Files
awoooi/docs/evaluations/ai_agent_gitea_pr_draft_lane_2026-06-11.json
2026-06-11 19:07:08 +08:00

695 lines
22 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"schema_version": "ai_agent_gitea_pr_draft_lane_v1",
"generated_at": "2026-06-11T23:59:40+08:00",
"program_status": {
"overall_completion_percent": 78,
"current_priority": "P2",
"current_task_id": "P2-402E",
"next_task_id": "P2-402F",
"read_only_mode": true,
"runtime_authority": "draft_lane_only_no_pr_creation_or_branch_push",
"status_note": "P2-402E 已建立 Gitea PR 草案 lane本波只定義 grouping、automerge=false、測試證據、rollback、owner response不 push branch、不建立 PR、不觸發 workflow、不升級套件、不發 Telegram。"
},
"source_refs": [
"docs/evaluations/ai_agent_proactive_operations_contract_2026-06-11.json",
"docs/evaluations/ai_agent_tool_adoption_approval_package_2026-06-11.json",
"docs/evaluations/ai_agent_telegram_action_required_digest_policy_2026-06-11.json",
"docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md#321c-2026-06-11-ai-agent-主動營運委派與版本生命週期契約",
"docs/ai/AI_AGENT_AUTOMATION_WORKLIST_2026-06-04.md"
],
"lane_intent": {
"purpose": "讓 Hermes / OpenClaw / NemoTron 先產生可審核的 Gitea PR 草案計畫包含分組、風險、測試、rollback 與 owner response真正 branch push / PR creation 必須等 bot、branch policy 與人工批准。",
"non_goals": [
"不建立 Gitea branch",
"不建立或更新 Gitea PR",
"不修改 workflow",
"不升級 package 或 lockfile",
"不 build / pull container image",
"不觸發 CI workflow",
"不 auto merge",
"不送 Telegram"
],
"human_approval_gate": "gitea_bot_and_branch_policy_approval_required"
},
"branch_strategy": {
"draft_branch_prefix": "agents/proposal/",
"branch_name_pattern": "agents/proposal/{lane_id}/{yyyyMMdd}-{short_target}",
"branch_push_allowed": false,
"pr_creation_allowed": false,
"automerge": false,
"required_prefix_after_approval": "codex/"
},
"grouping_rules": [
{
"group_id": "dependency_patch_low_risk",
"display_name": "低風險依賴 patch 草案",
"owner_agent": "Hermes",
"risk_tier": "medium",
"max_batch_size": 5,
"draft_only": true,
"automerge": false,
"requires_openclaw_review": true,
"rollback_required": true,
"required_check_ids": [
"schema_and_json_validation",
"targeted_tests_plan",
"secret_and_transcript_redaction"
],
"allowed_change_kinds": [
"manifest proposal",
"lockfile proposal after approval",
"release note summary"
],
"blocked_change_kinds": [
"major version bump",
"security critical package",
"runtime config mutation"
]
},
{
"group_id": "security_cve_advisory",
"display_name": "CVE / OSV 修補草案",
"owner_agent": "OpenClaw",
"risk_tier": "high",
"max_batch_size": 2,
"draft_only": true,
"automerge": false,
"requires_openclaw_review": true,
"rollback_required": true,
"required_check_ids": [
"vulnerability_evidence_ref",
"targeted_tests_plan",
"rollback_plan_attached",
"owner_response_required"
],
"allowed_change_kinds": [
"security advisory summary",
"patch proposal",
"blast radius matrix"
],
"blocked_change_kinds": [
"external vulnerability DB download",
"package upgrade without owner approval",
"production hot patch"
]
},
{
"group_id": "container_image_digest_proposal",
"display_name": "Container image digest / base image 草案",
"owner_agent": "Hermes",
"risk_tier": "high",
"max_batch_size": 2,
"draft_only": true,
"automerge": false,
"requires_openclaw_review": true,
"rollback_required": true,
"required_check_ids": [
"image_digest_evidence",
"targeted_tests_plan",
"rollback_plan_attached",
"maintenance_window_required"
],
"allowed_change_kinds": [
"Dockerfile proposal",
"image digest pin proposal",
"smoke plan"
