awoooi/docs/security/dev-hosts-111-168-scope-handoff.snapshot.json

{
  "schema_version": "dev_host_scope_handoff_v1",
  "status": "draft_waiting_owner_review",
  "date": "2026-06-04",
  "mode": "scope_handoff_only",
  "source_evidence_refs": [
    "docs/security/DEV-HOSTS-112-111-168-OBSERVE-ONLY-MAPPING.md",
    "docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md",
    "docs/security/IWOOOS-POSTURE-PROJECTION.md",
    "docs/workplans/2026-06-04-iwooos-security-governance-p0.md",
    "/Users/ogt/.claude/projects/-Users-ogt-awoooi/memory/feedback_ollama_111_only.md",
    "/Users/ogt/.claude/projects/-Users-ogt-awoooi/memory/feedback_secret_debug_output_ban.md",
    "/Users/ogt/.claude/projects/-Users-ogt-awoooi/memory/feedback_ssh_command_security.md"
  ],
  "summary": {
    "hosts": [
      "192.168.0.111",
      "192.168.0.168"
    ],
    "asset_keys": [
      "host:dev-ai-111",
      "host:dev-workstation-168"
    ],
    "scope_handoff_package_ready": true,
    "scope_handoff_completion_percent": 100,
    "host_execution_completion_percent": 0,
    "owner_response_received": false,
    "owner_response_accepted": false,
    "host_change_authorized": false,
    "fallback_route_change_authorized": false,
    "credentialed_scan_authorized": false,
    "active_scan_authorized": false,
    "secret_value_collection_authorized": false,
    "runtime_execution_authorized": false,
    "action_buttons_allowed": false
  },
  "hosts": [
    {
      "host": "192.168.0.111",
      "asset_key": "host:dev-ai-111",
      "role": "Local AI / Ollama fallback / 開發輔助主機",
      "mode": "observe_only",
      "scope_lanes": [
        {
          "lane_id": "ollama-fallback-truth",
          "description": "對齊 ADR-110 三層路由與 local fallback 事實來源，確認 evidence ref 與 owner。",
          "validation_metrics": [
            "Ollama route truth",
            "fallback availability",
            "AI route smoke"
          ],
          "current_authorized": false
        },
        {
          "lane_id": "model-inventory-posture",
          "description": "只收模型清單摘要、模型數量、版本 / tag metadata 與 list hash，不收 prompt、token 或私有資料。",
          "validation_metrics": [
            "model list hash",
            "model tag summary",
            "inventory owner ref"
          ],
          "current_authorized": false
        },
        {
          "lane_id": "service-ssh-policy-posture",
          "description": "只收服務狀態摘要與 SSH policy posture，不登入、不改 service。",
          "validation_metrics": [
            "service status summary",
            "SSH policy posture",
            "rollback owner ref"
          ],
          "current_authorized": false
        }
      ],
      "maintenance_window": {
        "window_status": "waiting_owner_selection",
        "allowed_metadata": [
          "future low-traffic window",
          "stop condition",
          "rollback owner",
          "route validation metrics"
        ],
        "forbidden_actions": [
          "stop_model",
          "restart_ollama",
          "pull_model",
          "delete_model",
          "change_ollama_route",
          "change_firewall"
        ]
      },
      "rollback_plan_draft": [
        {
          "rollback_item": "fallback route rollback",
          "required_evidence": [
            "route before / after refs",
            "fallback owner",
            "AI route smoke",
            "stop condition"
          ],
          "owner_status": "waiting_owner_assignment"
        },
        {
          "rollback_item": "model service rollback",
          "required_evidence": [
            "service state ref",
            "model inventory hash before / after",
            "operator notice owner"
          ],
          "owner_status": "waiting_owner_assignment"
        }
      ]
    },
    {
      "host": "192.168.0.168",
      "asset_key": "host:dev-workstation-168",
      "role": "開發工作站 / local development origin",
      "mode": "observe_only",
      "scope_lanes": [
        {
          "lane_id": "local-development-origin",
          "description": "確認 168 作為本機開發來源、preview origin、dev-only CORS 候選，不改 runtime。",
          "validation_metrics": [
            "CORS origin review",
            "local origin owner ref",
            "production boundary note"
          ],
          "current_authorized": false
        },
        {
          "lane_id": "repo-hygiene",
          "description": "只收 repo 層級 hygiene 摘要、secret scan summary、dirty worktree policy，不讀未授權目錄。",
          "validation_metrics": [
            "repo secret scan summary",
            "repo owner ref",
            "dirty worktree policy"
          ],
          "current_authorized": false
        },
        {
          "lane_id": "local-service-exposure",
