hermes/cto
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: hermes:main
Branches Tags
hermes:jp
hermes:main
...
pull from: hermes:jp
Branches Tags
hermes:main
hermes:jp

No commits in common. "main" and "jp" have entirely different histories.
main ... jp

157 changed files with 7045 additions and 13303 deletions
Show Stats Expand all files Collapse all files

15
.env.example Normal file
View File

@ -0,0 +1,15 @@
# cto-planb per-install env vars
# Copy to .env and customize. Secrets NEVER go here — use credctl.
# Hermes paths
HERMES_HOME=${HOME}/.hermes
CTO_HOME=${HERMES_HOME}/cto-planb
# GitHub org for code work (defaults to svrnty)
GITHUB_ORG=svrnty
# Default sandcastle sandbox provider — docker | podman | vercel | noSandbox
DEFAULT_SANDCASTLE_PROVIDER=docker
# Sandcastle binary location (relative to workspace root)
SANDCASTLE_REPO=${HOME}/workspaces/hermes/sandcastle

19
.gitignore vendored
View File

@ -1,5 +1,16 @@
__pycache__/
*.pyc
.pytest_cache/
.DS_Store
# Runtime DB — created by install.sh from schema.sql
cto.db
cto.db-journal
cto.db-shm
cto.db-wal
# Per-install env (never shipped)
.env
# Python/Node bytecode
__pycache__/
node_modules/
# Local sandbox scratch (sandcastle outputs)
.cto-sandbox/
.sandcastle/

31
.sot/00-START/CTO-WORKSPACE-INTENT.md
View File

@ -1,31 +0,0 @@
---
name: cto-workspace-intent
tier: local
status: draft
owner: jp
source: conversation
created: 2026-05-31
last_reviewed: 2026-05-31
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local workspace intent for Cortex OS CTO planning.
---
# CTO Workspace Intent
This workspace holds planning artifacts for a Cortex OS CTO product surface.
It is child-local. It does not create Core SOT authority.
## Purpose
- Define the CTO product boundary.
- Design the Hermes CTO control layer.
- Evaluate Case as the default code-change execution backend.
- Preserve Cortex OS authority separation.
- Produce route-ready briefs for later Core promotion.
## Non-Authority Notice
Artifacts here are planning outputs. Core promotion requires a governed Core route, Core validator coverage, and Evidence.

62
.sot/03-PROTOCOLS/CTO-ARCHITECTURE-BRIEF-CLOSEOUT-ISSUES.md
View File

@ -1,62 +0,0 @@
---
name: cto-architecture-brief-closeout-issues
tier: local
status: validated
owner: jp
source: .sot/03-PROTOCOLS/CTO-ARCHITECTURE-BRIEF-CLOSEOUT-PRD.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for closing the original CTO architecture brief.
---
# CTO Architecture Brief Closeout Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue Sequence
### CTO-WORK-046 - CTO Architecture Brief Closeout PRD
Type: AFK
Status: validated.
Blocked by: CTO-WORK-045
What to build: Define the closeout rules for validating the original architecture brief without changing runtime authority.
Acceptance criteria:
- [x] PRD states `CTO-WORK-001` can close only as child-local planning validation.
- [x] PRD requires Stage 1 through Stage 6 evidence.
- [x] PRD requires Hermes Control Surface evidence.
- [x] PRD forbids Core promotion and Case default activation.
Validator: `python3 tools/validate_cto_child.py`
### CTO-WORK-047 - CTO Architecture Brief Closeout Evidence
Type: AFK
Status: validated.
Blocked by: CTO-WORK-046
What to build: Update the original brief and WORKBOARD so the architecture thesis is closed as validated by later proof artifacts.
Acceptance criteria:
- [x] `CTO-WORK-001` status is `validated`.
- [x] Original brief status is `validated`.
- [x] Original brief references Stage 1 through Stage 6 proof gates.
- [x] Original brief references `CTO-WORK-043`.
- [x] Original brief references `CTO-WORK-045`.
- [x] Original brief states Case remains candidate only.
- [x] Original brief states runtime default activation remains false.
- [x] Local CTO validator passes.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: this issue artifact, original brief closeout section, WORKBOARD status, local validator JSON, and commit.

71
.sot/03-PROTOCOLS/CTO-ARCHITECTURE-BRIEF-CLOSEOUT-PRD.md
View File

@ -1,71 +0,0 @@
---
name: cto-architecture-brief-closeout-prd
tier: local
status: validated
owner: jp
source: WORKBOARD.yaml CTO-WORK-001
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local PRD for closing the original CTO Case backend architecture brief after later proof artifacts validate its planning thesis.
---
# CTO Architecture Brief Closeout PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
`CTO-WORK-001` remains `candidate` even though later validated CTO work now proves the architecture thesis as a child-local planning surface: Cortex governs, Hermes controls, CTO routes, Harness proves, Case executes after proof, and Target Repositories stay owned.
Leaving the first brief as candidate makes the WORKBOARD look less true than the actual proof ladder.
## Solution
Close `CTO-WORK-001` as validated by referencing later evidence instead of changing authority.
The closeout must say the brief is validated only as child-local architecture planning. It must not claim Core promotion, Case runtime default activation, or real production delegation readiness.
## Scope
- Mark the original architecture brief as validated.
- Record the exact evidence chain that validates the brief thesis.
- Keep Case as candidate-default eligible only, with runtime default activation false.
- Keep the CTO workspace child-local.
- Keep Hermes as control and replay surface, not authority.
## Non-Goals
- Do not implement a new backend.
- Do not activate Case as runtime default.
- Do not mutate Hermes Runtime, Cortex Core, Case source, vendor source, external developer repositories, or Target Repositories.
- Do not create a new Core Protocol.
- Do not reopen provider/model policy.
## Acceptance Criteria
- `CTO-WORK-001` status is `validated`.
- Closeout evidence references Stage 1 through Stage 6 validation.
- Closeout evidence references `CTO-WORK-043` Stage 6 candidate-default comparison.
- Closeout evidence references `CTO-WORK-045` Hermes Control Surface validation.
- Closeout says Case remains candidate only and runtime default activation remains false.
- Local CTO validator checks the closeout PRD and issue artifact.
## Validation
Run:
```bash
python3 tools/validate_cto_child.py
```
## Risks
- Overclaiming: mitigated by saying this is planning validation only.
- Authority drift: mitigated by keeping Core promotion status `not-promoted`.
- Default drift: mitigated by saying runtime default activation remains false.
## Success Definition
The CTO WORKBOARD has no stale candidate architecture item, and the original brief points to the validated proof ladder without granting new authority.

155
.sot/03-PROTOCOLS/CTO-CASE-ADAPTER-CONTRACT.md
View File

@ -1,155 +0,0 @@
---
name: cto-case-adapter-contract
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-CANDIDATE-BACKEND-PRD.md
created: 2026-05-31
last_reviewed: 2026-05-31
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local contract for the future gated Case adapter and CTO Eligibility Decision.
---
# CTO Case Adapter Contract
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Purpose
Define the future Case adapter seam and CTO Eligibility Decision before any executable Case integration exists.
This contract keeps Case behind the CTO Harness seam. Case may become a backend adapter only after source admission, evidence interface conformance, explicit gating, and staged proof.
## Non-Authority Notice
This contract does not authorize Runtime behavior, WebUI Product behavior, Case execution, real-repo mutation, merge, deploy, push, close, vendor-source mutation, external developer repository mutation, or Core promotion.
## Adapter Boundary
The Case adapter must live behind the existing CTO Harness engine seam.
Required boundary rules:
- register backend id `case` as a gated engine before execution;
- require the harness to accept `--engine case` only when explicitly enabled;
- prevent a parallel runner path outside the existing harness seam;
- keep Case lifecycle details behind the adapter unless a later contract promotes normalized events;
- emit the CTO Harness Evidence Interface, not raw Case success claims;
- default-deny all execution until explicit gates pass.
## Gating Rule
`case` must be disabled by default.
Minimum future gates:
- source admission is validated;
- license note is resolved;
- evidence interface contract is validated;
- adapter contract is validated;
- mutation mode is explicitly selected;
- operator approval is recorded when mutation mode requires approval;
- allowed paths and forbidden actions are provided by the task contract.
No missing gate may degrade to a warning. Missing gate means blocked.
## Adapter Input Contract
The future adapter input must be derived from existing PRD, SOT Issue, task contract, and case contract language until Candidate Cortex Work Packet is promoted.
Minimum input fields:
| Field | Meaning |
| --- | --- |
| `task_id` | Stable task or issue identifier. |
| `target_repository` | Target Repository path or URL. |
| `authority_basis` | Local planning, Core route, or task contract reference. |
| `risk_class` | Risk class used for eligibility. |
| `allowed_paths` | Paths the backend may change. |
| `forbidden_actions` | Actions the backend must not perform. |
| `mutation_mode` | `none`, `copied-fixture`, `sandbox-repo`, `owned-noncritical-repo`, or `candidate-default`. |
| `approval_required` | Whether human approval is required before mutation. |
| `verification_commands` | Commands expected to prove the change. |
| `evidence_expectations` | Required artifacts and validation results. |
## Adapter Output Contract
The future adapter output must be the CTO Harness Evidence Interface.
Minimum output:
- `report.json`;
- `report.md`;
- `events.normalized.jsonl`;
- `patch.diff`;
- `test.log`;
- `trace.jsonl`;
- backend raw logs under `backend/`;
- pass, fail, or blocked status;
- blocker reasons for any fail-closed result.
Raw Case lifecycle output is allowed only as backend raw logs unless normalized by this or a later contract.
## CTO Eligibility Decision
Before selecting Case or any backend, CTO must emit an Eligibility Decision.
Required fields:
| Field | Meaning |
| --- | --- |
| `decision_id` | Stable decision identifier. |
| `task_id` | Task or issue identifier. |
| `selected_backend` | Backend selected, or `none`. |
| `denied_backends` | Backends denied with reasons. |
| `risk_class` | Risk classification used for the decision. |
| `required_gates` | Gates that must pass before execution. |
| `passed_gates` | Gates already proven. |
| `missing_gates` | Gates that block execution. |
| `allowed_mutation_mode` | Maximum mutation mode allowed. |
| `approval_required` | Whether human approval is required. |
| `reasons` | Human-readable decision reasons. |
| `escalation_path` | JP, Core route, Hermes/operator, or blocked. |
Case must not create or override the Eligibility Decision. Case may recommend, but CTO decides eligibility and the harness records evidence.
## Backend Selection Rules
Case is ineligible when:
- source admission is not validated;
- license note is unresolved for the requested execution mode;
- Harness Evidence Interface cannot be produced;
- allowed paths are missing;
- forbidden actions are missing;
- approval is required but not granted;
- mutation mode exceeds the current staged proof gate;
- target repository ownership is unclear;
- starting worktree state is dirty when clean start is required.
Case may be eligible only when every required gate is proven and the allowed mutation mode is no broader than the current staged proof gate.
## Approval Rule
Case may recommend. Case must not approve itself or select its own authority.
Approval must be represented by normalized events:
- `approval.requested`;
- `approval.granted`;
- `approval.denied`.
No merge, push, deploy, close, or real-repo mutation is allowed without explicit task-contract permission.
## Implementation Guard
This contract deliberately does not create `case-engine.sh`.
The first future implementation slice may create a no-op gated adapter only after the staged proof gate record exists. The no-op adapter must prove default-deny behavior before it can attempt artificial fixture execution.
## Validation Expectations
Current validation is planning-only and checks this contract exists.
Later adapter validation must verify engine registration, explicit gate behavior, input shape, Eligibility Decision shape, output evidence shape, approval events, and fail-closed ineligibility.

455
.sot/03-PROTOCOLS/CTO-CASE-AGENT-PROTOCOL-BLOCKER.md
View File

@ -1,455 +0,0 @@
---
title: CTO Case Agent Protocol Blocker
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
route: cto
---
# CTO Case Agent Protocol Blocker
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## CTO-WORK-028 - Case Agent Result Protocol Blocker
Status: validated.
Record the first admitted real Case Stage 2 run after OpenAI Codex model admission.
The run proves that provider/model admission now reaches Case execution, but does
not prove Stage 2. Case failed before producing a workspace diff because its
implementer agent result did not satisfy the Case result-envelope contract.
The later admitted Qwen local run reproduced the same result-envelope failure
after Case process start. This makes the active blocker the Case agent-result
protocol seam, not model admission.
Acceptance:
- Real Case Stage 2 remains blocked until Case produces a Harness Evidence Interface pass report.
- The admitted provider/model pair evidence includes `openai-codex` / `gpt-5.5` and `qwen-local` / `qwen3.6-35b-a3b`.
- The admission files remain `.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION.openai-codex-gpt-5.5.json` and `.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION.qwen-local-qwen3.6-35b-a3b.json`.
- Evidence must show `case_process_started: true` before this blocker is accepted as the current blocker.
- Evidence must show `case_model_admission_status: admitted`.
- Evidence must show no target repository path was inspected or copied.
- Evidence must show no workspace patch was produced.
- Evidence must show tests did not pass.
- The next implementation route must happen through the Hermes CTO harness seam, a Case-compatible provider adapter seam, or an external compatibility layer.
- The next implementation route must not mutate Cortex Core, vendor Case source, or external developer repositories.
- No real-repo, copied-repo, sandbox-repo, owned-repo, default-candidate, or Core promotion stage may use this failed run as pass evidence.
## Evidence - 2026-06-01
- Harness command class: real Case Stage 2 artificial fixture.
- Run artifact directory: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T013918Z-r1-string-slugify-2381028`.
- Case binary path used by harness: `/tmp/workos-case/dist/ca`.
- Case source pin for the built binary: `7959ac917cdeb0983b4aaa20bb9f42021747fed8`.
- Report status: `fail`.
- Backend: `case`.
- Backend exit code: `1`.
- Case process started: `true`.
- Case model provider: `openai-codex`.
- Case model: `gpt-5.5`.
- Case model admission status: `admitted`.
- Source admission status: `not_admitted`.
- No target inspection proof: `stage2-no-target-inspection.json`.
- Changed files: none.
- Patch artifact: `patch.diff`.
- Patch digest: `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`.
- Tests command: `python3 -m pytest -q`.
- Tests passed: `false`.
- Required events passed: `false`.
- Report blocker: `case engine failed with exit code 1`.
- Case stderr evidence: implementer failed with `AGENT_RESULT start delimiter not found`.
- Case stderr evidence: retry classified the failure as `agent-protocol-error`.
- Case stdout evidence: unattended mode auto-selected `Abort`.
- Result: Stage 2 is still blocked.
## Qwen Local Evidence - 2026-06-01
- Harness command class: real Case Stage 2 artificial fixture.
- Run artifact directory: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T015208Z-r1-string-slugify-2478256`.
- Case binary path used by harness: `/tmp/workos-case/dist/ca`.
- Case source pin for the built binary: `7959ac917cdeb0983b4aaa20bb9f42021747fed8`.
- Report status: `fail`.
- Backend: `case`.
- Backend exit code: `1`.
- Case process started: `true`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- Source admission status: `not_admitted`.
- No target inspection proof: `stage2-no-target-inspection.json`.
- Changed files: none.
- Patch artifact: `patch.diff`.
- Patch digest: `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`.
- Tests command: `python3 -m pytest -q`.
- Tests passed: `false`.
- Required events passed: `false`.
- Report blocker: `case engine failed with exit code 1`.
- Case stderr evidence: implementer failed with `AGENT_RESULT start delimiter not found`.
- Case stderr evidence: retry classified the failure as `agent-protocol-error`.
- Case stdout evidence: unattended mode auto-selected `Abort`.
- Result: Stage 2 is still blocked.
## Current Interpretation
This is a protocol compatibility blocker, not a provider approval or model
admission blocker.
Two admitted provider/model paths reached Case. Case then failed because the
implementer agent did not return output framed by the Case `AGENT_RESULT`
delimiter contract. The evidence does not prove whether the defect is Case
provider configuration, provider adapter behavior, model output framing, or
harness invocation shape.
## Narrowed Interpretation - 2026-06-01
Hermes commit `5db23c7 Fail closed on Case Codex auth gap` narrows the current
OpenAI Codex path blocker.
The current known OpenAI Codex blocker is an auth-bridge gap:
- Case's pipeline SDK path constructs its Pi Agent runtime directly.
- That path does not pass Pi AuthStorage OAuth headers into `streamSimple`.
- Pi env API-key lookup does not map `openai-codex` to an environment API key.
- Hermes now blocks `openai-codex` before `case_process_started` unless an explicit non-vendor auth bridge is proven.
This does not prove that any local provider path passes Stage 2. It only prevents
repeating the misleading malformed-output run for the `openai-codex` path.
## Required Next Route
The next useful route is a small Case agent protocol compatibility investigation.
It should answer only this question:
```text
What minimal non-vendor seam makes admitted Case execution return the required
AGENT_RESULT envelope and produce a Stage 2 artificial fixture diff?
```
Allowed next actions:
- Inspect Case provider adapter behavior read-only.
- Inspect Hermes CTO Case invocation behavior.
- Add fail-closed classification in Hermes CTO harness if needed.
- Add a compatibility shim only outside vendor Case source.
- Admit and test the existing Pi local provider id `qwen-local` only through the Harness Evidence Interface.
- Re-run real Case Stage 2 only after a specific protocol compatibility change exists.
Forbidden next actions:
- Do not edit `/tmp/workos-case` as the durable solution.
- Do not mark Stage 2 validated from this run.
- Do not promote Case to copied repo, sandbox repo, owned repo, or default candidate.
- Do not write provider secrets to SOT, argv, task files, backend logs, reports, traces, or commits.
## Hermes Classifier Evidence - 2026-06-01
- Hermes commit: `48d487a Classify Case agent protocol failures`.
- Hermes commit: `798fb5a Harden Case protocol failure marker`.
- `48d487a` adds a CTO Harness `AGENT_RESULT` protocol appendix to the Case task markdown.
- `48d487a` adds a fail-closed protocol marker path: `backend/provider-agent-protocol.txt`.
- `798fb5a` hardens report-time classification so missing `AGENT_RESULT` evidence is recorded even if backend marker creation is missed.
- Focused validator passed: `python3 harness/runner/validate-case-provider-adapter.py --harness-root harness --json`.
- Aggregate validator passed: `harness/evals/health.sh --json`.
- Post-merge aggregate validator passed: `harness/evals/health.sh --json`.
## Qwen Local Classified Runtime Evidence - 2026-06-01
- Run artifact directory: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T020117Z-r1-string-slugify-2566310`.
- Report status: `fail`.
- Backend: `case`.
- Backend exit code: `1`.
- Case process started: `true`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- Failure reason: `case agent result protocol failed`.
- Protocol marker: `backend/provider-agent-protocol.txt`.
- Changed files: none.
- Patch artifact: `patch.diff`.
- Patch digest: `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`.
- Tests passed: `false`.
- Required events passed: `false`.
- Result: Stage 2 is still blocked.
- Current next route remains a Case/Pi runtime protocol compatibility fix, not another admission record.
## Isolated Pi Config Evidence - 2026-06-01
- Hermes commit: `09b5851 Isolate Case Pi provider config`.
- The Hermes CTO Case harness now sets `PI_CODING_AGENT_DIR` under the run artifact directory before invoking Case.
- The harness writes isolated Pi auth state under `backend/case-data/pi-agent/auth.json`.
- Local Case providers now require explicit `CTO_HARNESS_CASE_LOCAL_BASE_URL`.
- Missing local provider config writes `backend/provider-local-config-unavailable.txt`.
- Missing local provider config blocks before `case_process_started`.
- Focused validator passed: `python3 harness/runner/validate-case-provider-adapter.py --harness-root harness --json`.
- Focused validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T020732Z-r1-string-slugify-2609546`.
- Aggregate validator passed before merge: `harness/evals/health.sh --json`.
- Aggregate validator artifact before merge: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T020741Z-r1-string-slugify-2611203`.
- Post-merge aggregate validator passed: `harness/evals/health.sh --json`.
- Post-merge aggregate validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T020801Z-r1-string-slugify-2613843`.
- Real Qwen local config-gate proof artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T020847Z-r1-string-slugify-2619644`.
- Real Qwen local config-gate status: `blocked`.
- Real Qwen local config-gate failure reason: `provider unavailable`.
- Real Qwen local config-gate Case process started: `false`.
- This removes the ambient `~/.pi/agent` dependency from the harness path.
- This does not prove Case can produce the required `AGENT_RESULT` envelope.
- `CTO-WORK-028` remains blocked until a configured local provider or another admitted provider returns a valid result envelope and produces a Stage 2 artificial fixture diff.
## Spark Endpoint Config Dependency - 2026-06-01
- `CTO-WORK-030` must be resolved before another configured Qwen local run can retest the Case `AGENT_RESULT` protocol path.
- Until `CTO_HARNESS_CASE_LOCAL_BASE_URL` is supplied, the harness blocks before Case starts.
- The agent protocol blocker remains unproven for the isolated Spark endpoint path until Case reaches execution again and returns or fails the required result envelope.
## Case Qwen Loop Entrypoint Evidence - 2026-06-01
- Hermes commit: `6c453ee Add Case Qwen loop entrypoint`.
- The new `harness/evals/case-qwen-loop.sh --json` command is the next standard path for retesting the Case `AGENT_RESULT` protocol after Spark endpoint config is supplied.
- This does not resolve the protocol blocker because Case has not reached execution through the configured isolated Spark endpoint path yet.
## Spark vLLM Qwen Loop Evidence - 2026-06-01
- Spark1 exposed a reachable OpenAI-compatible vLLM model route for `qwen3.6-35b-a3b`.
- The endpoint value was supplied only at runtime and is not recorded in SOT.
- Standard command class: `harness/evals/case-qwen-loop.sh --json`.
- Run artifact directory: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T022535Z-r1-string-slugify-2731603`.
- Report status: `fail`.
- Backend: `case`.
- Backend exit code: `1`.
- Case process started: `true`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- Source admission status: `not_admitted`.
- Failure reason: `case agent result protocol failed`.
- Protocol marker: `backend/provider-agent-protocol.txt`.
- Changed files: none.
- Patch artifact: `patch.diff`.
- Patch digest: `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`.
- Tests passed: `false`.
- Required events passed: `false`.
- Result: Stage 2 is still blocked.
- Current next route is a Case/Pi result-envelope compatibility fix outside vendor Case source.
## Narrowed Response Shape Interpretation - 2026-06-01
Hermes commit `974813b Block Case on reasoning-only local provider` narrows the
Qwen local blocker.
Observed:
- Spark vLLM accepts OpenAI-compatible chat-completions requests for `qwen3.6-35b-a3b`.
- The response can contain a `reasoning` field with `content: null`.
- Case/Pi only turns assistant text deltas into the raw text parsed by `AGENT_RESULT`.
- A reasoning-only response therefore reaches no valid `AGENT_RESULT` envelope.
Harness effect:
- The Case Qwen loop now probes local provider response shape before Case process start.
- Reasoning-only local responses write `backend/provider-reasoning-only.txt`.
- Reasoning-only local responses report `failure_reason: provider response shape unavailable`.
- Reasoning-only local responses block with `case_process_started: false`.
Latest evidence:
- Run artifact directory: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T023119Z-r1-string-slugify-2759949`.
- Report status: `blocked`.
## Response Probe Budget Correction - 2026-06-01
Hermes commit `bbe7c72 Use realistic Case local response probe` corrected the
local response-shape probe budget.
Observed:
- Spark vLLM returned reasoning-only output at a very small probe budget.
- The same route returned assistant content at realistic Case-sized budgets.
- The Hermes probe now uses a larger budget before classifying a provider as reasoning-only.
Evidence:
- Focused validator passed with `local_provider_delayed_content_allows_case`.
- Real Case Qwen loop artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T023532Z-r1-string-slugify-2776187`.
- Report status: `fail`.
- Failure reason: `case agent result protocol failed`.
- Case process started: `true`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Result: response shape is no longer the active blocker for this route.
## OpenAI-Compatible Runtime Bridge Evidence - 2026-06-01
Hermes commit `5c5448b Bridge Case Qwen through OpenAI-compatible runtime`
adds a non-vendor compatibility route for Case/Pi local model execution.
The CTO admission identity remains `qwen-local` / `qwen3.6-35b-a3b`. The Case
runtime provider identity is mapped to Pi's built-in `openai` provider only
inside the harness-owned Case process environment. The Spark endpoint value is
supplied only at runtime and is not recorded in SOT.
Evidence:
- Focused validator passed: `python3 harness/runner/validate-case-provider-adapter.py --harness-root harness --json`.
- Focused validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T024443Z-r1-string-slugify-2817037`.
- Focused validator includes `qwen_local_openai_compat_allows_case`.
- Post-merge aggregate validator passed: `harness/evals/health.sh --json`.
- Post-merge provider-adapter artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T024714Z-r1-string-slugify-2832755`.
- Post-merge matrix artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T024712Z-run-all-fake-2832397`.
- Real Case Qwen loop artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T024456Z-r1-string-slugify-2819659`.
- Real run report status: `fail`.
- Real run failure reason: `case engine failed with exit code 124`.
- Case process started: `true`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case runtime model provider: `openai`.
- Case model admission status: `admitted`.
- Source admission status: `not_admitted`.
- Tests command: `python3 -m pytest -q`.
- Tests passed: `true`.
- Patch artifact: `patch.diff`.
- Patch digest: `4706a667d3e66f3a9a00da37d274263c5ab776b0cce0971f7ac4efc5f341da54`.
- The committed fixture diff was captured after the harness learned to diff from the fixture baseline commit.
- Result: Case can reach Spark through the compatibility route and produce a valid artificial-fixture patch, but Stage 2 is not validated because Case timed out before a clean Harness Evidence Interface pass.
## CTO-WORK-032 - Case Lifecycle Timeout After Valid Patch
Status: validated.
The current active blocker is no longer provider admission, endpoint reachability,
response shape, or absence of a patch. The active blocker is lifecycle completion
after Case has produced a valid patch and passing tests.
Acceptance:
- Real Case Stage 2 remains blocked until Case exits cleanly and the harness emits a pass report.
- Evidence must show a non-empty allowed diff from the artificial fixture baseline.
- Evidence must show the fixture tests pass.
- Evidence must show required events pass through the Harness Evidence Interface.
- Evidence must show no Target Repository path was inspected or copied.
- Evidence must preserve admitted provider identity as `qwen-local` / `qwen3.6-35b-a3b`.
- Evidence may use the harness-owned OpenAI-compatible runtime bridge, but must not promote `openai` as CTO admission identity.
- Timeout-after-valid-patch evidence must remain fail evidence, not pass evidence.
- No copied-repo, sandbox-repo, owned-repo, default-candidate, or Core promotion stage may use timeout evidence as pass evidence.
Required next route:
- Keep the OpenAI-compatible bridge behind the Hermes CTO Harness seam.
- Add or adjust only harness-side lifecycle control outside vendor Case source.
- Prefer a minimal fix that makes Case stop after the required patch, test, commit, and `AGENT_RESULT` envelope.
- If timeout persists after valid patch/tests, classify it explicitly as lifecycle timeout after valid patch.
- Do not mark Stage 2 validated without a clean pass report.
- Failure reason: `provider response shape unavailable`.
- Marker: `backend/provider-reasoning-only.txt`.
- Case process started: `false`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- Result: Stage 2 is still blocked.
## CTO-WORK-031 - Case Local Provider Response Shape Shim
Status: validated.
Create a non-vendor compatibility route that makes the admitted local Qwen path
return assistant content usable by Case/Pi result parsing, without weakening
Harness evidence gates.
## Stage 2 Pass Evidence - 2026-06-01
- Hermes commit: `fc54680 Complete Case lifecycle after committed proof`.
- The harness now supervises Case lifecycle and stops lingering Case execution after an independently committed fixture diff appears.
- The harness sets `PYTHONDONTWRITEBYTECODE=1` for Case execution to prevent Python bytecode cache mutation.
- Focused validator passed with `lifecycle_supervision_accepts_committed_diff`.
- Focused validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T025758Z-r1-string-slugify-2904813`.
- Pre-merge aggregate validator passed: `harness/evals/health.sh --json`.
- Pre-merge provider-adapter artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T025903Z-r1-string-slugify-2911438`.
- Pre-merge matrix artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T025901Z-run-all-fake-2911118`.
- Post-merge aggregate validator passed: `harness/evals/health.sh --json`.
- Post-merge provider-adapter artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T025936Z-r1-string-slugify-2916003`.
- Post-merge matrix artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T025934Z-run-all-fake-2915560`.
- Real Case Qwen Stage 2 pass artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T025817Z-r1-string-slugify-2907822`.
- Real run report status: `pass`.
- Backend exit code: `0`.
- Case process started: `true`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- Case runtime bridge provider: `openai`.
- Source admission status: `not_admitted`.
- Changed files: `strings.py`.
- Tests command: `python3 -m pytest -q`.
- Tests passed: `true`.
- Required events passed: `true`.
- Patch artifact: `patch.diff`.
- Lifecycle marker: `backend/provider-lifecycle-harness-completed.txt`.
- No Target Repository path was inspected or copied.
- Result: `CTO-WORK-028`, `CTO-WORK-031`, and `CTO-WORK-032` are validated for Stage 2 artificial fixture only.
- Stage 3 remains blocked until copied-repo fixture proof exists.
Acceptance:
- No vendor Case source is mutated as the durable solution.
- No endpoint value or credential value is recorded in SOT, argv examples, task files, backend logs, reports, traces, generated config, or commits.
- The shim is outside Cortex Core and outside target repositories.
- Reasoning-only responses remain fail-closed before Case process start.
- A configured local provider can produce assistant content, not only reasoning.
- Case reaches execution only after admission and response-shape checks pass.
- Real Case Stage 2 pass evidence exists through the Harness Evidence Interface.
- Same-run fake baseline comparison remains required for any pass claim.
- No copied-repo, sandbox-repo, owned-repo, default-candidate, or Core promotion stage uses a response-shape blocked run as pass evidence.
Allowed routes:
- vLLM serving configuration that disables reasoning-only output for this model.
- A local OpenAI-compatible proxy that converts or requests usable assistant content.
- A Hermes CTO harness adapter setting that is proven by focused validator and aggregate health.
Forbidden routes:
- Do not patch `/tmp/workos-case` as the durable fix.
- Do not make Case default before Stage 2 pass evidence.
- Do not treat reasoning text as a completed `AGENT_RESULT` unless a governed adapter proves the result envelope and file diff.
## Response Probe Budget Correction - 2026-06-01
Hermes commit `bbe7c72 Use realistic Case local response probe` corrects the
first response-shape gate.
Direct Spark evidence showed:
- `qwen3.6-35b-a3b` can return reasoning only when the probe uses `max_tokens=32`.
- The same model route returns assistant content when the probe uses `max_tokens=256` or more.
- A 32-token probe can therefore create a false response-shape blocker.
Harness effect:
- The Case local response-shape probe now uses `max_tokens=1024`.
- Focused validator added `local_provider_delayed_content_allows_case`.
- True reasoning-only responses still block before Case process start.
- Delayed-content local providers can pass the response-shape probe and reach the Case stub in validation.
Latest real evidence:
- Run artifact directory: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T023532Z-r1-string-slugify-2776187`.
- Report status: `fail`.
- Failure reason: `case agent result protocol failed`.
- Protocol marker: `backend/provider-agent-protocol.txt`.
- Case process started: `true`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- Changed files: none.
- Patch artifact: `patch.diff`.
- Tests passed: `false`.
- Required events passed: `false`.
- Result: Stage 2 is still blocked.
Current interpretation:
- `CTO-WORK-031` remains useful as a guardrail for true reasoning-only local provider responses.
- `CTO-WORK-031` is not the current primary blocker for the Spark Qwen route.
- The active blocker returns to `CTO-WORK-028`: Case reaches execution but does not produce the required `AGENT_RESULT` envelope or workspace diff.

159
.sot/03-PROTOCOLS/CTO-CASE-BACKEND-BRIEF.md
View File

@ -1,159 +0,0 @@
---
name: cto-case-backend-brief
tier: local
status: validated
owner: jp
source: conversation
created: 2026-05-31
last_reviewed: 2026-05-31
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local brief for making Case the default CTO execution backend while Cortex OS keeps authority.
---
# CTO Case Backend Brief
## Thesis
Case is the leading candidate default real-repo execution backend for the Cortex OS CTO product surface, pending adapter proof, source admission, validator coverage, and governed Core route.
Cortex OS should govern Case. Cortex OS should not be built on Case.
## Core Position
```text
Cortex governs.
Hermes controls.
CTO routes.
Case executes.
Harness proves.
Target repo stays owned.
Evidence records.
Core promotes only through SOT route.
```
## Authority Model
| Block | Governs | Must not govern |
| --- | --- | --- |
| Cortex OS Core | SOT authority, routing, lifecycle, terminology, validators, evidence rules, promotion rules | Agent implementation, vendor internals, PR implementation |
| Hermes WebUI | Visual control, sessions, approvals, event replay, operator status | Core SOT authority, backend execution semantics |
| Hermes CTO Profile | Technical role, task contract, risk interpretation, backend selection, JP escalation | Core promotion, deploy authority, vendor source |
| CTO Harness | Adapter compliance, event validation, artifact validation, backend conformance | Final authority, product readiness claim |
| Case | Code-change pipeline, PR lifecycle, verifier/reviewer gates, retrospective learning | Cortex authority, JP approval, Core promotion |
| Target Repository | Owned source and local project contract | Cortex authority transfer, hidden mutation |
## Target Architecture
```text
+--------------------------------------------------------------------------------+
| Cortex OS Core |
| SOT authority: Standards, Protocols, Registries, Validators, Evidence rules |
+---------------------------------------+----------------------------------------+
|
| emits candidate work packet
v
+--------------------------------------------------------------------------------+
| Candidate Cortex Work Packet |
| route, authority basis, repo scope, allowed paths, forbidden actions, risk, |
| success criteria, evidence expectations, approval policy |
+--------------------------+-----------------------------------------------------+
|
v
+--------------------------------------------------------------------------------+
| Hermes CTO Profile |
| task contract, backend selection, risk gates, JP escalation, status |
+--------------------------+-----------------------------+--------------------+
| |
| invokes adapter | emits events
v v
+------------------------------------------------+ +----------------------------+
| CTO Harness | | Hermes WebUI |
| validates backend conformance | | control and replay surface |
+--------------------+---------------------------+ +----------------------------+
|
v
+--------------------------------------------------------------------------------+
| Case Backend |
| scout -> implementer -> verifier -> reviewer -> closer -> retrospective |
+--------------------------+-----------------------------------------------------+
|
v
+--------------------------------------------------------------------------------+
| Target Repository |
| bounded mutation through PR, diff, logs, tests, review, and evidence |
+--------------------------------------------------------------------------------+
```
## Execution Rule
Case is the candidate CTO execution backend, not the CTO authority layer.
The first integration target should be:
```text
cto/harness/runner/case-engine.sh
```
The adapter must map:
```text
Candidate Cortex Work Packet -> Case task file
Case events/logs -> CTO event envelope
Case result -> CTO Harness evidence packet
```
## Preserve From Existing CTO Work
- CTO event vocabulary.
- Approval gates.
- Task contract shape.
- Runtime artifact directory discipline.
- Allowed-path validation.
- Health, status, and WebUI summary commands.
- Fake deterministic cases.
- Codex and Pi comparative lanes.
## Decision Candidate
Adopt Case as the leading candidate default real-repo code-change backend for CTO after proof.
Keep the existing CTO harness as the adapter and compliance test surface.
## Default Eligibility Gate
Case is not default until adapter validation, harness parity, allowed-path proof, approval-gate proof, source admission, failure-mode fixtures, artifact hashes, and staged execution evidence pass.
## Candidate Term Notice
Candidate Cortex Work Packet is not a promoted Core object class. Until Core promotes it, use existing PRD, SOT Issue, task contract, and case contract language.
## Open Questions
- Which Case task fields map directly to Candidate Cortex Work Packet fields?
- Which Case events need normalization into CTO event envelopes?
- Where should Case runtime artifacts be stored for child-local evidence?
- Which approval gates stay in Hermes WebUI versus Case?
- What focused validator proves Case adapter compliance without claiming Core promotion?
## Non-Authority Notice
This brief is child-local planning. It does not promote Case, Hermes CTO, or the CTO harness into Core authority.
## Closeout Status
Status: validated by later child-local CTO evidence.
The brief thesis is validated as a planning architecture, not as Core promotion and not as Case runtime default activation.
Evidence:
- Stage 1 through Stage 6 proof gates are recorded as validated in `WORKBOARD.yaml`.
- `CTO-WORK-043` records Stage 6 candidate-default comparison evidence.
- `CTO-WORK-045` records Hermes Control Surface evidence for Harness-backed visibility and replay.
- Hermes commit `3cbd799 Add harness-backed Hermes control summary` exposes the evidence-backed control summary.
- CTO commit `2d012d0 Record Hermes control summary proof` records the proof path in this child-local workspace.
Remaining limit:
- Case is a leading candidate backend only. Runtime default activation remains false until a later governed route changes it.

164
.sot/03-PROTOCOLS/CTO-CASE-CANDIDATE-BACKEND-ISSUES.md
View File

@ -1,164 +0,0 @@
---
name: cto-case-candidate-backend-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-CANDIDATE-BACKEND-PRD.md
created: 2026-05-31
last_reviewed: 2026-05-31
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for evaluating Case as a candidate CTO backend without granting Core authority.
---
# CTO Case Candidate Backend Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue Sequence
### CTO-WORK-003 - Planning Validator Coverage
Type: AFK
Blocked by: CTO-WORK-002
User stories covered: 1, 5, 6, 12
What to build: Extend child-local validation so the CTO workspace cannot pass planning validation if the PRD or this issue artifact is missing, stale, or authority-drifting.
Acceptance criteria:
- [ ] `validate_cto_child.py` requires the PRD and issue artifact.
- [ ] Validator checks `core_promotion_status: not-promoted` on PRD and issue artifact.
- [ ] Validator checks local-planning disclaimer on PRD and issue artifact.
- [ ] Validator checks candidate-backend wording and rejects a plain default-backend claim.
- [ ] Validator checks `WORKBOARD.yaml` contains PRD and issue entries.
- [ ] Validation remains planning-only and does not claim backend readiness.
Allowed files: CTO child workspace planning docs and local validator only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: validator JSON, clean worktree, commit.
### CTO-WORK-004 - Harness Evidence Interface Contract
Type: AFK
Blocked by: CTO-WORK-003
User stories covered: 4, 9, 10, 11
What to build: Define the stable Harness Evidence Interface that any Case adapter must satisfy before execution work starts.
Acceptance criteria:
- [ ] Contract names exact required artifacts: `report.json`, `report.md`, `events.normalized.jsonl`, `patch.diff`, `test.log`, `trace.jsonl`, and backend raw logs.
- [ ] Contract names required `report.json` fields: run start, run end, backend exit code, changed files, blockers, pass/fail status, artifact paths, and digest manifest.
- [ ] Contract requires SHA-256 digests and freshness proof.
- [ ] Contract defines fail-closed semantics and nonzero exit behavior.
- [ ] Contract defines approval events: `approval.requested`, `approval.granted`, `approval.denied`.
Allowed files: CTO child workspace planning docs only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: contract artifact, validator JSON, clean worktree, commit.
### CTO-WORK-005 - Case Source Admission Record
Type: AFK
Blocked by: CTO-WORK-003
User stories covered: 1, 12, 13
What to build: Define and record the source admission shape required before any non-artificial Case run.
Acceptance criteria:
- [ ] Source admission fields include source URL, pinned commit or tag, license note, retrieval date, retrieval command, integrity hash or source-lock reference, allowed execution mode, and protected-source boundary.
- [ ] Source update rule records previous and new source IDs.
- [ ] Source admission remains child-local and does not mutate vendor source.
- [ ] Validator checks the planning artifact exists before later Case adapter candidacy.
Allowed files: CTO child workspace planning docs and local validator only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: source admission artifact, validator JSON, clean worktree, commit.
### CTO-WORK-006 - Case Adapter Contract And Eligibility Decision
Type: AFK
Blocked by: CTO-WORK-004, CTO-WORK-005
User stories covered: 3, 4, 8, 10
What to build: Define the Case adapter contract and CTO Eligibility Decision without implementing real backend execution.
Acceptance criteria:
- [ ] Contract requires `case` to be registered as a gated engine before execution.
- [ ] Contract requires the harness to accept `--engine case` only when explicitly enabled.
- [ ] Contract prevents a parallel runner path outside the existing harness seam.
- [ ] Eligibility Decision records selected backend, denied backends, risk class, required gates, allowed mutation mode, reasons, and escalation path.
- [ ] Case may recommend but cannot approve itself or select its own authority.
Allowed files: CTO child workspace planning docs only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: adapter contract artifact, validator JSON, clean worktree, commit.
### CTO-WORK-007 - Case Failure Fixture Matrix
Type: AFK
Blocked by: CTO-WORK-004, CTO-WORK-006
User stories covered: 8, 9, 11, 13
What to build: Define the required failure fixtures for later Case adapter testing.
Acceptance criteria:
- [ ] Matrix includes no diff, disallowed file, failed tests, missing test command, missing event, reviewer reject, approval denied, timeout, dirty starting tree, dirty ending tree, artifact write failure, and provider unavailable.
- [ ] Each row names expected blocker reason, normalized event, report status, and exit behavior.
- [ ] Each row maps to the Harness Evidence Interface.
- [ ] Matrix is planning-only and does not run Case.
Allowed files: CTO child workspace planning docs only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: failure matrix artifact, validator JSON, clean worktree, commit.
### CTO-WORK-008 - Staged Proof Gate Records
Type: AFK
Blocked by: CTO-WORK-004, CTO-WORK-006, CTO-WORK-007
User stories covered: 5, 7, 8, 9, 13
What to build: Define per-stage entry and exit records for Case candidate progression.
Acceptance criteria:
- [ ] Records cover gated engine, artificial fixture, copied repo fixture, disposable sandbox repo, owned noncritical repo, and candidate default.
- [ ] Each stage names allowed mutation scope, required artifacts, validator, failure modes, and promotion condition.
- [ ] Candidate default requires comparison against fake, Codex, and Pi where applicable.
- [ ] Records state that default status is earned, not assumed.
Allowed files: CTO child workspace planning docs only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: staged gate artifact, validator JSON, clean worktree, commit.
## Granularity Check
This sequence is intentionally planning-heavy. It avoids implementing Case until the evidence interface, source admission, adapter contract, failure matrix, and staged proof gates are explicit.

160
.sot/03-PROTOCOLS/CTO-CASE-CANDIDATE-BACKEND-PRD.md
View File

@ -1,160 +0,0 @@
---
name: cto-case-candidate-backend-prd
tier: local
status: draft
owner: jp
source: conversation
created: 2026-05-31
last_reviewed: 2026-05-31
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local PRD for evaluating Case as the leading candidate backend for the Cortex OS CTO Product Surface.
---
# CTO Case Candidate Backend PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
JP wants a Cortex OS CTO Product Surface that can delegate code-change work without losing Cortex OS authority, Target Repository ownership, evidence quality, or human approval. The current CTO planning brief captures the strategic shape, but it is too easy to misread Case as an approved default backend. Case must instead earn candidate-default status through adapter proof, source admission, validator coverage, and staged execution evidence.
## Solution
Make Case the leading Case Candidate Backend behind the CTO Harness seam. Cortex OS remains the authority layer. Hermes remains the planned control and visualization surface. The CTO Product Surface interprets risk, selects eligible backends, and escalates when needed. The CTO Harness owns the Harness Evidence Interface and proves backend conformance. Case may execute only as a gated adapter that emits normalized evidence.
The first valuable outcome is not real-repo automation. The first valuable outcome is a Core-compliant, child-local PRD and issue sequence that prevents false authority claims while defining the minimum proof path for Case.
## User Stories
1. As JP, I want Cortex OS to remain the authority layer, so that backend execution cannot override Core SOT, lifecycle, or promotion rules.
2. As JP, I want planned Hermes control and replay after a routed WebUI Product Panel contract, so that I can later supervise CTO execution without reading raw backend logs.
3. As JP, I want CTO to interpret risk and backend eligibility, so that Case does not decide its own authority.
4. As JP, I want the CTO Harness to own evidence validation, so that every backend is compared through one stable interface.
5. As JP, I want Case treated as a candidate default, so that default status is earned by proof rather than assumed by enthusiasm.
6. As a future agent, I want exact authority wording, so that I do not promote Case, Hermes, or CTO behavior into Core accidentally.
7. As a future agent, I want a staged proof sequence, so that real-repo mutation is not attempted before artificial and sandbox evidence exists.
8. As a Target Repository owner, I want allowed-path and forbidden-action controls, so that code changes stay bounded.
9. As a reviewer, I want artifact hashes and normalized events, so that success claims can be checked independently.
10. As a maintainer, I want raw backend logs kept behind the Harness Evidence Interface, so that Case internals do not leak into Hermes or Core.
11. As a maintainer, I want failure modes specified, so that no-diff, failed tests, disallowed writes, missing events, rejected reviews, denied approvals, timeouts, and dirty worktrees fail closed.
12. As a Core reviewer, I want source admission for Case, so that source URL, pinned version, license note, and source lock exist before real-repo execution.
13. As JP, I want the Target Repository to stay owned and protected, so that vendors and external developers do not lose control of their source.
## Implementation Decisions
- Case is the Case Candidate Backend, not Cortex OS authority.
- CTO Harness owns the Harness Evidence Interface. Case supplies logs and results; the harness normalizes and validates them.
- CTO owns backend eligibility. Case must not decide whether it is allowed to run.
- Hermes may become the visual control surface after a routed WebUI Product Panel contract. This PRD does not authorize new WebUI Runtime behavior.
- Candidate Cortex Work Packet is an unpromoted term. Until Core promotes it, use existing PRD, SOT Issue, task contract, and case contract language.
- The first implementation seam is the existing harness engine seam. Case should be added as a gated backend adapter only after a child-local issue defines its contract.
- Case adapter output must preserve the existing harness evidence shape: report, normalized events, patch, test log, trace, changed files, blockers, and backend-specific raw logs under a backend artifact directory.
- Default eligibility requires staged proof: gated Case engine, artificial fixture, copied repo fixture, disposable sandbox repo, owned noncritical repo, then candidate default.
- Real-repo mutation is default-denied. It requires clean worktree policy, allowed paths, forbidden actions, branch policy, approval event, no direct push unless explicitly allowed, no secret reads, and no vendor-source edits unless explicitly allowed.
- Case may recommend; CTO Harness records; Hermes or operator approval is the only human approval signal. No merge, push, deploy, close, or real-repo mutation is allowed without explicit task-contract permission.
- The CTO Product Surface must emit an Eligibility Decision before selecting a backend. The decision records selected backend, denied backends, risk class, required gates, allowed mutation mode, reasons, and escalation path.
## Harness Evidence Interface Requirements
The Case adapter is not accepted until it preserves the existing CTO Harness seam:
- `case` is registered as a gated engine.
- The harness accepts `--engine case` without creating a parallel runner path.
- `case-engine.sh` is gated by explicit environment or configuration.
- Each run writes `report.json`, `report.md`, `events.normalized.jsonl`, `patch.diff`, `test.log`, and `trace.jsonl`.
- Backend-specific raw logs live under a backend artifact directory.
- `report.json` records run start, run end, backend exit code, changed files, blockers, pass/fail status, and artifact paths.
- `report.json` records SHA-256 digests for `report.json`, `events.normalized.jsonl`, `patch.diff`, `test.log`, `trace.jsonl`, and raw backend logs.
- Digest evidence includes freshness proof by comparing run start time with artifact write time or check time.
- Required approval events before live mutation are `approval.requested`, `approval.granted`, and `approval.denied`. Denial is terminal and fail-closed.
- Fail-closed states produce a blocker reason, normalized event, report status, and nonzero exit where appropriate.
## Source Admission Requirements
Before any non-artificial Case run, a source admission record must exist with:
- source URL;
- pinned commit or tag;
- license note;
- retrieval date;
- retrieval command;
- integrity hash or source-lock reference;
- allowed execution mode;
- protected-source boundary;
- previous and new source IDs when the pinned Case version changes.
Changing the pinned Case source requires rerunning adapter fixtures and recording previous and new source IDs in evidence.
## Staged Proof Gates
| Stage | Allowed mutation scope | Required exit evidence | Promotion condition |
| --- | --- | --- | --- |
| Gated Case engine | none | gated engine registration, default-deny proof, no-op preflight report | Harness accepts `--engine case` only when explicitly enabled |
| Artificial fixture | copied artificial case only | full Harness Evidence Interface, allowed-write proof, hash proof | matches existing fake fixture behavior |
| Copied repo fixture | copied local repository fixture only | clean start/end proof, diff proof, tests, failure fixtures | no source repo mutation |
| Disposable sandbox repo | disposable repository only | branch policy, approval event, failure matrix | no hidden mutation, fail-closed behavior |
| Owned noncritical repo | explicitly owned low-risk repository | source admission, approval, allowed paths, replayable evidence | operator accepts bounded proof |
| Candidate default | scoped real-repo use only | comparison against fake/Codex/Pi where applicable | matches or beats existing lanes on report shape, event validity, allowed-path compliance, failure closure, and artifact completeness |
## Failure-Mode Matrix
Later adapter work must include fixtures for: no diff, disallowed file, failed tests, missing test command, missing event, reviewer reject, approval denied, timeout, dirty starting tree, dirty ending tree, artifact write failure, and provider unavailable.
## Acceptance Criteria
- The PRD states that Case is a candidate backend and not Cortex OS authority.
- The PRD defines Cortex, Hermes, CTO, Harness, Case, and Target Repository responsibilities without authority drift.
- The PRD names the CTO Harness as owner of the evidence interface.
- The PRD includes staged proof before default eligibility.
- The PRD requires source admission before real-repo Case execution.
- The PRD requires allowed-path, approval-gate, failure-mode, and artifact-hash proof.
- The PRD defines the Harness Evidence Interface with exact artifacts, digest requirements, approval events, and fail-closed behavior.
- The PRD defines source admission fields and source-lock update behavior.
- The PRD defines staged proof gates with allowed mutation scope, exit evidence, and promotion conditions.
- A child-local issue artifact exists, is linked from `WORKBOARD.yaml`, and each issue maps to one or more PRD acceptance criteria.
- Fake remains the default validation lane. Case candidate status requires comparison against existing fake, Codex, and Pi lanes where applicable rather than replacing them.
- The PRD does not authorize Runtime behavior, WebUI Product behavior, Core promotion, real-repo mutation, merge, deploy, push, or vendor-source mutation.
- Local CTO validation remains green after adding PRD and issue artifacts.
## Validation
- Run `python3 tools/validate_cto_child.py` for the child-local workspace.
- Run focused review against the PRD for Core-compliance, architecture fit, missing constraints, testability, and sequence.
- Before merge, inspect the sandcastle worktree status and the target `cto` worktree status.
- After merge, run `python3 tools/validate_cto_child.py` in the registered `cto` child workspace.
## Risks
- Case default language could create false product-readiness.
- A shallow Case adapter could leak Case lifecycle details into Hermes and Core.
- A weak validator could prove words instead of backend safety.
- Real-repo mutation could outrun artificial, copied, and sandbox proof.
- Case source could drift without pinned source admission.
- Duplicate approval gates between Hermes and Case could create false safety.
## Dependencies
- Existing CTO child workspace registration.
- Existing CTO Harness evidence discipline in Hermes.
- Source admission details for Case.
- Later child-local adapter contract and validator.
- Later governed Core route before promotion.
## Success Definition
The CTO Product Surface has a Core-compliant planning path for evaluating Case as a candidate backend while preserving governance, observability, reversibility, evidence, allowed-path control, and JP approval. No default backend claim exists until the staged proof sequence passes.
## Out of Scope
- Implementing `case-engine.sh`.
- Running Case against a real repository.
- Promoting any CTO artifact into Core.
- Adding WebUI Product behavior.
- Merging, deploying, pushing, or closing PRs.
- Mutating vendor source or external developer repositories.
- Replacing Pi, Codex, or existing fake comparative lanes.
## Further Notes
Keep fake as the default validation lane until Case earns candidate-default status. Keep Codex and Pi comparative lanes so Case can be measured rather than trusted.

