Incomex AI Portal
KB-51B6

Read-Only Codex Review Packet — R2-B2 Evidence Macro (2026-06-18)

8 min read Revision 1
laws-newR2-B2codex-review-packetread-only-evidenceadversarialnon-authorizing2026-06-18

Read-Only Codex Review Packet — R2-B2 Evidence Macro

Date: 2026-06-18 · Workstream: LEGO-PILOT-SLICE-0-R2-B2-READONLY-EVIDENCE-OWNER-PATH-MACRO-2026-06-18 (Deliverable 27 of 30) · Editorial revision: rev1 Class: Codex review preparation / adversarial control · READ-ONLY · NON-ENACTING · NON-AUTHORIZING · NO verdict for Codex · NO write performed.

Metadata convention. Editorial revision (rev1) only. AgentData storage revision/content_length authoritative at read time; not pinned here.

Review-packet lock. This packet prepares the adversarial Codex review of the 30-file evidence macro — the checks, drift audits, and the fresh-evidence-specific checks (read-only safety; fresh-vs-inherited labeling; no gate closed as Owner-authorized). It performs no verdict and authorizes nothing.

0. Status and non-authorization

STATUS: PASS — engineering / design-only. A complete Codex review-prep packet for this macro. Engineering PASS ≠ authority PASS. Default disposition: HOLD. No verdict; no DB write/DDL/DML; no TD; no blocker resolved.

Evidence basis — design synthesis. Reading discipline: main process, no reader-agents.

1. Purpose

Tell the next Codex adversarial review what to check for this read-only evidence macro (distinct from the prior design-only bundles: this one ran live read-only queries). §5 is the check-set.

2. Sources / evidence read

Deliverables 1–26 + 28–29; prior Codex reviews (their audit structure + caveats). Read directly, main process.

3. The 30 deliverables under review

4 evidence/path (1–4), 5 birth-lane evidence (5–9), 6 channel evidence (10–15), 5 source/evidence/rollback/staging (16–20), 5 bad-input/R1/blocker/waiver/next-macro (21–25), 5 decision/review (26–30). 29 consolidation + 1 report.

4. Adversarial method Codex should apply

  1. Re-ground every claim against the live substrate. Re-run the read-only checks (or spot-check): birth_registry counts; inspect_* columns; trg_birth_auto_certify; pg_proc naming inspect_*; pg_extension; pg_settings app.%; wf_host_crontab_snapshot; universal_edges; dot_config switches; dot_agent_api_contract. Confirm the figures match the FQ ledger (Deliverable 1).
  2. Verify read-only safety. Confirm only SELECT/catalog reads + list_docker were used; query_pg is AST-validated READ ONLY (no write possible); no DDL/DML/mutation anywhere.
  3. Audit fresh-vs-inherited labeling. Every evidence claim must carry a label; FRESH must trace to an FQ; INHERITED must be marked (not passed off as fresh).
  4. Apply the no-closure test. Confirm no gate is marked Owner-closed and no blocker resolved — read-only verification is engineering, not authorization.
  5. Apply the drift tests (below).
  6. Distinguish engineering PASS from authority PASS in every §0.

5. What Codex must check

5.1 Metadata / source-read / tool-lock

Audit Verify
Files / metadata exactly 30 files at the exact KB paths (29 consolidation + 1 report); editorial rev1; no volatile storage rev/length pinned in bodies; no 31st file / schema / corpus / code file
Source-read / no-parallel-agent all 37 KB sources + 20 runtime checks first-hand, main process, bounded/sequential; no parallel/background reader-agents, no sub-agents; oversized batches decoded locally by the main process (/tmp decode-scratch only)
Tool / packet lock v0.1-stable / FIX7 V3 not overwritten; v0.2-hardening not authority

5.2 Fresh-evidence-specific checks

Audit Verify
Read-only safety every runtime call is SELECT/catalog/list_docker; no UPDATE/INSERT/DELETE/CREATE/ALTER/DROP; no restart/job/cron/trigger execution; no contract promotion; no owner assignment
Figures the FQ ledger matches the live substrate (1,211,635 uncert / 1,402 cert; 0 uncert-with-stamp; 2199/0-prov edges; no pg_cron; app.%=0; switches OFF; agent-api 0 birth-bound)
Labels FRESH vs INHERITED applied to every claim; no unlabeled evidence
No closure no gate Owner-closed; no blocker resolved; aggregate B2 TD still NO-GO

5.3 Drift audits (Codex must find none triggered)

Drift Verify did NOT occur
ACTUAL_TD_DRIFT no schema/DDL/function/SQL-mutate/scheduler/runner/command-sequence/rollback-script anywhere
CHANNEL_AUTHORITY_DRIFT no channel selected/used/wired/promoted; recommendation-only wording only
STAGING_SCHEMA_OR_CORPUS_DRIFT no staging schema/table/corpus/SQL/extraction
B5_B7_SCOPE_CREEP B5/B7 referenced as dependencies only, never opened
R1_SCOPE_CREEP R1/KG cross-check only; no KG work opened
MEGA_BIRTH / B2_OVERREACH B2 stays inspect-only; no mega-pipeline; no certify/canonical/identity/KG by B2
Owner-gate weakening every future write Owner-gated / forbidden now; no PASS authorizes a write
Runtime mutation confirm READ-ONLY: no write/DDL/DML/restart/job/trigger/contract/owner act

5.4 Primary questions Codex must answer

  1. Are the 30 files valid read-only evidence deliverables (no TD, no implementation, no mutation)?
  2. Did the macro stay LEGO (each deliverable a separate control surface)?
  3. Is every runtime call genuinely read-only (no mutation)?
  4. Is every evidence claim labeled FRESH vs INHERITED, and do the FRESH figures match the substrate?
  5. Is no gate closed as Owner-authorized and no blocker resolved (aggregate B2 TD still NO-GO)?
  6. Is the channel recommendation recommendation-only; no channel selected?
  7. Are B5/B7 dependency-only; is R1/KG cross-check only?
  8. Are all future writes Owner-gated; is engineering PASS distinguished from authority PASS?
  9. Is the tool/packet lock preserved (v0.1 not overwritten; v0.2 not authority)?
  10. Is the next-macro plan scaled to 25–30 separate deliverables without coupling?

Expected Codex disposition (recommendation-only, not a verdict): consistent with the chain, a likely PASS_WITH_CAVEATS — read-only altitude accepted, fresh evidence accepted as engineering-only, carried caveats (Đ0-G open; channel undecided; transient GUC OOB; aggregate NO-GO) remaining open. Codex decides independently.

6. Owner-gated future work

Future work Gate required Forbidden now?
Codex performs the review the next-step chain (GPT → Codex → Owner) Yes (Codex's step)
Owner chooses next path (Macro-2) Owner decision after review Yes

7. What remains unresolved

  • This packet prepares the review; Codex's verdict is independent.
  • Blockers — all OPEN.

8. Ready for GPT/Codex review

Yes — as the Codex review preparation packet (itself one of the 30 files Codex audits).

Core rule: Codex re-grounds the FQ ledger against the live substrate, verifies read-only safety + fresh/inherited labeling + no-closure, and finds no drift; this packet performs no verdict.

Default disposition: HOLD. Engineering PASS ≠ authority PASS. All blockers remain OPEN.

Back to Knowledge Hub knowledge/dev/laws-new/newlaws/consolidation/readonly-codex-review-packet-r2-b2-evidence-macro-2026-06-18.md