Files
awoooi/docs/evaluations/ai_agent_controlled_executor_handoff_2026-06-27.json
Your Name b2b51ecbf2
Some checks failed
Code Review / ai-code-review (push) Successful in 22s
CD Pipeline / tests (push) Successful in 1m47s
CD Pipeline / build-and-deploy (push) Successful in 6m20s
CD Pipeline / post-deploy-checks (push) Successful in 2m18s
Ansible / Reboot Recovery Contract / validate (push) Has been cancelled
feat(agents): expose controlled executor handoff runway
2026-06-27 11:43:34 +08:00

618 lines
29 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"schema_version": "ai_agent_controlled_executor_handoff_v1",
"generated_at": "2026-06-27T01:20:00+08:00",
"program_status": {
"overall_completion_percent": 100,
"current_priority": "P0",
"current_task_id": "P2-415",
"next_task_id": "P2-416",
"read_only_mode": true,
"runtime_authority": "controlled_executor_handoff_readback_no_live_apply",
"status_note": "P2-415 承接 P2-409 controlled apply queue把 high 風險候選整理成可交給 executor 的 handoff packetallowlist、Ansible check-mode、rollback、post-action verifier、Telegram evidence、KM / PlayBook trust 回寫全部要可讀。此 readback 不直接執行 live apply。"
},
"source_refs": [
"docs/evaluations/ai_agent_high_risk_owner_review_queue_2026-06-19.json",
"docs/evaluations/ai_agent_action_audit_ledger_2026-06-19.json",
"docs/evaluations/ai_agent_action_owner_acceptance_event_bus_2026-06-19.json",
"docs/evaluations/ai_agent_report_runtime_readiness_2026-06-12.json",
"docs/evaluations/ai_agent_runtime_write_gate_review_2026-06-12.json",
"docs/evaluations/ai_agent_post_write_verifier_package_2026-06-12.json",
"docs/evaluations/ai_agent_learning_writeback_approval_package_2026-06-11.json",
"docs/evaluations/ai_agent_telegram_receipt_approval_package_2026-06-11.json"
],
"source_readbacks": [
{
"readback_id": "p2_409_controlled_apply_queue",
"source_schema_version": "ai_agent_high_risk_owner_review_queue_v1",
"source_ref": "docs/evaluations/ai_agent_high_risk_owner_review_queue_2026-06-19.json",
"endpoint": "GET /api/v1/agents/agent-high-risk-owner-review-queue",
"owner_agent": "openclaw",
"status": "loaded",
"key_readback": "high 風險已轉 controlled_apply_queuecritical / secret / destructive / paid / force-push 維持 break-glass。",
"next_action": "將 5 個 high packet 映射到 executor handoff route。"
},
{
"readback_id": "p2_410_action_audit_ledger",
"source_schema_version": "ai_agent_action_audit_ledger_v1",
"source_ref": "docs/evaluations/ai_agent_action_audit_ledger_2026-06-19.json",
"endpoint": "GET /api/v1/agents/agent-action-audit-ledger",
"owner_agent": "hermes",
"status": "loaded",
"key_readback": "審計事件模板、redacted evidence refs、verifier receipt gate 已可讀。",
"next_action": "讓 executor handoff packet 帶入 immutable audit fields。"
},
{
"readback_id": "p2_411_handoff_event_bus",
"source_schema_version": "ai_agent_action_owner_acceptance_event_bus_v1",
"source_ref": "docs/evaluations/ai_agent_action_owner_acceptance_event_bus_2026-06-19.json",
"endpoint": "GET /api/v1/agents/agent-action-owner-acceptance-event-bus",
"owner_agent": "hermes",
"status": "loaded",
"key_readback": "交接事件、RAG proposal 與 verifier gate 已建好,但舊語意仍偏 no-write。",
"next_action": "把 high 風險 handoff 從 owner hold 改成 controlled executor runway。"
},
{
"readback_id": "runtime_readiness_low_medium_high",
"source_schema_version": "ai_agent_report_runtime_readiness_v1",
"source_ref": "docs/evaluations/ai_agent_report_runtime_readiness_2026-06-12.json",
"endpoint": "GET /api/v1/agents/agent-report-runtime-readiness",
"owner_agent": "openclaw",
"status": "loaded",
"key_readback": "low / medium / high policy 已允許 auto after guardcritical 才需要 break-glass。",
"next_action": "把 policy 轉成 executor handoff allowlist 與 post-action verifier binding。"
