Merge pull request #98 from living-ip/codex/private-password-skill-20260713
Some checks are pending
CI / lint-and-test (push) Waiting to run
Some checks are pending
CI / lint-and-test (push) Waiting to run
Fail closed on unstamped Working Leo apply
This commit is contained in:
commit
5796ef3e25
2 changed files with 11 additions and 11 deletions
|
|
@ -6,15 +6,15 @@
|
|||
"auth_packet_ready": true,
|
||||
"authorization_text_matches_expected": false,
|
||||
"authorization_text_present": false,
|
||||
"deployed_sha_shape": true,
|
||||
"deployed_sha_shape": false,
|
||||
"operator_identity_present": false,
|
||||
"telegram_visible_post_not_authorized": true
|
||||
},
|
||||
"claim_ceiling": "This verifier only checks whether an authorization string is valid for the current deployed SHA. It does not run SQL, does not mutate production, and does not prove canonical rows were changed.",
|
||||
"deployed_sha": "a26892ab8195c404657d328b784c7886fef09e6f",
|
||||
"expected_authorization_text": "I authorize production DB apply for the integrated Working Leo packet set on VPS using deployed commit a26892ab8195c404657d328b784c7886fef09e6f in this order: mapped-rich-base, cross-surface-anchor, rio-strategy-context, governance-concept-schema, helmer-7powers. Run preflight immediately before each phase, run the authorized apply SQL, run every postflight, run the non-posting direct-claim regression and scorer, capture service and cleanup readbacks, validate the production receipt, and do not post Telegram-visible messages unless separately authorized.",
|
||||
"fresh_deployed_sha_required": false,
|
||||
"generated_at_utc": "2026-07-13T03:31:14.369906+00:00",
|
||||
"deployed_sha": "",
|
||||
"expected_authorization_text": "I authorize production DB apply for the integrated Working Leo packet set on VPS using deployed commit <DEPLOYED_SHA_READBACK> in this order: mapped-rich-base, cross-surface-anchor, rio-strategy-context, governance-concept-schema, helmer-7powers. Run preflight immediately before each phase, run the authorized apply SQL, run every postflight, run the non-posting direct-claim regression and scorer, capture service and cleanup readbacks, validate the production receipt, and do not post Telegram-visible messages unless separately authorized.",
|
||||
"fresh_deployed_sha_required": true,
|
||||
"generated_at_utc": "2026-07-13T03:34:29.515119+00:00",
|
||||
"mode": "authorization_verification_only",
|
||||
"next_action_if_verified": [
|
||||
"Re-run production preflight immediately before each packet phase.",
|
||||
|
|
@ -27,5 +27,5 @@
|
|||
"production_apply_executed": false,
|
||||
"provided_authorization_text_hashable_length": 0,
|
||||
"safe_to_enter_apply_window": false,
|
||||
"status": "missing_authorization_text"
|
||||
"status": "missing_fresh_deployed_sha"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
# Working Leo Production Apply Authorization Verification
|
||||
|
||||
Generated UTC: `2026-07-13T03:31:14.369906+00:00`
|
||||
Generated UTC: `2026-07-13T03:34:29.515119+00:00`
|
||||
Mode: `authorization_verification_only`
|
||||
Status: `missing_authorization_text`
|
||||
Status: `missing_fresh_deployed_sha`
|
||||
Safe to enter apply window: `False`
|
||||
Production apply executed: `False`
|
||||
Production apply authorization present: `False`
|
||||
Deployed SHA: `a26892ab8195c404657d328b784c7886fef09e6f`
|
||||
Deployed SHA: ``
|
||||
Operator identity: ``
|
||||
|
||||
## Checks
|
||||
|
|
@ -16,13 +16,13 @@ Operator identity: ``
|
|||
- `auth_packet_ready`: `True`
|
||||
- `authorization_text_matches_expected`: `False`
|
||||
- `authorization_text_present`: `False`
|
||||
- `deployed_sha_shape`: `True`
|
||||
- `deployed_sha_shape`: `False`
|
||||
- `operator_identity_present`: `False`
|
||||
- `telegram_visible_post_not_authorized`: `True`
|
||||
|
||||
## Expected Authorization Text
|
||||
|
||||
I authorize production DB apply for the integrated Working Leo packet set on VPS using deployed commit a26892ab8195c404657d328b784c7886fef09e6f in this order: mapped-rich-base, cross-surface-anchor, rio-strategy-context, governance-concept-schema, helmer-7powers. Run preflight immediately before each phase, run the authorized apply SQL, run every postflight, run the non-posting direct-claim regression and scorer, capture service and cleanup readbacks, validate the production receipt, and do not post Telegram-visible messages unless separately authorized.
|
||||
I authorize production DB apply for the integrated Working Leo packet set on VPS using deployed commit <DEPLOYED_SHA_READBACK> in this order: mapped-rich-base, cross-surface-anchor, rio-strategy-context, governance-concept-schema, helmer-7powers. Run preflight immediately before each phase, run the authorized apply SQL, run every postflight, run the non-posting direct-claim regression and scorer, capture service and cleanup readbacks, validate the production receipt, and do not post Telegram-visible messages unless separately authorized.
|
||||
|
||||
## Next Action If Verified
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue