From f4ea2a57fc404663608e9eea25b694d09d1cf1b2 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sat, 13 Jun 2026 20:21:05 +0800 Subject: [PATCH] =?UTF-8?q?feat(governance):=20=E6=96=B0=E5=A2=9E=20review?= =?UTF-8?q?er=20queue=20no-write=20readback?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/api/src/api/v1/agents.py | 33 ++ ..._agent_reviewer_queue_no_write_readback.py | 361 ++++++++++++++++++ ..._agent_reviewer_queue_no_write_readback.py | 110 ++++++ ...nt_reviewer_queue_no_write_readback_api.py | 43 +++ apps/web/messages/en.json | 32 ++ apps/web/messages/zh-TW.json | 32 ++ .../tabs/automation-inventory-tab.tsx | 170 ++++++++- apps/web/src/lib/api-client.ts | 155 ++++++++ ...er_queue_no_write_readback_2026-06-13.json | 356 +++++++++++++++++ ...wer_queue_no_write_readback_v1.schema.json | 347 +++++++++++++++++ 10 files changed, 1638 insertions(+), 1 deletion(-) create mode 100644 apps/api/src/services/ai_agent_reviewer_queue_no_write_readback.py create mode 100644 apps/api/tests/test_ai_agent_reviewer_queue_no_write_readback.py create mode 100644 apps/api/tests/test_ai_agent_reviewer_queue_no_write_readback_api.py create mode 100644 docs/evaluations/ai_agent_reviewer_queue_no_write_readback_2026-06-13.json create mode 100644 docs/schemas/ai_agent_reviewer_queue_no_write_readback_v1.schema.json diff --git a/apps/api/src/api/v1/agents.py b/apps/api/src/api/v1/agents.py index 71fe058f..cd6f9f15 100644 --- a/apps/api/src/api/v1/agents.py +++ b/apps/api/src/api/v1/agents.py @@ -112,6 +112,9 @@ from src.services.ai_agent_proactive_operations_contract import ( from src.services.ai_agent_redis_dry_run_gate import ( load_latest_ai_agent_redis_dry_run_gate, ) +from src.services.ai_agent_reviewer_queue_no_write_readback import ( + load_latest_ai_agent_reviewer_queue_no_write_readback, +) from src.services.ai_agent_runtime_readback_approval_package import ( load_latest_ai_agent_runtime_readback_approval_package, ) @@ -1557,6 +1560,36 @@ async def get_agent_failure_receipt_no_send_replay() -> dict[str, Any]: ) from exc +@router.get( + "/agent-reviewer-queue-no-write-readback", + response_model=dict[str, Any], + summary="取得 AI Agent reviewer queue no-write readback", + description=( + "讀取最新已提交的 P2-117 reviewer queue no-write readback;" + "此端點只回傳 reviewer queue preview fixture、queue item mapping、no-write verifier、" + "blocked queue write 與 operator handoff,不寫 reviewer queue、不寫 Gateway queue、" + "不送 Telegram、不呼叫 Bot API、不寫 report receipt / result capture / learning / PlayBook trust、" + "不讀 canonical runtime target、不讀 secret。" + ), +) +async def get_agent_reviewer_queue_no_write_readback() -> dict[str, Any]: + """Return the latest read-only reviewer queue no-write readback package.""" + try: + payload = await asyncio.to_thread(load_latest_ai_agent_reviewer_queue_no_write_readback) + return redact_public_lan_topology(payload) + except FileNotFoundError as exc: + raise HTTPException( + status_code=status.HTTP_404_NOT_FOUND, + detail=str(exc), + ) from exc + except (json.JSONDecodeError, ValueError) as exc: + logger.error("ai_agent_reviewer_queue_no_write_readback_invalid", error=str(exc)) + raise HTTPException( + status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, + detail="AI Agent reviewer queue no-write readback 無效", + ) from exc + + @router.get( "/agent-owner-approved-fixture-dry-run", response_model=dict[str, Any], diff --git a/apps/api/src/services/ai_agent_reviewer_queue_no_write_readback.py b/apps/api/src/services/ai_agent_reviewer_queue_no_write_readback.py new file mode 100644 index 00000000..1c14be0e --- /dev/null +++ b/apps/api/src/services/ai_agent_reviewer_queue_no_write_readback.py @@ -0,0 +1,361 @@ +""" +AI Agent reviewer queue no-write readback snapshot. + +Loads the latest committed P2-117 reviewer queue no-write readback package. This +module validates committed evidence only; it never writes reviewer queues, +writes Gateway queues, sends Telegram messages, calls Bot API, writes result +captures, reads canonical runtime targets, reads secrets, or performs +destructive operations. +""" + +from __future__ import annotations + +import json +from pathlib import Path +from typing import Any + +from src.services.snapshot_paths import default_evaluations_dir + +_DEFAULT_EVALUATIONS_DIR = default_evaluations_dir(Path(__file__)) +_SNAPSHOT_PATTERN = "ai_agent_reviewer_queue_no_write_readback_*.json" +_SCHEMA_VERSION = "ai_agent_reviewer_queue_no_write_readback_v1" +_RUNTIME_AUTHORITY = "reviewer_queue_no_write_readback_only_no_queue_write_or_send" +_TARGET_QUEUE = "reviewer_queue_preview" + + +def load_latest_ai_agent_reviewer_queue_no_write_readback( + evaluations_dir: Path | None = None, +) -> dict[str, Any]: + """Load the newest committed reviewer queue no-write readback package.""" + directory = evaluations_dir or _DEFAULT_EVALUATIONS_DIR + candidates = sorted(directory.glob(_SNAPSHOT_PATTERN)) + if not candidates: + raise FileNotFoundError(f"no AI Agent reviewer queue no-write readback snapshots found in {directory}") + + latest = candidates[-1] + with latest.open(encoding="utf-8") as handle: + payload = json.load(handle) + + if not isinstance(payload, dict): + raise ValueError(f"{latest}: expected JSON object") + + label = str(latest) + _require_schema(payload, label) + _require_prior(payload, label) + _require_truth(payload, label) + _require_reviewer_queue_fixtures(payload, label) + _require_queue_mappings(payload, label) + _require_verifier_checks(payload, label) + _require_blockers(payload, label) + _require_actions(payload, label) + _require_display_redaction(payload, label) + _require_no_forbidden_display_terms(payload, label) + _require_rollup_consistency(payload, label) + return payload + + +def _require_schema(payload: dict[str, Any], label: str) -> None: + if payload.get("schema_version") != _SCHEMA_VERSION: + raise ValueError(f"{label}: expected schema_version={_SCHEMA_VERSION}") + status = payload.get("program_status") or {} + expected = { + "current_priority": "P2", + "current_task_id": "P2-117", + "next_task_id": "P2-118", + "read_only_mode": True, + "runtime_authority": _RUNTIME_AUTHORITY, + "overall_completion_percent": 100, + } + mismatches = _mismatches(status, expected) + if mismatches: + raise ValueError(f"{label}: program_status mismatch: {mismatches}") + if not status.get("status_note"): + raise ValueError(f"{label}: program_status.status_note is required") + + +def _require_prior(payload: dict[str, Any], label: str) -> None: + prior = payload.get("prior_failure_receipt_replay") or {} + expected = { + "schema_version": "ai_agent_failure_receipt_no_send_replay_v1", + "no_send_replay_fixture_count": 5, + "route_lock_check_count": 4, + "replay_verifier_check_count": 5, + "blocked_send_count": 5, + "operator_action_count": 5, + "failure_receipt_send_count": 0, + "gateway_queue_write_count": 0, + "telegram_send_count": 0, + "bot_api_call_count": 0, + "reviewer_queue_write_count": 0, + "result_capture_write_count": 0, + } + mismatches = _mismatches(prior, expected) + if mismatches: + raise ValueError(f"{label}: prior_failure_receipt_replay mismatch: {mismatches}") + if not prior.get("readiness_note"): + raise ValueError(f"{label}: prior_failure_receipt_replay.readiness_note is required") + + +def _require_truth(payload: dict[str, Any], label: str) -> None: + truth = payload.get("readback_truth") or {} + required_true = { + "p2_116_no_send_replay_loaded", + "reviewer_queue_readback_package_ready", + "reviewer_queue_fixture_ready", + "queue_item_mapping_ready", + "no_write_verifier_ready", + "operator_handoff_ready", + "result_capture_preview_ready", + } + missing = sorted(field for field in required_true if truth.get(field) is not True) + if missing: + raise ValueError(f"{label}: readback ready flags must remain true: {missing}") + if truth.get("owner_approval_received") is not False: + raise ValueError(f"{label}: owner approval must remain false before reviewer queue write") + + required_false = { + "canonical_runtime_target_read_enabled", + "live_query_enabled", + "reviewer_queue_write_enabled", + "gateway_queue_write_enabled", + "telegram_send_enabled", + "bot_api_call_enabled", + "report_receipt_write_enabled", + "result_capture_write_enabled", + "learning_write_enabled", + "playbook_trust_write_enabled", + "production_write_enabled", + "secret_read_enabled", + "destructive_operation_enabled", + } + unsafe = sorted(field for field in required_false if truth.get(field) is not False) + if unsafe: + raise ValueError(f"{label}: live read/send/write flags must remain false: {unsafe}") + + zero_counts = { + "owner_approval_received_count", + "canonical_runtime_target_read_count", + "live_query_count", + "reviewer_queue_write_count", + "gateway_queue_write_count", + "telegram_send_count", + "bot_api_call_count", + "report_receipt_write_count", + "result_capture_write_count", + "learning_write_count", + "playbook_trust_write_count", + "production_write_count", + } + non_zero = sorted(field for field in zero_counts if truth.get(field) != 0) + if non_zero: + raise ValueError(f"{label}: reviewer queue live counters must remain zero: {non_zero}") + if not truth.get("truth_note"): + raise ValueError(f"{label}: readback_truth.truth_note is required") + + +def _require_reviewer_queue_fixtures(payload: dict[str, Any], label: str) -> None: + fixtures = payload.get("reviewer_queue_readback_fixtures") or [] + required = { + "reviewer_queue_action_required_failure_receipt", + "reviewer_queue_no_action_decision", + "reviewer_queue_verifier_degraded", + "reviewer_queue_route_locked", + "reviewer_queue_result_capture_pending", + } + fixture_ids = {fixture.get("fixture_id") for fixture in fixtures} + if fixture_ids != required: + raise ValueError(f"{label}: reviewer queue fixtures must match {sorted(required)}") + for fixture in fixtures: + fixture_id = fixture.get("fixture_id") + if fixture.get("readback_mode") != "no_write_fixture": + raise ValueError(f"{label}: fixture {fixture_id} must remain no_write_fixture") + if fixture.get("reviewer_queue_write_enabled") is not False: + raise ValueError(f"{label}: fixture {fixture_id} must not enable reviewer queue write") + if fixture.get("status") not in {"ready_for_owner_review", "approval_required", "blocked_by_policy"}: + raise ValueError(f"{label}: fixture {fixture_id} status is invalid") + if not fixture.get("next_manual_action") or not fixture.get("queue_lane"): + raise ValueError(f"{label}: fixture {fixture_id} must include queue lane and next manual action") + if not _is_redacted_sha256(fixture.get("evidence_hash")): + raise ValueError(f"{label}: fixture {fixture_id} must expose redacted evidence_hash") + + +def _require_queue_mappings(payload: dict[str, Any], label: str) -> None: + mappings = payload.get("queue_item_mappings") or [] + required = { + "failure_receipt_to_manual_repair_review", + "no_action_to_manual_decision_review", + "verifier_degraded_to_rollback_review", + "route_locked_to_sre_route_review", + "result_capture_to_owner_review", + } + mapping_ids = {mapping.get("mapping_id") for mapping in mappings} + if mapping_ids != required: + raise ValueError(f"{label}: queue item mappings must match {sorted(required)}") + for mapping in mappings: + mapping_id = mapping.get("mapping_id") + if mapping.get("target_queue") != _TARGET_QUEUE: + raise ValueError(f"{label}: mapping {mapping_id} must target {_TARGET_QUEUE}") + if mapping.get("queue_write_enabled") is not False: + raise ValueError(f"{label}: mapping {mapping_id} must not enable queue write") + if mapping.get("status") not in {"ready", "approval_required", "blocked_by_policy"}: + raise ValueError(f"{label}: mapping {mapping_id} status is invalid") + if not mapping.get("required_reviewer"): + raise ValueError(f"{label}: mapping {mapping_id} required_reviewer is required") + if not _is_redacted_sha256(mapping.get("evidence_hash")): + raise ValueError(f"{label}: mapping {mapping_id} must expose redacted evidence_hash") + + +def _require_verifier_checks(payload: dict[str, Any], label: str) -> None: + checks = payload.get("readback_verifier_checks") or [] + required = { + "no_reviewer_queue_write_verifier", + "no_gateway_queue_write_verifier", + "no_telegram_send_verifier", + "manual_action_completeness_verifier", + "result_capture_not_written_verifier", + } + verifier_ids = {check.get("verifier_id") for check in checks} + if verifier_ids != required: + raise ValueError(f"{label}: readback verifier checks must match {sorted(required)}") + for check in checks: + verifier_id = check.get("verifier_id") + if check.get("live_execution_enabled") is not False: + raise ValueError(f"{label}: verifier {verifier_id} must not enable live execution") + if check.get("status") not in {"ready", "approval_required", "blocked_by_policy"}: + raise ValueError(f"{label}: verifier {verifier_id} status is invalid") + if not check.get("verifies") or not check.get("failure_if_missing"): + raise ValueError(f"{label}: verifier {verifier_id} must include verifies and failure_if_missing") + if not _is_redacted_sha256(check.get("evidence_hash")): + raise ValueError(f"{label}: verifier {verifier_id} must expose redacted evidence_hash") + + +def _require_blockers(payload: dict[str, Any], label: str) -> None: + blockers = payload.get("blocked_queue_writes") or [] + required = { + "reviewer_queue_writer_not_authorized", + "gateway_queue_not_authorized", + "telegram_send_not_authorized", + "bot_api_not_authorized", + "result_capture_not_authorized", + } + blocker_ids = {blocker.get("blocker_id") for blocker in blockers} + if blocker_ids != required: + raise ValueError(f"{label}: blocked queue writes must match {sorted(required)}") + for blocker in blockers: + blocker_id = blocker.get("blocker_id") + if blocker.get("status") not in {"approval_required", "blocked_by_policy"}: + raise ValueError(f"{label}: blocker {blocker_id} status is invalid") + if blocker.get("severity") not in {"high", "critical"}: + raise ValueError(f"{label}: blocker {blocker_id} severity is invalid") + if not blocker.get("blocked_action") or not blocker.get("blocked_until"): + raise ValueError(f"{label}: blocker {blocker_id} must include blocked_action and blocked_until") + if not _is_redacted_sha256(blocker.get("evidence_hash")): + raise ValueError(f"{label}: blocker {blocker_id} must expose redacted evidence_hash") + + +def _require_actions(payload: dict[str, Any], label: str) -> None: + actions = payload.get("operator_actions") or [] + required = { + "review_reviewer_queue_preview", + "verify_no_write_counts", + "confirm_manual_options", + "check_queue_redaction_contract", + "promote_to_p2_118", + } + action_ids = {action.get("action_id") for action in actions} + if action_ids != required: + raise ValueError(f"{label}: operator actions must match {sorted(required)}") + for action in actions: + action_id = action.get("action_id") + if action.get("runtime_queue_write_allowed") is not False: + raise ValueError(f"{label}: action {action_id} must not allow runtime queue write") + if not action.get("operator_instruction"): + raise ValueError(f"{label}: action {action_id} operator_instruction is required") + + +def _require_display_redaction(payload: dict[str, Any], label: str) -> None: + contract = payload.get("display_redaction_contract") or {} + expected = { + "redaction_required": True, + "raw_prompt_display_allowed": False, + "private_reasoning_display_allowed": False, + "secret_value_display_allowed": False, + "raw_runtime_payload_display_allowed": False, + "internal_collaboration_content_display_allowed": False, + } + mismatches = _mismatches(contract, expected) + if mismatches: + raise ValueError(f"{label}: display_redaction_contract mismatch: {mismatches}") + if not contract.get("frontend_display_policy"): + raise ValueError(f"{label}: display_redaction_contract.frontend_display_policy is required") + + +def _require_rollup_consistency(payload: dict[str, Any], label: str) -> None: + rollups = payload.get("rollups") or {} + fixtures = payload.get("reviewer_queue_readback_fixtures") or [] + mappings = payload.get("queue_item_mappings") or [] + verifiers = payload.get("readback_verifier_checks") or [] + blockers = payload.get("blocked_queue_writes") or [] + actions = payload.get("operator_actions") or [] + expected = { + "reviewer_queue_readback_fixture_count": len(fixtures), + "queue_item_mapping_count": len(mappings), + "readback_verifier_check_count": len(verifiers), + "blocked_queue_write_count": len(blockers), + "operator_action_count": len(actions), + "approval_required_fixture_count": sum(1 for item in fixtures if item.get("status") == "approval_required"), + "blocked_fixture_count": sum(1 for item in fixtures if item.get("status") == "blocked_by_policy"), + "approval_required_mapping_count": sum(1 for item in mappings if item.get("status") == "approval_required"), + "blocked_mapping_count": sum(1 for item in mappings if item.get("status") == "blocked_by_policy"), + "approval_required_verifier_count": sum(1 for item in verifiers if item.get("status") == "approval_required"), + "critical_blocker_count": sum(1 for item in blockers if item.get("severity") == "critical"), + "owner_approval_received_count": 0, + "canonical_runtime_target_read_count": 0, + "live_query_count": 0, + "reviewer_queue_write_count": 0, + "gateway_queue_write_count": 0, + "telegram_send_count": 0, + "bot_api_call_count": 0, + "report_receipt_write_count": 0, + "result_capture_write_count": 0, + "learning_write_count": 0, + "playbook_trust_write_count": 0, + "production_write_count": 0, + "secret_read_count": 0, + "destructive_operation_count": 0, + } + mismatches = _mismatches(rollups, expected) + if mismatches: + raise ValueError(f"{label}: rollup counts mismatch: {mismatches}") + + +def _require_no_forbidden_display_terms(payload: dict[str, Any], label: str) -> None: + serialized = json.dumps(payload, ensure_ascii=False) + forbidden = { + "work_window_transcript", + "session_id", + "browser_context", + "authorization_header", + "raw Telegram payload", + "private reasoning", + "raw prompt", + "chain-of-thought", + } + hits = sorted(term for term in forbidden if term in serialized) + if hits: + raise ValueError(f"{label}: forbidden display terms present: {hits}") + + +def _is_redacted_sha256(value: Any) -> bool: + if not isinstance(value, str) or not value.startswith("sha256:"): + return False + digest = value.removeprefix("sha256:") + return len(digest) == 64 and all(char in "0123456789abcdef" for char in digest) + + +def _mismatches(payload: dict[str, Any], expected: dict[str, Any]) -> dict[str, dict[str, Any]]: + return { + key: {"expected": value, "actual": payload.get(key)} + for key, value in expected.items() + if payload.get(key) != value + } diff --git a/apps/api/tests/test_ai_agent_reviewer_queue_no_write_readback.py b/apps/api/tests/test_ai_agent_reviewer_queue_no_write_readback.py new file mode 100644 index 00000000..90865371 --- /dev/null +++ b/apps/api/tests/test_ai_agent_reviewer_queue_no_write_readback.py @@ -0,0 +1,110 @@ +import copy +import json +from pathlib import Path + +import pytest + +from src.services.ai_agent_reviewer_queue_no_write_readback import ( + load_latest_ai_agent_reviewer_queue_no_write_readback, +) + + +REPO_ROOT = Path(__file__).resolve().parents[3] +FIXTURE = REPO_ROOT / "docs/evaluations/ai_agent_reviewer_queue_no_write_readback_2026-06-13.json" + + +def test_load_latest_ai_agent_reviewer_queue_no_write_readback_snapshot() -> None: + data = load_latest_ai_agent_reviewer_queue_no_write_readback() + + assert data["schema_version"] == "ai_agent_reviewer_queue_no_write_readback_v1" + assert data["program_status"]["current_task_id"] == "P2-117" + assert data["program_status"]["next_task_id"] == "P2-118" + assert data["program_status"]["overall_completion_percent"] == 100 + assert data["program_status"]["read_only_mode"] is True + + rollups = data["rollups"] + assert rollups["reviewer_queue_readback_fixture_count"] == 5 + assert rollups["queue_item_mapping_count"] == 5 + assert rollups["readback_verifier_check_count"] == 5 + assert rollups["blocked_queue_write_count"] == 5 + assert rollups["operator_action_count"] == 5 + assert rollups["approval_required_fixture_count"] == 2 + assert rollups["blocked_fixture_count"] == 2 + assert rollups["approval_required_mapping_count"] == 1 + assert rollups["blocked_mapping_count"] == 2 + assert rollups["approval_required_verifier_count"] == 2 + assert rollups["critical_blocker_count"] == 3 + + assert {mapping["target_queue"] for mapping in data["queue_item_mappings"]} == {"reviewer_queue_preview"} + assert {fixture["readback_mode"] for fixture in data["reviewer_queue_readback_fixtures"]} == { + "no_write_fixture" + } + + zero_fields = [ + "owner_approval_received_count", + "canonical_runtime_target_read_count", + "live_query_count", + "reviewer_queue_write_count", + "gateway_queue_write_count", + "telegram_send_count", + "bot_api_call_count", + "report_receipt_write_count", + "result_capture_write_count", + "learning_write_count", + "playbook_trust_write_count", + "production_write_count", + "secret_read_count", + "destructive_operation_count", + ] + for field in zero_fields: + assert rollups[field] == 0 + + +def test_reviewer_queue_no_write_readback_rejects_queue_write_enabled(tmp_path: Path) -> None: + source = json.loads(FIXTURE.read_text(encoding="utf-8")) + source["reviewer_queue_readback_fixtures"][0]["reviewer_queue_write_enabled"] = True + target = tmp_path / "ai_agent_reviewer_queue_no_write_readback_2026-06-13.json" + target.write_text(json.dumps(source), encoding="utf-8") + + with pytest.raises(ValueError, match="must not enable reviewer queue write"): + load_latest_ai_agent_reviewer_queue_no_write_readback(tmp_path) + + +def test_reviewer_queue_no_write_readback_rejects_truth_write_flag(tmp_path: Path) -> None: + source = json.loads(FIXTURE.read_text(encoding="utf-8")) + source["readback_truth"]["reviewer_queue_write_enabled"] = True + target = tmp_path / "ai_agent_reviewer_queue_no_write_readback_2026-06-13.json" + target.write_text(json.dumps(source), encoding="utf-8") + + with pytest.raises(ValueError, match="live read/send/write flags"): + load_latest_ai_agent_reviewer_queue_no_write_readback(tmp_path) + + +def test_reviewer_queue_no_write_readback_rejects_target_queue_drift(tmp_path: Path) -> None: + source = json.loads(FIXTURE.read_text(encoding="utf-8")) + source["queue_item_mappings"][0]["target_queue"] = "live_reviewer_queue" + target = tmp_path / "ai_agent_reviewer_queue_no_write_readback_2026-06-13.json" + target.write_text(json.dumps(source), encoding="utf-8") + + with pytest.raises(ValueError, match="must target reviewer_queue_preview"): + load_latest_ai_agent_reviewer_queue_no_write_readback(tmp_path) + + +def test_reviewer_queue_no_write_readback_rejects_rollup_drift(tmp_path: Path) -> None: + source = json.loads(FIXTURE.read_text(encoding="utf-8")) + source["rollups"]["reviewer_queue_readback_fixture_count"] = 4 + target = tmp_path / "ai_agent_reviewer_queue_no_write_readback_2026-06-13.json" + target.write_text(json.dumps(source), encoding="utf-8") + + with pytest.raises(ValueError, match="rollup counts mismatch"): + load_latest_ai_agent_reviewer_queue_no_write_readback(tmp_path) + + +def test_reviewer_queue_no_write_readback_rejects_forbidden_display_terms(tmp_path: Path) -> None: + source = copy.deepcopy(json.loads(FIXTURE.read_text(encoding="utf-8"))) + source["operator_actions"][0]["operator_instruction"] = "do not expose session_id" + target = tmp_path / "ai_agent_reviewer_queue_no_write_readback_2026-06-13.json" + target.write_text(json.dumps(source), encoding="utf-8") + + with pytest.raises(ValueError, match="forbidden display terms"): + load_latest_ai_agent_reviewer_queue_no_write_readback(tmp_path) diff --git a/apps/api/tests/test_ai_agent_reviewer_queue_no_write_readback_api.py b/apps/api/tests/test_ai_agent_reviewer_queue_no_write_readback_api.py new file mode 100644 index 00000000..24bda603 --- /dev/null +++ b/apps/api/tests/test_ai_agent_reviewer_queue_no_write_readback_api.py @@ -0,0 +1,43 @@ +import pytest +from httpx import ASGITransport, AsyncClient + +from src.main import app + + +@pytest.mark.asyncio +async def test_get_agent_reviewer_queue_no_write_readback_api() -> None: + transport = ASGITransport(app=app) + async with AsyncClient(transport=transport, base_url="http://test") as client: + response = await