179 lines
7.0 KiB
JSON
179 lines
7.0 KiB
JSON
{
|
||
"schema_version": "ai_agent_runtime_write_gate_review_v1",
|
||
"generated_at": "2026-06-12T00:22:00+08:00",
|
||
"program_status": {
|
||
"overall_completion_percent": 94,
|
||
"current_priority": "P2",
|
||
"current_task_id": "P2-403G",
|
||
"next_task_id": "P2-403H",
|
||
"read_only_mode": true,
|
||
"runtime_authority": "write_gate_review_only_no_runtime_write",
|
||
"status_note": "P2-403G 已把 KM、PlayBook trust、timeline learning 與 replay score 的 runtime write gate review 固定為只讀契約;尚未收到雙人批准、未驗證 dry-run hash、未執行 post-write verifier、未做任何 runtime write。"
|
||
},
|
||
"source_refs": [
|
||
"docs/evaluations/ai_agent_owner_approved_learning_dry_run_2026-06-11.json",
|
||
"docs/evaluations/ai_agent_interaction_learning_proof_2026-06-11.json",
|
||
"docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md"
|
||
],
|
||
"runtime_write_truth": {
|
||
"runtime_write_allowed": false,
|
||
"dual_approval_required": true,
|
||
"dual_approval_received_count": 0,
|
||
"dry_run_hash_required": true,
|
||
"dry_run_hash_verified_count": 0,
|
||
"post_write_verifier_required": true,
|
||
"post_write_verifier_pass_count": 0,
|
||
"km_write_allowed": false,
|
||
"playbook_trust_write_allowed": false,
|
||
"timeline_learning_write_allowed": false,
|
||
"agent_replay_score_write_allowed": false,
|
||
"telegram_send_allowed": false,
|
||
"truth_note": "目前只允許審查 runtime write gate;雙人批准、dry-run hash、post-write verifier 與 rollback owner 都尚未滿足,所以 live write 維持 0。"
|
||
},
|
||
"write_gate_review": {
|
||
"required_fields": [
|
||
"dual_approval_ids",
|
||
"owner_role",
|
||
"dry_run_preview_hash",
|
||
"redacted_evidence_refs",
|
||
"target_write_surface",
|
||
"rollback_owner",
|
||
"post_write_verifier_ref",
|
||
"audit_event_template",
|
||
"expiry_window"
|
||
],
|
||
"forbidden_fields": [
|
||
"secret_value",
|
||
"authorization_header",
|
||
"raw_tool_output",
|
||
"private_reasoning",
|
||
"raw_telegram_payload",
|
||
"unredacted_incident_log"
|
||
],
|
||
"operator_meaning": "這是正式寫入前的最後審查面:只有雙人批准、dry-run hash、rollback owner、post-write verifier 與 audit template 都存在時,下一階段才可討論 runtime write。"
|
||
},
|
||
"write_targets": [
|
||
{
|
||
"target_id": "km_draft_to_canonical",
|
||
"display_name": "KM draft -> canonical",
|
||
"status": "approval_required",
|
||
"owner_agent": "hermes",
|
||
"required_before_write": "雙人批准、dry-run diff hash、owner review reason、rollback owner。",
|
||
"blocked_write_action": "knowledge_entries_canonical_write"
|
||
},
|
||
{
|
||
"target_id": "playbook_trust_delta",
|
||
"display_name": "PlayBook trust delta",
|
||
"status": "approval_required",
|
||
"owner_agent": "openclaw",
|
||
"required_before_write": "verifier result 必須證明修復成功;no-action / no-repair 不得提升 trust。",
|
||
"blocked_write_action": "playbook_trust_history_write"
|
||
},
|
||
{
|
||
"target_id": "timeline_learning_event",
|
||
"display_name": "Timeline learning event",
|
||
"status": "contract_ready",
|
||
"owner_agent": "hermes",
|
||
"required_before_write": "event envelope、redacted evidence refs、audit event template。",
|
||
"blocked_write_action": "incident_timeline_learning_write"
|
||
},
|
||
{
|
||
"target_id": "agent_replay_score_delta",
|
||
"display_name": "Agent replay score delta",
|
||
"status": "blocked_by_runtime_gate",
|
||
"owner_agent": "nemotron",
|
||