],
"blocked_change_kinds": [
"docker build",
"image pull",
"kustomization image tag mutation"
]
},
{
"group_id": "ai_agent_model_tool_contract_change",
"display_name": "AI Agent / model / tool contract 草案",
"owner_agent": "NemoTron + OpenClaw",
"risk_tier": "critical",
"max_batch_size": 1,
"draft_only": true,
"automerge": false,
"requires_openclaw_review": true,
"rollback_required": true,
"required_check_ids": [
"sanitized_replay_gate",
"targeted_tests_plan",
"owner_response_required",
"rollback_plan_attached"
],
"allowed_change_kinds": [
"offline replay plan",
"model route proposal",
"tool contract proposal"
],
"blocked_change_kinds": [
"production route change",
"paid API enablement",
"shadow or canary without gate"
]
},
{
"group_id": "host_k3s_stateful_maintenance_plan",
"display_name": "Host / K3s / stateful maintenance 草案",
"owner_agent": "OpenClaw",
"risk_tier": "critical",
"max_batch_size": 1,
"draft_only": true,
"automerge": false,
"requires_openclaw_review": true,
"rollback_required": true,
"required_check_ids": [
"maintenance_window_required",
"rollback_plan_attached",
"owner_response_required",
"targeted_tests_plan"
],
"allowed_change_kinds": [
"maintenance window proposal",
"version skew report",
"stateful backup readiness note"
],
"blocked_change_kinds": [
"host upgrade",
"reboot",
"stateful service restart"
]
},
{
"group_id": "docs_runbook_km_update",
"display_name": "文件 / runbook / KM 草案",
"owner_agent": "Hermes",
"risk_tier": "low",
"max_batch_size": 8,
"draft_only": true,
"automerge": false,
"requires_openclaw_review": true,
"rollback_required": true,
"required_check_ids": [
"schema_and_json_validation",
"secret_and_transcript_redaction",
"owner_response_required"
],
"allowed_change_kinds": [
"runbook proposal",
"LOGBOOK summary",
"KM draft"
],
"blocked_change_kinds": [
"canonical KM publish without owner response",
"secret-bearing evidence",
"work-window transcript"
]
}
],
"lane_steps": [
{
"step_id": "collect_committed_evidence",
"owner_agent": "Hermes",
"purpose": "讀取已提交 snapshot、LOGBOOK 與批准包,整理 PR 草案候選來源。",
"planned_output": "evidence_ref_list",
"runtime_execution_allowed": false,
"repo_write_allowed": false,
"approval_gate": "read_only_allowed"
},
{
"step_id": "group_and_dedupe_candidates",
"owner_agent": "Hermes",
"purpose": "依變更類型、風險與 owner 分組,避免單 PR 混入無關風險。",
"planned_output": "grouping_decision",
"runtime_execution_allowed": false,
"repo_write_allowed": false,
"approval_gate": "draft_lane_policy_only"
},
{
"step_id": "openclaw_risk_arbitration",
"owner_agent": "OpenClaw",
"purpose": "審核 blast radius、rollback、HITL 與是否需拆 PR。",
"planned_output": "risk_verdict",
"runtime_execution_allowed": false,
"repo_write_allowed": false,
"approval_gate": "openclaw_review_required"
},
{
"step_id": "nemotron_replay_requirement_check",
"owner_agent": "NemoTron",
"purpose": "只對 AI Agent / model / 提示詞 / tool contract 類變更提出 sanitized replay 需求。",
"planned_output": "replay_gate_requirement",
"runtime_execution_allowed": false,
"repo_write_allowed": false,
"approval_gate": "offline_replay_approval_required"
},
{
"step_id": "attach_test_and_smoke_plan",
"owner_agent": "Hermes",
"purpose": "列出 PR 前必備測試、schema、secret/redaction 與 production smoke 證據。",
"planned_output": "test_plan",
"runtime_execution_allowed": false,
"repo_write_allowed": false,
"approval_gate": "test_plan_required"
},
{
"step_id": "attach_rollback_and_owner_response",
"owner_agent": "OpenClaw",
"purpose": "要求 rollback、owner response、maintenance window 與風險接受欄位齊全。",
