--- name: cto-case-stage1-gated-engine-issues tier: local status: draft owner: jp source: .sot/03-PROTOCOLS/CTO-CASE-STAGE1-GATED-ENGINE-PRD.md created: 2026-05-31 last_reviewed: 2026-05-31 lifecycle_classification: planning core_promotion_status: not-promoted description: Child-local issue sequence for Stage 1 gated Case engine proof. --- # CTO Case Stage 1 Gated Engine Issues Local planning SOT only. Not a Core Protocol. Not active Core authority. ## Issue Sequence ### CTO-WORK-009 - Stage 1 Gated Case Engine PRD Type: AFK Blocked by: CTO-WORK-008 User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 9, 11. What to build: Define the Stage 1 gated Case engine proof as a child-local PRD and issue sequence before implementation starts. Acceptance criteria: - [ ] PRD states Stage 1 allowed mutation scope is `none`. - [ ] PRD states Case is not executed. - [ ] PRD requires blocked default-deny behavior. - [ ] PRD requires evidence artifacts and no source mutation proof. - [ ] PRD names `backend.gate.blocked` and `CTO_HARNESS_ALLOW_CASE=1`. - [ ] Local CTO validator checks the PRD and issue artifact. Allowed files: CTO child workspace planning docs and local validator only. Validator: `python3 tools/validate_cto_child.py` Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit. ### CTO-WORK-010 - Stage 1 Harness Implementation Route Type: AFK Blocked by: CTO-WORK-009 User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 9, 11. What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, implement a no-op gated `case` backend that proves default-deny behavior, evidence emission, and no source mutation. Acceptance criteria: - [ ] `case` backend is registered but disabled by default. - [ ] `harness.yaml` uses `gated_by_env: CTO_HARNESS_ALLOW_CASE`. - [ ] Usage text, argument validation, `harness.yaml`, and engine dispatch all recognize `case`. - [ ] `--engine case` is rejected unless `CTO_HARNESS_ALLOW_CASE=1`. - [ ] Missing gate produces blocked status. - [ ] Missing gate emits `backend.gate.blocked` with `backend`, `gate`, `reason`, `mutation_mode`, and `case_executed: false`. - [ ] Required Stage 1 artifacts are produced, including `report.md` and `backend/case-gate.log`. - [ ] Fake remains default validation lane. - [ ] No Case process runs. - [ ] `report.json` records `source_admission_status: not_admitted` and `case_process_started: false`. - [ ] No files under harness source checkout, target repo, Case source, vendor source, or Cortex Core are changed during execution. - [ ] Gate runs before case workspace copy, `git init`, runner invocation, target repository inspection, or Case process start. - [ ] Focused validator runs command-level checks for default fake, blocked `--engine case` without env, and enabled no-op Stage 1 behavior. Allowed files: `harness.yaml`, `harness/evals/run-case.sh`, focused Stage 1 validator, docs, and tests under the routed Hermes CTO harness. WebUI, Core, Case source, vendor source, and target repositories are forbidden. Validator: focused Stage 1 harness validator, plus local harness validation. Done evidence: Stage 1 report JSON, normalized events, artifact digests, no-mutation proof, clean worktree, commit. ## Granularity Check This is intentionally two slices: one governed planning route, one future executable harness implementation. Combining them would skip the PRD-to-issue control loop.