},
{
"readback_id": "runtime_write_gate_review",
"source_schema_version": "ai_agent_runtime_write_gate_review_v1",
"source_ref": "docs/evaluations/ai_agent_runtime_write_gate_review_2026-06-12.json",
"endpoint": "GET /api/v1/agents/agent-runtime-write-gate-review",
"owner_agent": "sre",
"status": "loaded",
"key_readback": "runtime write gate 已定義 dry-run hash、post-write verifier、redaction 欄位。",
"next_action": "高風險 handoff packet 必須引用 check-mode 與 post-write verifier ref。"
},
{
"readback_id": "post_write_verifier_package",
"source_schema_version": "ai_agent_post_write_verifier_package_v1",
"source_ref": "docs/evaluations/ai_agent_post_write_verifier_package_2026-06-12.json",
"endpoint": "GET /api/v1/agents/agent-post-write-verifier-package",
"owner_agent": "nemotron",
"status": "loaded",
"key_readback": "post-write verifier package、rollback lane 與 failure lane 已可讀。",
"next_action": "每個 controlled executor packet 必須綁定 verifier 與 rollback lane。"
},
{
"readback_id": "learning_writeback_package",
"source_schema_version": "ai_agent_learning_writeback_approval_package_v1",
"source_ref": "docs/evaluations/ai_agent_learning_writeback_approval_package_2026-06-11.json",
"endpoint": "GET /api/v1/agents/agent-learning-writeback-approval-package",
"owner_agent": "hermes",
"status": "loaded",
"key_readback": "KM、timeline learning、PlayBook trust 與 replay score 回寫欄位已定義。",
"next_action": "讓 executor handoff packet 產出可回寫的 learning receipt preview。"
},
{
"readback_id": "telegram_receipt_package",
"source_schema_version": "ai_agent_telegram_receipt_approval_package_v1",
"source_ref": "docs/evaluations/ai_agent_telegram_receipt_approval_package_2026-06-11.json",
"endpoint": "GET /api/v1/agents/agent-telegram-receipt-approval-package",
"owner_agent": "hermes",
"status": "loaded",
"key_readback": "Telegram receipt、queue、delivery、ack、failure、retry 欄位已定義;不得包含 token 或原始 chat id。",
"next_action": "handoff 成功 / verifier 失敗 / rollback queued 都要能生成脫敏 Telegram evidence。"
}
],
"handoff_truth": {
"p2_409_controlled_apply_queue_loaded": true,
"p2_410_audit_ledger_loaded": true,
"p2_411_handoff_event_bus_loaded": true,
"runtime_readiness_loaded": true,
"runtime_write_gate_loaded": true,
"post_write_verifier_loaded": true,
"learning_writeback_loaded": true,
"telegram_receipt_loaded": true,
"high_risk_controlled_executor_handoff_ready": true,
"high_risk_owner_review_required": false,
"critical_break_glass_required": true,
"allowlist_route_required": true,
"ansible_check_mode_required": true,
"rollback_plan_required": true,
"post_action_verifier_required": true,
"telegram_evidence_required": true,
"km_writeback_required": true,
"playbook_trust_writeback_required": true,
"controlled_executor_dispatch_enabled": false,
"live_apply_enabled": false,
"critical_auto_bypass_allowed": false,
"gateway_queue_write_enabled": false,
"telegram_send_enabled": false,
"bot_api_call_enabled": false,
"km_write_enabled": false,
"playbook_trust_write_enabled": false,
"production_write_enabled": false,
"secret_read_enabled": false,
"paid_api_call_enabled": false,
"host_write_enabled": false,
"kubectl_action_enabled": false,
"destructive_operation_enabled": false,
"controlled_executor_dispatch_count_24h": 0,
"live_apply_count_24h": 0,
"gateway_queue_write_count_24h": 0,
"telegram_send_count_24h": 0,
"bot_api_call_count_24h": 0,
"km_write_count_24h": 0,
"playbook_trust_write_count_24h": 0,
"production_write_count_24h": 0,
"secret_read_count_24h": 0,
"paid_api_call_count_24h": 0,
"host_write_count_24h": 0,
"kubectl_action_count_24h": 0,
"destructive_operation_count_24h": 0,