75
.sot/03-PROTOCOLS/CTO-CASE-FAILURE-FIXTURE-MATRIX.md
View File

@ -1,75 +0,0 @@
---
name: cto-case-failure-fixture-matrix
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-CANDIDATE-BACKEND-PRD.md
created: 2026-05-31
last_reviewed: 2026-05-31
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local failure fixture matrix for later Case adapter fail-closed testing.
---
# CTO Case Failure Fixture Matrix
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Purpose
Define the required failure fixtures for later Case adapter testing before any executable Case integration exists.
This matrix turns failure-mode language into concrete expected evidence. It prevents the future adapter from proving only the happy path.
## Non-Authority Notice
This matrix does not authorize Runtime behavior, WebUI Product behavior, Case execution, real-repo mutation, merge, deploy, push, close, vendor-source mutation, external developer repository mutation, or Core promotion.
## Matrix Rules
- Each row maps to the CTO Harness Evidence Interface.
- Each row must produce `report.json`, `events.normalized.jsonl`, `patch.diff`, `test.log`, and `trace.jsonl` when implemented.
- Each row must produce `artifact_digests` and freshness proof when implemented.
- Each row must record a blocker reason in `report.json`.
- Each row must emit a normalized event when the failure class has one.
- Each row must fail closed with `status` set to `fail` or `blocked`.
- Each row must use nonzero exit behavior when the adapter contract marks the failure executable.
- This matrix is planning-only and does not run Case.
## Required Failure Fixtures
| Fixture | Trigger | Expected blocker reason | Normalized event | Report status | Exit behavior | Evidence mapping |
| --- | --- | --- | --- | --- | --- | --- |
| no-diff | Backend reports success but no source diff exists when a diff is required. | `no_diff` | `git.diff.checked` | `fail` | nonzero | `patch.diff` exists and is empty; `changed_files` is empty; `blockers` includes `no_diff`. |
| disallowed-file | Backend changes a path outside `allowed_paths`. | `disallowed_file_change` | `git.diff.checked` | `fail` | nonzero | `changed_files` lists offending path; `allowed_writes_passed` is `false`; `patch.diff` captures the change. |
| failed-tests | Verification command exits nonzero. | `verification_failed` | `verification.completed` | `fail` | nonzero | `test.log` captures failing command output; `verification` records command and nonzero exit. |
| missing-test-command | Task contract requires verification but no command is available. | `missing_test_command` | `verification.completed` | `blocked` | nonzero | `test.log` states no command was available; `verification` records missing command. |
| missing-event | Required normalized event is absent or out of order. | `missing_required_event` | `run.completed` | `fail` | nonzero | `events.normalized.jsonl` is present; validator identifies missing or out-of-order event. |
| reviewer-reject | Case reviewer rejects the result. | `reviewer_rejected` | `verification.completed` | `blocked` | nonzero | backend raw logs record reviewer rejection; normalized evidence records blocked result without approving mutation. |
| approval-denied | Human approval is required and denied. | `approval_denied` | `approval.denied` | `blocked` | nonzero | approval event records actor, scope, mutation mode, timestamp, and denial. |
| timeout | Backend or verification exceeds configured timeout. | `timeout` | `run.completed` | `blocked` | nonzero | `trace.jsonl` records timeout point; `report.json` records timeout blocker. |
| dirty-starting-tree | Target repository is dirty before backend work starts when clean start is required. | `dirty_starting_tree` | `task.contract.created` | `blocked` | nonzero | `trace.jsonl` records preflight failure; no mutation occurs. |
| dirty-ending-tree | Run leaves untracked or unintended dirty state after checks. | `dirty_ending_tree` | `run.completed` | `fail` | nonzero | `trace.jsonl` records ending state check; `report.json` names dirty paths. |
| artifact-write-failure | Required artifact cannot be written. | `artifact_write_failure` | `run.completed` | `fail` | nonzero | `report.json` may be partial only if write failure happens after report creation; trace records failed artifact path. |
| provider-unavailable | Backend provider, model, CLI, or dependency is unavailable. | `provider_unavailable` | `run.completed` | `blocked` | nonzero | backend raw logs record provider failure; no source mutation occurs. |
## Acceptance Rule
A future Case adapter cannot progress to staged proof until these fixture classes have expected evidence defined in the adapter validator.
The first executable implementation may start with a subset only if the staged proof gate explicitly marks the remaining rows as blocked and not accepted for default candidacy.
## Validator Expectations
Current validation is planning-only and checks this matrix exists with required rows.
Later adapter validation must execute or simulate each row and verify:
- blocker reason;
- normalized event;
- report status;
- exit behavior;
- required artifact presence;
- digest presence;
- freshness proof;
- no hidden source mutation.

76
.sot/03-PROTOCOLS/CTO-CASE-LOCAL-PROVIDER-ROUTE-ISSUES.md
View File

@ -1,76 +0,0 @@
---
title: CTO Case Local Provider Route Issues
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-05-31
last_reviewed: 2026-05-31
core_promotion_status: not-promoted
route: cto
---
# CTO Case Local Provider Route Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## CTO-WORK-021 - Case-Compatible Local Provider Adapter Route PRD
Status: validated.
Register the local-provider adapter route as the autonomous option if `CTO-WORK-020` is resolved with `decision_status=local_provider_required`.
Acceptance:
- States that this route applies only when `decision_status=local_provider_required`.
- Requires provider class `local_case_compatible`.
- Uses `CTO-WORK-020` admission JSON gate as authority instead of redefining admission.
- Requires `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE`.
- Requires no external fallback to `anthropic` or `claude-sonnet-4-6`.
- Requires negative gates for missing local adapter config, admission JSON mismatch, and `decision_status != local_provider_required`.
- Completion of this route does not admit a provider/model and does not change `CTO-WORK-020` status.
- Keeps `CTO-WORK-020` blocked until admitted provider/model and real Case Stage 2 pass evidence exist.
- Does not approve or implement any provider.
## CTO-WORK-022 - Case-Compatible Local Provider Adapter Route
Status: validated.
Build or supply one Case-compatible local provider adapter path after the decision record selects `local_provider_required`.
Acceptance:
- Decision record has `decision_status=local_provider_required`.
- Provider class is `local_case_compatible`.
- Provider/model admission remains owned by `CTO-WORK-020`.
- Missing local adapter config blocks before `case_process_started`.
- Admission JSON mismatch blocks before `case_process_started`.
- External provider fallback blocks before `case_process_started`.
- Harness report proves `case_model_provider`, `case_model`, and `case_model_admission_status`.
- Harness report proves no fallback to `anthropic` or `claude-sonnet-4-6`.
- No secret is written to SOT, argv, task file, backend logs, report, trace, generated config, or commit.
- Real Case Stage 2 produces a pass report only through the Harness Evidence Interface.
Blocked by:
- `CTO-WORK-020` decision record selecting `local_provider_required`.
- `CTO-WORK-030` supplying explicit Spark local provider endpoint config.
Current unblock:
- Decision record now selects `local_provider_required`.
- Harness route blocks before `case_process_started` unless `CTO_HARNESS_CASE_LOCAL_BASE_URL` is supplied.
- Remaining blocker is cleared for Stage 2 artificial fixture only.
Validation evidence:
- Hermes commit: `5c5448b Bridge Case Qwen through OpenAI-compatible runtime`.
- Hermes commit: `fc54680 Complete Case lifecycle after committed proof`.
- Real Case Qwen Stage 2 pass artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T025817Z-r1-string-slugify-2907822`.
- Report status: `pass`.
- CTO admission identity: `qwen-local` / `qwen3.6-35b-a3b`.
- Case runtime bridge provider: `openai`.
- Tests passed: `true`.
- Required events passed: `true`.
- No external provider fallback was used.
- Endpoint value was runtime-only and is not recorded in SOT.
- This route remains scoped to Stage 2 artificial fixture proof.

77
.sot/03-PROTOCOLS/CTO-CASE-LOCAL-PROVIDER-ROUTE-PRD.md
View File

@ -1,77 +0,0 @@
---
title: CTO Case Local Provider Route PRD
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-05-31
last_reviewed: 2026-05-31
core_promotion_status: not-promoted
route: cto
---
# CTO Case Local Provider Route PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
`CTO-WORK-020` remains blocked until the selected local Qwen provider path produces real Case Stage 2 pass evidence. The decision is now `local_provider_required`, so Cortex CTO needs the narrow Case-compatible local model provider route to remain explicit and fail-closed.
## Solution
Define a child-local Case-compatible local provider adapter route. This route does not select a provider, does not implement a provider, and does not admit a provider/model. It uses the existing `CTO-WORK-020` admission JSON gate as authority.
## Scope
- Apply only when `decision_status=local_provider_required`.
- Require provider class `local_case_compatible` only through the `CTO-WORK-020` decision record.
- Require compatibility with WorkOS Case model configuration through the existing `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` gate.
- Require the existing Hermes admitted-pair gate to remain the execution gate.
- Require the adapter path to prove no external provider fallback.
- Require missing local adapter config to block before `case_process_started`.
- Require admission JSON mismatch to block before `case_process_started`.
- Require `decision_status != local_provider_required` to block route execution.
- Require Stage 2 to keep copied artificial fixture scope only.
- Require no Target Repository path exposure.
- No Target Repository path exposure.
- Require no secrets in SOT, argv, task file, report, trace, backend logs, generated config, or commits.
## Non-Goals
- Do not approve a local provider.
- Do not implement a provider adapter.
- Do not admit a provider/model.
- Do not approve Anthropic or any external provider.
- Do not run real Case Stage 2.
- Do not create a provider marketplace or registry.
- Do not change Hermes runtime behavior from this route.
- Do not treat Case as CTO authority.
## Acceptance Criteria
- A local provider adapter route references the `CTO-WORK-020` decision record and admission JSON gate instead of redefining admission fields.
- Completion of this route does not admit a provider/model and does not change `CTO-WORK-020` status.
- The route states that `CTO-WORK-020` remains blocked until admitted provider/model and real Case Stage 2 pass evidence exist.
- The route requires proof that Case used the admitted local provider/model from `CTO-WORK-020` and did not fall back to `anthropic` or `claude-sonnet-4-6`.
- The route requires `case_model_provider`, `case_model`, and `case_model_admission_status` in report evidence.
- The route requires `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE`, `CTO_HARNESS_CASE_MODEL_PROVIDER`, and `CTO_HARNESS_CASE_MODEL`.
- The route requires negative gates for missing local adapter config, admission JSON mismatch, and `decision_status != local_provider_required`.
- The route keeps fake as the default validation lane.
- The route keeps same-run fake baseline comparison required.
## Validation
- `python3 tools/validate_cto_child.py` validates this child-local route.
- Future Hermes focused validation must include `python3 harness/runner/validate-case-provider-adapter.py --harness-root harness --json`.
- Future real local provider validation must use the Harness Evidence Interface and copied artificial fixture Stage 2 only.
## Risks And Dependencies
- WorkOS Case may not support the intended local provider without additional adapter work.
- Local inference may still require credentials, endpoint configuration, or model serving state.
- Local model quality may fail Stage 2 even when the provider route is valid.
- A local provider route does not remove the need for an admission JSON and real pass report.
## Success Definition
JP chose `local_provider_required`. The next implementation route is explicit: supply the local provider config for `qwen-local` / `qwen3.6-35b-a3b`, then use `CTO-WORK-020` and the Harness Evidence Interface before any real Case Stage 2 claim.

231
.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION-ISSUES.md
View File

@ -1,231 +0,0 @@
---
title: CTO Case Model Provider Admission Issues
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-05-31
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
route: cto
---
# CTO Case Model Provider Admission Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## CTO-WORK-019 - Case Model Provider Admission PRD
Status: validated.
Extract the existing `CTO-WORK-018` harness gate into a first-class model provider admission route. This is the SOT route for deciding which provider/model pair may power real Case Stage 2.
Acceptance:
- Records observed fallback provider `anthropic`.
- Records observed fallback model `claude-sonnet-4-6`.
- Requires explicit admitted provider and exact model ID before real Case starts.
- Requires `CTO_HARNESS_CASE_MODEL_PROVIDER` and `CTO_HARNESS_CASE_MODEL` to match the admission record.
- Requires `backend/provider-model-not-admitted.txt` when admission is missing.
- Requires isolated `CASE_DATA_DIR/config.json` to contain admitted `models.default`.
- Requires negative gates for missing provider/model and unadmitted provider/model.
- Requires no secrets in task file, argv, report, trace, backend logs, SOT, or commits.
- Keeps Case as candidate execution backend, not CTO authority.
## CTO-WORK-020 - Admit Case Model Provider For Real Stage 2
Status: validated.
Choose and admit the exact provider/model path for real Case Stage 2, then rerun Stage 2 through the Harness Evidence Interface.
Acceptance:
- Admission record names provider, exact model ID, credential source class, allowed network class, approval source, admission timestamp, review trigger, and evidence expectations.
- No provider/model is admitted by default.
- No secret is written to SOT, argv, task file, backend logs, report, trace, or commit.
- `CTO_HARNESS_CASE_MODEL_PROVIDER` and `CTO_HARNESS_CASE_MODEL` match the admission record.
- Missing or unadmitted provider/model blocks before `case_process_started`.
- Report records `case_model_provider`, `case_model`, and `case_model_admission_status`.
- Real Case Stage 2 produces a pass report only if the admitted provider/model was used.
- Same-run fake baseline comparison remains required.
- No Target Repository path is inspected or copied.
Blocked by:
- Human provider approval if an external provider such as Anthropic is selected.
- A Case-compatible local provider route if external providers are not approved.
## Hermes Implementation Evidence - 2026-05-31
- Hermes commit: `f39d8ab Require admitted Case model pair`.
- `f39d8ab` proves admission gating implementation only; it is not a real Case Stage 2 pass.
- The Hermes adapter now requires `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE`.
- Env provider/model is only the requested pair; the admission JSON is the authority.
- Missing admission blocks before `case_process_started`.
- Mismatched admission blocks before `case_process_started`.
- Report evidence records `case_model_provider`, `case_model`, and `case_model_admission_status`.
- Status vocabulary includes `admitted`, `missing_admission`, `mismatch`, `invalid_admission`, and `not_admitted`.
- Secret scan covers `report.json`, `report.md`, `trace.jsonl`, backend logs, Case stdout/stderr, and generated Case config.
- Focused validator passed: `python3 harness/runner/validate-case-provider-adapter.py --harness-root harness --json`.
- Aggregate validator passed: `harness/evals/health.sh --json`.
- Focused validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260531T235421Z-r1-string-slugify-1875638`.
- Aggregate validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260531T235448Z-r1-string-slugify-1876884`.
- `CTO-WORK-020` remains blocked until a provider/model is explicitly approved and real Case Stage 2 produces a pass report.
## CTO-WORK-020 Decision Record Template
This template belongs to `CTO-WORK-020`; it is not a new provider approval.
Required fields:
- `decision_status`: `not_decided`, `external_provider_approved`, or `local_provider_required`.
- `provider_class`: `external_anthropic`, `external_openai_codex`, or `local_case_compatible`.
- `provider`: exact provider string, or empty while blocked.
- `model`: exact model string, or empty while blocked.
- `approval_source`: JP approval reference or governed Core route reference.
- `credential_source_class`: credential class only; no secret value.
- `allowed_network_class`: allowed network class for this provider.
- `review_trigger`: expiry, date, or condition that forces review.
- `evidence_sources`: references to existing admission/build evidence, not copied runtime evidence.
- `effect`: `CTO-WORK-020 remains blocked until admitted provider/model and real Stage 2 pass report exist`.
## CTO-WORK-027 - OpenAI Codex Model Admission JSON
Status: validated.
Record the exact non-secret admission JSON required by `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` for the approved `openai-codex` / `gpt-5.5` primary provider path.
Acceptance:
- Admission file path is `.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION.openai-codex-gpt-5.5.json`.
- Admission JSON has `status`: `admitted`.
- Admission JSON has `provider`: `openai-codex`.
- Admission JSON has `model`: `gpt-5.5`.
- Admission JSON has `credential_source_class`: `hermes-openai-codex-oauth-and-local-vllm-config`.
- Admission JSON has `allowed_network_class`: `codex-oauth-hosted-model-plus-local-vllm-fallback`.
- Admission JSON has `approval_source`: `JP chat approval on 2026-05-31`.
- Admission JSON has `admission_timestamp`.
- Admission JSON has `review_trigger`.
- Admission JSON contains no secret keys or secret values.
- Fallback to `openai-codex` / `gpt-5.5` remains explicit decision-record context and must be represented in runtime evidence before it may count as a Case provider/model path.
- `CTO-WORK-020` remains blocked until real Case Stage 2 produces a Harness Evidence Interface pass report using this admission file.
- Real Case Stage 2 command must set `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` to this admission JSON path.
## Post-Admission Runtime Evidence - 2026-06-01
- Run artifact directory: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T013918Z-r1-string-slugify-2381028`.
- Report status: `fail`.
- Backend: `case`.
- Case process started: `true`.
- Case model provider: `openai-codex`.
- Case model: `gpt-5.5`.
- Case model admission status: `admitted`.
- The admitted provider/model path reached Case execution.
- Case failed before producing a diff.
- Case stderr recorded `AGENT_RESULT start delimiter not found`.
- Case retry classified the failure as `agent-protocol-error`.
- `CTO-WORK-020` remains blocked because no real Case Stage 2 pass report exists.
- Current downstream blocker is tracked by `CTO-WORK-028`.
## Hermes Auth Preflight Evidence - 2026-06-01
- Hermes commit: `5db23c7 Fail closed on Case Codex auth gap`.
- `5db23c7` proves fail-closed classification only; it is not a real Case Stage 2 pass.
- The Hermes adapter now blocks `openai-codex` before `case_process_started` unless `CTO_HARNESS_CASE_OPENAI_CODEX_AUTH_BRIDGE=1`.
- The block writes `backend/provider-auth-unavailable.txt`.
- The reason is specific: Case's pipeline SDK path constructs its Pi Agent runtime directly and does not pass Pi AuthStorage OAuth headers into `streamSimple`.
- Pi env API-key lookup does not map `openai-codex` to an environment API key.
- Focused validator passed: `python3 harness/runner/validate-case-provider-adapter.py --harness-root harness --json`.
- Aggregate validator passed: `harness/evals/health.sh --json`.
- Focused validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T014803Z-r1-string-slugify-2448172`.
- Aggregate validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T014805Z-r1-string-slugify-2449212`.
- `CTO-WORK-020` remains blocked because no real Case Stage 2 pass report exists.
## CTO-WORK-029 - Qwen Local Case Model Admission JSON
Status: validated.
Record the exact non-secret admission JSON required by `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` for the existing Pi local provider path `qwen-local` / `qwen3.6-35b-a3b`.
Acceptance:
- Admission file path is `.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION.qwen-local-qwen3.6-35b-a3b.json`.
- Admission JSON has `status`: `admitted`.
- Admission JSON has `provider`: `qwen-local`.
- Admission JSON has `model`: `qwen3.6-35b-a3b`.
- Admission JSON has `credential_source_class`: `pi-models-json-local-provider-no-secret`.
- Admission JSON has `allowed_network_class`: `local-tailscale-vllm-spark1`.
- Admission JSON has `approval_source`: `JP chat approval on 2026-05-31`.
- Admission JSON has `admission_timestamp`.
- Admission JSON has `review_trigger`.
- Admission JSON contains no secret keys or secret values.
- This admission does not change Hermes primary model policy.
- This admission does not approve real-repo, copied-repo, sandbox-repo, owned-repo, default-candidate, or Core promotion stages.
- `CTO-WORK-020` remains blocked until real Case Stage 2 produces a Harness Evidence Interface pass report using this admission file.
- Real Case Stage 2 command must set `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` to this admission JSON path.
## Qwen Local Runtime Evidence - 2026-06-01
- Run artifact directory: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T015208Z-r1-string-slugify-2478256`.
- Report status: `fail`.
- Backend: `case`.
- Case process started: `true`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- The admitted Qwen local provider/model path reached Case execution.
- Case failed before producing a diff.
- Case stderr recorded `AGENT_RESULT start delimiter not found`.
- Case retry classified the failure as `agent-protocol-error`.
- `CTO-WORK-020` remains blocked because no real Case Stage 2 pass report exists.
- Current downstream blocker remains `CTO-WORK-028`.
## Qwen Local Classified Runtime Evidence - 2026-06-01
- Run artifact directory: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T020117Z-r1-string-slugify-2566310`.
- Report status: `fail`.
- Backend: `case`.
- Case process started: `true`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- Failure reason: `case agent result protocol failed`.
- Protocol marker: `backend/provider-agent-protocol.txt`.
- `CTO-WORK-020` remains blocked because no real Case Stage 2 pass report exists.
- Current downstream blocker remains `CTO-WORK-028`.
## Qwen Local Isolated Pi Config Gate Evidence - 2026-06-01
- Hermes commit: `09b5851 Isolate Case Pi provider config`.
- The admission file remained valid for `qwen-local` / `qwen3.6-35b-a3b`.
- Real Qwen local config-gate proof artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T020847Z-r1-string-slugify-2619644`.
- Report status was `blocked`.
- Case model admission status was `admitted`.
- Case process started was `false`.
- The block reason was missing explicit local provider config, not missing model admission.
- The required unblock variable is `CTO_HARNESS_CASE_LOCAL_BASE_URL`.
- `CTO-WORK-020` remains blocked because no real Case Stage 2 pass report exists.
## Spark Endpoint Config Blocker - 2026-06-01
- Qwen local admission remains valid for `qwen-local` / `qwen3.6-35b-a3b`.
- `CTO-WORK-030` now tracks the missing Spark endpoint config required by `CTO_HARNESS_CASE_LOCAL_BASE_URL`.
- Missing endpoint config blocks before `case_process_started` and writes `backend/provider-local-config-unavailable.txt`.
- Endpoint presence alone is not Stage 2 pass evidence and does not unblock `CTO-WORK-020`.
## Qwen Local Stage 2 Pass Evidence - 2026-06-01
- Hermes commit: `fc54680 Complete Case lifecycle after committed proof`.
- Real Case Qwen Stage 2 pass artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T025817Z-r1-string-slugify-2907822`.
- Report status: `pass`.
- Case process started: `true`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- Admission file: `.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION.qwen-local-qwen3.6-35b-a3b.json`.
- Runtime endpoint value was supplied only through environment and is not recorded in SOT.
- Report proves no fallback to `anthropic` or `claude-sonnet-4-6`.
- Changed files: `strings.py`.
- Tests passed: `true`.
- Required events passed: `true`.
- Result: `CTO-WORK-020` is validated for Stage 2 artificial fixture only.
- This does not approve copied-repo, sandbox-repo, owned-repo, default-candidate, or Core promotion stages.

128
.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION-PRD.md
View File

@ -1,128 +0,0 @@
---
title: CTO Case Model Provider Admission PRD
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-05-31
last_reviewed: 2026-05-31
core_promotion_status: not-promoted
route: cto
---
# CTO Case Model Provider Admission PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
`CTO-WORK-018` validated a harness gate that blocks missing model configuration, but the CTO route still needs a first-class admission record for the model provider itself. Evidence showed WorkOS Case silently defaulted to provider `anthropic` and model `claude-sonnet-4-6` when the harness did not write a model registry. That path is an unadmitted external model path for CTO proof.
## Solution
Extract the model provider decision into a child-local admission route. The route requires an explicit admitted provider/model pair, redacted credential policy, isolated Case config proof, negative gates, and real Stage 2 retry conditions before any real Case run can claim progress.
## Scope
- Admit only one named Case model provider and exact model ID at a time.
- Require admission before `CTO_HARNESS_CASE_MODEL_PROVIDER` and `CTO_HARNESS_CASE_MODEL` may be used for real Case.
- Preserve fail-closed behavior through `backend/provider-model-not-admitted.txt`.
- Require unadmitted provider/model blocks before `case_process_started`.
- Require the adapter to write admitted `models.default` into isolated `CASE_DATA_DIR/config.json`.
- Require provider evidence in `report.json`, backend logs, `trace.jsonl`, and artifact digests.
- Require secret-redaction evidence for task file, argv, report, trace, and backend logs.
- Keep Stage 2 mutation scope limited to copied artificial fixture only.
- Keep executable admission separate from model provider admission.
- Keep `ca run --task <task-file> --mode unattended` as the only real Case Stage 2 command shape.
- Preserve same-run fake baseline comparison.
## Non-Goals
- Do not approve Anthropic, Claude, local inference, or any other provider by default.
- Do not create a broad provider marketplace or registry abstraction.
- Do not store credentials in SOT, task files, argv, commits, reports, traces, or backend logs.
- Do not grant Case CTO authority.
- Do not authorize copied repo, sandbox repo, owned repo, default backend, WebUI product, or Core promotion behavior.
- Do not bypass the Harness Evidence Interface.
- Do not mutate Case source, Cortex Core, vendor source, or target repositories.
## Acceptance Criteria
- A model provider admission record names provider, exact model ID, credential source class, allowed network class, approval source, admission timestamp, and expiry or review trigger.
- Missing provider/model admission blocks before `case_process_started`.
- Unadmitted provider/model blocks before `case_process_started`.
- Missing credentials, unexpected fallback model, missing config write, or absent provider evidence blocks.
- Stage 2 report records `case_model_provider`, `case_model`, `case_model_admission_status`, `case_process_started`, `backend_exit_code`, `allowed_writes_passed`, `changed_files`, and `blockers`.
- Real Case Stage 2 cannot pass unless the report proves the admitted provider/model was used.
- Real Case Stage 2 remains blocked unless a pass report exists.
- Fake remains the default validation lane.
- Same-run fake baseline comparison remains required.
- No secrets appear in task file, argv, report, trace, backend logs, SOT, or commits.
## Validation
- `python3 tools/validate_cto_child.py` validates this child-local route.
- Hermes focused validation must include `python3 harness/runner/validate-case-provider-adapter.py --harness-root harness --json`.
- Required negative gates: missing provider/model blocks before `case_process_started`; unadmitted provider/model blocks before `case_process_started`; no secrets appear in task file, argv, report, trace, backend logs.
- Real provider validation must include `CTO_HARNESS_ALLOW_CASE=1 CTO_HARNESS_CASE_STAGE=2 CTO_HARNESS_CASE_BIN=<admitted-ca> CTO_HARNESS_CASE_MODEL_PROVIDER=<admitted-provider> CTO_HARNESS_CASE_MODEL=<admitted-model> harness/evals/run-case.sh r1-string-slugify --engine case --json`.
- Aggregate validation remains `harness/evals/health.sh --json` after focused gates pass.
## Risks And Dependencies
- Human approval may be required before any external provider is admitted.
- Local provider use may require a separate Case-compatible provider adapter or credentials path.
- Case defaults may change; model evidence must be read from actual run artifacts, not assumed from docs.
- Provider credentials may be unavailable in the current terminal.
- License status remains unresolved for broader execution modes.
## Success Definition
Real Case Stage 2 remains blocked until a named provider/model is admitted, then passes only when the Harness Evidence Interface proves the admitted provider/model executed the copied artificial fixture without forbidden writes, target inspection, fallback model use, or secret leakage.
## Current Evidence - 2026-05-31
- Existing gate: `CTO-WORK-018 - Case Model Provider Admission Gate`.
- Real Case defaulted to provider `anthropic` and model `claude-sonnet-4-6` without an explicit model registry.
- Runtime report path: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260531T234205Z-r1-string-slugify-1834617/report.json`.
- Hermes model gate commit: `4500082 Gate Case execution on admitted model`.
- Model gate variables: `CTO_HARNESS_CASE_MODEL_PROVIDER` and `CTO_HARNESS_CASE_MODEL`.
- Model gate marker: `backend/provider-model-not-admitted.txt`.
- Validator check: `model_provider_gate_blocks`.
## Hermes Implementation Evidence - 2026-05-31
- Hermes commit: `f39d8ab Require admitted Case model pair`.
- `f39d8ab` proves admission gating implementation only; it is not a real Case Stage 2 pass.
- Admission file variable: `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE`.
- Env provider/model is now a requested pair, not admission authority.
- The admission JSON is the authority for real Case Stage 2 model admission.
- The requested `CTO_HARNESS_CASE_MODEL_PROVIDER` and `CTO_HARNESS_CASE_MODEL` must match the admitted JSON provider and model.
- Admission status values: `admitted`, `missing_admission`, `mismatch`, `invalid_admission`, `not_admitted`.
- Missing admission and mismatched admission block before `case_process_started`.
- Stage 2 reports include `case_model_provider`, `case_model`, and `case_model_admission_status` for pass and blocked paths.
- Secret scan covers `report.json`, `report.md`, `trace.jsonl`, backend logs, Case stdout/stderr, and generated Case config.
- Focused Hermes validator passed: `python3 harness/runner/validate-case-provider-adapter.py --harness-root harness --json`.
- Post-merge Hermes aggregate validator passed: `harness/evals/health.sh --json`.
- Focused validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260531T235421Z-r1-string-slugify-1875638`.
- Aggregate validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260531T235448Z-r1-string-slugify-1876884`.
- `CTO-WORK-020` remains blocked because no real provider/model has been approved and no real Case Stage 2 pass report exists.
## Decision Record Template For CTO-WORK-020
This template clarifies the decision required by `CTO-WORK-020`; it does not approve a provider.
- `decision_status`: `not_decided`, `external_provider_approved`, or `local_provider_required`.
- `provider_class`: `external_anthropic`, `external_openai_codex`, or `local_case_compatible`.
- `provider`: exact provider string, or empty while blocked.
- `model`: exact model string, or empty while blocked.
- `approval_source`: JP approval reference or governed Core route reference.
- `credential_source_class`: credential class only; no secret value.
- `allowed_network_class`: allowed network class for this provider.
- `review_trigger`: expiry, date, or condition that forces review.
- `evidence_sources`: references to existing admission/build evidence, not copied runtime evidence.
- `effect`: `CTO-WORK-020 remains blocked until admitted provider/model and real Stage 2 pass report exist`.
Allowed pending states:
- `not_decided`: no provider/model may run.
- `local_provider_required`: no external provider may run; create a Case-compatible local provider route first.
- `external_provider_approved`: may proceed only when the approval source, credential source class, allowed network class, and admission JSON are recorded.

10
.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION.openai-codex-gpt-5.5.json
View File

@ -1,10 +0,0 @@
{
"admission_timestamp": "2026-05-31T00:00:00-04:00",
"allowed_network_class": "codex-oauth-hosted-model-plus-local-vllm-fallback",
"approval_source": "JP chat approval on 2026-05-31",
"credential_source_class": "hermes-openai-codex-oauth-and-local-vllm-config",
"model": "gpt-5.5",
"provider": "openai-codex",
"review_trigger": "Before real Case Stage 2 admission JSON path changes, before credential source changes, before default/fallback model changes, or before promotion beyond copied artificial fixture.",
"status": "admitted"
}

10
.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION.qwen-local-qwen3.6-35b-a3b.json
View File

@ -1,10 +0,0 @@
{
"admission_timestamp": "2026-06-01T00:00:00-04:00",
"allowed_network_class": "local-tailscale-vllm-spark1",
"approval_source": "JP chat approval on 2026-05-31",
"credential_source_class": "pi-models-json-local-provider-no-secret",
"model": "qwen3.6-35b-a3b",
"provider": "qwen-local",
"review_trigger": "Before real Case Stage 2 admission JSON path changes, before local provider endpoint changes, before default/fallback model changes, or before promotion beyond copied artificial fixture.",
"status": "admitted"
}

53
.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-ADMISSION-ISSUES.md
View File

@ -1,53 +0,0 @@
---
title: CTO Case Provider Admission Issues
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-05-31
last_reviewed: 2026-05-31
core_promotion_status: not-promoted
route: cto
---
# CTO Case Provider Admission Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## CTO-WORK-013 - Case Provider Admission PRD
Status: validated.
Register the provider-admission product requirement that separates discovery evidence from executable admission.
Acceptance:
- Records WorkOS Case source as `https://github.com/workos/case.git`.
- Records pinned commit `7959ac917cdeb0983b4aaa20bb9f42021747fed8`.
- Records that the CLI binary is `ca`.
- Records that `case` on public npm is not WorkOS Case.
- Records that Bun and `bun run build:binary` are required for `dist/ca`.
- Records that Stage 2 must use `ca run --task <task-file>`.
## CTO-WORK-014 - Hermes Case CLI Task Adapter Route
Status: validated.
Implement the smallest Hermes CTO harness change that converts the Stage 2 artificial fixture contract into a Case task file and invokes the admitted Case provider with the correct command shape.
Acceptance:
- `CTO_HARNESS_CASE_BIN` points to an admitted `ca` executable.
- Stage 2 invokes `ca run --task <task-file>`.
- The adapter does not pass a raw prompt as argv.
- Missing provider, wrong provider, wrong command shape, or wrong task contract blocks.
- The Stage 2 pass report is produced only by real Case execution.
- Provider-unavailable fail-closed behavior remains tested.
- No Target Repository path is inspected or copied.
## Validation Evidence - 2026-05-31
- Hermes commit: `5d04515 Add Stage 2 Case task adapter contract`.
- Adapter writes Case task state for the copied artificial fixture and invokes `ca run --task <task-file> --mode unattended`.
- `validate-case-provider-adapter.py` passed with a local test double for command shape and task contract.
- `harness/evals/health.sh --json` passed after merge and includes `case_provider_adapter.passed: true`.
- `validate-case-stage2.py` remains blocked without an admitted real Case provider; this is expected and preserves fail-closed behavior.

67
.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-ADMISSION-PRD.md
View File

@ -1,67 +0,0 @@
---
title: CTO Case Provider Admission PRD
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-05-31
last_reviewed: 2026-05-31
core_promotion_status: not-promoted
route: cto
---
# CTO Case Provider Admission PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Purpose
Unblock Stage 2 by admitting a real WorkOS Case executable through a governed provider route, without treating Case as Cortex authority and without mutating any target repository.
## Current Evidence
- Source repo: `https://github.com/workos/case.git`.
- Pinned source commit: `7959ac917cdeb0983b4aaa20bb9f42021747fed8`.
- Package name: `case`.
- Package status: `private: true`.
- Public npm package `case` is not WorkOS Case.
- Case CLI binary name is `ca`, because `case` is a shell reserved word.
- Case setup requires Bun.
- Case standalone executable is produced by `bun run build:binary` as `dist/ca`.
- Case task execution uses `ca run --task <task-file>` or `ca session <repo-path> --task <task-file>`.
## Problem
The Hermes CTO harness has a provider-unavailable failure path, but it does not yet have an admitted durable Case provider. `CTO_HARNESS_CASE_BIN` alone is insufficient if the adapter passes a raw prompt as argv. WorkOS Case expects a task file and a Case command shape, not an arbitrary prompt string.
## Product Requirement
Create a provider admission route that proves the exact executable, command contract, and task contract before Stage 2 can pass.
## Required Contract
- The provider path must be explicit and durable; `/tmp` clones are discovery evidence only.
- The provider must be pinned to `7959ac917cdeb0983b4aaa20bb9f42021747fed8` or a later recorded pin.
- The provider must identify itself as WorkOS Case, not the unrelated npm package.
- The adapter must call `ca run --task <task-file>` for Stage 2 artificial fixture work.
- The adapter must not pass the task brief as a raw positional prompt.
- The task file must contain no Target Repository path for Stage 2.
- The run must preserve `Stage 2 allowed mutation scope is copied artificial case only`.
- Missing Bun, missing `dist/ca`, wrong commit, wrong command shape, or wrong task file means blocked.
- Case may execute only inside the Harness Evidence Interface.
- Case may recommend. Case must not approve itself.
## Acceptance Evidence
- Provider admission report records executable path, source URL, pinned commit, build command, binary digest, and command shape.
- Stage 2 pass report exists only after a real `ca run --task <task-file>` execution.
- Provider-unavailable report remains available and fail-closed.
- Fake remains the default validation lane.
- No Cortex Core, Case source, vendor source, or Target Repository file is mutated.
## Explicit Non-Goals
- Do not vendor Case source into Cortex OS Core.
- Do not install or use the unrelated npm `case` package.
- Do not skip Stage 2.
- Do not authorize copied repo, sandbox repo, owned repo, default backend, WebUI product, or Core promotion behavior.
- Do not treat Case as CTO authority.

265
.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-BUILD-ISSUES.md
View File

@ -1,265 +0,0 @@
---
title: CTO Case Provider Build Issues
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-05-31
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
route: cto
---
# CTO Case Provider Build Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## CTO-WORK-015 - Durable Case Provider Build PRD
Status: validated.
Register the provider build route that separates source discovery from executable admission.
Acceptance:
- Records WorkOS Case source `https://github.com/workos/case.git`.
- Records pinned commit `7959ac917cdeb0983b4aaa20bb9f42021747fed8`.
- Records local build dependency status: Node `v20.19.5` present, Bun missing.
- Requires `bun run build:binary` to produce `dist/ca` before real Stage 2 can pass.
- Requires SHA-256 digest for admitted `dist/ca`.
- Keeps `/tmp` clone as discovery evidence only.
## CTO-WORK-016 - Real Case Provider Stage 2 Run
Status: validated.
Build or supply a durable admitted WorkOS Case `ca` executable, then run the existing Hermes CTO Stage 2 artificial fixture through real Case.
Acceptance:
- Bun is available, or a durable admitted `dist/ca` path is supplied with source pin and digest.
- `CTO_HARNESS_CASE_BIN` points to the admitted `ca` executable.
- Stage 2 invokes `ca run --task <task-file> --mode unattended`.
- Real Case execution produces a Stage 2 pass report through the Harness Evidence Interface.
- Provider-unavailable fail-closed behavior remains tested.
- Fake remains the default validation lane.
- No Target Repository path is inspected or copied.
Blocked by:
- Missing local `bun` executable, unless a prebuilt admitted `dist/ca` is supplied.
## Provider Build Evidence - 2026-05-31
- Reversible Bun bootstrap succeeded under `/tmp/cto-bun`; no global Bun install was required.
- `/tmp/workos-case` source pin remained `7959ac917cdeb0983b4aaa20bb9f42021747fed8`.
- `bun run build:binary` produced `/tmp/workos-case/dist/ca`.
- Built binary digest: `9811f870af2f85616e359d42ba70566c9af08ca20d8660456929a56ec761513f`.
- `/tmp/workos-case/dist/ca --help` identified the executable as Case `ca`.
- `/tmp/workos-case` remains discovery/build evidence only because build modified `src/generated/package-assets.ts`.
- Real Stage 2 run with `CTO_HARNESS_CASE_BIN=/tmp/workos-case/dist/ca` hung and was terminated. It created artifact directory `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260531T233721Z-r1-string-slugify-1814067` without `report.json`.
- `CTO-WORK-016` remains blocked because no real Case Stage 2 pass report exists.
## CTO-WORK-017 - Case Provider Timeout Fail-Closed Route
Status: validated.
Harden the Hermes CTO Case adapter so a hung real Case provider fails closed with normal evidence instead of leaving an orphan artifact directory without `report.json`.
Acceptance:
- Case provider execution is bounded by `CTO_HARNESS_CASE_TIMEOUT_SECONDS`.
- Timeout writes `backend/provider-timeout.txt`.
- Timeout still emits `report.json` through the Harness Evidence Interface.
- `validate-case-provider-adapter.py` checks a sleeping provider path.
- `harness/evals/health.sh --json` passes after merge and includes `provider_timeout_fail_closed`.
- This does not mark real Case Stage 2 as passed.
Validation Evidence:
- Hermes commit: `d23c492 Fail closed on Case provider timeout`.
- Post-merge `harness/evals/health.sh --json` passed.
## Real Provider Runtime Evidence - 2026-05-31
- Real Case Stage 2 run with `/tmp/workos-case/dist/ca` and `CTO_HARNESS_CASE_TIMEOUT_SECONDS=8` produced report `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260531T234205Z-r1-string-slugify-1834617/report.json`.
- Case started provider `anthropic` with model `claude-sonnet-4-6`.
- Adapter-generated `backend/case-data/config.json` contained no model registry, so Case used its built-in default model.
- The run timed out before patch application; tests failed because `strings.py` was unchanged.
- This is an unadmitted external model path for CTO harness proof and must be blocked before Case process start.
## Admitted Provider Runtime Evidence - 2026-06-01
- Real Case Stage 2 run with `/tmp/workos-case/dist/ca` and admitted `openai-codex` / `gpt-5.5` produced report `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T013918Z-r1-string-slugify-2381028/report.json`.
- Case process started after admission passed.
- Backend exit code was `1`.
- The harness recorded no changed files.
- The patch artifact was empty.
- Tests failed because the artificial fixture bug remained unchanged.
- Case stderr recorded `AGENT_RESULT start delimiter not found`.
- Case stderr classified the retry as `agent-protocol-error`.
- `CTO-WORK-016` remains blocked because no real Case Stage 2 pass report exists.
- Current downstream blocker is tracked by `CTO-WORK-028`.
## Qwen Local Provider Runtime Evidence - 2026-06-01
- Real Case Stage 2 run with `/tmp/workos-case/dist/ca` and admitted `qwen-local` / `qwen3.6-35b-a3b` produced report `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T015208Z-r1-string-slugify-2478256/report.json`.
- Case process started after admission passed.
- Backend exit code was `1`.
- The harness recorded no changed files.
- The patch artifact was empty.
- Tests failed because the artificial fixture bug remained unchanged.
- Case stderr recorded `AGENT_RESULT start delimiter not found`.
- Case stderr classified the retry as `agent-protocol-error`.
- `CTO-WORK-016` remains blocked because no real Case Stage 2 pass report exists.
- Current downstream blocker remains `CTO-WORK-028`.
## Classified Agent Protocol Runtime Evidence - 2026-06-01
- Real Case Stage 2 run with `/tmp/workos-case/dist/ca` and admitted `qwen-local` / `qwen3.6-35b-a3b` produced report `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T020117Z-r1-string-slugify-2566310/report.json`.
- Case process started after admission passed.
- Backend exit code was `1`.
- Failure reason was `case agent result protocol failed`.
- Protocol marker was recorded at `backend/provider-agent-protocol.txt`.
- The harness recorded no changed files.
- The patch artifact was empty.
- Tests failed because the artificial fixture bug remained unchanged.
- `CTO-WORK-016` remains blocked because no real Case Stage 2 pass report exists.
- Current downstream blocker remains `CTO-WORK-028`.
## Response Shape Gate Evidence - 2026-06-01
- Hermes commit: `974813b Block Case on reasoning-only local provider`.
- The standard Case Qwen loop now probes the local OpenAI-compatible endpoint before starting Case.
- Real Case Stage 2 retry with admitted `qwen-local` / `qwen3.6-35b-a3b` produced report `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T023119Z-r1-string-slugify-2759949/report.json`.
- Report status was `blocked`.
- Failure reason was `provider response shape unavailable`.
- Marker was recorded at `backend/provider-reasoning-only.txt`.
- Case process started was `false`.
- The harness recorded no changed files.
- The patch artifact was empty.
- `CTO-WORK-016` remains blocked because no real Case Stage 2 pass report exists.
- Current downstream blocker is `CTO-WORK-031`.
## Response Probe Budget Correction Evidence - 2026-06-01
- Hermes commit: `bbe7c72 Use realistic Case local response probe`.
- The local provider response-shape probe now allows delayed assistant content before classifying a provider as reasoning-only.
- Focused validator passed with `local_provider_delayed_content_allows_case`.
- Aggregate Hermes health passed after merge.
- Real Case Stage 2 retry with admitted `qwen-local` / `qwen3.6-35b-a3b` produced report `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T023532Z-r1-string-slugify-2776187/report.json`.
- Case process started after admission and response-shape probe passed.
- Backend exit code was `1`.
- Failure reason was `case agent result protocol failed`.
- Protocol marker was recorded at `backend/provider-agent-protocol.txt`.
- The harness recorded no changed files.
- The patch artifact was empty.
- Tests failed because the artificial fixture bug remained unchanged.
- `CTO-WORK-016` remains blocked because no real Case Stage 2 pass report exists.
- Current downstream blocker returns to `CTO-WORK-028`.
## OpenAI-Compatible Runtime Bridge Evidence - 2026-06-01
- Hermes commit: `5c5448b Bridge Case Qwen through OpenAI-compatible runtime`.
- The harness preserves CTO admission identity as `qwen-local` / `qwen3.6-35b-a3b`.
- The harness maps the Case runtime provider to Pi's built-in `openai` provider only inside the harness-owned Case process.
- The Spark endpoint value was supplied only through runtime environment and is not recorded in SOT.
- Focused validator passed with `qwen_local_openai_compat_allows_case`.
- Focused validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T024443Z-r1-string-slugify-2817037`.
- Post-merge Hermes health passed.
- Post-merge provider-adapter artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T024714Z-r1-string-slugify-2832755`.
- Real Case Stage 2 retry artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T024456Z-r1-string-slugify-2819659`.
- Report status was `fail`.
- Failure reason was `case engine failed with exit code 124`.
- Case process started was `true`.
- Case runtime model provider was `openai`.
- Tests passed.
- Patch artifact was non-empty.
- Patch digest was `4706a667d3e66f3a9a00da37d274263c5ab776b0cce0971f7ac4efc5f341da54`.
- `CTO-WORK-016` remains blocked because no clean real Case Stage 2 pass report exists.
- Current downstream blocker is `CTO-WORK-032`.
## Isolated Pi Config Runtime Evidence - 2026-06-01
- Hermes commit: `09b5851 Isolate Case Pi provider config`.
- The Case harness now sets an isolated `PI_CODING_AGENT_DIR` for the Case process.
- The Case harness no longer relies on ambient `~/.pi/agent` model/auth state for local provider routing.
- Local providers require explicit `CTO_HARNESS_CASE_LOCAL_BASE_URL`.
- Missing local provider config writes `backend/provider-local-config-unavailable.txt`.
- Real Qwen local config-gate proof artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T020847Z-r1-string-slugify-2619644`.
- Report status was `blocked`.
- Failure reason was `provider unavailable`.
- Case process started was `false`.
- `CTO-WORK-016` remains blocked because no real Case Stage 2 pass report exists.
- Current downstream blocker remains `CTO-WORK-028`.
## Real Case Stage 2 Pass Evidence - 2026-06-01
- Hermes commit: `fc54680 Complete Case lifecycle after committed proof`.
- Real Case Qwen Stage 2 pass artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T025817Z-r1-string-slugify-2907822`.
- Case binary path used by harness: `/tmp/workos-case/dist/ca`.
- Case source pin for the built binary: `7959ac917cdeb0983b4aaa20bb9f42021747fed8`.
- Report status: `pass`.
- Backend exit code: `0`.
- Case process started: `true`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- Source admission status: `not_admitted`.
- Changed files: `strings.py`.
- Tests command: `python3 -m pytest -q`.
- Tests passed: `true`.
- Required events passed: `true`.
- Patch artifact: `patch.diff`.
- No Target Repository path was inspected or copied.
- Result: `CTO-WORK-016` is validated for Stage 2 artificial fixture only.
- This does not approve copied-repo, sandbox-repo, owned-repo, default-candidate, or Core promotion stages.
## CTO-WORK-018 - Case Model Provider Admission Gate
Status: validated.
Harden the Hermes CTO Case adapter so real Case execution cannot silently fall back to its built-in Anthropic default model.
Acceptance:
- Real Case execution requires `CTO_HARNESS_CASE_MODEL_PROVIDER` and `CTO_HARNESS_CASE_MODEL`.
- Missing model admission writes `backend/provider-model-not-admitted.txt`.
- Missing model admission blocks before `case_process_started`.
- Adapter writes `models.default` into isolated `CASE_DATA_DIR/config.json`.
- `validate-case-provider-adapter.py` checks `model_provider_gate_blocks`.
- `harness/evals/health.sh --json` passes after merge.
- This does not mark real Case Stage 2 as passed.
Validation Evidence:
- Hermes commit: `4500082 Gate Case execution on admitted model`.
- Post-merge `harness/evals/health.sh --json` passed.
## Spark Endpoint Config Blocker - 2026-06-01
- `CTO-WORK-030` tracks the missing Spark endpoint config for the selected `qwen-local` / `qwen3.6-35b-a3b` path.
- The Hermes harness requires `CTO_HARNESS_CASE_LOCAL_BASE_URL` before local Case provider execution can start.
- Missing endpoint config blocks before `case_process_started` and writes `backend/provider-local-config-unavailable.txt`.
- `CTO-WORK-016` remains blocked until real Case Stage 2 pass evidence exists through the Harness Evidence Interface.
## Case Qwen Loop Entrypoint Evidence - 2026-06-01
- Hermes commit: `6c453ee Add Case Qwen loop entrypoint`.
- New command: `harness/evals/case-qwen-loop.sh --json`.
- The command gives the selected Qwen local path a standard Case harness entrypoint.
- It does not remove the `CTO_HARNESS_CASE_LOCAL_BASE_URL` blocker.
- `CTO-WORK-016` remains blocked until real Case Stage 2 pass evidence exists.
## Spark vLLM Runtime Evidence - 2026-06-01
- Runtime supplied a Spark OpenAI-compatible vLLM endpoint without recording the endpoint value in SOT.
- Real Case Stage 2 run with `/tmp/workos-case/dist/ca` and admitted `qwen-local` / `qwen3.6-35b-a3b` produced report `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T022535Z-r1-string-slugify-2731603/report.json`.
- Case process started after admission passed.
- Backend exit code was `1`.
- Failure reason was `case agent result protocol failed`.
- Protocol marker was recorded at `backend/provider-agent-protocol.txt`.
- The harness recorded no changed files.
- The patch artifact was empty.
- Tests failed because the artificial fixture bug remained unchanged.
- `CTO-WORK-016` remains blocked because no real Case Stage 2 pass report exists.
- Current downstream blocker remains `CTO-WORK-028`.

