + 鏡像接收計畫 + 鏡像事件信封 + 鏡像路由矩陣 + 鏡像驗收契約 + 鏡像隔離契約 + 鏡像 dry-run 報告契約 + 鏡像狀態彙整契約 | +| 本階段完成 | 資安供應鏈 contract manifest + Source Control Approval Board + Draft Reconcile Plan + Ref Detail Diff + Ref Truth Classification + Kali 112 live integration status + Security Finding contract + Kali scan scope approval package + Security Approval Queue + S3 人工批准 Gate + S3 人工決策紀錄 + S3 人工審查封包 + 鏡像 readiness index + 鏡像接收計畫 + 鏡像事件信封 + 鏡像路由矩陣 + 鏡像驗收契約 + 鏡像隔離契約 + 鏡像 dry-run 報告契約 + 鏡像狀態彙整契約 | | 原則 | 低摩擦分階段;文件、schema、read-only evidence 優先;不做 runtime enforcement、不切 primary | ## 0. 本階段完成後整體進度 @@ -20,11 +20,11 @@ | S1.2b branch/tag detail diff | 完成草案 | 3 個 refs-blocked mapped repos 已完成 branch/tag 明細 diff;已忽略本 PR 分支避免 evidence 自我污染 | 人工判定真相來源與 deprecated refs | | S1.2c refs 真相來源分類 | 完成草案 | 141 個 ref review items 已分類:4 個真相來源、114 個 drift deprecated 候選、3 個 release tags、20 個 GitHub-only refs | repo owner 單 ref / 單 repo 判定 | | S1.3 低摩擦 rollout policy | 完成草案 | observe-first / mirror-only matrix 已建立 | AwoooP read-only policy 消費 | -| S1.4 契約索引 | 完成草案 | 29 個主要 contract 已集中成 manifest | AwoooP mirror-only contract registry | +| S1.4 契約索引 | 完成草案 | 30 個主要 contract 已集中成 manifest | AwoooP mirror-only contract registry | | S1.5 Kali 112 live 整合狀態 | 完成第一波 | 112 已登入盤點、scanner API healthy、targeted scanner packages updated、Asia/Taipei timezone、no reboot required | scan result ingestion + `/execute` high-risk gate | | S1.6 Kali finding / scan scope approval | 完成草案 | `security_finding_v1` sample snapshot 與 `kali_scan_scope_approval_v1` approval package 已建立;111/168 已納入 observe-only scope | 人工批准 safe crawl / credentialed scan / runtime ingestion / full-upgrade gate | | S1.7 Security approval queue | 完成草案 | 8 個 approval queue items 已集中:7 pending approval、1 block candidate;AwoooP 可 mirror 但不得執行 | 先 review redacted finding ingestion,再 review safe crawl / Gitea inventory | -| S2 AwoooP mirror-only readiness | 完成草案 | `security_mirror_readiness_v1` 已整理 29 個 contracts:26 ready、2 partial、1 contract-only、0 blocked | AwoooP 主線建立只讀入口 | +| S2 AwoooP mirror-only readiness | 完成草案 | `security_mirror_readiness_v1` 已整理 30 個 contracts:27 ready、2 partial、1 contract-only、0 blocked | AwoooP 主線建立只讀入口 | | S2.1 AwoooP mirror-only intake plan | 完成草案 | `security_mirror_intake_plan_v1` 已建立 5 個 intake waves 與 4 個 acceptance gates | AwoooP 主線照 wave mirror,不新增 execution router | | S2.2 AwoooP 鏡像事件信封 | 完成草案 | `security_mirror_event_v1` 已建立,要求每筆鏡像 payload 標示 `execution_authorized=false` 與 `action_buttons_allowed=false` | AwoooP 鏡像 payload 統一信封 | | S2.3 AwoooP 鏡像路由矩陣 | 完成草案 | `security_mirror_route_v1` 已建立 5 個 route groups,定義目的地、channel policy 與 review lane | AwoooP 消費時不猜路由、不新增執行入口 | @@ -35,6 +35,7 @@ | S3 approval gate | 進行中 | `security_approval_gate_v1` 已建立 8 個人工 gate items:7 pending、1 block candidate、0 approved | 不得繞過人工批准;批准後仍需 follow-up runtime gate | | S3.0 人工批准 Gate 契約 | 完成草案 | 定義批准範圍、決策選項、required reviewers、still forbidden 與 follow-up runtime gate | AwoooP 可記錄決策,不可執行 gate item | | S3.1 人工決策紀錄契約 | 完成草案 | `security_approval_decision_record_v1` 已建立;目前 0 筆 decision records、0 個 runtime action 授權 | AwoooP 可稽核決策,不可把決策當執行 | +| S3.2 人工審查封包契約 | 完成草案 | `security_approval_review_packet_v1` 已建立;8 個 review packets、7 ready for human review、1 block candidate、0 個 runtime action 授權 | AwoooP 可顯示 review lane,不可把 packet 當批准或執行 | | S4 migration execution | 未開始 | GitHub primary 長期方向已確認,但 refs / tags / workflow / secret 名稱尚未全量驗證 | SHA/tag/workflow parity 與 rollback ADR | ## 1. 已建立的主要 evidence @@ -75,6 +76,8 @@ | Security approval gate JSON | `docs/security/security-approval-gate.snapshot.json` | | Security approval decision record | `docs/security/SECURITY-APPROVAL-DECISION-RECORD.md` | | Security approval decision record JSON | `docs/security/security-approval-decision-record.snapshot.json` | +| Security approval review packet | `docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md` | +| Security approval review packet JSON | `docs/security/security-approval-review-packet.snapshot.json` | | Security mirror readiness | `docs/security/SECURITY-MIRROR-READINESS.md` | | Security mirror readiness JSON | `docs/security/security-mirror-readiness.snapshot.json` | | Security mirror intake plan | `docs/security/SECURITY-MIRROR-INTAKE-PLAN.md` | @@ -120,6 +123,6 @@ 3. 依 `SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md` 對 `awoooi`、`clawbot-v5`、`wooo-aiops` 做單 repo / 單 ref owner 判定;仍不得 push refs。 4. 