cto/.sot/03-PROTOCOLS/CTO-HERMES-REAL-REFRESH-CONTROL-REPLAY-ISSUES.md

---
name: cto-hermes-real-refresh-control-replay-issues
tier: local
status: draft
owner: jp
source: .sot/03-PROTOCOLS/CTO-HERMES-REAL-REFRESH-CONTROL-REPLAY-PRD.md
created: 2026-06-01
last_reviewed: 2026-06-01
lifecycle_classification: planning
core_promotion_status: not-promoted
description: Child-local issue sequence for exposing Stage 6 real-governed refresh evidence through Hermes CTO control replay.
---

# CTO Hermes Real Refresh Control Replay Issues

Local planning SOT only. Not a Core Protocol. Not active Core authority.

## Issue Sequence

### CTO-WORK-056 - Hermes Real Refresh Control Replay PRD

Type: AFK

Status: validated.

Blocked by: CTO-WORK-055

What to build: Define the planning route for exposing Stage 6 real-governed refresh evidence through the Hermes CTO Harness control summary and replay path.

Acceptance criteria:

- [x] PRD states Hermes displays and replays evidence but does not govern.
- [x] PRD requires Harness Evidence Interface artifacts as the source of truth.
- [x] PRD requires Stage 6 real-governed refresh status in the summary.
- [x] PRD requires refresh comparison artifact path in the summary.
- [x] PRD requires real Stage 5 pass report and Stage 5 proof paths in the summary.
- [x] PRD requires read-only target repository proof status in the summary.
- [x] PRD separates candidate-default refresh eligibility from runtime default activation.
- [x] PRD requires blocked Codex/Pi lane rationale from the refresh artifact.
- [x] PRD forbids target mutation, default activation, Core promotion, vendor-source mutation, external developer repository mutation, unowned repository mutation, and secret exposure.
- [x] Local CTO validator checks the PRD and issue artifact.

Allowed files: CTO child workspace planning docs and local validator only.

Validator: `python3 tools/validate_cto_child.py`

Done evidence: PRD, issue artifact, validator JSON, clean worktree, commit.

### CTO-WORK-057 - Hermes Control Summary Real Refresh Replay Route

Type: AFK

Status: candidate.

Blocked by: CTO-WORK-056

What to build: In `/home/svrnty/workspaces/hermes/cto/harness`, extend the Harness-backed WebUI summary path so Hermes can consume and replay Stage 6 real-governed refresh evidence.

Acceptance criteria:

- [ ] Summary exposes `case_stage6_real_governed_refresh` status.
- [ ] Summary exposes `stage6_real_governed_refresh_comparison_path`.
- [ ] Summary exposes real Stage 5 pass report and Stage 5 proof replay paths.
- [ ] Summary exposes read-only target repository proof status.
- [ ] Summary exposes candidate-default refresh eligibility separately from `runtime_default_activation`.
- [ ] Summary exposes Codex/Pi blocked-lane rationale from the refresh artifact.
- [ ] Summary exposes next operator action after real-refresh validation.
- [ ] Summary does not expose secrets, endpoints, credential values, or raw Target Repository content.
- [ ] Summary does not mutate Target Repositories, vendor source, external developer repositories, unowned repositories, or Cortex Core.
- [ ] Focused summary validator passes before aggregate Harness validation.
- [ ] Aggregate Harness validation runs once after focused validation passes and once after merge.

Allowed files: Hermes CTO harness summary command, summary validator, summary contract/docs, and command index. WebUI Runtime code, Core, Case source, vendor source, Target Repositories, and external developer repositories are forbidden.

Validator: `python3 harness/runner/validate-webui-summary.py --json`, then `./harness/evals/health.sh --json`.

Done evidence: Hermes sandcastle commit, focused summary validator output, summary JSON path, aggregate Harness health output, clean merge, and CTO evidence update.

## Granularity Check

This is intentionally two slices: one child-local planning route and one Hermes Harness implementation route. It avoids overbuilding a WebUI panel while adding the exact replay surface needed after `CTO-WORK-055`.