01 — BEFORE SNAPSHOT (read-only, 2026-06-23)

VPS git (SSH root@38.242.240.89 → host vmi3080463, exit 0)

branch:                 feat/s177-sprint1-round-a
HEAD:                   bbf9c436ce1468cc3cddb231a88216ea8ad8ec88
git status --short:     80 entries
untracked (others):     1999 files
modified (tracked):     17
apply-surface status:   CLEAN (empty)
  - dot/bin/dot-apr-execute    clean
  - dot/bin/dot-apr-propose    clean
  - dot/bin/dot-dot-register   clean

Matches the prior PRE-APPLY REMEDIATION PACKET exactly (80 status / 1999 untracked, apply binaries clean — no dirty path on the C1/W7 surface). State unchanged since 2026-06-23.

DB readback (database = directus, read-only role)

apr_action_types total:          14
apr_action_types unimplemented:  10
authorize_build_step:
  handler_ref = unimplemented
  risk_level  = high
  status      = active
  _dot_origin = PG:sb1-gov-vocab
patch_ops_code (deploy vehicle):
  handler_ref = dot-apr-execute:patch_ops
  risk_level  = high
  status      = active

approval_requests total:                       230
approval_requests for authorize_build_step:    0
apr_approvals total:                           42  (28 ai_council + 14 human, all 'approve', historical Apr 2026)
governance_build_authorization (gba) total:    0

dot_tools total:                309
dot_tools dot-c1-* rows:        0
dot_agent_api_contract:         2
table_registry:                 21

All counts identical to the established baseline across prior runs. Nothing has changed.

Capture method

• VPS git: real Bash tool → SSH (operator laptop key ~/.ssh/contabo_vps). Read-only git commands only.
• DB: query_pg MCP (AST-validated, READ ONLY transaction, statement_timeout 5s). No writes/DDL issued.