{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "urn:awoooi:approval-required-event-v1", "title": "AWOOOI 需人工核准事件 (v1)", "description": "高風險資安、Codex patch、GitHub/Gitea 主控切換、credentialed scan 等需要 AwoooP approval 的事件契約。", "type": "object", "required": [ "schema_version", "source_event_type", "source_event_id", "risk", "requested_action", "reason", "required_reviewers", "blocked_until_approved" ], "properties": { "schema_version": { "const": "approval_required_event_v1" }, "source_event_type": { "type": "string", "enum": [ "security_finding_v1", "coding_task_v1", "source_control_migration_event_v1", "gitea_repo_inventory_v1", "github_target_decision_v1", "kali_scan_scope_approval_v1", "manual" ] }, "source_event_id": { "type": "string", "minLength": 1 }, "risk": { "type": "string", "enum": ["MEDIUM", "HIGH", "CRITICAL"] }, "requested_action": { "type": "string", "enum": [ "run_credentialed_scan", "run_active_dast", "run_kali_safe_active_scan", "call_kali_execute_endpoint", "run_kali_full_upgrade_reboot", "ingest_kali_findings_to_runtime", "create_codex_patch", "merge_patch", "production_deploy", "rotate_secret", "change_rbac", "change_network_policy", "change_firewall", "run_gitea_readonly_inventory", "import_gitea_admin_export", "create_github_repo", "change_repo_visibility", "sync_git_refs", "switch_github_primary" ] }, "reason": { "type": "string", "minLength": 1 }, "required_reviewers": { "type": "array", "minItems": 1, "items": { "type": "string", "enum": [ "critic", "vuln-verifier", "migration-engineer", "security-commander", "human-owner" ] }, "uniqueItems": true }, "blocked_until_approved": { "type": "boolean", "const": true }, "evidence_refs": { "type": "array", "items": { "type": "string" } }, "expires_at": { "type": "string", "format": "date-time" } }, "additionalProperties": false }