93
.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-BUILD-PRD.md
View File

@ -1,93 +0,0 @@
---
title: CTO Case Provider Build PRD
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-05-31
last_reviewed: 2026-05-31
core_promotion_status: not-promoted
route: cto
---
# CTO Case Provider Build PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
Stage 2 now has a validated Case task adapter, but it still cannot complete with real WorkOS Case because no durable admitted `ca` executable exists. Discovery found Node `v20.19.5`, no local `bun` executable, no `dist/ca`, no PATH `ca`, and a pinned WorkOS Case source checkout at commit `7959ac917cdeb0983b4aaa20bb9f42021747fed8` under `/tmp`, which is discovery evidence only.
## Solution
Create a governed provider build and admission route that can produce or accept a durable WorkOS Case `ca` executable, record its source pin and SHA-256 digest, and then allow the Hermes CTO harness to run Stage 2 with `CTO_HARNESS_CASE_BIN` only after identity and command-shape checks pass.
## Scope
- Build or admit WorkOS Case from `https://github.com/workos/case.git` at pinned commit `7959ac917cdeb0983b4aaa20bb9f42021747fed8` or a later recorded pin.
- Require Bun before `bun install` or `bun run build:binary` can run.
- Record the resulting `dist/ca` path and SHA-256 digest.
- Prove the executable is WorkOS Case, not the unrelated npm `case` package.
- Run Stage 2 through the existing Hermes CTO Harness Evidence Interface.
- Preserve `ca run --task <task-file> --mode unattended` as the only Stage 2 command shape.
- Require the task file to expose only copied artificial fixture inputs, allowed paths, forbidden actions, verification command, and evidence expectations.
## Non-Goals
- Do not vendor Case source into Cortex OS Core.
- Do not install or use the unrelated public npm `case` package.
- Do not mutate vendor source.
- Do not skip Stage 2.
- Do not authorize copied repo, sandbox repo, owned repo, default backend, WebUI product, or Core promotion behavior.
- Do not treat Case as CTO authority.
## Acceptance Criteria
- Provider build report records source URL, pinned commit, build command, `dist/ca` path, binary digest, Node version, Bun version, and build timestamp.
- Missing Bun blocks before build; it does not degrade to warning.
- Missing `dist/ca`, wrong source commit, wrong provider identity, non-executable binary, missing credentials, wrong command shape, or wrong task contract blocks.
- Current Hermes source admission status remains `not_admitted` until the provider build report is recorded.
- Stage 2 with `CTO_HARNESS_CASE_BIN=<admitted-ca>` produces a pass report only through real Case execution.
- Stage 2 without provider continues to fail closed as `provider unavailable`.
- Fake remains the default validation lane.
- Same-run fake baseline comparison remains required.
- Stage 2 records `report.json`, `report.md`, `events.normalized.jsonl`, `trace.jsonl`, `patch.diff`, `test.log`, backend raw logs, artifact digests, and freshness proof.
- Stage 2 records `source_admission_status`, `case_process_started`, `backend_exit_code`, `allowed_writes_passed`, `changed_files`, and `blockers`.
- No Cortex Core, Case source, vendor source, or Target Repository file is mutated by admission.
## Validation
- `python3 tools/validate_cto_child.py` validates this child-local route.
- Hermes provider validation must include `python3 harness/runner/validate-case-provider-adapter.py --harness-root harness --json`.
- Real provider validation must include `CTO_HARNESS_ALLOW_CASE=1 CTO_HARNESS_CASE_STAGE=2 CTO_HARNESS_CASE_BIN=<admitted-ca> harness/evals/run-case.sh r1-string-slugify --engine case --json`.
- Aggregate validation remains `harness/evals/health.sh --json` after focused gates pass.
## Risks And Dependencies
- Bun is not currently available on this host; provider build is blocked until Bun is installed or an admitted `dist/ca` is supplied.
- WorkOS Case is `private: true`; public npm `case` is unrelated.
- License status remains unresolved for broader execution modes.
- Case may need model credentials for real execution; no secrets may be placed in docs, argv, logs, or task files.
## Success Definition
Stage 2 moves from provider-unavailable blocked status to a real Case pass report while preserving the same harness evidence shape, allowed-write control, artifact digests, no-target-inspection proof, and fail-closed behavior.
## Current Provider Evidence Addendum - 2026-05-31
- Built binary digest observed: `9811f870af2f85616e359d42ba70566c9af08ca20d8660456929a56ec761513f`.
- Hung real-provider artifact directory: `20260531T233721Z-r1-string-slugify-1814067`.
- `CTO-WORK-016` remains blocked because no real Case Stage 2 pass report exists.
- `CTO-WORK-017 - Case Provider Timeout Fail-Closed Route` records the harness hardening response.
- Timeout control: `CTO_HARNESS_CASE_TIMEOUT_SECONDS`.
- Timeout marker: `backend/provider-timeout.txt`.
- Timeout validator check: `provider_timeout_fail_closed`.
- Hermes evidence commit: `d23c492 Fail closed on Case provider timeout`.
## Current Model Admission Evidence Addendum - 2026-05-31
- Real Case defaulted to provider `anthropic` and model `claude-sonnet-4-6` when no model registry was written.
- Runtime report path: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260531T234205Z-r1-string-slugify-1834617/report.json`.
- Required model admission variables: `CTO_HARNESS_CASE_MODEL_PROVIDER` and `CTO_HARNESS_CASE_MODEL`.
- Model gate marker: `backend/provider-model-not-admitted.txt`.
- Model gate validator check: `model_provider_gate_blocks`.
- Hermes evidence commit: `4500082 Gate Case execution on admitted model`.

107
.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-PACKET-ISSUES.md
View File

@ -1,107 +0,0 @@
---
title: CTO Case Provider Decision Packet Issues
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-05-31
last_reviewed: 2026-05-31
core_promotion_status: not-promoted
route: cto
---
# CTO Case Provider Decision Packet Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## CTO-WORK-023 - Case Provider Decision Packet PRD
Status: validated.
Register the compact decision packet for resolving the `CTO-WORK-020` provider policy blocker without approving a provider/model.
Acceptance:
- States `local_provider_required` is current selected state.
- Lists only `external_provider_approved` and `local_provider_required` as active branches.
- Says it does not approve or admit any provider/model.
- Says it is not Stage 2 pass evidence.
- Requires a structured decision record using only `not_decided`, `external_provider_approved`, or `local_provider_required`.
- References existing evidence paths and commits instead of copying runtime evidence.
- Keeps `CTO-WORK-020` as provider/model admission authority.
- Keeps `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` as execution admission gate.
- Requires exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations before admission.
- Requires no secrets in SOT, task file, argv, report, trace, backend logs, generated config, or commits.
- States `CTO-WORK-022` stays blocked until explicit local provider config and real Case Stage 2 pass evidence exist.
- States real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist.
- States no Target Repository path may be inspected or copied.
## CTO-WORK-024 - Resolve Case Provider Decision
Status: validated.
JP or a governed Core route chooses one `CTO-WORK-020` decision branch and records the required non-secret fields.
Acceptance:
- Decision record selects exactly one branch: `external_provider_approved` or `local_provider_required`.
- `not_decided` remains the safe default until a decision is recorded.
- Decision record is structured and uses only `not_decided`, `external_provider_approved`, or `local_provider_required`.
- Decision record references existing evidence paths and commits instead of copying runtime evidence.
- If `external_provider_approved`, the record names exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations.
- If `local_provider_required`, the record sets provider class `local_case_compatible` and keeps exact provider/model empty until a local provider/model is supplied and admitted.
- No secret value is written to SOT, task file, argv, report, trace, backend logs, generated config, or commit.
- `CTO-WORK-020` remains blocked until admitted provider/model and real Stage 2 pass report exist.
- `CTO-WORK-022` remains blocked until explicit local provider config and real Case Stage 2 pass evidence exist.
- Real Case Stage 2 remains blocked unless `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` exists and matches `CTO_HARNESS_CASE_MODEL_PROVIDER` and `CTO_HARNESS_CASE_MODEL`.
Resolved by:
- `CTO-CASE-PROVIDER-DECISION-RECORD.md` selecting `local_provider_required`.
- Real Case Stage 2 remains blocked by `CTO-WORK-020` admission JSON and Harness Evidence Interface proof.
## CTO-WORK-025 - Initial Not-Decided Provider Decision Record
Status: validated.
Record the initial fail-closed `CTO-WORK-020` decision state as `not_decided`.
Acceptance:
- Decision record has `decision_status`: `not_decided`.
- Provider class, provider, model, approval source, credential source class, allowed network class, and review trigger remain empty while blocked.
- Evidence sources reference existing admission and decision packet files only.
- Record says `not_decided` means no provider/model may run.
- Record says it is not provider/model admission, not Stage 2 pass evidence, and not approval for external or local provider use.
- Record says `CTO-WORK-024` remains blocked because this record does not select `external_provider_approved` or `local_provider_required`.
- Record says only JP or a governed Core route may change it away from `not_decided`.
- Record allows only `external_provider_approved` or `local_provider_required` as future non-`not_decided` values.
- Record requires no secret value in SOT, task file, argv, report, trace, backend logs, generated config, or commit.
- Record says no Target Repository path may be inspected or copied.
- Record keeps `CTO-WORK-020` as provider/model admission authority.
- Record keeps `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` as execution admission gate.
- Record keeps `CTO-WORK-024` blocked while `decision_status=not_decided`.
- Record keeps `CTO-WORK-022` blocked unless `decision_status=local_provider_required`.
- Record keeps real Case Stage 2 blocked until admitted provider/model and Harness Evidence Interface pass report exist.
## CTO-WORK-026 - Qwen Local Primary Provider Decision
Status: validated.
Record JP approval of the local Qwen primary provider decision branch for the current Hermes model stack.
Acceptance:
- Decision record has `decision_status`: `local_provider_required`.
- Decision record has `provider_class`: `local_case_compatible`.
- Decision record has `provider`: `qwen-local`.
- Decision record has `model`: `qwen3.6-35b-a3b`.
- Decision record has `fallback_provider`: `openai-codex`.
- Decision record has `fallback_model`: `gpt-5.5`.
- Decision record has `credential_source_class`: `pi-models-json-local-provider-no-secret-plus-codex-oauth-fallback`; no secret value.
- Decision record has `allowed_network_class`: `local-tailscale-vllm-spark1-plus-codex-oauth-fallback`.
- Decision record references Hermes model policy and local Hermes config as evidence sources without copying secrets.
- Record says it is not provider/model admission and is not Stage 2 pass evidence.
- Record says `CTO-WORK-024` is resolved by selecting `local_provider_required`.
- Record keeps `CTO-WORK-020` blocked until admission JSON and real Stage 2 pass evidence exist.
- Record keeps `CTO-WORK-022` blocked until explicit local provider config and real Case Stage 2 pass evidence exist.
- Record requires fallback to `openai-codex` with `gpt-5.5` to be explicit in admission evidence before it may count as a Case provider/model path.

135
.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-PACKET-PRD.md
View File

@ -1,135 +0,0 @@
---
title: CTO Case Provider Decision Packet PRD
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-05-31
last_reviewed: 2026-05-31
core_promotion_status: not-promoted
route: cto
---
# CTO Case Provider Decision Packet PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
`CTO-WORK-020` is blocked by a provider policy decision. The route has two valid branches: approve one exact external provider/model path, or require a Case-compatible local provider route. Without a compact decision packet, the next operator choice can become ambiguous and accidentally look like provider approval.
## Solution
Create a child-local decision packet that makes the `CTO-WORK-020` choice explicit, bounded, and auditable. The packet does not approve a provider/model and is not Stage 2 pass evidence. It only records the decision options, required evidence fields, consequences, and blocked next actions for JP or a governed Core route to resolve later.
## Scope
- Summarize the current `CTO-WORK-020` blocker.
- Present only two active decision branches: `external_provider_approved` and `local_provider_required`.
- Preserve `local_provider_required` as the current selected state.
- Require a structured decision record using only `not_decided`, `external_provider_approved`, or `local_provider_required`.
- Require exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations before any admission.
- Reference existing evidence paths and commits; do not copy runtime evidence into the packet.
- Require no secret value in SOT, task file, argv, report, trace, backend logs, generated config, or commit.
- Keep `CTO-WORK-020` as the admission authority.
- Keep the `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` admission JSON gate as execution authority.
- Keep `CTO-WORK-022` blocked until explicit local provider config is supplied and real Case Stage 2 pass evidence exists.
- Keep real Case Stage 2 blocked unless a provider/model is admitted and a pass report exists through the Harness Evidence Interface.
- State that no Target Repository path may be inspected or copied.
## Non-Goals
- Do not approve Anthropic, Claude, local inference, or any other provider.
- Do not admit a provider/model.
- Do not implement a provider adapter.
- Do not run real Case Stage 2.
- Do not create a provider marketplace, registry, or scoring framework.
- Do not change Hermes runtime behavior.
- Do not mutate Cortex Core, Case source, vendor source, external developer repositories, or Target Repositories.
- Do not treat Case, Hermes, Pi, Codex, or any backend as Cortex authority.
## Decision Branches
### Branch A - External Provider Approved
Use only if JP or a governed Core route approves an external provider path.
Required decision fields:
- `decision_status`: `external_provider_approved`.
- `provider_class`: `external_anthropic` or `external_openai_codex`.
- `provider`: exact provider string.
- `model`: exact model string.
- `approval_source`: JP approval reference or governed Core route reference.
- `credential_source_class`: credential class only; no secret value.
- `allowed_network_class`: approved outbound network class.
- `review_trigger`: expiry, date, or condition that forces review.
- `evidence_sources`: existing admission/build evidence references.
- `effect`: `CTO-WORK-020 remains blocked until admitted provider/model and real Stage 2 pass report exist`.
Consequences:
- `CTO-WORK-022` stays blocked.
- Hermes may attempt real Case Stage 2 only after admission JSON exists and matches `CTO_HARNESS_CASE_MODEL_PROVIDER` and `CTO_HARNESS_CASE_MODEL`.
- `openai-codex` with model `gpt-5.5` may be recorded as the primary approved external provider only when the approval source, credential source class, allowed network class, review trigger, and admission JSON are recorded.
- `vllm` with model `qwen3.6-35b-a3b` may be recorded as an explicit fallback only when fallback use is represented in admission evidence and does not hide provider/model switching.
- Any fallback to `anthropic` or `claude-sonnet-4-6` without matching admission blocks before `case_process_started`.
### Branch B - Local Provider Required
Use only if external provider use is not approved.
Required decision fields:
- `decision_status`: `local_provider_required`.
- `provider_class`: `local_case_compatible`.
- `provider`: exact local provider string.
- `model`: exact local model string.
- `approval_source`: JP approval reference or governed Core route reference.
- `credential_source_class`: local credential or no-secret class only.
- `allowed_network_class`: local-only or explicitly bounded network class.
- `review_trigger`: expiry, date, or condition that forces review.
- `evidence_sources`: references to existing admission/local-provider-route evidence.
- `effect`: `CTO-WORK-020 remains blocked until local provider/model admission and real Stage 2 pass report exist`.
Consequences:
- `CTO-WORK-022` becomes the next implementation candidate.
- `qwen-local` with model `qwen3.6-35b-a3b` may be recorded as the primary approved local provider only when the approval source, credential source class, allowed network class, review trigger, and admission JSON are recorded.
- `openai-codex` with model `gpt-5.5` may be recorded as fallback only when fallback use is represented in admission evidence and does not hide provider/model switching.
- No external fallback to `anthropic` or `claude-sonnet-4-6` is allowed.
- Missing local adapter config blocks before `case_process_started`.
- Admission JSON mismatch blocks before `case_process_started`.
## Acceptance Criteria
- Packet states `local_provider_required` is current selected state.
- Packet lists only `external_provider_approved` and `local_provider_required` as active branches.
- Packet says it does not approve or admit any provider/model.
- Packet says it is not Stage 2 pass evidence.
- Packet requires a structured decision record using only `not_decided`, `external_provider_approved`, or `local_provider_required`.
- Packet references existing evidence paths and commits instead of copying runtime evidence.
- Packet keeps `CTO-WORK-020` as the provider/model admission authority.
- Packet keeps `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` as the execution admission gate.
- Packet requires exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations before admission.
- Packet permits provider class `external_openai_codex` only as a decision branch, not as admission or Stage 2 proof.
- Packet requires no secrets in SOT, task file, argv, report, trace, backend logs, generated config, or commits.
- Packet states `CTO-WORK-022` stays blocked until explicit local provider config and real Case Stage 2 pass evidence exist.
- Packet states real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist.
- Packet states no Target Repository path may be inspected or copied.
## Validation
- `python3 tools/validate_cto_child.py` validates this child-local route.
- Future branch execution must use existing Hermes focused validators for provider admission and local-provider adapter gates.
- Future real Case validation must use the Harness Evidence Interface, same-run fake baseline comparison, and copied artificial fixture Stage 2 only.
## Risks And Dependencies
- JP approval or governed Core approval remains required for external provider use.
- Local provider use may require a separate Case-compatible endpoint or adapter implementation.
- A decision packet can reduce ambiguity but cannot supply credentials, provider availability, or model quality.
- The WorkOS Case default provider behavior may change; actual run evidence remains authoritative.
## Success Definition
The `CTO-WORK-020` human-only blocker is represented as one precise decision packet: local Qwen is the selected provider policy, no execution is authorized without admission plus Harness Evidence Interface proof, and fallback use remains explicit.

87
.sot/03-PROTOCOLS/CTO-CASE-PROVIDER-DECISION-RECORD.md
View File

@ -1,87 +0,0 @@
---
title: CTO Case Provider Decision Record
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-05-31
last_reviewed: 2026-05-31
core_promotion_status: not-promoted
route: cto
---
# CTO Case Provider Decision Record
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Current Decision State
- `decision_status`: `local_provider_required`.
- `provider_class`: `local_case_compatible`.
- `provider`: `qwen-local`.
- `model`: `qwen3.6-35b-a3b`.
- `fallback_provider`: `openai-codex`.
- `fallback_model`: `gpt-5.5`.
- `approval_source`: JP chat approval on 2026-05-31.
- `credential_source_class`: `pi-models-json-local-provider-no-secret-plus-codex-oauth-fallback`; no secret value.
- `allowed_network_class`: `local-tailscale-vllm-spark1-plus-codex-oauth-fallback`.
- `review_trigger`: before real Case Stage 2 admission JSON is written, before any credential source change, and before any default/fallback model change.
- `evidence_sources`: `CTO-CASE-MODEL-PROVIDER-ADMISSION-ISSUES.md`, `CTO-CASE-PROVIDER-DECISION-PACKET-PRD.md`, `CTO-CASE-PROVIDER-DECISION-PACKET-ISSUES.md`, `/home/svrnty/workspaces/hermes/scripts/apply-hermes-model-policy.py`, `/home/svrnty/.hermes/config.yaml`.
- `effect`: `CTO-WORK-020 remains blocked until admitted provider/model and real Stage 2 pass report exist`.
## Meaning
`local_provider_required` means JP approved the provider decision branch for the existing Hermes model stack: `qwen-local` with model `qwen3.6-35b-a3b` as primary, and `openai-codex` with model `gpt-5.5` as fallback.
This record is not provider/model admission and is not Stage 2 pass evidence. It does not authorize Case to run until the `CTO-WORK-020` admission JSON exists and the Harness Evidence Interface proves real Stage 2.
`CTO-WORK-024` is resolved by this record selecting `local_provider_required`.
## Decision History
Previous state:
- `decision_status`: `not_decided`.
- `not_decided` means no provider/model may run.
Future changes:
- Only JP or a governed Core route may change this record away from `local_provider_required`.
- Allowed future values remain `external_provider_approved` or `local_provider_required`.
Any future state must include exact non-secret fields required by `CTO-WORK-020`: provider/model when applicable, approval source, credential source class, allowed network class, review trigger, and evidence expectations.
## Safety Constraints
- No secret value may appear in SOT, task file, argv, report, trace, backend logs, generated config, or commit.
- No Target Repository path may be inspected or copied.
- `CTO-WORK-020` remains provider/model admission authority.
- `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` remains execution admission gate.
- `CTO-WORK-022` remains blocked until explicit local provider config is supplied and real Case Stage 2 pass evidence exists.
- Real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist.
- Fallback to `openai-codex` with `gpt-5.5` must be explicit in admission evidence before it may count as a Case provider/model path.
- Existing evidence paths and commits are referenced only; runtime evidence is not copied into this record.
## Runtime Compatibility Finding - 2026-06-01
- Hermes commit `5db23c7 Fail closed on Case Codex auth gap` blocks the admitted `openai-codex` / `gpt-5.5` Case path before `case_process_started` unless a non-vendor auth bridge is proven.
- The block exists because Case's pipeline SDK path constructs its Pi Agent runtime directly and does not pass Pi AuthStorage OAuth headers into `streamSimple`.
- Pi env API-key lookup does not map `openai-codex` to an environment API key.
- The Case-compatible local provider id for the current local Spark fallback path is `qwen-local`, model `qwen3.6-35b-a3b`.
- The non-secret admission JSON for that local Case path is `.sot/03-PROTOCOLS/CTO-CASE-MODEL-PROVIDER-ADMISSION.qwen-local-qwen3.6-35b-a3b.json`.
- This finding does not change Hermes primary model policy.
- This finding does not mark `CTO-WORK-020`, `CTO-WORK-016`, or Stage 2 as validated.
## Provider Policy Update - 2026-06-01
- JP selected `qwen-local` / `qwen3.6-35b-a3b` on Spark as the default Case provider path.
- JP kept `openai-codex` / `gpt-5.5` as fallback only.
- The fallback remains blocked by the known OpenAI Codex auth bridge gap unless a non-vendor bridge is proven.
- The local Qwen path remains blocked before Case process start unless `CTO_HARNESS_CASE_LOCAL_BASE_URL` is explicitly supplied.
- This update changes provider policy only. It does not mark real Case Stage 2 as passed.
## Spark Endpoint Config Reference - 2026-06-01
- `CTO-WORK-030` tracks the runtime Spark endpoint config required for the selected Qwen local path.
- The required runtime variable is `CTO_HARNESS_CASE_LOCAL_BASE_URL`.
- The endpoint value must not be copied into SOT, commits, task files, argv examples, backend logs, reports, or traces.
- A configured endpoint alone does not validate `CTO-WORK-016`, `CTO-WORK-020`, `CTO-WORK-022`, or `CTO-WORK-028`.

129
.sot/03-PROTOCOLS/CTO-CASE-SOURCE-ADMISSION-RECORD.md
View File

@ -1,129 +0,0 @@
---
name: cto-case-source-admission-record
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-CANDIDATE-BACKEND-PRD.md
created: 2026-05-31
last_reviewed: 2026-05-31
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local source admission record for evaluating Case as a candidate CTO backend.
---
# CTO Case Source Admission Record
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Purpose
Record the minimum source admission facts required before Case can progress beyond planning as a Case Candidate Backend.
This record does not admit Case for execution. It records a pinned public source observation and names the remaining blockers before any non-artificial run.
## Non-Authority Notice
This record does not authorize Runtime behavior, WebUI Product behavior, Case execution, real-repo mutation, merge, deploy, push, close, vendor-source mutation, external developer repository mutation, or Core promotion.
## Source Identity
| Field | Value |
| --- | --- |
| Source name | Case |
| Source URL | `https://github.com/workos/case.git` |
| Source web URL | `https://github.com/workos/case` |
| Source type | public Git repository |
| Observed branch | `main` |
| Pinned commit | `7959ac917cdeb0983b4aaa20bb9f42021747fed8` |
| Commit date | `2026-05-19T18:05:46-07:00` |
| Retrieval date | `2026-05-31` |
| Retrieval command | `git clone --depth 1 https://github.com/workos/case.git` |
| Integrity reference | pinned Git commit SHA-1 `7959ac917cdeb0983b4aaa20bb9f42021747fed8` |
## License Note
License status is unresolved.
Observed facts from the retrieval:
- no top-level `LICENSE` or `LICENSE.md` file was found in the shallow clone;
- `package.json` did not expose a license field in the inspected section;
- `package.json` contains `"private": true`.
Admission consequence: Case is not admitted for non-artificial execution until a human-readable license note is completed and the allowed internal-use posture is explicit.
## Source Boundary
Protected source boundary:
- do not mutate the Case repository;
- do not vendor Case source into Cortex OS Core;
- do not copy Case implementation source into this child workspace;
- do not treat Case source as Cortex OS authority;
- do not run Case against a Target Repository from this record alone.
Allowed planning use:
- reference the source URL;
- reference the pinned commit;
- inspect public metadata for admission planning;
- define adapter contracts against observed behavior without importing vendor implementation.
## Allowed Execution Mode
Current allowed execution mode: planning-only.
Blocked modes:
- artificial Case run;
- copied repository fixture run;
- disposable sandbox repository run;
- owned noncritical repository run;
- candidate-default real-repo use.
Mode unlock requires a later validated adapter contract, source license note, harness evidence validation, explicit gate, and staged proof record.
## Update Rule
Changing the pinned Case source requires:
- previous source URL;
- previous pinned commit or tag;
- new source URL;
- new pinned commit or tag;
- retrieval date;
- retrieval command;
- license note review;
- rerun of applicable adapter fixtures;
- evidence record naming previous and new source IDs.
No moving branch reference may be used as proof without a pinned commit or tag.
## Admission Status
Status: not admitted for execution.
Reason: source identity is pinned, but license note and executable adapter proof are incomplete.
## Evidence
Observed retrieval commands:
```text
git ls-remote https://github.com/workos/case.git HEAD refs/heads/main refs/tags/*
git clone --depth 1 https://github.com/workos/case.git
git rev-parse HEAD
git show -s --format=%cI HEAD
git remote get-url origin
```
Observed source metadata:
```text
HEAD: 7959ac917cdeb0983b4aaa20bb9f42021747fed8
origin: https://github.com/workos/case.git
commit date: 2026-05-19T18:05:46-07:00
package private: true
license file: not found in shallow clone
license field: not observed in inspected package.json
```

154
.sot/03-PROTOCOLS/CTO-CASE-SPARK-ENDPOINT-CONFIG-ISSUES.md
View File

@ -1,154 +0,0 @@
---
title: CTO Case Spark Endpoint Config Issues
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
route: cto
---
# CTO Case Spark Endpoint Config Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## CTO-WORK-030 - Spark Local Provider Endpoint Config
Status: validated.
Supply explicit Spark OpenAI-compatible endpoint config for the selected `qwen-local` / `qwen3.6-35b-a3b` Case path, without storing endpoint secrets in SOT or commits.
Acceptance:
- `CTO_HARNESS_CASE_LOCAL_BASE_URL` is supplied at runtime for the real Qwen Case Stage 2 retry.
- Missing endpoint config blocks before `case_process_started`.
- Missing endpoint config writes `backend/provider-local-config-unavailable.txt`.
- Endpoint values are not written to SOT, task file, argv, backend logs, report, trace, generated config, or commit.
- Harness report proves `case_model_provider`: `qwen-local`.
- Harness report proves `case_model`: `qwen3.6-35b-a3b`.
- Harness report proves `case_model_admission_status`: `admitted`.
- Harness report proves no fallback to `anthropic` or `claude-sonnet-4-6`.
- Real Case Stage 2 pass evidence exists only through the Harness Evidence Interface.
- A configured endpoint alone does not validate `CTO-WORK-016`, `CTO-WORK-020`, `CTO-WORK-022`, or `CTO-WORK-028`.
- No Target Repository path may be inspected or copied.
- Same-run fake baseline comparison remains required for any pass claim.
- `CTO-WORK-016` remains blocked until real Case Stage 2 pass evidence exists.
- `CTO-WORK-022` remains blocked until explicit endpoint config and real Case Stage 2 pass evidence exist.
Blocked by:
- Real Case Stage 2 pass evidence.
- Case agent-result protocol compatibility.
Current evidence:
- Non-secret readiness check on 2026-06-01 showed `CTO_HARNESS_CASE_LOCAL_BASE_URL=missing`.
- Existing Hermes harness blocks missing local provider config before `case_process_started`.
## Spark vLLM Runtime Evidence - 2026-06-01
- Spark1 was reachable over Tailscale and SSH.
- A vLLM Docker container exposed an OpenAI-compatible model route for `qwen3.6-35b-a3b`.
- The Spark endpoint value was supplied only through runtime environment and is not recorded in this SOT.
- The standard command class was `harness/evals/case-qwen-loop.sh --json`.
- Run artifact directory: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T022535Z-r1-string-slugify-2731603`.
- Report status: `fail`.
- Backend: `case`.
- Backend exit code: `1`.
- Case process started: `true`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- Source admission status: `not_admitted`.
- Failure reason: `case agent result protocol failed`.
- The harness recorded no changed files.
- The patch artifact was empty.
- Tests failed because the artificial fixture bug remained unchanged.
- This proves the Spark endpoint blocker was crossed for one runtime attempt.
- This does not validate `CTO-WORK-016`, `CTO-WORK-020`, `CTO-WORK-022`, or `CTO-WORK-028`.
- Current active blocker is the Case agent-result protocol seam.
## Spark Response Shape Gate Evidence - 2026-06-01
- Hermes commit: `974813b Block Case on reasoning-only local provider`.
- The Hermes Case Qwen loop now enables a local provider response-shape probe before Case process start.
- The probe classifies OpenAI-compatible responses that contain reasoning but no assistant content.
- Runtime endpoint value was supplied only through environment and is not recorded in SOT.
- Run artifact directory: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T023119Z-r1-string-slugify-2759949`.
- Report status: `blocked`.
- Failure reason: `provider response shape unavailable`.
- Marker: `backend/provider-reasoning-only.txt`.
- Case process started: `false`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- This proves Spark endpoint config is reachable but response-shape incompatible with Case/Pi result parsing.
- `CTO-WORK-030` remains blocked until a configured endpoint can support a real Stage 2 pass.
- Current downstream blocker is `CTO-WORK-031`.
## Spark Response Probe Budget Correction - 2026-06-01
- Hermes commit: `bbe7c72 Use realistic Case local response probe`.
- Direct Spark probe showed `qwen3.6-35b-a3b` returns reasoning only at `max_tokens=32`.
- Direct Spark probe showed the same route returns assistant content at `max_tokens=256` and `max_tokens=1024`.
- The Hermes response-shape probe now uses `max_tokens=1024`.
- Focused validator added `local_provider_delayed_content_allows_case`.
- Runtime endpoint value was supplied only through environment and is not recorded in SOT.
- Real Case Qwen loop artifact after the correction: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T023532Z-r1-string-slugify-2776187`.
- Report status: `fail`.
- Failure reason: `case agent result protocol failed`.
- Case process started: `true`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- Result: Spark endpoint availability is no longer the current unknown; Stage 2 remains blocked by the Case agent-result protocol seam.
## Spark OpenAI-Compatible Runtime Bridge Evidence - 2026-06-01
- Hermes commit: `5c5448b Bridge Case Qwen through OpenAI-compatible runtime`.
- The harness reached Spark through an OpenAI-compatible Case runtime provider bridge.
- CTO admission identity stayed `qwen-local` / `qwen3.6-35b-a3b`.
- Runtime endpoint value was supplied only through environment and is not recorded in SOT.
- Focused validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T024443Z-r1-string-slugify-2817037`.
- Real Case Qwen loop artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T024456Z-r1-string-slugify-2819659`.
- Report status: `fail`.
- Failure reason: `case engine failed with exit code 124`.
- Case process started: `true`.
- Case runtime model provider: `openai`.
- Tests passed: `true`.
- Patch artifact was non-empty.
- This proves endpoint config and runtime provider bridging are sufficient for Case to produce a fixture patch.
- This does not validate `CTO-WORK-016`, `CTO-WORK-020`, `CTO-WORK-022`, `CTO-WORK-028`, or `CTO-WORK-032`.
- Current active blocker is Case lifecycle timeout after valid patch evidence.
## Spark Stage 2 Pass Evidence - 2026-06-01
- Hermes commit: `fc54680 Complete Case lifecycle after committed proof`.
- Real Case Qwen Stage 2 pass artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T025817Z-r1-string-slugify-2907822`.
- Runtime endpoint value was supplied only through environment and is not recorded in SOT.
- Report status: `pass`.
- Case process started: `true`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- Tests passed: `true`.
- Required events passed: `true`.
- Changed files: `strings.py`.
- Result: `CTO-WORK-030` is validated for Stage 2 artificial fixture only.
## Hermes Case Qwen Loop Evidence - 2026-06-01
- Hermes commit: `6c453ee Add Case Qwen loop entrypoint`.
- New command: `harness/evals/case-qwen-loop.sh --json`.
- The command sets fixed non-secret Case/Qwen routing knobs for `qwen-local` / `qwen3.6-35b-a3b`.
- The command requires `CTO_HARNESS_CASE_BIN` and `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` from the caller.
- The command delegates to `run-case.sh --engine case` so runtime artifacts keep the Harness Evidence Interface shape.
- The command must not print `CTO_HARNESS_CASE_LOCAL_BASE_URL`.
- Focused validator passed: `python3 harness/runner/validate-case-provider-adapter.py --harness-root harness --json`.
- Focused validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T022022Z-r1-string-slugify-2694767`.
- Pre-merge aggregate validator passed: `harness/evals/health.sh --json`.
- Pre-merge aggregate validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T022036Z-r1-string-slugify-2695716`.
- Post-merge aggregate validator passed: `harness/evals/health.sh --json`.
- Post-merge aggregate validator artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T022100Z-r1-string-slugify-2697229`.
- `CTO-WORK-030` remains blocked until `CTO_HARNESS_CASE_LOCAL_BASE_URL` is supplied at runtime and a real Stage 2 pass report exists.

76
.sot/03-PROTOCOLS/CTO-CASE-SPARK-ENDPOINT-CONFIG-PRD.md
View File

@ -1,76 +0,0 @@
---
title: CTO Case Spark Endpoint Config PRD
status: draft
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
route: cto
---
# CTO Case Spark Endpoint Config PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
`qwen-local` / `qwen3.6-35b-a3b` is now the selected primary Case provider policy, but real Case Stage 2 cannot start until the Hermes CTO harness receives explicit Spark OpenAI-compatible endpoint config.
Current non-secret readiness check showed `CTO_HARNESS_CASE_LOCAL_BASE_URL` is missing. The harness correctly blocks before `case_process_started` instead of falling back to ambient Pi config or an external model.
## Solution
Create a narrow child-local endpoint config route for Spark local provider readiness. The route records exactly what must be supplied and proven before a real Qwen Case Stage 2 retry can count.
## Scope
- Require explicit `CTO_HARNESS_CASE_LOCAL_BASE_URL` for `qwen-local`.
- Treat the endpoint value as runtime config, not SOT content.
- Do not store endpoint secrets or credential values in SOT, argv, task file, backend logs, report, trace, generated config, or commit.
- Require the Hermes CTO harness to keep blocking before `case_process_started` when the local endpoint config is missing.
- Require missing endpoint config to write `backend/provider-local-config-unavailable.txt`.
- Require future proof through the Harness Evidence Interface.
- Keep copied artificial fixture scope only.
- Require no Target Repository path to be inspected or copied.
- Keep same-run fake baseline comparison required.
- Keep `CTO-WORK-020`, `CTO-WORK-016`, `CTO-WORK-022`, and Stage 2 blocked until real pass evidence exists.
## Non-Goals
- Do not discover or print credentials.
- Do not read secret-bearing Hermes config.
- Do not mutate Case source, Cortex Core, vendor source, external developer repositories, or Target Repositories.
- Do not approve a new provider/model.
- Do not treat endpoint presence as Stage 2 pass evidence.
- Do not promote Case to copied repo, sandbox repo, owned repo, or default candidate.
## Acceptance Criteria
- The route names `CTO_HARNESS_CASE_LOCAL_BASE_URL` as the required local endpoint config.
- The route states missing endpoint config blocks before `case_process_started`.
- The route states missing endpoint config writes `backend/provider-local-config-unavailable.txt`.
- The route states endpoint values must not be written to SOT or commits.
- The route states endpoint presence is not Stage 2 pass evidence.
- The route states a configured endpoint alone does not validate `CTO-WORK-016`, `CTO-WORK-020`, `CTO-WORK-022`, or `CTO-WORK-028`.
- The route states no Target Repository path may be inspected or copied.
- The route requires real Case Stage 2 proof through the Harness Evidence Interface before unblocking `CTO-WORK-016`.
- The route keeps `CTO-WORK-022` blocked until explicit endpoint config and real Stage 2 pass evidence exist.
- The route keeps fake as the default validation lane.
## Validation
- `python3 tools/validate_cto_child.py` validates this child-local route.
- Future Hermes focused validation remains `python3 harness/runner/validate-case-provider-adapter.py --harness-root harness --json`.
- Future real Qwen validation must run copied artificial fixture Stage 2 with `CTO_HARNESS_CASE_LOCAL_BASE_URL` present and no endpoint value written to SOT.
## Risks And Dependencies
- Spark may be unavailable or not serving an OpenAI-compatible endpoint.
- The endpoint may require credentials or network state outside this workspace.
- Local model quality may still fail the `AGENT_RESULT` protocol or code-change task after endpoint config is supplied.
- A supplied endpoint does not remove the need for admitted provider/model proof.
## Success Definition
The Spark endpoint requirement is explicit, secret-safe, and governed. A future operator can supply `CTO_HARNESS_CASE_LOCAL_BASE_URL` and run one real Case Stage 2 proof without guessing which config is missing or allowing fallback behavior.

79
.sot/03-PROTOCOLS/CTO-CASE-STAGE1-GATED-ENGINE-ISSUES.md
View File

@ -1,79 +0,0 @@
---
name: cto-case-stage1-gated-engine-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE1-GATED-ENGINE-PRD.md
created: 2026-05-31
last_reviewed: 2026-05-31
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for Stage 1 gated Case engine proof.
---
# CTO Case Stage 1 Gated Engine Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue Sequence
### CTO-WORK-009 - Stage 1 Gated Case Engine PRD
Type: AFK
Blocked by: CTO-WORK-008
User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 9, 11.
What to build: Define the Stage 1 gated Case engine proof as a child-local PRD and issue sequence before implementation starts.
Acceptance criteria:
- [ ] PRD states Stage 1 allowed mutation scope is `none`.
- [ ] PRD states Case is not executed.
- [ ] PRD requires blocked default-deny behavior.
- [ ] PRD requires evidence artifacts and no source mutation proof.
- [ ] PRD names `backend.gate.blocked` and `CTO_HARNESS_ALLOW_CASE=1`.
- [ ] Local CTO validator checks the PRD and issue artifact.
Allowed files: CTO child workspace planning docs and local validator only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.
### CTO-WORK-010 - Stage 1 Harness Implementation Route
Type: AFK
Blocked by: CTO-WORK-009
User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 9, 11.
What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, implement a no-op gated `case` backend that proves default-deny behavior, evidence emission, and no source mutation.
Acceptance criteria:
- [ ] `case` backend is registered but disabled by default.
- [ ] `harness.yaml` uses `gated_by_env: CTO_HARNESS_ALLOW_CASE`.
- [ ] Usage text, argument validation, `harness.yaml`, and engine dispatch all recognize `case`.
- [ ] `--engine case` is rejected unless `CTO_HARNESS_ALLOW_CASE=1`.
- [ ] Missing gate produces blocked status.
- [ ] Missing gate emits `backend.gate.blocked` with `backend`, `gate`, `reason`, `mutation_mode`, and `case_executed: false`.
- [ ] Required Stage 1 artifacts are produced, including `report.md` and `backend/case-gate.log`.
- [ ] Fake remains default validation lane.
- [ ] No Case process runs.
- [ ] `report.json` records `source_admission_status: not_admitted` and `case_process_started: false`.
- [ ] No files under harness source checkout, target repo, Case source, vendor source, or Cortex Core are changed during execution.
- [ ] Gate runs before case workspace copy, `git init`, runner invocation, target repository inspection, or Case process start.
- [ ] Focused validator runs command-level checks for default fake, blocked `--engine case` without env, and enabled no-op Stage 1 behavior.
Allowed files: `harness.yaml`, `harness/evals/run-case.sh`, focused Stage 1 validator, docs, and tests under the routed Hermes CTO harness. WebUI, Core, Case source, vendor source, and target repositories are forbidden.
Validator: focused Stage 1 harness validator, plus local harness validation.
Done evidence: Stage 1 report JSON, normalized events, artifact digests, no-mutation proof, clean worktree, commit.
## Granularity Check
This is intentionally two slices: one governed planning route, one future executable harness implementation. Combining them would skip the PRD-to-issue control loop.

