Macro-9B0 — DOT Gap Register + Manual-Block Hardening Plan — Execution Report
Macro-9B0 — DOT Gap Register + Manual-Block Hardening Plan — Execution Report
Mission: R2-B2-MACRO-9B0-DOT-GAP-REGISTER-AND-MANUAL-BLOCK-PLAN-2026-06-19
Type: KB-document-only update to the DOT/Collections operations manuals. This task happens before Macro-9B design/hardening. It records what is missing and what must be blocked — it builds nothing.
Authority basis: Codex re-review knowledge/dev/laws-new/reports/codex/codex-rereview-dot-manage-and-collections-manage-handbook-precision-patch-2026-06-19.md = PASS_WITH_CAVEATS (all three prior HOLD defects closed; Macro-9A NO-GO; Macro-9B = separate Owner-authorized mission).
Evidence date: 2026-06-19. Zero substrate calls of any kind (no query_pg, no Directus, no Docker). Only mutations = the KB-document patches/upload listed below.
Method: read the two handbooks + both READMEs + the Codex re-review + the Macro-9A2 report from the AgentData KB; applied targeted anchored patch_document edits only (each anchor verified unique before patching); read every patched file back from the KB and verified the new sections appear exactly once with the prior structure intact.
STATUS
PASS_WITH_CAVEATS — both handbooks now carry an explicit "missing DOT / guard register" (DOT §18) and "missing collection/schema capability" section (Collections §19), plus the 10 manual-block hardening principles recorded as required conditions for Macro-9B. All additions are documentation-only checklists; nothing is designed, created, wired, or run. Macro-9A remains NO-GO; Macro-9B remains a separate Owner-authorized mission, not launched.
- Caveat C-1: this register is a checklist of what is missing. The proposed DOT/guard names, modes, and column values are requirements for Macro-9B, not implemented behaviour and not proof any DOT exists.
- Caveat C-2: the underlying handbook caveats (read-denied
cutter_governance/sandbox_tac, inferred Read/Write classifications, planner-estimate counts, single evidence date) are unchanged and still disclosed.
Engineering PASS ≠ Owner authority PASS. Default = HOLD.
PATCHED FILES
| File | Rev before | Rev after | content_length after |
|---|---|---|---|
knowledge/dev/laws-new/newlaws/dot-manage/dot-usage-handbook.md |
7 | 9 | 113445 |
knowledge/dev/laws-new/newlaws/collections-manage/collections-usage-handbook.md |
9 | 11 | 94267 |
knowledge/dev/laws-new/newlaws/reports/macro9b0-dot-gap-register-and-manual-block-plan-report-2026-06-19.md |
— | 1 | (this file) |
Each handbook took two anchored patches: DOT = §16 update-log row (rev7→8) + §18 insertion with end-line update (rev8→9); Collections = §18 update-log row (rev9→10) + §19 insertion with end-line update (rev10→11). DOT body-rev label bumped to rev3; Collections body-rev label bumped to body-rev2. The legacy DOT pointer
operations/dot-usage-handbook.mdwas not touched (deprecated pointer, out of scope).
WHAT WAS ADDED
DOT handbook — new §18 "Missing DOT / Guard Register for Macro-9B"
A 9-column table (STT | Proposed DOT / guard | Type | Needed for | Must do | Must reject | Modes | Status | Notes) with the five required entries, a DOT-capability-gap conclusion, and a ### Manual-block hardening principles subsection (10 numbered principles). Placed after §17 (future dot_operator_catalog), before the end line. §15 NO-GO verdict and §17 future-catalog status are unchanged.
Collections handbook — new §19 "Missing collection/schema capability for Macro-9B"
States that no existing collection/table/schema may be reused for the R2-B2 disposable workbench (public candidate/draft = prod-public, not disposable; iu_core = IU content staging, not Postgres DDL staging; sandbox_tac = persistent, read-denied, owner-unknown, not run-scoped); therefore the missing capability is a DOT-created run-scoped schema, not a collection to reuse. Restates the future collection_operator_catalog as candidate-on-paper only. Placed after §18 (Update log), before the end line. §16 LEGO verdict and §17 future-catalog status unchanged.