client.get("/api/v1/agents/agent-reviewer-queue-no-write-readback") + + assert response.status_code == 200 + data = response.json() + assert data["schema_version"] == "ai_agent_reviewer_queue_no_write_readback_v1" + assert data["program_status"]["current_task_id"] == "P2-117" + assert data["program_status"]["next_task_id"] == "P2-118" + assert data["program_status"]["overall_completion_percent"] == 100 + + rollups = data["rollups"] + assert rollups["reviewer_queue_readback_fixture_count"] == 5 + assert rollups["queue_item_mapping_count"] == 5 + assert rollups["readback_verifier_check_count"] == 5 + assert rollups["blocked_queue_write_count"] == 5 + assert rollups["operator_action_count"] == 5 + assert rollups["critical_blocker_count"] == 3 + assert rollups["owner_approval_received_count"] == 0 + assert rollups["canonical_runtime_target_read_count"] == 0 + assert rollups["live_query_count"] == 0 + assert rollups["reviewer_queue_write_count"] == 0 + assert rollups["gateway_queue_write_count"] == 0 + assert rollups["telegram_send_count"] == 0 + assert rollups["bot_api_call_count"] == 0 + assert rollups["report_receipt_write_count"] == 0 + assert rollups["result_capture_write_count"] == 0 + assert rollups["learning_write_count"] == 0 + assert rollups["playbook_trust_write_count"] == 0 + assert rollups["production_write_count"] == 0 + + assert {mapping["target_queue"] for mapping in data["queue_item_mappings"]} == {"reviewer_queue_preview"} + assert {fixture["reviewer_queue_write_enabled"] for fixture in data["reviewer_queue_readback_fixtures"]} == { + False + } diff --git a/apps/web/messages/en.json b/apps/web/messages/en.json index 8237dc00..86aac739 100644 --- a/apps/web/messages/en.json +++ b/apps/web/messages/en.json @@ -5577,6 +5577,38 @@ "blockedAction": "blocked:{value}", "runtimeSendAllowed": "runtime send={value}" } + }, + "reviewerQueueNoWriteReadback": { + "title": "P2-117 reviewer queue no-write readback", + "source": "產生 {generated};目前 {current};下一步 {next}", + "priorTitle": "前一關 no-send replay", + "truthTitle": "Reviewer queue no-write truth", + "metrics": { + "overall": "完成度", + "fixtures": "Reviewer fixtures", + "mappings": "Queue mappings", + "verifiers": "Verifiers", + "blockers": "Blocked writes", + "actions": "操作選項", + "approvalRequired": "需批准", + "blocked": "阻擋", + "liveWrites": "Live queue / write" + }, + "flags": { + "packageReady": "package ready={value}", + "mappingReady": "mapping ready={value}" + }, + "labels": { + "targetQueue": "目標 queue:{value}", + "reviewerWrites": "reviewer write={value}", + "queueWrites": "Gateway queue={value}", + "resultWrites": "result write={value}", + "queueLane": "lane:{value}", + "queueWriteEnabled": "queue write={value}", + "requiredReviewer": "reviewer:{value}", + "blockedAction": "blocked:{value}", + "runtimeQueueWriteAllowed": "runtime queue write={value}" + } } } }, diff --git a/apps/web/messages/zh-TW.json b/apps/web/messages/zh-TW.json index 8237dc00..86aac739 100644 --- a/apps/web/messages/zh-TW.json +++ b/apps/web/messages/zh-TW.json @@ -5577,6 +5577,38 @@ "blockedAction": "blocked:{value}", "runtimeSendAllowed": "runtime send={value}" } + }, + "reviewerQueueNoWriteReadback": { + "title": "P2-117 reviewer queue no-write readback", + "source": "產生 {generated};目前 {current};下一步 {next}", + "priorTitle": "前一關 no-send replay", + "truthTitle": "Reviewer queue no-write truth", + "metrics": { + "overall": "完成度", + "fixtures": "Reviewer fixtures", + "mappings": "Queue mappings", + "verifiers": "Verifiers", + "blockers": "Blocked writes", + "actions": "操作選項", + "approvalRequired": "需批准", + "blocked": "阻擋", + "liveWrites": "Live queue / write" + }, + "flags": { + "packageReady": "package ready={value}", + "mappingReady": "mapping ready={value}" + }, + "labels": { + "targetQueue": "目標 queue:{value}", + "reviewerWrites": "reviewer write={value}", + "queueWrites": "Gateway queue={value}", + "resultWrites": "result write={value}", + "queueLane": "lane:{value}", + "queueWriteEnabled": "queue write={value}", + "requiredReviewer": "reviewer:{value}", + "blockedAction": "blocked:{value}", + "runtimeQueueWriteAllowed": "runtime queue write={value}" + } } } }, diff --git a/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx b/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx index 35e40daa..5d51ba71 100644 --- a/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx +++ b/apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx @@ -64,6 +64,7 @@ import { type AiAgentRuntimeReadbackPromotionGateSnapshot, type AiAgentCanonicalRuntimeReadbackOwnerAcceptanceSnapshot, type AiAgentFailureReceiptNoSendReplaySnapshot, + type AiAgentReviewerQueueNoWriteReadbackSnapshot, type AiAgentOwnerApprovedFixturePromotionGateSnapshot, type AiAgentRuntimeWorkerShadowGateSnapshot, type AiAgentRuntimeVerifierEvidenceReviewSnapshot, @@ -450,6 +451,7 @@ export function AutomationInventoryTab() { const [ownerApprovedFixturePromotionGate, setOwnerApprovedFixturePromotionGate] = useState(null) const [canonicalRuntimeReadbackOwnerAcceptance, setCanonicalRuntimeReadbackOwnerAcceptance] = useState(null) const [failureReceiptNoSendReplay, setFailureReceiptNoSendReplay] = useState(null) + const [reviewerQueueNoWriteReadback, setReviewerQueueNoWriteReadback] = useState(null) const [reportTruthActionabilityReview, setReportTruthActionabilityReview] = useState(null) const [ownerDryRunPackage, setOwnerDryRunPackage] = useState(null) const [hostStatefulInventory, setHostStatefulInventory] = useState(null) @@ -503,6 +505,7 @@ export function AutomationInventoryTab() { apiClient.getAiAgentOwnerApprovedFixturePromotionGate(), apiClient.getAiAgentCanonicalRuntimeReadbackOwnerAcceptance(), apiClient.getAiAgentFailureReceiptNoSendReplay(), + apiClient.getAiAgentReviewerQueueNoWriteReadback(), apiClient.getAiAgentReportTruthActionabilityReview(), apiClient.getAiAgentOwnerApprovedFixtureDryRun(), apiClient.getAiAgentHostStatefulVersionInventory(), @@ -555,6 +558,7 @@ export function AutomationInventoryTab() { ownerApprovedFixturePromotionGateResult, canonicalRuntimeReadbackOwnerAcceptanceResult, failureReceiptNoSendReplayResult, + reviewerQueueNoWriteReadbackResult, reportTruthActionabilityReviewResult, ownerDryRunPackageResult, hostStatefulInventoryResult, @@ -604,6 +608,7 @@ export function AutomationInventoryTab() { setOwnerApprovedFixturePromotionGate(ownerApprovedFixturePromotionGateResult.status === 'fulfilled' ? ownerApprovedFixturePromotionGateResult.value : null) setCanonicalRuntimeReadbackOwnerAcceptance(canonicalRuntimeReadbackOwnerAcceptanceResult.status === 'fulfilled' ? canonicalRuntimeReadbackOwnerAcceptanceResult.value : null) setFailureReceiptNoSendReplay(failureReceiptNoSendReplayResult.status === 'fulfilled' ? failureReceiptNoSendReplayResult.value : null) + setReviewerQueueNoWriteReadback(reviewerQueueNoWriteReadbackResult.status === 'fulfilled' ? reviewerQueueNoWriteReadbackResult.value : null) setReportTruthActionabilityReview(reportTruthActionabilityReviewResult.status === 'fulfilled' ? reportTruthActionabilityReviewResult.value : null) setOwnerDryRunPackage(ownerDryRunPackageResult.status === 'fulfilled' ? ownerDryRunPackageResult.value : null) setHostStatefulInventory(hostStatefulInventoryResult.status === 'fulfilled' ? hostStatefulInventoryResult.value : null) @@ -651,6 +656,7 @@ export function AutomationInventoryTab() { ownerApprovedFixturePromotionGateResult, canonicalRuntimeReadbackOwnerAcceptanceResult, failureReceiptNoSendReplayResult, + reviewerQueueNoWriteReadbackResult, reportTruthActionabilityReviewResult, ownerDryRunPackageResult, hostStatefulInventoryResult, @@ -1893,7 +1899,7 @@ export function AutomationInventoryTab() { ) } - if (error || !snapshot || !backlog || !backupTargets || !backupReadiness || !backupPolicy || !offsiteEscrow || !giteaHealth || !observabilityMatrix || !providerRouteMatrix || !deploymentLayout || !proactiveOperations || !interactionLearningProof || !liveReadModelGate || !redisDryRunGate || !learningWritebackPackage || !telegramReceiptPackage || !ownerApprovedLearningDryRun || !runtimeWriteGateReview || !postWriteVerifierPackage || !runtimeVerifierEvidenceReview || !reportAutomationReview || !reportStatusBoard || !reportRuntimeReadiness || !reportRuntimeDryRun || !reportRuntimeFixtureReadback || !runtimeWorkerShadowGate || !operationPermissionModel || !candidateOperationDryRunEvidence || !taskResultAuditTrail || !matchedPlaybookLearningGap || !criticReviewerResultCapture || !ownerApprovedResultCaptureDryRun || !ownerApprovedResultCaptureReadback || !runtimeReadbackApprovalPackage || !runtimeReadbackImplementationReview || !reportLiveDeliveryApprovalPackage || !runtimeReadbackFixtureApproval || !runtimeReadbackPromotionGate || !ownerApprovedFixturePromotionGate || !canonicalRuntimeReadbackOwnerAcceptance || !failureReceiptNoSendReplay || !reportTruthActionabilityReview || !ownerDryRunPackage || !hostStatefulInventory || !serviceHealthGapMatrix || !serviceHealthNotificationPolicy) { + if (error || !snapshot || !backlog || !backupTargets || !backupReadiness || !backupPolicy || !offsiteEscrow || !giteaHealth || !observabilityMatrix || !providerRouteMatrix || !deploymentLayout || !proactiveOperations || !interactionLearningProof || !liveReadModelGate || !redisDryRunGate || !learningWritebackPackage || !telegramReceiptPackage || !ownerApprovedLearningDryRun || !runtimeWriteGateReview || !postWriteVerifierPackage || !runtimeVerifierEvidenceReview || !reportAutomationReview || !reportStatusBoard || !reportRuntimeReadiness || !reportRuntimeDryRun || !reportRuntimeFixtureReadback || !runtimeWorkerShadowGate || !operationPermissionModel || !candidateOperationDryRunEvidence || !taskResultAuditTrail || !matchedPlaybookLearningGap || !criticReviewerResultCapture || !ownerApprovedResultCaptureDryRun || !ownerApprovedResultCaptureReadback || !runtimeReadbackApprovalPackage || !runtimeReadbackImplementationReview || !reportLiveDeliveryApprovalPackage || !runtimeReadbackFixtureApproval || !runtimeReadbackPromotionGate || !ownerApprovedFixturePromotionGate || !canonicalRuntimeReadbackOwnerAcceptance || !failureReceiptNoSendReplay || !reviewerQueueNoWriteReadback || !reportTruthActionabilityReview || !ownerDryRunPackage || !hostStatefulInventory || !serviceHealthGapMatrix || !serviceHealthNotificationPolicy) { return (
@@ -2491,6 +2497,35 @@ export function AutomationInventoryTab() { + failureReceiptNoSendReplay.rollups.playbook_trust_write_count + failureReceiptNoSendReplay.rollups.production_write_count ) + const reviewerQueueOverall = reviewerQueueNoWriteReadback.program_status.overall_completion_percent + const reviewerQueueFixtures = reviewerQueueNoWriteReadback.rollups.reviewer_queue_readback_fixture_count + const reviewerQueueMappings = reviewerQueueNoWriteReadback.rollups.queue_item_mapping_count + const reviewerQueueVerifiers = reviewerQueueNoWriteReadback.rollups.readback_verifier_check_count + const reviewerQueueBlockers = reviewerQueueNoWriteReadback.rollups.blocked_queue_write_count + const reviewerQueueActions = reviewerQueueNoWriteReadback.rollups.operator_action_count + const reviewerQueueApprovalRequired = ( + reviewerQueueNoWriteReadback.rollups.approval_required_fixture_count + + reviewerQueueNoWriteReadback.rollups.approval_required_mapping_count + + reviewerQueueNoWriteReadback.rollups.approval_required_verifier_count + ) + const reviewerQueueBlocked = ( + reviewerQueueNoWriteReadback.rollups.blocked_fixture_count + + reviewerQueueNoWriteReadback.rollups.blocked_mapping_count + + reviewerQueueNoWriteReadback.rollups.critical_blocker_count + ) + const reviewerQueueLiveWrites = ( + reviewerQueueNoWriteReadback.rollups.canonical_runtime_target_read_count + + reviewerQueueNoWriteReadback.rollups.live_query_count + + reviewerQueueNoWriteReadback.rollups.reviewer_queue_write_count + + reviewerQueueNoWriteReadback.rollups.gateway_queue_write_count + + reviewerQueueNoWriteReadback.rollups.telegram_send_count + + reviewerQueueNoWriteReadback.rollups.bot_api_call_count + + reviewerQueueNoWriteReadback.rollups.report_receipt_write_count + + reviewerQueueNoWriteReadback.rollups.result_capture_write_count + + reviewerQueueNoWriteReadback.rollups.learning_write_count + + reviewerQueueNoWriteReadback.rollups.playbook_trust_write_count + + reviewerQueueNoWriteReadback.rollups.production_write_count + ) const reportTruthOverall = reportTruthActionabilityReview.program_status.overall_completion_percent const reportTruthFindings = reportTruthActionabilityReview.rollups.zero_signal_finding_count const reportTruthCritical = reportTruthActionabilityReview.rollups.critical_finding_count @@ -6643,6 +6678,139 @@ export function AutomationInventoryTab() {
+
+
+
+ + + {t('reviewerQueueNoWriteReadback.title')} + +
+ +
+ +
+ } /> + } /> + } /> + } /> + } /> + } /> + } /> + } /> + } /> +
+ +
+
+ {t('reviewerQueueNoWriteReadback.priorTitle')} + + {reviewerQueueNoWriteReadback.prior_failure_receipt_replay.readiness_note} + +
+ + + +
+
+ +
+ {t('reviewerQueueNoWriteReadback.truthTitle')} + + {reviewerQueueNoWriteReadback.readback_truth.truth_note} + +
+ + + + + + +
+
+
+ +
+ {reviewerQueueNoWriteReadback.reviewer_queue_readback_fixtures.slice(0, 3).map(fixture => ( +
+
+ + {fixture.display_name} + + +
+ + {fixture.next_manual_action} + +
+ + + +
+
+ ))} +
+ +
+ {reviewerQueueNoWriteReadback.queue_item_mappings.slice(0, 5).map(mapping => ( +
+
+ + {mapping.display_name} + + +
+
+ + + +
+
+ ))} +
+ +
+ {reviewerQueueNoWriteReadback.blocked_queue_writes.slice(0, 3).map(blocker => ( +
+
+ + {blocker.display_name} + + +
+
+ + +
+
+ ))} +
+ +
+ {reviewerQueueNoWriteReadback.operator_actions.slice(0, 3).map(action => ( +
+
+ + {action.display_name} + + +
+ + {action.operator_instruction} + + +
+ ))} +
+
+
diff --git a/apps/web/src/lib/api-client.ts b/apps/web/src/lib/api-client.ts index 2b819725..6d988aa2 100644 --- a/apps/web/src/lib/api-client.ts +++ b/apps/web/src/lib/api-client.ts @@ -480,6 +480,11 @@ export const apiClient = { return handleResponse(res) }, + async getAiAgentReviewerQueueNoWriteReadback() { + const res = await fetch(`${API_BASE_URL}/agents/agent-reviewer-queue-no-write-readback`) + return handleResponse(res) + }, + async getAiAgentOwnerApprovedFixtureDryRun() { const res = await fetch(`${API_BASE_URL}/agents/agent-owner-approved-fixture-dry-run`) return handleResponse(res) @@ -4993,6 +4998,156 @@ export interface AiAgentFailureReceiptNoSendReplaySnapshot { } } +export interface AiAgentReviewerQueueNoWriteReadbackSnapshot { + schema_version: 'ai_agent_reviewer_queue_no_write_readback_v1' + generated_at: string + program_status: { + overall_completion_percent: number + current_priority: 'P0' | 'P1' | 'P2' | 'P3' + current_task_id: 'P2-117' + next_task_id: 'P2-118' + read_only_mode: true + runtime_authority: 'reviewer_queue_no_write_readback_only_no_queue_write_or_send' + status_note: string + } + source_refs: string[] + prior_failure_receipt_replay: { + schema_version: string + no_send_replay_fixture_count: number + route_lock_check_count: number + replay_verifier_check_count: number + blocked_send_count: number + operator_action_count: number + failure_receipt_send_count: number + gateway_queue_write_count: number + telegram_send_count: number + bot_api_call_count: number + reviewer_queue_write_count: number + result_capture_write_count: number + readiness_note: string + } + readback_truth: { + p2_116_no_send_replay_loaded: boolean + reviewer_queue_readback_package_ready: boolean + reviewer_queue_fixture_ready: boolean + queue_item_mapping_ready: boolean + no_write_verifier_ready: boolean + operator_handoff_ready: boolean + result_capture_preview_ready: boolean + owner_approval_received: boolean + canonical_runtime_target_read_enabled: boolean + live_query_enabled: boolean + reviewer_queue_write_enabled: boolean + gateway_queue_write_enabled: boolean + telegram_send_enabled: boolean + bot_api_call_enabled: boolean + report_receipt_write_enabled: boolean + result_capture_write_enabled: boolean + learning_write_enabled: boolean + playbook_trust_write_enabled: boolean + production_write_enabled: boolean + secret_read_enabled: boolean + destructive_operation_enabled: boolean + owner_approval_received_count: number + canonical_runtime_target_read_count: number + live_query_count: number + reviewer_queue_write_count: number + gateway_queue_write_count: number + telegram_send_count: number + bot_api_call_count: number + report_receipt_write_count: number + result_capture_write_count: number + learning_write_count: number + playbook_trust_write_count: number + production_write_count: number + truth_note: string + } + reviewer_queue_readback_fixtures: Array<{ + fixture_id: string + display_name: string + owner_agent: 'openclaw' | 'hermes' | 'nemotron' + source_replay_fixture_id: string + status: 'ready_for_owner_review' | 'approval_required' | 'blocked_by_policy' + queue_lane: string + readback_mode: 'no_write_fixture' + reviewer_queue_write_enabled: false + next_manual_action: string + evidence_hash: string + }> + queue_item_mappings: Array<{ + mapping_id: string + display_name: string + status: 'ready' | 'approval_required' | 'blocked_by_policy' + source_fixture_id: string + target_queue: string + queue_write_enabled: false + required_reviewer: string + evidence_hash: string + }> + readback_verifier_checks: Array<{ + verifier_id: string + display_name: string + owner_agent: 'openclaw' | 'hermes' | 'nemotron' + status: 'ready' | 'approval_required' | 'blocked_by_policy' + verifies: string + failure_if_missing: string + live_execution_enabled: false + evidence_hash: string + }> + blocked_queue_writes: Array<{ + blocker_id: string + display_name: string + severity: 'high' | 'critical' + status: 'approval_required' | 'blocked_by_policy' + blocked_action: string + blocked_until: string + evidence_hash: string + }> + operator_actions: Array<{ + action_id: string + display_name: string + owner_agent: 'openclaw' | 'hermes' | 'nemotron' + operator_instruction: string + runtime_queue_write_allowed: false + }> + display_redaction_contract: { + redaction_required: true + raw_prompt_display_allowed: false + private_reasoning_display_allowed: false + secret_value_display_allowed: false + raw_runtime_payload_display_allowed: false + internal_collaboration_content_display_allowed: false + frontend_display_policy: string + } + rollups: { + reviewer_queue_readback_fixture_count: number + queue_item_mapping_count: number + readback_verifier_check_count: number + blocked_queue_write_count: number + operator_action_count: number + approval_required_fixture_count: number + blocked_fixture_count: number + approval_required_mapping_count: number + blocked_mapping_count: number + approval_required_verifier_count: number + critical_blocker_count: number + owner_approval_received_count: number + canonical_runtime_target_read_count: number + live_query_count: number + reviewer_queue_write_count: number + gateway_queue_write_count: number + telegram_send_count: number + bot_api_call_count: number + report_receipt_write_count: number + result_capture_write_count: number + learning_write_count: number + playbook_trust_write_count: number + production_write_count: number + secret_read_count: number + destructive_operation_count: number + } +} + export interface AiAgentOwnerApprovedFixtureDryRunSnapshot { schema_version: 'ai_agent_owner_approved_fixture_dry_run_v1' generated_at: string diff --git a/docs/evaluations/ai_agent_reviewer_queue_no_write_readback_2026-06-13.json b/docs/evaluations/ai_agent_reviewer_queue_no_write_readback_2026-06-13.json new file mode 100644 index 00000000..736c0b35 --- /dev/null +++ b/docs/evaluations/ai_agent_reviewer_queue_no_write_readback_2026-06-13.json @@ -0,0 +1,356 @@ +{ + "schema_version": "ai_agent_reviewer_queue_no_write_readback_v1", + "generated_at": "2026-06-13T20:30:00+08:00", + "program_status": { + "overall_completion_percent": 100, + "current_priority": "P2", + "current_task_id": "P2-117", + "next_task_id": "P2-118", + "read_only_mode": true, + "runtime_authority": "reviewer_queue_no_write_readback_only_no_queue_write_or_send", + "status_note": "P2-117 只把 P2-116 failure receipt no-send replay 整理成 reviewer queue no-write readback;不得寫 reviewer queue、不得寫 Gateway queue、不得送 Telegram、不得寫 result capture / production。" + }, + "source_refs": [ + "docs/evaluations/ai_agent_failure_receipt_no_send_replay_2026-06-13.json", + "docs/evaluations/ai_agent_canonical_runtime_readback_owner_acceptance_2026-06-13.json", + "docs/evaluations/ai_agent_runtime_readback_promotion_gate_2026-06-13.json", + "docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md#37-建立-failure-receipt-no-send-replay" + ], + "prior_failure_receipt_replay": { + "schema_version": "ai_agent_failure_receipt_no_send_replay_v1", + "no_send_replay_fixture_count": 5, + "route_lock_check_count": 4, + "replay_verifier_check_count": 5, + "blocked_send_count": 5, + "operator_action_count": 5, + "failure_receipt_send_count": 0, + "gateway_queue_write_count": 0, + "telegram_send_count": 0, + "bot_api_call_count": 0, + "reviewer_queue_write_count": 0, + "result_capture_write_count": 0, + "readiness_note": "P2-116 已正式驗證 failure receipt no-send replay;P2-117 只建立 reviewer queue no-write readback fixture、queue item mapping、verifier 與人工操作選項。" + }, + "readback_truth": { + "p2_116_no_send_replay_loaded": true, + "reviewer_queue_readback_package_ready": true, + "reviewer_queue_fixture_ready": true, + "queue_item_mapping_ready": true, + "no_write_verifier_ready": true, + "operator_handoff_ready": true, + "result_capture_preview_ready": true, + "owner_approval_received": false, + "canonical_runtime_target_read_enabled": false, + "live_query_enabled": false, + "reviewer_queue_write_enabled": false, + "gateway_queue_write_enabled": false, + "telegram_send_enabled": false, + "bot_api_call_enabled": false, + "report_receipt_write_enabled": false, + "result_capture_write_enabled": false, + "learning_write_enabled": false, + "playbook_trust_write_enabled": false, + "production_write_enabled": false, + "secret_read_enabled": false, + "destructive_operation_enabled": false, + "owner_approval_received_count": 0, + "canonical_runtime_target_read_count": 0, + "live_query_count": 0, + "reviewer_queue_write_count": 0, + "gateway_queue_write_count": 0, + "telegram_send_count": 0, + "bot_api_call_count": 0, + "report_receipt_write_count": 0, + "result_capture_write_count": 0, + "learning_write_count": 0, + "playbook_trust_write_count": 0, + "production_write_count": 0, + "truth_note": "reviewer queue readback 已可審查;真正 reviewer queue write、Gateway queue write、Telegram send、Bot API、report receipt 與 result capture 仍全部為 0。" + }, + "reviewer_queue_readback_fixtures": [ + { + "fixture_id": "reviewer_queue_action_required_failure_receipt", + "display_name": "Action-required reviewer queue preview", + "owner_agent": "openclaw", + "source_replay_fixture_id": "telegram_failure_receipt_action_required", + "status": "ready_for_owner_review", + "queue_lane": "manual_repair_review", + "readback_mode": "no_write_fixture", + "reviewer_queue_write_enabled": false, + "next_manual_action": "審查修復候選、rollback 條件與 SRE 戰情室回執內容,確認是否可進入人工修復選項。", + "evidence_hash": "sha256:4141414141414141414141414141414141414141414141414141414141414141" + }, + { + "fixture_id": "reviewer_queue_no_action_decision", + "display_name": "No-action decision reviewer preview", + "owner_agent": "hermes", + "source_replay_fixture_id": "telegram_failure_receipt_no_action", + "status": "approval_required", + "queue_lane": "manual_no_action_review", + "readback_mode": "no_write_fixture", + "reviewer_queue_write_enabled": false, + "next_manual_action": "補齊為什麼 AI 選擇 no-action 的證據,產出人工判讀 checklist,不得直接結案。", + "evidence_hash": "sha256:4242424242424242424242424242424242424242424242424242424242424242" + }, + { + "fixture_id": "reviewer_queue_verifier_degraded", + "display_name": "Verifier degraded reviewer preview", + "owner_agent": "nemotron", + "source_replay_fixture_id": "telegram_failure_receipt_verifier_degraded", + "status": "blocked_by_policy", + "queue_lane": "rollback_or_reverify_review", + "readback_mode": "no_write_fixture", + "reviewer_queue_write_enabled": false, + "next_manual_action": "確認 verifier degraded 的根因、rollback 條件與下一次 readback verifier,不得寫 result capture。", + "evidence_hash": "sha256:4343434343434343434343434343434343434343434343434343434343434343" + }, + { + "fixture_id": "reviewer_queue_route_locked", + "display_name": "Route