feat(agents): expose controlled executor handoff runway
Some checks failed
Code Review / ai-code-review (push) Successful in 22s
CD Pipeline / tests (push) Successful in 1m47s
CD Pipeline / build-and-deploy (push) Successful in 6m20s
CD Pipeline / post-deploy-checks (push) Successful in 2m18s
Ansible / Reboot Recovery Contract / validate (push) Has been cancelled

This commit is contained in:
Your Name
2026-06-27 11:42:21 +08:00
parent fccd8874fc
commit b2b51ecbf2
11 changed files with 2092 additions and 1 deletions

View File

@@ -0,0 +1,617 @@
{
"schema_version": "ai_agent_controlled_executor_handoff_v1",
"generated_at": "2026-06-27T01:20:00+08:00",
"program_status": {
"overall_completion_percent": 100,
"current_priority": "P0",
"current_task_id": "P2-415",
"next_task_id": "P2-416",
"read_only_mode": true,
"runtime_authority": "controlled_executor_handoff_readback_no_live_apply",
"status_note": "P2-415 承接 P2-409 controlled apply queue把 high 風險候選整理成可交給 executor 的 handoff packetallowlist、Ansible check-mode、rollback、post-action verifier、Telegram evidence、KM / PlayBook trust 回寫全部要可讀。此 readback 不直接執行 live apply。"
},
"source_refs": [
"docs/evaluations/ai_agent_high_risk_owner_review_queue_2026-06-19.json",
"docs/evaluations/ai_agent_action_audit_ledger_2026-06-19.json",
"docs/evaluations/ai_agent_action_owner_acceptance_event_bus_2026-06-19.json",
"docs/evaluations/ai_agent_report_runtime_readiness_2026-06-12.json",
"docs/evaluations/ai_agent_runtime_write_gate_review_2026-06-12.json",
"docs/evaluations/ai_agent_post_write_verifier_package_2026-06-12.json",
"docs/evaluations/ai_agent_learning_writeback_approval_package_2026-06-11.json",
"docs/evaluations/ai_agent_telegram_receipt_approval_package_2026-06-11.json"
],
"source_readbacks": [
{
"readback_id": "p2_409_controlled_apply_queue",
"source_schema_version": "ai_agent_high_risk_owner_review_queue_v1",
"source_ref": "docs/evaluations/ai_agent_high_risk_owner_review_queue_2026-06-19.json",
"endpoint": "GET /api/v1/agents/agent-high-risk-owner-review-queue",
"owner_agent": "openclaw",
"status": "loaded",
"key_readback": "high 風險已轉 controlled_apply_queuecritical / secret / destructive / paid / force-push 維持 break-glass。",
"next_action": "將 5 個 high packet 映射到 executor handoff route。"
},
{
"readback_id": "p2_410_action_audit_ledger",
"source_schema_version": "ai_agent_action_audit_ledger_v1",
"source_ref": "docs/evaluations/ai_agent_action_audit_ledger_2026-06-19.json",
"endpoint": "GET /api/v1/agents/agent-action-audit-ledger",
"owner_agent": "hermes",
"status": "loaded",
"key_readback": "審計事件模板、redacted evidence refs、verifier receipt gate 已可讀。",
"next_action": "讓 executor handoff packet 帶入 immutable audit fields。"
},
{
"readback_id": "p2_411_handoff_event_bus",
"source_schema_version": "ai_agent_action_owner_acceptance_event_bus_v1",
"source_ref": "docs/evaluations/ai_agent_action_owner_acceptance_event_bus_2026-06-19.json",
"endpoint": "GET /api/v1/agents/agent-action-owner-acceptance-event-bus",
"owner_agent": "hermes",
"status": "loaded",
"key_readback": "交接事件、RAG proposal 與 verifier gate 已建好,但舊語意仍偏 no-write。",
"next_action": "把 high 風險 handoff 從 owner hold 改成 controlled executor runway。"
},
{
"readback_id": "runtime_readiness_low_medium_high",
"source_schema_version": "ai_agent_report_runtime_readiness_v1",
"source_ref": "docs/evaluations/ai_agent_report_runtime_readiness_2026-06-12.json",
"endpoint": "GET /api/v1/agents/agent-report-runtime-readiness",
"owner_agent": "openclaw",
"status": "loaded",
"key_readback": "low / medium / high policy 已允許 auto after guardcritical 才需要 break-glass。",
"next_action": "把 policy 轉成 executor handoff allowlist 與 post-action verifier binding。"