"planned_output": "rollback_owner_packet",
"runtime_execution_allowed": false,
"repo_write_allowed": false,
"approval_gate": "owner_response_required"
},
{
"step_id": "emit_draft_pr_packet",
"owner_agent": "Hermes",
"purpose": "只產出 PR 草案封包;不 push branch、不呼叫 Gitea API、不觸發 workflow。",
"planned_output": "draft_pr_packet",
"runtime_execution_allowed": false,
"repo_write_allowed": false,
"approval_gate": "gitea_bot_and_branch_policy_approval_required"
}
],
"required_checks": [
{
"check_id": "schema_and_json_validation",
"display_name": "Schema / JSON 驗證",
"owner_agent": "Hermes",
"blocking": true,
"evidence_required": true,
"run_now_allowed": false,
"planned_command_or_evidence": "python3 -m json.tool 與 targeted schema validation evidence"
},
{
"check_id": "targeted_tests_plan",
"display_name": "Targeted tests plan",
"owner_agent": "Hermes",
"blocking": true,
"evidence_required": true,
"run_now_allowed": false,
"planned_command_or_evidence": "pytest / ruff / frontend smoke plan依變更範圍列出"
},
{
"check_id": "secret_and_transcript_redaction",
"display_name": "Secret 與工作視窗內容遮蔽",
"owner_agent": "OpenClaw",
"blocking": true,
"evidence_required": true,
"run_now_allowed": false,
"planned_command_or_evidence": "doc secrets sanity check + forbidden transcript marker scan"
},
{
"check_id": "rollback_plan_attached",
"display_name": "Rollback plan attached",
"owner_agent": "OpenClaw",
"blocking": true,
"evidence_required": true,
"run_now_allowed": false,
"planned_command_or_evidence": "回滾 commit / config revert / deployment rollback plan"
},
{
"check_id": "owner_response_required",
"display_name": "Owner response required",
"owner_agent": "OpenClaw",
"blocking": true,
"evidence_required": true,
"run_now_allowed": false,
"planned_command_or_evidence": "owner 接受、拒絕或要求拆分的結構化回覆"
},
{
"check_id": "vulnerability_evidence_ref",
"display_name": "Vulnerability evidence ref",
"owner_agent": "OpenClaw",
"blocking": true,
"evidence_required": true,
"run_now_allowed": false,
"planned_command_or_evidence": "OSV / CVE / scanner report ref本波不查外部 DB"
},
{
"check_id": "image_digest_evidence",
"display_name": "Image digest evidence",
"owner_agent": "Hermes",
"blocking": true,
"evidence_required": true,
"run_now_allowed": false,
"planned_command_or_evidence": "image digest / base image release evidence本波不 pull image"
},
{
"check_id": "sanitized_replay_gate",
"display_name": "Sanitized replay gate",
"owner_agent": "NemoTron",
"blocking": true,
"evidence_required": true,
"run_now_allowed": false,
"planned_command_or_evidence": "AI Agent / model / 提示詞 變更需 sanitized replay plan 與 hidden-label gate"
},
{
"check_id": "maintenance_window_required",
"display_name": "Deployment / maintenance window required",
"owner_agent": "OpenClaw",
"blocking": true,
"evidence_required": true,
"run_now_allowed": false,
"planned_command_or_evidence": "變更需列 deployment 或 maintenance window本波不部署"
}
],
"owner_response_requirements": [
{
"requirement_id": "business_owner_verdict",
"owner_agent": "OpenClaw",
"required_fields": [
"owner",
"decision",
"business_impact",
"risk_acceptance",
"evidence_ref"
],
"required_before_pr_creation": true
},
{
"requirement_id": "sre_owner_readiness",
"owner_agent": "OpenClaw",
"required_fields": [
"owner",
"decision",
"rollback_acceptance",
"maintenance_window",
"evidence_ref"
],
"required_before_pr_creation": true
},
{
"requirement_id": "security_owner_review",
"owner_agent": "OpenClaw",
"required_fields": [