"truth_note": "high 風險不再停在人工佇列5 個 high packet 已具備 controlled executor handoff 條件。此端點只讀回 handoff runway實際 dispatch / live apply / Telegram send / KM writeback 仍由 executor 與 verifier 計數回報。"
},
"executor_handoff_packets": [
{
"packet_id": "handoff_high_security_response",
"source_queue_item_id": "high_security_response_queue",
"display_name": "資安回應受控 executor 交接",
"risk_tier": "high",
"owner_agent": "openclaw",
"executor_agent": "security",
"executor_type": "ansible_playbook",
"handoff_status": "ready_for_controlled_executor",
"controlled_route_id": "allowlisted_security_response_controlled_apply",
"playbook_ref": "infra/ansible/playbooks/security-controlled-response.yml",
"mcp_tool_ref": "mcp://security/readiness-and-diff",
"check_mode_ref": "ansible-check/security-controlled-response",
"verifier_ref": "verifier://security-post-action-readback",
"rollback_ref": "rollback://security-no-secret-restore-plan",
"telegram_evidence_ref": "telegram-evidence://security-controlled-apply-redacted",
"km_writeback_ref": "km://security-controlled-apply-learning",
"playbook_trust_ref": "playbook-trust://security-controlled-response",
"allowlist_match": true,
"check_mode_passed": true,
"rollback_plan_ready": true,
"post_action_verifier_ready": true,
"telegram_evidence_ready": true,
"km_writeback_ready": true,
"playbook_trust_writeback_ready": true,
"owner_response_required": false,
"break_glass_required": false,
"controlled_executor_handoff_allowed": true,
"live_apply_performed": false,
"side_effect_count": 0,
"blocked_runtime_actions": ["secret read", "credentialed exploit", "active response without verifier"],
"next_gate": "dispatch worker 從此 packet 取 check-mode receipt、執行 controlled apply並把 verifier 結果回寫 KM / PlayBook trust。"
},
{
"packet_id": "handoff_high_data_config_apply",
"source_queue_item_id": "high_data_config_apply_queue",
"display_name": "資料與設定受控 executor 交接",
"risk_tier": "high",
"owner_agent": "sre",
"executor_agent": "devops",
"executor_type": "ansible_playbook",
"handoff_status": "ready_for_controlled_executor",
"controlled_route_id": "allowlisted_config_drift_controlled_apply",
"playbook_ref": "infra/ansible/playbooks/config-drift-controlled-apply.yml",
"mcp_tool_ref": "mcp://config/rendered-diff",
"check_mode_ref": "ansible-check/config-drift-controlled-apply",
"verifier_ref": "verifier://config-route-smoke",
"rollback_ref": "rollback://config-source-of-truth-revert",
"telegram_evidence_ref": "telegram-evidence://config-apply-redacted",
"km_writeback_ref": "km://config-drift-learning",
"playbook_trust_ref": "playbook-trust://config-controlled-apply",
"allowlist_match": true,
"check_mode_passed": true,
"rollback_plan_ready": true,
"post_action_verifier_ready": true,
"telegram_evidence_ready": true,
"km_writeback_ready": true,
"playbook_trust_writeback_ready": true,
"owner_response_required": false,
"break_glass_required": false,
"controlled_executor_handoff_allowed": true,
"live_apply_performed": false,
"side_effect_count": 0,
"blocked_runtime_actions": ["DB DROP", "restore apply", "retention prune"],
"next_gate": "dispatch worker 只能對 source-of-truth diff 執行 check-mode 通過的 controlled apply。"
},
{
"packet_id": "handoff_high_live_telegram_gateway_send",
"source_queue_item_id": "high_live_telegram_gateway_send_queue",
"display_name": "Telegram Gateway 受控 executor 交接",
"risk_tier": "high",
"owner_agent": "hermes",
"executor_agent": "hermes",
"executor_type": "telegram_gateway_queue",
"handoff_status": "ready_for_controlled_executor",
"controlled_route_id": "allowlisted_failure_only_telegram_gateway",
"playbook_ref": "infra/ansible/playbooks/telegram-gateway-route-check.yml",
"mcp_tool_ref": "mcp://telegram-gateway/no-secret-preview",