92
.sot/03-PROTOCOLS/CTO-CASE-STAGE1-GATED-ENGINE-PRD.md
View File

@ -1,92 +0,0 @@
---
name: cto-case-stage1-gated-engine-prd
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGED-PROOF-GATES.md
created: 2026-05-31
last_reviewed: 2026-05-31
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local PRD for Stage 1 gated Case engine proof with no mutation and no Case execution.
---
# CTO Case Stage 1 Gated Engine PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
The CTO planning path now defines the Case candidate backend, evidence interface, source admission record, adapter contract, failure matrix, and staged proof gates. The next risk is jumping from planning into executable Case integration too broadly. Stage 1 must prove only the smallest safe executable behavior: the harness can recognize a gated `case` backend, reject it by default, and produce evidence for that rejection without mutating source or running Case.
## Solution
Define a no-mutation Stage 1 implementation slice for the Hermes CTO harness route. The slice creates a no-op gated `case` backend path that proves default-deny behavior and evidence emission. It does not run Case, does not inspect target repositories, does not patch files, and does not broaden Hermes WebUI behavior.
## Scope
- Register `case` as a gated backend in the future harness implementation.
- Require `CTO_HARNESS_ALLOW_CASE=1` before `--engine case` can proceed past the Stage 1 gate.
- Produce a blocked report when the gate is missing.
- Produce normalized events and artifacts for the blocked preflight.
- Prove no source mutation.
- Keep fake as the default validation lane.
- Route future implementation through `/home/svrnty/workspaces/hermes/cto/harness` after reading that workspace guidance and validators.
## Non-Goals
- Do not run Case.
- Do not create real PRs.
- Do not mutate a Target Repository.
- Do not add WebUI Product behavior.
- Do not resolve the Case license blocker.
- Do not implement artificial fixture execution.
- Do not promote any artifact into Core.
- Do not vendor Case source.
## Acceptance Criteria
- Stage 1 keeps allowed mutation scope as `none`.
- `case` is disabled by default.
- Missing gate produces blocked status, not warning.
- Harness evidence includes `report.json`, `report.md`, `events.normalized.jsonl`, `trace.jsonl`, no-op `patch.diff`, no-op `test.log`, and `backend/case-gate.log`.
- Report records `backend: case`, `status: blocked`, `backend_exit_code`, `blockers`, artifact paths, digests, freshness proof, `source_admission_status: not_admitted`, and `case_process_started: false`.
- Normalized events include `run.started`, `task.contract.created`, `backend.gate.blocked`, and `run.completed`.
- `backend.gate.blocked` includes `backend`, `gate`, `reason`, `mutation_mode`, and `case_executed: false`.
- Stage 1 blocked preflight may omit patch, diff, and verification events only when `report.json` records explicit `not_applicable` reasons.
- Stage 1 gate runs before case workspace copy, `git init`, runner invocation, target repository inspection, or Case process start.
- No files under harness source checkout, target repo, Case source, vendor source, or Cortex Core are changed by the Stage 1 run. Only runtime artifact directory writes are allowed.
- Implementation-time edits may touch only the routed harness files named by the implementation issue.
- Validator proves `--engine case` is rejected unless `CTO_HARNESS_ALLOW_CASE=1`.
- Validator proves fake remains the default validation lane.
- Validator proves `case` is selected through the same engine dispatch path as `fake`, `codex`, and `pi`; no separate command, script path, or special-case bypass.
- Implementation remains outside Cortex OS Core and does not claim Runtime or product readiness.
## Validation
- Focused Stage 1 validator must check gated `case` registration, default-deny behavior, required artifact set, normalized events, no source mutation, fake default retention, and blocked status.
- Focused Stage 1 validator must run command-level checks: default harness without engine still selects `fake`; `--engine case` without env emits blocked evidence; `CTO_HARNESS_ALLOW_CASE=1 --engine case` still does not run Case in Stage 1.
- Focused Stage 1 validator must inspect `harness.yaml`, CLI usage text, argument validation, and engine dispatch.
- Existing child-local CTO validator must require this PRD and issue artifact before later Stage 1 implementation is considered governed.
- Post-implementation validation must run the focused Stage 1 validator before any broader harness validation.
## Risks
- A no-op adapter can be mistaken for Case execution.
- A gate can become warning-only instead of blocking.
- Evidence can become path-only without digest or freshness proof.
- Harness code can accidentally make `case` available by default.
- Stage 1 success can be misused to justify artificial fixture or real-repo work.
## Dependencies
- Validated Harness Evidence Interface Contract.
- Validated Case Adapter Contract.
- Validated Case Failure Fixture Matrix.
- Validated Staged Proof Gate Records.
- Future implementation route in the harness workspace.
- Focused Stage 1 validator spec or stub before implementation edits.
## Success Definition
Stage 1 is successful when the future harness can prove `case` is recognized as a backend, denied by default, evidence-producing, and non-mutating. Stage 1 does not make Case executable and does not resolve Case source admission.

104
.sot/03-PROTOCOLS/CTO-CASE-STAGE2-ARTIFICIAL-FIXTURE-ISSUES.md
View File

@ -1,104 +0,0 @@
---
name: cto-case-stage2-artificial-fixture-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE2-ARTIFICIAL-FIXTURE-PRD.md
created: 2026-05-31
last_reviewed: 2026-05-31
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for Stage 2 Case artificial fixture proof.
---
# CTO Case Stage 2 Artificial Fixture Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue Sequence
### CTO-WORK-011 - Stage 2 Artificial Fixture PRD
Type: AFK
Blocked by: CTO-WORK-010
User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.
What to build: Define the Stage 2 artificial fixture proof before implementation starts.
Acceptance criteria:
- [ ] PRD states Stage 2 allowed mutation scope is `copied artificial case only`.
- [ ] PRD requires Stage 1 validation before Stage 2.
- [ ] PRD requires `CTO_HARNESS_ALLOW_CASE=1` and `CTO_HARNESS_CASE_STAGE=2`.
- [ ] PRD defines allowed roots as `runtime_workspace_root` and `run_artifact_dir`.
- [ ] PRD keeps fake as the default validation lane.
- [ ] PRD forbids Target Repository, Case source, vendor source, external developer repo, Hermes WebUI, and Cortex Core mutation.
- [ ] PRD requires no-target-inspection proof from task contract, command arguments, runtime inputs, environment, and config.
- [ ] PRD requires full Harness Evidence Interface artifacts, digests, freshness proof, and allowed-write proof.
- [ ] PRD requires same-run fake baseline comparison.
- [ ] PRD requires no-diff, disallowed-file, failed-tests, missing-test-command, missing-required-event, and provider-unavailable failure fixtures.
- [ ] Local CTO validator checks Stage 2 PRD and issue artifact.
Allowed files: CTO child workspace planning docs and local validator only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.
### CTO-WORK-012 - Stage 2 Harness Artificial Fixture Route
Type: AFK
Status: validated.
Blocked by: CTO-WORK-011
User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.
What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, implement the Stage 2 Case artificial fixture route behind the existing `case` engine seam.
Acceptance criteria:
- [ ] `case` remains disabled by default.
- [ ] `CTO_HARNESS_ALLOW_CASE=1` remains required.
- [ ] `CTO_HARNESS_CASE_STAGE=2` is required before artificial fixture Case execution.
- [ ] Missing Stage 2 gate emits blocked evidence and does not run Case.
- [ ] Passing Stage 2 run mutates only the copied artificial runtime workspace.
- [ ] No Target Repository path is inspected or copied.
- [ ] Task contract, command arguments, runtime inputs, environment, and config expose no Target Repository path.
- [ ] Writable roots are limited to `runtime_workspace_root` and `run_artifact_dir`.
- [ ] No files under harness source checkout, target repo, Case source, vendor source, external developer repositories, or Cortex Core are changed during execution.
- [ ] Required artifacts include `report.json`, `report.md`, `events.normalized.jsonl`, `trace.jsonl`, `patch.diff`, `test.log`, and backend raw logs under `backend/`.
- [ ] `report.json` records `backend: case`, `source_admission_status: not_admitted`, `case_process_started`, `allowed_writes_passed`, changed files, blockers, artifact digests, and freshness proof.
- [ ] Pass events include `run.started`, `task.contract.created`, `plan.updated`, `patch.applied`, `git.diff.checked`, `verification.completed`, and `run.completed`.
- [ ] Same-run fake baseline comparison records fake and Case artifact paths.
- [ ] Failure fixtures fail closed for no diff, disallowed file, failed tests, missing test command, missing required event, and provider unavailable.
- [ ] Fake remains the default validation lane and broad health remains green after focused Stage 2 validation.
Allowed files: Hermes CTO harness engine, artificial fixtures, focused Stage 2 validator, harness docs, and tests. WebUI, Core, Case source, vendor source, and Target Repositories are forbidden.
Validator: `python3 harness/runner/validate-case-stage2.py --harness-root harness --json`, then `harness/evals/health.sh --json`.
Done evidence: Stage 2 pass report, failure fixture reports, artifact digests, no-mutation proof, clean worktree, commit.
Validation evidence:
- Hermes commit: `fc54680 Complete Case lifecycle after committed proof`.
- Real Case Qwen Stage 2 pass artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T025817Z-r1-string-slugify-2907822`.
- Report status: `pass`.
- Backend: `case`.
- Case model provider: `qwen-local`.
- Case model: `qwen3.6-35b-a3b`.
- Case model admission status: `admitted`.
- Changed files: `strings.py`.
- Tests passed: `true`.
- Required events passed: `true`.
- Source admission status: `not_admitted`.
- No Target Repository path was inspected or copied.
- Stage 3 remains blocked until copied-repo fixture proof exists.
## Granularity Check
This is intentionally two slices: one planning route and one executable harness route. It is not over-granular because Stage 2 is the first Case execution boundary and must be reviewed before any copied-repo work.

110
.sot/03-PROTOCOLS/CTO-CASE-STAGE2-ARTIFICIAL-FIXTURE-PRD.md
View File

@ -1,110 +0,0 @@
---
name: cto-case-stage2-artificial-fixture-prd
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGED-PROOF-GATES.md
created: 2026-05-31
last_reviewed: 2026-05-31
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local PRD for Stage 2 Case artificial fixture execution proof.
---
# CTO Case Stage 2 Artificial Fixture PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
Stage 1 proves that the Hermes CTO harness can recognize `case`, deny it by default, and emit evidence without running Case. The next risk is enabling Case too broadly. Stage 2 must prove only one narrow executable behavior: Case may run against a copied artificial fixture, through the existing harness engine seam, while preserving evidence shape, allowed-write control, fake default behavior, and fail-closed fixture outcomes.
## Solution
Define a Stage 2 implementation slice for `/home/svrnty/workspaces/hermes/cto/harness`. The slice may execute Case only against copied artificial fixture inputs already owned by the harness. It must not inspect or mutate a Target Repository, copied local repo fixture, disposable repo, owned noncritical repo, vendor source, Case source, or Cortex Core.
Stage 2 keeps the `case` backend gated by `CTO_HARNESS_ALLOW_CASE=1` and adds a stricter execution gate named `CTO_HARNESS_CASE_STAGE=2`. Missing Stage 2 gate means blocked, not warning. The fake lane remains the default validation lane and comparison baseline.
Allowed roots are explicit: Stage 2 may write only to `runtime_workspace_root` and `run_artifact_dir`. `runtime_workspace_root` is the copied artificial case workspace created under the harness runtime root. `run_artifact_dir` is the single run evidence directory. All other writes are forbidden, including harness source checkout, Target Repository paths, Case source, vendor source, external developer repositories, and Cortex Core.
## Scope
- Add one artificial fixture task contract for Case adapter proof.
- Allow mutation only inside the copied artificial runtime workspace.
- Preserve the Harness Evidence Interface artifact set.
- Compare Case report shape, event order, allowed writes, verification output, blockers, artifact digests, and freshness proof against fake fixture expectations.
- Use a same-run fake baseline on the same artificial fixture as the comparison artifact.
- Add focused Stage 2 validator checks before broader harness health validation.
- Add failure fixture expectations for no diff, disallowed file, failed tests, missing test command, missing required event, and provider unavailable.
- Keep implementation in the Hermes CTO harness route.
## Non-Goals
- Do not run Case on a Target Repository.
- Do not run Case on a copied local repository fixture.
- Do not create, push, merge, deploy, or close a pull request.
- Do not mutate Case source, vendor source, external developer repositories, Cortex Core, or Hermes WebUI product surfaces.
- Do not resolve Case source admission for real-repo execution.
- Do not promote any artifact into Core.
- Do not make Case a default backend.
## Acceptance Criteria
- Stage 2 entry requires Stage 1 validated.
- Stage 2 allowed mutation scope is `copied artificial case only`.
- Stage 2 allowed roots are `runtime_workspace_root` and `run_artifact_dir`.
- `case` remains disabled by default.
- `CTO_HARNESS_ALLOW_CASE=1` remains required.
- `CTO_HARNESS_CASE_STAGE=2` is required before Case adapter execution.
- Missing Stage 2 gate produces blocked status, not warning.
- Fake remains the default validation lane.
- Case runs only through the same engine dispatch path as fake, Codex, and Pi.
- Case receives only artificial fixture input, allowed paths, forbidden actions, verification command, and evidence expectations.
- No Target Repository path is inspected or copied.
- The focused validator proves the task contract contains no Target Repository path and that runtime inputs, command arguments, environment, and config expose only `runtime_workspace_root` and `run_artifact_dir` as writable roots.
- No files under harness source checkout, target repo, Case source, vendor source, external developer repositories, or Cortex Core are changed by Stage 2 execution.
- Runtime writes are limited to the copied artificial workspace and the run artifact directory.
- `report.json` records `backend: case`, `status`, `backend_exit_code`, `allowed_writes_passed`, `changed_files`, `blockers`, `source_admission_status: not_admitted`, `case_process_started`, artifact paths, artifact digests, and freshness proof.
- Required artifacts include `report.json`, `report.md`, `events.normalized.jsonl`, `trace.jsonl`, `patch.diff`, `test.log`, and backend raw logs under `backend/`.
- Normalized events include `run.started`, `task.contract.created`, `plan.updated`, `patch.applied`, `git.diff.checked`, `verification.completed`, and `run.completed` for pass cases.
- Blocked preflight emits `backend.gate.blocked`.
- Failure fixtures cover no diff, disallowed file, failed tests, missing test command, missing required event, and provider unavailable.
- Failure fixture reports fail closed with blocker reason, nonzero exit where executable, and complete evidence artifacts.
- Same-run fake baseline evidence records the fake run artifact path, the Case run artifact path, and whether report shape, event order, allowed writes, verification output, blockers, artifact digests, and freshness proof match expectations.
## Validation
- Focused Stage 2 validator command is `python3 harness/runner/validate-case-stage2.py --harness-root harness --json`.
- Focused Stage 2 validator output must include `ok`, `checked`, `errors`, pass report paths, failure report paths, same-run fake baseline path, and no-target-inspection proof.
- Focused Stage 2 validator must run `python3 harness/runner/validate-case-stage1.py --harness-root harness --json` first and require it to pass.
- Focused Stage 2 validator must prove fake remains default.
- Focused Stage 2 validator must prove `--engine case` without `CTO_HARNESS_ALLOW_CASE=1` remains blocked.
- Focused Stage 2 validator must prove `CTO_HARNESS_ALLOW_CASE=1` without `CTO_HARNESS_CASE_STAGE=2` remains blocked for execution.
- Focused Stage 2 validator must run one passing artificial fixture through `case` only when both gates are set.
- Focused Stage 2 validator must inspect artifact shape, event order, allowed writes, verification log, digest fields, and freshness proof.
- Focused Stage 2 validator must compare the Case run to a same-run fake baseline on the same fixture.
- Focused Stage 2 validator must run failure fixture checks for no diff, disallowed file, failed tests, missing test command, missing required event, and provider unavailable.
- Focused Stage 2 validator must prove no Target Repository path is present in task contract, command arguments, runtime inputs, environment, or harness config used by the run.
- Broader harness health validation must run after the focused Stage 2 validator is green.
- Cortex CTO child validator must require this PRD and issue artifact before Stage 2 implementation is considered governed.
## Risks
- Stage 2 can be mistaken for real-repo readiness.
- A live Case invocation can leak beyond the artificial fixture if workspace and allowed paths are weak.
- A passing fixture can hide missing failure closure.
- Stage 2 can accidentally make `case` default or bypass fake comparison.
- Missing Case credentials or provider availability can block executable proof.
## Dependencies
- Stage 1 Gated Case Engine is validated.
- Harness Evidence Interface Contract is validated.
- Case Adapter Contract is validated.
- Case Failure Fixture Matrix is validated.
- Stage 1 focused validator exists in the Hermes CTO harness.
- Human-provided credentials or local provider configuration may be required for real Case execution; missing credentials must produce a blocked provider-unavailable result, not a fake pass.
## Success Definition
Stage 2 is successful when Case can execute one copied artificial fixture through the CTO harness, produce the same evidence interface expected from fake fixtures, and fail closed for required artificial failure classes. Stage 2 does not authorize copied repo, sandbox repo, owned repo, default backend, WebUI product, or Core promotion behavior.

93
.sot/03-PROTOCOLS/CTO-CASE-STAGE3-COPIED-REPO-ISSUES.md
View File

@ -1,93 +0,0 @@
---
name: cto-case-stage3-copied-repo-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE3-COPIED-REPO-PRD.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for Stage 3 Case copied-repo fixture proof.
---
# CTO Case Stage 3 Copied Repo Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue Sequence
### CTO-WORK-033 - Stage 3 Copied Repo PRD
Type: AFK
Status: validated.
Blocked by: CTO-WORK-012
User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.
What to build: Define the Stage 3 copied-repo fixture proof before implementation starts.
Acceptance criteria:
- [ ] PRD states Stage 3 allowed mutation scope is `copied local repository fixture only`.
- [ ] PRD requires Stage 2 validation before Stage 3.
- [ ] PRD requires `CTO_HARNESS_ALLOW_CASE=1` and `CTO_HARNESS_CASE_STAGE=3`.
- [ ] PRD requires source repository ownership and local source classification.
- [ ] PRD requires source repository HEAD and status before and after Case execution.
- [ ] PRD requires copied fixture clean start and clean end proof.
- [ ] PRD forbids Target Repository, source repository, Case source, vendor source, Hermes WebUI, and Cortex Core mutation.
- [ ] PRD requires full Harness Evidence Interface artifacts.
- [ ] PRD requires dirty-starting-tree, dirty-ending-tree, timeout, artifact-write-failure, disallowed-file, failed-tests, and missing-required-event failure fixtures.
- [ ] Local CTO validator checks Stage 3 PRD and issue artifact.
Allowed files: CTO child workspace planning docs and local validator only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.
### CTO-WORK-034 - Stage 3 Harness Copied Repo Fixture Route
Type: AFK
Status: validated.
Blocked by: CTO-WORK-033
User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.
What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, implement the Stage 3 copied-repo fixture route behind the existing `case` engine seam.
Acceptance criteria:
- [ ] `case` remains disabled by default.
- [ ] `CTO_HARNESS_ALLOW_CASE=1` remains required.
- [ ] `CTO_HARNESS_CASE_STAGE=3` is required before copied-repo Case execution.
- [ ] Missing Stage 3 gate emits blocked evidence and does not run Case.
- [ ] Source repository is copied before Case starts.
- [ ] Source repository HEAD and status before/after proof match.
- [ ] Case mutates only the copied fixture.
- [ ] Copied fixture starts clean and ends clean after harness post-processing.
- [ ] No Target Repository path is inspected or copied.
- [ ] Required artifacts include source non-mutation proof, clean-start proof, clean-end proof, `report.json`, `report.md`, `events.normalized.jsonl`, `trace.jsonl`, `patch.diff`, `test.log`, and backend logs.
- [ ] Failure fixtures fail closed for dirty source start, dirty copied fixture start, dirty copied fixture end, timeout, artifact write failure, disallowed file, failed tests, and missing required event.
- [ ] Fake remains the default validation lane and broad health remains green after focused Stage 3 validation.
Allowed files: Hermes CTO harness engine, copied-repo fixtures, focused Stage 3 validator, harness docs, and tests. WebUI, Core, Case source, vendor source, source repository, Target Repository, and external developer repositories are forbidden.
Validator: `python3 harness/runner/validate-case-stage3.py --harness-root harness --json`, then `harness/evals/health.sh --json`.
Done evidence:
- Hermes commit: `4edf5f1 Add Case Stage 3 copied repo harness proof`.
- Stage 3 pass report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T031903Z-r1-string-slugify-3018046/report.json`.
- Stage 3 source proof: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T031903Z-r1-string-slugify-3018046/stage3-copied-repo-proof.json`.
- Final post-merge focused validator: `python3 harness/runner/validate-case-stage3.py --harness-root harness --json`.
- Final post-merge aggregate validator: `harness/evals/health.sh --json`.
- Hermes main worktree clean after fast-forward merge.
## Granularity Check
This is intentionally two slices: one planning route and one executable harness route. It is not over-granular because Stage 3 introduces source repository copy and non-mutation proof, which are distinct from Stage 2 artificial fixture proof.

109
.sot/03-PROTOCOLS/CTO-CASE-STAGE3-COPIED-REPO-PRD.md
View File

@ -1,109 +0,0 @@
---
name: cto-case-stage3-copied-repo-prd
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGED-PROOF-GATES.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local PRD for Stage 3 Case copied-repo fixture proof.
---
# CTO Case Stage 3 Copied Repo PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
Stage 2 proves Case can patch a copied artificial fixture through the CTO Harness. That does not prove Case is safe around a real repository shape. Stage 3 must prove the next narrow behavior: copy an owned local source repository into a fixture workspace, run Case only inside the copied fixture, and prove the source repository remains unchanged.
## Solution
Add a Stage 3 copied-repo fixture route for the Hermes CTO harness. The route uses an owned local source repository only as read-only input. The harness copies that source into a runtime fixture, records source non-mutation proof, runs Case against the copied fixture, and accepts only Harness Evidence Interface proof.
Stage 3 keeps all earlier gates. `case` remains disabled by default. `CTO_HARNESS_ALLOW_CASE=1` and `CTO_HARNESS_CASE_STAGE=3` are required before copied-repo Case execution. Missing gates mean blocked, not warning.
Allowed mutation scope is `copied local repository fixture only`. Writable roots are limited to `runtime_workspace_root` and `run_artifact_dir`. Source repository, Target Repository, Case source, vendor source, external developer repositories, Hermes WebUI, and Cortex Core are read-only or forbidden.
## Scope
- Define one copied-repo fixture proof route.
- Require Stage 2 validated evidence before Stage 3 execution.
- Require source repository ownership and local path classification before copy.
- Require clean source repository status before copy.
- Require clean copied fixture status before Case starts.
- Require source repository HEAD and status proof before and after execution.
- Require copied fixture clean ending tree after harness post-processing.
- Preserve full Harness Evidence Interface artifacts.
- Compare report shape, event order, allowed writes, tests, blockers, digests, and freshness against Stage 2 expectations.
- Add dirty-starting-tree, dirty-ending-tree, timeout, and artifact-write-failure failure fixtures.
## Non-Goals
- Do not mutate a Target Repository.
- Do not mutate the source repository.
- Do not use an external developer repository as source.
- Do not push, merge, deploy, close, or open a pull request.
- Do not resolve license or source admission for real-repo work.
- Do not approve Stage 4, Stage 5, Stage 6, default backend status, WebUI Runtime behavior, or Core promotion.
## Acceptance Criteria
- Stage 3 entry requires Stage 2 validated.
- `CTO_HARNESS_ALLOW_CASE=1` remains required.
- `CTO_HARNESS_CASE_STAGE=3` is required.
- Missing Stage 3 gate blocks before Case starts.
- Source repository is an owned local source, not a Target Repository and not external developer source.
- Source repository clean status is recorded before copy.
- Source repository HEAD and status are recorded before and after Case execution.
- Source repository after-proof matches before-proof.
- Copied fixture is created under the run artifact directory.
- Case receives only the copied fixture path, task contract, allowed paths, forbidden actions, verification command, and evidence expectations.
- Runtime writes are limited to `runtime_workspace_root` and `run_artifact_dir`.
- Copied fixture starts clean after copy and baseline commit.
- Copied fixture ends clean after harness post-processing.
- `report.json` records `backend: case`, `case_process_started`, `source_repository_mutated: false`, `runtime_workspace_root`, `run_artifact_dir`, `changed_files`, `blockers`, `artifact_digests`, and freshness proof.
- Required artifacts include `report.json`, `report.md`, `events.normalized.jsonl`, `trace.jsonl`, `patch.diff`, `test.log`, backend logs, source non-mutation proof, clean-start proof, and clean-end proof.
- Failure fixtures cover dirty source start, dirty copied fixture start, dirty copied fixture end, timeout, artifact write failure, disallowed file, failed tests, and missing required event.
- Fake remains the default validation lane.
- No Stage 3 pass may be used as sandbox-repo, owned-repo, default-candidate, or Core promotion evidence beyond its stated scope.
## Validation
- Focused validator: `python3 harness/runner/validate-case-stage3.py --harness-root harness --json`.
- The Stage 3 validator must require Stage 2 validation first.
- The validator must prove missing Stage 3 gate blocks before `case_process_started`.
- The validator must prove source repository non-mutation with before/after HEAD and status evidence.
- The validator must prove copied fixture clean start and clean end.
- The validator must prove no Target Repository path is inspected or copied.
- The validator must run required failure fixtures.
- The validator must emit compact JSON with `ok`, `checked`, `errors`, pass artifact path, failure artifact paths, and source non-mutation proof path.
- Broader Hermes health must run once after focused Stage 3 validation passes.
- CTO child validator must require this PRD and issue artifact before Stage 3 implementation is governed.
## Risks
- Copied-repo proof can be mistaken for real Target Repository approval.
- Source repository mutation could happen through a leaked path if task contracts are weak.
- Dirty tree handling can hide untracked files or generated artifacts.
- Stage 3 can overfit to one toy repo and miss real-repo policy needs.
## Dependencies
- Stage 2 Case artificial fixture is validated.
- Harness Evidence Interface Contract is validated.
- Case Adapter Contract is validated.
- Case Failure Fixture Matrix is validated.
- Real Case Qwen Stage 2 pass evidence exists.
## Success Definition
Stage 3 is successful when Case changes only a copied local repository fixture, emits full Harness Evidence Interface proof, passes verification, fails closed for required copied-repo failure classes, and proves the source repository was not mutated. Stage 3 does not authorize sandbox, owned-repo, default backend, WebUI Runtime, or Core promotion behavior.
## Challenge Findings
- Accepted: source non-mutation proof must include source HEAD and status before and after Case execution.
- Accepted: clean copied-fixture start and clean copied-fixture end are separate proofs.
- Rejected: running Stage 3 directly on a Target Repository. That skips the proof ladder.

95
.sot/03-PROTOCOLS/CTO-CASE-STAGE4-DISPOSABLE-SANDBOX-ISSUES.md
View File

@ -1,95 +0,0 @@
---
name: cto-case-stage4-disposable-sandbox-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE4-DISPOSABLE-SANDBOX-PRD.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for Stage 4 Case disposable sandbox repository proof.
---
# CTO Case Stage 4 Disposable Sandbox Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue Sequence
### CTO-WORK-035 - Stage 4 Disposable Sandbox PRD
Type: AFK
Status: validated.
Blocked by: CTO-WORK-034
User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.
What to build: Define the Stage 4 disposable sandbox repository proof before implementation starts.
Acceptance criteria:
- [ ] PRD states Stage 4 allowed mutation scope is `disposable repository only`.
- [ ] PRD requires Stage 3 validation before Stage 4.
- [ ] PRD requires `CTO_HARNESS_ALLOW_CASE=1` and `CTO_HARNESS_CASE_STAGE=4`.
- [ ] PRD requires approval requested/granted/denied events.
- [ ] PRD requires branch policy proof.
- [ ] PRD forbids push, merge, deploy, close, PR open, public publication, Target Repository mutation, source repository mutation, Case source mutation, vendor source mutation, Hermes WebUI mutation, and Cortex Core mutation.
- [ ] PRD requires full Harness Evidence Interface artifacts.
- [ ] PRD requires approval-denied, reviewer-reject, timeout, provider-unavailable, dirty-ending-tree, and disallowed-file failure fixtures.
- [ ] Local CTO validator checks Stage 4 PRD and issue artifact.
Allowed files: CTO child workspace planning docs and local validator only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.
### CTO-WORK-036 - Stage 4 Harness Disposable Sandbox Route
Type: AFK
Status: validated.
Blocked by: CTO-WORK-035
User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.
What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, implement the Stage 4 disposable sandbox repository route behind the existing `case` engine seam.
Acceptance criteria:
- [x] `case` remains disabled by default.
- [x] `CTO_HARNESS_ALLOW_CASE=1` remains required.
- [x] `CTO_HARNESS_CASE_STAGE=4` is required before disposable sandbox Case execution.
- [x] Missing Stage 4 gate emits blocked evidence and does not run Case.
- [x] Approval denied blocks before mutation.
- [x] Approval granted is recorded before mutation.
- [x] Branch policy proof is recorded.
- [x] Case mutates only the disposable repository.
- [x] No Target Repository path is inspected or copied.
- [x] No push, merge, deploy, close, PR open, or public publication occurs by default.
- [x] Required artifacts include approval proof, branch proof, sandbox disposal or retention note, `report.json`, `report.md`, `events.normalized.jsonl`, `trace.jsonl`, `patch.diff`, `test.log`, and backend logs.
- [x] Failure fixtures fail closed for approval denied, reviewer reject, timeout, provider unavailable, dirty ending tree, and disallowed file.
- [x] Fake remains the default validation lane and broad health remains green after focused Stage 4 validation.
Allowed files: Hermes CTO harness engine, disposable sandbox fixtures, focused Stage 4 validator, harness docs, and tests. WebUI, Core, Case source, vendor source, source repository, Target Repository, owned noncritical repositories, production repositories, and external developer repositories are forbidden.
Validator: `python3 harness/runner/validate-case-stage4.py --harness-root harness --json`, then `harness/evals/health.sh --json`.
Done evidence:
- Hermes commit: `033fec8 Add Case Stage 4 disposable sandbox proof`.
- Focused Stage 4 validator on Hermes main: `python3 harness/runner/validate-case-stage4.py --harness-root harness --json`.
- Focused Stage 4 validator status: `ok: true`.
- Stage 4 pass artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T033647Z-r1-string-slugify-3113348`.
- Stage 4 proof artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T033647Z-r1-string-slugify-3113348/stage4-disposable-sandbox-proof.json`.
- Failure fixture reports: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T033647Z-r1-string-slugify-3112997/report.json` and `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T033647Z-r1-string-slugify-3113296/report.json`.
- Post-merge aggregate Harness health: `harness/evals/health.sh --json`, status `pass`.
- Aggregate matrix artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T033659Z-run-all-fake-3114983/report.json`.
## Granularity Check
This is intentionally two slices: one planning route and one executable harness route. Stage 4 adds approval and disposable repository policy, which are distinct from Stage 3 copied-repo non-mutation proof.

104
.sot/03-PROTOCOLS/CTO-CASE-STAGE4-DISPOSABLE-SANDBOX-PRD.md
View File

@ -1,104 +0,0 @@
---
name: cto-case-stage4-disposable-sandbox-prd
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGED-PROOF-GATES.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local PRD for Stage 4 Case disposable sandbox repository proof.
---
# CTO Case Stage 4 Disposable Sandbox PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
Stage 3 proves Case can change a copied local repository fixture without mutating the source repository. It does not prove branch policy, approval denial, sandbox disposal, or fail-closed behavior in a disposable repository. Stage 4 must prove the next narrow behavior before any owned repository is eligible.
## Solution
Add a Stage 4 disposable sandbox repository route for the Hermes CTO Harness. The route creates or admits only a throwaway repository, runs Case behind the existing `case` seam, records approval events, and proves no push, merge, deploy, close, or source promotion occurs unless the task contract explicitly allows it.
Stage 4 keeps all earlier gates. `case` remains disabled by default. `CTO_HARNESS_ALLOW_CASE=1` and `CTO_HARNESS_CASE_STAGE=4` are required. Missing gates mean blocked, not warning.
Allowed mutation scope is `disposable repository only`. Writable roots are limited to `runtime_workspace_root`, `run_artifact_dir`, and the disposable repository copy created for the run. Target Repository, source repository, Case source, vendor source, external developer repositories, Hermes WebUI, and Cortex Core are forbidden.
## Scope
- Define one disposable sandbox repository proof route.
- Require Stage 3 validated evidence before Stage 4 execution.
- Require disposable repository ownership, creation source, and disposal or retention policy.
- Require approval requested/granted/denied event handling.
- Require branch policy proof.
- Require no push, merge, deploy, close, PR open, or public publication by default.
- No push, merge, deploy, close, PR open, or public publication occurs by default.
- Preserve full Harness Evidence Interface artifacts.
- Add approval-denied, reviewer-reject, timeout, provider-unavailable, dirty-ending-tree, and disallowed-file failure fixtures.
## Non-Goals
- Do not mutate an owned noncritical repository.
- Do not mutate a production Target Repository.
- Do not grant default backend status.
- Do not push, merge, deploy, close, open a pull request, or publish.
- Do not resolve Case license or source admission for broader real-repo work.
- Do not approve Stage 5, Stage 6, WebUI Runtime behavior, or Core promotion.
## Acceptance Criteria
- Stage 4 entry requires Stage 3 validated.
- `CTO_HARNESS_ALLOW_CASE=1` remains required.
- `CTO_HARNESS_CASE_STAGE=4` is required.
- Missing Stage 4 gate blocks before Case starts.
- Disposable repository is created or admitted under run artifact control.
- Approval denied fails closed before mutation.
- Approval granted is recorded before mutation.
- Branch policy is recorded before Case starts.
- Case mutates only the disposable repository.
- No Target Repository path is inspected or copied.
- No source repository is mutated.
- No push, merge, deploy, close, PR open, or public publication occurs unless explicitly allowed by task contract.
- `report.json` records `backend: case`, `case_process_started`, `allowed_mutation_scope: disposable repository only`, `approval_status`, `branch_policy`, `disposable_repository_dir`, `changed_files`, `blockers`, `artifact_digests`, and freshness proof.
- Required artifacts include `report.json`, `report.md`, `events.normalized.jsonl`, `trace.jsonl`, `patch.diff`, `test.log`, backend logs, approval proof, branch proof, and sandbox disposal or retention note.
- Fake remains the default validation lane.
## Validation
- Focused validator: `python3 harness/runner/validate-case-stage4.py --harness-root harness --json`.
- The Stage 4 validator must require Stage 3 validation first.
- The validator must prove missing Stage 4 gate blocks before `case_process_started`.
- The validator must prove approval denied fails closed.
- The validator must prove approval granted records before mutation.
- The validator must prove no Target Repository path is inspected or copied.
- The validator must prove no push, merge, deploy, close, or PR open occurs by default.
- Broader Hermes health must run once after focused Stage 4 validation passes.
- CTO child validator must require this PRD and issue artifact before Stage 4 implementation is governed.
## Risks
- Disposable sandbox proof can be mistaken for owned-repo approval.
- Approval events can become ceremony if not tied to mutation gates.
- Branch policy proof can miss side effects outside git.
- Sandbox cleanup can destroy useful evidence if retention policy is weak.
## Dependencies
- Stage 3 copied-repo fixture is validated.
- Harness Evidence Interface Contract is validated.
- Case Adapter Contract is validated.
- Case Failure Fixture Matrix is validated.
- Real Case Qwen Stage 3 evidence exists as supporting telemetry, not a new blocking gate.
## Success Definition
Stage 4 is successful when Case changes only a disposable repository, records approval and branch policy evidence, preserves full Harness Evidence Interface proof, fails closed for required sandbox failure classes, and performs no push, merge, deploy, close, PR open, or broader repository mutation.
## Challenge Findings
- Accepted: real Case Qwen Stage 3 evidence strengthens Stage 3 but should not become a new mandatory gate.
- Accepted: approval denial must be a hard pre-mutation gate.
- Accepted: Stage 4 must stay disposable and must not become owned-repo proof.

216
.sot/03-PROTOCOLS/CTO-CASE-STAGE5-OWNED-NONCRITICAL-REPO-ISSUES.md
View File

@ -1,216 +0,0 @@
---
name: cto-case-stage5-owned-noncritical-repo-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE5-OWNED-NONCRITICAL-REPO-PRD.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for Stage 5 Case owned noncritical repository proof.
---
# CTO Case Stage 5 Owned Noncritical Repository Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue Sequence
### CTO-WORK-037 - Stage 5 Owned Noncritical Repo PRD
Type: AFK
Status: validated.
Blocked by: CTO-WORK-036
User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.
What to build: Define the Stage 5 owned noncritical repository proof before implementation starts.
Acceptance criteria:
- [x] PRD states Stage 5 allowed mutation scope is `explicitly owned low-risk repository only`.
- [x] PRD requires Stage 4 validation before Stage 5.
- [x] PRD requires `CTO_HARNESS_ALLOW_CASE=1` and `CTO_HARNESS_CASE_STAGE=5`.
- [x] PRD requires Target Repository ownership proof and noncritical classification.
- [x] PRD requires approval requested/granted/denied events before mutation.
- [x] PRD requires allowed paths and forbidden actions before mutation.
- [x] PRD separates operator acceptance or rejection from test pass.
- [x] PRD forbids push, merge, deploy, close, PR open, issue close, public publication, critical repository mutation, unowned repository mutation, Case source mutation, vendor source mutation, Hermes WebUI mutation, and Cortex Core mutation.
- [x] PRD requires full Harness Evidence Interface artifacts.
- [x] PRD requires approval-denied, unowned-repository, critical-repository, disallowed-file, dirty-starting-tree, dirty-ending-tree, failed-tests, timeout, provider-unavailable, and missing-operator-outcome failure fixtures.
- [x] Local CTO validator checks Stage 5 PRD and issue artifact.
Allowed files: CTO child workspace planning docs and local validator only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.
### CTO-WORK-038 - Stage 5 Harness Owned Noncritical Repo Route
Type: HITL
Status: validated.
Blocked by: CTO-WORK-037, CTO-WORK-039, CTO-WORK-040, and explicit JP selection or approval of an owned low-risk noncritical Target Repository.
User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.
What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, implement the Stage 5 owned noncritical repository route behind the existing `case` engine seam.
Acceptance criteria:
- [x] `case` remains disabled by default.
- [x] `CTO_HARNESS_ALLOW_CASE=1` remains required.
- [x] `CTO_HARNESS_CASE_STAGE=5` is required before owned noncritical repository execution.
- [x] Missing Stage 5 gate emits blocked evidence and does not run Case.
- [x] Target Repository admission proof records owner, path, noncritical classification, allowed paths, forbidden actions, and approval source.
- [x] Unowned or critical repository admission blocks before mutation.
- [x] Approval denied blocks before mutation.
- [x] Approval granted is recorded before mutation.
- [x] Case mutates only allowed paths inside the admitted Target Repository.
- [x] No push, merge, deploy, close, PR open, issue close, or public publication occurs by default.
- [x] Operator acceptance or rejection is recorded after verification.
- [x] Required artifacts include Target Repository admission proof, approval proof, allowed-path proof, forbidden-action proof, operator outcome, `report.json`, `report.md`, `events.normalized.jsonl`, `trace.jsonl`, `patch.diff`, `test.log`, backend logs, artifact digests, and freshness proof.
- [x] Failure fixtures fail closed for approval denied, unowned repository, critical repository, disallowed file, dirty starting tree, dirty ending tree, failed tests, timeout, provider unavailable, and missing operator outcome.
- [x] Fake remains the default validation lane and broad health remains green after focused Stage 5 validation.
Allowed files: Hermes CTO harness engine, owned noncritical repo fixture admission records, focused Stage 5 validator, harness docs, and tests. WebUI, Core, Case source, vendor source, unowned repositories, critical repositories, production repositories, and external developer repositories are forbidden.
Validator: `python3 harness/runner/validate-case-stage5.py --harness-root harness --json`, then `harness/evals/health.sh --json`.
Done evidence:
- Hermes commit: `084ac70 Add Case Stage 5 owned repo proof`.
- Focused Stage 5 validator on Hermes main: `python3 harness/runner/validate-case-stage5.py --harness-root harness --json`.
- Focused Stage 5 validator status: `ok: true`.
- Focused validator pass report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T100039Z-r1-string-slugify-37603/report.json`.
- Actual admitted Target Repository proof report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T100335Z-r1-string-slugify-43237/report.json`.
- Actual admitted Target Repository proof artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T100335Z-r1-string-slugify-43237/stage5-owned-repo-proof.json`.
- Target repo: `/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox`.
- Target repo proof commit: `155b442 stage5 case result`.
- Changed files: `strings.py`.
- Allowed paths passed: `true`.
- Forbidden paths passed: `true`.
- Required events passed: `true`.
- Tests passed: `true`.
- Operator outcome: `accepted`.
- Target repository started clean and ended clean.
### CTO-WORK-039 - Stage 5 Target Repository Admission Template
Type: AFK
Status: validated.
Blocked by: CTO-WORK-037
User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.
What to build: Define the validator-readable Target Repository admission template required before Stage 5 can execute against any owned noncritical repository.
Acceptance criteria:
- [x] Template states it does not admit any repository.
- [x] Template requires `admission_status`, `target_repository_path`, `repository_owner`, `ownership_evidence`, `risk_classification`, `noncritical_rationale`, `allowed_paths`, `forbidden_paths`, `forbidden_actions`, `approval_source`, `approval_timestamp`, `operator_outcome_required`, and `review_trigger`.
- [x] Template requires `risk_classification` to be `low_risk_noncritical`.
- [x] Template requires missing admission, missing ownership evidence, critical classification, empty allowed paths, missing forbidden actions, missing approval, and missing operator outcome requirement to block before `case_process_started`.
- [x] Template forbids treating the template as Case execution authority.
- [x] Local CTO validator checks the template artifact.
Allowed files: CTO child workspace planning docs and local validator only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: template artifact, issue reference, validator JSON, clean worktree, commit.
### CTO-WORK-040 - Stage 5 Target Repository Admission Record
Type: HITL
Status: validated.
Blocked by: CTO-WORK-039 and explicit JP selection or approval of an owned low-risk noncritical Target Repository.
User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.
What to build: Maintain the concrete Stage 5 Target Repository admission record. The current record is intentionally `not_admitted` and blocks Stage 5 execution until JP supplies the repository path, ownership proof, noncritical rationale, allowed paths, forbidden paths, and approval metadata.
Acceptance criteria:
- [x] Admission record exists as JSON.
- [x] Admission record status is `not_admitted` by default.
- [x] Admission record contains no repository path until JP approves one.
- [x] Admission record contains no secrets or credentials.
- [x] Admission record includes all required forbidden actions.
- [x] Admission record requires operator outcome.
- [x] Local CTO validator checks the safe blocked record state.
- [x] JP supplies an owned low-risk noncritical repository path.
- [x] JP supplies ownership evidence.
- [x] JP supplies noncritical rationale.
- [x] JP supplies allowed paths and forbidden paths.
- [x] JP supplies approval source and approval timestamp.
- [x] Admission record is updated to `admitted` only after all required fields are present.
Allowed files: CTO child workspace planning docs and local validator only until a concrete Target Repository is approved.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: admitted Target Repository admission JSON, dedicated sandbox repo initial commit, issue reference, validator JSON, clean worktree, commit.
### CTO-WORK-041 - Stage 5 Harness Target Admission Preflight
Type: AFK
Status: validated.
Blocked by: CTO-WORK-039
User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.
What to build: Implement the Stage 5 Harness preflight that blocks missing, invalid, or `not_admitted` Target Repository admission before Case process start and before owned repository mutation.
Acceptance criteria:
- [x] `case` remains disabled by default.
- [x] `CTO_HARNESS_ALLOW_CASE=1` remains required.
- [x] `CTO_HARNESS_CASE_STAGE=5` is recognized only as a gated Stage 5 route.
- [x] Missing Stage 5 gate emits blocked evidence and does not run Case.
- [x] Missing Target Repository admission file blocks before `case_process_started`.
- [x] `not_admitted` Target Repository admission blocks before `case_process_started`.
- [x] Blocked reports record `allowed_mutation_scope: explicitly owned low-risk repository only`.
- [x] Blocked reports do not expose a Target Repository path.
- [x] Fake remains the default validation lane and broad health remains green after focused Stage 5 preflight validation.
Allowed files: Hermes CTO harness engine, focused Stage 5 validator, harness docs, and tests. WebUI, Core, Case source, vendor source, unowned repositories, critical repositories, production repositories, and external developer repositories are forbidden.
Validator: `python3 harness/runner/validate-case-stage5.py --harness-root harness --json`, then `harness/evals/health.sh --json`.
Done evidence:
- Hermes commit: `6e68a1a Add Case Stage 5 target admission preflight`.
- Focused Stage 5 validator on Hermes main: `python3 harness/runner/validate-case-stage5.py --harness-root harness --json`.
- Focused Stage 5 validator status: `ok: true`.
- Failure fixture reports: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T035339Z-r1-string-slugify-3187514/report.json`, `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T035339Z-r1-string-slugify-3187546/report.json`, and `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T035340Z-r1-string-slugify-3187577/report.json`.
- Post-merge aggregate Harness health: `harness/evals/health.sh --json`, status `pass`.
- Aggregate matrix artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T035347Z-run-all-fake-3188313/report.json`.
- This validates Stage 5 admission preflight only. Stage 5 owned repository execution remains blocked by `CTO-WORK-040`.
Validation evidence for `CTO-WORK-040`:
- Target repo: `/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox`.
- Target repo owner: `jp`.
- Target repo risk classification: `low_risk_noncritical`.
- Allowed paths: `strings.py`, `test_strings.py`, `src/`, `tests/`, `README.md`.
- Forbidden paths include secret, deploy, infra, workflow, dependency-lock, vendor, and `.git/` paths.
- Admission status: `admitted`.
## Granularity Check
This is intentionally two slices: one planning route and one executable harness route. Stage 5 is not over-granular because it is the first proof involving an admitted owned repository and must separate repository ownership, approval, allowed paths, verification, and operator outcome before default candidacy.

95
.sot/03-PROTOCOLS/CTO-CASE-STAGE5-OWNED-NONCRITICAL-REPO-PRD.md
View File

@ -1,95 +0,0 @@
---
name: cto-case-stage5-owned-noncritical-repo-prd
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGED-PROOF-GATES.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local PRD for Stage 5 Case owned noncritical repository proof.
---
# CTO Case Stage 5 Owned Noncritical Repository PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
Stage 4 proves Case can change a disposable sandbox repository after approval. The next proof must show whether Case can safely work in an explicitly owned, low-risk, noncritical repository without expanding authority, bypassing approval, or treating a green test run as operator acceptance.
## Solution
Add Stage 5 planning for an owned noncritical repository route behind the existing CTO Harness `case` seam. Stage 5 allowed mutation scope is `explicitly owned low-risk repository only`. Case may execute only when Stage 4 is validated, the Target Repository admission record proves ownership and noncritical status, JP approval is recorded, allowed paths are explicit, and the Harness records full evidence.
## Scope
- Define Stage 5 entry gates, non-goals, acceptance criteria, validation, risks, dependencies, and success definition.
- Require `CTO_HARNESS_ALLOW_CASE=1` and `CTO_HARNESS_CASE_STAGE=5` before owned repository execution.
- Require explicit Target Repository ownership proof and noncritical classification.
- Require allowed paths and forbidden actions before mutation.
- Require approval requested/granted/denied events before mutation.
- Require operator acceptance or rejection after the run.
- Require full Harness Evidence Interface artifacts.
- Keep fake as the default validation lane.
## Non-Goals
- Do not make Case the default backend.
- Do not authorize production, critical, customer, vendor, external developer, or unowned repository mutation.
- Do not authorize push, merge, deploy, close, PR open, public publication, or issue closure by default.
- Do not mutate Cortex Core, Hermes WebUI, Case source, vendor source, or external repositories.
- Do not treat test pass as operator acceptance.
- Do not promote child-local planning into Core.
## User Stories
1. As JP, I want Case tested in an owned noncritical repository, so that real-repo risk is proven before default candidacy.
2. As Cortex, I want ownership and noncritical classification recorded, so that execution never targets unknown repositories.
3. As Hermes, I want approval and replay evidence, so that every mutation is visible and reversible.
4. As CTO Harness, I want allowed paths and forbidden actions encoded before execution, so that Case cannot widen scope conversationally.
5. As an operator, I want post-run acceptance or rejection separated from test pass, so that proof and approval remain distinct.
## Acceptance Criteria
- [ ] Stage 5 requires Stage 4 validation evidence before execution.
- [ ] Stage 5 allowed mutation scope is `explicitly owned low-risk repository only`.
- [ ] `CTO_HARNESS_ALLOW_CASE=1` remains required.
- [ ] `CTO_HARNESS_CASE_STAGE=5` is required before owned noncritical repository execution.
- [ ] Missing Stage 5 gate emits blocked evidence and does not run Case.
- [ ] Target Repository admission records owner, repository path, noncritical classification, allowed paths, forbidden actions, and approval source.
- [ ] Approval denied blocks before mutation.
- [ ] Approval granted is recorded before mutation.
- [ ] Case mutates only allowed paths inside the admitted Target Repository.
- [ ] No push, merge, deploy, close, PR open, issue close, or public publication occurs by default.
- [ ] Operator acceptance or rejection is recorded after verification.
- [ ] Required artifacts include Target Repository admission proof, approval proof, allowed-path proof, forbidden-action proof, operator outcome, `report.json`, `report.md`, `events.normalized.jsonl`, `trace.jsonl`, `patch.diff`, `test.log`, backend logs, artifact digests, and freshness proof.
- [ ] Failure fixtures fail closed for approval denied, unowned repository, critical repository, disallowed file, dirty starting tree, dirty ending tree, failed tests, timeout, provider unavailable, and missing operator outcome.
## Validation
Planning validator: `python3 tools/validate_cto_child.py`.
Implementation validator planned for Hermes: `python3 harness/runner/validate-case-stage5.py --harness-root harness --json`, then `harness/evals/health.sh --json` after focused Stage 5 validation passes.
## Risks
- Owned repository proof may be mistaken for default backend readiness.
- Operator acceptance may be blurred with test pass.
- Allowed paths may be too broad and hide real-repo risk.
- Local repository state may be dirty before execution.
- Provider instability may obscure Harness policy failures.
## Dependencies
- Stage 4 disposable sandbox proof is validated.
- Harness Evidence Interface contract remains active.
- Case source admission record remains current.
- Case adapter contract remains active.
- Failure fixture matrix remains active.
- JP selects or approves an owned low-risk noncritical Target Repository before execution.
## Success Definition
Stage 5 is successful when Case changes only approved paths inside an explicitly owned low-risk noncritical repository, records approval before mutation, records operator acceptance or rejection after verification, preserves Harness evidence, and fails closed for missing ownership, missing approval, disallowed paths, dirty repository state, provider failure, or missing operator outcome.

