wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 3 Packages Projects Releases Wiki Activity
Files
2a2cb16c135fd7e5b159d94de9b5ff04f6cf31f5
awoooi/docs/evaluations/ai_agent_tool_adoption_approval_package_2026-06-11.json
Your Name 42622a5bad
All checks were successful
CD Pipeline / tests (push) Successful in 1m27s
Details
Code Review / ai-code-review (push) Successful in 14s
Details
CD Pipeline / build-and-deploy (push) Successful in 4m29s
Details
CD Pipeline / post-deploy-checks (push) Successful in 1m32s
Details
feat(governance): 新增 Agent 工具採用批准包
2026-06-11 13:26:59 +08:00

472 lines
17 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"schema_version": "ai_agent_tool_adoption_approval_package_v1",
"generated_at": "2026-06-11T23:35:00+08:00",
"program_status": {
"overall_completion_percent": 55,
"current_priority": "P2",
"current_task_id": "P2-402C",
"next_task_id": "P2-402D",
"read_only_mode": true,
"runtime_authority": "approval_package_only_no_tool_install_or_ci_change",
"status_note": "P2-402C 建立 Renovate / OSV-Scanner / Trivy / Syft / Grype 工具採用批准包;本波只保留官方來源與採用門檻,不安裝工具、不改 CI、不下載漏洞 DB、不建立 PR、不發 Telegram。"
},
"source_evidence": [
{
"source_id": "renovate_gitea_platform_docs",
"tool_id": "renovate_gitea",
"name": "Renovate Gitea platform docs",
"url": "https://docs.renovatebot.com/modules/platform/gitea/",
"retrieved_at": "2026-06-11T23:35:00+08:00",
"evidence_type": "official_documentation",
"usage_boundary": "只用於確認 Renovate 支援 Gitea 與 autodiscover / PR 權限需求;本波不啟用 bot、不寫 workflow、不建立 PR。"
},
{
"source_id": "osv_scanner_usage_docs",
"tool_id": "osv_scanner",
"name": "OSV-Scanner usage docs",
"url": "https://google.github.io/osv-scanner/usage/",
"retrieved_at": "2026-06-11T23:35:00+08:00",
"evidence_type": "official_documentation",
"usage_boundary": "只用於確認 OSV-Scanner V2 使用面;本波不下載漏洞資料、不掃描專案、不呼叫外部查詢。"
},
{
"source_id": "trivy_docs",
"tool_id": "trivy",
"name": "Trivy official docs",
"url": "https://trivy.dev/",
"retrieved_at": "2026-06-11T23:35:00+08:00",
"evidence_type": "official_documentation",
"usage_boundary": "只用於確認 Trivy 可作為漏洞 / IaC / SBOM / Kubernetes 類掃描候選;本波不安裝、不掃描、不下載 vulnerability DB。"
},
{
"source_id": "anchore_syft_docs",
"tool_id": "syft",
"name": "Anchore Syft open source docs",
"url": "https://anchore.com/opensource/",
"retrieved_at": "2026-06-11T23:35:00+08:00",
"evidence_type": "official_documentation",
"usage_boundary": "只用於確認 Syft 是 SBOM 產生候選;本波不安裝、不產 SBOM、不寫 artifact。"
},
{
"source_id": "anchore_grype_docs",
"tool_id": "grype",
"name": "Anchore Grype open source docs",
"url": "https://anchore.com/opensource/",
"retrieved_at": "2026-06-11T23:35:00+08:00",
"evidence_type": "official_documentation",
"usage_boundary": "只用於確認 Grype 是 container / filesystem vulnerability scanner 候選;本波不安裝、不掃描、不下載資料庫。"
}
],
"agent_review_matrix": [
{
"agent_id": "hermes",
"role": "彙整官方來源、repo-only freshness source、CI 變更點與 evidence refs。",
"allowed_now": [
"讀 committed snapshot",
"整理工具採用批准欄位",
"產出比較表與 next gate"
],
"blocked_until_approval": [
"安裝工具",
"寫 workflow",
"下載漏洞資料庫",
"建立 Renovate PR"
],
"output": "tool adoption evidence packet"
},
{
"agent_id": "openclaw",
"role": "仲裁工具採用風險、secret / 費用 / CI / false-positive / blast-radius 邊界。",
"allowed_now": [
"審核採用門檻",
"要求 HITL approval",
"定義 rollback 與 failure-only notification 條件"
],
"blocked_until_approval": [
"批准自己的工具啟用",
"改 CI runner",
"改 Alertmanager 或 Telegram route",
"auto merge"
],
"output": "HITL approval package verdict"