},
{
"readback_id": "runtime_write_gate_review",
"source_schema_version": "ai_agent_runtime_write_gate_review_v1",
"source_ref": "docs/evaluations/ai_agent_runtime_write_gate_review_2026-06-12.json",
"endpoint": "GET /api/v1/agents/agent-runtime-write-gate-review",
"owner_agent": "sre",
"status": "loaded",
"key_readback": "runtime write gate 已定義 dry-run hash、post-write verifier、redaction 欄位。",
"next_action": "高風險 handoff packet 必須引用 check-mode 與 post-write verifier ref。"
},
{
"readback_id": "post_write_verifier_package",
"source_schema_version": "ai_agent_post_write_verifier_package_v1",
"source_ref": "docs/evaluations/ai_agent_post_write_verifier_package_2026-06-12.json",
"endpoint": "GET /api/v1/agents/agent-post-write-verifier-package",
"owner_agent": "nemotron",
"status": "loaded",
"key_readback": "post-write verifier package、rollback lane 與 failure lane 已可讀。",
"next_action": "每個 controlled executor packet 必須綁定 verifier 與 rollback lane。"
},
{
"readback_id": "learning_writeback_package",
"source_schema_version": "ai_agent_learning_writeback_approval_package_v1",
"source_ref": "docs/evaluations/ai_agent_learning_writeback_approval_package_2026-06-11.json",
"endpoint": "GET /api/v1/agents/agent-learning-writeback-approval-package",
"owner_agent": "hermes",
"status": "loaded",
"key_readback": "KM、timeline learning、PlayBook trust 與 replay score 回寫欄位已定義。",
"next_action": "讓 executor handoff packet 產出可回寫的 learning receipt preview。"
},
{
"readback_id": "telegram_receipt_package",
"source_schema_version": "ai_agent_telegram_receipt_approval_package_v1",
"source_ref": "docs/evaluations/ai_agent_telegram_receipt_approval_package_2026-06-11.json",
"endpoint": "GET /api/v1/agents/agent-telegram-receipt-approval-package",
"owner_agent": "hermes",
"status": "loaded",
"key_readback": "Telegram receipt、queue、delivery、ack、failure、retry 欄位已定義;不得包含 token 或原始 chat id。",
"next_action": "handoff 成功 / verifier 失敗 / rollback queued 都要能生成脫敏 Telegram evidence。"
}
],
"handoff_truth": {
"p2_409_controlled_apply_queue_loaded": true,
"p2_410_audit_ledger_loaded": true,
"p2_411_handoff_event_bus_loaded": true,
"runtime_readiness_loaded": true,
"runtime_write_gate_loaded": true,
"post_write_verifier_loaded": true,
"learning_writeback_loaded": true,
"telegram_receipt_loaded": true,
"high_risk_controlled_executor_handoff_ready": true,
"high_risk_owner_review_required": false,
"critical_break_glass_required": true,
"allowlist_route_required": true,
"ansible_check_mode_required": true,
"rollback_plan_required": true,
"post_action_verifier_required": true,
"telegram_evidence_required": true,
"km_writeback_required": true,
"playbook_trust_writeback_required": true,
"controlled_executor_dispatch_enabled": false,
"live_apply_enabled": false,
"critical_auto_bypass_allowed": false,
"gateway_queue_write_enabled": false,
"telegram_send_enabled": false,
"bot_api_call_enabled": false,
"km_write_enabled": false,
"playbook_trust_write_enabled": false,
"production_write_enabled": false,
"secret_read_enabled": false,
"paid_api_call_enabled": false,
"host_write_enabled": false,
"kubectl_action_enabled": false,
"destructive_operation_enabled": false,
"controlled_executor_dispatch_count_24h": 0,
"live_apply_count_24h": 0,
"gateway_queue_write_count_24h": 0,
"telegram_send_count_24h": 0,
"bot_api_call_count_24h": 0,
"km_write_count_24h": 0,
"playbook_trust_write_count_24h": 0,
"production_write_count_24h": 0,
"secret_read_count_24h": 0,
"paid_api_call_count_24h": 0,
"host_write_count_24h": 0,
"kubectl_action_count_24h": 0,
"destructive_operation_count_24h": 0,