70
.sot/03-PROTOCOLS/CTO-CASE-STAGE5-REPEATABILITY-PROOF-EVIDENCE.md
View File

@ -1,70 +0,0 @@
---
name: CTO Case Stage5 Repeatability Proof Evidence
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-02
last_reviewed: 2026-06-02
core_promotion_status: not-promoted
---
# CTO Case Stage5 Repeatability Proof Evidence
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Workboard
- `CTO-WORK-078`
- `CTO-WORK-079`
- `CTO-WORK-080`
## Result
- Stage 5 repeatability proof
- second governed Stage 5 Case run
- status: validated
- approval_source: JP chat instruction on 2026-06-02 to execute repeatability proof
- r1-slugify-punctuation
- Runtime default activation remains false.
- Do not activate Case as default backend.
- This closeout does not authorize another Case run.
## Route Evidence
- Harness route commit: `99000f7d249d594bfc786f00a3008457accdda11`
- Harness route short commit: `99000f7`
- Fake baseline report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T101410Z-r1-slugify-punctuation-2662313/report.json`
- Harness aggregate health: `pass`
- WebUI summary validator: `ok: true`
- WebUI summary path: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T101651Z-run-all-fake-2667221/webui-summary.json`
## Execution Evidence
- Harness report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T101450Z-r1-slugify-punctuation-2663598/report.json`
- Stage 5 proof: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T101450Z-r1-slugify-punctuation-2663598/stage5-owned-repo-proof.json`
- target repository: `/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox`
- target commit: `2fa1601844c083ff1936151f9df23b94783216b8`
- target short commit: `2fa1601`
- case_process_started: true
- changed files: `src/strings.py`, `strings.py`, `test_strings.py`
- allowed paths passed: true
- forbidden paths passed: true
- no forbidden actions: true
- target repository start clean: true
- target repository ending clean: true
- operator outcome: `accepted`
- push, merge, deploy, close, PR open attempted: false
- public publication attempted: false
## Validation Evidence
- target command: `python3 -m pytest -q`
- target result: `11 passed`
- target child validator: `ok: true`
- Harness case validator: `passed: true`
- focused Stage 5 validator: `ok: true`
- WebUI plugin focused tests: `7 passed`
## Guard
No Core promotion occurs. Case remains a gated adapter behind the CTO Harness seam.

63
.sot/03-PROTOCOLS/CTO-CASE-STAGE5-REPEATABILITY-PROOF-ISSUES.md
View File

@ -1,63 +0,0 @@
---
name: CTO Case Stage5 Repeatability Proof Issues
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-02
last_reviewed: 2026-06-02
core_promotion_status: not-promoted
---
# CTO Case Stage5 Repeatability Proof Issues
Stage 5 repeatability proof.
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue: CTO-WORK-078 - Stage 5 Repeatability Proof PRD
Status: validated.
Acceptance:
- Define second governed Stage 5 Case run.
- Require `r1-slugify-punctuation`.
- Require admitted target repository.
- Require allowed paths.
- Require no Core promotion.
- No Core promotion occurs.
- Require Runtime default activation remains false.
## Issue: CTO-WORK-079 - Stage 5 Repeatability Harness Case Route
Status: validated.
Acceptance:
- Add Harness case `r1-slugify-punctuation`.
- Record Harness route commit `99000f7`.
- Fake baseline passes.
- Aggregate Harness health passes.
- WebUI summary validation passes.
## Issue: CTO-WORK-080 - Stage 5 Repeatability Evidence Closeout
Status: validated.
Acceptance:
- Record second governed Stage 5 Case run.
- Record approval_source: JP chat instruction on 2026-06-02 to execute repeatability proof.
- Reference report `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T101450Z-r1-slugify-punctuation-2663598/report.json`.
- Reference Stage 5 proof `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T101450Z-r1-slugify-punctuation-2663598/stage5-owned-repo-proof.json`.
- Record target commit `2fa1601`.
- Record case_process_started: true.
- Record changed files: `src/strings.py`, `strings.py`, `test_strings.py`.
- Record allowed paths passed: true.
- Record forbidden paths passed: true.
- Record target repository start clean: true.
- Record target repository ending clean: true.
- Record `11 passed`.
- State: Runtime default activation remains false.
- State: Do not activate Case as default backend.
- State: This closeout does not authorize another Case run.

62
.sot/03-PROTOCOLS/CTO-CASE-STAGE5-REPEATABILITY-PROOF-PRD.md
View File

@ -1,62 +0,0 @@
---
name: CTO Case Stage5 Repeatability Proof PRD
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-02
last_reviewed: 2026-06-02
core_promotion_status: not-promoted
---
# CTO Case Stage5 Repeatability Proof PRD
Stage 5 repeatability proof.
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem
The first governed Stage 5 run proved one approved Case mutation. CTO still needs a second governed Stage 5 Case run to prove repeatability without activating Case as default.
## Scope
- Add Harness case `r1-slugify-punctuation`.
- Use admitted target repository `/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox`.
- Limit writes to `strings.py`, `src/strings.py`, and `test_strings.py`.
- Use JP chat instruction on 2026-06-02 to execute the repeatability proof as the approval source.
- Run one Stage 5 Case Harness execution.
- Record Harness report, Stage 5 proof, target commit, validations, and WebUI summary validation.
## Non-goals
- Do not activate Case as default backend.
- Do not promote CTO artifacts into Core.
- No Core promotion occurs.
- Do not authorize another Case run.
- This closeout does not authorize another Case run.
- Do not push, merge, deploy, close, PR open, issue close, or publish.
- Do not store endpoint values, secret values, or credential values in SOT.
## Acceptance Criteria
- `CTO-WORK-078`, `CTO-WORK-079`, and `CTO-WORK-080` are validated.
- Harness route commit records `r1-slugify-punctuation`.
- Fake baseline passes.
- Live Stage 5 Case run passes.
- case_process_started: true.
- changed files: `src/strings.py`, `strings.py`, `test_strings.py`.
- allowed paths passed: true.
- forbidden paths passed: true.
- target repository start clean: true.
- target repository ending clean: true.
- target validation result is `11 passed`.
- Runtime default activation remains false.
- Harness route commit: `99000f7`.
- Target commit: `2fa1601`.
- Harness report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T101450Z-r1-slugify-punctuation-2663598/report.json`.
- Stage 5 proof: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T101450Z-r1-slugify-punctuation-2663598/stage5-owned-repo-proof.json`.
## Validation
- `python3 tools/validate_cto_child.py`
- `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py`

94
.sot/03-PROTOCOLS/CTO-CASE-STAGE5-TARGET-REPOSITORY-ADMISSION-TEMPLATE.md
View File

@ -1,94 +0,0 @@
---
name: cto-case-stage5-target-repository-admission-template
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE5-OWNED-NONCRITICAL-REPO-PRD.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local Stage 5 Target Repository admission template. This template does not admit any repository.
---
# CTO Case Stage 5 Target Repository Admission Template
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Status
This artifact is a template only. No Target Repository is admitted by this file. Stage 5 execution remains blocked until JP records a concrete admission record using this template and the Harness validates it.
## Purpose
Stage 5 needs a precise human decision before Case may touch an owned repository. This template converts that decision into validator-readable fields without storing secrets, credentials, or broad repository authority.
## Required Admission Fields
- `admission_status`: `admitted` or `not_admitted`.
- `target_repository_path`: absolute local path, recorded only in the concrete admission record.
- `repository_owner`: human or organization owner.
- `ownership_evidence`: compact reference proving JP controls or is authorized to mutate the repository.
- `risk_classification`: must be `low_risk_noncritical`.
- `noncritical_rationale`: why this repository is safe for Stage 5.
- `allowed_paths`: explicit file or directory paths Case may mutate.
- `forbidden_paths`: explicit paths Case must not mutate.
- `forbidden_actions`: must include push, merge, deploy, close, PR open, issue close, public publication, credential change, vendor-source mutation, and Cortex Core mutation.
- `approval_source`: JP approval reference.
- `approval_timestamp`: timestamp or date of approval.
- `operator_outcome_required`: must be `true`.
- `review_trigger`: condition that invalidates the admission.
## Required Negative Gates
- Missing admission record blocks before `case_process_started`.
- `admission_status != admitted` blocks before `case_process_started`.
- Missing ownership evidence blocks before `case_process_started`.
- `risk_classification != low_risk_noncritical` blocks before `case_process_started`.
- Empty `allowed_paths` blocks before `case_process_started`.
- Missing forbidden action blocks before `case_process_started`.
- Missing approval source blocks before `case_process_started`.
- Missing operator outcome requirement blocks before `case_process_started`.
## Concrete Record Skeleton
```json
{
"admission_status": "not_admitted",
"target_repository_path": "",
"repository_owner": "",
"ownership_evidence": "",
"risk_classification": "",
"noncritical_rationale": "",
"allowed_paths": [],
"forbidden_paths": [],
"forbidden_actions": [
"push",
"merge",
"deploy",
"close",
"pr_open",
"issue_close",
"public_publication",
"credential_change",
"vendor_source_mutation",
"cortex_core_mutation"
],
"approval_source": "",
"approval_timestamp": "",
"operator_outcome_required": true,
"review_trigger": ""
}
```
## Non-Admission Rules
- This template does not admit a Target Repository.
- This template does not authorize Case execution.
- This template does not authorize owned repository mutation.
- This template does not authorize default backend candidacy.
- This template does not authorize push, merge, deploy, close, PR open, issue close, or public publication.
## Validator Expectation
The local CTO validator must require this template before Stage 5 execution planning can proceed. Hermes Stage 5 implementation must later validate a concrete admission record separately.

46
.sot/03-PROTOCOLS/CTO-CASE-STAGE5-TARGET-REPOSITORY-ADMISSION.json
View File

@ -1,46 +0,0 @@
{
"admission_status": "admitted",
"allowed_paths": [
"strings.py",
"test_strings.py",
"src/",
"tests/",
"README.md"
],
"approval_source": "JP chat approval on 2026-06-01",
"approval_timestamp": "2026-06-01",
"forbidden_actions": [
"push",
"merge",
"deploy",
"close",
"pr_open",
"issue_close",
"public_publication",
"credential_change",
"vendor_source_mutation",
"cortex_core_mutation"
],
"forbidden_paths": [
".env",
".env.*",
"secrets/",
"credentials/",
"deploy/",
"infra/",
".github/workflows/",
"package-lock.json",
"pnpm-lock.yaml",
"yarn.lock",
"node_modules/",
"vendor/",
".git/"
],
"noncritical_rationale": "Dedicated owned Stage 5 sandbox repo, not production, no customer data, no secrets, no deploy path, no external users, safe to delete after validation.",
"operator_outcome_required": true,
"ownership_evidence": "JP chat approval on 2026-06-01 to create this dedicated Stage 5 target sandbox under /home/svrnty/workspaces/cortex-os.",
"repository_owner": "jp",
"review_trigger": "before Stage 5 execution against any different repository, before target repository path change, before allowed path change, before forbidden action change, before risk classification change",
"risk_classification": "low_risk_noncritical",
"target_repository_path": "/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox"
}

100
.sot/03-PROTOCOLS/CTO-CASE-STAGE6-CANDIDATE-DEFAULT-ISSUES.md
View File

@ -1,100 +0,0 @@
---
name: cto-case-stage6-candidate-default-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE6-CANDIDATE-DEFAULT-PRD.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for Stage 6 Case candidate-default comparison proof.
---
# CTO Case Stage 6 Candidate Default Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue Sequence
### CTO-WORK-042 - Stage 6 Candidate Default PRD
Type: AFK
Status: validated.
Blocked by: CTO-WORK-038
User stories covered: CTO Case Candidate Backend PRD stories 1, 3, 4, 5, 7, 8, 9, 10, 11, 12, 13.
What to build: Define the Stage 6 candidate-default comparison proof before implementation starts.
Acceptance criteria:
- [x] PRD states Stage 6 allowed mutation scope is `scoped real-repo use only`.
- [x] PRD requires Stage 5 validation before Stage 6.
- [x] PRD requires comparison against fake, Codex, and Pi where applicable.
- [x] PRD requires Harness Evidence Interface comparison, not raw backend logs alone.
- [x] PRD requires report shape, event validity, allowed-path compliance, failure closure, and artifact completeness comparison.
- [x] PRD requires current Case source admission.
- [x] PRD requires failure matrix coverage or explicit blocked rationale.
- [x] PRD requires operator acceptance after comparison proof.
- [x] PRD forbids treating Stage 6 as default activation, Core promotion, Runtime authorization, or permission for push, merge, deploy, close, PR open, issue close, public publication, vendor-source mutation, or unowned repository mutation.
- [x] Local CTO validator checks Stage 6 PRD and issue artifact.
Allowed files: CTO child workspace planning docs and local validator only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.
### CTO-WORK-043 - Stage 6 Harness Candidate Default Comparison Route
Type: HITL
Status: validated.
Blocked by: CTO-WORK-042
User stories covered: CTO Case Candidate Backend PRD stories 1, 3, 4, 5, 7, 8, 9, 10, 11, 12, 13.
What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, implement the Stage 6 candidate-default comparison route behind the existing Harness seam.
Acceptance criteria:
- [x] `case` remains disabled by default.
- [x] Stage 6 requires Stage 5 proof evidence before comparison.
- [x] Candidate-default comparison runs or imports evidence for fake, Codex, and Pi where applicable.
- [x] Missing comparison lane is recorded as explicitly blocked with rationale, not silently ignored.
- [x] Comparison output records report shape parity.
- [x] Comparison output records event validity parity.
- [x] Comparison output records allowed-path compliance parity.
- [x] Comparison output records failure closure parity.
- [x] Comparison output records artifact completeness parity.
- [x] Case source admission freshness is recorded.
- [x] Failure matrix coverage is complete or explicitly blocked with rationale.
- [x] Operator acceptance or rejection is recorded after comparison proof.
- [x] Candidate-default status is recorded as evidence only; no runtime default, Core promotion, push, merge, deploy, close, PR open, issue close, public publication, vendor-source mutation, or unowned repository mutation occurs.
- [x] Fake remains the default validation lane and broad health remains green after focused Stage 6 validation.
Allowed files: Hermes CTO harness comparison validator, Harness docs, and tests. WebUI, Core, Case source, vendor source, unowned repositories, critical repositories, production repositories, and external developer repositories are forbidden.
Validator: `python3 harness/runner/validate-case-stage6.py --harness-root harness --json`, then `harness/evals/health.sh --json`.
Done evidence:
- Hermes commit: `ff0a008 Add Case Stage 6 candidate default comparison`.
- Focused Stage 6 validator on Hermes main: `python3 harness/runner/validate-case-stage6.py --harness-root harness --json`.
- Focused Stage 6 validator status: `ok: true`.
- Focused Stage 6 comparison report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T101308Z-stage6-candidate-default-70246/stage6-candidate-default-comparison.json`.
- Post-merge aggregate Harness health: `harness/evals/health.sh --json`, status `pass`.
- Post-merge Stage 6 comparison report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T101357Z-stage6-candidate-default-76795/stage6-candidate-default-comparison.json`.
- Post-merge failure closure reports: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T101355Z-r1-string-slugify-76898/report.json` and `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T101355Z-r1-string-slugify-76922/report.json`.
- Post-merge aggregate matrix artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T101338Z-run-all-fake-74797/report.json`.
- Stage 6 checked: `fake_lane_passes`, `case_default_disabled`, `stage5_failure_closure_inherited`, `case_lane_passes`, and `candidate_default_comparison`.
- Codex and Pi lanes are recorded as explicitly blocked where not applicable to deterministic Stage 6 validation.
- Candidate-default activation remains `false`.
## Granularity Check
This is intentionally two slices: one planning route and one executable Harness comparison route. Stage 6 is not over-granular because it is the first point where Case can be discussed as candidate default, and it must separate evidence comparison from runtime default activation.

101
.sot/03-PROTOCOLS/CTO-CASE-STAGE6-CANDIDATE-DEFAULT-PRD.md
View File

@ -1,101 +0,0 @@
---
name: cto-case-stage6-candidate-default-prd
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGED-PROOF-GATES.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local PRD for Stage 6 Case candidate-default comparison proof.
---
# CTO Case Stage 6 Candidate Default PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
Stage 5 proves Case can change an explicitly owned low-risk Target Repository under Harness control. That is not enough to make Case the default backend. The remaining problem is comparison: Case can be discussed as candidate default only if it matches or beats the existing lanes on evidence completeness, failure closure, and bounded execution behavior.
## Solution
Define Stage 6 as a comparison and default-candidacy gate behind the existing CTO Harness seam. Stage 6 allowed mutation scope is `scoped real-repo use only`. Case remains disabled by default until comparison evidence exists against fake, Codex, and Pi where applicable. The CTO Product Surface may record candidate-default eligibility only after the Harness proves report shape, event validity, allowed-path compliance, failure closure, artifact completeness, source freshness, and operator acceptance.
## Scope
- Define Stage 6 entry gates, non-goals, acceptance criteria, validation, risks, dependencies, and success definition.
- Require Stage 5 validation before Stage 6.
- Require comparison fixtures for fake, Codex, and Pi where applicable.
- Require current Case source admission before any candidate-default claim.
- Require complete failure matrix coverage or explicit blocked rationale for each uncovered row.
- Require candidate-default evidence to use the Harness Evidence Interface.
- Require operator acceptance after comparison proof.
- Keep Core promotion, runtime default switching, merge, deploy, push, and close out of scope.
## Non-Goals
- Do not make Case the default backend.
- Do not authorize production, critical, customer, vendor, external developer, or unowned repository mutation.
- Do not promote any CTO artifact into Core.
- Do not add Hermes WebUI Runtime behavior.
- Do not remove fake, Codex, or Pi comparison lanes.
- Do not treat one passing owned-repo run as candidate-default proof.
- Do not let Case choose its own eligibility, authority, target, model, or approval.
## User Stories
1. As JP, I want Case compared against existing lanes before default candidacy, so that stronger coding behavior does not bypass evidence discipline.
2. As Cortex, I want candidate-default claims to remain child-local until Core promotion, so that execution backend choice cannot create authority.
3. As Hermes, I want comparison proof to be replayable through Harness artifacts, so that operator control and visualization remain grounded in evidence.
4. As CTO, I want backend eligibility separated from backend execution, so that Case cannot approve itself.
5. As CTO Harness, I want the same evidence interface across fake, Codex, Pi, and Case, so that comparison is mechanical rather than conversational.
6. As a Target Repository owner, I want allowed-path and forbidden-action proof preserved in Stage 6, so that scoped real-repo use stays bounded.
7. As a reviewer, I want failure matrix closure before default candidacy, so that known bad states fail closed.
## Acceptance Criteria
- [ ] Stage 6 requires Stage 5 validation evidence before candidate-default comparison.
- [ ] Stage 6 allowed mutation scope is `scoped real-repo use only`.
- [ ] Case remains disabled by default until Stage 6 evidence is recorded.
- [ ] Candidate-default proof compares Case against fake, Codex, and Pi where applicable.
- [ ] Comparison evidence uses the Harness Evidence Interface, not raw backend logs alone.
- [ ] Case matches or beats existing lanes on report shape.
- [ ] Case matches or beats existing lanes on event validity.
- [ ] Case matches or beats existing lanes on allowed-path compliance.
- [ ] Case matches or beats existing lanes on failure closure.
- [ ] Case matches or beats existing lanes on artifact completeness.
- [ ] Case source admission freshness is recorded.
- [ ] Failure matrix rows are covered or explicitly blocked with rationale.
- [ ] Operator acceptance is recorded after comparison proof.
- [ ] No push, merge, deploy, close, PR open, issue close, public publication, Core mutation, vendor-source mutation, or unowned repository mutation is authorized.
- [ ] Local CTO validator checks Stage 6 PRD and issue artifacts.
## Validation
Planning validator: `python3 tools/validate_cto_child.py`.
Implementation validator planned for Hermes: `python3 harness/runner/validate-case-stage6.py --harness-root harness --json`, then `harness/evals/health.sh --json` after focused Stage 6 validation passes.
## Risks
- Candidate-default language may be mistaken for default backend activation.
- Comparison may be too weak if it checks only pass status and not evidence completeness.
- Codex or Pi may be unavailable in a specific environment; that must become explicit `where applicable` rationale, not silent omission.
- Failure matrix gaps may be hidden by green happy-path runs.
- Source admission may become stale after earlier Stage 5 proof.
## Dependencies
- Stage 5 owned noncritical repository proof is validated.
- Harness Evidence Interface contract remains active.
- Case source admission record remains current.
- Case adapter contract remains active.
- Failure fixture matrix remains active.
- Existing fake lane remains the default validation lane.
- Codex and Pi comparison lanes are used where applicable or explicitly blocked with rationale.
## Success Definition
Stage 6 is successful when the CTO Product Surface can record Case as a candidate-default backend only after Harness comparison evidence proves Case matches or beats fake, Codex, and Pi where applicable on report shape, event validity, allowed-path compliance, failure closure, and artifact completeness, with current source admission, failure matrix coverage, operator acceptance, and no authority drift.

89
.sot/03-PROTOCOLS/CTO-CASE-STAGE6-REAL-GOVERNED-REFRESH-EVIDENCE.md
View File

@ -1,89 +0,0 @@
---
name: cto-case-stage6-real-governed-refresh-evidence
tier: local
status: validated
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE6-REAL-GOVERNED-REFRESH-ISSUES.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local evidence that CTO-WORK-055 refreshed Stage 6 candidate-default readiness against the first real governed Stage 5 Case pass.
---
# CTO Case Stage 6 Real Governed Refresh Evidence
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Result
Status: validated.
Work item: `CTO-WORK-055`
Hermes CTO commit:
```text
2b6e114 Add Stage 6 real governed refresh
```
Focused refresh validator:
```text
python3 harness/runner/validate-case-stage6-real-refresh.py --json
```
Focused refresh comparison artifact:
```text
/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T111843Z-stage6-real-governed-refresh/stage6-real-governed-refresh-comparison.json
```
Post-merge aggregate Harness command:
```text
./harness/evals/health.sh --json
```
Post-merge aggregate status:
```text
pass
```
Post-merge refresh comparison artifact:
```text
/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T111941Z-stage6-real-governed-refresh/stage6-real-governed-refresh-comparison.json
```
## Evidence Facts
- refresh type: `stage6-real-governed-read-only`
- first real governed Stage 5 pass report was imported
- Stage 5 proof was imported
- target repository read-only check passed
- report shape passed
- event validity passed
- allowed-path compliance passed
- prior Stage 6 failure closure passed
- artifact completeness passed
- forbidden-action closure passed
- operator acceptance passed
- source admission status remained current
- fake lane was represented by prior Stage 6 comparison evidence
- Codex lane was explicitly blocked without explicit Codex admission
- Pi lane was explicitly blocked without explicit Pi probe/admission
- runtime default activation: false
- no target repository mutation attempted
- no push, merge, deploy, close, PR open, issue close, public publication, vendor-source mutation, or unowned repository mutation was authorized
## Decision
`CTO-WORK-055` is validated.
Case remains a gated adapter behind the CTO Harness seam.
Runtime default activation remains false.
This evidence does not promote CTO artifacts into Core and does not authorize broader target mutation.

73
.sot/03-PROTOCOLS/CTO-CASE-STAGE6-REAL-GOVERNED-REFRESH-ISSUES.md
View File

@ -1,73 +0,0 @@
---
name: cto-case-stage6-real-governed-refresh-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE6-REAL-GOVERNED-REFRESH-PRD.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for refreshing Stage 6 candidate-default evidence against real governed Stage 5 proof.
---
# CTO Case Stage 6 Real Governed Refresh Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue Sequence
### CTO-WORK-054 - Stage 6 Real Governed Refresh PRD
Type: AFK
Status: validated.
Blocked by: CTO-WORK-049, CTO-WORK-043
What to build: Define the read-only evidence refresh route for comparing the first real governed Stage 5 pass against Stage 6 candidate-default criteria.
Acceptance criteria:
- [x] PRD requires `CTO-WORK-049` validated evidence.
- [x] PRD requires the real pass report and Stage 5 proof paths.
- [x] PRD requires report shape, event validity, allowed-path compliance, failure closure, artifact completeness, forbidden-action closure, and operator acceptance checks.
- [x] PRD keeps runtime default activation false.
- [x] PRD forbids target mutation, Core promotion, push, merge, deploy, close, PR open, issue close, public publication, vendor-source mutation, and unowned repository mutation.
- [x] Local CTO validator checks the PRD and issue artifact.
Allowed files: CTO child workspace planning docs and local validator only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.
### CTO-WORK-055 - Stage 6 Real Governed Refresh Evidence Route
Type: HITL
Status: candidate.
Blocked by: CTO-WORK-054
What to build: In the Hermes CTO Harness, add a read-only Stage 6 refresh command that imports the real `CTO-WORK-049` pass report and Stage 5 proof, compares them against Stage 6 candidate-default criteria, and writes a refresh artifact.
Acceptance criteria:
- [ ] Command reads existing Harness Evidence Interface artifacts without mutating a Target Repository.
- [ ] Command verifies report shape, event validity, allowed-path compliance, failure closure, artifact completeness, forbidden-action closure, and operator acceptance.
- [ ] Command records fake, Codex, and Pi comparison status where applicable or blocked with rationale.
- [ ] Command records `runtime_default_activation: false`.
- [ ] Command records no target mutation, push, merge, deploy, close, PR open, issue close, public publication, vendor-source mutation, or unowned repository mutation.
- [ ] Focused validator passes before any aggregate Harness validation.
- [ ] Aggregate Harness validation runs once after focused validation passes and once after merge.
Allowed files: Hermes CTO Harness refresh validator, comparison code, and docs. Core, vendor source, Case source, target repositories, production repositories, external developer repositories, and WebUI behavior are forbidden.
Validator: future focused Hermes Stage 6 refresh validator, then `harness/evals/health.sh --json`.
Done evidence: Hermes sandcastle commit, focused validator output, refresh artifact path, aggregate Harness health output, clean merge, and CTO evidence update.
## Granularity Check
This is two slices because the planning route is now clear and cheap, while the executable Hermes refresh route touches a separate governed workspace and should use its own sandcastle.

90
.sot/03-PROTOCOLS/CTO-CASE-STAGE6-REAL-GOVERNED-REFRESH-PRD.md
View File

@ -1,90 +0,0 @@
---
name: cto-case-stage6-real-governed-refresh-prd
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-PASS-EVIDENCE.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local PRD for refreshing Stage 6 candidate-default evidence against the first real governed Stage 5 pass.
---
# CTO Case Stage 6 Real Governed Refresh PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
Stage 6 candidate-default comparison was validated before the first real governed Stage 5 Case execution passed. That was useful, but the CTO Product Surface now has stronger evidence: `CTO-WORK-049` validated a real approved owned-repo task through the CTO Harness Case seam. Candidate-default readiness should be refreshed against that real pass before any later default discussion.
## Solution
Create a bounded Stage 6 refresh route. The route imports the `CTO-WORK-049` pass report and Stage 5 proof, compares them against the existing Stage 6 candidate-default criteria, records whether Case still qualifies as candidate-default evidence, and keeps runtime default activation false. The refresh is evidence-only; it does not mutate target repositories or promote Core authority.
## Scope
- Require `CTO-WORK-049` pass evidence as the refresh input.
- Require Harness Evidence Interface artifacts, not conversational claims.
- Compare the real Stage 5 pass against Stage 6 criteria: report shape, event validity, allowed-path compliance, failure closure, artifact completeness, forbidden-action closure, and operator acceptance.
- Preserve existing fake, Codex, and Pi lane rationale where applicable.
- Record candidate-default refresh output as child-local evidence only.
- Keep runtime default activation false.
- Keep Core promotion, target mutation, push, merge, deploy, close, PR open, issue close, public publication, vendor-source mutation, and unowned repository mutation out of scope.
## Non-Goals
- Do not make Case the default backend.
- Do not create a new backend seam.
- Do not rerun an unapproved real target mutation.
- Do not replace Stage 6 comparison evidence with a single happy-path result.
- Do not build Hermes WebUI behavior in this slice.
- Do not promote CTO artifacts into Core.
## Acceptance Criteria
- [ ] Refresh requires `CTO-WORK-049` to be validated.
- [ ] Refresh consumes the real pass report path and Stage 5 proof path from `CTO-FIRST-REAL-GOVERNED-WORKFLOW-PASS-EVIDENCE.md`.
- [ ] Refresh verifies report shape, event validity, allowed-path compliance, failure closure, artifact completeness, forbidden-action closure, and operator acceptance.
- [ ] Refresh records fake, Codex, and Pi comparison status where applicable or blocked with rationale.
- [ ] Refresh records `runtime default activation: false`.
- [ ] Refresh records no target mutation, push, merge, deploy, close, PR open, issue close, public publication, vendor-source mutation, or unowned repository mutation.
- [ ] Local CTO validator checks this PRD and issue artifact.
## Validation
Planning validator: `python3 tools/validate_cto_child.py`.
Future Hermes focused validator should be a small Stage 6 refresh command that reads existing evidence and writes a comparison artifact without mutating a target repository.
The refresh command must run read-only without mutating a Target Repository.
## Risks
- A refresh artifact may be mistaken for default activation unless the false runtime-default field is explicit.
- A single real pass can strengthen Stage 6 evidence but cannot replace failure matrix coverage.
- Re-running real mutation without new approval would violate the governed workflow route.
- Missing comparison-lane rationale can make candidate-default status look stronger than the evidence supports.
## Dependencies
- `CTO-WORK-049` first real governed workflow execution is validated.
- `CTO-WORK-043` Stage 6 candidate-default comparison remains validated.
- Harness Evidence Interface remains active.
- Stage 5 proof and pass report remain available.
- Existing operator acceptance remains recorded.
## Challenge Notes
Accepted feedback: The useful next slice is an evidence refresh, not default activation, because the real governed Stage 5 pass happened after the original Stage 6 comparison.
Accepted feedback: The refresh must be read-only over existing artifacts. Re-running Case against the target would require a new approval packet.
Rejected feedback: Building Hermes WebUI now is too broad for this slice because the missing proof is candidate-default evidence freshness, not visualization capacity.
Rejected feedback: Promoting this into Core now is premature because CTO remains child-local planning and runtime default activation remains false.
## Success Definition
This slice succeeds when CTO has a validated child-local PRD and issue route for refreshing Stage 6 candidate-default evidence against the first real governed Stage 5 Case pass, without authority drift or new target mutation.

84
.sot/03-PROTOCOLS/CTO-CASE-STAGE6-REPEATABILITY-REFRESH-EVIDENCE.md
View File

@ -1,84 +0,0 @@
---
name: CTO Case Stage6 Repeatability Refresh Evidence
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-02
last_reviewed: 2026-06-02
core_promotion_status: not-promoted
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE6-REPEATABILITY-REFRESH-ISSUES.md
---
# CTO Case Stage6 Repeatability Refresh Evidence
Local planning SOT only. Not a Core Protocol. Not active Core authority.
Stage 6 repeatability refresh.
## Workboard
- `CTO-WORK-081`
- `CTO-WORK-082`
- `CTO-WORK-083`
- `CTO-WORK-084`
## Result
- status: validated
- Stage 5 repeatability proof
- second governed Stage 5 Case run
- repeatability_count: 2
- repeatability_status: pass
- runtime_default_activation: false
- Runtime default activation remains false.
- core_promotion_status: not-promoted
- No Core promotion occurs.
- Do not activate Case as default backend.
- This closeout does not authorize another Case run.
- no target repository mutation attempted
## Route Evidence
- Hermes implementation commit: `05ab2ff`
- Hermes merge commit: `40b0d9a`
- repeat case: `r1-slugify-punctuation`
- repeat target commit: `2fa1601`
- first target commit: `7706f99`
- focused validator: `python3 harness/runner/validate-case-stage6-real-refresh.py --json`
- focused validator result: `ok: true`
- focused WebUI summary validator: `python3 harness/runner/validate-webui-summary.py --json`
- focused WebUI summary validator result: `ok: true`
- post-merge aggregate Harness health: `pass`
## Artifact Evidence
- first report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/report.json`
- first Stage 5 proof: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/stage5-owned-repo-proof.json`
- repeat report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T101450Z-r1-slugify-punctuation-2663598/report.json`
- repeat Stage 5 proof: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T101450Z-r1-slugify-punctuation-2663598/stage5-owned-repo-proof.json`
- post-merge comparison: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T104507Z-stage6-real-governed-refresh/stage6-real-governed-refresh-comparison.json`
- post-merge WebUI summary: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T104552Z-run-all-fake-2738738/webui-summary.json`
## Validation Facts
- report shape: pass
- event validity: pass
- allowed-path compliance: pass
- failure closure: pass
- failure matrix coverage carry-forward: pass
- artifact completeness: pass
- forbidden-action closure: pass
- operator acceptance: pass
- approval provenance: pass
- source admission freshness: current
- target validation: pass
- Target Repository read-only status: pass
- fake lane evidence: represented by prior Stage 6 comparison
- Codex lane: blocked with rationale
- Pi lane: blocked with rationale
- runtime default activation: false
- core promotion status: not-promoted
## Approval Provenance Note
Both Stage 5 proof artifacts record approval_source as `JP chat approval on 2026-06-01`. The second repeatability prose records JP chat instruction on 2026-06-02. The validator records proof approval provenance exactly and does not rewrite proof artifacts.

102
.sot/03-PROTOCOLS/CTO-CASE-STAGE6-REPEATABILITY-REFRESH-ISSUES.md
View File

@ -1,102 +0,0 @@
---
name: CTO Case Stage6 Repeatability Refresh Issues
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-02
last_reviewed: 2026-06-02
core_promotion_status: not-promoted
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE6-REPEATABILITY-REFRESH-PRD.md
---
# CTO Case Stage6 Repeatability Refresh Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
Stage 6 repeatability refresh.
## Issue: CTO-WORK-081 - Stage 6 Repeatability Refresh PRD
Type: AFK.
Status: validated.
Acceptance:
- Register `CTO-WORK-081`, `CTO-WORK-082`, `CTO-WORK-083`, and `CTO-WORK-084`.
- Define pinned inputs for `r1-src-string-slugify` and `r1-slugify-punctuation`.
- Require report shape, event validity, allowed-path compliance, failure closure, failure matrix coverage carry-forward, artifact completeness, forbidden-action closure, operator acceptance, approval provenance, source admission freshness, target validation, and Target Repository read-only status.
- Require fake lane evidence, Codex blocked rationale, and Pi blocked rationale.
- Require computed `repeatability_status` as `pass`, `blocked`, or `fail`.
- Require `repeatability_count: 2` for success.
- Require `runtime default activation: false`.
- Require `core_promotion_status: not-promoted`.
- Forbid new Case mutation, default activation, Core promotion, target mutation, push, merge, deploy, close, PR open, issue close, publication, vendor-source mutation, external developer repository mutation, unowned repository mutation, endpoint exposure, secret exposure, credential exposure, and raw Target Repository content exposure.
## Issue: CTO-WORK-082 - Stage 6 Repeatability Harness Route
Type: AFK.
Status: validated.
Blocked by: `CTO-WORK-081`.
Acceptance:
- Extend `validate-case-stage6-real-refresh.py`.
- Keep compatibility fields `real_stage5_pass_report` and `real_stage5_proof`.
- Add `repeat_stage5_pass_report` and `repeat_stage5_proof`.
- Add `real_stage5_passes`.
- Add `repeatability_required: 2`.
- Add `repeatability_count: 2`.
- Add `repeatability_status: pass`.
- Add `repeatability_passed: true`.
- Add `runtime_default_activation: false`.
- Add `core_promotion_status: not-promoted`.
- Focused validator passes.
- Aggregate Harness health passes before commit and after merge.
## Issue: CTO-WORK-083 - Hermes Repeatability Control Summary
Type: AFK.
Status: validated.
Blocked by: `CTO-WORK-082`.
Acceptance:
- Hermes Control Surface summary reads the extended real-governed refresh artifact.
- Summary exposes `repeatability_count: 2`.
- Summary exposes `repeatability_status: pass`.
- Summary exposes `candidate_default_repeatability_eligible: true`.
- Summary exposes `runtime_default_activation: false`.
- Summary exposes `core_promotion_status: not-promoted`.
- Summary keeps Codex lane and Pi lane blocked with rationale.
- Summary validator checks repeatability fields.
## Issue: CTO-WORK-084 - Stage 6 Repeatability Evidence Closeout
Type: AFK.
Status: validated.
Blocked by: `CTO-WORK-083`.
Acceptance:
- Evidence references Hermes implementation commit `05ab2ff`.
- Evidence references Hermes merge commit `40b0d9a`.
- Evidence references comparison artifact `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T104507Z-stage6-real-governed-refresh/stage6-real-governed-refresh-comparison.json`.
- Evidence references WebUI summary artifact `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T104552Z-run-all-fake-2738738/webui-summary.json`.
- Evidence records `repeatability_count: 2`.
- Evidence records `repeatability_status: pass`.
- Evidence records `runtime_default_activation: false`.
- Evidence records `core_promotion_status: not-promoted`.
- Evidence records no target repository mutation attempted.
- Evidence records no forbidden action.
- CTO validator checks PRD, issues, evidence, and Workboard statuses.
## Granularity Check
This sequence separates planning, Harness evidence refresh, Control Surface exposure, and closeout evidence. The Hermes code shipped the Harness and summary changes together because the summary is a read-only projection over the same artifact.

95
.sot/03-PROTOCOLS/CTO-CASE-STAGE6-REPEATABILITY-REFRESH-PRD.md
View File

@ -1,95 +0,0 @@
---
name: CTO Case Stage6 Repeatability Refresh PRD
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-02
last_reviewed: 2026-06-02
core_promotion_status: not-promoted
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE5-REPEATABILITY-PROOF-EVIDENCE.md
---
# CTO Case Stage6 Repeatability Refresh PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
Stage 6 repeatability refresh.
## Problem
CTO has two governed Stage 5 Case passes in the admitted Target Repository. Existing Stage 6 real-governed refresh evidence consumed only the first pass. CTO needs a read-only refresh that proves repeatability across both passes before any later candidate-default decision discussion.
## Solution
Extend the existing Stage 6 real-governed refresh seam. The seam reads two pinned Harness Evidence Interface report and proof pairs, verifies both governed passes against Stage 6 dimensions, records computed repeatability status, and exposes repeatability through the Hermes Control Surface summary.
## Pinned Inputs
- first case_id: `r1-src-string-slugify`
- first run_id: `20260601T105222Z-r1-src-string-slugify-180161`
- first report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/report.json`
- first Stage 5 proof: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/stage5-owned-repo-proof.json`
- first target commit: `7706f99`
- first expected changed files: `src/strings.py`, `test_strings.py`
- repeat case_id: `r1-slugify-punctuation`
- repeat run_id: `20260602T101450Z-r1-slugify-punctuation-2663598`
- repeat report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T101450Z-r1-slugify-punctuation-2663598/report.json`
- repeat Stage 5 proof: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T101450Z-r1-slugify-punctuation-2663598/stage5-owned-repo-proof.json`
- repeat target commit: `2fa1601`
- repeat expected changed files: `src/strings.py`, `strings.py`, `test_strings.py`
## Scope
- Validate both report/proof pairs.
- Verify report shape, event validity, allowed-path compliance, failure closure, failure matrix coverage carry-forward, artifact completeness, forbidden-action closure, operator acceptance, approval provenance, source admission freshness, target validation, and Target Repository read-only status.
- Require fake lane evidence from prior Stage 6.
- Keep Codex lane blocked with rationale.
- Keep Pi lane blocked with rationale.
- Record computed `repeatability_status` as `pass`, `blocked`, or `fail`.
- Record `repeatability_count: 2` when both pinned passes validate.
- Record `runtime default activation: false`.
- Record `core_promotion_status: not-promoted`.
- Expose repeatability count, status, comparison path, and default activation false through Hermes Control Surface summary.
## Non-Goals
- Do not run a new Case mutation.
- Do not activate Case as default backend.
- Do not promote CTO artifacts into Core.
- Do not mutate a Target Repository.
- Do not push, merge, deploy, close, PR open, issue close, publish, mutate vendor source, mutate external developer repositories, mutate unowned repositories, expose endpoint values, expose secret values, expose credential values, or expose raw Target Repository content.
- Do not replace Core authority with CTO, Hermes, Harness, Case, Pi, Codex, or any execution backend.
## Acceptance Criteria
- `CTO-WORK-081`, `CTO-WORK-082`, `CTO-WORK-083`, and `CTO-WORK-084` are validated.
- `validate-case-stage6-real-refresh.py` consumes both pinned report/proof pairs.
- `validate-case-stage6-real-refresh.py` records `repeatability_count: 2`.
- `validate-case-stage6-real-refresh.py` records `repeatability_status: pass`.
- `validate-case-stage6-real-refresh.py` records `runtime_default_activation: false`.
- `validate-case-stage6-real-refresh.py` records `core_promotion_status: not-promoted`.
- Hermes Control Surface summary records `repeatability_count: 2`.
- Hermes Control Surface summary records `repeatability_status: pass`.
- Hermes Control Surface summary records `candidate_default_repeatability_eligible: true`.
- Hermes Control Surface summary records `runtime_default_activation: false`.
- Validators reject missing artifacts, failed pass facts, target mutation, default activation, Core promotion, forbidden actions, missing approval provenance, stale source admission, and secret-shaped keys.
## Validation
- `python3 harness/runner/validate-case-stage6-real-refresh.py --json`
- `python3 harness/runner/validate-webui-summary.py --json`
- `harness/evals/health.sh --json`
- `python3 tools/validate_cto_child.py`
- `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py`
## Risks
- Repeatability evidence can be misread as default authority. Mitigation: record runtime default activation false in every artifact.
- A second pass can overstate readiness if failure closure is ignored. Mitigation: require prior Stage 6 failure closure.
- Artifact paths can drift. Mitigation: validators load files from pinned artifact paths.
- Approval provenance can drift between prose and proof. Mitigation: validator records proof `approval_source` exactly and evidence records the mismatch.
- Control Surface wording can imply governance. Mitigation: Core promotion remains not-promoted.
## Success Definition
CTO has validated child-local evidence that Case passed two distinct governed Stage 5 tasks through the CTO Harness seam, Hermes exposes that repeatability evidence read-only, runtime default activation remains false, and Core promotion remains not-promoted.

