---
name: cto-hermes-control-surface-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-HERMES-CONTROL-SURFACE-PRD.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for Hermes-visible CTO Harness control summary.
---

# CTO Hermes Control Surface Issues

Local planning SOT only. Not a Core Protocol. Not active Core authority.

## Issue Sequence

### CTO-WORK-044 - Hermes Control Surface PRD

Type: AFK

Status: validated.

Blocked by: CTO-WORK-043

User stories covered: CTO Hermes Control Surface PRD stories 1, 2, 3, 4, 5.

What to build: Define the Hermes-facing CTO Harness control summary before implementation starts.

Acceptance criteria:

- [x] PRD states Hermes controls visibility, approval, and replay but does not govern.
- [x] PRD requires the surface to be backed by Harness Evidence Interface artifacts.
- [x] PRD requires proof ladder status through Stage 6.
- [x] PRD separates candidate-default eligibility from runtime default activation.
- [x] PRD requires replay paths for matrix and Stage 6 comparison evidence.
- [x] PRD requires blocked comparison lanes to include rationale.
- [x] PRD forbids secrets, endpoints, credentials, Target Repository mutation, vendor-source mutation, external developer repository mutation, and Core mutation.
- [x] Local CTO validator checks the PRD and issue artifact.

Allowed files: CTO child workspace planning docs and local validator only.

Validator: `python3 tools/validate_cto_child.py`

Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.

### CTO-WORK-045 - Harness-Backed Hermes Control Summary

Type: AFK

Status: candidate.

Blocked by: CTO-WORK-044

User stories covered: CTO Hermes Control Surface PRD stories 1, 2, 3, 4, 5.

What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, extend the WebUI summary path so Hermes can consume a compact CTO Harness control summary backed by validated evidence.

Acceptance criteria:

- [ ] Summary command remains Harness-backed and deterministic.
- [ ] Summary exposes proof ladder status through Stage 6.
- [ ] Summary exposes Stage 6 candidate-default eligibility.
- [ ] Summary exposes runtime default activation as `false` unless a later governed route changes it.
- [ ] Summary exposes matrix report and Stage 6 comparison report paths.
- [ ] Summary exposes blocked Codex/Pi lane rationale when not applicable.
- [ ] Summary exposes next recommended operator action.
- [ ] Summary does not expose secrets, endpoints, credential values, or raw Target Repository content.
- [ ] Summary does not mutate Target Repositories, vendor source, external developer repositories, or Cortex Core.
- [ ] Focused summary validator passes and aggregate Harness health remains green.

Allowed files: Hermes CTO harness summary command, summary validator, summary contract/docs, and command index. WebUI Runtime code, Core, Case source, vendor source, Target Repositories, and external developer repositories are forbidden.

Validator: `python3 harness/runner/validate-webui-summary.py --json`, then `harness/evals/health.sh --json`.

Done evidence: summary JSON, focused validator JSON, aggregate health JSON, clean worktree, commit.

## Granularity Check

This is intentionally two slices: one planning route and one Harness-backed summary route. It avoids overbuilding a WebUI panel before the stable summary contract exists.