locked reviewer preview", + "owner_agent": "openclaw", + "source_replay_fixture_id": "telegram_failure_receipt_route_locked", + "status": "approval_required", + "queue_lane": "sre_route_lock_review", + "readback_mode": "no_write_fixture", + "reviewer_queue_write_enabled": false, + "next_manual_action": "確認只允許 AwoooI SRE 戰情室路由,舊 bot / 舊群組不得重新啟用。", + "evidence_hash": "sha256:4444444444444444444444444444444444444444444444444444444444444444" + }, + { + "fixture_id": "reviewer_queue_result_capture_pending", + "display_name": "Result capture pending reviewer preview", + "owner_agent": "nemotron", + "source_replay_fixture_id": "telegram_failure_receipt_result_capture_pending", + "status": "blocked_by_policy", + "queue_lane": "result_capture_owner_review", + "readback_mode": "no_write_fixture", + "reviewer_queue_write_enabled": false, + "next_manual_action": "確認 result capture owner acceptance、redaction 與 rollback owner,未通過前不得寫 capture。", + "evidence_hash": "sha256:4545454545454545454545454545454545454545454545454545454545454545" + } + ], + "queue_item_mappings": [ + { + "mapping_id": "failure_receipt_to_manual_repair_review", + "display_name": "Failure receipt to manual repair review", + "status": "ready", + "source_fixture_id": "reviewer_queue_action_required_failure_receipt", + "target_queue": "reviewer_queue_preview", + "queue_write_enabled": false, + "required_reviewer": "operator_owner", + "evidence_hash": "sha256:4646464646464646464646464646464646464646464646464646464646464646" + }, + { + "mapping_id": "no_action_to_manual_decision_review", + "display_name": "No-action to manual decision review", + "status": "approval_required", + "source_fixture_id": "reviewer_queue_no_action_decision", + "target_queue": "reviewer_queue_preview", + "queue_write_enabled": false, + "required_reviewer": "openclaw_reviewer", + "evidence_hash": "sha256:4747474747474747474747474747474747474747474747474747474747474747" + }, + { + "mapping_id": "verifier_degraded_to_rollback_review", + "display_name": "Verifier degraded to rollback review", + "status": "blocked_by_policy", + "source_fixture_id": "reviewer_queue_verifier_degraded", + "target_queue": "reviewer_queue_preview", + "queue_write_enabled": false, + "required_reviewer": "rollback_owner", + "evidence_hash": "sha256:4848484848484848484848484848484848484848484848484848484848484848" + }, + { + "mapping_id": "route_locked_to_sre_route_review", + "display_name": "Route locked to SRE route review", + "status": "ready", + "source_fixture_id": "reviewer_queue_route_locked", + "target_queue": "reviewer_queue_preview", + "queue_write_enabled": false, + "required_reviewer": "sre_route_owner", + "evidence_hash": "sha256:4949494949494949494949494949494949494949494949494949494949494949" + }, + { + "mapping_id": "result_capture_to_owner_review", + "display_name": "Result capture to owner review", + "status": "blocked_by_policy", + "source_fixture_id": "reviewer_queue_result_capture_pending", + "target_queue": "reviewer_queue_preview", + "queue_write_enabled": false, + "required_reviewer": "result_capture_owner", + "evidence_hash": "sha256:4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a4a" + } + ], + "readback_verifier_checks": [ + { + "verifier_id": "no_reviewer_queue_write_verifier", + "display_name": "No reviewer queue write verifier", + "owner_agent": "openclaw", + "status": "ready", + "verifies": "reviewer_queue_write_count remains zero", + "failure_if_missing": "若 reviewer queue write 不是 0,必須停止 promotion 並標記 unauthorized write。", + "live_execution_enabled": false, + "evidence_hash": "sha256:4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b4b" + }, + { + "verifier_id": "no_gateway_queue_write_verifier", + "display_name": "No Gateway queue write verifier", + "owner_agent": "hermes", + "status": "ready", + "verifies": "gateway_queue_write_count remains zero", + "failure_if_missing": "若 Gateway queue write 不是 0,必須退回 P2-116 route lock review。", + "live_execution_enabled": false, + "evidence_hash": "sha256:4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c4c" + }, + { + "verifier_id": "no_telegram_send_verifier", + "display_name": "No Telegram send verifier", + "owner_agent": "hermes", + "status": "ready", + "verifies": "telegram_send_count remains zero", + "failure_if_missing": "若 Telegram send 不是 0,必須封鎖 reviewer queue readback promotion。", + "live_execution_enabled": false, + "evidence_hash": "sha256:4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d4d" + }, + { + "verifier_id": "manual_action_completeness_verifier", + "display_name": "Manual action completeness verifier", + "owner_agent": "openclaw", + "status": "approval_required", + "verifies": "each reviewer queue fixture has next_manual_action", + "failure_if_missing": "若缺少人工處理選項,不能進入 P2-118。", + "live_execution_enabled": false, + "evidence_hash": "sha256:4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e4e" + }, + { + "verifier_id": "result_capture_not_written_verifier", + "display_name": "Result capture not written verifier", + "owner_agent": "nemotron", + "status": "approval_required", + "verifies": "result_capture_write_count remains zero", + "failure_if_missing": "若 result capture 已寫入,必須回到 owner acceptance 與 redaction review。", + "live_execution_enabled": false, + "evidence_hash": "sha256:4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f" + } + ], + "blocked_queue_writes": [ + { + "blocker_id": "reviewer_queue_writer_not_authorized", + "display_name": "Reviewer queue writer not authorized", + "severity": "critical", + "status": "blocked_by_policy", + "blocked_action": "reviewer_queue_write", + "blocked_until": "reviewer_queue_owner_gate_approved", + "evidence_hash": "sha256:5050505050505050505050505050505050505050505050505050505050505050" + }, + { + "blocker_id": "gateway_queue_not_authorized", + "display_name": "Gateway queue not authorized", + "severity": "critical", + "status": "blocked_by_policy", + "blocked_action": "gateway_queue_write", + "blocked_until": "gateway_queue_writer_gate_approved", + "evidence_hash": "sha256:5151515151515151515151515151515151515151515151515151515151515151" + }, + { + "blocker_id": "telegram_send_not_authorized", + "display_name": "Telegram send not authorized", + "severity": "high", + "status": "approval_required", + "blocked_action": "telegram_send", + "blocked_until": "telegram_delivery_gate_approved", + "evidence_hash": "sha256:5252525252525252525252525252525252525252525252525252525252525252" + }, + { + "blocker_id": "bot_api_not_authorized", + "display_name": "Bot API not authorized", + "severity": "high", + "status": "approval_required", + "blocked_action": "bot_api_call", + "blocked_until": "bot_api_gate_approved", + "evidence_hash": "sha256:5353535353535353535353535353535353535353535353535353535353535353" + }, + { + "blocker_id": "result_capture_not_authorized", + "display_name": "Result capture not authorized", + "severity": "critical", + "status": "blocked_by_policy", + "blocked_action": "result_capture_write", + "blocked_until": "result_capture_owner_approved", + "evidence_hash": "sha256:5454545454545454545454545454545454545454545454545454545454545454" + } + ], + "operator_actions": [ + { + "action_id": "review_reviewer_queue_preview", + "display_name": "Review reviewer queue preview", + "owner_agent": "openclaw", + "operator_instruction": "審查 5 個 reviewer queue no-write fixture,確認每筆都有下一步人工處理與安全證據 refs。", + "runtime_queue_write_allowed": false + }, + { + "action_id": "verify_no_write_counts", + "display_name": "Verify no-write counts", + "owner_agent": "nemotron", + "operator_instruction": "確認 reviewer queue、Gateway queue、Telegram、Bot API、result capture 的 live counter 全部為 0。", + "runtime_queue_write_allowed": false + }, + { + "action_id": "confirm_manual_options", + "display_name": "Confirm manual options", + "owner_agent": "hermes", + "operator_instruction": "把每個卡點整理成人工可選項:修復候選、no-action 判讀、rollback、補證據或 result capture owner review。", + "runtime_queue_write_allowed": false + }, + { + "action_id": "check_queue_redaction_contract", + "display_name": "Check queue