Codex Review Packet — C1 Dry-Run Capability & Execution (2026-06-22)
Codex Review Packet — C1 Dry-Run Capability & Execution — 2026-06-22
Codex confirms evidence; Codex should NOT need to discover basic missing capability. LABELS: LOCAL_DISPOSABLE_SANDBOX_DOT_EMULATOR · NOT_GOVERNED_RUNTIME · NOT_PRODUCTION · NOT_DIRECTUS_GOVERNED_WRITE · NOT_A_SUBSTITUTE_FOR_DOT_C1_REGISTRATION
Verdict to confirm
C1_LOCAL_SANDBOX_DRYRUN_LOGIC_PROVEN_GOVERNED_DOT_RUNTIME_NOT_READY + governed sub-stop C1_DRYRUN_CAPABILITY_LOCKED_OPERATOR_ACTION_REQUIRED.
REGISTRATION_HOLD · CAN_PROCEED=NO · P2 CLOSED · 0 governed mutations.
A. LOCAL SANDBOX PROOF (confirm logic only)
| Claim | Evidence |
|---|---|
| sandbox isolated/disposable | PG14.17, /tmp/c1_sandbox_2026_06_22, port 55432, trust-local, destroyable (file 03) |
| C1 surface executable | 6 tables / 11 funcs / 7 sandbox DOT contracts / 4 registry rows, read back (file 04, 11) |
| manifest hash recomputable | c9286d3a…ec00; PG sha256 == external shasum -a 256 over 2123 cser bytes (file 06) |
| verifier rejects bad auth | 11 reject codes; 9 grant fixtures; single-use CAS (file 07) |
| preflight READY (sandbox) | 7/7 checks (file 08) |
| dry-run executed, no state | before=after=0; seal WITHHELD_DRY_RUN (file 08) |
| bad-input fail-closed | 19/19 fail_closed, any_seal=f (file 09) |
| rollback/clean-state | apply14→single-use→write-once→dismantle0→orphan0→audit1 (file 10) |
B. GOVERNED DOT RUNTIME (confirm NOT ready)
governance_canonical_operation_vocababsent (count 0; not in 352 collections).- No
DOT_C1_*in governeddot_agent_api_contract(only DOT_KG_EXPLAIN pair). governance_build_authorizationgrants=0.- All write routes read-only/denied/docs-only (file 02). DOT-only rule binds.
C. GOVERNED GAP — operator action (file 13 §C)
Operator must, via the governed DOT path: create governance_canonical_operation_vocab reusing the DOT_SCHEMA_*_ENSURE family; register DOT_C1_VOCAB_BUILD/…_VERIFY (DOT_KG precedent) into dot_agent_api_contract + dot_tools/CAT-006; mint one scoped single-use C1 grant. Claude cannot (no DDL/registration tool; read-only/denied/docs-only).
DOT reuse-first (A/B/C/D/E — file 04b)
Reused pattern: schema-ensure family + producer/verifier pairing. New DOTs: sandbox-only (category E). Registry update N/A (no governed DOT created) → C1_DRYRUN_HOLD_DOT_REGISTRY_NOT_UPDATED does NOT apply.
Adversarial pre-checks already run (file 12)
A1–A18 incl. "sandbox masquerades as governed proof" (A16) and "registry not updated" (A17) — handled by the narrow verdict + A/B/C separation. No fail-open / overclaim / prod-touch / scope-drift / cross-mutation.
What would change the verdict to governed-ready
Only the operator action in C, executed on governed runtime, then a re-run producing governed (not sandbox) dry-run evidence.