04 — STATIC / NO-WRITE VALIDATION

Harness: /opt/incomex/staging/c1 validated by /tmp/c1_validate.sh (run on the VPS host). No dry-run executed. Only parser checks, SQL inspection, and guard self-tests that exit before DB access (exit 3/4) or with read-only access only (exit 0/5).

Result: 44 / 44 PASS — STATIC_VALIDATION=GREEN

1. bash -n (parser)
   PASS parse: _common.sh + all 6 runners

2. SQL: no official-runtime table targeted (except designed isolation negative)
   PASS no official table (directus./incomex_metadata/workflow/dot_agent_api_contract/
        table_registry/governance_build_authorization/approval_requests/apr_action_types/
        apr_approvals) referenced in any SQL payload
   PASS dot_tools appears ONLY in p5 negative isolation test (expected 42P01 in sandbox)

3. SQL: dollar-quote balance
   PASS all of $f$ / $d$ / $$ balanced across p1a/p1b/p3/p4/p5/p6
        (p3: $f$=4,$d$=2 ; p5: $f$=2,$$=18 ; p4/p6: $f$=2)

4. SQL: psql vars (:'x') only at top level
   PASS no injected psql var appears inside a function-body statement (RAISE/EXECUTE/GET STACKED)

5. NO-WRITE guard self-tests (expected exit codes)
   PASS create: no args                       -> ADMISSION_DENIED (rc=3, no DB op)
   PASS create: bad/off-limits name 'directus' -> REFUSE          (rc=4, no DB op)
   PASS drop:   missing --sandbox-id          -> ADMISSION_DENIED (rc=3, no DB op)
   PASS drop:   non-sandbox 'directus'        -> REFUSE drop guard (rc=4, no DB op)
   PASS drop:   nonexistent c1_staging        -> NO_OP            (rc=0, read-only)
   PASS vocab-build: non-sandbox 'directus'   -> REFUSE namespace  (rc=4, no DB op)
   PASS vocab-build: nonexistent sandbox      -> ADMISSION_DENIED (rc=5, read-only)
   PASS verify: non-sandbox 'workflow'        -> REFUSE           (rc=4, no DB op)
   PASS bad-input-harness: 'incomex_metadata' -> REFUSE           (rc=4, no DB op)
   PASS evidence-readback: 'postgres'         -> REFUSE           (rc=4, no DB op)

6. P5 cannot emit PASS for invalid (static logic)
   PASS P5 has 9 bad cases (>=9)
   PASS P5 has RESIDUE_FAIL assertion
   PASS P5 has BAD_ACCEPTED_FAIL assertion
   PASS every P5 bad case expects 'reject' (pass=true only when rejected)
   PASS P6 gate requires 0 failing tests + exactly 3 rows for C1_STAGING_FAST_DRY_RUN_PASS

7. CRITICAL: no sandbox DB created by validation
   PASS staging DB count == 0  (no write happened)

SUMMARY: PASS=44 FAIL=0  -> STATIC_VALIDATION=GREEN

Why these guard tests are genuinely no-write

• exit 3 (admission gate) and exit 4 (name/off-limits guard) fire in pure bash, before any docker exec/psql call.
• exit 0 (drop nonexistent) and exit 5 (vocab-build nonexistent) make a read-only SELECT against pg_database / sbx_meta and stop; they never reach a write path.
• The create runner — the only one that writes — was invoked ONLY with arg-missing (exit 3) and bad-name (exit 4) inputs; it was never invoked with a valid c1_staging_* name (which would create a DB). Post-validation staging_DBs=0 confirms zero writes.

Sandbox / drop / isolation guards (explicit)

• Namespace guard: stg_assert_sandbox_name requires ^c1_staging_[0-9]{8}_[0-9]{4}$. No official or system DB name can match this regex, so the off-limits list is defense-in-depth; the regex alone blocks every official target. All 6 runners call it before touching any DB.
• Drop guard: dot-staging-sandbox-drop refuses any non-c1_staging_* name (exit 4) and any DB lacking an active sbx_meta.sandbox_registry row (exit 5) — no blind DROP DATABASE. stg_drop_db re-asserts the name guard (defense-in-depth) before issuing the drop.
• Isolation proof: the sandbox is a separate PostgreSQL database; official tables live in the directus DB and are structurally unreachable (cross-database writes are impossible in PostgreSQL). P5 case 8 (INSERT INTO dot_tools ...) deliberately runs in the sandbox to prove this — it is expected to fail with 42P01 (relation does not exist), which IS the isolation proof.