92 lines
4.3 KiB
Markdown
92 lines
4.3 KiB
Markdown
---
|
|
name: cto-hermes-control-surface-issues
|
|
tier: local
|
|
status: draft
|
|
owner: jp
|
|
source: .sot/03-PROTOCOLS/CTO-HERMES-CONTROL-SURFACE-PRD.md
|
|
created: 2026-06-01
|
|
last_reviewed: 2026-06-01
|
|
lifecycle_classification: planning
|
|
core_promotion_status: not-promoted
|
|
description: Child-local issue sequence for Hermes-visible CTO Harness control summary.
|
|
---
|
|
|
|
# CTO Hermes Control Surface Issues
|
|
|
|
Local planning SOT only. Not a Core Protocol. Not active Core authority.
|
|
|
|
## Issue Sequence
|
|
|
|
### CTO-WORK-044 - Hermes Control Surface PRD
|
|
|
|
Type: AFK
|
|
|
|
Status: validated.
|
|
|
|
Blocked by: CTO-WORK-043
|
|
|
|
User stories covered: CTO Hermes Control Surface PRD stories 1, 2, 3, 4, 5.
|
|
|
|
What to build: Define the Hermes-facing CTO Harness control summary before implementation starts.
|
|
|
|
Acceptance criteria:
|
|
|
|
- [x] PRD states Hermes controls visibility, approval, and replay but does not govern.
|
|
- [x] PRD requires the surface to be backed by Harness Evidence Interface artifacts.
|
|
- [x] PRD requires proof ladder status through Stage 6.
|
|
- [x] PRD separates candidate-default eligibility from runtime default activation.
|
|
- [x] PRD requires replay paths for matrix and Stage 6 comparison evidence.
|
|
- [x] PRD requires blocked comparison lanes to include rationale.
|
|
- [x] PRD forbids secrets, endpoints, credentials, Target Repository mutation, vendor-source mutation, external developer repository mutation, and Core mutation.
|
|
- [x] Local CTO validator checks the PRD and issue artifact.
|
|
|
|
Allowed files: CTO child workspace planning docs and local validator only.
|
|
|
|
Validator: `python3 tools/validate_cto_child.py`
|
|
|
|
Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.
|
|
|
|
### CTO-WORK-045 - Harness-Backed Hermes Control Summary
|
|
|
|
Type: AFK
|
|
|
|
Status: validated.
|
|
|
|
Blocked by: CTO-WORK-044
|
|
|
|
User stories covered: CTO Hermes Control Surface PRD stories 1, 2, 3, 4, 5.
|
|
|
|
What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, extend the WebUI summary path so Hermes can consume a compact CTO Harness control summary backed by validated evidence.
|
|
|
|
Acceptance criteria:
|
|
|
|
- [x] Summary command remains Harness-backed and deterministic.
|
|
- [x] Summary exposes proof ladder status through Stage 6.
|
|
- [x] Summary exposes Stage 6 candidate-default eligibility.
|
|
- [x] Summary exposes runtime default activation as `false` unless a later governed route changes it.
|
|
- [x] Summary exposes matrix report and Stage 6 comparison report paths.
|
|
- [x] Summary exposes blocked Codex/Pi lane rationale when not applicable.
|
|
- [x] Summary exposes next recommended operator action.
|
|
- [x] Summary does not expose secrets, endpoints, credential values, or raw Target Repository content.
|
|
- [x] Summary does not mutate Target Repositories, vendor source, external developer repositories, or Cortex Core.
|
|
- [x] Focused summary validator passes and aggregate Harness health remains green.
|
|
|
|
Allowed files: Hermes CTO harness summary command, summary validator, summary contract/docs, and command index. WebUI Runtime code, Core, Case source, vendor source, Target Repositories, and external developer repositories are forbidden.
|
|
|
|
Validator: `python3 harness/runner/validate-webui-summary.py --json`, then `harness/evals/health.sh --json`.
|
|
|
|
Done evidence:
|
|
|
|
- Hermes commit: `3cbd799 Add harness-backed Hermes control summary`
|
|
- Focused validator: `python3 harness/runner/validate-webui-summary.py --json`
|
|
- Focused summary JSON: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T102157Z-run-all-fake-92576/webui-summary.json`
|
|
- Focused matrix report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T102157Z-run-all-fake-92576/report.json`
|
|
- Focused Stage 6 comparison report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T102202Z-stage6-candidate-default-92871/stage6-candidate-default-comparison.json`
|
|
- Post-merge aggregate health command: `harness/evals/health.sh --json`
|
|
- Post-merge aggregate matrix report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T102236Z-run-all-fake-95146/report.json`
|
|
- Post-merge aggregate Stage 6 comparison report: `/home/svrnty/.hermes/profiles/cto-planb/harness-runs/20260601T102256Z-stage6-candidate-default-96653/stage6-candidate-default-comparison.json`
|
|
|
|
## Granularity Check
|
|
|
|
This is intentionally two slices: one planning route and one Harness-backed summary route. It avoids overbuilding a WebUI panel before the stable summary contract exists.
|