From c845963fa23b0cdc5103db5c5a04257fc9cab412 Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Tue, 19 May 2026 23:49:26 +0800
Subject: [PATCH] feat(web): add IwoooS decision draft review

---
 apps/web/messages/en.json                     |  43 ++++++
 apps/web/messages/zh-TW.json                  |  43 ++++++
 apps/web/src/app/[locale]/iwooos/page.tsx     |  65 ++++++++
 docs/LOGBOOK.md                               |  14 ++
 .../iwooos_posture_projection_v1.schema.json  |  94 ++++++++++++
 docs/security/IWOOOS-POSTURE-PROJECTION.md    |  22 ++-
 .../security/SECURITY-MIRROR-STATUS-ROLLUP.md |   3 +-
 .../SECURITY-SUPPLY-CHAIN-PROGRESS.md         |   4 +-
 .../iwooos-posture-projection.snapshot.json   | 140 +++++++++++++++++-
 ...ecurity-mirror-status-rollup.snapshot.json |  10 ++
 .../security-mirror-progress-guard.py         | 100 +++++++++++++
 11 files changed, 532 insertions(+), 6 deletions(-)

diff --git a/apps/web/messages/en.json b/apps/web/messages/en.json
index 2895b6d0..14bd0e41 100644
--- a/apps/web/messages/en.json
+++ b/apps/web/messages/en.json
@@ -1801,6 +1801,49 @@
           "metadata": "runtime gate pointer; active gates=0"
         }
       }
+    },
+    "hostOwnerDecisionRecordDraftReview": {
+      "title": "Host Owner Decision Record Draft Review Checklist",
+      "subtitle": "Decision record draft packets still require read-only review. This only shows whether drafts have the metadata needed for human decision and does not create formal decision records.",
+      "checkLabel": "Draft review",
+      "guardLabel": "No upgrade",
+      "items": {
+        "scopeStatementComplete": {
+          "title": "Scope statement complete",
+          "body": "Confirm the scope draft includes host, network, service, exclusions, and observation intent so decision record scope is not ambiguous.",
+          "guard": "draft review only; record created=false"
+        },
+        "scanModeStillNotApproval": {
+          "title": "Scan mode still not approval",
+          "body": "Confirm scan mode remains a candidate description and is not read as active scan or credentialed scan authorization.",
+          "guard": "scan authorized=false"
+        },
+        "credentialBoundaryMetadataOnly": {
+          "title": "Credential boundary metadata only",
+          "body": "Confirm credential boundary stays metadata-only and does not request or store sensitive material.",
+          "guard": "secret collection=false"
+        },
+        "maintenanceConstraintsReadable": {
+          "title": "Maintenance constraints readable",
+          "body": "Confirm maintenance window, constraints, and impact boundary are readable without becoming host update approval.",
+          "guard": "host update=false"
+        },
+        "rollbackOwnerReadable": {
+          "title": "Rollback owner readable",
+          "body": "Confirm rollback owner, recovery path, and human contact are readable while no approval record is created.",
+          "guard": "approval record=false"
+        },
+        "validationMetricsLinked": {
+          "title": "Validation metrics linked",
+          "body": "Confirm post-check metrics, baseline, and evidence pointer are linked to the draft for later human review.",
+          "guard": "accepted=0"
+        },
+        "runtimeGateStillClosed": {
+          "title": "Runtime gate still closed",
+          "body": "Confirm decision record draft review does not open runtime gates. Later execution still requires a separate gate.",
+          "guard": "active runtime gates=0; action buttons=false"
+        }
+      }
     }
   },
   "tickets": {
diff --git a/apps/web/messages/zh-TW.json b/apps/web/messages/zh-TW.json
index 2b2406cd..68df91cd 100644
--- a/apps/web/messages/zh-TW.json
+++ b/apps/web/messages/zh-TW.json
@@ -1802,6 +1802,49 @@
           "metadata": "runtime gate pointer；active gates=0"
         }
       }
+    },
+    "hostOwnerDecisionRecordDraftReview": {
+      "title": "主機 Owner Decision Record Draft Review Checklist",
+      "subtitle": "Decision record 草稿包後仍需只讀核對。這裡只顯示草稿是否具備人工決策所需 metadata，不會建立正式 decision record。",
+      "checkLabel": "Draft review",
+      "guardLabel": "不可升級",
+      "items": {
+        "scopeStatementComplete": {
+          "title": "Scope statement complete",
+          "body": "確認 scope 草稿已包含主機、網段、服務、排除範圍與觀察目的，避免決策紀錄範圍不清。",
+          "guard": "只核對草稿；record created=false"
+        },
+        "scanModeStillNotApproval": {
+          "title": "Scan mode still not approval",
+          "body": "確認 scan mode 仍只是候選描述，不被解讀成 active scan 或 credentialed scan 授權。",
+          "guard": "scan authorized=false"
+        },
+        "credentialBoundaryMetadataOnly": {
+          "title": "Credential boundary metadata only",
+          "body": "確認 credential boundary 仍維持 metadata-only，沒有要求或保存敏感素材。",
+          "guard": "secret collection=false"
+        },
+        "maintenanceConstraintsReadable": {
+          "title": "Maintenance constraints readable",
+          "body": "確認維護窗口、限制條件與不可影響範圍可讀，但不代表可以更新或調校主機。",
+          "guard": "host update=false"
+        },
+        "rollbackOwnerReadable": {
+          "title": "Rollback owner readable",
+          "body": "確認 rollback owner、復原路徑與人工聯絡點可讀，但尚未建立 approval record。",
+          "guard": "approval record=false"
+        },
+        "validationMetricsLinked": {
+          "title": "Validation metrics linked",
+          "body": "確認 post-check metrics、baseline 與 evidence pointer 已連到草稿，供後續人審使用。",
+          "guard": "accepted=0"
+        },
+        "runtimeGateStillClosed": {
+          "title": "Runtime gate still closed",
+          "body": "確認 decision record 草稿審查不會開 runtime gate，後續執行仍需獨立 gate。",
+          "guard": "active runtime gates=0；action buttons=false"
+        }
+      }
     }
   },
   "tickets": {
diff --git a/apps/web/src/app/[locale]/iwooos/page.tsx b/apps/web/src/app/[locale]/iwooos/page.tsx
index 4edbfbd0..8ef52ede 100644
--- a/apps/web/src/app/[locale]/iwooos/page.tsx
+++ b/apps/web/src/app/[locale]/iwooos/page.tsx
@@ -165,6 +165,13 @@ type HostOwnerDecisionRecordDraftPacket = {
   tone: 'steady' | 'warn' | 'locked'
 }
 