對 `ewoooc` / `momo-pro-system` 完成 server-side canonical 判定。 5. 依 `KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md` 取得 safe crawl、credentialed scan、runtime ingestion、full-upgrade / reboot 等 gate 的人工批准;不得直接接 `/execute`。 -6. AwoooP 主線先讀 `security_mirror_readiness_v1`、`security_mirror_intake_plan_v1`、`security_mirror_event_v1`、`security_mirror_route_v1`、`security_mirror_acceptance_v1`、`security_mirror_quarantine_v1`、`security_mirror_dry_run_v1`、`security_mirror_status_rollup_v1`、`security_approval_gate_v1` 與 `security_approval_decision_record_v1`,只建立 mirror-only / read-only policy 入口,不新增執行按鈕。 +6. AwoooP 主線先讀 `security_mirror_readiness_v1`、`security_mirror_intake_plan_v1`、`security_mirror_event_v1`、`security_mirror_route_v1`、`security_mirror_acceptance_v1`、`security_mirror_quarantine_v1`、`security_mirror_dry_run_v1`、`security_mirror_status_rollup_v1`、`security_approval_gate_v1`、`security_approval_decision_record_v1` 與 `security_approval_review_packet_v1`,只建立 mirror-only / read-only policy 入口,不新增執行按鈕。 7. AwoooP 主線消費 `security_rollout_policy_v1` 時,只做 read-only policy,不做 runtime blocking。 -8. AwoooP 主線再讀 `security_approval_queue_v1`、`security_approval_gate_v1`、`security_approval_decision_record_v1` 與 `security_supply_chain_contract_manifest_v1`,顯示 review order、批准範圍、決策紀錄與 blocked reason,不新增 execution router。 +8. AwoooP 主線再讀 `security_approval_queue_v1`、`security_approval_gate_v1`、`security_approval_decision_record_v1`、`security_approval_review_packet_v1` 與 `security_supply_chain_contract_manifest_v1`,顯示 review order、批准範圍、審查封包、決策紀錄與 blocked reason,不新增 execution router。 diff --git a/docs/security/security-approval-decision-record.snapshot.json b/docs/security/security-approval-decision-record.snapshot.json index 4c89ba60..9e37de5b 100644 --- a/docs/security/security-approval-decision-record.snapshot.json +++ b/docs/security/security-approval-decision-record.snapshot.json @@ -7,6 +7,7 @@ "source_indexes": [ "docs/security/security-approval-gate.snapshot.json", "docs/security/security-approval-queue.snapshot.json", + "docs/security/security-approval-review-packet.snapshot.json", "docs/security/security-mirror-status-rollup.snapshot.json" ], "summary": { @@ -23,6 +24,7 @@ "decision_records": [], "recording_rules": [ "每筆人工決策都必須引用 security_approval_gate_v1 的 gate_id 與 source_queue_item_id。", + "若決策來自 security_approval_review_packet_v1,需在 notes 或 evidence refs 保留 packet_id 的稽核關聯。", "approve_scope 只代表批准該 scope 進下一步設計、草案、只讀 inventory、低噪音 scope 或人工 exception;不代表可立即執行。", "所有 decision record 都必須維持 execution_authorized=false。", "任何批准後的 scan、/execute、repo、refs、deploy、secret、RBAC、NetworkPolicy、firewall 變更都必須另有 follow-up runtime gate。", diff --git a/docs/security/security-approval-gate.snapshot.json b/docs/security/security-approval-gate.snapshot.json index 6b3c0757..44e2b9eb 100644 --- a/docs/security/security-approval-gate.snapshot.json +++ b/docs/security/security-approval-gate.snapshot.json @@ -266,6 +266,7 @@ ], "decision_recording_rules": [ "每個 gate item 必須記錄人工決策、reviewer、時間、evidence refs 與批准範圍。", + "每個 gate item 可被包成 security_approval_review_packet_v1,但 review packet 不代表批准。", "批准只代表該 scope 可進下一步設計、草案、只讀 inventory 或人工 exception;不代表可立即執行 runtime action。", "任何 scan、/execute、repo、refs、deploy、secret、RBAC、NetworkPolicy、firewall 變更都需要 follow-up runtime gate。", "拒絕、延後或要求補 evidence 時,只更新 gate 狀態與 audit evidence,不觸發修復。" diff --git a/docs/security/security-approval-review-packet.snapshot.json b/docs/security/security-approval-review-packet.snapshot.json new file mode 100644 index 00000000..9a5cd61e --- /dev/null +++ b/docs/security/security-approval-review-packet.snapshot.json @@ -0,0 +1,343 @@ +{ + "schema_version": "security_approval_review_packet_v1", + "status": "draft", + "date": "2026-05-13", + "mode": "approval_review_packet_only", + "runtime_execution_authorized": false, + "source_indexes": [ + "docs/security/security-approval-queue.snapshot.json", + "docs/security/security-approval-gate.snapshot.json", + "docs/security/security-approval-decision-record.snapshot.json", + "docs/security/security-mirror-status-rollup.snapshot.json", + "docs/security/security-rollout-policy.snapshot.json" + ], + "summary": { + "total_review_packets": 8, + "ready_for_human_review_count": 7, + "block_candidate_count": 1, + "decision_records_created_count": 0, + "runtime_actions_authorized": false, + "action_buttons_allowed": false, + "raw_secret_storage_authorized": false + }, + "review_packets": [ + { + "packet_id": "review-packet-redacted-finding-ingestion-20260513", + "review_order": 1, + "gate_id": "gate-redacted-finding-ingestion-20260513", + "source_queue_item_id": "kali-finding-runtime-ingestion-approval-20260513", + "risk": "MEDIUM", + "review_state": "ready_for_human_review", + "review_lane": "design_or_draft_review", + "requested_decision": "是否允許先設計或建立 draft PR,讓 AwoooP 未來可接收已脫敏 security_finding_v1 摘要與 evidence_ref。", + "required_reviewers": [ + "security-commander", + "human-owner" + ], + "decision_options": ["approve_scope", "reject", "defer", "request_more_evidence"], + "evidence_refs": [ + "docs/security/SECURITY-FINDING-CONTRACT.md", + "docs/security/security-finding-kali-sample.snapshot.json", + "docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md" + ], + "allowed_pre_decision_actions": [ + "顯示 packet 與 evidence refs", + "要求 reviewer 補充 scope 或資料欄位", + "保留 sample snapshot mirror-only" + ], + "allowed_after_decision_actions": [ + "若 approve_scope,只能進入設計或 draft PR", + "若 reject/defer/request_more_evidence,寫入 decision record 並維持 blocked" + ], + "still_forbidden": [ + "保存 raw secret/token/cookie/private key/exploit payload", + "讓 AwoooP 直接啟動 scan", + "自動封鎖 deploy 或自動修復" + ], + "followup_runtime_gate_required": true, + "execution_authorized": false + }, + { + "packet_id": "review-packet-safe-web-crawl-20260513", + "review_order": 2, + "gate_id": "gate-safe-web-crawl-20260513", + "source_queue_item_id": "kali-safe-web-crawl-approval-20260513", + "risk": "MEDIUM", + "review_state": "ready_for_human_review", + "review_lane": "low_noise_scan_scope_review", + "requested_decision": "是否允許定義公開產品 domains 的 TLS、security header 與 basic crawl 低噪音 scope。", + "required_reviewers": [ + "security-commander", + "human-owner" + ], + "decision_options": ["approve_scope", "reject", "defer", "request_more_evidence"], + "evidence_refs": [ + "docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md", + "docs/security/KALI-SECURITY-MESH-BLUEPRINT.md" + ], + "allowed_pre_decision_actions": [ + "顯示公開 web perimeter 候選範圍", + "要求補 scan window、頻率與排除清單", + "維持 observe-only" + ], + "allowed_after_decision_actions": [ + "若 approve_scope,只能整理低噪音 scope 與 redacted finding 格式", + "任何實際掃描仍需 follow-up runtime gate" + ], + "still_forbidden": [ + "active DAST fuzz", + "auth flow 改狀態測試", + "credentialed scan", + "阻擋 release" + ], + "followup_runtime_gate_required": true, + "execution_authorized": false + }, + { + "packet_id": "review-packet-gitea-readonly-inventory-20260513", + "review_order": 3, + "gate_id": "gate-gitea-readonly-inventory-20260513", + "source_queue_item_id": "gitea-private-internal-server-side-inventory-2026-05-12", + "risk": "MEDIUM", + "review_state": "ready_for_human_review", + "review_lane": "read_only_inventory_review", + "requested_decision": "是否允許使用 read-only token 或 redacted admin export 補齊 Gitea private/internal 全量 repo list。", + "required_reviewers": [ + "migration-engineer", + "security-commander", + "human-owner" + ], + "decision_options": ["approve_scope", "reject", "defer", "request_more_evidence"], + "evidence_refs": [ + "docs/security/GITEA-READONLY-INVENTORY-APPROVAL-PACKAGE.md", + "docs/security/gitea-readonly-inventory-approval.snapshot.json", + "docs/security/GITEA-ORG-REPO-INVENTORY-BLOCKED-SNAPSHOT.md" + ], + "allowed_pre_decision_actions": [ + "顯示 public-only 與 blocked endpoint evidence", + "要求 owner 確認 read-only token 或 redacted export 來源", + "不保存 token value" + ], + "allowed_after_decision_actions": [ + "若 approve_scope,只能做一次 read-only inventory 或匯入 redacted export", + "更新 migration matrix 與 repo decision table" + ], + "still_forbidden": [ + "保存 token value", + "使用 write-capable token", + "建立 GitHub repo", + "sync refs", + "切 GitHub primary" + ], + "followup_runtime_gate_required": true, + "execution_authorized": false + }, + { + "packet_id": "review-packet-github-target-decisions-20260513", + "review_order": 4, + "gate_id": "gate-github-target-decisions-20260513", + "source_queue_item_id": "source-control-target-repo-approval-bundle-20260513", + "risk": "HIGH", + "review_state": "ready_for_human_review", + "review_lane": "design_or_draft_review", + "requested_decision": "是否逐 repo 確認 GitHub target、owner、visibility、canonical 與 refs reconcile review;本封包不授權建立 repo 或改 visibility。", + "required_reviewers": [ + "migration-engineer", + "security-commander", + "human-owner" + ], + "decision_options": ["approve_scope", "reject", "defer", "request_more_evidence"], + "evidence_refs": [ + "docs/security/SOURCE-CONTROL-APPROVAL-BOARD.md", + "docs/security/source-control-approval-board.snapshot.json", + "docs/security/GITHUB-TARGET-REPO-APPROVAL-PACKAGE.md" + ], + "allowed_pre_decision_actions": [ + "顯示 7 個 approval-required target", + "要求 repo owner 補 owner/visibility/canonical 判定", + "維持 refs action disabled" + ], + "allowed_after_decision_actions": [ + "若 approve_scope,只能更新決策草案、draft reconcile plan 或 ADR", + "任何 repo creation 或 visibility change 仍需後續 runtime gate" + ], + "still_forbidden": [ + "建立 repo", + "修改 visibility", + "push refs", + "delete refs", + "切 GitHub primary" + ], + "followup_runtime_gate_required": true, + "execution_authorized": false + }, + { + "packet_id": "review-packet-ref-truth-review-20260513", + "review_order": 5, + "gate_id": "gate-ref-truth-review-20260513", + "source_queue_item_id": "source-control-ref-truth-review-bundle-20260513", + "risk": "HIGH", + "review_state": "ready_for_human_review", + "review_lane": "design_or_draft_review", + "requested_decision": "是否逐 repo / 單 ref 判定真相來源、deprecated 候選、release tag 與 GitHub-only refs;分類結果不得自動執行。", + "required_reviewers": [ + "migration-engineer", + "security-commander", + "human-owner" + ], + "decision_options": ["approve_scope", "reject", "defer", "request_more_evidence"], + "evidence_refs": [ + "docs/security/SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md", + "docs/security/source-control-ref-truth-classification.snapshot.json", + "docs/security/SOURCE-CONTROL-REF-DETAIL-DIFF.md" + ], + "allowed_pre_decision_actions": [ + "顯示 141 個 refs review items", + "依 repo / branch / tag 分組給 owner 判定", + "產生人工 review checklist" + ], + "allowed_after_decision_actions": [ + "若 approve_scope,只能更新 truth classification 或 reconcile draft", + "任何 refs sync/delete 仍需後續 runtime gate" + ], + "still_forbidden": [ + "push refs", + "delete refs", + "force push", + "切 GitHub primary" + ], + "followup_runtime_gate_required": true, + "execution_authorized": false + }, + { + "packet_id": "review-packet-credentialed-scan-20260513", + "review_order": 6, + "gate_id": "gate-credentialed-scan-20260513", + "source_queue_item_id": "kali-credentialed-scan-approval-20260513", + "risk": "HIGH", + "review_state": "ready_for_human_review", + "review_lane": "manual_exception_review", + "requested_decision": "是否允許先設計 credentialed scan 的人工 exception、credential source、scope、audit trail 與停用方式。", + "required_reviewers": [ + "security-commander", + "vuln-verifier", + "human-owner" + ], + "decision_options": ["approve_scope", "reject", "defer", "request_more_evidence"], + "evidence_refs": [ + "docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md", + "docs/security/SECURITY-LOW-FRICTION-ROLLOUT-POLICY.md" + ], + "allowed_pre_decision_actions": [ + "顯示需人工 exception 的原因", + "要求補 credential lifecycle、scope 與停用方式", + "不接收或保存 credential value" + ], + "allowed_after_decision_actions": [ + "若 approve_scope,只能設計 exception 流程與 audit trail", + "任何 credentialed scan 仍需 follow-up runtime gate 與維護窗口" + ], + "still_forbidden": [ + "保存 credential value", + "擴大到未批准資產", + "自動修復", + "改 firewall/RBAC/NetworkPolicy" + ], + "followup_runtime_gate_required": true, + "execution_authorized": false + }, + { + "packet_id": "review-packet-kali-full-upgrade-reboot-20260513", + "review_order": 7, + "gate_id": "gate-kali-full-upgrade-reboot-20260513", + "source_queue_item_id": "kali-full-upgrade-reboot-approval-20260513", + "risk": "HIGH", + "review_state": "ready_for_human_review", + "review_lane": "manual_exception_review", + "requested_decision": "是否安排 Kali 112 full-upgrade、必要 autoremove 與 reboot 的維護窗口;必須先有 snapshot、rollback 與 post-health gate。", + "required_reviewers": [ + "security-commander", + "human-owner" + ], + "decision_options": ["approve_scope", "reject", "defer", "request_more_evidence"], + "evidence_refs": [ + "docs/security/KALI-INTEGRATION-STATUS.md", + "docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md" + ], + "allowed_pre_decision_actions": [ + "顯示目前 Kali update 與 no reboot required 狀態", + "要求補維護窗口、snapshot、rollback 與 post-check", + "不直接 reboot" + ], + "allowed_after_decision_actions": [ + "若 approve_scope,只能安排維護窗口與 rollback 計畫", + "實際 full-upgrade/reboot 仍需 follow-up