362
.sot/03-PROTOCOLS/CTO-CASE-STAGED-PROOF-GATES.md
View File

@ -1,362 +0,0 @@
---
name: cto-case-staged-proof-gates
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-CANDIDATE-BACKEND-PRD.md
created: 2026-05-31
last_reviewed: 2026-05-31
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local staged proof gate records for Case candidate backend progression.
---
# CTO Case Staged Proof Gates
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Purpose
Define the staged proof gates Case must pass before it can be discussed as a candidate default backend.
Default status is earned, not assumed. No stage grants Core authority, WebUI Runtime behavior, real-repo mutation outside its stated scope, merge, deploy, push, close, vendor-source mutation, external developer repository mutation, or Core promotion.
## Gate Rules
- Stages must be completed in order.
- Each stage must preserve the CTO Harness Evidence Interface.
- Each stage must respect the Case Source Admission Record.
- Each stage must use the CTO Case Adapter Contract and Eligibility Decision.
- Each stage must account for the CTO Case Failure Fixture Matrix.
- Missing evidence means blocked, not partially accepted.
- Later stages must not reinterpret earlier stage success as broader mutation permission.
## Stage Summary
| Stage | Name | Allowed mutation scope | Promotion condition |
| --- | --- | --- | --- |
| 1 | Gated Case engine | none | Harness accepts `--engine case` only when explicitly enabled and default-deny proof passes. |
| 2 | Artificial fixture | copied artificial case only | Case adapter matches existing fake fixture behavior through the Harness Evidence Interface. |
| 3 | Copied repo fixture | copied local repository fixture only | No source repository mutation; clean start/end and failure fixtures pass. |
| 4 | Disposable sandbox repo | disposable repository only | Approval, branch, fail-closed, and artifact behavior pass in a throwaway repository. |
| 5 | Owned noncritical repo | explicitly owned low-risk repository only | Operator accepts bounded proof with source admission, approval, and allowed paths. |
| 6 | Candidate default | scoped real-repo use only | Case matches or beats fake, Codex, and Pi where applicable on evidence completeness and failure closure. |
## Stage 1 - Gated Case Engine
Entry gates:
- Harness Evidence Interface Contract is validated.
- Case Adapter Contract is validated.
- Case Source Admission Record exists.
- Case Failure Fixture Matrix exists.
Allowed mutation scope: none.
Required artifacts:
- `report.json`;
- `events.normalized.jsonl`;
- `trace.jsonl`;
- no-op `patch.diff`;
- no-op `test.log`;
- backend raw logs showing default-deny preflight.
Validator expectation:
- `case` is registered as a gated engine;
- `--engine case` is rejected unless explicitly enabled;
- no source files are changed;
- missing gate produces blocked status.
Required failure classes:
- provider unavailable;
- missing required event;
- artifact write failure.
Promotion condition:
- Harness accepts `--engine case` only when explicitly enabled and default-deny proof passes.
## Stage 2 - Artificial Fixture
Status: validated for Case/Qwen Stage 2 artificial fixture on 2026-06-01.
Entry gates:
- Stage 1 is validated.
- Artificial fixture task contract exists.
- Allowed paths and verification command are explicit.
Allowed mutation scope: copied artificial case only.
Required artifacts:
- full Harness Evidence Interface artifact set;
- changed files list;
- allowed-write proof;
- verification log;
- digest and freshness proof.
Validator expectation:
- artificial fixture can pass through the Case adapter;
- fake lane remains default validation lane;
- Case output matches report shape, event validity, allowed-path compliance, failure closure, and artifact completeness expected from fake fixtures.
Required failure classes:
- no diff;
- disallowed file;
- failed tests;
- missing test command;
- missing required event.
Promotion condition:
- Case adapter matches existing fake fixture behavior through the Harness Evidence Interface.
Validation evidence:
- Hermes commit: `fc54680 Complete Case lifecycle after committed proof`.
- Real Case Qwen Stage 2 pass artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T025817Z-r1-string-slugify-2907822`.
- Report status: `pass`.
- Changed files: `strings.py`.
- Tests passed: `true`.
- Required events passed: `true`.
- No Target Repository path was inspected or copied.
- This validates Stage 2 only. Stage 3 copied-repo fixture remains the next proof gate.
## Stage 3 - Copied Repo Fixture
Status: validated for copied-repo fixture proof on 2026-06-01.
Entry gates:
- Stage 2 is validated.
- Copied repository fixture is created from an owned local source.
- Source repository remains read-only during fixture creation.
Allowed mutation scope: copied local repository fixture only.
Required artifacts:
- full Harness Evidence Interface artifact set;
- clean starting tree proof for copied fixture;
- clean ending tree proof;
- source repository non-mutation proof;
- failure fixture results.
Planning evidence:
- Stage 3 PRD: `.sot/03-PROTOCOLS/CTO-CASE-STAGE3-COPIED-REPO-PRD.md`.
- Stage 3 issues: `.sot/03-PROTOCOLS/CTO-CASE-STAGE3-COPIED-REPO-ISSUES.md`.
Validation evidence:
- Hermes commit: `4edf5f1 Add Case Stage 3 copied repo harness proof`.
- Stage 3 pass artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T031903Z-r1-string-slugify-3018046`.
- Real Case Qwen Stage 3 pass artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T032245Z-r1-string-slugify-3035256`.
- Stage 3 pass report status: `pass`.
- Source repository mutated: `false`.
- Copied fixture starts clean: `true`.
- Copied fixture ends clean: `true`.
- Required events passed: `true`.
- Aggregate harness health status: `pass`.
- This validates Stage 3 only. Stage 4 disposable sandbox repo remains the next proof gate.
Validator expectation:
- all changes occur inside copied fixture;
- no hidden mutation occurs in source repository;
- dirty-starting-tree and dirty-ending-tree failures are detected.
Required failure classes:
- dirty starting tree;
- dirty ending tree;
- timeout;
- artifact write failure.
Promotion condition:
- copied repo fixture proves no source repo mutation and clean start/end behavior.
## Stage 4 - Disposable Sandbox Repo
Status: validated for disposable sandbox repository proof on 2026-06-01.
Entry gates:
- Stage 3 is validated.
- Disposable repository ownership and disposal policy are explicit.
- Approval events are enabled for mutation mode.
Allowed mutation scope: disposable repository only.
Required artifacts:
- full Harness Evidence Interface artifact set;
- approval event proof;
- branch policy proof;
- sandbox disposal or retention note;
- failure matrix coverage for sandbox mode.
Planning evidence:
- Stage 4 PRD: `.sot/03-PROTOCOLS/CTO-CASE-STAGE4-DISPOSABLE-SANDBOX-PRD.md`.
- Stage 4 issues: `.sot/03-PROTOCOLS/CTO-CASE-STAGE4-DISPOSABLE-SANDBOX-ISSUES.md`.
Validation evidence:
- Hermes commit: `033fec8 Add Case Stage 4 disposable sandbox proof`.
- Focused Stage 4 validator: `python3 harness/runner/validate-case-stage4.py --harness-root harness --json`.
- Focused Stage 4 validator status: `ok: true`.
- Stage 4 pass artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T033647Z-r1-string-slugify-3113348`.
- Stage 4 proof artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T033647Z-r1-string-slugify-3113348/stage4-disposable-sandbox-proof.json`.
- Approval denied failure fixture blocked before Case execution.
- Missing Stage 4 gate failure fixture blocked before Case execution.
- Aggregate harness health status: `pass`.
- This validates Stage 4 only. Stage 5 owned noncritical repository remains the next proof gate.
Validator expectation:
- mutation occurs only in disposable repository;
- approval denied fails closed;
- branch policy is recorded;
- no merge, push, deploy, or close occurs unless explicitly allowed by the task contract.
Required failure classes:
- approval denied;
- reviewer reject;
- timeout;
- provider unavailable.
Promotion condition:
- disposable sandbox repo proves approval, branch, fail-closed, and artifact behavior.
## Stage 5 - Owned Noncritical Repo
Status: validated for owned noncritical repository proof on 2026-06-01.
Entry gates:
- Stage 4 is validated.
- Target Repository ownership is explicit.
- Repository is low risk and noncritical.
- Human approval is recorded before mutation.
- Source license note is resolved for the requested execution mode.
Allowed mutation scope: explicitly owned low-risk repository only.
Required artifacts:
- full Harness Evidence Interface artifact set;
- Target Repository ownership proof;
- approval event proof;
- allowed paths and forbidden actions;
- post-run operator acceptance or rejection.
Planning evidence:
- Stage 5 PRD: `.sot/03-PROTOCOLS/CTO-CASE-STAGE5-OWNED-NONCRITICAL-REPO-PRD.md`.
- Stage 5 issues: `.sot/03-PROTOCOLS/CTO-CASE-STAGE5-OWNED-NONCRITICAL-REPO-ISSUES.md`.
- Stage 5 admission preflight evidence: Hermes commit `6e68a1a Add Case Stage 5 target admission preflight`; focused validator `ok: true`; aggregate harness health `pass`. This validates admission preflight only, not owned repository execution.
Validation evidence:
- Hermes commit: `084ac70 Add Case Stage 5 owned repo proof`.
- Focused Stage 5 validator on Hermes main: `python3 harness/runner/validate-case-stage5.py --harness-root harness --json`.
- Focused Stage 5 validator status: `ok: true`.
- Focused validator pass report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T100039Z-r1-string-slugify-37603/report.json`.
- Actual admitted Target Repository proof report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T100335Z-r1-string-slugify-43237/report.json`.
- Actual admitted Target Repository proof artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T100335Z-r1-string-slugify-43237/stage5-owned-repo-proof.json`.
- Target repo: `/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox`.
- Target repo proof commit: `155b442 stage5 case result`.
- Changed files: `strings.py`.
- Allowed paths passed: `true`.
- Forbidden paths passed: `true`.
- Required events passed: `true`.
- Tests passed: `true`.
- Operator outcome: `accepted`.
- Target repository started clean and ended clean.
- This validates Stage 5 only. Stage 6 candidate default remains blocked until comparison evidence exists.
Validator expectation:
- mutation stays inside allowed paths;
- no direct push, merge, deploy, or close occurs unless task contract explicitly allows it;
- operator approval and outcome are replayable.
Required failure classes:
- disallowed file;
- failed tests;
- approval denied;
- dirty ending tree.
Promotion condition:
- operator accepts bounded proof with source admission, approval, and allowed paths.
## Stage 6 - Candidate Default
Status: validated for candidate-default comparison proof on 2026-06-01. Candidate-default activation remains false; this is evidence for candidacy discussion, not runtime default authority.
Entry gates:
- Stage 5 is validated.
- Comparison fixtures exist for fake, Codex, and Pi where applicable.
- Case source admission is current.
- Failure matrix coverage is complete or explicitly blocked with rationale.
Allowed mutation scope: scoped real-repo use only.
Required artifacts:
- full Harness Evidence Interface artifact set;
- comparative evidence against fake, Codex, and Pi where applicable;
- failure closure evidence;
- source admission freshness;
- operator acceptance.
Validator expectation:
- Case matches or beats existing lanes on report shape;
- Case matches or beats existing lanes on event validity;
- Case matches or beats existing lanes on allowed-path compliance;
- Case matches or beats existing lanes on failure closure;
- Case matches or beats existing lanes on artifact completeness.
Required failure classes:
- all failure matrix rows, unless a row is explicitly blocked by a governed stage record.
Promotion condition:
- Case may be discussed as candidate default only after comparison evidence shows it matches or beats fake, Codex, and Pi where applicable on evidence completeness and failure closure.
Planning evidence:
- Stage 6 PRD: `.sot/03-PROTOCOLS/CTO-CASE-STAGE6-CANDIDATE-DEFAULT-PRD.md`.
- Stage 6 issues: `.sot/03-PROTOCOLS/CTO-CASE-STAGE6-CANDIDATE-DEFAULT-ISSUES.md`.
Validation evidence:
- Hermes commit: `ff0a008 Add Case Stage 6 candidate default comparison`.
- Focused Stage 6 validator on Hermes main: `python3 harness/runner/validate-case-stage6.py --harness-root harness --json`.
- Focused Stage 6 validator status: `ok: true`.
- Focused Stage 6 comparison report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T101308Z-stage6-candidate-default-70246/stage6-candidate-default-comparison.json`.
- Post-merge aggregate Harness health: `harness/evals/health.sh --json`, status `pass`.
- Post-merge Stage 6 comparison report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T101357Z-stage6-candidate-default-76795/stage6-candidate-default-comparison.json`.
- Post-merge aggregate matrix artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T101338Z-run-all-fake-74797/report.json`.
- Candidate-default activation remains `false`.
## Final Guard
These staged proof gates do not implement Case and do not authorize execution. They define the minimum route for later implementation.
Any future implementation must start with Stage 1 and must not skip to real-repo execution.

129
.sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-PACKET-CLOSEOUT.md
View File

@ -1,129 +0,0 @@
---
name: CTO Core Promotion Decision Packet Closeout
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-02
last_reviewed: 2026-06-02
core_promotion_status: not-promoted
source: .sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-RECORD.md
---
# CTO Core Promotion Decision Packet Closeout
Local planning SOT only. Not a Core Protocol. Not active Core authority.
Core Promotion Decision Packet.
## Workboard
- `CTO-WORK-085`
- `CTO-WORK-086`
- `CTO-WORK-087`
- `CTO-WORK-088`
## Result
- status: validated
- validated child-local repeatability evidence; not Core promotion; not Runtime default activation
- decision_status: core_promotion_requested
- ready_for_core_review: true
- recommended_next_decision: open_governed_core_prd_route
- recommendation_status: candidate_only_until_core_route_admission_guard_passes
- candidate_default_repeatability_eligible: true
- repeatability_count: 2
- repeatability_status: pass
- runtime_default_activation: false
- core_promotion_status: not-promoted
- Runtime default activation remains false.
- No Core promotion occurs.
- No Core mutation occurs.
- no target repository mutation attempted
- no Case execution attempted
- Do not activate Case as default backend.
- This closeout does not authorize another Case run.
## Evidence Map
| Evidence | Status | Pointer |
| --- | --- | --- |
| Governed execution evidence | validated | `CTO-WORK-071` |
| Hermes live smoke remote sync | validated | `CTO-WORK-075` |
| CTO endgoal completion audit | validated | `CTO-WORK-077` |
| Stage 5 repeatability evidence | validated | `CTO-WORK-080` |
| Stage 6 repeatability PRD | validated | `CTO-WORK-081` |
| Stage 6 repeatability Harness route | validated | `CTO-WORK-082` |
| Hermes repeatability control summary | validated | `CTO-WORK-083` |
| Stage 6 repeatability evidence closeout | validated | `CTO-WORK-084` |
## Artifact Evidence
- Stage 6 repeatability comparison artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T104507Z-stage6-real-governed-refresh/stage6-real-governed-refresh-comparison.json`
- Hermes WebUI summary artifact: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T104552Z-run-all-fake-2738738/webui-summary.json`
- first governed Stage 5 report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/report.json`
- repeat governed Stage 5 report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260602T101450Z-r1-slugify-punctuation-2663598/report.json`
- first target commit: `7706f99`
- repeat target commit: `2fa1601`
- Hermes implementation commit: `05ab2ff`
- Hermes merge commit: `40b0d9a`
- CTO baseline merge commit before this packet: `00d13f6`
## Readiness Facts
- Cortex governs: proven
- CTO routes: proven
- Hermes controls: proven
- Harness proves: proven
- Case executes only after proof: proven
- bounded code changes with evidence: proven
- target repos stay owned and protected: proven
- default status is earned not assumed: proven
- candidate-default evidence: proven
- repeatability_count: 2
- repeatability_status: pass
- candidate_default_repeatability_eligible: true
- runtime_default_activation: false
- core_promotion_status: not-promoted
- Codex lane: blocked with rationale
- Pi lane: blocked with rationale
## Future Core Route Requirements
Any future Core route must:
- start from the Core workspace, not this CTO workspace;
- pass a Core Route Admission Guard showing an idle governed Core route and no active conflicting Core worktree;
- classify the promoted object class before mutation;
- obey the Core Sequence Protocol;
- update Core SOT only through a governed Core PRD and SOT Issue route;
- add Core validator coverage before any promotion claim;
- produce Core Evidence before any Core authority claim;
- keep runtime default activation separate from candidate-default readiness;
- preserve no-secret, no-endpoint-value, no-raw-Target-Repository-content rules;
- preserve rollback by keeping Case disabled until a later governed route changes runtime default activation.
## Blockers Before Promotion
- No Core PRD exists for CTO promotion.
- No Core SOT Issue exists for CTO promotion.
- No Core validator for CTO promotion exists.
- No Core Evidence file exists for CTO promotion.
- No Core Sequence Protocol route has selected CTO promotion as current work.
- Runtime default activation remains false.
## Explicit Non-Authority
This packet is a decision packet, not execution evidence, not Core Evidence, not a Core Protocol, not a runtime switch, and not a promotion approval.
Do not push, merge, deploy, close, PR open, issue close, publish, mutate vendor source, mutate external developer repositories, mutate unowned repositories, expose endpoint values, expose secret values, expose credential values, or expose raw Target Repository content.
Do not treat Case, Hermes, Pi, Codex, Harness, or CTO as Cortex OS authority.
## Validation
- `python3 tools/validate_cto_child.py`: required
- `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py`: required before final claim
## Decision
CTO evidence is ready for Core review. The next pragmatic move is candidate-only: open a governed Core PRD route only after the Core Route Admission Guard passes and only if JP or a governed Core route chooses to pursue promotion. Until that separate route exists and passes Core validators, Core promotion remains not-promoted and runtime default activation remains false.

111
.sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-PACKET-ISSUES.md
View File

@ -1,111 +0,0 @@
---
name: CTO Core Promotion Decision Packet Issues
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-02
last_reviewed: 2026-06-02
core_promotion_status: not-promoted
source: .sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-PACKET-PRD.md
---
# CTO Core Promotion Decision Packet Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
Core Promotion Decision Packet.
## Issue: CTO-WORK-085 - Core Promotion Decision Packet PRD
Type: AFK.
Status: validated.
Acceptance:
- Define child-local packet scope.
- Add Core Promotion Decision Packet to `CONTEXT.md`.
- Define allowed decision states: `not_decided`, `core_promotion_requested`, and `core_promotion_deferred`.
- Require `ready_for_core_review: true`.
- Require candidate_default_repeatability_eligible: true.
- Require repeatability_count: 2.
- Require repeatability_status: pass.
- Require runtime_default_activation: false.
- Require core_promotion_status: not-promoted.
- Require recommended_next_decision: open_governed_core_prd_route.
- Require Core Sequence Protocol route required.
- Require Core validator coverage required.
- Require runtime default activation requires a separate governed Core route.
- Forbid Core mutation, Target Repository mutation, Case execution, default activation, push, merge, deploy, close, PR open, issue close, publication, vendor-source mutation, external developer repository mutation, unowned repository mutation, endpoint exposure, secret exposure, credential exposure, and raw Target Repository content exposure.
## Issue: CTO-WORK-086 - Core Promotion Decision Record
Type: AFK.
Status: validated.
Blocked by: `CTO-WORK-085`.
Acceptance:
- Create the Core Promotion Decision Record.
- Record `decision_status: core_promotion_requested`.
- Record allowed decision states: `not_decided`, `core_promotion_requested`, and `core_promotion_deferred`.
- Record resolver: JP or governed Core route.
- Record `ready_for_core_review: true`.
- Record candidate_default_repeatability_eligible: true.
- Record repeatability_count: 2.
- Record repeatability_status: pass.
- Record runtime_default_activation: false.
- Record core_promotion_status: not-promoted.
- Record recommended_next_decision: open_governed_core_prd_route.
- Record Core Sequence Protocol route required.
- Record Core validator coverage required.
- Record no Core mutation, no Target Repository mutation, no Case execution, and no default activation.
## Issue: CTO-WORK-087 - Core Promotion Decision Packet Closeout
Type: AFK.
Status: validated.
Blocked by: `CTO-WORK-086`.
Acceptance:
- Create the Core Promotion Decision Packet closeout.
- Map evidence from `CTO-WORK-071`, `CTO-WORK-075`, `CTO-WORK-077`, `CTO-WORK-080`, `CTO-WORK-081`, `CTO-WORK-082`, `CTO-WORK-083`, and `CTO-WORK-084`.
- Reference Stage 6 repeatability comparison artifact.
- Reference Hermes WebUI summary artifact.
- Record validated child-local repeatability evidence; not Core promotion; not Runtime default activation.
- State Runtime default activation remains false.
- State No Core promotion occurs.
- State Do not activate Case as default backend.
- State This closeout does not authorize another Case run.
## Issue: CTO-WORK-088 - Core Promotion Decision Packet Validation
Type: AFK.
Status: validated.
Blocked by: `CTO-WORK-087`.
Acceptance:
- Update `tools/validate_cto_child.py`.
- Register `CTO-WORK-085`, `CTO-WORK-086`, `CTO-WORK-087`, and `CTO-WORK-088`.
- Require PRD, issue sequence, decision record, and closeout phrases.
- Require Workboard statuses validated.
- Require `python3 tools/validate_cto_child.py` to pass.
- Require `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py` before final claim.
## Granularity Check
This sequence is one vertical CTO route: define the decision packet contract, record the fail-closed decision state, close out the packet against existing evidence, and validate the packet. It deliberately avoids a Core implementation slice because Core promotion is a separate governed decision.
## Challenge Notes
- `$to-issues` output stays AFK because the work is child-local documentation plus validator coverage.
- `$improve-codebase-architecture` feedback accepted: do not add a new runtime seam when the SOT plus validator seam is enough.
- `$grill-with-docs` feedback accepted: use `ready_for_core_review` and `Core Promotion Decision Packet`, not promoted, approved, or runtime default active.

134
.sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-PACKET-PRD.md
View File

@ -1,134 +0,0 @@
---
name: CTO Core Promotion Decision Packet PRD
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-02
last_reviewed: 2026-06-02
core_promotion_status: not-promoted
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE6-REPEATABILITY-REFRESH-EVIDENCE.md
---
# CTO Core Promotion Decision Packet PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
Core Promotion Decision Packet.
## Problem Statement
CTO now has validated child-local evidence through Stage 6 repeatability: two governed Stage 5 Case passes, a read-only Stage 6 repeatability refresh, Hermes Control Surface replay data, runtime default activation false, and Core promotion status not-promoted. Without one compact decision packet, the next operator or Core route has to reconstruct readiness from many artifacts and can misread candidate-default readiness as promotion or runtime default authority.
## Solution
Create a child-local Core Promotion Decision Packet that maps validated CTO evidence to one future governed Core review decision. The packet records `decision_status: core_promotion_requested`, `ready_for_core_review: true`, `candidate_default_repeatability_eligible: true`, `runtime_default_activation: false`, and `core_promotion_status: not-promoted`. It recommends opening a separate governed Core PRD route only after a Core Route Admission Guard passes. It does not mutate Core, promote CTO artifacts, activate Case as runtime default, or authorize another Case run.
## Scope
- Register `CTO-WORK-085`, `CTO-WORK-086`, `CTO-WORK-087`, and `CTO-WORK-088`.
- Define the packet as child-local CTO planning only.
- Define allowed decision states: `not_decided`, `core_promotion_requested`, and `core_promotion_deferred`.
- Set the current decision state to `core_promotion_requested` as a request for Core review, not as promotion approval.
- Map evidence from `CTO-WORK-071`, `CTO-WORK-075`, `CTO-WORK-077`, `CTO-WORK-080`, `CTO-WORK-081`, `CTO-WORK-082`, `CTO-WORK-083`, and `CTO-WORK-084`.
- Include repeatability_count: 2.
- Include repeatability_status: pass.
- Include candidate_default_repeatability_eligible: true.
- Include runtime_default_activation: false.
- Include Core promotion status not-promoted.
- Reference the Stage 6 repeatability comparison artifact.
- Reference the Hermes WebUI summary artifact.
- Record the recommended next decision as `open_governed_core_prd_route`.
- State Core Sequence Protocol route required before any Core mutation.
- State Core validator coverage required before any Core promotion claim.
- State runtime default activation requires a separate governed Core route.
- State no new target repository mutation occurs.
- State no Core file mutation occurs in this CTO slice.
- Preserve secrets, endpoints, credential values, and raw Target Repository content out of SOT.
## Non-Goals
- Do not promote CTO artifacts into Core.
- Do not activate Case as default backend.
- Do not run Case.
- Do not mutate target repositories.
- Do not mutate `../core/`.
- Do not edit upstream `hermes-webui`.
- Do not edit upstream `hermes-agent`.
- Do not create Runtime behavior.
- Do not create a new backend, provider, adapter, harness command, or WebUI control.
- Do not push, merge, deploy, close, PR open, issue close, public publication, vendor-source mutation, external developer repository mutation, unowned repository mutation, endpoint exposure, secret exposure, credential exposure, or raw Target Repository content exposure.
- Do not treat Case, Hermes, Pi, Codex, Harness, or CTO as Cortex OS authority.
## User Stories
1. As JP, I want one compact readiness packet, so that I can decide whether to open a governed Core review without reading every CTO artifact first.
2. As Cortex OS Core, I want child-local evidence to remain child-local until routed, so that promotion cannot happen by wording.
3. As CTO, I want candidate-default readiness separated from runtime default activation, so that repeatability evidence cannot become execution authority.
4. As Hermes, I want replay paths preserved in the packet, so that proof can be inspected without copying runtime artifacts into SOT.
5. As a future Core agent, I want explicit blockers and required validators, so that a Core PRD route can start from a clear contract.
## Implementation Decisions
- The packet is a SOT document in the CTO workspace, not a generated artifact and not a Core Protocol.
- The packet is the interface for this slice; no runtime module, adapter, or new command is introduced.
- The decision record uses only `not_decided`, `core_promotion_requested`, and `core_promotion_deferred`.
- The packet records `ready_for_core_review: true` rather than `promoted`, `approved`, or `runtime_default_active`.
- The packet maps evidence by Workboard IDs and replay artifact paths instead of copying runtime JSON, proof logs, or raw Target Repository content.
- The packet's next action is a decision route: `open_governed_core_prd_route`.
- The packet's next action is candidate-only until the Core Route Admission Guard passes.
- Any later promotion must happen from the Core workspace under the Core Sequence Protocol, Core object classification, Core validators, and Core Evidence.
## Testing Decisions
- Test at the highest existing seam: `python3 tools/validate_cto_child.py`.
- Validator coverage must require the packet files, Workboard IDs, readiness fields, authority guards, replay paths, and forbidden-action language.
- Core caveman prose discipline remains required before claim or final answer.
- No Harness aggregate is required for this slice because no Hermes, Harness, Case, or Target Repository behavior changes.
## Challenge Review
- `$zoom-out`: accepted. The packet maps the vertical chain: Cortex governs, CTO routes, Hermes controls, Harness proves, Case executes, Target Repository stays owned.
- `$improve-codebase-architecture`: accepted. The deepest useful interface is the existing SOT plus validator seam; adding a runtime abstraction would create shallow machinery.
- `$grill-with-docs`: accepted. `Core Promotion Decision Packet` is added to `CONTEXT.md`, and the canonical readiness term is `ready_for_core_review`.
- Reviewer feedback accepted: use a separate decision record and closeout so the decision state is fail-closed and the validation proof is explicit.
- Reviewer feedback accepted: preserve exact guard phrases `No Core promotion occurs.`, `Do not activate Case as default backend.`, and `This closeout does not authorize another Case run.`
- Rejected feedback: promote directly into Core now. This is an irreversible authority choice and requires a governed Core route.
- Rejected feedback: activate Case as runtime default now. Repeatability proves review readiness only; default activation needs separate Core authority.
## Acceptance Criteria
- `WORKBOARD.yaml` records `CTO-WORK-085`, `CTO-WORK-086`, `CTO-WORK-087`, and `CTO-WORK-088` as validated.
- `CONTEXT.md` defines Core Promotion Decision Packet.
- The PRD, issue sequence, decision record, and closeout all state Local planning SOT only. Not a Core Protocol. Not active Core authority.
- The decision record defines only `not_decided`, `core_promotion_requested`, and `core_promotion_deferred`.
- The packet records `decision_status: core_promotion_requested`.
- The packet records `ready_for_core_review: true`.
- The packet records `candidate_default_repeatability_eligible: true`.
- The packet records `repeatability_count: 2`.
- The packet records `repeatability_status: pass`.
- The packet records `runtime_default_activation: false`.
- The packet records `core_promotion_status: not-promoted`.
- The packet records `recommended_next_decision: open_governed_core_prd_route`.
- The packet states Core Sequence Protocol route required.
- The packet states Core validator coverage required.
- The packet states runtime default activation requires a separate governed Core route.
- The packet references the Stage 6 repeatability comparison artifact.
- The packet references the Hermes WebUI summary artifact.
- The packet states no Core mutation, no Target Repository mutation, no Case execution, and no default activation occur in this slice.
- The CTO validator checks the PRD, issue sequence, decision record, closeout, and Workboard statuses.
## Validation
- `python3 tools/validate_cto_child.py`
- `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py`
## Risks And Dependencies
- Readiness language can be misread as promotion. Mitigation: require `ready_for_core_review`, `core_promotion_status: not-promoted`, and runtime default activation false.
- The future Core route can conflict with current Core Sequence Protocol priorities. Mitigation: the packet recommends review only and requires Core Sequence Protocol routing before Core mutation.
- Evidence paths can drift. Mitigation: packet records exact replay artifact paths and Workboard IDs.
- New CTO text can overstate authority. Mitigation: CTO validator requires authority guard phrases and forbidden-action language.
## Success Definition
CTO has one validated Core Promotion Decision Packet that says candidate-default evidence is ready for Core review, while Core promotion remains not-promoted, runtime default activation remains false, no Core or Target Repository mutation occurs, and any promotion must begin as a separate governed Core PRD route.

59
.sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-RECORD.md
View File

@ -1,59 +0,0 @@
---
name: CTO Core Promotion Decision Record
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-02
last_reviewed: 2026-06-02
core_promotion_status: not-promoted
source: .sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-PACKET-ISSUES.md
---
# CTO Core Promotion Decision Record
Local planning SOT only. Not a Core Protocol. Not active Core authority.
Core Promotion Decision Packet.
## Decision State
- decision_status: core_promotion_requested
- allowed_decision_states: `not_decided`, `core_promotion_requested`, `core_promotion_deferred`
- resolver: JP or governed Core route
- ready_for_core_review: true
- recommended_next_decision: open_governed_core_prd_route
- recommendation_status: candidate_only_until_core_route_admission_guard_passes
- candidate_default_repeatability_eligible: true
- repeatability_count: 2
- repeatability_status: pass
- runtime_default_activation: false
- core_promotion_status: not-promoted
## Consequences
- `not_decided` means no Core promotion request exists.
- `core_promotion_requested` means CTO requests a future governed Core review. It does not grant Core authority.
- `core_promotion_deferred` means CTO evidence remains child-local and no Core route should be opened from this packet.
## Required Future Core Route
- Core Sequence Protocol route required.
- Core validator coverage required.
- Core Evidence required.
- Core PRD required.
- Core SOT Issue required.
- runtime default activation requires a separate governed Core route.
- Core promotion, if chosen later, must happen only in `core/` or a governed Core worktree, not `cto/`.
- Core route admission requires an idle governed Core route and no active conflicting Core worktree.
## Guardrails
- No Core promotion occurs.
- No Core mutation occurs.
- Runtime default activation remains false.
- Do not activate Case as default backend.
- no target repository mutation attempted
- no Case execution attempted
- This closeout does not authorize another Case run.
- This record does not authorize another Case run.
- Do not expose endpoint values, secret values, credential values, or raw Target Repository content.

66
.sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-CLOSEOUT.md
View File

@ -1,66 +0,0 @@
---
name: CTO Core Route Admission Guard Closeout
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-02
last_reviewed: 2026-06-02
core_promotion_status: not-promoted
source: .sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD.md
---
# CTO Core Route Admission Guard Closeout
Local planning SOT only. Not a Core Protocol. Not active Core authority.
Core Route Admission Guard.
## Workboard
- `CTO-WORK-089`
- `CTO-WORK-090`
- `CTO-WORK-091`
- `CTO-WORK-092`
## Result
- status: validated
- core_route_admission_status: not_admitted
- guard_status: blocked
- blocked_reason: active_or_conflicting_core_work_present
- do_not_touch_other_agent_work: true
- ready_for_core_route_review: true
- recommended_next_decision: open_governed_core_prd_route
- next_allowed_action: wait_or_open_later_core_route_when_idle
- idle_governed_core_route_required: true
- no_active_conflicting_core_worktree_required: true
- runtime_default_activation: false
- core_promotion_status: not-promoted
- No Core mutation occurs.
- No Core reservation occurs.
- No Core promotion occurs.
- Do not mutate `../core/`.
- Runtime default activation remains false.
- Do not activate Case as default backend.
- This closeout does not authorize another Case run.
## Evidence References
- `CTO-WORK-085`
- `CTO-WORK-086`
- `CTO-WORK-087`
- `CTO-WORK-088`
- `CTO-WORK-089`
- `CTO-WORK-090`
- Core Promotion Decision Packet remains child-local.
- Core route admission is blocked until future read-only checks pass.
- S135 conflict avoidance remains required when `CORE-WORK-172` or `core/worktrees/core-keyvault-authmd-promotion-135` is active.
## Validation
- `python3 tools/validate_cto_child.py`: required
- `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py`: required before final claim
## Decision
Do not touch other agent work. Do not open or mutate a Core route from CTO while active or conflicting Core work exists. `recommended_next_decision: open_governed_core_prd_route` remains candidate-only until the guard passes.

101
.sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-ISSUES.md
View File

@ -1,101 +0,0 @@
---
name: CTO Core Route Admission Guard Issues
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-02
last_reviewed: 2026-06-02
core_promotion_status: not-promoted
source: .sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-PRD.md
---
# CTO Core Route Admission Guard Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
Core Route Admission Guard.
## Issue: CTO-WORK-089 - Core Route Admission Guard PRD
Type: AFK.
Status: validated.
Acceptance:
- Define Core Route Admission Guard.
- Require `core_route_admission_status: not_admitted`.
- Require `guard_status: blocked`.
- Require `blocked_reason: active_or_conflicting_core_work_present`.
- Require `do_not_touch_other_agent_work: true`.
- Require `ready_for_core_route_review: true`.
- Require `recommended_next_decision: open_governed_core_prd_route`.
- Require candidate-only recommendation until guard passes.
- Require `idle_governed_core_route_required: true`.
- Require `no_active_conflicting_core_worktree_required: true`.
- Require `runtime_default_activation: false`.
- Require `core_promotion_status: not-promoted`.
- Require `next_allowed_action: wait_or_open_later_core_route_when_idle`.
- Forbid Core mutation, Core reservation, Core promotion, other-agent worktree mutation, other-agent process termination, Case default activation, Case execution, target repository mutation, and mutation of `../core/`.
## Issue: CTO-WORK-090 - Core Route Admission Guard Record
Type: AFK.
Status: validated.
Blocked by: `CTO-WORK-089`.
Acceptance:
- Create the Core Route Admission Guard record.
- Record fail-closed status.
- Record `core_route_admission_status: not_admitted`.
- Record `ready_for_core_route_review: true`.
- Record `recommended_next_decision: open_governed_core_prd_route`.
- Record future read-only checks: Core worktree list, Core main status, active Core worktree status, Core Sequence Protocol route, and running Core validation processes.
- Record idle governed Core route required.
- Record no active conflicting Core worktree required.
- Record no Core mutation.
- Record no Core reservation.
- Record no Core promotion.
- Record Runtime default activation remains false.
- Record Do not activate Case as default backend.
## Issue: CTO-WORK-091 - Core Route Admission Guard Closeout
Type: AFK.
Status: validated.
Blocked by: `CTO-WORK-090`.
Acceptance:
- Create closeout.
- Reference `CTO-WORK-085`, `CTO-WORK-086`, `CTO-WORK-087`, `CTO-WORK-088`, `CTO-WORK-089`, and `CTO-WORK-090`.
- Record active or conflicting Core work blocks this route.
- Record S135 conflict avoidance.
- Record `next_allowed_action: wait_or_open_later_core_route_when_idle`.
- Record no Core mutation, no Core reservation, no Core promotion, and no runtime default activation.
## Issue: CTO-WORK-092 - Core Route Admission Guard Validation
Type: AFK.
Status: validated.
Blocked by: `CTO-WORK-091`.
Acceptance:
- Update `tools/validate_cto_child.py`.
- Register `CTO-WORK-089`, `CTO-WORK-090`, `CTO-WORK-091`, and `CTO-WORK-092`.
- Require PRD, issue, guard, and closeout phrases.
- Require Workboard statuses validated.
- Require `python3 tools/validate_cto_child.py` to pass.
- Require Core caveman prose discipline before final claim.
## Granularity Check
This is one vertical child-local guard: define the guard, record the fail-closed route state, close out the evidence, and validate it. It does not edit Core and does not overlap active Core S135 work.

128
.sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-PRD.md
View File

@ -1,128 +0,0 @@
---
name: CTO Core Route Admission Guard PRD
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-02
last_reviewed: 2026-06-02
core_promotion_status: not-promoted
source: .sot/03-PROTOCOLS/CTO-CORE-PROMOTION-DECISION-PACKET-CLOSEOUT.md
---
# CTO Core Route Admission Guard PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
Core Route Admission Guard.
## Problem Statement
CTO has a validated Core Promotion Decision Packet that says Case candidate-default evidence is ready for Core review. Core currently also has independent active work. Without a child-local admission guard, CTO can accidentally treat a ready packet as permission to open or mutate a Core route while another Core route is active.
## Solution
Add a child-local Core Route Admission Guard. The guard records the checks required before CTO may request a Core review route. It blocks while any active or conflicting Core worktree, Core validation process, Core Sequence Protocol route, or dirty Core main state exists. It does not reserve Core, edit Core, merge Core, or authorize runtime default activation.
## Scope
- Register `CTO-WORK-089`, `CTO-WORK-090`, `CTO-WORK-091`, and `CTO-WORK-092`.
- Add Core Route Admission Guard to `CONTEXT.md`.
- Define `core_route_admission_status: not_admitted`.
- Define `guard_status: blocked`.
- Define `blocked_reason: active_or_conflicting_core_work_present`.
- Define `ready_for_core_route_review: true`.
- Define `recommended_next_decision: open_governed_core_prd_route`.
- Require that recommendation to be candidate-only until the Core Route Admission Guard passes.
- Require `idle_governed_core_route_required: true`.
- Require `no_active_conflicting_core_worktree_required: true`.
- Require S135 conflict avoidance when `core/worktrees/core-keyvault-authmd-promotion-135` or `CORE-WORK-172` is active.
- Require read-only checks before any future Core route request: Core worktree list, Core main status, Core active worktree status, Core Sequence Protocol route, and running Core validation processes.
- Require the guard to fail closed when ownership is uncertain.
- Require `do_not_touch_other_agent_work: true`.
- Require no Core mutation.
- Require no Core reservation.
- Require no Core promotion.
- Require Do not mutate `../core/`.
- Require Core validator coverage.
- No Core mutation occurs.
- No Core reservation occurs.
- No Core promotion occurs.
- Require runtime_default_activation: false.
- Require core_promotion_status: not-promoted.
- Require the next allowed action to be `wait_or_open_later_core_route_when_idle`.
## Non-Goals
- Do not mutate Core.
- Do not mutate another agent worktree.
- Do not stop another agent process.
- Do not reserve Core.
- Do not open a Core PRD.
- Do not promote CTO artifacts into Core.
- Do not activate Case as default backend.
- Do not run Case.
- Do not mutate target repositories.
- Do not push, merge, deploy, close, PR open, issue close, public publication, vendor-source mutation, external developer repository mutation, unowned repository mutation, endpoint exposure, secret exposure, credential exposure, or raw Target Repository content exposure.
## User Stories
1. As JP, I want CTO to refuse Core-route work when another agent owns the active Core lane, so other work is not disturbed.
2. As CTO, I want a fail-closed admission check, so a ready packet cannot become Core mutation authority.
3. As a future Core agent, I want explicit route prerequisites, so Core review starts only from a clean and selected route.
4. As Cortex OS Core, I want Core Sequence Protocol authority preserved, so child-local readiness cannot override current Core work.
## Implementation Decisions
- Use the existing CTO SOT plus validator seam; no runtime module is added.
- The guard status is `blocked` because active or conflicting Core work was observed during route selection.
- The guard records admission checks as requirements, not as a live lock or Core reservation.
- The guard may be superseded only by a later governed Core route or a later CTO record showing Core is idle and selected.
## Testing Decisions
- Test through `python3 tools/validate_cto_child.py`.
- Validator coverage must require guard files, Workboard statuses, fail-closed language, and no-Core-mutation language.
- Core caveman prose discipline remains required before final claim.
- No Core aggregate validation is required because this slice does not edit Core.
## Challenge Review
- `$zoom-out`: accepted. The guard sits between the CTO Core Promotion Decision Packet and any future Core PRD route.
- `$improve-codebase-architecture`: accepted. A SOT plus validator guard is the right seam; a live lock would create Core behavior from CTO.
- `$grill-with-docs`: accepted. The canonical term is Core Route Admission Guard.
- Rejected feedback: continue the active Core S135 worktree. JP explicitly said not to touch other agent work.
- Rejected feedback: create a Core reservation. CTO has no authority to reserve Core from child-local planning.
## Acceptance Criteria
- `WORKBOARD.yaml` records `CTO-WORK-089`, `CTO-WORK-090`, `CTO-WORK-091`, and `CTO-WORK-092` as validated.
- `CONTEXT.md` defines Core Route Admission Guard.
- Guard records `core_route_admission_status: not_admitted`.
- Guard records `guard_status: blocked`.
- Guard records `blocked_reason: active_or_conflicting_core_work_present`.
- Guard records `do_not_touch_other_agent_work: true`.
- Guard records `ready_for_core_route_review: true`.
- Guard records `runtime_default_activation: false`.
- Guard records `core_promotion_status: not-promoted`.
- Guard records `next_allowed_action: wait_or_open_later_core_route_when_idle`.
- Guard records `recommended_next_decision: open_governed_core_prd_route`.
- Guard records `idle_governed_core_route_required: true`.
- Guard records `no_active_conflicting_core_worktree_required: true`.
- Guard states no Core mutation, no Core reservation, no Core promotion, and no runtime default activation occur.
- Guard requires future read-only checks before any Core route request.
- CTO validator checks PRD, issues, guard, closeout, and Workboard statuses.
## Validation
- `python3 tools/validate_cto_child.py`
- `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py`
## Risks And Dependencies
- The guard can be mistaken for Core authority. Mitigation: validator requires not-promoted status and no Core reservation language.
- Core state can change after this record. Mitigation: future route requests must re-check Core state read-only.
- Another agent's process can be misidentified. Mitigation: ownership uncertainty blocks rather than authorizes action.
## Success Definition
CTO has a validated child-local guard that prevents the Core Promotion Decision Packet from becoming a Core route request while Core has active or conflicting work. Core promotion remains not-promoted and runtime default activation remains false.

71
.sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD.md
View File

@ -1,71 +0,0 @@
---
name: CTO Core Route Admission Guard
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-02
last_reviewed: 2026-06-02
core_promotion_status: not-promoted
source: .sot/03-PROTOCOLS/CTO-CORE-ROUTE-ADMISSION-GUARD-ISSUES.md
---
# CTO Core Route Admission Guard
Local planning SOT only. Not a Core Protocol. Not active Core authority.
Core Route Admission Guard.
## Workboard
- `CTO-WORK-089`
- `CTO-WORK-090`
## Route State
- core_route_admission_status: not_admitted
- guard_status: blocked
- blocked_reason: active_or_conflicting_core_work_present
- do_not_touch_other_agent_work: true
- ready_for_core_route_review: true
- recommended_next_decision: open_governed_core_prd_route
- next_allowed_action: wait_or_open_later_core_route_when_idle
- idle_governed_core_route_required: true
- no_active_conflicting_core_worktree_required: true
- runtime_default_activation: false
- core_promotion_status: not-promoted
- No Core mutation occurs.
- No Core reservation occurs.
- No Core promotion occurs.
- Do not mutate `../core/`.
- Runtime default activation remains false.
- Do not activate Case as default backend.
- This guard does not authorize another Case run.
## Admission Checks Required Before Future Core Route Request
- Core worktree list read-only check.
- Core main status read-only check.
- Active Core worktree status read-only check.
- Core Sequence Protocol route check.
- Running Core validation process check.
- Idle governed Core route check.
- No active conflicting Core worktree check.
- S135 conflict avoidance check for `CORE-WORK-172` and `core/worktrees/core-keyvault-authmd-promotion-135`.
- Core validator coverage check after a future Core route exists.
- Ownership uncertainty blocks action.
## Blocked Actions
- Do not mutate Core.
- Do not mutate another agent worktree.
- Do not stop another agent process.
- Do not reserve Core.
- Do not open a Core PRD from CTO.
- Do not promote CTO artifacts into Core.
- Do not activate Case as default backend.
- Do not run Case.
- Do not mutate target repositories.
## Decision
The CTO Core Promotion Decision Packet remains ready for Core review, but `recommended_next_decision: open_governed_core_prd_route` is candidate-only. Core route admission is blocked until a later read-only check proves Core is idle or explicitly selected by Core authority.

70
.sot/03-PROTOCOLS/CTO-ENDGOAL-COMPLETION-AUDIT-CLOSEOUT.md
View File

@ -1,70 +0,0 @@
---
name: CTO Endgoal Completion Audit Closeout
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Endgoal Completion Audit Closeout
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Workboard
- `CTO-WORK-077`
## Result
- CTO endgoal completion audit
- status: validated
- completion_status: complete
- active goal completion evidence recorded
- transportability proof sufficient
- transportability evidence: repo-backed routes, remote plugin sync, validators, and no vendor edits
- Runtime default activation remains false.
- Do not activate Case as default backend.
- This audit does not authorize another Case run.
## Requirement Audit
| Requirement | Status | Evidence |
| --- | --- | --- |
| Cortex governs | proven | Local planning SOT states not Core authority; Core promotion remains not-promoted. |
| Hermes controls | proven | `CTO-WORK-075` records remote sync and temporary Hermes WebUI boot smoke. |
| CTO routes | proven | CTO workboard records validated route sequence through `CTO-WORK-075`. |
| Harness proves | proven | Stage 6 candidate-default evidence and `CTO-WORK-071` governed execution evidence reference Harness artifacts. |
| Case executes only after proof | proven | `CTO-WORK-069` approval and `CTO-WORK-071` consumed execution evidence bind one approved run. |
| Bounded code changes with evidence | proven | `CTO-WORK-071` records changed files, allowed paths passed, forbidden paths passed, and `3 passed`. |
| Target repos stay owned and protected | proven | `CTO-WORK-071` records owned target repo, clean start, clean end, and allowed paths. |
| Default status is earned not assumed | proven | Stage 6 candidate-default evidence exists and Runtime default activation remains false. |
| Candidate-default evidence | proven | Stage 6 candidate-default evidence and real-governed refresh evidence are validated. |
| Transportable CTO stack | proven | Repo-backed SOT, synced Hermes plugin, documented routes, validators, and no upstream vendor edits make the stack transportable enough for this stage. |
## Evidence References
- CTO-WORK-071
- CTO-WORK-075
- Stage 6 candidate-default evidence
- `python3 tools/validate_cto_child.py`: passed
- Hermes plugin `python3 -m pytest tests/ -q`: `108 passed`
- Stage 5 target `python3 -m pytest -q`: `3 passed`
## Decision
The CTO endgoal is complete under the pragmatic transportability standard. Next ROI is optional hardening, not required completion work.
## Validator Summary Phrases
- CTO-WORK-076
- Cortex governs: proven
- Hermes controls: proven
- CTO routes: proven
- Harness proves: proven
- Case executes only after proof: proven
- bounded code changes with evidence: proven
- target repos stay owned and protected: proven
- default status is earned not assumed: proven
- candidate-default evidence: proven

69
.sot/03-PROTOCOLS/CTO-ENDGOAL-COMPLETION-AUDIT-ISSUES.md
View File

@ -1,69 +0,0 @@
---
name: CTO Endgoal Completion Audit Issues
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Endgoal Completion Audit Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue: CTO-WORK-076 - CTO Endgoal Completion Audit PRD
Status: validated.
Acceptance:
- Define CTO endgoal completion audit.
- Require requirement-by-requirement evidence mapping.
- Require material gaps to become follow-up work.
- Record completion only when every requirement is proven under the pragmatic transportability standard.
- State: Do not activate Case as default backend.
- State: This audit does not authorize another Case run.
## Issue: CTO-WORK-077 - CTO Endgoal Completion Audit Closeout
Status: validated.
Acceptance:
- Record CTO endgoal completion audit.
- Record `completion_status: complete`.
- Record `transportability proof sufficient`.
- Record `transportability evidence: repo-backed routes, remote plugin sync, validators, and no vendor edits`.
- Reference `CTO-WORK-071`.
- Reference `CTO-WORK-075`.
- Reference Stage 6 candidate-default evidence.
- State active goal completion evidence recorded.
- State Runtime default activation remains false.
## Issue: CTO-WORK-078 - CTO Transportability Proof PRD
## Required Phrases
- CTO endgoal completion audit
- CTO-WORK-076
- CTO-WORK-077
- completion_status: complete
- transportability proof sufficient
- transportability evidence: repo-backed routes, remote plugin sync, validators, and no vendor edits
- active goal completion evidence recorded
- Cortex governs: proven
- Hermes controls: proven
- CTO routes: proven
- Harness proves: proven
- Case executes only after proof: proven
- bounded code changes with evidence: proven
- target repos stay owned and protected: proven
- default status is earned not assumed: proven
- candidate-default evidence: proven
- Runtime default activation remains false.
- CTO-WORK-071
- CTO-WORK-075
- Stage 6 candidate-default evidence
- Do not activate Case as default backend.
- This audit does not authorize another Case run.

86
.sot/03-PROTOCOLS/CTO-ENDGOAL-COMPLETION-AUDIT-PRD.md
View File

@ -1,86 +0,0 @@
---
name: CTO Endgoal Completion Audit PRD
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Endgoal Completion Audit PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
The CTO product surface has strong local evidence: staged Case proof, governed Stage 5 execution, consumed approval display, Hermes WebUI smoke, and synced plugin state. The active endgoal includes a transportable CTO stack. Transportable means repo-backed SOT, synced plugin code, documented entrypoints, validators, and no hidden vendor-source edits; it does not require a separate packaging project in this slice.
## Solution
Record a requirement-by-requirement endgoal audit. Mark proven requirements as validated by existing evidence. Record pragmatic transportability evidence from repo-backed SOT, remote plugin sync, validators, and no vendor edits.
## Scope
- Audit Cortex governs.
- Audit Hermes controls.
- Audit CTO routes.
- Audit Harness proves.
- Audit Case executes only after proof.
- Audit bounded code changes with evidence.
- Audit target repositories stay owned and protected.
- Audit default status is earned, not assumed.
- Audit candidate-default evidence and runtime default separation.
- Audit transportable CTO stack proof.
## Non-goals
- Do not activate Case as default backend.
- Do not activate Case as default backend.
- Do not rerun Case.
- Do not mutate target repositories.
- Do not promote child-local CTO SOT into Core.
- Do not edit upstream `hermes-webui`.
- Do not edit upstream `hermes-agent`.
## Acceptance Criteria
- `WORKBOARD.yaml` records `CTO-WORK-076` and `CTO-WORK-077` as validated.
- The closeout states `completion_status: complete`.
- The closeout records `transportability proof sufficient`.
- The closeout records `transportability evidence: repo-backed routes, remote plugin sync, validators, and no vendor edits`.
- The closeout references `CTO-WORK-075` remote sync and live smoke evidence.
- The closeout references `CTO-WORK-071` governed execution evidence.
- The closeout references Stage 6 candidate-default evidence.
- The closeout states Runtime default activation remains false.
- The closeout states the active goal completion evidence recorded.
## Validation
- `python3 tools/validate_cto_child.py`
- `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py`
## Required Evidence
- CTO endgoal completion audit
- CTO-WORK-076
- CTO-WORK-077
- completion_status: complete
- transportability proof sufficient
- transportability evidence: repo-backed routes, remote plugin sync, validators, and no vendor edits
- active goal completion evidence recorded
- Cortex governs: proven
- Hermes controls: proven
- CTO routes: proven
- Harness proves: proven
- Case executes only after proof: proven
- bounded code changes with evidence: proven
- target repos stay owned and protected: proven
- default status is earned not assumed: proven
- candidate-default evidence: proven
- Runtime default activation remains false.
- CTO-WORK-071
- CTO-WORK-075
- Stage 6 candidate-default evidence
- Do not activate Case as default backend.
- This audit does not authorize another Case run.

