feat(governance): 新增 AI Agent 專業任務擴展

docs/ai/AI_AGENT_12_AGENT_WAR_ROOM_2026-06-14.md

@@ -184,5 +184,5 @@ Telegram Ops 工位負責 Telegram Gateway、Channel Hub、日報/週報/月報
 狀態變更：12 位 Agent 只讀審查全部回收並彙整；已建立 `ai_agent_12_agent_war_room_v1` schema / committed snapshot / API / tests / governance UI 區塊。
 證據：`docs/schemas/ai_agent_12_agent_war_room_v1.schema.json`、`docs/evaluations/ai_agent_12_agent_war_room_2026-06-14.json`、`GET /api/v1/agents/agent-12-agent-war-room`、治理頁 12-Agent War Room 區塊、12 位 Agent 只讀回饋。
 阻擋：runtime writer、Telegram send、Bot API、production write、SDK 安裝、付費 API、shadow/canary、host update、DB migration、restore 仍未批准。
-下一步：本地驗證、推送 Gitea CD、production API readback 與 desktop / mobile Browser smoke；P2-143 承接 report receipt / 月報 / Agent 工作量 runtime data model。
+下一步：P2-405B 承接 Telegram no-send preview UI；讓統帥先看見 TG 訊息、dedup、receipt 與風險標籤長相。P2-146 owner response receipt preview 仍屬另一條 release gate 主線；兩者都不得直接打開 Gateway queue、Telegram send、Bot API 或 production write。
 ```

docs/ai/AI_AGENT_AUTOMATION_WORKLIST_2026-06-04.md

@@ -15,6 +15,7 @@
 | OpenClaw / Hermes / NemoTron 主動溝通、學習與成長證據 | 100% | P2-401A 到 P2-144 已完成只讀證據面、runtime / report / result-capture gates、no-write readback、promotion review、writer implementation review、writer dry-run fixture、writer dry-run readback、owner promotion execution gate、owner-approved execution rehearsal、owner acceptance / maintenance window gate、owner acceptance readback / preflight hold、owner-approved preflight release package、owner-approved release readiness readback、owner release approval gate、post-release verifier / rollback gate、final release candidate readback、release authorization hold / readback gate、release verifier preflight / owner review packet、release decision hold / readback、release decision next handoff、release decision input prep、12-Agent War Room、owner response 預檢與 owner response 回讀；P2-141 基線與 S4.9 owner release packet 補強皆已正式驗證，P2-142 12-Agent War Room 已完成 production readback 與 desktop / mobile smoke，P2-143 owner response 預檢已完成 production readback 與 in-app browser smoke，P2-144 owner response 回讀已完成 production API readback 與 desktop / mobile smoke。runtime worker、DB migration、production Redis consumer group、canonical runtime readback、live query、runtime score、result capture write、Telegram 實發、delivery receipt E2E、live report delivery、reviewer queue write、Gateway queue write、AI analysis runtime、中低風險 auto worker、KM / LOGBOOK / audit DB / timeline / PlayBook trust 寫入、SDK / 付費服務仍未開 gate | `ai_agent_result_capture_release_decision_owner_response_readback_v1`、`GET /api/v1/agents/agent-result-capture-release-decision-owner-response-readback`、`docs/evaluations/ai_agent_result_capture_release_decision_owner_response_readback_2026-06-14.json`、feature commit `8795f100`、deploy marker `ac938037`、Gitea code-review `2965` / CD `2964` success、5 個回覆讀回 lane、18 個 owner 必填欄位、6 個 readback validation check、6 個 rejection guard、5 個 operator action、等待外部回覆 `5`、未收件 lane `5`、正式寫入 / 發送 `0`；P2-142 feature commit `5de4b3f3`、deploy marker `1a2c9e36`、Gitea CD run `4232` success、production API readback、desktop / mobile in-app browser smoke；P2-143 feature commit `755b0a8d`、deploy marker `667d6329`、Gitea code-review `2961` / CD `2960` success、production API readback、desktop / mobile in-app browser smoke；MASTER §3.2.1b / §3.2.1d / §3.4.3 |