"truth_note": "high 風險不再停在人工佇列5 個 high packet 已具備 controlled executor handoff 條件。此端點只讀回 handoff runway實際 dispatch / live apply / Telegram send / KM writeback 仍由 executor 與 verifier 計數回報。"
},
"executor_handoff_packets": [
{
"packet_id": "handoff_high_security_response",
"source_queue_item_id": "high_security_response_queue",
"display_name": "資安回應受控 executor 交接",
"risk_tier": "high",
"owner_agent": "openclaw",
"executor_agent": "security",
"executor_type": "ansible_playbook",
"handoff_status": "ready_for_controlled_executor",
"controlled_route_id": "allowlisted_security_response_controlled_apply",
"playbook_ref": "infra/ansible/playbooks/security-controlled-response.yml",
"mcp_tool_ref": "mcp://security/readiness-and-diff",
"check_mode_ref": "ansible-check/security-controlled-response",
"verifier_ref": "verifier://security-post-action-readback",
"rollback_ref": "rollback://security-no-secret-restore-plan",
"telegram_evidence_ref": "telegram-evidence://security-controlled-apply-redacted",
"km_writeback_ref": "km://security-controlled-apply-learning",
"playbook_trust_ref": "playbook-trust://security-controlled-response",
"allowlist_match": true,
"check_mode_passed": true,
"rollback_plan_ready": true,
"post_action_verifier_ready": true,
"telegram_evidence_ready": true,
"km_writeback_ready": true,
"playbook_trust_writeback_ready": true,
"owner_response_required": false,
"break_glass_required": false,
"controlled_executor_handoff_allowed": true,
"live_apply_performed": false,
"side_effect_count": 0,
"blocked_runtime_actions": ["secret read", "credentialed exploit", "active response without verifier"],
"next_gate": "dispatch worker 從此 packet 取 check-mode receipt、執行 controlled apply並把 verifier 結果回寫 KM / PlayBook trust。"
},
{
"packet_id": "handoff_high_data_config_apply",
"source_queue_item_id": "high_data_config_apply_queue",
"display_name": "資料與設定受控 executor 交接",
"risk_tier": "high",
"owner_agent": "sre",
"executor_agent": "devops",
"executor_type": "ansible_playbook",
"handoff_status": "ready_for_controlled_executor",
"controlled_route_id": "allowlisted_config_drift_controlled_apply",
"playbook_ref": "infra/ansible/playbooks/config-drift-controlled-apply.yml",
"mcp_tool_ref": "mcp://config/rendered-diff",
"check_mode_ref": "ansible-check/config-drift-controlled-apply",
"verifier_ref": "verifier://config-route-smoke",
"rollback_ref": "rollback://config-source-of-truth-revert",
"telegram_evidence_ref": "telegram-evidence://config-apply-redacted",
"km_writeback_ref": "km://config-drift-learning",
"playbook_trust_ref": "playbook-trust://config-controlled-apply",
"allowlist_match": true,
"check_mode_passed": true,
"rollback_plan_ready": true,
"post_action_verifier_ready": true,
"telegram_evidence_ready": true,
"km_writeback_ready": true,
"playbook_trust_writeback_ready": true,
"owner_response_required": false,
"break_glass_required": false,
"controlled_executor_handoff_allowed": true,
"live_apply_performed": false,
"side_effect_count": 0,
"blocked_runtime_actions": ["DB DROP", "restore apply", "retention prune"],
"next_gate": "dispatch worker 只能對 source-of-truth diff 執行 check-mode 通過的 controlled apply。"
},
{
"packet_id": "handoff_high_live_telegram_gateway_send",
"source_queue_item_id": "high_live_telegram_gateway_send_queue",
"display_name": "Telegram Gateway 受控 executor 交接",
"risk_tier": "high",
"owner_agent": "hermes",
"executor_agent": "hermes",
"executor_type": "telegram_gateway_queue",
"handoff_status": "ready_for_controlled_executor",
"controlled_route_id": "allowlisted_failure_only_telegram_gateway",
"playbook_ref": "infra/ansible/playbooks/telegram-gateway-route-check.yml",
"mcp_tool_ref": "mcp://telegram-gateway/no-secret-preview",