"check_mode_ref": "gateway-check/failure-only-dedupe-preview",
"verifier_ref": "verifier://telegram-receipt-redacted-readback",
"rollback_ref": "rollback://telegram-dedupe-and-silence-revert",
"telegram_evidence_ref": "telegram-evidence://gateway-message-shape-redacted",
"km_writeback_ref": "km://telegram-delivery-learning",
"playbook_trust_ref": "playbook-trust://telegram-gateway-controlled-send",
"allowlist_match": true,
"check_mode_passed": true,
"rollback_plan_ready": true,
"post_action_verifier_ready": true,
"telegram_evidence_ready": true,
"km_writeback_ready": true,
"playbook_trust_writeback_ready": true,
"owner_response_required": false,
"break_glass_required": false,
"controlled_executor_handoff_allowed": true,
"live_apply_performed": false,
"side_effect_count": 0,
"blocked_runtime_actions": ["direct Bot API", "token read", "raw chat id display"],
"next_gate": "dispatch worker 必須走 Gateway、dedupe key 與 redacted receipt不得直接 Bot API。"
},
{
"packet_id": "handoff_high_report_source_gap_work_item_write",
"source_queue_item_id": "high_report_source_gap_work_item_write_queue",
"display_name": "報表缺口與 KM 回寫 executor 交接",
"risk_tier": "high",
"owner_agent": "hermes",
"executor_agent": "nemotron",
"executor_type": "km_playbook_writer",
"handoff_status": "ready_for_controlled_executor",
"controlled_route_id": "allowlisted_report_gap_learning_writeback",
"playbook_ref": "playbooks/report-source-gap-learning.yml",
"mcp_tool_ref": "mcp://knowledge/redacted-learning-packet",
"check_mode_ref": "writer-check/report-gap-learning-preview",
"verifier_ref": "verifier://km-playbook-trust-receipt",
"rollback_ref": "rollback://km-learning-entry-revert-preview",
"telegram_evidence_ref": "telegram-evidence://learning-writeback-summary",
"km_writeback_ref": "km://report-source-gap-learning",
"playbook_trust_ref": "playbook-trust://report-gap-remediation",
"allowlist_match": true,
"check_mode_passed": true,
"rollback_plan_ready": true,
"post_action_verifier_ready": true,
"telegram_evidence_ready": true,
"km_writeback_ready": true,
"playbook_trust_writeback_ready": true,
"owner_response_required": false,
"break_glass_required": false,
"controlled_executor_handoff_allowed": true,
"live_apply_performed": false,
"side_effect_count": 0,
"blocked_runtime_actions": ["raw report payload write", "private reasoning write", "unbounded embedding write"],
"next_gate": "dispatch worker 只寫 redacted learning packet並以 verifier receipt 更新 trust delta。"
},
{
"packet_id": "handoff_high_host_kubectl_orchestrated_change",
"source_queue_item_id": "high_host_kubectl_orchestrated_change_queue",
"display_name": "主機與 K8s 受控 executor 交接",
"risk_tier": "high",
"owner_agent": "sre",
"executor_agent": "sre",
"executor_type": "ansible_playbook",
"handoff_status": "ready_for_controlled_executor",
"controlled_route_id": "allowlisted_host_k8s_check_mode_apply",
"playbook_ref": "infra/ansible/playbooks/host-k8s-controlled-apply.yml",
"mcp_tool_ref": "mcp://sre/topology-and-health-readback",
"check_mode_ref": "ansible-check/host-k8s-controlled-apply",
"verifier_ref": "verifier://host-k8s-health-postcheck",
"rollback_ref": "rollback://host-k8s-controlled-revert",
"telegram_evidence_ref": "telegram-evidence://host-k8s-apply-summary",
"km_writeback_ref": "km://host-k8s-remediation-learning",
"playbook_trust_ref": "playbook-trust://host-k8s-controlled-apply",
"allowlist_match": true,
"check_mode_passed": true,
"rollback_plan_ready": true,
"post_action_verifier_ready": true,
"telegram_evidence_ready": true,
"km_writeback_ready": true,
"playbook_trust_writeback_ready": true,
"owner_response_required": false,
"break_glass_required": false,
"controlled_executor_handoff_allowed": true,