"required_before_write": "replay job id、baseline score、candidate score、promotion gate decision。",
|
||
"blocked_write_action": "agent_replay_score_write"
|
||
}
|
||
],
|
||
"approval_gates": [
|
||
{
|
||
"gate_id": "dual_owner_approval_gate",
|
||
"display_name": "Dual owner approval",
|
||
"status": "approval_required",
|
||
"required_evidence": "至少兩個 owner approval id、角色、理由與有效期限。",
|
||
"blocked_runtime_action": "runtime_learning_write"
|
||
},
|
||
{
|
||
"gate_id": "dry_run_hash_gate",
|
||
"display_name": "Dry-run hash verification",
|
||
"status": "approval_required",
|
||
"required_evidence": "P2-403F preview hash、diff summary、redacted evidence refs 必須一致。",
|
||
"blocked_runtime_action": "runtime_learning_write"
|
||
},
|
||
{
|
||
"gate_id": "post_write_verifier_gate",
|
||
"display_name": "Post-write verifier",
|
||
"status": "approval_required",
|
||
"required_evidence": "post-write verifier ref、failure rollback plan、audit event template。",
|
||
"blocked_runtime_action": "runtime_learning_write"
|
||
},
|
||
{
|
||
"gate_id": "telegram_receipt_gate",
|
||
"display_name": "Telegram receipt after write",
|
||
"status": "blocked_by_runtime_gate",
|
||
"required_evidence": "P2-403E receipt gate 仍未授權,不能把寫入結果直接推 Telegram。",
|
||
"blocked_runtime_action": "telegram_send_or_receipt_write"
|
||
}
|
||
],
|
||
"post_write_verification": {
|
||
"verification_required": true,
|
||
"rollback_required": true,
|
||
"verification_steps": [
|
||
"寫入後必須讀回 canonical target 並比對 dry-run hash",
|
||
"PlayBook trust 只能依 verifier result 調整",
|
||
"timeline learning event 必須可回到 incident id 與 evidence refs",
|
||
"失敗時必須產生 rollback work item,不得靜默成功",
|
||
"Telegram 只允許 failure-only receipt,成功不得洗版"
|
||
]
|
||
},
|
||
"approval_boundaries": {
|
||
"runtime_write_allowed": false,
|
||
"dual_approval_received": false,
|
||
"dry_run_hash_verified": false,
|
||
"km_write_allowed": false,
|
||
"playbook_trust_write_allowed": false,
|
||
"timeline_learning_write_allowed": false,
|
||
"agent_replay_score_write_allowed": false,
|
||
"telegram_send_allowed": false,
|
||
"runtime_worker_allowed": false,
|
||
"secret_plaintext_allowed": false
|
||
},
|
||
"display_redaction_contract": {
|
||
"redaction_required": true,
|
||
"raw_payload_display_allowed": false,
|
||
"private_reasoning_display_allowed": false,
|
||
"secret_value_display_allowed": false,
|
||
"allowed_frontend_content": [
|
||
"write target",
|
||
"approval gate",
|
||
"required evidence",
|
||
"blocked runtime action",
|
||
"post-write verification step",
|
||
"rollback requirement"
|
||
],
|
||
"forbidden_frontend_content": [
|
||
"secret value",
|
||
"authorization header",
|
||
"raw tool output",
|
||
"private reasoning",
|
||
"raw Telegram payload",
|
||
"unredacted incident log"
|
||
],
|
||
"frontend_display_policy": "治理頁只顯示 write target、approval gate、必要證據、阻擋 runtime action、post-write verifier 與 rollback;不顯示 secret、authorization header、raw tool output、private reasoning、raw Telegram payload 或未脫敏 incident log。"
|
||
},
|
||
"rollups": {
|
||
"write_target_count": 4,
|
||
"approval_gate_count": 4,
|
||
"approval_required_gate_ids": [
|
||
"dual_owner_approval_gate",
|
||
"dry_run_hash_gate",
|
||
"post_write_verifier_gate"
|
||
],
|
||
"blocked_runtime_action_count": 2,
|
||
"required_field_count": 9,
|
||
"forbidden_field_count": 6,
|
||
"live_write_count_total": 0
|
||
}
|
||
}
|