"check_mode_ref": "gateway-check/failure-only-dedupe-preview",
"verifier_ref": "verifier://telegram-receipt-redacted-readback",
"rollback_ref": "rollback://telegram-dedupe-and-silence-revert",
"telegram_evidence_ref": "telegram-evidence://gateway-message-shape-redacted",
"km_writeback_ref": "km://telegram-delivery-learning",
"playbook_trust_ref": "playbook-trust://telegram-gateway-controlled-send",
"allowlist_match": true,
"check_mode_passed": true,
"rollback_plan_ready": true,
"post_action_verifier_ready": true,
"telegram_evidence_ready": true,
"km_writeback_ready": true,
"playbook_trust_writeback_ready": true,
"owner_response_required": false,
"break_glass_required": false,
"controlled_executor_handoff_allowed": true,
"live_apply_performed": false,
"side_effect_count": 0,
"blocked_runtime_actions": ["direct Bot API", "token read", "raw chat id display"],
"next_gate": "dispatch worker 必須走 Gateway、dedupe key 與 redacted receipt不得直接 Bot API。"
},
{
"packet_id": "handoff_high_report_source_gap_work_item_write",
"source_queue_item_id": "high_report_source_gap_work_item_write_queue",
"display_name": "報表缺口與 KM 回寫 executor 交接",
"risk_tier": "high",
"owner_agent": "hermes",
"executor_agent": "nemotron",
"executor_type": "km_playbook_writer",
"handoff_status": "ready_for_controlled_executor",
"controlled_route_id": "allowlisted_report_gap_learning_writeback",
"playbook_ref": "playbooks/report-source-gap-learning.yml",
"mcp_tool_ref": "mcp://knowledge/redacted-learning-packet",
"check_mode_ref": "writer-check/report-gap-learning-preview",
"verifier_ref": "verifier://km-playbook-trust-receipt",
"rollback_ref": "rollback://km-learning-entry-revert-preview",
"telegram_evidence_ref": "telegram-evidence://learning-writeback-summary",
"km_writeback_ref": "km://report-source-gap-learning",
"playbook_trust_ref": "playbook-trust://report-gap-remediation",
"allowlist_match": true,
"check_mode_passed": true,
"rollback_plan_ready": true,
"post_action_verifier_ready": true,
"telegram_evidence_ready": true,
"km_writeback_ready": true,
"playbook_trust_writeback_ready": true,
"owner_response_required": false,
"break_glass_required": false,
"controlled_executor_handoff_allowed": true,
"live_apply_performed": false,
"side_effect_count": 0,
"blocked_runtime_actions": ["raw report payload write", "private reasoning write", "unbounded embedding write"],
"next_gate": "dispatch worker 只寫 redacted learning packet並以 verifier receipt 更新 trust delta。"
},
{
"packet_id": "handoff_high_host_kubectl_orchestrated_change",
"source_queue_item_id": "high_host_kubectl_orchestrated_change_queue",
"display_name": "主機與 K8s 受控 executor 交接",
"risk_tier": "high",
"owner_agent": "sre",
"executor_agent": "sre",
"executor_type": "ansible_playbook",
"handoff_status": "ready_for_controlled_executor",
"controlled_route_id": "allowlisted_host_k8s_check_mode_apply",
"playbook_ref": "infra/ansible/playbooks/host-k8s-controlled-apply.yml",
"mcp_tool_ref": "mcp://sre/topology-and-health-readback",
"check_mode_ref": "ansible-check/host-k8s-controlled-apply",
"verifier_ref": "verifier://host-k8s-health-postcheck",
"rollback_ref": "rollback://host-k8s-controlled-revert",
"telegram_evidence_ref": "telegram-evidence://host-k8s-apply-summary",
"km_writeback_ref": "km://host-k8s-remediation-learning",
"playbook_trust_ref": "playbook-trust://host-k8s-controlled-apply",
"allowlist_match": true,
"check_mode_passed": true,
"rollback_plan_ready": true,
"post_action_verifier_ready": true,
"telegram_evidence_ready": true,
"km_writeback_ready": true,
"playbook_trust_writeback_ready": true,
"owner_response_required": false,
"break_glass_required": false,
"controlled_executor_handoff_allowed": true,