"live_apply_performed": false,
"side_effect_count": 0,
"blocked_runtime_actions": ["reboot", "node drain", "force rollout without verifier"],
"next_gate": "dispatch worker 必須先完成 target selector、check-mode、blast-radius guard 與 rollback stop condition。"
},
{
"packet_id": "handoff_critical_model_cost_provider_change",
"source_queue_item_id": "critical_model_cost_provider_change_queue",
"display_name": "模型角色與費用 break-glass",
"risk_tier": "critical",
"owner_agent": "openclaw",
"executor_agent": "openclaw",
"executor_type": "break_glass_only",
"handoff_status": "critical_break_glass_only",
"controlled_route_id": "blocked_critical_model_cost_provider_boundary",
"playbook_ref": "adr://market-replay-shadow-canary-required",
"mcp_tool_ref": "mcp://agent-market/scorecard-readback",
"check_mode_ref": "not-applicable-critical-break-glass",
"verifier_ref": "verifier://agent-market-replay-shadow-canary",
"rollback_ref": "rollback://provider-route-fallback",
"telegram_evidence_ref": "telegram-evidence://critical-cost-provider-summary",
"km_writeback_ref": "km://agent-market-decision-learning",
"playbook_trust_ref": "playbook-trust://agent-provider-role-decision",
"allowlist_match": false,
"check_mode_passed": false,
"rollback_plan_ready": true,
"post_action_verifier_ready": true,
"telegram_evidence_ready": true,
"km_writeback_ready": true,
"playbook_trust_writeback_ready": true,
"owner_response_required": true,
"break_glass_required": true,
"controlled_executor_handoff_allowed": false,
"live_apply_performed": false,
"side_effect_count": 0,
"blocked_runtime_actions": ["OpenClaw replacement", "paid provider switch", "cost quota change"],
"next_gate": "必須先有市場分數、replay、shadow、canary 與費用邊界,不能由一般 high 風險自動化覆蓋。"
},
{
"packet_id": "handoff_critical_secret_paid_provider_boundary",
"source_queue_item_id": "critical_secret_paid_provider_boundary_queue",
"display_name": "secret 與付費 provider break-glass",
"risk_tier": "critical",
"owner_agent": "security",
"executor_agent": "security",
"executor_type": "break_glass_only",
"handoff_status": "critical_break_glass_only",
"controlled_route_id": "blocked_critical_secret_paid_provider_boundary",
"playbook_ref": "policy://secret-paid-provider-break-glass",
"mcp_tool_ref": "mcp://security/secret-metadata-only",
"check_mode_ref": "not-applicable-critical-break-glass",
"verifier_ref": "verifier://secret-boundary-and-cost-cap",
"rollback_ref": "rollback://provider-secret-metadata-revert",
"telegram_evidence_ref": "telegram-evidence://critical-secret-boundary-summary",
"km_writeback_ref": "km://secret-boundary-learning",
"playbook_trust_ref": "playbook-trust://secret-provider-boundary",
"allowlist_match": false,
"check_mode_passed": false,
"rollback_plan_ready": true,
"post_action_verifier_ready": true,
"telegram_evidence_ready": true,
"km_writeback_ready": true,
"playbook_trust_writeback_ready": true,
"owner_response_required": true,
"break_glass_required": true,
"controlled_executor_handoff_allowed": false,
"live_apply_performed": false,
"side_effect_count": 0,
"blocked_runtime_actions": ["secret value read", "paid API expansion", "privacy egress change"],
"next_gate": "只允許 metadata 與 evidence refsecret value、付費 provider 擴張與隱私外送必須 break-glass。"
}
],
"executor_routes": [
{
"route_id": "ansible_check_mode_controlled_apply",
"display_name": "Ansible check-mode controlled apply",
"executor_agent": "sre",
"route_status": "ready_for_handoff",
"required_inputs": ["target selector", "source-of-truth ref", "check-mode receipt", "rollback owner", "post-action verifier"],
"blocked_actions": ["reboot", "node drain", "destructive DB operation"],
"live_apply_allowed_by_this_readback": false
},
{