+type HostOwnerDecisionRecordDraftReviewItem = {
+  key: string
+  check: string
+  icon: typeof ShieldCheck
+  tone: 'steady' | 'warn' | 'locked'
+}
+
 const postureMetrics: PostureMetric[] = [
   { key: 'overall', value: '58%', tone: 'warn' },
   { key: 'framework', value: '80-85%', tone: 'steady' },
@@ -386,6 +393,16 @@ const hostOwnerDecisionRecordDraftPackets: HostOwnerDecisionRecordDraftPacket[]
   { key: 'runtimeGateDraft', packet: 'DR7', icon: ShieldCheck, tone: 'locked' },
 ]
 
+const hostOwnerDecisionRecordDraftReviewItems: HostOwnerDecisionRecordDraftReviewItem[] = [
+  { key: 'scopeStatementComplete', check: 'RV1', icon: Radar, tone: 'warn' },
+  { key: 'scanModeStillNotApproval', check: 'RV2', icon: Activity, tone: 'locked' },
+  { key: 'credentialBoundaryMetadataOnly', check: 'RV3', icon: Lock, tone: 'locked' },
+  { key: 'maintenanceConstraintsReadable', check: 'RV4', icon: Clock3, tone: 'warn' },
+  { key: 'rollbackOwnerReadable', check: 'RV5', icon: FileWarning, tone: 'warn' },
+  { key: 'validationMetricsLinked', check: 'RV6', icon: CheckCircle2, tone: 'warn' },
+  { key: 'runtimeGateStillClosed', check: 'RV7', icon: ShieldCheck, tone: 'locked' },
+]
+
 const evidenceItems = [
   'iwooos-posture-projection.snapshot.json',
   'security-rollout-policy.snapshot.json',
@@ -996,6 +1013,34 @@ function HostOwnerDecisionRecordDraftCard({ item }: { item: HostOwnerDecisionRec
   )
 }
 
+function HostOwnerDecisionRecordDraftReviewCard({ item }: { item: HostOwnerDecisionRecordDraftReviewItem }) {
+  const t = useTranslations('iwooos.hostOwnerDecisionRecordDraftReview')
+  const Icon = item.icon
+  return (
+    <div style={{ ...band, minHeight: 190, padding: 16 }}>
+      <div style={{ display: 'flex', alignItems: 'center', justifyContent: 'space-between', gap: 12 }}>
+        <div style={{ display: 'flex', alignItems: 'center', gap: 9 }}>
+          <Icon size={18} color={toneColors[item.tone]} />
+          <span style={{ fontSize: 11, color: '#87867f' }}>{t('checkLabel')}</span>
+        </div>
+        <span style={{ fontSize: 11, color: '#9b978b' }}>{item.check}</span>
+      </div>
+      <h2 style={{ fontSize: 14, margin: '12px 0 6px', color: '#141413' }}>
+        {t(`items.${item.key}.title` as never)}
+      </h2>
+      <p style={{ fontSize: 12, lineHeight: 1.55, color: '#6f6d66', margin: 0 }}>
+        {t(`items.${item.key}.body` as never)}
+      </p>
+      <div style={{ marginTop: 10, display: 'grid', gap: 5 }}>
+        <div style={{ fontSize: 11, color: '#87867f' }}>{t('guardLabel')}</div>
+        <div style={{ fontSize: 11, color: toneColors[item.tone], lineHeight: 1.45 }}>
+          {t(`items.${item.key}.guard` as never)}
+        </div>
+      </div>
+    </div>
+  )
+}
+
 export default function IwoooSPage({ params }: { params: { locale: string } }) {
   const t = useTranslations('iwooos')
 
@@ -1328,6 +1373,26 @@ export default function IwoooSPage({ params }: { params: { locale: string } }) {
           </div>
         </section>
 
+        <section style={{ marginBottom: 14 }}>
+          <div style={{ marginBottom: 14 }}>
+            <h2 style={{ fontSize: 16, margin: 0 }}>{t('hostOwnerDecisionRecordDraftReview.title')}</h2>
+            <p style={{ fontSize: 12, color: '#6f6d66', margin: '6px 0 0', lineHeight: 1.55 }}>
+              {t('hostOwnerDecisionRecordDraftReview.subtitle')}
+            </p>
+          </div>
+          <div
+            style={{
+              display: 'grid',
+              gridTemplateColumns: 'repeat(auto-fit, minmax(210px, 1fr))',
+              gap: 12,
+            }}
+          >
+            {hostOwnerDecisionRecordDraftReviewItems.map(item => (
+              <HostOwnerDecisionRecordDraftReviewCard key={item.key} item={item} />
+            ))}
+          </div>
+        </section>
+
         <section
           style={{
             display: 'grid',
diff --git a/docs/LOGBOOK.md b/docs/LOGBOOK.md
index 03b88a6d..dd170d73 100644
--- a/docs/LOGBOOK.md
+++ b/docs/LOGBOOK.md
@@ -1,3 +1,17 @@
+## 2026-05-19 | 資安供應鏈 S2.27：IwoooS Host Owner Decision Record Draft Review Checklist
+
+**背景**：S2.26 已把 formal decision record 前需要的草稿欄位顯示出來；本輪補上草稿進入人工 decision record 前的只讀核對項，避免使用者把 draft packets 誤讀成正式決策紀錄已建立。
+
+**完成**：
+- `/iwooos` 新增「主機 Owner Decision Record Draft Review Checklist」，顯示 scope statement complete、scan mode still not approval、credential boundary metadata only、maintenance constraints readable、rollback owner readable、validation metrics linked、runtime gate still closed 七個只讀核對項。
+- `iwooos_posture_projection_v1` schema / snapshot 新增 `host_owner_decision_record_draft_review_checklist_items` 與 `host_owner_decision_record_draft_review_checklist_item_count=7`，每個 check 固定 `display_mode=owner_decision_record_draft_review_checklist_only`、`decision_record_review_passed_count=0`、`decision_record_created=false`、`owner_decision_received_count=0`、`owner_decision_accepted_count=0`、`owner_approval_record_created=false`、`runtime_gate_opened=false`、`raw_payload_allowed=false`、`secret_value_collection_allowed=false`、`runtime_execution_authorized=false`、`action_buttons_allowed=false`、`not_authorization=true`。
+- `security-mirror-progress-guard.py` 開始驗證七個 host owner decision record draft review checklist items、順序、review conditions，以及 review passed / decision record / owner decision / approval record / runtime gate / raw payload / secret value / runtime / action button 仍全部鎖住。
+- `security_mirror_status_rollup_v1` micro progress ledger 新增 `s2_27_iwooos_host_owner_decision_record_draft_review_checklist`，headline progress 仍維持 58%。
+
+**仍禁止**：
+- host owner decision record draft review checklist 不代表 review passed、decision record created、owner decision received / accepted、approved、approval record created、runtime gate opened、raw payload ingestion、secret value collection、active scan、credentialed scan、Kali `/execute`、SSH 登入、主機變更、Kali 更新或 blocking control。
+- 真正人工 owner decision、決策紀錄、批准與後續 runtime gate 仍需脫敏 evidence、人工簽核與獨立 runtime gate。
+
 ## 2026-05-19 | 資安供應鏈 S2.26：IwoooS Host Owner Decision Record Draft Packets
 
