hermes/cto

Svrnty d9edf8a715 Select Qwen local as CTO provider policy

2026-05-31 22:13:52 -04:00

title	status	lifecycle_classification	owner	created	last_reviewed	core_promotion_status	route
CTO Case Provider Decision Packet Issues	draft	sot	jp	2026-05-31	2026-05-31	not-promoted	cto

CTO Case Provider Decision Packet Issues

Local planning SOT only. Not a Core Protocol. Not active Core authority.

CTO-WORK-023 - Case Provider Decision Packet PRD

Status: validated.

Register the compact decision packet for resolving the CTO-WORK-020 provider policy blocker without approving a provider/model.

Acceptance:

States local_provider_required is current selected state.
Lists only external_provider_approved and local_provider_required as active branches.
Says it does not approve or admit any provider/model.
Says it is not Stage 2 pass evidence.
Requires a structured decision record using only not_decided, external_provider_approved, or local_provider_required.
References existing evidence paths and commits instead of copying runtime evidence.
Keeps CTO-WORK-020 as provider/model admission authority.
Keeps CTO_HARNESS_CASE_MODEL_ADMISSION_FILE as execution admission gate.
Requires exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations before admission.
Requires no secrets in SOT, task file, argv, report, trace, backend logs, generated config, or commits.
States CTO-WORK-022 stays blocked until explicit local provider config and real Case Stage 2 pass evidence exist.
States real Case Stage 2 remains blocked until admitted provider/model and Harness Evidence Interface pass report exist.
States no Target Repository path may be inspected or copied.

Status: validated.

JP or a governed Core route chooses one CTO-WORK-020 decision branch and records the required non-secret fields.

Acceptance:

Decision record selects exactly one branch: external_provider_approved or local_provider_required.
not_decided remains the safe default until a decision is recorded.
Decision record is structured and uses only not_decided, external_provider_approved, or local_provider_required.
Decision record references existing evidence paths and commits instead of copying runtime evidence.
If external_provider_approved, the record names exact provider/model, approval source, credential source class, allowed network class, review trigger, and evidence expectations.
If local_provider_required, the record sets provider class local_case_compatible and keeps exact provider/model empty until a local provider/model is supplied and admitted.
No secret value is written to SOT, task file, argv, report, trace, backend logs, generated config, or commit.
CTO-WORK-020 remains blocked until admitted provider/model and real Stage 2 pass report exist.
CTO-WORK-022 remains blocked until explicit local provider config and real Case Stage 2 pass evidence exist.
Real Case Stage 2 remains blocked unless CTO_HARNESS_CASE_MODEL_ADMISSION_FILE exists and matches CTO_HARNESS_CASE_MODEL_PROVIDER and CTO_HARNESS_CASE_MODEL.

Resolved by:

CTO-CASE-PROVIDER-DECISION-RECORD.md selecting local_provider_required.
Real Case Stage 2 remains blocked by CTO-WORK-020 admission JSON and Harness Evidence Interface proof.

Status: validated.

Record the initial fail-closed CTO-WORK-020 decision state as not_decided.

Acceptance:

Decision record has decision_status: not_decided.
Provider class, provider, model, approval source, credential source class, allowed network class, and review trigger remain empty while blocked.
Evidence sources reference existing admission and decision packet files only.
Record says not_decided means no provider/model may run.
Record says it is not provider/model admission, not Stage 2 pass evidence, and not approval for external or local provider use.
Record says CTO-WORK-024 remains blocked because this record does not select external_provider_approved or local_provider_required.
Record says only JP or a governed Core route may change it away from not_decided.
Record allows only external_provider_approved or local_provider_required as future non-not_decided values.
Record requires no secret value in SOT, task file, argv, report, trace, backend logs, generated config, or commit.
Record says no Target Repository path may be inspected or copied.
Record keeps CTO-WORK-020 as provider/model admission authority.
Record keeps CTO_HARNESS_CASE_MODEL_ADMISSION_FILE as execution admission gate.
Record keeps CTO-WORK-024 blocked while decision_status=not_decided.
Record keeps CTO-WORK-022 blocked unless decision_status=local_provider_required.
Record keeps real Case Stage 2 blocked until admitted provider/model and Harness Evidence Interface pass report exist.

Status: validated.

Record JP approval of the local Qwen primary provider decision branch for the current Hermes model stack.

Acceptance:

Decision record has decision_status: local_provider_required.
Decision record has provider_class: local_case_compatible.
Decision record has provider: qwen-local.
Decision record has model: qwen3.6-35b-a3b.
Decision record has fallback_provider: openai-codex.
Decision record has fallback_model: gpt-5.5.
Decision record has credential_source_class: pi-models-json-local-provider-no-secret-plus-codex-oauth-fallback; no secret value.
Decision record has allowed_network_class: local-tailscale-vllm-spark1-plus-codex-oauth-fallback.
Decision record references Hermes model policy and local Hermes config as evidence sources without copying secrets.
Record says it is not provider/model admission and is not Stage 2 pass evidence.
Record says CTO-WORK-024 is resolved by selecting local_provider_required.
Record keeps CTO-WORK-020 blocked until admission JSON and real Stage 2 pass evidence exist.
Record keeps CTO-WORK-022 blocked until explicit local provider config and real Case Stage 2 pass evidence exist.
Record requires fallback to openai-codex with gpt-5.5 to be explicit in admission evidence before it may count as a Case provider/model path.