runtime gate" + ], + "still_forbidden": [ + "未排窗口直接 reboot", + "未 snapshot 直接 full-upgrade", + "未驗證 scanner health 就宣告完成" + ], + "followup_runtime_gate_required": true, + "execution_authorized": false + }, + { + "packet_id": "review-packet-kali-execute-endpoint-20260513", + "review_order": 8, + "gate_id": "gate-kali-execute-endpoint-20260513", + "source_queue_item_id": "kali-execute-endpoint-approval-20260513", + "risk": "CRITICAL", + "review_state": "block_candidate", + "review_lane": "blocked_by_default_review", + "requested_decision": "是否維持 Kali /execute blocked by default;若未來保留,只能先設計 disable、allowlist、audit gate 與人工 exception。", + "required_reviewers": [ + "critic", + "security-commander", + "human-owner" + ], + "decision_options": ["keep_blocked", "defer", "request_more_evidence"], + "evidence_refs": [ + "docs/security/KALI-INTEGRATION-STATUS.md", + "docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md" + ], + "allowed_pre_decision_actions": [ + "顯示 blocked reason", + "要求補 disable/allowlist/audit gate 設計", + "維持 AwoooP runtime 不可直接呼叫" + ], + "allowed_after_decision_actions": [ + "若 keep_blocked,寫入 decision record 並維持 disabled posture", + "若 defer/request_more_evidence,只補設計資料,不啟用 runtime" + ], + "still_forbidden": [ + "AwoooP runtime 直接呼叫 /execute", + "把 /execute 當成一般 MCP action", + "執行 shell command 自動修復", + "保存 command 中可能含有的敏感輸出" + ], + "followup_runtime_gate_required": true, + "execution_authorized": false + } + ], + "packet_rules": [ + "Review packet 只能準備人工審查資料,不能代表批准。", + "每個 packet 都必須對應 security_approval_gate_v1 gate item 與 security_approval_queue_v1 queue item。", + "人工決策必須另外寫入 security_approval_decision_record_v1。", + "即使 decision=approve_scope,execution_authorized 仍必須是 false,且仍需 follow-up runtime gate。", + "AwoooP 初期不得對 packet 顯示 scan、execute、repo、refs、deploy、secret 類 action button。" + ], + "forbidden_actions": [ + "start_kali_scan", + "call_kali_execute_endpoint", + "run_credentialed_scan", + "create_github_repo", + "change_repo_visibility", + "sync_git_refs", + "switch_github_primary", + "auto_merge", + "production_deploy", + "store_secret_token_cookie_private_key_or_exploit_payload", + "treat_review_packet_as_approval", + "treat_review_packet_as_execution_authorization" + ] +} diff --git a/docs/security/security-mirror-acceptance.snapshot.json b/docs/security/security-mirror-acceptance.snapshot.json index 952c6e76..cef761f6 100644 --- a/docs/security/security-mirror-acceptance.snapshot.json +++ b/docs/security/security-mirror-acceptance.snapshot.json @@ -11,8 +11,8 @@ "docs/security/security-mirror-route.snapshot.json" ], "summary": { - "total_contracts": 29, - "ready_for_mirror_count": 26, + "total_contracts": 30, + "ready_for_mirror_count": 27, "route_group_count": 5, "acceptance_check_count": 7, "blocking_check_count": 4 @@ -21,7 +21,7 @@ { "check_id": "CONTRACT_COUNT_MATCH", "title": "契約數量一致", - "expected_result": "AwoooP 讀到 29 個 contracts,且 manifest、readiness、route coverage 的 contract 集合一致。", + "expected_result": "AwoooP 讀到 30 個 contracts,且 manifest、readiness、route coverage 的 contract 集合一致。", "evidence_refs": [ "docs/security/security-supply-chain-contract-manifest.snapshot.json", "docs/security/security-mirror-readiness.snapshot.json", @@ -60,7 +60,7 @@ { "check_id": "ROUTE_GROUP_COVERAGE", "title": "路由群組覆蓋", - "expected_result": "5 個 route groups 合併後涵蓋 manifest 29 個 contracts,且每個 group 都有 destinations、channel_policy 與 review_lane。", + "expected_result": "5 個 route groups 合併後涵蓋 manifest 30 個 contracts,且每個 group 都有 destinations、channel_policy 與 review_lane。", "evidence_refs": [ "docs/security/security-mirror-route.snapshot.json", "docs/security/SECURITY-MIRROR-ROUTE.md" diff --git a/docs/security/security-mirror-dry-run.snapshot.json b/docs/security/security-mirror-dry-run.snapshot.json index 290acc6a..5add4930 100644 --- a/docs/security/security-mirror-dry-run.snapshot.json +++ b/docs/security/security-mirror-dry-run.snapshot.json @@ -14,8 +14,8 @@ "docs/security/security-mirror-quarantine.snapshot.json" ], "summary": { - "total_contracts": 29, - "ready_for_mirror_count": 26, + "total_contracts": 30, + "ready_for_mirror_count": 27, "route_group_count": 5, "acceptance_check_count": 7, "quarantine_lane_count": 5, @@ -30,7 +30,7 @@ "docs/security/security-supply-chain-contract-manifest.snapshot.json", "docs/security/security-mirror-readiness.snapshot.json" ], - "pass_condition": "看到 