},
{
"agent_id": "nemotron",
"role": "離線比較掃描器輸出如何影響 AI Agent / model / prompt / tool-call replay 評分。",
"allowed_now": [
"建立離線 replay 欄位",
"標記 scanner assumption risk",
"建議多工具交叉驗證策略"
],
"blocked_until_approval": [
"新增 SDK",
"呼叫付費模型",
"shadow/canary",
"production provider route"
],
"output": "offline scanner-assumption review note"
}
],
"adoption_lanes": [
{
"lane_id": "dependency_update_pr_lane",
"display_name": "Dependency update PR lane",
"owner_agent": "hermes",
"tool_ids": [
"renovate_gitea"
],
"approval_gate": "gitea_bot_token_branch_policy_and_ci_workflow_approval",
"planned_output": "Renovate config / grouping / automerge=false / reviewer policy approval package",
"blocked_now": [
"建立 bot token",
"寫 renovate config",
"啟用 autodiscover",
"建立 PR",
"auto merge"
]
},
{
"lane_id": "vulnerability_lookup_lane",
"display_name": "Vulnerability lookup lane",
"owner_agent": "openclaw",
"tool_ids": [
"osv_scanner",
"trivy",
"grype"
],
"approval_gate": "external_source_cache_rate_limit_and_false_positive_policy_approval",
"planned_output": "CVE / OSV / advisory lookup approval package with cache and suppression policy",
"blocked_now": [
"下載 vulnerability DB",
"查外部 advisory",
"掃描 image / filesystem",
"把 scanner output 當唯一事實"
]
},
{
"lane_id": "sbom_generation_lane",
"display_name": "SBOM generation lane",
"owner_agent": "hermes",
"tool_ids": [
"syft",
"trivy"
],
"approval_gate": "artifact_retention_and_sbom_schema_approval",
"planned_output": "SPDX / CycloneDX / JSON artifact policy and storage path approval package",
"blocked_now": [
"安裝 Syft",
"產生 SBOM artifact",
"上傳 artifact",
"保存 package payload 超出批准範圍"
]
},
{
"lane_id": "container_crosscheck_lane",
"display_name": "Container scanner cross-check lane",
"owner_agent": "openclaw",
"tool_ids": [
"trivy",
"syft",
"grype"
],
"approval_gate": "container_scan_runbook_and_dedup_policy_approval",
"planned_output": "Trivy vs Syft+Grype cross-check runbook and false-positive review policy",
"blocked_now": [
"docker build",
"image pull",
"registry push",
"改 Harbor / ArgoCD / production route"
]
}
],
"tool_candidates": [
{
"tool_id": "renovate_gitea",
"display_name": "Renovate for Gitea",
"category": "dependency_update_pr",
"owner_agent": "hermes",
"adoption_status": "approval_required",
"risk_tier": "high",
"cost_profile": "open_source_self_hosted_candidate; runner usage and maintenance cost require approval",
"secret_requirement": "Gitea bot token / repo permission required after approval; no token is created or read in this package.",
"external_data_requirement": "Package registry metadata required after approval; currently blocked.",
"ci_change_required": true,
"official_source_refs": [
"renovate_gitea_platform_docs"
],
"intended_scope": [
"dependency update PR draft",
"grouping",
"automerge=false",
"reviewer assignment"
],
"approval_requirements": [
"Gitea bot identity and token storage plan",
"branch naming and PR grouping policy",
"automerge=false hard gate",
"rate limit and schedule policy",
"rollback plan for bad PR storm"
],
"blocked_until_approval": [
"renovate config write",
"workflow schedule activation",
"bot token creation",
"PR creation",
"auto merge"
],
"recommendation": "Adopt only after P2-402E Gitea PR lane and branch policy approval; do not enable during P2-402C.",
"rollback_plan": "Disable workflow / bot token, close generated PRs, revert Renovate config commit; no production route change allowed."
