C1 STAGING CODEX REVIEW BEFORE DRY-RUN — INDEX

Session: C1-STAGING-CODEX-REVIEW-2026-06-23 Date: 2026-06-23 Mode: read-only review; dry-run NOT executed; no sandbox created; no code/runtime files modified.

Verdict

CODEX_REJECT_C1_STAGING_BAD_INPUT_FAIL_OPEN

Summary

The six staging primitives are present, executable, staging-registered, hash-consistent, and isolated from the official directus runtime. Fresh read-only production checks at 2026-06-23 07:44Z matched the admission snapshot: dot_tools=309, dot_agent_api_contract=2, table_registry=21, governance_build_authorization=0, approval_requests=231, apr_action_types=14, official C1 rows=0, APR-0415=pending, staging DBs=0.

Execution is blocked because P5 treats any exception as a successful expected rejection and its assertion queries do not produce a non-zero exit. P6 can emit a digest and P6_DONE without proving P4 ran, without matching the nine expected reject signals, and without making orphan/gate failures fatal. The prepared command plan also does not actually capture SBX and has no strict-mode cleanup trap.

Files

• 01-context-readback.md
• 02-code-path-inspection.md
• 03-primitive-review.md
• 04-safety-attack-cases.md
• 05-dry-run-plan-review.md
• 06-final-verdict.md