 **背景**：S2.25 已把 owner review checklist 後的只讀 outcome lanes 顯示出來；本輪補上 formal decision record 前的草稿欄位，讓使用者知道「ready for decision record」仍只是草稿候選，不代表 decision record 已建立或已批准。
diff --git a/docs/schemas/iwooos_posture_projection_v1.schema.json b/docs/schemas/iwooos_posture_projection_v1.schema.json
index 7340f29c..9b5cc7f9 100644
--- a/docs/schemas/iwooos_posture_projection_v1.schema.json
+++ b/docs/schemas/iwooos_posture_projection_v1.schema.json
@@ -33,6 +33,7 @@
     "host_owner_decision_review_checklist_items",
     "host_owner_decision_review_outcome_lanes",
     "host_owner_decision_record_draft_packets",
+    "host_owner_decision_record_draft_review_checklist_items",
     "frontend_surface_coverage_groups",
     "evidence_refs",
     "allowed_frontend_outputs",
@@ -105,6 +106,7 @@
         "host_owner_decision_review_checklist_item_count",
         "host_owner_decision_review_outcome_lane_count",
         "host_owner_decision_record_draft_packet_count",
+        "host_owner_decision_record_draft_review_checklist_item_count",
         "action_buttons_allowed"
       ],
       "properties": {
@@ -226,6 +228,10 @@
         "host_owner_decision_record_draft_packet_count": {
           "type": "integer",
           "const": 7
+        },
+        "host_owner_decision_record_draft_review_checklist_item_count": {
+          "type": "integer",
+          "const": 7
         }
       },
       "additionalProperties": false
@@ -1686,6 +1692,94 @@
         },
         "additionalProperties": false
       }
+    },
+    "host_owner_decision_record_draft_review_checklist_items": {
+      "type": "array",
+      "minItems": 7,
+      "items": {
+        "type": "object",
+        "required": [
+          "check_id",
+          "display_order",
+          "source_packet_id",
+          "review_condition",
+          "display_mode",
+          "decision_record_review_passed_count",
+          "decision_record_created",
+          "owner_decision_received_count",
+          "owner_decision_accepted_count",
+          "owner_approval_record_created",
+          "runtime_gate_opened",
+          "raw_payload_allowed",
+          "secret_value_collection_allowed",
+          "runtime_execution_authorized",
+          "action_buttons_allowed",
+          "not_authorization"
+        ],
+        "properties": {
+          "check_id": {
+            "type": "string"
+          },
+          "display_order": {
+            "type": "integer",
+            "minimum": 1
+          },
+          "source_packet_id": {
+            "type": "string"
+          },
+          "review_condition": {
+            "type": "string"
+          },
+          "display_mode": {
+            "const": "owner_decision_record_draft_review_checklist_only"
+          },
+          "decision_record_review_passed_count": {
+            "type": "integer",
+            "const": 0
+          },
+          "decision_record_created": {
+            "type": "boolean",
+            "const": false
+          },
+          "owner_decision_received_count": {
+            "type": "integer",
+            "const": 0
+          },
+          "owner_decision_accepted_count": {
+            "type": "integer",
+            "const": 0
+          },
+          "owner_approval_record_created": {
+            "type": "boolean",
+            "const": false
+          },
+          "runtime_gate_opened": {
+            "type": "boolean",
+            "const": false
+          },
+          "raw_payload_allowed": {
+            "type": "boolean",
+            "const": false
+          },
+          "secret_value_collection_allowed": {
+            "type": "boolean",
+            "const": false
+          },
+          "runtime_execution_authorized": {
+            "type": "boolean",
+            "const": false
+          },
+          "action_buttons_allowed": {
+            "type": "boolean",
+            "const": false
+          },
+          "not_authorization": {
+            "type": "boolean",
+            "const": true
+          }
+        },
+        "additionalProperties": false
+      }
     }
   },
   "additionalProperties": false
diff --git a/docs/security/IWOOOS-POSTURE-PROJECTION.md b/docs/security/IWOOOS-POSTURE-PROJECTION.md
index 033f02a3..32286c30 100644
--- a/docs/security/IWOOOS-POSTURE-PROJECTION.md
+++ b/docs/security/IWOOOS-POSTURE-PROJECTION.md
@@ -54,6 +54,7 @@ IwoooS 首版只讀取或對齊以下已提交 evidence：
 22. 7 個 host owner decision review checklist items，顯示 owner decision candidate packets 後仍需人工核對的安全邊界。
 23. 7 個 host owner decision review outcome lanes，顯示 owner review checklist 後的只讀結果分流。
 24. 7 個 host owner decision record draft packets，顯示 formal decision record 候選需要的草稿欄位。
+25. 7 個 host owner decision record draft review checklist items，顯示草稿欄位進入正式決策紀錄前仍需只讀核對的條件。
 
 ## 3.1 既有前端資安頁面整合
 
@@ -347,6 +348,24 @@ S2.26 將 ready for decision record 後需要整理的欄位拆成七個只讀 d
 
 這個 draft board 不代表 decision record 已建立、owner decision 已接受、資安批准已完成或 runtime gate 已開啟。它只讓 IwoooS 把 decision record 草稿欄位先說清楚，方便後續人工決策時不混入執行語義。
 