          "description": "只收服務清單摘要、port 類型、owner 與 disable note，不做 port scan 或 firewall 變更。",
          "validation_metrics": [
            "local service list summary",
            "service owner ref",
            "rollback / disable note"
          ],
          "current_authorized": false
        }
      ],
      "maintenance_window": {
        "window_status": "waiting_owner_selection",
        "allowed_metadata": [
          "future repo hygiene review window",
          "future local service review window",
          "excluded directories",
          "disable note owner"
        ],
        "forbidden_actions": [
          "credentialed_scan",
          "read_private_directory",
          "change_cors",
          "stop_service",
          "change_local_firewall"
        ]
      },
      "rollback_plan_draft": [
        {
          "rollback_item": "dev CORS rollback",
          "required_evidence": [
            "current allowed origins ref",
            "candidate change note",
            "disable owner",
            "browser smoke plan"
          ],
          "owner_status": "waiting_owner_assignment"
        },
        {
          "rollback_item": "local service disable / restore",
          "required_evidence": [
            "service list summary",
            "owner",
            "restore note",
            "post-check ref"
          ],
          "owner_status": "waiting_owner_assignment"
        }
      ]
    }
  ],
  "owner_response_handoff": {
    "status": "ready_not_dispatched",
    "request_dispatch_authorized": false,
    "required_response_fields": [
      "owner_role_or_team",
      "host_scope_boundary",
      "decision",
      "decision_reason",
      "affected_scope",
      "maintenance_window_expectation",
      "credential_handling_confirmation",
      "rollback_owner",
      "validation_metrics_owner",
      "redacted_evidence_refs",
      "followup_owner"
    ],
    "allowed_decisions": [
      "confirm_observe_only",
      "defer",
      "reject",
      "request_more_evidence"
    ],
    "forbidden_inputs": [
      "model API key value",
      "SSH password",
      "private key",
      "token value",
      "cookie",
      "session",
      "authorization header",
      "personal credential",
      "secret hash",
      "masked token",
      "partial token",
      "command to execute",
      "service restart request",
      "firewall change request",
      "model stop request",
      "CORS apply request",
      "active scan request",
      "credentialed scan request",
      "private directory content"
    ],
    "response_received": false,
    "response_accepted": false
  },
  "credential_handling": {
    "policy": "metadata_only_no_secret_value",
    "allowed_evidence": [
      "present / absent",
      "owner role",
      "scope",
      "document ref",
      "ticket ref",
      "redacted metadata pointer"
    ],
    "forbidden_evidence": [
      "secret value",
      "private key",
      "token",
      "cookie",
      "session",
      "authorization header",
      "model API key",
      "SSH password",
      "personal credential",
      "reversible secret hash",
      "partial token",
      "raw screenshot containing credential"
    ],
    "quarantine_required_on_plaintext_credential": true,
    "secret_value_collection_authorized": false
  },
  "validation_metrics": [
    {
      "host": "192.168.0.111",
      "metrics": [
        "Ollama route truth",
        "fallback availability",
        "model list hash",
        "service status",
        "AI route smoke"
      ]
    },
    {
      "host": "192.168.0.168",
      "metrics": [
        "repo secret scan summary",
        "local service list summary",
        "CORS origin review",
        "rollback / disable note"
      ]
    }
  ],
  "acceptance_rules": [
    "本 handoff 完成不代表 owner response 已收到、已接受或已批准。",
    "192.168.0.111 的 fallback route truth 只能作為 observe-only evidence，不得改 OLLAMA_URL、OLLAMA_SECONDARY_URL、OLLAMA_FALLBACK_URL 或 proxy route。",
    "192.168.0.168 的 repo / CORS / service exposure 只能作為 scope review，不得讀取未授權目錄或個人資料。",
    "所有 credential / secret 類資料只能記錄脫敏 metadata；raw value 一律拒收或隔離。",
    "維護窗口、rollback owner、validation owner 到齊前，不得做 host change、service restart、active scan、credentialed scan 或 runtime gate。",
    "未來 post-check 失敗只能建立人工 follow-up，不得自動修復。"
  ],
  "forbidden_actions": [
    "ssh_to_host",
    "read_private_directory",
    "credentialed_scan",
    "active_scan",
    "port_scan",
    "stop_model",
    "pull_model",
    "delete_model",
    "restart_ollama",
    "change_ollama_route",
    "change_cors",
    "change_firewall",
    "change_service",
    "store_credential_value",
    "enable_runtime_blocking_control",
    "add_awooop_action_button"
  ]
}