29 個 contracts、26 個 ready for mirror,且所有 contract execution_allowed=false。", + "pass_condition": "看到 30 個 contracts、27 個 ready for mirror,且所有 contract execution_allowed=false。", "execution_allowed": false, "blocked_actions": [ "execute_contract", @@ -60,7 +60,7 @@ "docs/security/security-mirror-route.snapshot.json", "docs/security/SECURITY-MIRROR-ROUTE.md" ], - "pass_condition": "route groups 合併後涵蓋 29 個 contracts,沒有未知 execution route。", + "pass_condition": "route groups 合併後涵蓋 30 個 contracts,沒有未知 execution route。", "execution_allowed": false, "blocked_actions": [ "fallback_to_execution_route", diff --git a/docs/security/security-mirror-event-sample.snapshot.json b/docs/security/security-mirror-event-sample.snapshot.json index eb120f30..7f048c34 100644 --- a/docs/security/security-mirror-event-sample.snapshot.json +++ b/docs/security/security-mirror-event-sample.snapshot.json @@ -16,8 +16,8 @@ "risk": "LOW", "summary": "AwoooP 可 mirror Security Supply Chain readiness index,但不得把 readiness 視為執行授權。", "payload_summary": { - "total_contracts": 29, - "ready_for_mirror_count": 26, + "total_contracts": 30, + "ready_for_mirror_count": 27, "partial_ready_count": 2, "contract_only_count": 1, "blocked_count": 0, @@ -33,7 +33,8 @@ "docs/security/SECURITY-MIRROR-DRY-RUN.md", "docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md", "docs/security/SECURITY-APPROVAL-GATE.md", - "docs/security/SECURITY-APPROVAL-DECISION-RECORD.md" + "docs/security/SECURITY-APPROVAL-DECISION-RECORD.md", + "docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md" ], "blocked_actions": [ "execute_mirror_item", @@ -45,7 +46,7 @@ "store_secret_value" ], "labels": { - "phase": "S3.1", + "phase": "S3.2", "redacted": "true", "action_surface": "none", "mirror_only": "true" diff --git a/docs/security/security-mirror-intake-plan.snapshot.json b/docs/security/security-mirror-intake-plan.snapshot.json index 02b194d6..00e51943 100644 --- a/docs/security/security-mirror-intake-plan.snapshot.json +++ b/docs/security/security-mirror-intake-plan.snapshot.json @@ -15,7 +15,8 @@ "docs/security/security-mirror-dry-run.snapshot.json", "docs/security/security-mirror-status-rollup.snapshot.json", "docs/security/security-approval-gate.snapshot.json", - "docs/security/security-approval-decision-record.snapshot.json" + "docs/security/security-approval-decision-record.snapshot.json", + "docs/security/security-approval-review-packet.snapshot.json" ], "intake_waves": [ { @@ -53,7 +54,7 @@ "execution_router", "blocking_gate" ], - "exit_gate": "Operator Console 能顯示 29 個 contract、5 個 route groups、7 個 acceptance checks、5 個 quarantine lanes、6 個 dry-run steps、status rollup、approval gate 與 decision record,且 mirror event envelope action_buttons_allowed=false。" + "exit_gate": "Operator Console 能顯示 30 個 contract、5 個 route groups、7 個 acceptance checks、5 個 quarantine lanes、6 個 dry-run steps、status rollup、approval gate、decision record 與 review packet,且 mirror event envelope action_buttons_allowed=false。" }, { "wave_id": "M1_kali_visibility", @@ -131,6 +132,7 @@ "security_approval_queue_v1", "security_approval_gate_v1", "security_approval_decision_record_v1", + "security_approval_review_packet_v1", "github_target_repo_approval_package_v1", "source_control_approval_board_v1", "kali_scan_scope_approval_v1" @@ -145,6 +147,7 @@ "record_human_decision", "display_followup_runtime_gate", "display_decision_record", + "display_review_packet", "display_required_reviewers", "display_blocked_until_approved" ], @@ -153,7 +156,7 @@ "execute_after_approval_without_new_runtime_gate", "store_secret_value" ], - "exit_gate": "Approval candidate、S3 approval gate 與 decision record 可顯示與留痕,但任何批准後執行仍需要下一階段 runtime gate。" + "exit_gate": "Approval candidate、S3 approval gate、decision record 與 review packet 可顯示與留痕,但任何批准後執行仍需要下一階段 runtime gate。" }, { "wave_id": "M4_patch_only_backlog", diff --git a/docs/security/security-mirror-quarantine.snapshot.json b/docs/security/security-mirror-quarantine.snapshot.json index 2a1563a9..84490760 100644 --- a/docs/security/security-mirror-quarantine.snapshot.json +++ b/docs/security/security-mirror-quarantine.snapshot.json @@ -11,7 +11,7 @@ "docs/security/security-supply-chain-contract-manifest.snapshot.json" ], "summary": { - "total_contracts": 29, + "total_contracts": 30, "quarantine_lane_count": 5, "auto_retry_allowed": false, "runtime_blocking_allowed": false