+## 3.18 Host Owner Decision Record Draft Review Checklist
+
+S2.27 將 decision record draft packets 後的核對條件拆成七個只讀 checklist items。這一層只回答「草稿是否足以進入人工 decision record 撰寫」，不標記 review passed、不建立 decision record、不標記 accepted、不建立 approval record、不開 runtime gate。
+
+| 順序 | Draft review | 來源 packet | 核對條件 |
+|------|--------------|-------------|----------|
+| 1 | Scope statement complete | scope draft | scope metadata complete |
+| 2 | Scan mode still not approval | scan mode draft | scan mode not authorization |
+| 3 | Credential boundary metadata only | credential boundary draft | credential boundary metadata-only |
+| 4 | Maintenance constraints readable | maintenance constraints draft | maintenance constraints no-change |
+| 5 | Rollback owner readable | rollback owner draft | rollback owner / recovery pointer readable |
+| 6 | Validation metrics linked | validation metrics draft | metrics / baseline linked |
+| 7 | Runtime gate still closed | runtime gate draft | runtime gate separate and closed |
+
+每個 review check 都固定 `display_mode=owner_decision_record_draft_review_checklist_only`、`decision_record_review_passed_count=0`、`decision_record_created=false`、`owner_decision_received_count=0`、`owner_decision_accepted_count=0`、`owner_approval_record_created=false`、`runtime_gate_opened=false`、`raw_payload_allowed=false`、`secret_value_collection_allowed=false`、`runtime_execution_authorized=false`、`action_buttons_allowed=false`、`not_authorization=true`。
+
+這個 checklist 不代表 decision record review 已通過、decision record 已建立、owner decision 已接受或 runtime gate 已開啟。它只讓 IwoooS 把草稿進入正式人審前的核對條件說清楚。
+
 ## 4. 仍禁止
 
 IwoooS 不得提供下列輸出：
@@ -370,7 +389,8 @@ IwoooS 不得提供下列輸出：
 17. 把 owner decision review checklist 當成 approval、標記 owner decision review passed，或從 owner decision review checklist 開 runtime gate。
 18. 把 owner decision review outcome 當成 approval、標記 owner decision review outcome passed，或從 owner decision review outcome 開 runtime gate。
 19. 從 owner decision record draft 建立 host owner decision record、標記 record created，或從 draft 開 runtime gate。
-20. 把 58% progress、contract count、mirror readiness 或前端可見狀態當成授權。
+20. 把 owner decision record draft review 當成 approval、標記 draft review passed、從 draft review 建立 decision record，或從 draft review 開 runtime gate。
+21. 把 58% progress、contract count、mirror readiness 或前端可見狀態當成授權。
 
 ## 5. 驗證
 
diff --git a/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md b/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md
index f8cbea1b..9cd63d57 100644
--- a/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md
+++ b/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md
@@ -35,7 +35,7 @@
 | Owner response validation | S4.13 已建立；四包 owner response 目前 received/accepted 皆為 0；4 條 missing response lanes、4 步 collection order、next collection candidate、6 條 evidence routing rules、8 個 display sections、7 條 state transition rules、9 個 reviewer checklist items、7 條 reviewer outcome lanes、4 個 reviewer audit event templates、5 個 reviewer audit display sections、6 個 reviewer audit collection checks、5 個 reviewer audit redaction examples、5 條 reviewer audit retention rules、6 個 reviewer audit retention checks、6 個 reviewer audit handoff packets、6 個 reviewer audit handoff checks、6 個 parallel session sync checks、6 條 parallel session conflict lanes、6 個 parallel session recovery checks 與 7 條 parallel session recovery outcome lanes 可供 AwoooP 直接顯示；下一個建議收件為 S4.9 Gitea owner attestation；latest local validation 為 `SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK`，reviewer audit emitted 仍為 0，不代表 owner response 已收到或任何執行授權 |
 | Low-friction rollout policy | S1.3 已補 7 條 non-blocking escalation lanes；LOW / MEDIUM、缺 owner response、partial mirror、source-control drift、Kali observe finding、workflow / secret name gap 與 headline holding 初期只能 observe / warn；`owner_review_required_before_blocking=true`、`runtime_blocking_allowed=false` |
 | IwoooS frontend posture | S2.8 已新增 `/iwooos` read-only Information Security 入口；顯示 Security Posture / Exposure、source-control supply chain、Kali 112 Mesh、approval boundary、non-blocking lanes 與 evidence refs；不新增執行按鈕 |
-| IwoooS posture projection | S2.9 已新增 `iwooos_posture_projection_v1`；S2.10 已把 10 個既有前端資安相關頁面納入 projection；S2.11 已補 4 個 coverage groups 與 5 個 conflict controls；S2.12 已補 6 個只讀 operator journey steps；S2.13 已補 7 個 owner evidence readiness items；S2.14 已補 3 個 host coverage items：Kali 112、開發主機 168、開發主機 111；S2.15 已補 6 個 host action gate items；S2.16 已補 7 個 host evidence readiness items；S2.17 已補 7 個 host evidence collection order steps；S2.18 已補 7 個 host evidence intake preflight checks；S2.19 已補 7 個 host evidence review outcome lanes；S2.20 已補 7 個 host evidence review handoff packets；S2.21 已補 7 個 host evidence reviewer checklist items；S2.22 已補 7 個 host evidence reviewer outcome lanes；S2.23 已補 7 個 host owner decision candidate packets；S2.24 已補 7 個 host owner decision review checklist items；S2.25 已補 7 個 host owner decision review outcome lanes；S2.26 已補 7 個 host owner decision record draft packets；仍不新增 action button |
+| IwoooS posture projection | S2.9 已新增 `iwooos_posture_projection_v1`；S2.10 已把 10 個既有前端資安相關頁面納入 projection；S2.11 已補 4 個 coverage groups 與 5 個 conflict controls；S2.12 已補 6 個只讀 operator journey steps；S2.13 已補 7 個 owner evidence readiness items；S2.14 已補 3 個 host coverage items：Kali 112、開發主機 168、開發主機 111；S2.15 已補 6 個 host action gate items；S2.16 已補 7 個 host evidence readiness items；S2.17 已補 7 個 host evidence collection order steps；S2.18 已補 7 個 host evidence intake preflight checks；S2.19 已補 7 個 host evidence review outcome lanes；S2.20 已補 7 個 host evidence review handoff packets；S2.21 已補 7 個 host evidence reviewer checklist items；S2.22 已補 7 個 host evidence reviewer outcome lanes；S2.23 已補 7 個 host owner decision candidate packets；S2.24 已補 7 個 host owner decision review checklist items；S2.25 已補 7 個 host owner decision review outcome lanes；S2.26 已補 7 個 host owner decision record draft packets；S2.27 已補 7 個 host owner decision record draft review checklist items；仍不新增 action button |
 | Dry-run | `contract_defined_not_executed`；已納入 `CHECK_PROGRESS_GUARD` 與 `CHECK_OWNER_RESPONSE_GUARD`，latest local validation 為 `repo_snapshot_guard_pass`，仍不代表 production ingestion |
 | Runtime actions | `false` |
 | Payload ingestion | `false` |
@@ -110,6 +110,7 @@
 | S2.24 IwoooS host owner decision review checklist | framework detail | 0 | 只顯示 owner decision 前的七個只讀核對項；decision record、approved count、runtime gate、raw payload、secret value、runtime execution 與 action button 仍全部鎖住 |
 | S2.25 IwoooS host owner decision review outcome lanes | framework detail | 0 | 只顯示 owner review checklist 後的七個只讀結果分流；review passed、decision record、approved count、runtime gate、raw payload、secret value、runtime execution 與 action button 仍全部鎖住 |
 | S2.26 IwoooS host owner decision record draft packets | framework detail | 0 | 只顯示 formal decision record 需要的七個草稿欄位；decision record created、accepted count、approval record、runtime gate、raw payload、secret value、runtime execution 與 action button 仍全部鎖住 |
+| S2.27 IwoooS host owner decision record draft review checklist | framework detail | 0 | 只顯示 decision record 草稿進人審前的七個核對項；review passed、decision record created、accepted count、approval record、runtime gate、raw payload、secret value、runtime execution 與 action button 仍全部鎖住 |
 