"route_id": "mcp_tool_registry_preflight",
"display_name": "MCP tool registry preflight",
"executor_agent": "openclaw",
"route_status": "ready_for_handoff",
"required_inputs": ["tool scope", "risk tier", "allowed action", "blocked action", "redacted evidence ref"],
"blocked_actions": ["unregistered tool call", "raw secret volume access"],
"live_apply_allowed_by_this_readback": false
},
{
"route_id": "telegram_gateway_redacted_evidence",
"display_name": "Telegram Gateway redacted evidence",
"executor_agent": "hermes",
"route_status": "ready_for_handoff",
"required_inputs": ["canonical room env", "dedupe key", "message shape", "receipt expectation", "redaction proof"],
"blocked_actions": ["direct Bot API", "raw chat id display", "token read"],
"live_apply_allowed_by_this_readback": false
},
{
"route_id": "km_playbook_trust_writer",
"display_name": "KM / PlayBook trust writer",
"executor_agent": "nemotron",
"route_status": "ready_for_handoff",
"required_inputs": ["redacted learning packet", "matched playbook id", "verifier receipt", "rollback criteria", "trust delta"],
"blocked_actions": ["private reasoning write", "unbounded embedding write"],
"live_apply_allowed_by_this_readback": false
},
{
"route_id": "post_action_verifier_and_rollback",
"display_name": "Post-action verifier and rollback lane",
"executor_agent": "sre",
"route_status": "ready_for_handoff",
"required_inputs": ["pre-state ref", "post-state ref", "failure threshold", "rollback stop condition"],
"blocked_actions": ["verifier without baseline", "rollback without stop condition"],
"live_apply_allowed_by_this_readback": false
}
],
"verifier_bindings": [
{
"binding_id": "binding_ansible_check_mode",
"display_name": "Ansible check-mode receipt binding",
"owner_agent": "sre",
"required_before_dispatch": true,
"ready_count": 5,
"blocked_count": 0,
"failure_if_missing": "缺 check-mode receipt 時不得 dispatch controlled executor。"
},
{
"binding_id": "binding_rollback_owner",
"display_name": "Rollback owner and stop condition binding",
"owner_agent": "sre",
"required_before_dispatch": true,
"ready_count": 5,
"blocked_count": 0,
"failure_if_missing": "缺 rollback owner 或 stop condition 時不得 apply。"
},
{
"binding_id": "binding_post_action_verifier",
"display_name": "Post-action verifier binding",
"owner_agent": "nemotron",
"required_before_dispatch": true,
"ready_count": 5,
"blocked_count": 0,
"failure_if_missing": "缺 verifier ref 時不得視為自動化閉環。"
},
{
"binding_id": "binding_learning_writeback",
"display_name": "KM / PlayBook trust writeback binding",
"owner_agent": "hermes",
"required_before_dispatch": true,
"ready_count": 5,
"blocked_count": 0,
"failure_if_missing": "缺 learning receipt 時不得更新完成度。"
},
{
"binding_id": "binding_telegram_evidence",
"display_name": "Telegram redacted evidence binding",
"owner_agent": "hermes",
"required_before_dispatch": true,
"ready_count": 5,
"blocked_count": 0,
"failure_if_missing": "缺 redacted Telegram evidence 時不得對外宣稱已處理。"
}
],
"learning_writeback_contracts": [
{
"contract_id": "km_execution_receipt",
"display_name": "KM execution receipt",
"owner_agent": "hermes",
"target_store": "knowledge_entries",
"writeback_status": "ready_for_executor_receipt",
"required_fields": ["decision id", "executor route", "verifier result", "redacted evidence refs", "rollback outcome"],
"runtime_write_performed": false
},
{
"contract_id": "playbook_trust_delta",
"display_name": "PlayBook trust delta",
"owner_agent": "openclaw",
"target_store": "playbooks",
"writeback_status": "ready_for_executor_receipt",
"required_fields": ["matched playbook id", "success or failure", "verifier confidence", "negative reinforcement reason"],
"runtime_write_performed": false