},
{
"tool_id": "osv_scanner",
"display_name": "OSV-Scanner",
"category": "vulnerability_lookup",
"owner_agent": "openclaw",
"adoption_status": "approval_required",
"risk_tier": "medium",
"cost_profile": "free_public_candidate; network and rate-limit policy still require approval",
"secret_requirement": "No project secret required for public lookup candidate; cache policy required.",
"external_data_requirement": "OSV vulnerability database lookup required after approval; currently blocked.",
"ci_change_required": true,
"official_source_refs": [
"osv_scanner_usage_docs"
],
"intended_scope": [
"dependency vulnerability lookup",
"lockfile / manifest advisory matching",
"approval package evidence"
],
"approval_requirements": [
"network egress and cache TTL policy",
"false-positive suppression process",
"severity mapping to dependency_risk_policy_v1",
"failure-only notification policy",
"artifact retention boundary"
],
"blocked_until_approval": [
"external advisory lookup",
"vulnerability DB query",
"CI workflow write",
"package upgrade"
],
"recommendation": "Adopt as first vulnerability lookup candidate after cache/rate-limit approval; keep output advisory-only until OpenClaw review.",
"rollback_plan": "Remove workflow step and cached advisory artifacts; keep prior repo-only freshness snapshot as fallback."
},
{
"tool_id": "trivy",
"display_name": "Trivy",
"category": "container_iac_vulnerability_scan",
"owner_agent": "openclaw",
"adoption_status": "approval_required",
"risk_tier": "high",
"cost_profile": "open_source_candidate; DB download, cache, runner time and false-positive review cost require approval",
"secret_requirement": "No plaintext secret allowed; registry credentials only after dedicated secret policy approval.",
"external_data_requirement": "Vulnerability DB and optional registry/image metadata required after approval; currently blocked.",
"ci_change_required": true,
"official_source_refs": [
"trivy_docs"
],
"intended_scope": [
"container image vulnerability scan",
"filesystem scan",
"IaC / Kubernetes config scan",
"SBOM or misconfiguration signal"
],
"approval_requirements": [
"runner cache and DB update policy",
"image pull/build boundary",
"registry credential handling",
"false-positive triage and suppression owner",
"cross-check with Syft / Grype before action-required escalation"
],
"blocked_until_approval": [
"trivy install",
"vulnerability DB download",
"filesystem scan",
"image scan",
"Kubernetes live scan",
"CI workflow write"
],
"recommendation": "Adopt after OSV baseline and SBOM artifact policy; use as primary container/IaC scanner only with OpenClaw gating.",
"rollback_plan": "Disable scan job, remove scanner cache, keep prior Dockerfile surface inventory; do not change images or deployments."
},
{
"tool_id": "syft",
"display_name": "Syft",
"category": "sbom_generation",
"owner_agent": "hermes",
"adoption_status": "approval_required",
"risk_tier": "medium",
"cost_profile": "open_source_candidate; runner time and artifact storage require approval",
"secret_requirement": "No secret required for repo filesystem SBOM; registry credentials blocked until approved.",
"external_data_requirement": "No external vulnerability DB needed for local SBOM generation; package cataloging scope still requires approval.",
"ci_change_required": true,
"official_source_refs": [
"anchore_syft_docs"
],
"intended_scope": [
"SBOM generation from filesystem",
"container image SBOM after image policy approval",
"SPDX / CycloneDX / JSON artifact candidate"
],
"approval_requirements": [
"SBOM schema and artifact retention decision",
"redaction and private package payload policy",
"artifact storage path",
"consumer policy for Grype / external scanners"
],
"blocked_until_approval": [
"syft install",
"SBOM artifact write",
"image cataloging",
"artifact upload"
],
"recommendation": "Adopt as SBOM source of truth candidate before broad scanner rollout; never treat SBOM as remediation approval.",
"rollback_plan": "Delete generated artifacts by retention policy and disable SBOM step; no package or image mutation."
