--- name: cto-case-stage4-disposable-sandbox-issues tier: local status: draft owner: jp source: .sot/03-PROTOCOLS/CTO-CASE-STAGE4-DISPOSABLE-SANDBOX-PRD.md created: 2026-06-01 last_reviewed: 2026-06-01 lifecycle_classification: planning core_promotion_status: not-promoted description: Child-local issue sequence for Stage 4 Case disposable sandbox repository proof. --- # CTO Case Stage 4 Disposable Sandbox Issues Local planning SOT only. Not a Core Protocol. Not active Core authority. ## Issue Sequence ### CTO-WORK-035 - Stage 4 Disposable Sandbox PRD Type: AFK Status: validated. Blocked by: CTO-WORK-034 User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13. What to build: Define the Stage 4 disposable sandbox repository proof before implementation starts. Acceptance criteria: - [ ] PRD states Stage 4 allowed mutation scope is `disposable repository only`. - [ ] PRD requires Stage 3 validation before Stage 4. - [ ] PRD requires `CTO_HARNESS_ALLOW_CASE=1` and `CTO_HARNESS_CASE_STAGE=4`. - [ ] PRD requires approval requested/granted/denied events. - [ ] PRD requires branch policy proof. - [ ] PRD forbids push, merge, deploy, close, PR open, public publication, Target Repository mutation, source repository mutation, Case source mutation, vendor source mutation, Hermes WebUI mutation, and Cortex Core mutation. - [ ] PRD requires full Harness Evidence Interface artifacts. - [ ] PRD requires approval-denied, reviewer-reject, timeout, provider-unavailable, dirty-ending-tree, and disallowed-file failure fixtures. - [ ] Local CTO validator checks Stage 4 PRD and issue artifact. Allowed files: CTO child workspace planning docs and local validator only. Validator: `python3 tools/validate_cto_child.py` Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit. ### CTO-WORK-036 - Stage 4 Harness Disposable Sandbox Route Type: AFK Status: blocked. Blocked by: CTO-WORK-035 User stories covered: CTO Case Candidate Backend PRD stories 4, 5, 7, 8, 9, 10, 11, 13. What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, implement the Stage 4 disposable sandbox repository route behind the existing `case` engine seam. Acceptance criteria: - [ ] `case` remains disabled by default. - [ ] `CTO_HARNESS_ALLOW_CASE=1` remains required. - [ ] `CTO_HARNESS_CASE_STAGE=4` is required before disposable sandbox Case execution. - [ ] Missing Stage 4 gate emits blocked evidence and does not run Case. - [ ] Approval denied blocks before mutation. - [ ] Approval granted is recorded before mutation. - [ ] Branch policy proof is recorded. - [ ] Case mutates only the disposable repository. - [ ] No Target Repository path is inspected or copied. - [ ] No push, merge, deploy, close, PR open, or public publication occurs by default. - [ ] Required artifacts include approval proof, branch proof, sandbox disposal or retention note, `report.json`, `report.md`, `events.normalized.jsonl`, `trace.jsonl`, `patch.diff`, `test.log`, and backend logs. - [ ] Failure fixtures fail closed for approval denied, reviewer reject, timeout, provider unavailable, dirty ending tree, and disallowed file. - [ ] Fake remains the default validation lane and broad health remains green after focused Stage 4 validation. Allowed files: Hermes CTO harness engine, disposable sandbox fixtures, focused Stage 4 validator, harness docs, and tests. WebUI, Core, Case source, vendor source, source repository, Target Repository, owned noncritical repositories, production repositories, and external developer repositories are forbidden. Validator: `python3 harness/runner/validate-case-stage4.py --harness-root harness --json`, then `harness/evals/health.sh --json`. Done evidence: Stage 4 pass report, failure fixture reports, approval proof, branch proof, sandbox disposal or retention note, artifact digests, clean worktree, commit. ## Granularity Check This is intentionally two slices: one planning route and one executable harness route. Stage 4 adds approval and disposable repository policy, which are distinct from Stage 3 copied-repo non-mutation proof.