"owner",
"decision",
"risk_acceptance",
"business_impact",
"evidence_ref"
],
"required_before_pr_creation": true
},
{
"requirement_id": "product_owner_scope_response",
"owner_agent": "Hermes",
"required_fields": [
"owner",
"decision",
"business_impact",
"maintenance_window",
"evidence_ref"
],
"required_before_pr_creation": true
}
],
"rollback_requirements": [
{
"requirement_id": "git_revert_plan",
"description": "必須列出可回退 commit 或檔案層 revert 計畫。",
"required": true,
"must_be_attached_before_pr_creation": true
},
{
"requirement_id": "config_recovery_plan",
"description": "涉及 config / K8s / workflow 時必須列出原值與回復步驟。",
"required": true,
"must_be_attached_before_pr_creation": true
},
{
"requirement_id": "data_migration_rollback",
"description": "涉及 schema / migration 時必須列出 forward-only 或 rollback policy。",
"required": true,
"must_be_attached_before_pr_creation": true
},
{
"requirement_id": "runtime_disable_switch",
"description": "涉及 runtime gate 時必須列出 disable switch 與監控證據。",
"required": true,
"must_be_attached_before_pr_creation": true
},
{
"requirement_id": "telegram_noise_rollback",
"description": "涉及告警或通知時必須列出降噪、停發與 fallback 策略。",
"required": true,
"must_be_attached_before_pr_creation": true
},
{
"requirement_id": "production_smoke_revert_gate",
"description": "正式部署前必須定義 smoke 失敗時的停止與回退條件。",
"required": true,
"must_be_attached_before_pr_creation": true
}
],
"draft_templates": [
{
"template_id": "dependency_update_draft",
"display_name": "Dependency update draft PR template",
"applies_to_group_ids": [
"dependency_patch_low_risk",
"security_cve_advisory"
],
"required_sections": [
"變更摘要",
"版本差異",
"測試計畫",
"Rollback",
"Owner response"
],
"forbidden_fields": [
"secret_value",
"token",
"authorization_header",
"work_window_transcript",
"codex_user_message",
"prompt_text",
"chain_of_thought",
"session_id",
"browser_context"
],
"automerge": false,
"branch_push_allowed": false
},
{
"template_id": "runtime_infra_draft",
"display_name": "Runtime / infrastructure draft PR template",
"applies_to_group_ids": [
"container_image_digest_proposal",
"host_k3s_stateful_maintenance_plan"
],
"required_sections": [
"影響範圍",
"部署或維護窗口",
"監控與 smoke",
"Rollback",
"Owner response"
],
"forbidden_fields": [
"secret_value",
"token",
"authorization_header",
"work_window_transcript",
"codex_user_message",
"prompt_text",
"chain_of_thought",
"session_id",
"browser_context"
],
"automerge": false,
"branch_push_allowed": false
},
{
"template_id": "ai_agent_contract_draft",
"display_name": "AI Agent / model / tool contract draft template",
"applies_to_group_ids": [
"ai_agent_model_tool_contract_change"
],
"required_sections": [
"候選 Agent 或模型",
"Replay / shadow gate",
"安全邊界",
"Rollback",
"Owner response"
],
"forbidden_fields": [
"secret_value",
"token",
"authorization_header",
"work_window_transcript",
"codex_user_message",
"prompt_text",
"chain_of_thought",
"session_id",
"browser_context"
],
"automerge": false,
"branch_push_allowed": false
},
{
"template_id": "docs_runbook_km_draft",
"display_name": "Docs / runbook / KM draft template",
"applies_to_group_ids": [
"docs_runbook_km_update"
],
"required_sections": [
"文件目的",
"證據來源",
"使用者影響",
"Rollback",
"Owner response"
],
"forbidden_fields": [
"secret_value",
"token",
"authorization_header",
"work_window_transcript",
"codex_user_message",
"prompt_text",
"chain_of_thought",
"session_id",
"browser_context"
],
"automerge": false,
"branch_push_allowed": false
}
],
"agent_roles": [
{
"agent_id": "hermes",