},
{
"tool_id": "grype",
"display_name": "Grype",
"category": "vulnerability_scan_from_sbom_or_image",
"owner_agent": "openclaw",
"adoption_status": "approval_required",
"risk_tier": "medium",
"cost_profile": "open_source_candidate; DB download, cache, runner time and triage cost require approval",
"secret_requirement": "No plaintext secret allowed; registry credentials blocked until image scan policy approval.",
"external_data_requirement": "Vulnerability DB required after approval; currently blocked.",
"ci_change_required": true,
"official_source_refs": [
"anchore_grype_docs"
],
"intended_scope": [
"scan Syft SBOM",
"scan image/filesystem after approval",
"cross-check Trivy vulnerability signal"
],
"approval_requirements": [
"Syft SBOM input policy",
"vulnerability DB cache policy",
"severity and fix-available mapping",
"false-positive and duplicate handling",
"OpenClaw review before action-required Telegram digest"
],
"blocked_until_approval": [
"grype install",
"vulnerability DB download",
"image/filesystem scan",
"CI workflow write",
"Telegram digest send"
],
"recommendation": "Adopt as cross-check scanner paired with Syft and Trivy; use disagreement as review signal, not automatic blocker.",
"rollback_plan": "Disable Grype step and remove DB cache; preserve Syft SBOM artifact policy separately."
}
],
"approval_packet_fields": [
{
"field_id": "operator_approval_id",
"required": true,
"owner_agent": "openclaw",
"description": "人工批准 ID未填不得安裝工具、改 CI 或查外部。"
},
{
"field_id": "secret_storage_plan",
"required": true,
"owner_agent": "openclaw",
"description": "Gitea bot token / registry credentials / cache token 的存放與注入規則;不得記錄明文。"
},
{
"field_id": "ci_runner_cost_and_cache_plan",
"required": true,
"owner_agent": "hermes",
"description": "runner 時間、cache 目錄、DB 更新頻率、artifact retention 與清理策略。"
},
{
"field_id": "false_positive_triage_policy",
"required": true,
"owner_agent": "openclaw",
"description": "掃描器差異、誤報、suppression、severity mapping 與 owner response 流程。"
},
{
"field_id": "telegram_digest_gate",
"required": true,
"owner_agent": "openclaw",
"description": "P2-402D 才能啟用 action-required digest成功掃描不得洗版。"
},
{
"field_id": "rollback_and_disable_plan",
"required": true,
"owner_agent": "hermes",
"description": "出現 PR storm、DB download failure、runner overload 或大量 false-positive 時的停用流程。"
}
],
"approval_boundaries": {
"tool_install_allowed": false,
"ci_workflow_change_allowed": false,
"external_registry_lookup_allowed": false,
"vulnerability_database_download_allowed": false,
"package_upgrade_allowed": false,
"lockfile_write_allowed": false,
"docker_build_allowed": false,
"image_pull_allowed": false,
"gitea_pr_creation_allowed": false,
"auto_merge_allowed": false,
"telegram_direct_send_allowed": false,
"paid_service_enabled": false,
"production_route_change_allowed": false,
"secret_plaintext_allowed": false
},
"rollups": {
"tool_count": 5,
"source_evidence_count": 5,
"adoption_lane_count": 4,
"approval_required_tool_ids": [
"renovate_gitea",
"osv_scanner",
"trivy",
"syft",
"grype"
],
"ci_change_required_tool_ids": [
"renovate_gitea",
"osv_scanner",
"trivy",
"syft",
"grype"
],
"secret_required_tool_ids": [
"renovate_gitea",
"trivy",
"syft",
"grype"
],
"external_data_required_tool_ids": [
"renovate_gitea",
"osv_scanner",
"trivy",
"grype"
],
"sbom_tool_ids": [
"syft",
"trivy"
],
"vulnerability_scan_tool_ids": [
"osv_scanner",
"trivy",
"grype"
],
"update_pr_tool_ids": [
"renovate_gitea"
],
"tool_install_allowed_count": 0,
"ci_change_allowed_count": 0,
"auto_merge_allowed_count": 0,
"telegram_direct_send_count": 0,
"next_approval_task_ids": [
"P2-402D",
"P2-402E",
"P2-402F",
"P2-402G"
]
}
}
Reference in New Issue View Git Blame Copy Permalink