},
{
"contract_id": "timeline_event_append",
"display_name": "Timeline event append",
"owner_agent": "hermes",
"target_store": "timeline_events",
"writeback_status": "ready_for_executor_receipt",
"required_fields": ["agent role", "affected scope", "decision reason", "executor status", "post-check result"],
"runtime_write_performed": false
}
],
"activation_boundaries": {
"committed_snapshot_read_allowed": true,
"controlled_executor_handoff_preview_allowed": true,
"ansible_check_mode_receipt_preview_allowed": true,
"mcp_tool_registry_route_preview_allowed": true,
"post_action_verifier_binding_preview_allowed": true,
"telegram_evidence_preview_allowed": true,
"km_playbook_trust_writeback_preview_allowed": true,
"controlled_executor_dispatch_enabled": false,
"live_apply_enabled": false,
"gateway_queue_write_enabled": false,
"telegram_send_enabled": false,
"bot_api_call_enabled": false,
"km_write_enabled": false,
"playbook_trust_write_enabled": false,
"production_write_enabled": false,
"secret_read_enabled": false,
"paid_api_call_enabled": false,
"host_write_enabled": false,
"kubectl_action_enabled": false,
"destructive_operation_enabled": false
},
"display_redaction_contract": {
"redaction_required": true,
"raw_tool_output_display_allowed": false,
"raw_runtime_payload_display_allowed": false,
"raw_telegram_payload_display_allowed": false,
"private_reasoning_display_allowed": false,
"secret_value_display_allowed": false,
"work_window_transcript_display_allowed": false,
"allowed_display_fields": [
"packet_id",
"display_name",
"risk_tier",
"owner_agent",
"executor_agent",
"executor_type",
"handoff_status",
"controlled_route_id",
"check_mode_ref",
"verifier_ref",
"rollback_ref",
"telegram_evidence_ref",
"km_writeback_ref",
"playbook_trust_ref",
"rollups"
],
"blocked_display_fields": [
"raw tool output",
"raw runtime payload",
"raw Telegram payload",
"private reasoning",
"secret value",
"authorization header",
"work window transcript"
]
},
"rollups": {
"source_readback_count": 8,
"handoff_packet_count": 7,
"ready_for_controlled_executor_count": 5,
"critical_break_glass_count": 2,
"high_risk_packet_count": 5,
"critical_packet_count": 2,
"ansible_check_mode_packet_count": 3,
"mcp_tool_route_count": 7,
"post_action_verifier_binding_count": 5,
"telegram_evidence_binding_count": 5,
"km_writeback_binding_count": 5,
"playbook_trust_writeback_binding_count": 5,
"owner_response_required_count": 2,
"blocked_by_critical_boundary_count": 2,
"missing_check_mode_count": 0,
"missing_rollback_count": 0,
"missing_verifier_count": 0,
"missing_telegram_evidence_count": 0,
"missing_learning_writeback_count": 0,
"executor_route_count": 5,
"verifier_binding_count": 5,
"learning_writeback_contract_count": 3,
"controlled_executor_dispatch_count": 0,
"live_apply_count": 0,
"gateway_queue_write_count": 0,
"telegram_send_count": 0,
"bot_api_call_count": 0,
"km_write_count": 0,
"playbook_trust_write_count": 0,
"production_write_count": 0,
"secret_read_count": 0,
"paid_api_call_count": 0,
"host_write_count": 0,
"kubectl_action_count": 0,
"destructive_operation_count": 0
},
"next_actions": [
{
"task_id": "P2-416",
"priority": "P0",
"summary": "建立 controlled executor dispatch worker dry-run從 P2-415 handoff packet 產生 executor run preview、idempotency key、failure lane 與 verifier queue。",
"gate": "dispatch worker 必須只接受 ready_for_controlled_executorcritical_break_glass_only 仍拒收。"
},
{
"task_id": "P2-417",
"priority": "P0",
"summary": "把 executor receipt 寫回 AwoooP status-chain、日 / 週 / 月報與 Telegram redacted evidence讓使用者看到每個 Agent 的實際處理量。",
"gate": "receipt 必須有 verifier result、rollback outcome、KM / PlayBook trust writeback ref。"
}
]
}