"role": "建立 PR 草案封包、分組、release note、test plan 與 docs / KM 草稿。",
"allowed_now": [
"讀取 committed evidence",
"產出 draft_pr_packet",
"產出 grouping_decision"
],
"blocked_until_approval": [
"push branch",
"create Gitea PR",
"trigger workflow",
"modify lockfile"
]
},
{
"agent_id": "openclaw",
"role": "仲裁風險、rollback、owner response、HITL 與是否拆分 PR。",
"allowed_now": [
"審核 draft packet",
"標註 blocker",
"要求 owner response"
],
"blocked_until_approval": [
"approve itself",
"merge PR",
"runtime execution",
"production route change"
]
},
{
"agent_id": "nemotron",
"role": "針對 AI Agent / model / 提示詞 / tool contract 類變更提出 sanitized replay gate。",
"allowed_now": [
"定義 replay requirement",
"檢查 output contract",
"標記 model/tool risk"
],
"blocked_until_approval": [
"call paid API",
"run external replay",
"shadow/canary",
"production route"
]
}
],
"display_redaction_contract": {
"conversation_transcript_display_allowed": false,
"redaction_required": true,
"allowed_frontend_fields": [
"整體完成度",
"目前任務",
"下一任務",
"grouping rule 摘要",
"required checks 摘要",
"rollback / owner response 邊界"
],
"forbidden_frontend_content": [
"工作視窗對話內容",
"secret 明文",
"提示詞全文",
"推理鏈",
"瀏覽器 session 上下文"
]
},
"operation_boundaries": {
"read_only_lane_allowed": true,
"gitea_branch_push_allowed": false,
"gitea_pr_creation_allowed": false,
"gitea_pr_update_allowed": false,
"gitea_pr_comment_allowed": false,
"auto_merge_allowed": false,
"workflow_trigger_allowed": false,
"ci_workflow_change_allowed": false,
"lockfile_write_allowed": false,
"package_upgrade_allowed": false,
"file_mutation_allowed": false,
"external_registry_lookup_allowed": false,
"vulnerability_database_download_allowed": false,
"docker_build_allowed": false,
"image_pull_allowed": false,
"production_route_change_allowed": false,
"telegram_direct_send_allowed": false,
"telegram_gateway_queue_write_allowed": false,
"secret_plaintext_allowed": false,
"conversation_transcript_allowed": false
},
"approval_boundaries": {
"gitea_bot_account_approved": false,
"gitea_branch_policy_approved": false,
"gitea_pr_creation_approved": false,
"gitea_pr_update_approved": false,
"workflow_trigger_approved": false,
"ci_workflow_change_approved": false,
"lockfile_write_approved": false,
"package_upgrade_approved": false,
"docker_build_approved": false,
"image_pull_approved": false,
"auto_merge_approved": false,
"telegram_digest_send_approved": false,
"runtime_execution_approved": false,
"production_route_change_approved": false,
"secret_plaintext_approved": false
},
"rollups": {
"grouping_rule_count": 6,
"lane_step_count": 7,
"required_check_count": 9,
"owner_response_requirement_count": 4,
"rollback_requirement_count": 6,
"draft_template_count": 4,
"draft_group_ids": [
"dependency_patch_low_risk",
"security_cve_advisory",
"container_image_digest_proposal",
"ai_agent_model_tool_contract_change",
"host_k3s_stateful_maintenance_plan",
"docs_runbook_km_update"
],
"owner_response_requirement_ids": [
"business_owner_verdict",
"sre_owner_readiness",
"security_owner_review",
"product_owner_scope_response"
],
"critical_risk_group_ids": [
"ai_agent_model_tool_contract_change",
"host_k3s_stateful_maintenance_plan"
],
"gitea_branch_push_allowed_count": 0,
"gitea_pr_creation_allowed_count": 0,
"auto_merge_allowed_count": 0,
"workflow_trigger_allowed_count": 0,
"lockfile_write_allowed_count": 0,
"telegram_direct_send_allowed_count": 0,
"conversation_transcript_allowed_count": 0,
"next_approval_task_ids": [
"P2-402F",
"P2-402G"
]
}
}