 headline 進度要再往上，至少需要下列任一高層 gate 有實質 evidence：
 
diff --git a/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md b/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md
index e0a25371..6af2eaf2 100644
--- a/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md
+++ b/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md
@@ -4,7 +4,7 @@
 |------|------|
 | 日期 | 2026-05-17 |
 | 狀態 | S0/S1 read-only evidence 建置中 |
-| 本階段完成 | 資安供應鏈 contract manifest + Source Control Approval Board + Draft Reconcile Plan + Ref Detail Diff + Ref Truth Classification + Source Control Ref Truth Owner Response 收件包 + GitHub Primary Readiness Gate + GitHub Primary Rollback ADR + GitHub Target Owner Decision Response 收件包 + Gitea 認證清冊匯出請求 + Gitea 認證清冊匯入驗收契約 + Gitea 清冊覆蓋 Owner Attestation + Gitea Owner Attestation Approval Lane 對齊 + Gitea Owner Attestation Response 收件包 + Workflow / Secret Name Inventory + Workflow / Secret Name Local Evidence + Workflow / Secret Name Redacted Export Request + Workflow / Secret Name Owner Response 收件包 + Source Control Owner Response Validation Rollup + Kali 112 live integration status + Security Finding contract + Kali scan scope approval package + Security Approval Queue + S3 人工批准 Gate + S3 人工決策紀錄 + S3 人工審查封包 + S3 人工決策狀態轉移 + S3 後續 runtime gate 準備契約 + 鏡像 readiness index + 鏡像接收計畫 + 鏡像事件信封 + 鏡像路由矩陣 + 鏡像驗收契約 + 鏡像隔離契約 + 鏡像 dry-run 報告契約 + 鏡像狀態彙整契約 + IwoooS 前端態勢入口 + IwoooS posture projection contract + IwoooS 既有前端資安頁面整合 + IwoooS 覆蓋與邊界矩陣 + IwoooS 只讀資安處理旅程 + IwoooS owner evidence readiness board + IwoooS host coverage view + IwoooS host action gate matrix + IwoooS host evidence readiness board + IwoooS host evidence collection order + IwoooS host evidence intake preflight + IwoooS host evidence review outcome lanes + IwoooS host evidence review handoff packets + IwoooS host evidence reviewer checklist + IwoooS host evidence reviewer outcome lanes + IwoooS host owner decision candidate packets + IwoooS host owner decision review checklist + IwoooS host owner decision review outcome lanes + IwoooS host owner decision record draft packets |
+| 本階段完成 | 資安供應鏈 contract manifest + Source Control Approval Board + Draft Reconcile Plan + Ref Detail Diff + Ref Truth Classification + Source Control Ref Truth Owner Response 收件包 + GitHub Primary Readiness Gate + GitHub Primary Rollback ADR + GitHub Target Owner Decision Response 收件包 + Gitea 認證清冊匯出請求 + Gitea 認證清冊匯入驗收契約 + Gitea 清冊覆蓋 Owner Attestation + Gitea Owner Attestation Approval Lane 對齊 + Gitea Owner Attestation Response 收件包 + Workflow / Secret Name Inventory + Workflow / Secret Name Local Evidence + Workflow / Secret Name Redacted Export Request + Workflow / Secret Name Owner Response 收件包 + Source Control Owner Response Validation Rollup + Kali 112 live integration status + Security Finding contract + Kali scan scope approval package + Security Approval Queue + S3 人工批准 Gate + S3 人工決策紀錄 + S3 人工審查封包 + S3 人工決策狀態轉移 + S3 後續 runtime gate 準備契約 + 鏡像 readiness index + 鏡像接收計畫 + 鏡像事件信封 + 鏡像路由矩陣 + 鏡像驗收契約 + 鏡像隔離契約 + 鏡像 dry-run 報告契約 + 鏡像狀態彙整契約 + IwoooS 前端態勢入口 + IwoooS posture projection contract + IwoooS 既有前端資安頁面整合 + IwoooS 覆蓋與邊界矩陣 + IwoooS 只讀資安處理旅程 + IwoooS owner evidence readiness board + IwoooS host coverage view + IwoooS host action gate matrix + IwoooS host evidence readiness board + IwoooS host evidence collection order + IwoooS host evidence intake preflight + IwoooS host evidence review outcome lanes + IwoooS host evidence review handoff packets + IwoooS host evidence reviewer checklist + IwoooS host evidence reviewer outcome lanes + IwoooS host owner decision candidate packets + IwoooS host owner decision review checklist + IwoooS host owner decision review outcome lanes + IwoooS host owner decision record draft packets + IwoooS host owner decision record draft review checklist |
 | 原則 | 低摩擦分階段；文件、schema、read-only evidence 優先；不做 runtime enforcement、不切 primary |
 