123
.sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-APPROVAL-PACKET.md
View File

@ -1,123 +0,0 @@
---
name: cto-first-real-governed-workflow-approval-packet
tier: local
status: validated
owner: jp
source: .sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-ISSUES.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local approval packet for the first real governed CTO workflow execution.
---
# CTO First Real Governed Workflow Approval Packet
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Status
Status: validated as an approval packet only.
This packet does not authorize execution. `CTO-WORK-049` remains candidate until JP approves the exact Target Repository and task contract.
## Proposed Target Repository
- Target Repository: `/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox`
- Admission source: `.sot/03-PROTOCOLS/CTO-CASE-STAGE5-TARGET-REPOSITORY-ADMISSION.json`
- Admission status: `admitted`
- Repository owner: `jp`
- Risk classification: `low_risk_noncritical`
- Current observed state: clean `main` branch before approval packet creation
## Proposed Task Contract
Task: align `src/strings.py` `slugify` behavior with the already-proven root `strings.py` implementation and add coverage for repeated and outer whitespace.
Allowed paths:
- `src/strings.py`
- `test_strings.py`
Forbidden actions:
- push
- merge
- deploy
- close
- pr_open
- issue_close
- public_publication
- credential_change
- vendor_source_mutation
- cortex_core_mutation
Forbidden paths:
- `.env`
- `.env.*`
- `secrets/`
- `credentials/`
- `deploy/`
- `infra/`
- `.github/workflows/`
- `.git/`
Success criteria:
- `src/strings.py` uses whitespace-splitting slug behavior equivalent to root `strings.py`.
- `test_strings.py` includes coverage for repeated spaces and outer spaces through the `src.strings` implementation.
- Target repository ends clean after Harness post-processing.
- Harness Evidence Interface artifacts exist.
- Hermes Control Surface can expose replay paths after execution.
- Runtime default activation remains false.
Validation command:
```bash
python3 -m pytest -q
```
Rollback expectation:
- Revert the single target commit created by the Harness if JP rejects the operator outcome.
- Do not push, merge, deploy, publish, or open a PR.
## Required Approval
Before execution, JP must approve this exact sentence:
```text
I approve CTO-WORK-049 against /home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox for the src/strings.py slugify alignment task.
```
Without that exact approval, execution remains blocked.
## Execution Gate
Execution must use only the CTO Harness Case seam with:
- `CTO_HARNESS_ALLOW_CASE=1`
- `CTO_HARNESS_CASE_STAGE=5`
- `CTO_HARNESS_CASE_STAGE5_TARGET_ADMISSION_FILE` pointing to the admitted Target Repository record
- `CTO_HARNESS_CASE_STAGE5_OPERATOR_OUTCOME` recorded after verification
Case must not choose target, scope, authority, approval, success criteria, or default status.
## Evidence Required After Execution
- `report.json`
- `report.md`
- `events.normalized.jsonl`
- `trace.jsonl`
- `patch.diff`
- `test.log`
- backend logs
- artifact digests
- freshness proof
- stage5 owned repo proof
- Hermes Control Surface summary path
## Non-Authority Notice
This approval packet is child-local planning. It does not promote CTO artifacts into Core, does not activate Case as default backend, and does not authorize mutation before JP approval.

89
.sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-EXECUTION-ATTEMPT.md
View File

@ -1,89 +0,0 @@
---
name: cto-first-real-governed-workflow-execution-attempt
tier: local
status: blocked
owner: jp
source: .sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-ISSUES.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local evidence record for the first approved CTO-WORK-049 execution attempt.
---
# CTO First Real Governed Workflow Execution Attempt
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Scope
Work item: `CTO-WORK-049`
Approved target:
```text
/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox
```
Approved task:
```text
src/strings.py slugify alignment task
```
Approval text supplied by JP on 2026-06-01:
```text
I approve CTO-WORK-049 against /home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox for the src/strings.py slugify alignment task.
```
## Attempt
Command class: CTO Harness Case Stage 5 seam.
Runtime default activation: false.
Target mutation: none.
Harness run:
```text
/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T103932Z-r1-string-slugify-137131/report.json
```
Backend evidence:
```text
/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T103932Z-r1-string-slugify-137131/backend/provider-unavailable.txt
```
## Result
Status: blocked.
Reason: the shell resolved `case` as a shell keyword, not an executable Case CLI. The Harness therefore failed closed before Case process start and before target mutation.
Observed Harness facts:
- target repository admission status: `admitted`
- target repository start clean: true
- target repository ending clean: true
- changed files: none
- tests command recorded: `python3 -m pytest -q`
- tests passed: true
- Case process started: false
- backend exit code class: provider unavailable
## Decision
Do not mark `CTO-WORK-049` validated.
Do not patch the target by hand.
Do not use fake or shell-keyword resolution as Case proof.
Next useful step is to provide or build an executable Case CLI path and rerun the same approved Harness seam.
## Non-Authority Notice
This record is child-local planning evidence. It does not promote CTO artifacts into Core, does not activate Case as default backend, and does not authorize any broader target mutation.

101
.sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-ISSUES.md
View File

@ -1,101 +0,0 @@
---
name: cto-first-real-governed-workflow-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-PRD.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for the first real governed CTO workflow delegation.
---
# CTO First Real Governed Workflow Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue Sequence
### CTO-WORK-048 - First Real Governed Workflow PRD
Type: AFK
Status: validated.
Blocked by: CTO-WORK-047
What to build: Define the gated route for one real governed coding workflow without executing it or changing backend default status.
Acceptance criteria:
- [x] PRD requires precise brief or issue.
- [x] PRD requires current Target Repository admission.
- [x] PRD requires JP/Hermes approval before mutation.
- [x] PRD requires Case execution through CTO Harness only.
- [x] PRD requires Harness Evidence Interface artifacts for acceptance.
- [x] PRD requires Hermes Control Surface replay paths after execution.
- [x] PRD keeps runtime default activation false.
- [x] Local CTO validator checks the PRD.
Validator: `python3 tools/validate_cto_child.py`
### CTO-WORK-049 - First Real Governed Workflow Execution
Type: HITL
Status: candidate.
Blocked by: CTO-WORK-048
What to build: Execute one bounded real coding task through CTO, Hermes approval, CTO Harness, and Case, then record evidence without activating Case as default.
Acceptance criteria:
- [ ] A concrete owned low-risk Target Repository is selected.
- [ ] Target Repository admission is current and references no secrets.
- [ ] A precise task contract exists with allowed paths, forbidden actions, success criteria, validation command, and rollback expectation.
- [ ] JP/Hermes approval is recorded before mutation.
- [ ] Case runs only through CTO Harness.
- [ ] Runtime default activation remains false.
- [ ] Harness Evidence Interface artifacts exist and pass focused validation.
- [ ] Hermes Control Surface exposes replay paths for the run.
- [ ] Operator acceptance or rejection is recorded after verification.
- [ ] Aggregate Harness health passes once before merge and once after merge.
Validator: future focused real-workflow Harness validator, then `harness/evals/health.sh --json`.
Human gate: JP must approve the concrete Target Repository and task contract before execution.
Readiness packet:
- `CTO-WORK-050` defines the proposed Target Repository, task contract, allowed paths, forbidden actions, validation command, rollback expectation, and exact JP approval sentence.
- `CTO-WORK-049` remains candidate until that approval is given and runtime evidence exists.
### CTO-WORK-050 - First Real Governed Workflow Approval Packet
Type: HITL
Status: validated.
Blocked by: CTO-WORK-049
What to build: Define the exact approval packet for the first real governed workflow without mutating the Target Repository.
Acceptance criteria:
- [x] Packet names the concrete Target Repository.
- [x] Packet references the existing Target Repository admission source.
- [x] Packet defines a precise task contract.
- [x] Packet defines allowed paths.
- [x] Packet defines forbidden actions and forbidden paths.
- [x] Packet defines validation command.
- [x] Packet defines rollback expectation.
- [x] Packet provides exact JP approval sentence.
- [x] Packet states execution remains blocked without approval.
Validator: `python3 tools/validate_cto_child.py`
## Granularity Check
This is intentionally two slices. `CTO-WORK-048` is planning and route definition. `CTO-WORK-049` is the first real execution and remains candidate because it needs JP approval and runtime target selection.

93
.sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-PASS-EVIDENCE.md
View File

@ -1,93 +0,0 @@
---
name: cto-first-real-governed-workflow-pass-evidence
tier: local
status: validated
owner: jp
source: .sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-ISSUES.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local evidence that CTO-WORK-049 passed through the governed CTO Harness Case seam.
---
# CTO First Real Governed Workflow Pass Evidence
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Result
Status: validated.
Work item: `CTO-WORK-049`
Approved target:
```text
/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox
```
Approved task:
```text
src/strings.py slugify alignment task
```
Target commit:
```text
7706f99 fix(strings): align src.slugify with root behavior, add whitespace tests
```
Harness pass report:
```text
/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/report.json
```
Stage 5 proof:
```text
/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/stage5-owned-repo-proof.json
```
Hermes fix commit:
```text
9806400 Fix Case Stage 5 baseline supervisor
```
## Evidence Facts
- target repository admission status: `admitted`
- target repository start clean: true
- target repository ending clean: true
- Case process started: true
- changed files: `src/strings.py`, `test_strings.py`
- allowed paths passed: true
- forbidden paths passed: true
- forbidden actions attempted: false
- public publication attempted: false
- push, merge, deploy, close, PR open attempted: false
- validation command: `python3 -m pytest -q`
- validation passed: true
- operator outcome: `accepted`
- runtime default activation: false
## Root Cause Fixed
The Stage 5 lifecycle supervisor previously treated any repository with more than one commit as ready to stop Case after a clean commit state. The owned Stage 5 target already had history, so the supervisor killed Case before the approved task diff existed.
Hermes now passes the captured baseline HEAD into the Case engine and stops only after `HEAD != baseline_head` with a clean worktree.
The Stage 5 validator now uses a target repository with existing history so this failure class is covered.
## Decision
`CTO-WORK-049` is validated as the first real governed workflow execution.
Case remains a gated adapter behind CTO Harness.
Runtime default activation remains false.
This evidence does not promote CTO artifacts into Core and does not authorize broader target mutation.

106
.sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-PRD.md
View File

@ -1,106 +0,0 @@
---
name: cto-first-real-governed-workflow-prd
tier: local
status: validated
owner: jp
source: WORKBOARD.yaml next ROI after CTO-WORK-047
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local PRD for the first real governed workflow delegation through CTO, Hermes, Harness, and Case.
---
# CTO First Real Governed Workflow PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
The CTO product surface has proof through Stage 6 and a Hermes-facing control summary, but it has not yet proven one real governed workflow from precise brief to bounded code change using the full operator path.
The next useful proof is not another synthetic stage. It is one low-risk real task that shows Cortex governs, Hermes controls, CTO routes, Harness proves, and Case executes only after proof and approval.
## Solution
Define a first real Governed Workflow Delegation route. The route must start from a precise task contract, use an explicitly admitted owned low-risk Target Repository, require JP approval before mutation, execute only through the CTO Harness Case seam, and accept completion only from Harness Evidence Interface artifacts.
This PRD does not run the workflow. It defines the gates required before `CTO-WORK-049` may execute.
## Scope
- Define the first real governed workflow route.
- Require a precise brief, PRD or issue, architecture notes when relevant, allowed paths, forbidden actions, success criteria, validation command, and rollback expectation.
- Require Target Repository admission to be current, owned, noncritical, and low risk.
- Require Hermes/operator approval before mutation.
- Require CTO to select only an eligible backend.
- Require Case to execute only behind the CTO Harness seam.
- Require Harness Evidence Interface artifacts for acceptance.
- Require Hermes Control Surface replay paths after execution.
- Keep runtime default activation false.
## Non-Goals
- Do not activate Case as default backend.
- Do not promote CTO artifacts into Core.
- Do not execute against Cortex Core, vendor source, external developer repositories, production repositories, critical repositories, or unowned repositories.
- Do not allow push, merge, deploy, close, PR open, issue close, public publication, credential change, or infrastructure mutation.
- Do not treat model/provider availability as proof of workflow safety.
- Do not let Case choose its own target, scope, authority, approval, or success criteria.
## User Stories
1. As JP, I want one real governed coding workflow, so that the CTO product surface proves end-to-end usefulness beyond synthetic fixtures.
2. As Cortex, I want the workflow bounded by existing SOT and validator discipline, so that execution does not create authority drift.
3. As Hermes, I want approval and replay paths, so that operator control is visible before and after mutation.
4. As CTO, I want backend eligibility checked before execution, so that routing is explicit and reversible.
5. As Harness, I want all acceptance to come from standard artifacts, so that success is evidence-backed and auditable.
6. As a Target Repository owner, I want allowed-path and forbidden-action enforcement, so that the workflow cannot widen scope during execution.
## Acceptance Criteria
- `CTO-WORK-049` stays candidate until a concrete Target Repository and task contract are admitted.
- The route requires a precise brief or issue before execution.
- The route requires current Target Repository admission.
- The route requires JP/Hermes approval before mutation.
- The route requires Case execution through CTO Harness only.
- The route requires runtime default activation to remain false.
- The route requires allowed-path and forbidden-action proof.
- The route requires tests or an explicit no-test rationale before acceptance.
- The route requires Harness Evidence Interface artifacts: `report.json`, `report.md`, `events.normalized.jsonl`, `trace.jsonl`, `patch.diff`, `test.log`, backend logs, artifact digests, and freshness proof.
- The route requires Hermes Control Surface replay paths after execution.
- The route requires operator acceptance or rejection after verification.
- The route fails closed for missing approval, missing target admission, dirty starting tree, disallowed path, forbidden action, failed validation, provider failure, timeout, dirty ending tree, or missing operator outcome.
- Local CTO validator checks this PRD and issue artifact.
## Validation
Planning validator:
```bash
python3 tools/validate_cto_child.py
```
Execution validator for `CTO-WORK-049` is not satisfied by this PRD. It must be a future focused Harness command that proves the real workflow artifact path and then `harness/evals/health.sh --json` once before merge and once after merge.
## Risks
- Overclaiming this PRD as execution proof. Mitigation: keep `CTO-WORK-049` candidate.
- Target scope drift. Mitigation: require admission, allowed paths, and forbidden actions before mutation.
- Approval drift. Mitigation: require JP/Hermes approval before mutation and operator outcome after verification.
- Evidence drift. Mitigation: accept only Harness Evidence Interface artifacts.
- Default drift. Mitigation: runtime default activation remains false.
## Dependencies
- `CTO-WORK-043` Stage 6 candidate-default comparison is validated.
- `CTO-WORK-045` Hermes Control Surface summary is validated.
- `CTO-WORK-047` architecture brief closeout is validated.
- A concrete owned low-risk Target Repository is selected and admitted.
- A precise task contract exists.
- Runtime Case/provider configuration is available without committing secrets or endpoint values.
- JP approval is recorded before mutation.
## Success Definition
This PRD succeeds when the first real Governed Workflow Delegation route is specified as a candidate execution item with all gates explicit, no authority drift, no default activation, and no execution claim before runtime evidence exists.

97
.sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-SCOPE-CASE-EVIDENCE.md
View File

@ -1,97 +0,0 @@
---
name: cto-first-real-governed-workflow-scope-case-evidence
tier: local
status: blocked
owner: jp
source: .sot/03-PROTOCOLS/CTO-FIRST-REAL-GOVERNED-WORKFLOW-ISSUES.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local evidence for the approved CTO-WORK-049 src slugify Harness case and real Case no-diff blocker.
---
# CTO First Real Governed Workflow Scope Case Evidence
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Scope
Work item: `CTO-WORK-049`
Approved target:
```text
/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox
```
Approved task:
```text
src/strings.py slugify alignment task
```
## Harness Fix
Hermes commit:
```text
59d4d2e Add Stage 5 src slugify case
```
What changed:
- added Harness case `r1-src-string-slugify`
- registered it in `harness/harness.yaml`
- made the Case task contract derive `filesChanged` from case `allowed_writes`
- kept runtime default activation false
Why it mattered:
The previous Harness case `r1-string-slugify` targeted root `strings.py`. The approved task targets `src/strings.py` and `test_strings.py`. Reusing the root case was not evidence for the approved task.
## Evidence
Focused fake proof:
```text
/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T104749Z-r1-src-string-slugify-160593/report.json
```
Post-merge aggregate proof:
```text
/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T104911Z-run-all-fake-167794/report.json
```
Real Case approved-scope run:
```text
/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T104818Z-r1-src-string-slugify-163262/report.json
```
Observed real Case facts:
- executable `ca` path was found
- local provider config was supplied from Hermes runtime config without writing endpoint value to SOT
- Case process started: true
- required events passed: true
- target repository start clean: true
- target repository ending clean: true
- changed files: none
- tests passed because existing root-path tests still pass
- Stage 5 proof failed because no approved target diff was produced
## Decision
Do not mark `CTO-WORK-049` validated.
Do not patch the target by hand.
Do not treat Case process start as success.
Next useful step is backend behavior diagnosis: why `ca run --task` exits under Harness supervision without producing the required target diff or useful stdout/stderr.
## Non-Authority Notice
This record is child-local planning evidence. It does not promote CTO artifacts into Core, does not activate Case as default backend, and does not authorize any broader target mutation.

78
.sot/03-PROTOCOLS/CTO-GOVERNED-EXECUTION-APPROVAL-ISSUES.md
View File

@ -1,78 +0,0 @@
---
name: CTO Governed Execution Approval Issues
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Governed Execution Approval Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue: CTO-WORK-068 - Governed Execution Approval PRD
Status: validated.
Acceptance:
- Define governed execution approval as a single-task approval capture.
- Preserve the exact approval packet.
- Record `approval_granted: true`.
- Record `execution_allowed: true`.
- Record `execution_scope: one approved Harness run only`.
- Preserve the admitted target repository.
- Preserve allowed paths.
- Preserve the Harness command.
- State: Runtime default activation remains false.
- State: Do not activate Case as default backend.
- State: Do not mutate any path outside the allowed paths.
- State: Do not edit upstream `hermes-agent`.
- State: Do not edit upstream `hermes-webui`.
- State: This record is not execution evidence.
## Issue: CTO-WORK-069 - Governed Execution Approval Record
Status: validated.
Acceptance:
- Create the governed execution approval record.
- Include the exact approval packet.
- Include `approval_granted: true`.
- Include `execution_allowed: true`.
- Include `execution_scope: one approved Harness run only`.
- Include `approval_source: JP chat approval`.
- Include the admitted target repository.
- Include allowed paths.
- Include the Harness command.
- State: Runtime default activation remains false.
- State: Do not activate Case as default backend.
- State: Do not mutate any path outside the allowed paths.
- State: Do not edit upstream `hermes-agent`.
- State: Do not edit upstream `hermes-webui`.
- State: This record is not execution evidence.
## Exact Approval Packet
```text
I approve CTO-WORK-049 against /home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox for the src/strings.py slugify alignment task.
```
- governed execution approval
- single-task approval capture
- exact approval packet
- approval_granted: true
- execution_allowed: true
- execution_scope: one approved Harness run only
- admitted target repository
- allowed paths
- Harness command
- Runtime default activation remains false.
- Do not activate Case as default backend.
- Do not mutate any path outside the allowed paths.
- Do not edit upstream `hermes-agent`.
- Do not edit upstream `hermes-webui`.
- This record is not execution evidence.

85
.sot/03-PROTOCOLS/CTO-GOVERNED-EXECUTION-APPROVAL-PRD.md
View File

@ -1,85 +0,0 @@
---
name: CTO Governed Execution Approval PRD
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Governed Execution Approval PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
The governed execution request records the exact target, paths, and command, but it intentionally keeps approval closed. The CTO stack needs a governed execution approval record before the next Harness run can mutate an owned Target Repository.
## Solution
Create a single-task approval capture for the exact approval packet already issued by JP. This governed execution approval permits one approved Harness run only and does not make Case a default backend.
## Scope
- Record the exact approval packet.
- Record `approval_granted: true`.
- Record `execution_allowed: true`.
- Record `execution_scope: one approved Harness run only`.
- Preserve the admitted target repository.
- Preserve the allowed paths.
- Preserve the Harness command.
- Preserve that this record is not execution evidence.
## Non-goals
- Do not execute Case in this approval-capture slice.
- Do not activate Case as default backend.
- Do not mutate any path outside the allowed paths.
- Do not edit upstream `hermes-agent`.
- Do not edit upstream `hermes-webui`.
- Do not promote this local record into Core authority.
## Acceptance Criteria
- `WORKBOARD.yaml` records `CTO-WORK-068` and `CTO-WORK-069` as validated.
- The governed execution approval includes the exact approval packet.
- The governed execution approval includes `approval_granted: true`.
- The governed execution approval includes `execution_allowed: true`.
- Runtime default activation remains false.
- The next execution is constrained to one approved Harness run only.
## Validation
- `python3 tools/validate_cto_child.py`
- `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py`
## Risks
The main risk is approval scope creep. The record prevents that by making the approval single-task, path-bound, and Harness-bound. This record is not execution evidence.
## Success Definition
CTO has a durable approval capture that can unlock the next real Harness execution slice without changing Core authority, runtime default state, or upstream vendor source.
## Required Approval Packet
```text
I approve CTO-WORK-049 against /home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox for the src/strings.py slugify alignment task.
```
- governed execution approval
- single-task approval capture
- exact approval packet
- approval_granted: true
- execution_allowed: true
- execution_scope: one approved Harness run only
- admitted target repository
- allowed paths
- Harness command
- Runtime default activation remains false.
- Do not activate Case as default backend.
- Do not mutate any path outside the allowed paths.
- Do not edit upstream `hermes-agent`.
- Do not edit upstream `hermes-webui`.
- This record is not execution evidence.

61
.sot/03-PROTOCOLS/CTO-GOVERNED-EXECUTION-APPROVAL-RECORD.md
View File

@ -1,61 +0,0 @@
---
name: CTO Governed Execution Approval Record
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Governed Execution Approval Record
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Workboard
- `CTO-WORK-069`
## Approval State
- governed execution approval
- single-task approval capture
- approval_source: JP chat approval
- approval_granted: true
- execution_allowed: true
- execution_scope: one approved Harness run only
- Runtime default activation remains false.
- This record is not execution evidence.
## Exact Approval Packet
- exact approval packet
```text
I approve CTO-WORK-049 against /home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox for the src/strings.py slugify alignment task.
```
## Admitted Target Repository
- admitted target repository: `/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox`
## Allowed Paths
- allowed paths: `src/strings.py`
- allowed paths: `test_strings.py`
## Harness Command
- Harness command: `python3 -m pytest -q`
## Guardrails
- Do not activate Case as default backend.
- Do not mutate any path outside the allowed paths.
- Do not edit upstream `hermes-agent`.
- Do not edit upstream `hermes-webui`.
- This record is not execution evidence.
## Next Allowed Action
The next allowed action is one approved Harness run against the admitted target repository for the approved `src/strings.py` slugify alignment task.

57
.sot/03-PROTOCOLS/CTO-GOVERNED-EXECUTION-EVIDENCE-CLOSEOUT.md
View File

@ -1,57 +0,0 @@
---
name: CTO Governed Execution Evidence Closeout
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Governed Execution Evidence Closeout
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Workboard
- `CTO-WORK-071`
## Result
- governed execution evidence
- one approved Harness run consumed
- status: validated
- CTO-WORK-049
- CTO-WORK-069
- r1-src-string-slugify
- Runtime default activation remains false.
- Do not activate Case as default backend.
- This closeout does not authorize another Case run.
## Target
- admitted target repository: `/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox`
- target commit: `7706f99b4ca4f1bd8c2d4e0a6d498f94f418b741`
- target repo current state checked
- target repository start clean: true
- target repository ending clean: true
## Harness Evidence
- Harness report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/report.json`
- Stage 5 proof: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/stage5-owned-repo-proof.json`
- case_process_started: true
- changed files: `src/strings.py`, `test_strings.py`
- allowed paths passed: true
- forbidden paths passed: true
- no forbidden actions: true
- operator outcome: `accepted`
## Current Target Validation
- command: `python3 -m pytest -q`
- result: `3 passed`
## Scope Guard
This closeout binds the prior approval to the single successful Harness run. It is not a new approval and does not authorize another Case run.

74
.sot/03-PROTOCOLS/CTO-GOVERNED-EXECUTION-EVIDENCE-ISSUES.md
View File

@ -1,74 +0,0 @@
---
name: CTO Governed Execution Evidence Issues
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Governed Execution Evidence Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue: CTO-WORK-070 - Governed Execution Evidence PRD
Status: validated.
Acceptance:
- Define governed execution evidence for the approved Stage 5 run.
- Bind `CTO-WORK-049` and `CTO-WORK-069`.
- Record that one approved Harness run consumed the approval.
- Require the Harness report and Stage 5 proof paths.
- Preserve Runtime default activation remains false.
- State: Do not activate Case as default backend.
- State: This closeout does not authorize another Case run.
## Issue: CTO-WORK-071 - Governed Execution Evidence Closeout
Status: validated.
Acceptance:
- Record governed execution evidence.
- Reference `r1-src-string-slugify`.
- Reference target commit `7706f99b4ca4f1bd8c2d4e0a6d498f94f418b741`.
- Reference `/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox`.
- Reference `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/report.json`.
- Reference `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/stage5-owned-repo-proof.json`.
- Record case_process_started: true.
- Record changed files: `src/strings.py`, `test_strings.py`.
- Record allowed paths passed: true.
- Record forbidden paths passed: true.
- Record target repository start clean: true.
- Record target repository ending clean: true.
- Record `python3 -m pytest -q`.
- Record `3 passed`.
- State: Runtime default activation remains false.
- State: Do not activate Case as default backend.
- State: This closeout does not authorize another Case run.
## Required Phrases
- governed execution evidence
- one approved Harness run consumed
- CTO-WORK-049
- CTO-WORK-069
- r1-src-string-slugify
- 7706f99b4ca4f1bd8c2d4e0a6d498f94f418b741
- /home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox
- /home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/report.json
- /home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/stage5-owned-repo-proof.json
- case_process_started: true
- changed files: `src/strings.py`, `test_strings.py`
- allowed paths passed: true
- forbidden paths passed: true
- target repository start clean: true
- target repository ending clean: true
- python3 -m pytest -q
- 3 passed
- Runtime default activation remains false.
- Do not activate Case as default backend.
- This closeout does not authorize another Case run.

78
.sot/03-PROTOCOLS/CTO-GOVERNED-EXECUTION-EVIDENCE-PRD.md
View File

@ -1,78 +0,0 @@
---
name: CTO Governed Execution Evidence PRD
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Governed Execution Evidence PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
The governed execution approval exists, and the approved Stage 5 run already produced Harness evidence. CTO needs a closeout that binds the approval record to the actual Harness evidence and prevents accidental rerun under the same single-task approval.
## Solution
Record governed execution evidence for `CTO-WORK-049` and `CTO-WORK-069`. Mark the approval as consumed by the existing `r1-src-string-slugify` Harness pass report.
## Scope
- Reference the pass report and Stage 5 proof.
- Reference the admitted target repository.
- Reference target commit `7706f99b4ca4f1bd8c2d4e0a6d498f94f418b741`.
- Record that one approved Harness run consumed the approval.
- Record the current target repo validation command and result.
- Preserve that Runtime default activation remains false.
## Non-goals
- Do not rerun Case.
- Do not activate Case as default backend.
- Do not authorize another Case run.
- Do not mutate target repositories in this closeout slice.
- Do not edit upstream `hermes-agent`.
- Do not edit upstream `hermes-webui`.
## Acceptance Criteria
- `WORKBOARD.yaml` records `CTO-WORK-070` and `CTO-WORK-071` as validated.
- The closeout references the Harness report.
- The closeout references the Stage 5 proof.
- The closeout states case_process_started: true.
- The closeout states changed files: `src/strings.py`, `test_strings.py`.
- The closeout states allowed paths passed: true and forbidden paths passed: true.
- The closeout records `python3 -m pytest -q` and `3 passed`.
- This closeout does not authorize another Case run.
## Validation
- `python3 tools/validate_cto_child.py`
- `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py`
## Required Evidence
- governed execution evidence
- one approved Harness run consumed
- CTO-WORK-049
- CTO-WORK-069
- r1-src-string-slugify
- 7706f99b4ca4f1bd8c2d4e0a6d498f94f418b741
- /home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox
- /home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/report.json
- /home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/stage5-owned-repo-proof.json
- case_process_started: true
- changed files: `src/strings.py`, `test_strings.py`
- allowed paths passed: true
- forbidden paths passed: true
- target repository start clean: true
- target repository ending clean: true
- python3 -m pytest -q
- 3 passed
- Runtime default activation remains false.
- Do not activate Case as default backend.
- This closeout does not authorize another Case run.

49
.sot/03-PROTOCOLS/CTO-GOVERNED-EXECUTION-REQUEST-ISSUES.md
View File

@ -1,49 +0,0 @@
---
name: CTO Governed Execution Request Issues
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Governed Execution Request Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue: CTO-WORK-066 - Governed Execution Request PRD
Status: validated.
Acceptance:
- Define the governed execution request scope.
- Require a non-mutating execution request record.
- Preserve the exact approval packet, admitted target repository, allowed paths, and Harness command.
- Record `approval_granted: false`.
- Record `execution_allowed: false`.
- State: Do not execute Case.
- State: Do not activate Case as default backend.
- State: Do not mutate target repositories.
- State: Runtime default activation remains false.
- State: JP approval is still required before execution.
## Issue: CTO-WORK-067 - Governed Execution Request Record
Status: validated.
Acceptance:
- Create the governed execution request record.
- Include the admitted target repository.
- Include allowed paths.
- Include the Harness command.
- Include proof pointers from prior Harness and Hermes evidence.
- Keep `approval_granted: false`.
- Keep `execution_allowed: false`.
- State: Do not execute Case.
- State: Do not activate Case as default backend.
- State: Do not mutate target repositories.
- State: Runtime default activation remains false.
- State: JP approval is still required before execution.

55
.sot/03-PROTOCOLS/CTO-GOVERNED-EXECUTION-REQUEST-PRD.md
View File

@ -1,55 +0,0 @@
---
name: CTO Governed Execution Request PRD
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Governed Execution Request PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem
The CTO stack has an exact approval packet and Hermes can show it, but there is no durable governed execution request that records the proposed action before any backend runs.
The next useful step is a governed execution request that creates a non-mutating execution request record. The record must preserve the exact approval packet, admitted target repository, allowed paths, Harness command, proof pointers, and blocked actions.
## Scope
- Create a local CTO planning record for the approved candidate task shape.
- Keep `approval_granted: false`.
- Keep `execution_allowed: false`.
- Name the admitted target repository and allowed paths.
- Name the Harness command that would run only after approval.
- Preserve that JP approval is still required before execution.
## Non-goals
- Do not execute Case.
- Do not activate Case as default backend.
- Do not mutate target repositories.
- Do not edit upstream `hermes-agent`.
- Do not edit upstream `hermes-webui`.
- Do not change Core authority.
## Acceptance Criteria
- `WORKBOARD.yaml` records `CTO-WORK-066` and `CTO-WORK-067` as validated.
- The governed execution request includes `approval_granted: false`.
- The governed execution request includes `execution_allowed: false`.
- Runtime default activation remains false.
- JP approval is still required before execution.
- Local validation checks the new record and its guardrails.
## Validation
- `python3 tools/validate_cto_child.py`
- `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py`
## Risk
The main risk is accidentally treating request creation as execution approval. The guardrail is explicit: Do not execute Case. Do not mutate target repositories. JP approval is still required before execution.

68
.sot/03-PROTOCOLS/CTO-GOVERNED-EXECUTION-REQUEST-RECORD.md
View File

@ -1,68 +0,0 @@
---
name: CTO Governed Execution Request Record
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Governed Execution Request Record
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Workboard
- `CTO-WORK-067`
## Request State
- governed execution request
- non-mutating execution request record
- approval_granted: false
- execution_allowed: false
- Runtime default activation remains false.
- JP approval is still required before execution.
## Exact Approval Packet
The exact approval packet remains the prior text:
```text
I approve CTO-WORK-049 against /home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox for the src/strings.py slugify alignment task.
```
This record does not grant that approval. It preserves the exact approval packet for later JP action.
## Admitted Target Repository
- admitted target repository: `/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox`
## Allowed Paths
- allowed paths: `src/strings.py`
- allowed paths: `test_strings.py`
## Harness Command
- Harness command: `python3 -m pytest -q`
## Required Evidence Pointers
- Approval packet evidence: `.sot/03-PROTOCOLS/CTO-HERMES-APPROVAL-PACKET-EVIDENCE.md`
- Stage 5 report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/report.json`
- Stage 5 target proof: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T105222Z-r1-src-string-slugify-180161/stage5-owned-repo-proof.json`
- Stage 6 replay comparison: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T112448Z-stage6-real-governed-refresh/stage6-real-governed-refresh-comparison.json`
## Blocked Actions
- Do not execute Case.
- Do not activate Case as default backend.
- Do not mutate target repositories.
- Do not edit upstream `hermes-agent`.
- Do not edit upstream `hermes-webui`.
## Next Allowed Action
The next allowed action is review of this governed execution request. Actual execution requires JP approval after this record is visible and validated.

163
.sot/03-PROTOCOLS/CTO-HARNESS-EVIDENCE-INTERFACE-CONTRACT.md
View File

@ -1,163 +0,0 @@
---
name: cto-harness-evidence-interface-contract
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-CANDIDATE-BACKEND-PRD.md
created: 2026-05-31
last_reviewed: 2026-05-31
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local contract for the stable CTO Harness evidence interface required before Case adapter execution.
---
# CTO Harness Evidence Interface Contract
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Purpose
Define the stable evidence interface that any future Case adapter must satisfy before execution work starts.
This contract makes the CTO Harness the owner of backend proof. Case may supply logs and results, but the CTO Harness must normalize, validate, and record evidence before any result can be trusted.
## Non-Authority Notice
This contract does not authorize Runtime behavior, WebUI Product behavior, Case execution, real-repo mutation, merge, deploy, push, close, vendor-source mutation, external developer repository mutation, or Core promotion.
## Interface Boundary
The Harness Evidence Interface is the only accepted proof surface for backend comparison.
Backend internals stay behind the harness seam. Case lifecycle phases, reviewer comments, raw provider logs, and backend-specific run metadata may be stored as raw artifacts, but callers must not need them to decide whether a run passed.
## Required Artifact Set
Every accepted backend run must produce these artifacts under one run artifact directory:
| Artifact | Required | Purpose |
| --- | --- | --- |
| `report.json` | yes | Machine-readable summary and evidence index. |
| `report.md` | yes | Human-readable summary. |
| `events.normalized.jsonl` | yes | Replayable normalized event stream. |
| `patch.diff` | yes | Exact source diff, even when empty for a fail-closed no-diff case. |
| `test.log` | yes | Verification output or explicit missing-test blocker. |
| `trace.jsonl` | yes | Harness-level trace of major actions and checks. |
| `backend/` | yes | Backend-specific raw logs and metadata. |
Artifacts must live outside tracked source by default. For Hermes CTO harness parity, the expected runtime root pattern is:
```text
~/.hermes/profiles/cto-planb/harness-runs/<run_id>/
```
## Required `report.json` Fields
`report.json` must include:
| Field | Meaning |
| --- | --- |
| `case_id` | Case or task identifier. |
| `run_id` | Unique run identifier. |
| `status` | `pass`, `fail`, or `blocked`. |
| `backend` | Backend adapter name. |
| `run_started_at` | UTC timestamp captured before backend work starts. |
| `run_finished_at` | UTC timestamp captured after harness checks finish. |
| `backend_exit_code` | Raw backend process exit code when applicable. |
| `artifacts_dir` | Run artifact directory. |
| `changed_files` | Files changed by the run. |
| `allowed_writes_passed` | Whether changed files stayed within allowed writes. |
| `approval_status` | `not-required`, `requested`, `granted`, or `denied`. |
| `verification` | Verification commands and pass/fail results. |
| `blockers` | Human-readable fail-closed blockers. |
| `artifact_paths` | Paths for required artifacts. |
| `artifact_digests` | SHA-256 digests for required artifacts. |
| `freshness` | Proof that artifacts were written or checked after `run_started_at`. |
Additional fields are allowed. Callers must not require additional fields unless a later governed contract updates this file.
## Digest Manifest
`artifact_digests` must include SHA-256 digests for:
- `report.json`;
- `events.normalized.jsonl`;
- `patch.diff`;
- `test.log`;
- `trace.jsonl`;
- each raw backend log required by the adapter contract.
Digest proof is not sufficient by itself. `freshness` must also show that each required artifact was written or checked after `run_started_at`.
## Required Normalized Events
Every accepted run must emit these normalized events in order where applicable:
1. `run.started`
2. `task.contract.created`
3. `plan.updated`
4. `approval.requested`
5. `approval.granted` or `approval.denied`
6. `patch.applied`
7. `git.diff.checked`
8. `verification.completed`
9. `run.completed`
Approval events are required only for mutation modes that need human approval. If approval is denied, the run must fail closed and emit `run.completed` with a failed or blocked status.
## Fail-Closed Semantics
The harness must fail closed for:
- no diff when a diff is required;
- disallowed file change;
- failed tests;
- missing test command;
- missing required event;
- backend reviewer reject;
- approval denied;
- timeout;
- dirty starting tree;
- dirty ending tree;
- artifact write failure;
- provider unavailable.
Each fail-closed result must record:
- blocker reason in `report.json`;
- normalized event when the failure class has an event;
- report status of `fail` or `blocked`;
- nonzero exit behavior where the adapter contract marks the failure executable.
## Approval Semantics
Case may recommend. Case must not approve itself.
The only accepted human approval signal is a CTO Harness or Hermes/operator approval event:
- `approval.requested`
- `approval.granted`
- `approval.denied`
Each approval event must include actor, scope, mutation mode, timestamp, and expiry when expiry is applicable.
No merge, push, deploy, close, or real-repo mutation is allowed without explicit task-contract permission.
## Adapter Acceptance Rule
A future Case adapter is not accepted until:
- `case` is registered as a gated engine;
- the harness accepts `--engine case` without a parallel runner path;
- the adapter is default-denied unless explicitly enabled;
- the adapter writes the required artifact set;
- the adapter satisfies required `report.json` fields;
- the adapter emits required normalized events;
- the adapter records digest and freshness proof;
- the adapter fails closed for the required failure classes.
## Validation Expectations
Current validation is planning-only and checks this contract exists.
Later adapter validation must add executable checks for artifact shape, event order, allowed writes, approval events, digest fields, freshness proof, and fail-closed fixture behavior.

57
.sot/03-PROTOCOLS/CTO-HERMES-APPROVAL-PACKET-EVIDENCE.md
View File

@ -1,57 +0,0 @@
---
name: CTO Hermes Approval Packet Evidence
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes Approval Packet Evidence
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Scope
This evidence closes `CTO-WORK-065`.
The implementation adds a read-only JP approval packet to the Hermes WebUI CTO control panel. It prepares copy/paste approval text from Harness evidence but does not approve execution, activate Case, or mutate target repositories.
## Implementation Evidence
- Hermes plugin commit: `a109448 Add CTO approval packet surface`
- API field: `approval_packet`
- API field: `approval_command_text`
- API field: required evidence paths
- API field: allowed paths
- API field: blocked actions
- API invariant: not executable
- UI surface: `static/cto_control_panel.js`
- Route surface: `routes/cto_control_summary.py`
## Validation Evidence
- Focused validation: `python3 -m pytest tests/unit/test_cto_control_summary.py tests/unit/test_cto_control_panel_static.py -q`
- Focused result: `5 passed`
- Aggregate validation before commit: `python3 scripts/ast-connection-map.py --check`
- Aggregate result before commit: `CONNECTION-MAP.md is fresh`
- Aggregate validation before commit: `python3 -m pytest tests/ -q`
- Aggregate result before commit: `103 passed, 4 skipped`
- Aggregate validation after merge: `python3 scripts/ast-connection-map.py --check`
- Aggregate result after merge: `CONNECTION-MAP.md is fresh`
- Aggregate validation after merge: `python3 -m pytest tests/ -q`
- Aggregate result after merge: `107 passed`
## Governance Evidence
- Harness-backed summary data remains the source of truth.
- Hermes prepares approval text; JP remains the approver.
- Case runtime default active: false
- target repository mutation: false
- upstream `hermes-webui` edited: false
- upstream `hermes-agent` edited: false
## Result
`CTO-WORK-065` is validated because Hermes can now prepare a JP approval packet while remaining read-only and non-executable.

55
.sot/03-PROTOCOLS/CTO-HERMES-APPROVAL-PACKET-ISSUES.md
View File

@ -1,55 +0,0 @@
---
name: CTO Hermes Approval Packet Issues
status: candidate
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes Approval Packet Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## CTO-WORK-064: Hermes WebUI JP Approval Packet PRD
Status: validated.
Acceptance criteria:
- PRD defines the JP approval packet scope.
- PRD keeps packet generation read-only.
- PRD includes `approval_packet`.
- PRD includes `approval_command_text`.
- PRD forbids executable approval buttons.
- PRD states Hermes prepares approval text; JP remains the approver.
## CTO-WORK-065: Hermes WebUI JP Approval Packet Surface
Status: candidate.
Implementation route:
- Add `approval_packet` to `/api/cto/control-summary`.
- Add `approval_command_text`.
- Add copy/paste approval packet text for JP.
- Include required evidence paths.
- Include allowed paths.
- Include blocked actions.
- Render copy/paste packet text in `cto_control_panel.js`.
- Add focused plugin tests.
- Record evidence after implementation.
Acceptance criteria:
- CTO control summary includes `approval_packet`.
- CTO control summary includes `approval_command_text`.
- CTO control summary includes required evidence paths.
- CTO control summary includes allowed paths.
- CTO control summary includes blocked actions.
- Do not add executable approval buttons.
- Do not activate Case as default backend.
- Do not mutate target repositories.
- Harness-backed summary data remains the source of truth.
- Hermes prepares approval text; JP remains the approver.

63
.sot/03-PROTOCOLS/CTO-HERMES-APPROVAL-PACKET-PRD.md
View File

@ -1,63 +0,0 @@
---
name: CTO Hermes Approval Packet PRD
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes Approval Packet PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem
Hermes now shows read-only JP approval state, but JP still needs a precise copy/paste approval packet that includes evidence paths, allowed paths, blocked actions, and the exact approval text. Without that, the handoff from proof to human approval is still manual and easy to distort.
## Scope
Add a read-only JP approval packet to the CTO control summary and panel:
- `approval_packet`
- `approval_command_text`
- required evidence paths
- allowed paths
- blocked actions
- proof-ready state
The packet prepares text for JP to copy/paste. It must not approve anything by itself.
## Non-goals
- Do not add executable approval buttons.
- Do not activate Case as default backend.
- Do not mutate target repositories.
- Do not edit upstream `hermes-webui`.
- Do not edit upstream `hermes-agent`.
- Do not change Cortex Core authority.
- Do not infer missing target repository admission beyond Harness evidence.
## Acceptance Criteria
- CTO control summary includes `approval_packet`.
- Approval packet includes `approval_command_text`.
- Approval packet includes required evidence paths.
- Approval packet includes allowed paths.
- Approval packet includes blocked actions.
- Approval packet is marked not executable.
- Hermes panel renders copy/paste approval text.
- Harness-backed summary data remains the source of truth.
- Hermes prepares approval text; JP remains the approver.
## Validation
- Focused plugin tests prove packet fields, fail-closed state, and static rendering hooks.
- Plugin aggregate tests pass before commit and after merge.
- CTO child validator records planning and evidence.
- S69 prose validator passes before report.
## Success Definition
Hermes can prepare a precise JP approval packet from Harness evidence without gaining approval authority or execution authority.

56
.sot/03-PROTOCOLS/CTO-HERMES-APPROVAL-STATE-EVIDENCE.md
View File

@ -1,56 +0,0 @@
---
name: CTO Hermes Approval State Evidence
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes Approval State Evidence
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Scope
This evidence closes `CTO-WORK-063`.
The implementation adds read-only JP approval state and next-action visibility to the Hermes WebUI CTO control panel. It does not add executable approval buttons, mutate target repositories, activate Case as default backend, or change Cortex authority.
## Implementation Evidence
- Hermes plugin commit: `154d835 Add CTO approval state surface`
- API field: `approval_required`
- API field: `approval_granted`
- API field: `execution_allowed`
- API field: allowed next actions
- API field: blocked next actions
- UI surface: `static/cto_control_panel.js`
- Route surface: `routes/cto_control_summary.py`
## Validation Evidence
- Focused validation: `python3 -m pytest tests/unit/test_cto_control_summary.py tests/unit/test_cto_control_panel_static.py -q`
- Focused result: `5 passed`
- Aggregate validation before commit: `python3 scripts/ast-connection-map.py --check`
- Aggregate result before commit: `CONNECTION-MAP.md is fresh`
- Aggregate validation before commit: `python3 -m pytest tests/ -q`
- Aggregate result before commit: `103 passed, 4 skipped`
- Aggregate validation after merge: `python3 scripts/ast-connection-map.py --check`
- Aggregate result after merge: `CONNECTION-MAP.md is fresh`
- Aggregate validation after merge: `python3 -m pytest tests/ -q`
- Aggregate result after merge: `107 passed`
## Governance Evidence
- Harness-backed summary data remains the source of truth.
- Case runtime default active: false
- target repository mutation: false
- upstream `hermes-webui` edited: false
- upstream `hermes-agent` edited: false
- Hermes visualizes control state; CTO and Harness remain the gates.
## Result
`CTO-WORK-063` is validated because Hermes now exposes JP approval posture and next-action visibility without gaining execution authority.

53
.sot/03-PROTOCOLS/CTO-HERMES-APPROVAL-STATE-ISSUES.md
View File

@ -1,53 +0,0 @@
---
name: CTO Hermes Approval State Issues
status: candidate
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes Approval State Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## CTO-WORK-062: Hermes WebUI JP Approval State PRD
Status: validated.
Acceptance criteria:
- PRD defines JP approval state scope.
- PRD keeps the surface read-only.
- PRD forbids executable approval buttons.
- PRD keeps Harness-backed summary data as source of truth.
- PRD states Hermes visualizes control state; CTO and Harness remain the gates.
## CTO-WORK-063: Hermes WebUI JP Approval State Surface
Status: candidate.
Implementation route:
- Add read-only approval posture to `/api/cto/control-summary`.
- Add `approval_required`, `approval_granted`, and `execution_allowed`.
- Add allowed next actions.
- Add blocked next actions.
- Render JP approval state in `cto_control_panel.js`.
- Add focused plugin tests.
- Record evidence after implementation.
Acceptance criteria:
- CTO control summary includes JP approval state.
- CTO control summary includes allowed next actions.
- CTO control summary includes blocked next actions.
- `approval_required` defaults to true.
- `approval_granted` defaults to false.
- `execution_allowed` defaults to false.
- Do not add executable approval buttons.
- Do not activate Case as default backend.
- Do not mutate target repositories.
- Harness-backed summary data remains the source of truth.
- Hermes visualizes control state; CTO and Harness remain the gates.

