---
name: cto-case-stage5-owned-noncritical-repo-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-CASE-STAGE5-OWNED-NONCRITICAL-REPO-PRD.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for Stage 5 Case owned noncritical repository proof.
---

# CTO Case Stage 5 Owned Noncritical Repository Issues

Local planning SOT only. Not a Core Protocol. Not active Core authority.

## Issue Sequence

### CTO-WORK-037 - Stage 5 Owned Noncritical Repo PRD

Type: AFK

Status: validated.

Blocked by: CTO-WORK-036

User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.

What to build: Define the Stage 5 owned noncritical repository proof before implementation starts.

Acceptance criteria:

- [x] PRD states Stage 5 allowed mutation scope is `explicitly owned low-risk repository only`.
- [x] PRD requires Stage 4 validation before Stage 5.
- [x] PRD requires `CTO_HARNESS_ALLOW_CASE=1` and `CTO_HARNESS_CASE_STAGE=5`.
- [x] PRD requires Target Repository ownership proof and noncritical classification.
- [x] PRD requires approval requested/granted/denied events before mutation.
- [x] PRD requires allowed paths and forbidden actions before mutation.
- [x] PRD separates operator acceptance or rejection from test pass.
- [x] PRD forbids push, merge, deploy, close, PR open, issue close, public publication, critical repository mutation, unowned repository mutation, Case source mutation, vendor source mutation, Hermes WebUI mutation, and Cortex Core mutation.
- [x] PRD requires full Harness Evidence Interface artifacts.
- [x] PRD requires approval-denied, unowned-repository, critical-repository, disallowed-file, dirty-starting-tree, dirty-ending-tree, failed-tests, timeout, provider-unavailable, and missing-operator-outcome failure fixtures.
- [x] Local CTO validator checks Stage 5 PRD and issue artifact.

Allowed files: CTO child workspace planning docs and local validator only.

Validator: `python3 tools/validate_cto_child.py`

Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.

### CTO-WORK-038 - Stage 5 Harness Owned Noncritical Repo Route

Type: HITL

Status: blocked.

Blocked by: CTO-WORK-037 and explicit JP selection or approval of an owned low-risk noncritical Target Repository.

User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13.

What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, implement the Stage 5 owned noncritical repository route behind the existing `case` engine seam.

Acceptance criteria:

- [ ] `case` remains disabled by default.
- [ ] `CTO_HARNESS_ALLOW_CASE=1` remains required.
- [ ] `CTO_HARNESS_CASE_STAGE=5` is required before owned noncritical repository execution.
- [ ] Missing Stage 5 gate emits blocked evidence and does not run Case.
- [ ] Target Repository admission proof records owner, path, noncritical classification, allowed paths, forbidden actions, and approval source.
- [ ] Unowned or critical repository admission blocks before mutation.
- [ ] Approval denied blocks before mutation.
- [ ] Approval granted is recorded before mutation.
- [ ] Case mutates only allowed paths inside the admitted Target Repository.
- [ ] No push, merge, deploy, close, PR open, issue close, or public publication occurs by default.
- [ ] Operator acceptance or rejection is recorded after verification.
- [ ] Required artifacts include Target Repository admission proof, approval proof, allowed-path proof, forbidden-action proof, operator outcome, `report.json`, `report.md`, `events.normalized.jsonl`, `trace.jsonl`, `patch.diff`, `test.log`, backend logs, artifact digests, and freshness proof.
- [ ] Failure fixtures fail closed for approval denied, unowned repository, critical repository, disallowed file, dirty starting tree, dirty ending tree, failed tests, timeout, provider unavailable, and missing operator outcome.
- [ ] Fake remains the default validation lane and broad health remains green after focused Stage 5 validation.

Allowed files: Hermes CTO harness engine, owned noncritical repo fixture admission records, focused Stage 5 validator, harness docs, and tests. WebUI, Core, Case source, vendor source, unowned repositories, critical repositories, production repositories, and external developer repositories are forbidden.

Validator: `python3 harness/runner/validate-case-stage5.py --harness-root harness --json`, then `harness/evals/health.sh --json`.

Done evidence: Stage 5 pass report, failure fixture reports, Target Repository admission proof, approval proof, allowed-path proof, forbidden-action proof, operator outcome, artifact digests, clean worktree, commit.

## Granularity Check

This is intentionally two slices: one planning route and one executable harness route. Stage 5 is not over-granular because it is the first proof involving an admitted owned repository and must separate repository ownership, approval, allowed paths, verification, and operator outcome before default candidacy.