 ## 0. 本階段完成後整體進度
@@ -86,6 +86,7 @@ python3 scripts/security/security-mirror-progress-guard.py
 | S2.24 IwoooS host owner decision review checklist | 已完成草案，將 scope readable、scan mode not authorization、credential metadata-only、maintenance not change、rollback owner、validation metrics 與 runtime gate separation 顯示成七個只讀 owner review checks | 0 |
 | S2.25 IwoooS host owner decision review outcome lanes | 已完成草案，將 ready for decision record、scope refresh、scan mode scope review、credential boundary failed、maintenance window missing、rollback owner missing 與 runtime gate required 顯示成七個只讀 owner review outcome lanes | 0 |
 | S2.26 IwoooS host owner decision record draft packets | 已完成草案，將 scope statement、scan mode、credential boundary、maintenance constraints、rollback owner、validation metrics 與 runtime gate pointer 顯示成七個只讀 decision record 草稿包 | 0 |
+| S2.27 IwoooS host owner decision record draft review checklist | 已完成草案，將 scope statement complete、scan mode still not approval、credential boundary metadata only、maintenance constraints readable、rollback owner readable、validation metrics linked 與 runtime gate still closed 顯示成七個只讀草稿核對項 | 0 |
 
 headline 要再往上，需要 S4.9 / S4.10 / S4.11 / S4.12 任一 owner response 收到並通過脫敏驗收，或人工批准後出現 active runtime gate、redacted payload ingestion、GitHub primary readiness 這類落地 evidence。
 