60
.sot/03-PROTOCOLS/CTO-HERMES-APPROVAL-STATE-PRD.md
View File

@ -1,60 +0,0 @@
---
name: CTO Hermes Approval State PRD
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes Approval State PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem
The CTO panel shows Harness proof state, but it does not yet expose JP approval state or allowed next actions. That leaves Hermes as evidence display only. The endgoal requires Hermes to provide visualization, approval, control, and replay while CTO and Harness keep execution gated.
## Scope
Add read-only approval posture to the CTO control summary and panel:
- `approval_required`
- `approval_granted`
- `execution_allowed`
- approval reason
- allowed next actions
- blocked next actions
This slice must show what can happen next, not perform the action.
## Non-goals
- Do not add executable approval buttons.
- Do not activate Case as default backend.
- Do not mutate target repositories.
- Do not edit upstream `hermes-webui`.
- Do not edit upstream `hermes-agent`.
- Do not change Cortex Core authority.
## Acceptance Criteria
- CTO control summary includes read-only approval posture.
- CTO control summary includes allowed next actions and blocked next actions.
- Approval state defaults to `approval_required: true`, `approval_granted: false`, and `execution_allowed: false`.
- Hermes panel renders JP approval state.
- Hermes panel renders allowed next actions.
- Harness-backed summary data remains the source of truth.
- Hermes visualizes control state; CTO and Harness remain the gates.
## Validation
- Focused plugin tests prove approval posture is present, safe, and rendered by static JS.
- Plugin aggregate tests pass before commit and after merge.
- CTO child validator records the planning and evidence state.
- S69 prose validator passes before final report.
## Success Definition
Hermes can show JP approval state and allowed next actions for the CTO flow without becoming an authority layer or allowing execution from the WebUI.

67
.sot/03-PROTOCOLS/CTO-HERMES-CONSUMED-APPROVAL-EVIDENCE-CLOSEOUT.md
View File

@ -1,67 +0,0 @@
---
name: CTO Hermes Consumed Approval Evidence Closeout
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes Consumed Approval Evidence Closeout
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Workboard
- `CTO-WORK-073`
## Result
- Hermes consumed approval evidence
- status: validated
- CTO-WORK-072
- CTO-WORK-073
- governed_execution
- approval_consumed
- consumed_by_pass_evidence
- approval_required: true
- approval_granted: true
- execution_allowed: false
- Case runtime default active: false
- target repository mutation: false
- Runtime default activation remains false.
- Do not activate Case as default backend.
- This closeout does not authorize another Case run.
## Hermes Plugin Evidence
- plugin commit: `6f694b4 feat(plugin): surface consumed CTO approval evidence`
- route: `/api/cto/control-summary`
- backend file: `routes/cto_control_summary.py`
- panel file: `cto_control_panel.js`
- schema_version: `0.2.0`
- approval packet status: `consumed_by_pass_evidence`
- Stage 5 pass replay path
- Stage 5 proof replay path
- consumed pass path shown: true
- consumed proof path shown: true
## Validation Evidence
- command: `python3 -m pytest tests/ -q`
- result: `108 passed`
- command: `python3 scripts/ast-connection-map.py --check`
- result: `CONNECTION-MAP.md is fresh`
## Boundary Evidence
- upstream `hermes-webui` edited: false
- upstream `hermes-agent` edited: false
- plugin-only change: true
- Harness-backed summary data remains the source of truth.
- Hermes visualizes control state; CTO and Harness remain the gates.
## Scope Guard
This closeout records a UI/control-surface reflection of already-consumed approval evidence. It is not a new approval and does not authorize another Case run.

75
.sot/03-PROTOCOLS/CTO-HERMES-CONSUMED-APPROVAL-EVIDENCE-ISSUES.md
View File

@ -1,75 +0,0 @@
---
name: CTO Hermes Consumed Approval Evidence Issues
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes Consumed Approval Evidence Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue: CTO-WORK-072 - Hermes Consumed Approval Evidence PRD
Status: validated.
Acceptance:
- Define Hermes consumed approval evidence.
- Record `governed_execution`.
- Record `approval_consumed`.
- Record `consumed_by_pass_evidence`.
- Require execution_allowed: false after approval consumption.
- Preserve Case runtime default active: false.
- Preserve target repository mutation: false.
- State: Do not activate Case as default backend.
- State: This closeout does not authorize another Case run.
## Issue: CTO-WORK-073 - Hermes Consumed Approval Evidence Closeout
Status: validated.
Acceptance:
- Record Hermes consumed approval evidence.
- Reference `6f694b4 feat(plugin): surface consumed CTO approval evidence`.
- Reference `/api/cto/control-summary`.
- Reference `cto_control_panel.js`.
- Reference `routes/cto_control_summary.py`.
- Record `python3 -m pytest tests/ -q`.
- Record `108 passed`.
- Record `python3 scripts/ast-connection-map.py --check`.
- Record `CONNECTION-MAP.md is fresh`.
- Record upstream `hermes-webui` edited: false.
- Record upstream `hermes-agent` edited: false.
## Required Phrases
- Hermes consumed approval evidence
- CTO-WORK-072
- CTO-WORK-073
- 6f694b4 feat(plugin): surface consumed CTO approval evidence
- /api/cto/control-summary
- governed_execution
- approval_consumed
- consumed_by_pass_evidence
- execution_allowed: false
- approval_granted: true
- approval_required: true
- Stage 5 pass replay path
- Stage 5 proof replay path
- cto_control_panel.js
- routes/cto_control_summary.py
- python3 -m pytest tests/ -q
- 108 passed
- python3 scripts/ast-connection-map.py --check
- CONNECTION-MAP.md is fresh
- Case runtime default active: false
- target repository mutation: false
- upstream `hermes-webui` edited: false
- upstream `hermes-agent` edited: false
- Do not activate Case as default backend.
- This closeout does not authorize another Case run.

87
.sot/03-PROTOCOLS/CTO-HERMES-CONSUMED-APPROVAL-EVIDENCE-PRD.md
View File

@ -1,87 +0,0 @@
---
name: CTO Hermes Consumed Approval Evidence PRD
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes Consumed Approval Evidence PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
Hermes already exposes approval state and approval packet data, and the approved Stage 5 Case run already has pass evidence. The WebUI needs to show that this approval is consumed, not still available for rerun.
## Solution
Record the Hermes plugin closeout for consumed approval evidence. The `/api/cto/control-summary` route now exposes `governed_execution`, `approval_consumed`, and `consumed_by_pass_evidence`. The CTO panel shows consumed pass and consumed proof paths.
## Scope
- Record Hermes plugin commit `6f694b4 feat(plugin): surface consumed CTO approval evidence`.
- Record the governed execution consumed approval state.
- Record that execution_allowed remains false after consumption.
- Record Stage 5 pass and Stage 5 proof replay paths.
- Record that Case runtime default active remains false.
- Record that target repository mutation remains false.
- Record that upstream `hermes-webui` edited: false.
- Record that upstream `hermes-agent` edited: false.
## Non-goals
- Do not rerun Case.
- Do not create a new JP approval.
- Do not activate Case as default backend.
- Do not mutate target repositories.
- Do not edit upstream `hermes-webui`.
- Do not edit upstream `hermes-agent`.
## Acceptance Criteria
- `WORKBOARD.yaml` records `CTO-WORK-072` and `CTO-WORK-073` as validated.
- The PRD records `governed_execution`.
- The PRD records `approval_consumed`.
- The PRD records `consumed_by_pass_evidence`.
- The closeout references plugin commit `6f694b4 feat(plugin): surface consumed CTO approval evidence`.
- The closeout records `/api/cto/control-summary`.
- The closeout records `cto_control_panel.js`.
- The closeout records `routes/cto_control_summary.py`.
- The closeout records `python3 -m pytest tests/ -q` and `108 passed`.
- The closeout records `python3 scripts/ast-connection-map.py --check` and `CONNECTION-MAP.md is fresh`.
## Validation
- `python3 tools/validate_cto_child.py`
- `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py`
## Required Evidence
- Hermes consumed approval evidence
- CTO-WORK-072
- CTO-WORK-073
- 6f694b4 feat(plugin): surface consumed CTO approval evidence
- /api/cto/control-summary
- governed_execution
- approval_consumed
- consumed_by_pass_evidence
- execution_allowed: false
- approval_granted: true
- approval_required: true
- Stage 5 pass replay path
- Stage 5 proof replay path
- cto_control_panel.js
- routes/cto_control_summary.py
- python3 -m pytest tests/ -q
- 108 passed
- python3 scripts/ast-connection-map.py --check
- CONNECTION-MAP.md is fresh
- Case runtime default active: false
- target repository mutation: false
- upstream `hermes-webui` edited: false
- upstream `hermes-agent` edited: false
- Do not activate Case as default backend.
- This closeout does not authorize another Case run.

91
.sot/03-PROTOCOLS/CTO-HERMES-CONTROL-SURFACE-ISSUES.md
View File

@ -1,91 +0,0 @@
---
name: cto-hermes-control-surface-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-HERMES-CONTROL-SURFACE-PRD.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for Hermes-visible CTO Harness control summary.
---
# CTO Hermes Control Surface Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue Sequence
### CTO-WORK-044 - Hermes Control Surface PRD
Type: AFK
Status: validated.
Blocked by: CTO-WORK-043
User stories covered: CTO Hermes Control Surface PRD stories 1, 2, 3, 4, 5.
What to build: Define the Hermes-facing CTO Harness control summary before implementation starts.
Acceptance criteria:
- [x] PRD states Hermes controls visibility, approval, and replay but does not govern.
- [x] PRD requires the surface to be backed by Harness Evidence Interface artifacts.
- [x] PRD requires proof ladder status through Stage 6.
- [x] PRD separates candidate-default eligibility from runtime default activation.
- [x] PRD requires replay paths for matrix and Stage 6 comparison evidence.
- [x] PRD requires blocked comparison lanes to include rationale.
- [x] PRD forbids secrets, endpoints, credentials, Target Repository mutation, vendor-source mutation, external developer repository mutation, and Core mutation.
- [x] Local CTO validator checks the PRD and issue artifact.
Allowed files: CTO child workspace planning docs and local validator only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.
### CTO-WORK-045 - Harness-Backed Hermes Control Summary
Type: AFK
Status: validated.
Blocked by: CTO-WORK-044
User stories covered: CTO Hermes Control Surface PRD stories 1, 2, 3, 4, 5.
What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, extend the WebUI summary path so Hermes can consume a compact CTO Harness control summary backed by validated evidence.
Acceptance criteria:
- [x] Summary command remains Harness-backed and deterministic.
- [x] Summary exposes proof ladder status through Stage 6.
- [x] Summary exposes Stage 6 candidate-default eligibility.
- [x] Summary exposes runtime default activation as `false` unless a later governed route changes it.
- [x] Summary exposes matrix report and Stage 6 comparison report paths.
- [x] Summary exposes blocked Codex/Pi lane rationale when not applicable.
- [x] Summary exposes next recommended operator action.
- [x] Summary does not expose secrets, endpoints, credential values, or raw Target Repository content.
- [x] Summary does not mutate Target Repositories, vendor source, external developer repositories, or Cortex Core.
- [x] Focused summary validator passes and aggregate Harness health remains green.
Allowed files: Hermes CTO harness summary command, summary validator, summary contract/docs, and command index. WebUI Runtime code, Core, Case source, vendor source, Target Repositories, and external developer repositories are forbidden.
Validator: `python3 harness/runner/validate-webui-summary.py --json`, then `harness/evals/health.sh --json`.
Done evidence:
- Hermes commit: `3cbd799 Add harness-backed Hermes control summary`
- Focused validator: `python3 harness/runner/validate-webui-summary.py --json`
- Focused summary JSON: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T102157Z-run-all-fake-92576/webui-summary.json`
- Focused matrix report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T102157Z-run-all-fake-92576/report.json`
- Focused Stage 6 comparison report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T102202Z-stage6-candidate-default-92871/stage6-candidate-default-comparison.json`
- Post-merge aggregate health command: `harness/evals/health.sh --json`
- Post-merge aggregate matrix report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T102236Z-run-all-fake-95146/report.json`
- Post-merge aggregate Stage 6 comparison report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T102256Z-stage6-candidate-default-96653/stage6-candidate-default-comparison.json`
## Granularity Check
This is intentionally two slices: one planning route and one Harness-backed summary route. It avoids overbuilding a WebUI panel before the stable summary contract exists.

86
.sot/03-PROTOCOLS/CTO-HERMES-CONTROL-SURFACE-PRD.md
View File

@ -1,86 +0,0 @@
---
name: cto-hermes-control-surface-prd
tier: local
status: draft
owner: jp
source: WORKBOARD.yaml next ROI after CTO-WORK-043
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local PRD for a Hermes-visible CTO Harness control summary surface.
---
# CTO Hermes Control Surface PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
The Case proof ladder is validated through Stage 6, but the operator surface still has to inspect raw harness commands and scattered runtime artifacts. That makes Hermes weak as the control and replay layer. JP needs a compact Hermes-facing summary that shows proof state, candidate-default status, blocked comparison lanes, replay artifact paths, and next action without giving Hermes or Case authority.
## Solution
Add a read-oriented Hermes Control Surface summary behind the CTO Harness. Hermes controls visibility, approval, and replay; Cortex remains SOT authority; CTO routes; Harness proves; Case executes only after proof. The first slice is a deterministic `webui-summary.sh --json` contract that exposes current Harness health, Stage 6 candidate-default comparison status, proof artifact paths, blocked-lane rationale, and default-activation status.
## Scope
- Define a Hermes-facing CTO Harness summary contract.
- Keep the surface backed by Harness Evidence Interface artifacts.
- Expose proof ladder status through Stage 6.
- Expose candidate-default eligibility separately from runtime default activation.
- Expose replay paths for matrix, Stage 6 comparison, and failure closure reports.
- Expose blocked Codex/Pi lane rationale when deterministic validation does not run those lanes.
- Keep fake as default validation lane.
## Non-Goals
- Do not build a full Hermes WebUI panel in this slice.
- Do not add approval mutation actions.
- Do not activate Case as default backend.
- Do not promote child-local CTO artifacts into Core.
- Do not mutate Target Repositories, vendor source, external developer repositories, or Cortex Core.
- Do not store secrets, endpoints, or credential values in reports.
## User Stories
1. As JP, I want one Hermes-facing summary of CTO Harness state, so that I can inspect proof without reading raw logs.
2. As Hermes, I want replay artifact paths, so that a future panel can link to evidence instead of reinterpreting backend logs.
3. As CTO, I want candidate-default status separated from default activation, so that Case cannot become authority by wording.
4. As Harness, I want the control surface generated from validated evidence, so that UI state stays proof-backed.
5. As Cortex, I want the summary to remain child-local and non-authoritative, so that Core SOT remains the authority layer.
## Acceptance Criteria
- [ ] PRD states Hermes controls visibility, approval, and replay but does not govern.
- [ ] PRD requires the surface to be backed by Harness Evidence Interface artifacts.
- [ ] PRD requires proof ladder status through Stage 6.
- [ ] PRD separates candidate-default eligibility from runtime default activation.
- [ ] PRD requires replay paths for matrix and Stage 6 comparison evidence.
- [ ] PRD requires blocked comparison lanes to include rationale.
- [ ] PRD forbids secrets, endpoints, credentials, Target Repository mutation, vendor-source mutation, external developer repository mutation, and Core mutation.
- [ ] Local CTO validator checks the PRD and issue artifact.
## Validation
Planning validator: `python3 tools/validate_cto_child.py`.
Implementation validator planned for Hermes: `python3 harness/runner/validate-webui-summary.py --json`, then `harness/evals/health.sh --json` after focused validation passes.
## Risks
- Summary fields may be mistaken for Core authority.
- UI consumers may treat candidate-default eligibility as runtime default activation.
- Artifact paths may become stale if not generated from fresh Harness runs.
- A broad WebUI implementation now would overreach before the summary contract is stable.
## Dependencies
- Stage 6 candidate-default comparison proof is validated.
- Harness Evidence Interface remains active.
- Hermes CTO harness commands remain the evidence source.
- Future WebUI work consumes this summary instead of raw backend logs.
## Success Definition
This slice succeeds when Hermes can consume one Harness-generated summary showing proof ladder state, Stage 6 candidate-default evidence, blocked-lane rationale, replay paths, next action, and default activation false, without changing authority, mutating repositories, or bypassing Harness validation.

58
.sot/03-PROTOCOLS/CTO-HERMES-LIVE-SMOKE-REMOTE-SYNC-CLOSEOUT.md
View File

@ -1,58 +0,0 @@
---
name: CTO Hermes Live Smoke Remote Sync Closeout
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes Live Smoke Remote Sync Closeout
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Workboard
- `CTO-WORK-075`
## Result
- Hermes live smoke remote sync evidence
- status: validated
- CTO-WORK-074
- CTO-WORK-075
- openharbor/jp synced
- Case runtime default active: false
- target repository mutation: false
- Runtime default activation remains false.
- Do not activate Case as default backend.
- This closeout does not authorize another Case run.
## Remote Sync Evidence
- command: `git push openharbor jp`
- result: `d302321..6f694b4 jp -> jp`
- plugin commit: `6f694b4 feat(plugin): surface consumed CTO approval evidence`
## Temporary Hermes WebUI Boot Smoke Evidence
- command: `python3 scripts/boot-smoke.py`
- result: `failed: 0`
- temporary Hermes WebUI boot smoke
- `/api/cto/control-summary`: status accepted: true
- `/plugins/svrnty/cto_control_panel.js`: status accepted: true
- `/plugins/svrnty/cto_control_panel.css`: status accepted: true
- authentication-gated `401` and redirect `302` statuses were accepted by the existing plugin smoke contract.
## Boundary Evidence
- upstream `hermes-webui` edited: false
- upstream `hermes-agent` edited: false
- plugin-only change already recorded by `CTO-WORK-073`.
- Harness-backed summary data remains the source of truth.
- Hermes visualizes control state; CTO and Harness remain the gates.
## Scope Guard
This closeout records remote sync and smoke evidence only. It is not a new approval and does not authorize another Case run.

69
.sot/03-PROTOCOLS/CTO-HERMES-LIVE-SMOKE-REMOTE-SYNC-ISSUES.md
View File

@ -1,69 +0,0 @@
---
name: CTO Hermes Live Smoke Remote Sync Issues
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes Live Smoke Remote Sync Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue: CTO-WORK-074 - Hermes Live Smoke Remote Sync PRD
Status: validated.
Acceptance:
- Define Hermes live smoke remote sync evidence.
- Require remote push evidence for `openharbor/jp`.
- Require temporary Hermes WebUI boot smoke evidence.
- Require CTO endpoint and panel asset smoke rows.
- Preserve Case runtime default active: false.
- Preserve target repository mutation: false.
- State: Do not activate Case as default backend.
- State: This closeout does not authorize another Case run.
## Issue: CTO-WORK-075 - Hermes Live Smoke Remote Sync Closeout
Status: validated.
Acceptance:
- Record Hermes live smoke remote sync evidence.
- Reference `git push openharbor jp`.
- Reference `d302321..6f694b4 jp -> jp`.
- Reference `6f694b4 feat(plugin): surface consumed CTO approval evidence`.
- Reference `python3 scripts/boot-smoke.py`.
- Reference `failed: 0`.
- Reference `/api/cto/control-summary`.
- Reference `/plugins/svrnty/cto_control_panel.js`.
- Reference `/plugins/svrnty/cto_control_panel.css`.
- Record upstream `hermes-webui` edited: false.
- Record upstream `hermes-agent` edited: false.
## Required Phrases
- Hermes live smoke remote sync evidence
- CTO-WORK-074
- CTO-WORK-075
- git push openharbor jp
- d302321..6f694b4 jp -> jp
- 6f694b4 feat(plugin): surface consumed CTO approval evidence
- python3 scripts/boot-smoke.py
- failed: 0
- /api/cto/control-summary
- /plugins/svrnty/cto_control_panel.js
- /plugins/svrnty/cto_control_panel.css
- status accepted: true
- temporary Hermes WebUI boot smoke
- openharbor/jp synced
- Case runtime default active: false
- target repository mutation: false
- upstream `hermes-webui` edited: false
- upstream `hermes-agent` edited: false
- Do not activate Case as default backend.
- This closeout does not authorize another Case run.

82
.sot/03-PROTOCOLS/CTO-HERMES-LIVE-SMOKE-REMOTE-SYNC-PRD.md
View File

@ -1,82 +0,0 @@
---
name: CTO Hermes Live Smoke Remote Sync PRD
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes Live Smoke Remote Sync PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
Hermes consumed approval evidence is implemented and recorded locally. CTO needs a closeout that proves the plugin branch was synced to its remote and that a temporary Hermes WebUI boot smoke reached the CTO control endpoint and assets.
## Solution
Record remote sync and live boot smoke evidence for the Hermes CTO control surface. This proves the plugin can boot under the WebUI smoke path and expose `/api/cto/control-summary`, `cto_control_panel.js`, and `cto_control_panel.css` without editing upstream source.
## Scope
- Record remote push to `openharbor/jp`.
- Record Hermes plugin commit `6f694b4 feat(plugin): surface consumed CTO approval evidence`.
- Record boot smoke command `python3 scripts/boot-smoke.py`.
- Record `failed: 0`.
- Record `/api/cto/control-summary` smoke status accepted.
- Record `/plugins/svrnty/cto_control_panel.js` smoke status accepted.
- Record `/plugins/svrnty/cto_control_panel.css` smoke status accepted.
- Preserve that authentication redirects or 401 responses are acceptable smoke statuses under the plugin smoke contract.
## Non-goals
- Do not create a new JP approval.
- Do not rerun Case.
- Do not activate Case as default backend.
- Do not mutate target repositories.
- Do not edit upstream `hermes-webui`.
- Do not edit upstream `hermes-agent`.
## Acceptance Criteria
- `WORKBOARD.yaml` records `CTO-WORK-074` and `CTO-WORK-075` as validated.
- The closeout records `git push openharbor jp`.
- The closeout records `d302321..6f694b4 jp -> jp`.
- The closeout records `python3 scripts/boot-smoke.py`.
- The closeout records `failed: 0`.
- The closeout records `/api/cto/control-summary`.
- The closeout records `/plugins/svrnty/cto_control_panel.js`.
- The closeout records `/plugins/svrnty/cto_control_panel.css`.
- The closeout states upstream `hermes-webui` edited: false.
- The closeout states upstream `hermes-agent` edited: false.
## Validation
- `python3 tools/validate_cto_child.py`
- `python3 /home/svrnty/workspaces/cortex-os/core/tools/check_s69_caveman_prose_discipline.py`
## Required Evidence
- Hermes live smoke remote sync evidence
- CTO-WORK-074
- CTO-WORK-075
- git push openharbor jp
- d302321..6f694b4 jp -> jp
- 6f694b4 feat(plugin): surface consumed CTO approval evidence
- python3 scripts/boot-smoke.py
- failed: 0
- /api/cto/control-summary
- /plugins/svrnty/cto_control_panel.js
- /plugins/svrnty/cto_control_panel.css
- status accepted: true
- temporary Hermes WebUI boot smoke
- openharbor/jp synced
- Case runtime default active: false
- target repository mutation: false
- upstream `hermes-webui` edited: false
- upstream `hermes-agent` edited: false
- Do not activate Case as default backend.
- This closeout does not authorize another Case run.

91
.sot/03-PROTOCOLS/CTO-HERMES-REAL-REFRESH-CONTROL-REPLAY-EVIDENCE.md
View File

@ -1,91 +0,0 @@
---
name: cto-hermes-real-refresh-control-replay-evidence
tier: local
status: validated
owner: jp
source: .sot/03-PROTOCOLS/CTO-HERMES-REAL-REFRESH-CONTROL-REPLAY-ISSUES.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local evidence that CTO-WORK-057 exposed Stage 6 real-governed refresh evidence through the Hermes CTO Harness control summary.
---
# CTO Hermes Real Refresh Control Replay Evidence
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Result
Status: validated.
Work item: `CTO-WORK-057`
Hermes CTO commit:
```text
1f53307 Expose real refresh in control summary
```
Focused summary validator:
```text
python3 harness/runner/validate-webui-summary.py --json
```
Focused summary JSON:
```text
/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T112443Z-run-all-fake-262885/webui-summary.json
```
Focused Stage 6 real-governed refresh comparison artifact:
```text
/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T112448Z-stage6-real-governed-refresh/stage6-real-governed-refresh-comparison.json
```
Post-merge aggregate Harness command:
```text
./harness/evals/health.sh --json
```
Post-merge aggregate status:
```text
pass
```
Post-merge Stage 6 real-governed refresh comparison artifact:
```text
/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T112541Z-stage6-real-governed-refresh/stage6-real-governed-refresh-comparison.json
```
## Evidence Facts
- summary exposes `case_stage6_real_governed_refresh`
- summary exposes `stage6_real_governed_refresh_comparison_path`
- summary exposes real Stage 5 pass report replay path
- summary exposes real Stage 5 proof replay path
- summary exposes target repository read-only proof status
- summary exposes candidate-default refresh eligibility separately from `runtime_default_activation`
- summary exposes Codex blocked-lane rationale from the refresh artifact
- summary exposes Pi blocked-lane rationale from the refresh artifact
- summary exposes next operator action after real-refresh validation
- summary does not expose secrets, endpoints, credential values, or raw Target Repository content
- summary does not mutate Target Repositories, vendor source, external developer repositories, unowned repositories, or Cortex Core
- runtime default activation: false
## Decision
`CTO-WORK-057` is validated.
Hermes now has a Harness-backed replay summary for Stage 6 real-governed refresh evidence.
Case remains a gated adapter behind the CTO Harness seam.
Runtime default activation remains false.
This evidence does not promote CTO artifacts into Core and does not authorize broader target mutation.

81
.sot/03-PROTOCOLS/CTO-HERMES-REAL-REFRESH-CONTROL-REPLAY-ISSUES.md
View File

@ -1,81 +0,0 @@
---
name: cto-hermes-real-refresh-control-replay-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-HERMES-REAL-REFRESH-CONTROL-REPLAY-PRD.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for exposing Stage 6 real-governed refresh evidence through Hermes CTO control replay.
---
# CTO Hermes Real Refresh Control Replay Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue Sequence
### CTO-WORK-056 - Hermes Real Refresh Control Replay PRD
Type: AFK
Status: validated.
Blocked by: CTO-WORK-055
What to build: Define the planning route for exposing Stage 6 real-governed refresh evidence through the Hermes CTO Harness control summary and replay path.
Acceptance criteria:
- [x] PRD states Hermes displays and replays evidence but does not govern.
- [x] PRD requires Harness Evidence Interface artifacts as the source of truth.
- [x] PRD requires Stage 6 real-governed refresh status in the summary.
- [x] PRD requires refresh comparison artifact path in the summary.
- [x] PRD requires real Stage 5 pass report and Stage 5 proof paths in the summary.
- [x] PRD requires read-only target repository proof status in the summary.
- [x] PRD separates candidate-default refresh eligibility from runtime default activation.
- [x] PRD requires blocked Codex/Pi lane rationale from the refresh artifact.
- [x] PRD forbids target mutation, default activation, Core promotion, vendor-source mutation, external developer repository mutation, unowned repository mutation, and secret exposure.
- [x] Local CTO validator checks the PRD and issue artifact.
Allowed files: CTO child workspace planning docs and local validator only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.
### CTO-WORK-057 - Hermes Control Summary Real Refresh Replay Route
Type: AFK
Status: candidate.
Blocked by: CTO-WORK-056
What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, extend the Harness-backed WebUI summary path so Hermes can consume and replay Stage 6 real-governed refresh evidence.
Acceptance criteria:
- [ ] Summary exposes `case_stage6_real_governed_refresh` status.
- [ ] Summary exposes `stage6_real_governed_refresh_comparison_path`.
- [ ] Summary exposes real Stage 5 pass report and Stage 5 proof replay paths.
- [ ] Summary exposes read-only target repository proof status.
- [ ] Summary exposes candidate-default refresh eligibility separately from `runtime_default_activation`.
- [ ] Summary exposes Codex/Pi blocked-lane rationale from the refresh artifact.
- [ ] Summary exposes next operator action after real-refresh validation.
- [ ] Summary does not expose secrets, endpoints, credential values, or raw Target Repository content.
- [ ] Summary does not mutate Target Repositories, vendor source, external developer repositories, unowned repositories, or Cortex Core.
- [ ] Focused summary validator passes before aggregate Harness validation.
- [ ] Aggregate Harness validation runs once after focused validation passes and once after merge.
Allowed files: Hermes CTO harness summary command, summary validator, summary contract/docs, and command index. WebUI Runtime code, Core, Case source, vendor source, Target Repositories, and external developer repositories are forbidden.
Validator: `python3 harness/runner/validate-webui-summary.py --json`, then `./harness/evals/health.sh --json`.
Done evidence: Hermes sandcastle commit, focused summary validator output, summary JSON path, aggregate Harness health output, clean merge, and CTO evidence update.
## Granularity Check
This is intentionally two slices: one child-local planning route and one Hermes Harness implementation route. It avoids overbuilding a WebUI panel while adding the exact replay surface needed after `CTO-WORK-055`.

100
.sot/03-PROTOCOLS/CTO-HERMES-REAL-REFRESH-CONTROL-REPLAY-PRD.md
View File

@ -1,100 +0,0 @@
---
name: cto-hermes-real-refresh-control-replay-prd
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE6-REAL-GOVERNED-REFRESH-EVIDENCE.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local PRD for exposing Stage 6 real-governed refresh evidence through the Hermes CTO control summary and replay path.
---
# CTO Hermes Real Refresh Control Replay PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
Hermes already has a Harness-backed control summary, but that summary was validated before the Stage 6 real-governed refresh route existed. JP can now prove Case candidate-default readiness against the first real governed Stage 5 pass, but the Hermes-facing control surface does not yet expose that real-refresh status, artifact path, read-only target proof, or next operator action.
## Solution
Add a bounded real-refresh control replay slice. The CTO Harness summary must consume the Stage 6 real-governed refresh comparison artifact and expose it as replayable Hermes control state. Hermes may display and replay evidence; it must not govern, mutate targets, activate Case by default, or reinterpret raw backend logs as authority.
## Scope
- Extend the Hermes-facing CTO Harness summary contract with Stage 6 real-governed refresh fields.
- Expose the refresh comparison artifact path.
- Expose real Stage 5 pass report and Stage 5 proof paths as replay inputs.
- Expose read-only target repository proof status.
- Expose candidate-default refresh eligibility separately from runtime default activation.
- Expose blocked Codex/Pi lane rationale from the refresh artifact.
- Expose next operator action after real-refresh validation.
- Keep the source of truth as Harness Evidence Interface artifacts.
## Non-Goals
- Do not build a full Hermes WebUI panel in this slice.
- Do not add approval mutation actions.
- Do not activate Case as default backend.
- Do not rerun or mutate the real Target Repository.
- Do not promote child-local CTO artifacts into Core.
- Do not mutate vendor source, external developer repositories, Cortex Core, or unowned repositories.
- Do not expose secrets, endpoints, credentials, or raw Target Repository content.
## User Stories
1. As JP, I want the Hermes control summary to show Stage 6 real-refresh status, so that I can inspect candidate-default readiness without opening raw artifacts first.
2. As Hermes, I want replay paths for the refresh artifact, Stage 5 pass report, and Stage 5 proof, so that a future panel can link evidence without recomputing it.
3. As CTO, I want read-only target proof visible, so that real-repo safety is part of the operator surface.
4. As Harness, I want the summary generated from validated artifacts, so that control state remains proof-backed.
5. As Cortex, I want runtime default activation to remain explicit and false, so that candidate-default evidence cannot become authority by presentation.
## Acceptance Criteria
- [ ] PRD states Hermes displays and replays evidence but does not govern.
- [ ] PRD requires Harness Evidence Interface artifacts as the source of truth.
- [ ] PRD requires Stage 6 real-governed refresh status in the summary.
- [ ] PRD requires refresh comparison artifact path in the summary.
- [ ] PRD requires real Stage 5 pass report and Stage 5 proof paths in the summary.
- [ ] PRD requires read-only target repository proof status in the summary.
- [ ] PRD separates candidate-default refresh eligibility from runtime default activation.
- [ ] PRD requires blocked Codex/Pi lane rationale from the refresh artifact.
- [ ] PRD forbids target mutation, default activation, Core promotion, vendor-source mutation, external developer repository mutation, unowned repository mutation, and secret exposure.
- [ ] Local CTO validator checks the PRD and issue artifact.
## Validation
Planning validator: `python3 tools/validate_cto_child.py`.
Implementation validator planned for Hermes: `python3 harness/runner/validate-webui-summary.py --json`, then `./harness/evals/health.sh --json` after focused validation passes.
## Risks
- A UI consumer may mistake candidate-default refresh eligibility for runtime default activation.
- A summary may become stale if it does not consume the latest refresh artifact.
- A replay path may expose too much target context if raw repository content is included instead of artifact paths.
- Building WebUI runtime behavior now would overreach the stable summary contract.
## Dependencies
- `CTO-WORK-055` Stage 6 real-governed refresh evidence is validated.
- Hermes CTO Harness has `validate-case-stage6-real-refresh.py`.
- Hermes CTO Harness aggregate health includes `case_stage6_real_governed_refresh`.
- Existing Hermes control summary route remains Harness-backed.
## Challenge Notes
Accepted feedback: This route is useful because the existing Hermes summary predates real-refresh evidence and therefore cannot yet be the operator replay surface for the strongest Case proof.
Accepted feedback: The slice must update the summary contract before any WebUI panel work, because the stable machine-readable surface is the real dependency.
Rejected feedback: Building a visual WebUI panel now is premature; proof-backed summary fields are the minimum useful control layer.
Rejected feedback: Activating Case as default is out of scope because runtime default remains earned by a later governed route.
## Success Definition
This slice succeeds when CTO has a validated child-local PRD and issue route for exposing Stage 6 real-governed refresh evidence through the Hermes CTO Harness control summary and replay path, while preserving Cortex authority, Harness proof, target protection, and runtime default activation false.

54
.sot/03-PROTOCOLS/CTO-HERMES-WEBUI-CONTROL-PANEL-EVIDENCE.md
View File

@ -1,54 +0,0 @@
---
name: CTO Hermes WebUI Control Panel Evidence
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes WebUI Control Panel Evidence
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Scope
This evidence closes `CTO-WORK-059`.
The implementation adds a Hermes-owned WebUI consumer panel for CTO Harness proof state. It does not change Cortex Core authority, Case authority, target repository ownership, upstream `hermes-webui`, or upstream `hermes-agent`.
## Implementation Evidence
- Hermes plugin commit: `9c8f345 Add CTO harness control panel`
- Route: `/api/cto/control-summary`
- Route file: `routes/cto_control_summary.py`
- Frontend asset: `cto_control_panel.js`
- Style asset: `cto_control_panel.css`
- Connection map: `CONNECTION-MAP.md is fresh`
## Validation Evidence
- Focused validation before commit: `python3 -m pytest tests/unit/test_cto_control_summary.py tests/evals/test_features.py -q`
- Focused result: `8 passed, 1 skipped`
- Aggregate validation before commit: `python3 scripts/ast-connection-map.py --check`
- Aggregate validation before commit: `python3 -m pytest tests/ -q`
- Aggregate result before commit: `100 passed, 4 skipped`
- Aggregate validation after merge: `python3 scripts/ast-connection-map.py --check`
- Aggregate validation after merge: `python3 -m pytest tests/ -q`
- Aggregate result after merge: `104 passed`
## Governance Evidence
- Harness-backed summary data remains the source of truth.
- Case runtime default active: false
- target repository mutation: false
- upstream `hermes-webui` edited: false
- upstream `hermes-agent` edited: false
- Case remains a candidate backend behind the CTO Harness seam.
- Hermes provides visualization and control only.
- Cortex remains SOT authority.
## Result
`CTO-WORK-059` is validated because Hermes now exposes a read-only CTO control panel over Harness evidence without activating Case, mutating target repositories, or editing upstream vendor source.

79
.sot/03-PROTOCOLS/CTO-HERMES-WEBUI-CONTROL-PANEL-ISSUES.md
View File

@ -1,79 +0,0 @@
---
name: cto-hermes-webui-control-panel-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-HERMES-WEBUI-CONTROL-PANEL-PRD.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for a Hermes WebUI consumer panel over the CTO Harness control summary.
---
# CTO Hermes WebUI Control Panel Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Issue Sequence
### CTO-WORK-058 - Hermes WebUI Control Panel PRD
Type: AFK
Status: validated.
Blocked by: CTO-WORK-057
What to build: Define the route for a read-only Hermes WebUI consumer panel over the CTO Harness control summary.
Acceptance criteria:
- [x] PRD requires the panel to use the Hermes-owned extension/plugin surface, not upstream `hermes-webui` or `hermes-agent` edits.
- [x] PRD requires Harness-backed summary data as the source of truth.
- [x] PRD requires Stage 6 real-governed refresh status to be visible.
- [x] PRD requires replay paths for refresh comparison, real Stage 5 pass report, and Stage 5 proof.
- [x] PRD requires target repository read-only proof status to be visible.
- [x] PRD separates candidate-default refresh eligibility from runtime default activation.
- [x] PRD requires blocked Codex/Pi lane rationale to be visible.
- [x] PRD forbids mutation actions, default activation, upstream source edits, Core promotion, target mutation, and secret exposure.
- [x] Local CTO validator checks the PRD and issue artifact.
Allowed files: CTO child workspace planning docs and local validator only.
Validator: `python3 tools/validate_cto_child.py`
Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.
### CTO-WORK-059 - Hermes WebUI CTO Harness Control Panel
Type: AFK
Status: candidate.
Blocked by: CTO-WORK-058
What to build: In the Hermes-owned WebUI extension/plugin surface, add a read-only CTO Harness control panel or endpoint consumer over the validated `webui-summary.json` contract.
Acceptance criteria:
- [ ] Implementation does not edit upstream `hermes-webui` or `hermes-agent`.
- [ ] Panel or endpoint consumes Harness-backed summary data.
- [ ] Stage 6 real-governed refresh status is visible.
- [ ] Refresh comparison, real Stage 5 pass report, and Stage 5 proof replay paths are visible.
- [ ] Target repository read-only proof status is visible.
- [ ] Candidate-default refresh eligibility is visually separated from runtime default activation.
- [ ] Codex/Pi blocked-lane rationale is visible.
- [ ] Next operator action is visible.
- [ ] No mutation action, approval action, default activation, target mutation, Core mutation, vendor-source mutation, or secret exposure is added.
- [ ] Focused contract/UI validator passes before any aggregate validation.
Allowed files: Hermes-owned WebUI extension/plugin files and deterministic validators only. Upstream `hermes-webui`, upstream `hermes-agent`, Case source, vendor source, Target Repositories, Cortex Core, and external developer repositories are forbidden.
Validator: relevant Hermes plugin/WebUI contract validator or a new deterministic validator for the panel data contract.
Done evidence: Hermes sandcastle commit, focused validator output, rendered/contract artifact path if available, clean merge, and CTO evidence update.
## Granularity Check
This is intentionally two slices: one child-local planning route and one Hermes-owned implementation route. It avoids adding mutation controls or upstream WebUI edits while moving the endgoal toward actual Hermes visualization.

99
.sot/03-PROTOCOLS/CTO-HERMES-WEBUI-CONTROL-PANEL-PRD.md
View File

@ -1,99 +0,0 @@
---
name: cto-hermes-webui-control-panel-prd
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-HERMES-REAL-REFRESH-CONTROL-REPLAY-EVIDENCE.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local PRD for a Hermes WebUI consumer panel over the CTO Harness control summary.
---
# CTO Hermes WebUI Control Panel PRD
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Problem Statement
Hermes now has a machine-readable CTO Harness control summary with Stage 6 real-governed refresh evidence. The operator still needs a visual control surface that can show the proof state, replay paths, blocked lanes, read-only target proof, and runtime-default status without opening raw JSON by hand.
## Solution
Add a bounded Hermes WebUI consumer panel through the existing Hermes extension/plugin surface. The panel must read the Harness-backed summary contract and render evidence state only. Hermes controls visibility and replay. Cortex remains SOT authority. CTO routes. Harness proves. Case remains a gated adapter and is not activated by the panel.
## Scope
- Add a WebUI-visible CTO Harness panel or endpoint consumer through the Hermes-owned extension/plugin surface.
- Read the existing `webui-summary.json` contract or a Harness summary command result.
- Display Stage 6 real-governed refresh status.
- Display refresh comparison artifact path, real Stage 5 pass report path, and Stage 5 proof path.
- Display target repository read-only proof status.
- Display candidate-default refresh eligibility separately from runtime default activation.
- Display Codex/Pi blocked-lane rationale.
- Display next operator action.
- Keep all source data Harness-backed.
## Non-Goals
- Do not edit upstream `hermes-webui`.
- Do not edit upstream `hermes-agent`.
- Do not activate Case as default backend.
- Do not add approval, mutation, deploy, push, merge, close, PR open, or issue-close actions.
- Do not rerun Case or mutate a Target Repository from the panel.
- Do not expose secrets, endpoints, credential values, or raw Target Repository content.
- Do not promote child-local CTO artifacts into Core.
## User Stories
1. As JP, I want a CTO Harness panel in Hermes, so that I can inspect real-refresh proof quickly.
2. As Hermes, I want to render a stable summary contract, so that the UI does not reinterpret raw backend logs.
3. As CTO, I want target read-only proof visible, so that real-repo protection is prominent.
4. As Harness, I want replay links/paths visible, so that evidence can be audited.
5. As Cortex, I want runtime default activation shown as false, so that visual control cannot create authority drift.
## Acceptance Criteria
- [ ] PRD requires the panel to use the Hermes-owned extension/plugin surface, not upstream `hermes-webui` or `hermes-agent` edits.
- [ ] PRD requires Harness-backed summary data as the source of truth.
- [ ] PRD requires Stage 6 real-governed refresh status to be visible.
- [ ] PRD requires replay paths for refresh comparison, real Stage 5 pass report, and Stage 5 proof.
- [ ] PRD requires target repository read-only proof status to be visible.
- [ ] PRD separates candidate-default refresh eligibility from runtime default activation.
- [ ] PRD requires blocked Codex/Pi lane rationale to be visible.
- [ ] PRD forbids mutation actions, default activation, upstream source edits, Core promotion, target mutation, and secret exposure.
- [ ] Local CTO validator checks the PRD and issue artifact.
## Validation
Planning validator: `python3 tools/validate_cto_child.py`.
Implementation validation must use the relevant Hermes extension/plugin validator or a small deterministic contract validator. If WebUI runtime validation is unavailable, the implementation must at minimum validate the endpoint/rendered data contract without editing upstream code.
## Risks
- A visual panel may imply authority if default activation is not shown as false.
- A panel may expose too much if it renders raw target content instead of artifact paths.
- Editing upstream WebUI would violate the Hermes extension boundary.
- Building mutation controls now would overreach the evidence surface.
## Dependencies
- `CTO-WORK-057` control summary real-refresh replay evidence is validated.
- Hermes extension/plugin surface exists for WebUI additions.
- CTO Harness `webui-summary.sh --json` remains validated.
## Challenge Notes
Accepted feedback: This is now worth doing because the machine-readable summary contract exists and is validated.
Accepted feedback: The panel must be read-only and replay-oriented; approval and mutation controls require a later governed route.
Rejected feedback: Editing upstream `hermes-webui` is not acceptable because Hermes customizations belong in the extension/plugin surface.
Rejected feedback: Calling this complete from the CLI summary alone is insufficient because the endgoal explicitly requires Hermes visualization/ease of control.
## Success Definition
This slice succeeds when CTO has a validated route for adding a read-only Hermes WebUI consumer panel over the CTO Harness summary, preserving Cortex authority, Harness proof, target protection, and runtime default activation false.

54
.sot/03-PROTOCOLS/CTO-HERMES-WEBUI-LIVE-SMOKE-EVIDENCE.md
View File

@ -1,54 +0,0 @@
---
name: CTO Hermes WebUI Live Smoke Evidence
status: validated
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes WebUI Live Smoke Evidence
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## Scope
This evidence closes `CTO-WORK-061`.
The implementation extends existing plugin smoke coverage for the CTO control panel route and static assets. It does not edit upstream `hermes-webui`, upstream `hermes-agent`, Cortex Core, Case source, or any target repository.
## Implementation Evidence
- Hermes plugin commit: `95fb43d Add CTO WebUI smoke coverage`
- Smoke route: `/api/cto/control-summary`
- Smoke asset: `/plugins/svrnty/cto_control_panel.js`
- Smoke asset: `/plugins/svrnty/cto_control_panel.css`
- Focused test: `tests/unit/test_boot_smoke_cto.py`
## Validation Evidence
- Focused validation: `python3 -m pytest tests/unit/test_boot_smoke_cto.py tests/unit/test_cto_control_summary.py -q`
- Focused result: `4 passed`
- Aggregate validation before commit: `python3 scripts/ast-connection-map.py --check`
- Aggregate result before commit: `CONNECTION-MAP.md is fresh`
- Aggregate validation before commit: `python3 -m pytest tests/ -q`
- Aggregate result before commit: `101 passed, 4 skipped`
- Aggregate validation after merge: `python3 scripts/ast-connection-map.py --check`
- Aggregate result after merge: `CONNECTION-MAP.md is fresh`
- Aggregate validation after merge: `python3 -m pytest tests/ -q`
- Aggregate result after merge: `105 passed`
## Governance Evidence
- Harness-backed summary data remains the source of truth.
- Case runtime default active: false
- target repository mutation: false
- upstream `hermes-webui` edited: false
- upstream `hermes-agent` edited: false
- Hermes remains visualization/control only.
- Cortex remains SOT authority.
## Result
`CTO-WORK-061` is validated because the existing Hermes WebUI smoke path now covers the CTO control panel API and static assets without expanding authority or mutating protected repositories.

51
.sot/03-PROTOCOLS/CTO-HERMES-WEBUI-LIVE-SMOKE-ISSUES.md
View File

@ -1,51 +0,0 @@
---
name: CTO Hermes WebUI Live Smoke Issues
status: candidate
lifecycle_classification: sot
owner: jp
created: 2026-06-01
last_reviewed: 2026-06-01
core_promotion_status: not-promoted
---
# CTO Hermes WebUI Live Smoke Issues
Local planning SOT only. Not a Core Protocol. Not active Core authority.
## CTO-WORK-060: Hermes WebUI Live Smoke PRD
Status: validated.
Acceptance criteria:
- PRD defines Hermes WebUI live smoke scope.
- PRD keeps Cortex as SOT authority.
- PRD states Harness-backed summary data remains the source of truth.
- PRD forbids upstream `hermes-webui` edits.
- PRD forbids upstream `hermes-agent` edits.
- PRD forbids Case default activation.
- PRD forbids target repository mutation.
## CTO-WORK-061: Hermes WebUI CTO Live Smoke Coverage
Status: candidate.
Implementation route:
- Use existing plugin smoke machinery.
- Add smoke coverage for `/api/cto/control-summary`.
- Add smoke coverage for `/plugins/svrnty/cto_control_panel.js`.
- Add smoke coverage for `/plugins/svrnty/cto_control_panel.css`.
- Add focused test coverage proving the smoke list includes these paths.
- Record validation evidence in CTO SOT after implementation.
Acceptance criteria:
- Hermes WebUI live smoke coverage includes `/api/cto/control-summary`.
- Hermes WebUI live smoke coverage includes `/plugins/svrnty/cto_control_panel.js`.
- Hermes WebUI live smoke coverage includes `/plugins/svrnty/cto_control_panel.css`.
- Harness-backed summary data remains the source of truth.
- Do not edit upstream `hermes-webui`.
- Do not edit upstream `hermes-agent`.
- Do not activate Case as default backend.
- Do not mutate target repositories.

Some files were not shown because too many files have changed in this diff Show More