"live_apply_performed": false,
"side_effect_count": 0,
"blocked_runtime_actions": ["reboot", "node drain", "force rollout without verifier"],
"next_gate": "dispatch worker 必須先完成 target selector、check-mode、blast-radius guard 與 rollback stop condition。"
},
{
"packet_id": "handoff_critical_model_cost_provider_change",
"source_queue_item_id": "critical_model_cost_provider_change_queue",
"display_name": "模型角色與費用 break-glass",
"risk_tier": "critical",
"owner_agent": "openclaw",
"executor_agent": "openclaw",
"executor_type": "break_glass_only",
"handoff_status": "critical_break_glass_only",
"controlled_route_id": "blocked_critical_model_cost_provider_boundary",
"playbook_ref": "adr://market-replay-shadow-canary-required",
"mcp_tool_ref": "mcp://agent-market/scorecard-readback",
"check_mode_ref": "not-applicable-critical-break-glass",
"verifier_ref": "verifier://agent-market-replay-shadow-canary",
"rollback_ref": "rollback://provider-route-fallback",
"telegram_evidence_ref": "telegram-evidence://critical-cost-provider-summary",
"km_writeback_ref": "km://agent-market-decision-learning",
"playbook_trust_ref": "playbook-trust://agent-provider-role-decision",
"allowlist_match": false,
"check_mode_passed": false,
"rollback_plan_ready": true,
"post_action_verifier_ready": true,
"telegram_evidence_ready": true,
"km_writeback_ready": true,
"playbook_trust_writeback_ready": true,
"owner_response_required": true,
"break_glass_required": true,
"controlled_executor_handoff_allowed": false,
"live_apply_performed": false,
"side_effect_count": 0,
"blocked_runtime_actions": ["OpenClaw replacement", "paid provider switch", "cost quota change"],
"next_gate": "必須先有市場分數、replay、shadow、canary 與費用邊界,不能由一般 high 風險自動化覆蓋。"
},
{
"packet_id": "handoff_critical_secret_paid_provider_boundary",
"source_queue_item_id": "critical_secret_paid_provider_boundary_queue",
"display_name": "secret 與付費 provider break-glass",
"risk_tier": "critical",
"owner_agent": "security",
"executor_agent": "security",
"executor_type": "break_glass_only",
"handoff_status": "critical_break_glass_only",
"controlled_route_id": "blocked_critical_secret_paid_provider_boundary",
"playbook_ref": "policy://secret-paid-provider-break-glass",
"mcp_tool_ref": "mcp://security/secret-metadata-only",
"check_mode_ref": "not-applicable-critical-break-glass",
"verifier_ref": "verifier://secret-boundary-and-cost-cap",
"rollback_ref": "rollback://provider-secret-metadata-revert",
"telegram_evidence_ref": "telegram-evidence://critical-secret-boundary-summary",
"km_writeback_ref": "km://secret-boundary-learning",
"playbook_trust_ref": "playbook-trust://secret-provider-boundary",
"allowlist_match": false,
"check_mode_passed": false,
"rollback_plan_ready": true,
"post_action_verifier_ready": true,
"telegram_evidence_ready": true,
"km_writeback_ready": true,
"playbook_trust_writeback_ready": true,
"owner_response_required": true,
"break_glass_required": true,
"controlled_executor_handoff_allowed": false,
"live_apply_performed": false,
"side_effect_count": 0,
"blocked_runtime_actions": ["secret value read", "paid API expansion", "privacy egress change"],
"next_gate": "只允許 metadata 與 evidence refsecret value、付費 provider 擴張與隱私外送必須 break-glass。"
}
],
"executor_routes": [
{
"route_id": "ansible_check_mode_controlled_apply",
"display_name": "Ansible check-mode controlled apply",
"executor_agent": "sre",
"route_status": "ready_for_handoff",
"required_inputs": ["target selector", "source-of-truth ref", "check-mode receipt", "rollback owner", "post-action verifier"],
"blocked_actions": ["reboot", "node drain", "destructive DB operation"],
"live_apply_allowed_by_this_readback": false
},
{
