--- title: CTO Case Provider Decision Packet PRD status: draft lifecycle_classification: sot owner: jp created: 2026-05-31 last_reviewed: 2026-05-31 core_promotion_status: not-promoted route: cto --- # CTO Case Provider Decision Packet PRD Local planning SOT only. Not a Core Protocol. Not active Core authority. ## Problem Statement `CTO-WORK-020` is blocked by a provider policy decision. The route has two valid branches: approve one exact external provider/model path, or require a Case-compatible local provider route. Without a compact decision packet, the next operator choice can become ambiguous and accidentally look like provider approval. ## Solution Create a child-local decision packet that makes the `CTO-WORK-020` choice explicit, bounded, and auditable. The packet does not approve a provider/model and is not Stage 2 pass evidence. It only records the decision options, required evidence fields, consequences, and blocked next actions for JP or a governed Core route to resolve later. ## Scope - Summarize the current `CTO-WORK-020` blocker. - Present only two active decision branches: `external_provider_approved` and `local_provider_required`. - Preserve `not_decided` as the current safe state. - Require a structured decision record using only `not_decided`, `external_provider_approved`, or `local_provider_required`. - Require exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations before any admission. - Reference existing evidence paths and commits; do not copy runtime evidence into the packet. - Require no secret value in SOT, task file, argv, report, trace, backend logs, generated config, or commit. - Keep `CTO-WORK-020` as the admission authority. - Keep the `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` admission JSON gate as execution authority. - Keep `CTO-WORK-022` blocked unless `decision_status=local_provider_required`. - Keep real Case Stage 2 blocked unless a provider/model is admitted and a pass report exists through the Harness Evidence Interface. - State that no Target Repository path may be inspected or copied. ## Non-Goals - Do not approve Anthropic, Claude, local inference, or any other provider. - Do not admit a provider/model. - Do not implement a provider adapter. - Do not run real Case Stage 2. - Do not create a provider marketplace, registry, or scoring framework. - Do not change Hermes runtime behavior. - Do not mutate Cortex Core, Case source, vendor source, external developer repositories, or Target Repositories. - Do not treat Case, Hermes, Pi, Codex, or any backend as Cortex authority. ## Decision Branches ### Branch A - External Provider Approved Use only if JP or a governed Core route approves an external provider path. Required decision fields: - `decision_status`: `external_provider_approved`. - `provider_class`: `external_anthropic`. - `provider`: exact provider string. - `model`: exact model string. - `approval_source`: JP approval reference or governed Core route reference. - `credential_source_class`: credential class only; no secret value. - `allowed_network_class`: approved outbound network class. - `review_trigger`: expiry, date, or condition that forces review. - `evidence_sources`: existing admission/build evidence references. - `effect`: `CTO-WORK-020 remains blocked until admitted provider/model and real Stage 2 pass report exist`. Consequences: - `CTO-WORK-022` stays blocked. - Hermes may attempt real Case Stage 2 only after admission JSON exists and matches `CTO_HARNESS_CASE_MODEL_PROVIDER` and `CTO_HARNESS_CASE_MODEL`. - Any fallback to `anthropic` or `claude-sonnet-4-6` without matching admission blocks before `case_process_started`. ### Branch B - Local Provider Required Use only if external provider use is not approved. Required decision fields: - `decision_status`: `local_provider_required`. - `provider_class`: `local_case_compatible`. - `provider`: empty until a local provider is supplied and admitted. - `model`: empty until a local model is supplied and admitted. - `approval_source`: JP approval reference or governed Core route reference. - `credential_source_class`: local credential or no-secret class only. - `allowed_network_class`: local-only or explicitly bounded network class. - `review_trigger`: expiry, date, or condition that forces review. - `evidence_sources`: references to existing admission/local-provider-route evidence. - `effect`: `CTO-WORK-020 remains blocked until local provider/model admission and real Stage 2 pass report exist`. Consequences: - `CTO-WORK-022` becomes the next implementation candidate. - No external fallback to `anthropic` or `claude-sonnet-4-6` is allowed. - Missing local adapter config blocks before `case_process_started`. - Admission JSON mismatch blocks before `case_process_started`. ## Acceptance Criteria - Packet states `not_decided` is current safe state. - Packet lists only `external_provider_approved` and `local_provider_required` as active branches. - Packet says it does not approve or admit any provider/model. - Packet says it is not Stage 2 pass evidence. - Packet requires a structured decision record using only `not_decided`, `external_provider_approved`, or `local_provider_required`. - Packet references existing evidence paths and commits instead of copying runtime evidence. - Packet keeps `CTO-WORK-020` as the provider/model admission authority. - Packet keeps `CTO_HARNESS_CASE_MODEL_ADMISSION_FILE` as the execution admission gate. - Packet requires exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations before admission. - Packet requires no secrets in SOT, task file, argv, report, trace, backend logs, generated config, or commits. - Packet states `CTO-WORK-022` stays blocked unless `decision_status=local_provider_required`. - Packet states real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist. - Packet states no Target Repository path may be inspected or copied. ## Validation - `python3 tools/validate_cto_child.py` validates this child-local route. - Future branch execution must use existing Hermes focused validators for provider admission and local-provider adapter gates. - Future real Case validation must use the Harness Evidence Interface, same-run fake baseline comparison, and copied artificial fixture Stage 2 only. ## Risks And Dependencies - JP approval or governed Core approval remains required for external provider use. - Local provider use may require a separate Case-compatible endpoint or adapter implementation. - A decision packet can reduce ambiguity but cannot supply credentials, provider availability, or model quality. - The WorkOS Case default provider behavior may change; actual run evidence remains authoritative. ## Success Definition The `CTO-WORK-020` human-only blocker is represented as one precise decision packet: no provider/model is approved, no execution is authorized, and the next valid implementation path is unambiguous once JP chooses external provider approval or local provider requirement.