@@ -131,6 +132,7 @@ headline 要再往上，需要 S4.9 / S4.10 / S4.11 / S4.12 任一 owner respons
 | S2.24 IwoooS Host Owner Decision Review Checklist | 完成草案 | `/iwooos` 新增主機 owner decision review checklist，顯示 scope boundary readable、scan mode not authorization、credential boundary metadata only、maintenance window not change、rollback owner readable、validation metrics predefined、runtime gate still separate 七個檢查 | 使用者能理解 owner 決策前仍需核對哪些安全邊界；仍不建立 decision record、不標記 approved、不開 runtime gate、不執行主機動作 |
 | S2.25 IwoooS Host Owner Decision Review Outcome Lanes | 完成草案 | `/iwooos` 新增主機 owner decision review outcome lanes，顯示 ready for decision record、scope needs refresh、scan mode needs scope、credential boundary failed、maintenance window missing、rollback owner missing、runtime gate required 七個分流 | 使用者能理解 owner review 後下一步；仍不標記 review passed、不建立 decision record、不標記 approved、不開 runtime gate、不執行主機動作 |
 | S2.26 IwoooS Host Owner Decision Record Draft Packets | 完成草案 | `/iwooos` 新增主機 owner decision record draft packets，顯示 scope statement、scan mode、credential boundary、maintenance constraints、rollback owner、validation metrics、runtime gate pointer 七個草稿欄位 | 使用者能理解 formal decision record 草稿需要哪些 metadata；仍不建立 decision record、不標記 accepted、不建立 approval record、不開 runtime gate、不執行主機動作 |
+| S2.27 IwoooS Host Owner Decision Record Draft Review Checklist | 完成草案 | `/iwooos` 新增主機 owner decision record draft review checklist，顯示 scope statement complete、scan mode still not approval、credential boundary metadata only、maintenance constraints readable、rollback owner readable、validation metrics linked、runtime gate still closed 七個核對項 | 使用者能理解 formal decision record 草稿進人審前仍需核對哪些條件；仍不標記 review passed、不建立 decision record、不標記 accepted、不開 runtime gate、不執行主機動作 |
 | S3 approval gate | 進行中 | `security_approval_gate_v1` 已建立 8 個人工 gate items：7 pending、1 block candidate、0 approved | 不得繞過人工批准；批准後仍需 follow-up runtime gate |
 | S3.0 人工批准 Gate 契約 | 完成草案 | 定義批准範圍、決策選項、required reviewers、still forbidden 與 follow-up runtime gate | AwoooP 可記錄決策，不可執行 gate item |
 | S3.1 人工決策紀錄契約 | 完成草案 | `security_approval_decision_record_v1` 已建立；目前 0 筆 decision records、0 個 runtime action 授權 | AwoooP 可稽核決策，不可把決策當執行 |
diff --git a/docs/security/iwooos-posture-projection.snapshot.json b/docs/security/iwooos-posture-projection.snapshot.json
index 005acad1..73fab47f 100644
--- a/docs/security/iwooos-posture-projection.snapshot.json
+++ b/docs/security/iwooos-posture-projection.snapshot.json
@@ -52,7 +52,8 @@
     "host_owner_decision_candidate_packet_count": 7,
     "host_owner_decision_review_checklist_item_count": 7,
     "host_owner_decision_review_outcome_lane_count": 7,
-    "host_owner_decision_record_draft_packet_count": 7
+    "host_owner_decision_record_draft_packet_count": 7,
+    "host_owner_decision_record_draft_review_checklist_item_count": 7
   },
   "progress": {
     "overall_percent": 58,
@@ -141,7 +142,8 @@
     "display_host_owner_decision_candidate_packets",
     "display_host_owner_decision_review_checklist",
     "display_host_owner_decision_review_outcome_lanes",
-    "display_host_owner_decision_record_draft_packets"
+    "display_host_owner_decision_record_draft_packets",
+    "display_host_owner_decision_record_draft_review_checklist"
   ],
   "forbidden_frontend_outputs": [
     "add_scan_button",
@@ -196,7 +198,11 @@
     "open_runtime_gate_from_owner_decision_review_outcome",
     "create_host_owner_decision_record_from_draft",
     "mark_host_owner_decision_record_created",
-    "open_runtime_gate_from_owner_decision_record_draft"
+    "open_runtime_gate_from_owner_decision_record_draft",
+    "treat_host_owner_decision_record_draft_review_as_approval",
+    "mark_host_owner_decision_record_draft_review_passed",
+    "create_host_owner_decision_record_from_draft_review",
+    "open_runtime_gate_from_owner_decision_record_draft_review"
   ],
   "runtime_execution_authorized": false,
   "action_buttons_allowed": false,
@@ -2288,5 +2294,133 @@
       "action_buttons_allowed": false,
       "not_authorization": true
     }
+  ],
+  "host_owner_decision_record_draft_review_checklist_items": [
+    {
+      "check_id": "host_decision_record_scope_statement_review_check",
+      "display_order": 1,
+      "source_packet_id": "host_decision_record_scope_draft_packet",
+      "review_condition": "scope_statement_metadata_complete",
+      "display_mode": "owner_decision_record_draft_review_checklist_only",
+      "decision_record_review_passed_count": 0,
+      "decision_record_created": false,
+      "owner_decision_received_count": 0,
+      "owner_decision_accepted_count": 0,
+      "owner_approval_record_created": false,
+      "runtime_gate_opened": false,
+      "raw_payload_allowed": false,
+      "secret_value_collection_allowed": false,
+      "runtime_execution_authorized": false,
+      "action_buttons_allowed": false,
+      "not_authorization": true
+    },
+    {
+      "check_id": "host_decision_record_scan_mode_review_check",
+      "display_order": 2,
+      "source_packet_id": "host_decision_record_scan_mode_draft_packet",
+      "review_condition": "scan_mode_not_authorization_confirmed",
+      "display_mode": "owner_decision_record_draft_review_checklist_only",
+      "decision_record_review_passed_count": 0,
+      "decision_record_created": false,
+      "owner_decision_received_count": 0,
+      "owner_decision_accepted_count": 0,
+      "owner_approval_record_created": false,
+      "runtime_gate_opened": false,
+      "raw_payload_allowed": false,
+      "secret_value_collection_allowed": false,
+      "runtime_execution_authorized": false,
+      "action_buttons_allowed": false,
+      "not_authorization": true
+    },
+    {
+      "check_id": "host_decision_record_credential_boundary_review_check",
+      "display_order": 3,
+      "source_packet_id": "host_decision_record_credential_boundary_draft_packet",
+      "review_condition": "credential_boundary_metadata_only_confirmed",
+      "display_mode": "owner_decision_record_draft_review_checklist_only",
+      "decision_record_review_passed_count": 0,
+      "decision_record_created": false,
+      "owner_decision_received_count": 0,
+      "owner_decision_accepted_count": 0,
+      "owner_approval_record_created": false,
+      "runtime_gate_opened": false,
+      "raw_payload_allowed": false,
+      "secret_value_collection_allowed": false,
+      "runtime_execution_authorized": false,
+      "action_buttons_allowed": false,
+      "not_authorization": true
+    },
+    {
+      "check_id": "host_decision_record_maintenance_constraints_review_check",
+      "display_order": 4,
+      "source_packet_id": "host_decision_record_maintenance_constraints_draft_packet",
+      "review_condition": "maintenance_constraints_no_change_confirmed",
+      "display_mode": "owner_decision_record_draft_review_checklist_only",
+      "decision_record_review_passed_count": 0,
+      "decision_record_created": false,
+      "owner_decision_received_count": 0,
+      "owner_decision_accepted_count": 0,
+      "owner_approval_record_created": false,
+      "runtime_gate_opened": false,
+      "raw_payload_allowed": false,
+      "secret_value_collection_allowed": false,
+      "runtime_execution_authorized": false,
+      "action_buttons_allowed": false,
+      "not_authorization": true
+    },
+    {
+      "check_id": "host_decision_record_rollback_owner_review_check",
+      "display_order": 5,
+      "source_packet_id": "host_decision_record_rollback_owner_draft_packet",
+      "review_condition": "rollback_owner_recovery_pointer_readable",
+      "display_mode": "owner_decision_record_draft_review_checklist_only",
+      "decision_record_review_passed_count": 0,
+      "decision_record_created": false,
+      "owner_decision_received_count": 0,
+      "owner_decision_accepted_count": 0,
+      "owner_approval_record_created": false,
+      "runtime_gate_opened": false,
+      "raw_payload_allowed": false,
+      "secret_value_collection_allowed": false,
+      "runtime_execution_authorized": false,
+      "action_buttons_allowed": false,
+      "not_authorization": true
+    },
+    {
+      "check_id": "host_decision_record_validation_metrics_review_check",
+      "display_order": 6,
+      "source_packet_id": "host_decision_record_validation_metrics_draft_packet",
+      "review_condition": "validation_metrics_baseline_linked",
+      "display_mode": "owner_decision_record_draft_review_checklist_only",
+      "decision_record_review_passed_count": 0,
+      "decision_record_created": false,
+      "owner_decision_received_count": 0,
+      "owner_decision_accepted_count": 0,
+      "owner_approval_record_created": false,
+      "runtime_gate_opened": false,
+      "raw_payload_allowed": false,
+      "secret_value_collection_allowed": false,
+      "runtime_execution_authorized": false,
+      "action_buttons_allowed": false,
+      "not_authorization": true
+    },
+    {
+      "check_id": "host_decision_record_runtime_gate_review_check",
+      "display_order": 7,