 | AI Agent 主動營運委派與版本生命週期 | 100% | P2-402A / P2-402B / P2-402C / P2-402D / P2-402E / P2-402F / P2-402G 已完成；已建立 repo-only 版本新鮮度快照、工具採用批准包、Telegram action-required digest policy、Gitea PR 草案 lane、host / K3s / stateful 版本只讀盤點、API 與 governance UI。定期排程、外部版本查詢、工具安裝、CI 變更、套件升級、主機更新、container pull、實際 PR creation、auto merge、Telegram 實發、SSH、kubectl、重啟仍未開 gate | `ai_agent_proactive_operations_contract_v1`、`ai_agent_version_freshness_snapshot_v1`、`ai_agent_tool_adoption_approval_package_v1`、`ai_agent_telegram_action_required_digest_policy_v1`、`ai_agent_gitea_pr_draft_lane_v1`、`ai_agent_host_stateful_version_inventory_v1`、`GET /api/v1/agents/agent-proactive-operations-contract`、`GET /api/v1/agents/agent-version-freshness-snapshot`、`GET /api/v1/agents/agent-tool-adoption-approval-package`、`GET /api/v1/agents/agent-telegram-action-required-digest-policy`、`GET /api/v1/agents/agent-gitea-pr-draft-lane`、`GET /api/v1/agents/agent-host-stateful-version-inventory`、`/zh-TW/governance?tab=automation-inventory`、MASTER §3.2.1c |
 | 12-Agent War Room 編組 | 72% | 12 個邏輯工位與分批派工規則已正式部署；OpenClaw / Hermes / NemoTron / SRE / Security / DevOps / Data/DR / Supply Chain / Product/UI / QA / Market / Telegram 共 12 份只讀審查已回收；schema / committed snapshot / API / tests / governance UI 區塊 / production API readback / desktop + mobile in-app browser smoke 已完成；runtime writer、Telegram send、Bot API、production write 仍未批准 | `ai_agent_12_agent_war_room_v1`、`docs/evaluations/ai_agent_12_agent_war_room_2026-06-14.json`、`GET /api/v1/agents/agent-12-agent-war-room`、feature commit `5de4b3f3`、deploy marker `1a2c9e36`、Gitea CD run `4232` success、`/zh-TW/governance?tab=automation-inventory`、12 份 Codex sub-agent 只讀回饋 |
+| AI Agent 專業任務擴展與 Telegram Runtime Bridge | 84% | P2-405A 已完成本地只讀契約與治理頁 P2-405A 卡片；24 類專業任務、8 個領域、5 段 Telegram bridge、6 種訊息類型、MCP/RAG stack、日報 / 週報 / 月報 / action-required 報告契約已固定；Telegram 實發、Gateway queue、Bot API、delivery receipt、production write、secret read、paid API、host write、kubectl action 仍全部關閉 | `ai_agent_professional_task_expansion_v1`、`docs/evaluations/ai_agent_professional_task_expansion_2026-06-15.json`、`GET /api/v1/agents/agent-professional-task-expansion`、`/zh-TW/governance?tab=automation-inventory`、`docs/ai/AI_AGENT_PROFESSIONAL_TASK_EXPANSION_2026-06-15.md`、需批准任務 `19`、low / medium / high / critical = `3 / 10 / 6 / 5`；下一步 P2-405B 完整 no-send message preview / canary approval package |
