{ "schema_version": "security_mirror_intake_plan_v1", "status": "draft", "date": "2026-05-13", "mode": "mirror_only", "runtime_execution_authorized": false, "source_indexes": [ "docs/security/security-mirror-readiness.snapshot.json", "docs/security/security-supply-chain-contract-manifest.snapshot.json", "docs/security/security-approval-queue.snapshot.json", "docs/security/security-mirror-event-sample.snapshot.json", "docs/security/security-mirror-route.snapshot.json", "docs/security/security-mirror-acceptance.snapshot.json", "docs/security/security-mirror-quarantine.snapshot.json", "docs/security/security-mirror-dry-run.snapshot.json", "docs/security/security-mirror-status-rollup.snapshot.json", "docs/security/security-approval-gate.snapshot.json", "docs/security/security-approval-decision-record.snapshot.json", "docs/security/security-approval-review-packet.snapshot.json", "docs/security/security-approval-state-transition.snapshot.json", "docs/security/security-followup-runtime-gate.snapshot.json", "docs/security/source-control-primary-readiness-gate.snapshot.json", "docs/security/source-control-primary-rollback-adr.snapshot.json", "docs/security/source-control-workflow-secret-name-inventory.snapshot.json", "docs/security/iwooos-posture-projection.snapshot.json" ], "intake_waves": [ { "wave_id": "M0_index_bootstrap", "title": "載入 readiness、manifest、低摩擦 policy、鏡像路由、驗收、隔離、dry-run 與狀態彙整契約", "contracts": [ "security_mirror_readiness_v1", "security_supply_chain_contract_manifest_v1", "security_rollout_policy_v1", "security_mirror_event_v1", "security_mirror_route_v1", "security_mirror_acceptance_v1", "security_mirror_quarantine_v1", "security_mirror_dry_run_v1", "security_mirror_status_rollup_v1", "iwooos_posture_projection_v1" ], "destinations": [ "operator_console", "runtime_state", "audit_evidence" ], "allowed_processing": [ "顯示 contract readiness", "顯示 mirror_only enforcement", "顯示 partial_ready / contract_only 原因", "使用 security_mirror_event_v1 包裝 mirror payload", "依 security_mirror_route_v1 分流目的地與 review lane", "依 security_mirror_acceptance_v1 驗收鏡像資料完整性與脫敏狀態", "依 security_mirror_quarantine_v1 隔離驗收失敗 payload", "依 security_mirror_dry_run_v1 回報接入演練結果", "依 security_mirror_status_rollup_v1 顯示跨 Session 狀態與下一個 gate", "依 iwooos_posture_projection_v1 顯示前端資安態勢投影" ], "blocked_processing": [ "runtime_enforcement", "execution_router", "blocking_gate" ], "exit_gate": "Operator Console 能顯示 36 個 contract、5 個 route groups、8 個 acceptance checks、5 個 quarantine lanes、8 個 dry-run steps、status rollup、owner response guard、approval gate、decision record、review packet、state transition、follow-up runtime gate preparation、GitHub primary readiness gate、rollback ADR 與 workflow / secret name inventory gate,且 mirror event envelope action_buttons_allowed=false。" }, { "wave_id": "M1_kali_visibility", "title": "Kali 112 狀態、scope 與 approval queue visibility", "contracts": [ "kali_integration_status_v1", "kali_scan_scope_approval_v1", "security_approval_queue_v1", "security_finding_v1" ], "destinations": [ "operator_console", "runtime_state", "channel_event", "approval_queue", "audit_evidence" ], "allowed_processing": [ "mirror Kali health / update / gap evidence", "顯示 scan scope group", "顯示 approval queue review order", "顯示 redacted finding sample" ], "blocked_processing": [ "start_kali_scan", "call_kali_execute_endpoint", "credentialed_scan", "full_upgrade_or_reboot" ], "exit_gate": "AwoooP 顯示 Kali health、5 個 scan scope groups、8 個 approval queue items,但沒有 action button。" }, { "wave_id": "M2_source_control_visibility", "title": "Gitea/GitHub source-control evidence visibility", "contracts": [ "source_control_migration_event_v1", "gitea_repo_inventory_v1", "local_git_remote_inventory_v1", "github_target_probe_v1", "github_target_decision_v1", "github_target_repo_approval_package_v1", "source_control_approval_board_v1", "source_control_reconcile_plan_v1", "source_control_ref_detail_diff_v1", "source_control_ref_truth_classification_v1", "source_control_primary_readiness_gate_v1", "source_control_primary_rollback_adr_v1", "source_control_workflow_secret_name_inventory_v1", "local_repo_canonical_probe_v1", "git_remote_refs_probe_v1" ], "destinations": [ "operator_console", "runtime_state", "approval_queue", "audit_evidence" ], "allowed_processing": [ "mirror repo/branch/tag 差異", "顯示 pending owner / visibility / canonical decision", "顯示 refs truth review lane", "顯示 GitHub primary readiness blockers、parity gates 與 rollback ADR 草案", "顯示 workflow / webhook / runner / secret 名稱 inventory 缺口,不保存 secret value", "顯示 Gitea inventory partial reason" ], "blocked_processing": [ "create_github_repo", "change_repo_visibility", "sync_git_refs", "switch_github_primary", "delete_or_archive_gitea_repo" ], "exit_gate": "AwoooP 能顯示 source-control blocking reasons,且所有 repo/refs actions 都 disabled。" }, { "wave_id": "M3_approval_candidates", "title": "Approval candidate mirror 與人工決策留痕", "contracts": [ "approval_required_event_v1", "security_approval_queue_v1", "security_approval_gate_v1", "security_approval_decision_record_v1", "security_approval_review_packet_v1", "security_approval_state_transition_v1", "security_followup_runtime_gate_v1", "source_control_primary_readiness_gate_v1", "source_control_primary_rollback_adr_v1", "source_control_workflow_secret_name_inventory_v1", "github_target_repo_approval_package_v1", "source_control_approval_board_v1", "kali_scan_scope_approval_v1" ], "destinations": [ "approval_queue", "operator_console", "audit_evidence" ], "allowed_processing": [ "create_approval_candidate", "record_human_decision", "display_followup_runtime_gate", "display_decision_record", "display_review_packet", "display_decision_next_state", "display_followup_runtime_gate_template", "display_primary_readiness_gate", "display_workflow_secret_name_inventory_gate", "display_required_reviewers", "display_blocked_until_approved" ], "blocked_processing": [ "auto_approve", "execute_after_approval_without_new_runtime_gate", "store_secret_value" ], "exit_gate": "Approval candidate、S3 approval gate、decision record、review packet、state transition 與 follow-up runtime gate preparation 可顯示與留痕,但任何批准後執行仍需要下一階段 runtime gate。" }, { "wave_id": "M4_patch_only_backlog", "title": "Code review / Codex patch-only backlog", "contracts": [ "coding_task_v1" ], "destinations": [ "operator_console", "approval_queue", "audit_evidence" ], "allowed_processing": [ "display_patch_backlog_contract", "create_draft_patch_task_after_review", "request_reviewers" ], "blocked_processing": [ "auto_merge", "production_deploy", "secret_rotation", "network_policy_change" ], "exit_gate": "AwoooP 只顯示 patch-only backlog lane;沒有 Codex runner action。" } ], "acceptance_gates": [ { "gate_id": "MIRROR_ONLY_DEFAULT", "requirement": "所有 intake waves 都必須維持 runtime_execution_authorized=false。", "evidence_ref": "docs/security/security-mirror-intake-plan.snapshot.json" }, { "gate_id": "NO_ACTION_BUTTONS", "requirement": "Operator Console 不得新增 scan、execute、repo、refs、deploy、secret 類 action button。", "evidence_ref": "docs/security/SECURITY-MIRROR-READINESS.md" }, { "gate_id": "REDACTION_ONLY", "requirement": "Mirror payload 不得保存 raw secret、token、cookie、private key 或 exploit payload。", "evidence_ref": "docs/security/SECURITY-LOW-FRICTION-ROLLOUT-POLICY.md" }, { "gate_id": "LOW_MEDIUM_NOT_BLOCKING", "requirement": "LOW / MEDIUM、缺 owner response、partial mirror、source-control drift、Kali observe finding、workflow / secret name gap 與 headline holding 初期只能 observe / warn,不得升為 blocking gate。", "evidence_ref": "docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md" } ], "forbidden_actions": [ "start_kali_scan", "call_kali_execute_endpoint", "run_credentialed_scan", "create_github_repo", "change_repo_visibility", "sync_git_refs", "switch_github_primary", "auto_merge", "production_deploy", "store_secret_token_cookie_private_key_or_exploit_payload" ] }