--- name: cto-hermes-real-refresh-control-replay-issues tier: local status: draft owner: jp source: .sot/03-PROTOCOLS/CTO-HERMES-REAL-REFRESH-CONTROL-REPLAY-PRD.md created: 2026-06-01 last_reviewed: 2026-06-01 lifecycle_classification: planning core_promotion_status: not-promoted description: Child-local issue sequence for exposing Stage 6 real-governed refresh evidence through Hermes CTO control replay. --- # CTO Hermes Real Refresh Control Replay Issues Local planning SOT only. Not a Core Protocol. Not active Core authority. ## Issue Sequence ### CTO-WORK-056 - Hermes Real Refresh Control Replay PRD Type: AFK Status: validated. Blocked by: CTO-WORK-055 What to build: Define the planning route for exposing Stage 6 real-governed refresh evidence through the Hermes CTO Harness control summary and replay path. Acceptance criteria: - [x] PRD states Hermes displays and replays evidence but does not govern. - [x] PRD requires Harness Evidence Interface artifacts as the source of truth. - [x] PRD requires Stage 6 real-governed refresh status in the summary. - [x] PRD requires refresh comparison artifact path in the summary. - [x] PRD requires real Stage 5 pass report and Stage 5 proof paths in the summary. - [x] PRD requires read-only target repository proof status in the summary. - [x] PRD separates candidate-default refresh eligibility from runtime default activation. - [x] PRD requires blocked Codex/Pi lane rationale from the refresh artifact. - [x] PRD forbids target mutation, default activation, Core promotion, vendor-source mutation, external developer repository mutation, unowned repository mutation, and secret exposure. - [x] Local CTO validator checks the PRD and issue artifact. Allowed files: CTO child workspace planning docs and local validator only. Validator: `python3 tools/validate_cto_child.py` Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit. ### CTO-WORK-057 - Hermes Control Summary Real Refresh Replay Route Type: AFK Status: candidate. Blocked by: CTO-WORK-056 What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, extend the Harness-backed WebUI summary path so Hermes can consume and replay Stage 6 real-governed refresh evidence. Acceptance criteria: - [ ] Summary exposes `case_stage6_real_governed_refresh` status. - [ ] Summary exposes `stage6_real_governed_refresh_comparison_path`. - [ ] Summary exposes real Stage 5 pass report and Stage 5 proof replay paths. - [ ] Summary exposes read-only target repository proof status. - [ ] Summary exposes candidate-default refresh eligibility separately from `runtime_default_activation`. - [ ] Summary exposes Codex/Pi blocked-lane rationale from the refresh artifact. - [ ] Summary exposes next operator action after real-refresh validation. - [ ] Summary does not expose secrets, endpoints, credential values, or raw Target Repository content. - [ ] Summary does not mutate Target Repositories, vendor source, external developer repositories, unowned repositories, or Cortex Core. - [ ] Focused summary validator passes before aggregate Harness validation. - [ ] Aggregate Harness validation runs once after focused validation passes and once after merge. Allowed files: Hermes CTO harness summary command, summary validator, summary contract/docs, and command index. WebUI Runtime code, Core, Case source, vendor source, Target Repositories, and external developer repositories are forbidden. Validator: `python3 harness/runner/validate-webui-summary.py --json`, then `./harness/evals/health.sh --json`. Done evidence: Hermes sandcastle commit, focused summary validator output, summary JSON path, aggregate Harness health output, clean merge, and CTO evidence update. ## Granularity Check This is intentionally two slices: one child-local planning route and one Hermes Harness implementation route. It avoids overbuilding a WebUI panel while adding the exact replay surface needed after `CTO-WORK-055`.