redaction contract", + "owner_agent": "hermes", + "operator_instruction": "確認 reviewer queue preview 不顯示未遮蔽 payload、token、authorization header、私有推理或內部協作內容。", + "runtime_queue_write_allowed": false + }, + { + "action_id": "promote_to_p2_118", + "display_name": "Promote to P2-118", + "owner_agent": "nemotron", + "operator_instruction": "只有 no-write verifier 與 queue item mapping 都通過後,才可進入 P2-118 result capture no-write readback。", + "runtime_queue_write_allowed": false + } + ], + "display_redaction_contract": { + "redaction_required": true, + "raw_prompt_display_allowed": false, + "private_reasoning_display_allowed": false, + "secret_value_display_allowed": false, + "raw_runtime_payload_display_allowed": false, + "internal_collaboration_content_display_allowed": false, + "frontend_display_policy": "只顯示 fixture id、queue lane、狀態、人工下一步、blocked action 與 redacted evidence hash;不顯示未遮蔽 payload、token、私有推理或內部協作內容。" + }, + "rollups": { + "reviewer_queue_readback_fixture_count": 5, + "queue_item_mapping_count": 5, + "readback_verifier_check_count": 5, + "blocked_queue_write_count": 5, + "operator_action_count": 5, + "approval_required_fixture_count": 2, + "blocked_fixture_count": 2, + "approval_required_mapping_count": 1, + "blocked_mapping_count": 2, + "approval_required_verifier_count": 2, + "critical_blocker_count": 3, + "owner_approval_received_count": 0, + "canonical_runtime_target_read_count": 0, + "live_query_count": 0, + "reviewer_queue_write_count": 0, + "gateway_queue_write_count": 0, + "telegram_send_count": 0, + "bot_api_call_count": 0, + "report_receipt_write_count": 0, + "result_capture_write_count": 0, + "learning_write_count": 0, + "playbook_trust_write_count": 0, + "production_write_count": 0, + "secret_read_count": 0, + "destructive_operation_count": 0 + } +} diff --git a/docs/schemas/ai_agent_reviewer_queue_no_write_readback_v1.schema.json b/docs/schemas/ai_agent_reviewer_queue_no_write_readback_v1.schema.json new file mode 100644 index 00000000..e812ccd2 --- /dev/null +++ b/docs/schemas/ai_agent_reviewer_queue_no_write_readback_v1.schema.json @@ -0,0 +1,347 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://awoooi.wooo.work/schemas/ai_agent_reviewer_queue_no_write_readback_v1.schema.json", + "title": "AI Agent Reviewer Queue No-write Readback v1", + "type": "object", + "additionalProperties": false, + "required": [ + "schema_version", + "generated_at", + "program_status", + "source_refs", + "prior_failure_receipt_replay", + "readback_truth", + "reviewer_queue_readback_fixtures", + "queue_item_mappings", + "readback_verifier_checks", + "blocked_queue_writes", + "operator_actions", + "display_redaction_contract", + "rollups" + ], + "properties": { + "schema_version": { + "const": "ai_agent_reviewer_queue_no_write_readback_v1" + }, + "generated_at": { + "type": "string", + "minLength": 1 + }, + "program_status": { + "type": "object", + "additionalProperties": false, + "required": [ + "overall_completion_percent", + "current_priority", + "current_task_id", + "next_task_id", + "read_only_mode", + "runtime_authority", + "status_note" + ], + "properties": { + "overall_completion_percent": { + "const": 100 + }, + "current_priority": { + "const": "P2" + }, + "current_task_id": { + "const": "P2-117" + }, + "next_task_id": { + "const": "P2-118" + }, + "read_only_mode": { + "const": true + }, + "runtime_authority": { + "const": "reviewer_queue_no_write_readback_only_no_queue_write_or_send" + }, + "status_note": { + "type": "string", + "minLength": 1 + } + } + }, + "source_refs": { + "$ref": "#/$defs/string_array" + }, + "prior_failure_receipt_replay": { + "type": "object" + }, + "readback_truth": { + "type": "object" + }, + "reviewer_queue_readback_fixtures": { + "type": "array", + "minItems": 5, + "items": { + "$ref": "#/$defs/reviewer_queue_fixture" + } + }, + "queue_item_mappings": { + "type": "array", + "minItems": 5, + "items": { + "$ref": "#/$defs/queue_item_mapping" + } + }, + "readback_verifier_checks": { + "type": "array", + "minItems": 5, + "items": { + "$ref": "#/$defs/readback_verifier_check" + } + }, + "blocked_queue_writes": { + "type": "array", + "minItems": 5, + "items": { + "$ref": "#/$defs/blocked_queue_write" + } + }, + "operator_actions": { + "type": "array", + "minItems": 5, + "items": { + "$ref": "#/$defs/operator_action" + } + }, + "display_redaction_contract": { + "type": "object" + }, + "rollups": { + "type": "object" + } + }, + "$defs": { + "string_array": { + "type": "array", + "minItems": 1, + "items": { + "type": "string", + "minLength": 1 + } + }, + "hash": { + "type": "string", + "pattern": "^sha256:[0-9a-f]{64}$" + }, + "owner_agent": { + "enum": [ + "openclaw", + "hermes", + "nemotron" + ] + }, + "status": { + "enum": [ + "ready", + "ready_for_owner_review", + "approval_required", + "blocked_by_policy" + ] + }, + "severity": { + "enum": [ + "high", + "critical" + ] + }, + "reviewer_queue_fixture": { + "type": "object", + "additionalProperties": false, + "required": [ + "fixture_id", + "display_name", + "owner_agent", + "source_replay_fixture_id", + "status", + "queue_lane", + "readback_mode", + "reviewer_queue_write_enabled", + "next_manual_action", + "evidence_hash" + ], + "properties": { + "fixture_id": { + "type": "string" + }, + "display_name": { + "type": "string" + }, + "owner_agent": { + "$ref": "#/$defs/owner_agent" + }, + "source_replay_fixture_id": { + "type": "string" + }, + "status": { + "$ref": "#/$defs/status" + }, + "queue_lane": { + "type": "string" + }, + "readback_mode": { + "const": "no_write_fixture" + }, + "reviewer_queue_write_enabled": { + "const": false + }, + "next_manual_action": { + "type": "string", + "minLength": 1 + }, + "evidence_hash": { + "$ref": "#/$defs/hash" + } + } + }, + "queue_item_mapping": { + "type": "object", + "additionalProperties": false, + "required": [ + "mapping_id", + "display_name", + "status", + "source_fixture_id", + "target_queue", + "queue_write_enabled", + "required_reviewer", + "evidence_hash" + ], + "properties": { + "mapping_id": { + "type": "string" + }, + "display_name": { + "type": "string" + }, + "status": { + "$ref": "#/$defs/status" + }, + "source_fixture_id": { + "type": "string" + }, + "target_queue": { + "const": "reviewer_queue_preview" + }, + "queue_write_enabled": { + "const": false + }, + "required_reviewer": { + "type": "string" + }, + "evidence_hash": { + "$ref": "#/$defs/hash" + } + } + }, + "readback_verifier_check": { + "type": "object", + "additionalProperties": false, + "required": [ + "verifier_id", + "display_name", + "owner_agent", + "status", + "verifies", + "failure_if_missing", + "live_execution_enabled", + "evidence_hash" + ], + "properties": { + "verifier_id": { + "type": "string" + }, + "display_name": { + "type": "string" + }, + "owner_agent": { + "$ref": "#/$defs/owner_agent" + }, + "status": { + "$ref": "#/$defs/status" + }, + "verifies": { + "type": "string" + }, + "failure_if_missing": { + "type": "string" + }, + "live_execution_enabled": { + "const": false + }, + "evidence_hash": { + "$ref": "#/$defs/hash" + } + } + }, + "blocked_queue_write": { + "type": "object", + "additionalProperties": false, + "required": [ + "blocker_id", + "display_name", + "severity", + "status", + "blocked_action", + "blocked_until", + "evidence_hash" + ], + "properties": { + "blocker_id": { + "type": "string" + }, + "display_name": { + "type": "string" + }, + "severity": { + "$ref": "#/$defs/severity" + }, + "status": { + "$ref": "#/$defs/status" + }, + "blocked_action": { + "type": "string" + }, + "blocked_until": { + "type": "string" + }, + "evidence_hash": { + "$ref": "#/$defs/hash" + } + } + }, + "operator_action": { + "type": "object", + "additionalProperties": false, + "required": [ + "action_id", + "display_name", + "owner_agent", + "operator_instruction", + "runtime_queue_write_allowed" + ], + "properties": { + "action_id": { + "type": "string" + }, + "display_name": { + "type": "string" + }, + "owner_agent": { + "$ref": "#/$defs/owner_agent" + }, + "operator_instruction": { + "type": "string", + "minLength": 1 + }, + "runtime_queue_write_allowed": { + "const": false + } + } + } + } +}