"route_id": "mcp_tool_registry_preflight",
"display_name": "MCP tool registry preflight",
"executor_agent": "openclaw",
"route_status": "ready_for_handoff",
"required_inputs": ["tool scope", "risk tier", "allowed action", "blocked action", "redacted evidence ref"],
"blocked_actions": ["unregistered tool call", "raw secret volume access"],
"live_apply_allowed_by_this_readback": false
},
{
"route_id": "telegram_gateway_redacted_evidence",
"display_name": "Telegram Gateway redacted evidence",
"executor_agent": "hermes",
"route_status": "ready_for_handoff",
"required_inputs": ["canonical room env", "dedupe key", "message shape", "receipt expectation", "redaction proof"],
"blocked_actions": ["direct Bot API", "raw chat id display", "token read"],
"live_apply_allowed_by_this_readback": false
},
{
"route_id": "km_playbook_trust_writer",
"display_name": "KM / PlayBook trust writer",
"executor_agent": "nemotron",
"route_status": "ready_for_handoff",
"required_inputs": ["redacted learning packet", "matched playbook id", "verifier receipt", "rollback criteria", "trust delta"],
"blocked_actions": ["private reasoning write", "unbounded embedding write"],
"live_apply_allowed_by_this_readback": false
},
{
"route_id": "post_action_verifier_and_rollback",
"display_name": "Post-action verifier and rollback lane",
"executor_agent": "sre",
"route_status": "ready_for_handoff",
"required_inputs": ["pre-state ref", "post-state ref", "failure threshold", "rollback stop condition"],
"blocked_actions": ["verifier without baseline", "rollback without stop condition"],
"live_apply_allowed_by_this_readback": false
}
],
"verifier_bindings": [
{
"binding_id": "binding_ansible_check_mode",
"display_name": "Ansible check-mode receipt binding",
"owner_agent": "sre",
"required_before_dispatch": true,
"ready_count": 5,
"blocked_count": 0,
"failure_if_missing": "缺 check-mode receipt 時不得 dispatch controlled executor。"
},
{
"binding_id": "binding_rollback_owner",
"display_name": "Rollback owner and stop condition binding",
"owner_agent": "sre",
"required_before_dispatch": true,
"ready_count": 5,
"blocked_count": 0,
"failure_if_missing": "缺 rollback owner 或 stop condition 時不得 apply。"
},
{
"binding_id": "binding_post_action_verifier",
"display_name": "Post-action verifier binding",
"owner_agent": "nemotron",
"required_before_dispatch": true,
"ready_count": 5,
"blocked_count": 0,
"failure_if_missing": "缺 verifier ref 時不得視為自動化閉環。"
},
{
"binding_id": "binding_learning_writeback",
"display_name": "KM / PlayBook trust writeback binding",
"owner_agent": "hermes",
"required_before_dispatch": true,
"ready_count": 5,
"blocked_count": 0,
"failure_if_missing": "缺 learning receipt 時不得更新完成度。"
},
{
"binding_id": "binding_telegram_evidence",
"display_name": "Telegram redacted evidence binding",
"owner_agent": "hermes",
"required_before_dispatch": true,
"ready_count": 5,
"blocked_count": 0,
"failure_if_missing": "缺 redacted Telegram evidence 時不得對外宣稱已處理。"
}
],
"learning_writeback_contracts": [
{
"contract_id": "km_execution_receipt",
"display_name": "KM execution receipt",
"owner_agent": "hermes",
"target_store": "knowledge_entries",
"writeback_status": "ready_for_executor_receipt",
"required_fields": ["decision id", "executor route", "verifier result", "redacted evidence refs", "rollback outcome"],
"runtime_write_performed": false
},
{
"contract_id": "playbook_trust_delta",
"display_name": "PlayBook trust delta",
"owner_agent": "openclaw",
"target_store": "playbooks",
"writeback_status": "ready_for_executor_receipt",
"required_fields": ["matched playbook id", "success or failure", "verifier confidence", "negative reinforcement reason"],
"runtime_write_performed": false