 | Owner response 預檢與拒收邊界 | 100% | P2-143 已完成正式部署與 production readback；承接 P2-141 input prep 與 P2-142 War Room，只建立 owner / verifier / rollback / maintenance / live-apply 五類外部回覆的 intake 預檢、必填欄位與拒收規則；正式 owner response 尚未收到、未接受、未寫入 | `ai_agent_result_capture_release_decision_owner_response_preflight_v1`、`GET /api/v1/agents/agent-result-capture-release-decision-owner-response-preflight`、feature commit `755b0a8d`、deploy marker `667d6329`、Gitea code-review `2961` / CD `2960` success、5 個 response intake lane、18 個 required owner field、6 個 validation check、6 個 rejection guard、5 個 operator action；owner response received / accepted / redacted payload / reviewer queue / Gateway / Telegram / Bot API / production write / secret read / destructive operation 全為 `0` |
 | Owner response 回讀狀態 | 100% | P2-144 已完成正式部署與 production readback；承接 P2-143 preflight，只讀回五類外部回覆仍未收到、未接受、未拒絕、未保存 | `ai_agent_result_capture_release_decision_owner_response_readback_v1`、`GET /api/v1/agents/agent-result-capture-release-decision-owner-response-readback`、feature commit `8795f100`、deploy marker `ac938037`、Gitea code-review `2965` / CD `2964` success、5 個 response readback lane、18 個 required owner field、6 個 readback validation check、6 個 readback rejection guard、5 個 operator action、waiting external response `5`、no external response received `5`；owner response received / accepted / redacted payload / reviewer queue / Gateway / Telegram / Bot API / production write / secret read / destructive operation 全為 `0` |
 | 本工作清單與分析報告 | 100% | 已完成 | 本 MD 文件 |
@@ -1416,7 +1417,8 @@ UI：
 ## 13. 立即執行順序
 
 1. P2-004：依賴 / 供應鏈漂移監控，保持只讀觀察與批准包邊界。
-2. P3-001：外部 Agent / SDK / API 相關能力仍需證據、費用批准與 shadow / canary 關卡。
+2. P2-405B：AI Agent Telegram 完整 no-send message preview / canary approval package，先讓統帥看見未來 TG 訊息、dedup、receipt 與風險標籤長相；仍不得實發。
+3. P3-001：外部 Agent / SDK / API 相關能力仍需證據、費用批准與 shadow / canary 關卡。
 
 ## 14. 目前風險
 

docs/ai/AI_AGENT_PROFESSIONAL_TASK_EXPANSION_2026-06-15.md

@@ -0,0 +1,78 @@
+# AI Agent 專業任務擴展與 Telegram Runtime Bridge 工作報告
+
+> 日期：2026-06-15（台北時間）
+> 狀態：P2-405A 已完成只讀契約、snapshot、API、測試與治理頁卡片；Telegram 實發仍未啟用。
+> 事實來源：`ai_agent_professional_task_expansion_v1`
+
+## 1. 結論
+
+本輪把「AI Agent 還能處理哪些專業工作」正式產品化成 24 類專業任務，並把 Telegram 群組 / TG Bot 整合拆成 5 段啟動前閘門。
+
+這不是直接讓 AI Agent 發 Telegram 或改 production；目前只允許 no-send preview、queue preview readback、owner review 與批准包。真正送到 **AwoooI SRE 戰情室** 必須先通過 approved canary、dedup、receipt、redaction、OpenClaw 仲裁、Security gate 與 QA verifier。
+
+## 2. 完成度
+
+| 範圍 | 完成度 | 狀態 |
+|---|---:|---|
+| 專業任務擴展契約 | 100% | 24 類任務已定義 owner、風險、MCP、RAG、Telegram policy 與 blocked actions |
+| Telegram Runtime Bridge 契約 | 100% | no-send preview、queue preview、approved canary、日週月報、action-required digest 已分段 |
+| API / loader | 100% | `GET /api/v1/agents/agent-professional-task-expansion` 只讀輸出 |
+| 治理頁可視化 | 100% | `/zh-TW/governance?tab=automation-inventory` 顯示任務、風險、TG bridge 與 live/send/write=0 |
+| Telegram 實發 | 0% | `telegram_send_count=0`、`bot_api_call_count=0`、`gateway_queue_write_count=0` |
+| Runtime 自動優化 | 0% | production write、host write、kubectl、paid API、secret read 全部維持 0 |
+
+## 3. Telegram Bridge
+