+      "source_packet_id": "host_decision_record_runtime_gate_draft_packet",
+      "review_condition": "runtime_gate_separate_and_closed",
+      "display_mode": "owner_decision_record_draft_review_checklist_only",
+      "decision_record_review_passed_count": 0,
+      "decision_record_created": false,
+      "owner_decision_received_count": 0,
+      "owner_decision_accepted_count": 0,
+      "owner_approval_record_created": false,
+      "runtime_gate_opened": false,
+      "raw_payload_allowed": false,
+      "secret_value_collection_allowed": false,
+      "runtime_execution_authorized": false,
+      "action_buttons_allowed": false,
+      "not_authorization": true
+    }
   ]
 }
diff --git a/docs/security/security-mirror-status-rollup.snapshot.json b/docs/security/security-mirror-status-rollup.snapshot.json
index 7414b1b5..54f6e48f 100644
--- a/docs/security/security-mirror-status-rollup.snapshot.json
+++ b/docs/security/security-mirror-status-rollup.snapshot.json
@@ -820,6 +820,16 @@
       "runtime_delta": false,
       "execution_authorized": false,
       "not_authorization": true
+    },
+    {
+      "delta_id": "s2_27_iwooos_host_owner_decision_record_draft_review_checklist",
+      "display_order": 56,
+      "progress_axis": "framework_detail",
+      "headline_percent_delta": 0,
+      "framework_delta_visible": true,
+      "runtime_delta": false,
+      "execution_authorized": false,
+      "not_authorization": true
     }
   ],
   "next_safe_actions": [
diff --git a/scripts/security/security-mirror-progress-guard.py b/scripts/security/security-mirror-progress-guard.py
index ccdf687a..36445ef1 100755
--- a/scripts/security/security-mirror-progress-guard.py
+++ b/scripts/security/security-mirror-progress-guard.py
@@ -178,6 +178,7 @@ def validate(root: Path) -> None:
         "s2_24_iwooos_host_owner_decision_review_checklist",
         "s2_25_iwooos_host_owner_decision_review_outcome_lanes",
         "s2_26_iwooos_host_owner_decision_record_draft_packets",
+        "s2_27_iwooos_host_owner_decision_record_draft_review_checklist",
     ]
     assert_equal(
         "progress_delta_ledger.delta_ids",
@@ -458,6 +459,15 @@ def validate(root: Path) -> None:
         "host_decision_record_validation_metrics_draft_packet",
         "host_decision_record_runtime_gate_draft_packet",
     ]
+    expected_iwooos_host_owner_decision_record_draft_review_checklist_item_ids = [
+        "host_decision_record_scope_statement_review_check",
+        "host_decision_record_scan_mode_review_check",
+        "host_decision_record_credential_boundary_review_check",
+        "host_decision_record_maintenance_constraints_review_check",
+        "host_decision_record_rollback_owner_review_check",
+        "host_decision_record_validation_metrics_review_check",
+        "host_decision_record_runtime_gate_review_check",
+    ]
     assert_equal(
         "iwooos_projection.summary.frontend_surface_coverage_group_count",
         iwooos_projection["summary"]["frontend_surface_coverage_group_count"],
@@ -543,6 +553,11 @@ def validate(root: Path) -> None:
         iwooos_projection["summary"]["host_owner_decision_record_draft_packet_count"],
         len(expected_iwooos_host_owner_decision_record_draft_packet_ids),
     )
+    assert_equal(
+        "iwooos_projection.summary.host_owner_decision_record_draft_review_checklist_item_count",
+        iwooos_projection["summary"]["host_owner_decision_record_draft_review_checklist_item_count"],
+        len(expected_iwooos_host_owner_decision_record_draft_review_checklist_item_ids),
+    )
     iwooos_progress = iwooos_projection["progress"]
     assert_equal("iwooos_projection.progress.overall_percent", iwooos_progress["overall_percent"], progress["overall_percent"])
     assert_equal(
@@ -1562,6 +1577,86 @@ def validate(root: Path) -> None:
             f"iwooos_projection.host_owner_decision_record_draft_packets.{item['packet_id']}.not_authorization",
             item["not_authorization"],
         )
+    iwooos_host_owner_decision_record_draft_review_checklist = iwooos_projection[
+        "host_owner_decision_record_draft_review_checklist_items"
+    ]
+    assert_equal(
+        "iwooos_projection.host_owner_decision_record_draft_review_checklist_items.ids",
+        [item["check_id"] for item in iwooos_host_owner_decision_record_draft_review_checklist],
+        expected_iwooos_host_owner_decision_record_draft_review_checklist_item_ids,
+    )
+    assert_equal(
+        "iwooos_projection.host_owner_decision_record_draft_review_checklist_items.display_order",
+        [item["display_order"] for item in iwooos_host_owner_decision_record_draft_review_checklist],
+        list(range(1, len(expected_iwooos_host_owner_decision_record_draft_review_checklist_item_ids) + 1)),
+    )
+    expected_iwooos_host_owner_decision_record_draft_review_conditions = [
+        "scope_statement_metadata_complete",
+        "scan_mode_not_authorization_confirmed",
+        "credential_boundary_metadata_only_confirmed",
+        "maintenance_constraints_no_change_confirmed",
+        "rollback_owner_recovery_pointer_readable",
+        "validation_metrics_baseline_linked",
+        "runtime_gate_separate_and_closed",
+    ]
+    assert_equal(
+        "iwooos_projection.host_owner_decision_record_draft_review_checklist_items.review_conditions",
+        [item["review_condition"] for item in iwooos_host_owner_decision_record_draft_review_checklist],
+        expected_iwooos_host_owner_decision_record_draft_review_conditions,
+    )
+    for item in iwooos_host_owner_decision_record_draft_review_checklist:
+        assert_equal(
+            f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.display_mode",
+            item["display_mode"],
+            "owner_decision_record_draft_review_checklist_only",
+        )
+        assert_equal(
+            f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.decision_record_review_passed_count",
+            item["decision_record_review_passed_count"],
+            0,
+        )
+        assert_false(
+            f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.decision_record_created",
+            item["decision_record_created"],
+        )
+        assert_equal(
+            f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.owner_decision_received_count",
+            item["owner_decision_received_count"],
+            0,
+        )
+        assert_equal(
+            f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.owner_decision_accepted_count",
+            item["owner_decision_accepted_count"],
+            0,
+        )
+        assert_false(
+            f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.owner_approval_record_created",
+            item["owner_approval_record_created"],
+        )
+        assert_false(
+            f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.runtime_gate_opened",
+            item["runtime_gate_opened"],
+        )
+        assert_false(
+            f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.raw_payload_allowed",
+            item["raw_payload_allowed"],
+        )
+        assert_false(
+            f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.secret_value_collection_allowed",
+            item["secret_value_collection_allowed"],
+        )
+        assert_false(
+            f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.runtime_execution_authorized",
+            item["runtime_execution_authorized"],
+        )
+        assert_false(
+            f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.action_buttons_allowed",
+            item["action_buttons_allowed"],
+        )
+        assert_true(
+            f"iwooos_projection.host_owner_decision_record_draft_review_checklist_items.{item['check_id']}.not_authorization",
+            item["not_authorization"],
+        )
     assert_equal(
         "iwooos_projection.non_blocking_lane_ids",
         iwooos_projection["non_blocking_lane_ids"],
@@ -1597,6 +1692,7 @@ def validate(root: Path) -> None:
         "display_host_owner_decision_review_checklist",
         "display_host_owner_decision_review_outcome_lanes",
         "display_host_owner_decision_record_draft_packets",
+        "display_host_owner_decision_record_draft_review_checklist",
         "display_evidence_refs",
         "display_forbidden_actions",
     ]:
@@ -1650,6 +1746,10 @@ def validate(root: Path) -> None:
         "create_host_owner_decision_record_from_draft",
         "mark_host_owner_decision_record_created",
         "open_runtime_gate_from_owner_decision_record_draft",
+        "treat_host_owner_decision_record_draft_review_as_approval",
+        "mark_host_owner_decision_record_draft_review_passed",
+        "create_host_owner_decision_record_from_draft_review",
+        "open_runtime_gate_from_owner_decision_record_draft_review",
         "apply_runtime_blocking_control",
         "switch_github_primary",
         "production_deploy",