diff --git a/docs/security/security-mirror-readiness.snapshot.json b/docs/security/security-mirror-readiness.snapshot.json index 640dfb09..8248ee50 100644 --- a/docs/security/security-mirror-readiness.snapshot.json +++ b/docs/security/security-mirror-readiness.snapshot.json @@ -5,8 +5,8 @@ "default_enforcement_level": "mirror_only", "runtime_execution_authorized": false, "summary": { - "total_contracts": 29, - "ready_for_mirror_count": 26, + "total_contracts": 30, + "ready_for_mirror_count": 27, "partial_ready_count": 2, "contract_only_count": 1, "blocked_count": 0 @@ -89,6 +89,16 @@ "human_docs": ["docs/security/SECURITY-APPROVAL-DECISION-RECORD.md"], "notes": "可 mirror S3 人工決策紀錄格式;目前尚無 approved decision record,且 execution_authorized=false。" }, + { + "contract": "security_approval_review_packet_v1", + "readiness": "ready_for_mirror", + "consumption_mode": "approval_only", + "mirror_allowed": true, + "execution_allowed": false, + "snapshot_paths": ["docs/security/security-approval-review-packet.snapshot.json"], + "human_docs": ["docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md"], + "notes": "可 mirror S3 人工審查封包、review lane、required reviewers 與 still forbidden;不代表批准或執行授權。" + }, { "contract": "security_mirror_readiness_v1", "readiness": "ready_for_mirror", diff --git a/docs/security/security-mirror-route.snapshot.json b/docs/security/security-mirror-route.snapshot.json index 96ebccc3..42e78c76 100644 --- a/docs/security/security-mirror-route.snapshot.json +++ b/docs/security/security-mirror-route.snapshot.json @@ -11,7 +11,7 @@ "docs/security/security-mirror-event-sample.snapshot.json" ], "summary": { - "total_contracts": 29, + "total_contracts": 30, "route_group_count": 5, "channel_event_policy": "初期只對階段完成、blocked 狀態或需要人工批准的高風險候選發低噪音事件;LOW / MEDIUM observation 不發阻擋事件。", "approval_queue_policy": "只有 approval-only、suggest-only 或 blocked-until-approved 項目可進 approval queue;approval queue 不代表可執行。" @@ -46,7 +46,8 @@ "顯示 security_mirror_acceptance_v1 驗收結果", "顯示 security_mirror_quarantine_v1 隔離 lane 與 retry gate", "顯示 security_mirror_dry_run_v1 dry-run steps", - "顯示 security_mirror_status_rollup_v1 跨 Session 狀態與下一個 gate" + "顯示 security_mirror_status_rollup_v1 跨 Session 狀態與下一個 gate", + "顯示 S3 review packet contract 位置" ], "blocked_processing": [ "新增執行按鈕", @@ -54,7 +55,7 @@ "runtime blocking", "自動批准任何 queue item" ], - "exit_gate": "AwoooP 可顯示 29 個 contract、5 個 route groups、7 個 acceptance checks、5 個 quarantine lanes、6 個 dry-run steps、status rollup、approval gate 與 decision record,且所有 route 都維持 runtime_execution_authorized=false。" + "exit_gate": "AwoooP 可顯示 30 個 contract、5 個 route groups、7 個 acceptance checks、5 個 quarantine lanes、6 個 dry-run steps、status rollup、approval gate、decision record 與 review packet,且所有 route 都維持 runtime_execution_authorized=false。" }, { "wave_id": "M1_kali_visibility", @@ -138,6 +139,7 @@ "security_approval_queue_v1", "security_approval_gate_v1", "security_approval_decision_record_v1", + "security_approval_review_packet_v1", "github_target_repo_approval_package_v1", "source_control_approval_board_v1", "kali_scan_scope_approval_v1" @@ -153,6 +155,7 @@ "建立 approval candidate", "顯示 S3 approval gate 與 follow-up runtime gate", "顯示人工 decision record 與 execution_authorized=false", + "顯示人工 review packet、review lane 與 action_buttons_allowed=false", "顯示 required reviewers", "顯示 blocked_until_approved", "記錄人工決策結果" @@ -163,7 +166,7 @@ "把人工批准記錄轉成 runtime executor", "保存 token 或 secret value" ], - "exit_gate": "Approval candidate、S3 approval gate 與 decision record 可顯示與留痕,但批准後執行仍需要下一階段 runtime gate。" + "exit_gate": "Approval candidate、S3 approval gate、decision record 與 review packet 可顯示與留痕,但批准後執行仍需要下一階段 runtime gate。" }, { "wave_id": "M4_patch_only_backlog", @@ -195,7 +198,7 @@ "acceptance_gates": [ { "gate_id": "ROUTE_COVERS_ALL_CONTRACTS", - "requirement": "route_groups 合併後必須涵蓋 manifest 的 29 個 contracts。" + "requirement": "route_groups 合併後必須涵蓋 manifest 的 30 個 contracts。" }, { "gate_id": "NO_EXECUTION_SURFACE", diff --git a/docs/security/security-mirror-status-rollup.snapshot.json b/docs/security/security-mirror-status-rollup.snapshot.json index c69eebf6..d4208b32 100644 --- a/docs/security/security-mirror-status-rollup.snapshot.json +++ b/docs/security/security-mirror-status-rollup.snapshot.json @@ -16,15 +16,17 @@ "docs/security/security-approval-queue.snapshot.json", "docs/security/security-approval-gate.snapshot.json", "docs/security/security-approval-decision-record.snapshot.json", + "docs/security/security-approval-review-packet.snapshot.json", "docs/security/security-rollout-policy.snapshot.json" ], "summary": { - "total_contracts": 29, - "ready_for_mirror_count": 26, + "total_contracts": 30, + "ready_for_mirror_count": 27, "partial_ready_count": 2, "contract_only_count": 1, "blocked_count": 0, "approval_queue_total": 8, + "approval_review_packet_total": 8, "pending_approval_count": 7, "block_candidate_count": 1, "dry_run_status": "contract_defined_not_executed", @@ -53,8 +55,8 @@ { "phase_id": "S3_approval_gate", "state": "draft_ready", - "current_result": "Approval queue 已列出 8 個候選,security_approval_gate_v1 已定義人工 gate,security_approval_decision_record_v1 已定義決策紀錄格式。", - "next_gate": "先 review redacted finding ingestion、safe crawl 與 Gitea read-only inventory;決策紀錄不等於執行授權。" + "current_result": "Approval queue 已列出 8 個候選,security_approval_gate_v1 已定義人工 gate,security_approval_decision_record_v1 已定義決策紀錄格式,security_approval_review_packet_v1 已定義人工審查封包。", + "next_gate": "先 review redacted finding ingestion、safe crawl 與 Gitea read-only inventory;review packet 與決策紀錄都不等於執行授權。" }, { "phase_id": "S4_migration_execution", @@ -80,6 +82,22 @@ "把 LOW / MEDIUM observation 變成 blocking gate" ] }, + { + "action_id": "mirror_approval_review_packets", + "title": "AwoooP 顯示 8 個人工審查封包", + "mode": "approval_required", + "source_contract": "security_approval_review_packet_v1", + "allowed_processing": [ + "顯示 review order、review lane、required reviewers 與 requested decision", + "顯示仍然禁止事項與 follow-up runtime gate", + "將人工決策另寫入 security_approval_decision_record_v1" + ], + "blocked_processing": [ + "把 review packet 當成批准", + "把 review packet 當成 execution authorization", + "新增 scan / execute / repo / refs action button" + ] + }, { "action_id": "review_redacted_finding_ingestion", "title": "先審 redacted finding ingestion adapter", @@ -150,7 +168,8 @@ "session_sync_notes": [ "本 rollup 是跨 Session 的共同讀取入口,避免 AwoooP 主線與 Security Supply Chain Session 對進度與 gate 判讀不一致。", "S2/S3 目前仍屬框架期;狀態與人工 gate 可見,不代表 production ingestion、scan、repo migration 或 runtime enforcement 已啟用。", - "S3.1 只新增人工決策紀錄格式;決策紀錄仍維持 execution_authorized=false,不可直接跳到執行面。" + "S3.1 只新增人工決策紀錄格式;決策紀錄仍維持 execution_authorized=false,不可直接跳到執行面。", + "S3.2 只新增人工審查封包格式;review packet 只讓 AwoooP 顯示與準備人審,不代表批准。" ], "forbidden_actions": [ "start_kali_scan", diff --git a/docs/security/security-supply-chain-contract-manifest.snapshot.json b/docs/security/security-supply-chain-contract-manifest.snapshot.json index f375b98c..82d0dc08 100644 --- a/docs/security/security-supply-chain-contract-manifest.snapshot.json +++ b/docs/security/security-supply-chain-contract-manifest.snapshot.json @@ -2,7 +2,7 @@ "schema_version": "security_supply_chain_contract_manifest_v1", "status": "draft", "default_enforcement_level": "mirror_only", - "contract_count": 29, + "contract_count": 30, "contracts": [ { "contract": "security_rollout_policy_v1", @@ -125,6 +125,27 @@ ], "notes": "定義 S3 人工決策紀錄格式;記錄 approve/reject/defer/request_more_evidence/keep_blocked,但不授權執行。" }, + { + "contract": "security_approval_review_packet_v1", + "schema_path": "docs/schemas/security_approval_review_packet_v1.schema.json", + "snapshot_paths": ["docs/security/security-approval-review-packet.snapshot.json"], + "human_docs": ["docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md"], + "consumer": "AwoooP Approval Queue / Operator Console / Audit", + "consumption_mode": "approval_only", + "allowed_actions": ["mirror_review_packet", "display_review_lane", "display_required_reviewers", "prepare_human_decision"], + "forbidden_actions": [ + "execute_review_packet", + "treat_review_packet_as_approval", + "auto_approve", + "add_action_button", + "start_scan", + "call_execute_endpoint", + "create_repo", + "sync_refs", + "store_secret_value" + ], + "notes": "定義 S3.2 人工審查封包格式;把 queue/gate 轉成可審查資料,但不代表批准或執行授權。" + }, { "contract": "security_mirror_readiness_v1", "schema_path": "docs/schemas/security_mirror_readiness_v1.schema.json", @@ -141,7 +162,7 @@ "switch_github_primary", "store_secret_value" ], - "notes": "整理 29 個 Security Supply Chain contracts 的 mirror readiness,供 AwoooP 安全消費。" + "notes": "整理 30 個 Security Supply Chain contracts 的 mirror readiness,供 AwoooP 安全消費。" }, { "contract": "security_mirror_intake_plan_v1",