+| 階段 | 狀態 | 可做 | 不可做 |
+|---|---|---|---|
+| no-send preview | ready for owner review | 產生脫敏 TG 訊息預覽、dedup key、風險層級 | 不送 Telegram、不寫 queue |
+| queue preview readback | ready for owner review | 讀回 queue envelope hash、receipt expectation | 不寫 production queue |
+| approved canary | blocked until approval | 單一 canary 訊息與 receipt 驗證 | 未批准不得 Bot API send |
+| 日週月報 digest | blocked until canary receipt | Agent 工作量、完成度、阻擋項、圖表摘要 | 不洗版、不發成功噪音 |
+| action-required digest | blocked until dual gate | 高風險審核卡、failure-only escalation | 不取代 runtime authorization |
+
+## 4. 專業任務總覽
+
+| 領域 | 任務數 | 代表任務 | 主責 |
+|---|---:|---|---|
+| SRE / Observability | 4 | incident correlation、告警降噪、synthetic check、DB slow query triage | SRE Sentinel / QA |
+| Security / IwoooS | 3 | public bundle redaction、secret metadata parity、owner response completeness | Security Sentinel |
+| DevOps / Release | 4 | image digest pin、GitOps diff、gateway route impact、candidate PR draft | DevOps Commander |
+| Data / Backup / DR | 3 | backup readiness、escrow evidence、data freshness | Data DR / Hermes |
+| Supply Chain | 2 | CVE triage、SBOM/license drift | Supply Chain Scout |
+| Product / UI / QA | 1 | mobile overflow、console、a11y regression | Product UI / QA |
+| AI Governance / Replay / Market | 4 | market watch、NemoTron replay、cost forecast、runbook/postmortem | OpenClaw / NemoTron / Hermes |
+| Telegram / Reports / Receipts | 3 | digest preview、report truth gate、post-action verifier | Telegram Ops / Hermes / OpenClaw |
+
+## 5. 專業能力層級
+
+| 層級 | AI Agent 可自動做 | Gate |
+|---|---|---|
+| 低風險 | 文件、報表、UI smoke、只讀摘要、truth gate | guard 後自動摘要 |
+| 中風險 | proposal、no-write dry-run、PR 草案、Telegram preview | QA + OpenClaw 或 owner review |
+| 高風險 | 只產批准包、rollback plan、failure-only digest 草案 | 統帥批准 |
+| Critical | production write、kubectl、ArgoCD sync、Telegram 實發、secret、restore、host write | 預設 blocked |
+
+## 6. MCP / RAG
+
+首批 MCP：Gitea、Browser、Observability、Telegram Gateway、Package Registry、Database Readonly、Backup Status、ArgoCD Readonly、HTTP Probe、Fixture Store。
+
+首批 RAG：LOGBOOK chunks、HARD_RULES / ADR chunks、Runbook chunks、Incident / alert traces、Agent market evidence、Owner response templates。
+
+成長指標：KM entries、PlayBook updates、recommendations、replay score delta、blocked action prevented count、receipt missing count。
+
+## 7. 邊界
+
+- 不直接發 Telegram。
+- 不寫 Telegram Gateway queue。
+- 不呼叫 Bot API。
+- 不讀 `TELEGRAM_BOT_TOKEN` 或任何機密明文。
+- 不把工作視窗對話、未遮罩提示、私人推理或未遮罩 runtime payload 放進前端或 Telegram。
+- 不做 production write、host write、kubectl、ArgoCD sync、restore、rollback、paid API、SDK install。
+
+## 8. 下一步
+
+1. P2-405B：把完整 no-send message preview、dedup key、receipt expectation 與 canary approval package 顯示到治理頁，讓統帥先看 TG 訊息會長什麼樣。
+2. P2-405C：產生 approved canary approval package，明確列出發送時間窗、目標群組、dedup、receipt 與 rollback / mute plan。
+3. P2-405D：canary 通過後才開日報 / 週報 / 月報 digest delivery。
+4. P2-405E：Action-required digest 只對 failure / high-risk / approval-required 事件開啟。