MISSING DOT / GUARD REGISTER
| Proposed DOT / guard | Status | Required before |
|---|---|---|
DOT_R2_B2_STAGING_SCHEMA_SHELL (primary DOT) |
MISSING / REQUIRED BEFORE MACRO-9A | Macro-9A |
DOT_SCHEMA_WRITE_ALLOWLIST_GUARD (guard) |
MISSING / HARDENING REQUIRED | Macro-9A |
DOT_SCHEMA_WRITE_AUDIT_PROOF (audit/proof) |
MISSING / HARDENING REQUIRED | Macro-9A |
DOT_PRODUCTION_UNTOUCHED_VERIFY (verifier) |
MISSING / REQUIRED | Macro-9A |
DOT_STAGING_SCHEMA_DELETE_FAST (teardown component/mode) |
MISSING / REQUIRED | Macro-9A |
Capability conclusion (recorded in DOT §18): current DOTs are sufficient for observation / verification / prod-public ensure patterns; current DOTs are not sufficient for a run-scoped disposable staging schema; Macro-9B must author/harden the missing DOT path before Macro-9A. Until then schema-shell build = NO-GO.
MANUAL-BLOCK HARDENING
All ten principles are recorded in DOT §18 as required conditions for Macro-9B (not implemented in this macro).
| Principle | Recorded? |
|---|---|
| 1. Default agent/runtime roles read-only for Directus/Postgres/schema | yes |
| 2. No generic agent role may hold CREATE/ALTER/DROP on production schemas | yes |
| 3. No generic Directus API path may create/update/delete collections for schema/table work | yes |
| 4. Write-enabled access isolated to the authorized DOT executor role only | yes |
| 5. Authorized DOT must carry dot_code, run_id, mode, owner_authorization_ref | yes |
6. Target schema must match allowlist r2_b2_wb_* only |
yes |
| 7. Target schema must not be public/iu_core/cutter_governance/sandbox_tac or any prod/shared schema | yes |
| 8. All DDL/DML must be audit-logged | yes |
| 9. Any drift aborts before write or rolls back | yes |
| 10. Teardown/drop must also be DOT-only and allowlist-guarded | yes |
NON-AUTHORIZATION
| Action | Result |
|---|---|
| DB write | none |
| DDL / DML | none |
| DOT execution | none |
| Directus mutation | none |
| Schema / table / collection creation | none |
| Runtime config flip | none |
Owner row (governance_object_ownership) |
none |
| KG write / birth / certify / promote / backlog / bad-input / B2 logic / actual B2 TD | none |
dot_operator_catalog / collection_operator_catalog creation |
none (remain candidate-on-paper) |
| Macro-9A build | still NO-GO |
| Macro-9B launch | not launched (separate Owner-authorized mission) |
| Substrate calls made | zero (no query_pg, no Directus, no Docker) |
| KB mutations made | 4 anchored handbook patches + this report (KB-document-only) |
SELF-CHECK
| Check | Result |
|---|---|
| SC1 dot-manage handbook contains Missing DOT / Guard Register | ✅ §18 present (verified read-back, occurs once) |
| SC2 collections-manage handbook contains Missing collection/schema capability section | ✅ §19 present (verified read-back, occurs once) |
| SC3 Required proposed DOTs/guards listed | ✅ all 5 present in §18 table |
| SC4 Manual-block principles listed | ✅ all 10 present (numbered 1–10) |
| SC5 No manual SQL/psql path authorized | ✅ §3 prohibition unchanged; §18 reaffirms forbidden |
| SC6 No Directus generic create path authorized | ✅ unchanged; §18/§19 reaffirm forbidden |
| SC7 Macro-9A remains NO-GO | ✅ §15 / §16 verdicts unchanged |
| SC8 Macro-9B remains a future separate Owner-authorized mission | ✅ stated in §18 and this report |
| SC9 No runtime mutation | ✅ zero substrate calls |
| SC10 Report read back | ✅ this file re-fetched after upload |
| SC11 Patched docs read back, structure intact | ✅ DOT §0–§18 / COL §0–§19, headers unique, prior sections intact |
READY FOR MACRO-9B DESIGN PROMPT
yes — the missing DOT/guard register and the manual-block hardening conditions are now recorded in the canonical handbooks as a checklist. Macro-9B (author/harden the run-scoped staging-schema DOT path) may be designed under a separate Owner-authorized prompt. This macro launches nothing.
End of Macro-9B0 execution report. STATUS PASS_WITH_CAVEATS. Engineering PASS ≠ Owner authority PASS. Default HOLD.