},
{
"contract_id": "timeline_event_append",
"display_name": "Timeline event append",
"owner_agent": "hermes",
"target_store": "timeline_events",
"writeback_status": "ready_for_executor_receipt",
"required_fields": ["agent role", "affected scope", "decision reason", "executor status", "post-check result"],
"runtime_write_performed": false
}
],
"activation_boundaries": {
"committed_snapshot_read_allowed": true,
"controlled_executor_handoff_preview_allowed": true,
"ansible_check_mode_receipt_preview_allowed": true,
"mcp_tool_registry_route_preview_allowed": true,
"post_action_verifier_binding_preview_allowed": true,
"telegram_evidence_preview_allowed": true,
"km_playbook_trust_writeback_preview_allowed": true,
"controlled_executor_dispatch_enabled": false,
"live_apply_enabled": false,
"gateway_queue_write_enabled": false,
"telegram_send_enabled": false,
"bot_api_call_enabled": false,
"km_write_enabled": false,
"playbook_trust_write_enabled": false,
"production_write_enabled": false,
"secret_read_enabled": false,
"paid_api_call_enabled": false,
"host_write_enabled": false,
"kubectl_action_enabled": false,
"destructive_operation_enabled": false
},
"display_redaction_contract": {
"redaction_required": true,
"raw_tool_output_display_allowed": false,
"raw_runtime_payload_display_allowed": false,
"raw_telegram_payload_display_allowed": false,
"private_reasoning_display_allowed": false,
"secret_value_display_allowed": false,
"work_window_transcript_display_allowed": false,
"allowed_display_fields": [
"packet_id",
"display_name",
"risk_tier",
"owner_agent",
"executor_agent",
"executor_type",
"handoff_status",
"controlled_route_id",
"check_mode_ref",
"verifier_ref",
"rollback_ref",
"telegram_evidence_ref",
"km_writeback_ref",
"playbook_trust_ref",
"rollups"
],
"blocked_display_fields": [
"raw tool output",
"raw runtime payload",
"raw Telegram payload",
"private reasoning",
"secret value",
"authorization header",
"work window transcript"
]
},
"rollups": {
"source_readback_count": 8,
"handoff_packet_count": 7,
"ready_for_controlled_executor_count": 5,
"critical_break_glass_count": 2,
"high_risk_packet_count": 5,
"critical_packet_count": 2,
"ansible_check_mode_packet_count": 3,
"mcp_tool_route_count": 7,
"post_action_verifier_binding_count": 5,
"telegram_evidence_binding_count": 5,
"km_writeback_binding_count": 5,
"playbook_trust_writeback_binding_count": 5,
"owner_response_required_count": 2,
"blocked_by_critical_boundary_count": 2,
"missing_check_mode_count": 0,
"missing_rollback_count": 0,
"missing_verifier_count": 0,
"missing_telegram_evidence_count": 0,
"missing_learning_writeback_count": 0,
"executor_route_count": 5,
"verifier_binding_count": 5,
"learning_writeback_contract_count": 3,
"controlled_executor_dispatch_count": 0,
"live_apply_count": 0,
"gateway_queue_write_count": 0,
"telegram_send_count": 0,
"bot_api_call_count": 0,
"km_write_count": 0,
"playbook_trust_write_count": 0,
"production_write_count": 0,
"secret_read_count": 0,
"paid_api_call_count": 0,
"host_write_count": 0,
"kubectl_action_count": 0,
"destructive_operation_count": 0
},
"next_actions": [
{
"task_id": "P2-416",
"priority": "P0",
"summary": "建立 controlled executor dispatch worker dry-run從 P2-415 handoff packet 產生 executor run preview、idempotency key、failure lane 與 verifier queue。",
"gate": "dispatch worker 必須只接受 ready_for_controlled_executorcritical_break_glass_only 仍拒收。"
},
{
"task_id": "P2-417",
"priority": "P0",
"summary": "把 executor receipt 寫回 AwoooP status-chain、日 / 週 / 月報與 Telegram redacted evidence讓使用者看到每個 Agent 的實際處理量。",
"gate": "receipt 必須有 verifier result、rollback outcome、KM / PlayBook trust writeback ref。"
}
]
}