KB-3101
RS-TKT-1-PATCH1C · 01 DOT Inventory Reuse-or-Create Decision
7 min read Revision 1
tool-kiem-thulegolaws-newrs-tkt-1phase1-designpatch1cdot-inventoryreuse-or-createnon-authorizing2026-06-22
RS-TKT-1-PATCH1C · 01 — DOT Inventory: Reuse-or-Create Decision
NON_EXECUTABLE_DESIGN_DOC
DOT_BOUND_DRYRUN_READINESS_PROOF_ONLY
NOT_IMPLEMENTED
NOT_AUTHORIZED_FOR_RUNTIME
Lane: RS-TKT-1 — Phase 1 TKT Base · PATCH1C
Date: 2026-06-22
Gate: REGISTRATION_HOLD · REGISTRATION_CAN_PROCEED = NO · 0 runtime mutations
Authority: NON_AUTHORITY · may_gate=false · decision_effect=NONE
Decision rule (macro §4.2): reuse an existing DOT only if it exactly or safely supports an RS-TKT-2 read/report inspector with no runtime mutation; create only if no candidate is suitable; HOLD if neither can be done safely.
1. Source read
handbook : knowledge/dev/laws-new/newlaws/dot-manage/dot-usage-handbook.md
handbook rev : KB revision 11 at read time · body rev3 (2026-06-19) · 309-row §5.3 inventory · read 100% (truncated=false)
read method : full-document read of §§0–18 incl. the complete §5.3 309-row inventory, §3 DOT-only rule, §12 KB-zone rule, §13 dangerous/frozen list, §16 update log, §17/§18 registration semantics
2. Critical zone facts established from the handbook
§3 DOT-only zone = Directus / Postgres / schema. "If a DOT cannot do it, it must not be done." No manual SQL/psql/docker exec psql/generic Directus schema-create.
§12 KB IS A DIFFERENT ZONE: writing documents to AgentData KB via upload_document is the ALLOWED output channel and is NOT part of the DOT-only schema zone.
§2.4 Mutating runtime is dry-run-gated and fails closed; "only read-only / dry-run / verify DOTs actually do anything" today.
§13 Three frozen/monitored DOTs (birth-trigger-setup / birth-backfill / schema-birth-registry-ensure) — none intersect a read-only KB-markdown report inspector.
§17/§18 Registering a new DOT into live dot_tools = Owner-gated, dry-run-gated, held under REGISTRATION_HOLD + HOLD_FOR_OWNER_REAL_RUN. Editing the handbook markdown = doc-only.
3. Candidate DOTs inspected
| candidate code / bin | purpose | read/write surface | can support RS-TKT-2 read/report inspector? | reason | collision risk |
|---|---|---|---|---|---|
DOT_KB_VERIFY / dot-kb-verify |
verify KB integrity | Read; surface = Directus kb domain |
NO | surface is Directus kb integrity, not the AgentData markdown corpus under tool-kiem-thu-lego/; status NEEDS_RECONCILE / cov:partial; no TKT oracle, no "emit one report" contract |
n/a |
DOT-110 / dot-coverage-inspector |
inspect DOT coverage matrix | Read (monitoring.integrity) |
NO | reads the DOT coverage matrix, not arbitrary TKT KB markdown; cov:partial; no report-emit-to-TKT semantics |
n/a |
DOT-106 / dot-selftest-registries |
self-test registries | Unknown | NO | Read/Write=Unknown, Authority=Unknown, status needs-triage; not relyable |
n/a |
DOT-HC-EXECUTOR-VERIFY / dot-hc-executor-verify |
paired verify of health-check executor | Read (monitoring.health) |
NO | verifies HC executor output, not a TKT report; wrong domain | n/a |
DOT-CONTEXT-PACK-VERIFY / dot-context-pack-verify.sh |
verify context-pack freshness/checksum | Read (context.pack) |
NO | verifies context-pack files, not the TKT KB corpus or a TKT oracle | n/a |
category kiểm_tra_lỗi (DOT-012/023/027/089/090/095/096/117/121) |
error/data-quality checks | Read/audit | NO | none reads tool-kiem-thu-lego/ markdown or applies the canonical TKT oracle |
n/a |
monitoring / monitoring.integrity family (incl. dot-registries-verify, dot-layer3-audit, dot-arch-check, dot-inspect-pen, DOT-COVERAGE) |
registry/architecture/coverage audits & reports | Read | NO | "safest DOTs — read and report," but read surfaces are DOT registries / layers / coverage, not the TKT corpus; none emits a TKT result report | n/a |
DOT_KG_EXPLAIN / DOT_KG_EXPLAIN_VERIFY |
KG-edge explainer + paired verify (DRY_RUN/VERIFY_ONLY) | Read (no_mutation), dot_agent_api_contract |
NO (instance); YES (template) | only registered read-only producer+verify pair, DRY_RUN_GATED, no_mutation — the right shape/template, but its surface is KG edges, not KB markdown | n/a |
any DOT_TKT_* / tool-kiem-thu DOT |
— | — | DOES NOT EXIST | zero TKT-namespaced DOTs in the 309-row roster | — |
4. Collision check (proposed new codes)
DOT_TKT_DRYRUN_READ_REPORT_INSPECTOR : NOT TAKEN (0 occurrences in 309-row inventory + full document)
dot-tkt-dryrun-read-report-inspector (bin) : NOT TAKEN (0 occurrences)
DOT_TKT_DRYRUN_READ_REPORT_INSPECTOR_VERIFY : NOT TAKEN (0 occurrences)
any DOT_TKT_* / DOT-TKT-* / dot-tkt-* : NONE EXIST
"dryrun" as a DOT NAME : never used (appears only as a runtime gate-state: DRY_RUN_GATED / dry_run_only)
near names already taken (avoided) : dot-coverage-inspector, dot-inspect-pen, DOT-COVERAGE, *-VERIFY family
⇒ dot_candidate_conflicts_unresolved = 0
5. Naming/convention conformance
Observed convention (handbook §5.3 legend + data): code → lowercased hyphen bin under /opt/incomex/dot/bin/; paired verify via paired_dot + _VERIFY suffix.
Operation verb (dot_operations, 20-verb set): "report" (primary DOT) + "verify" (paired DOT) — both in the controlled vocabulary.
Category: kiểm_tra_lỗi (error/test-checking — matches "tool kiểm thử"). Domain: monitoring.integrity (read-only inspect/verify/report family; "monitors are the safest DOTs").
Pairing DOT_...-INSPECTOR ↔ DOT_...-INSPECTOR_VERIFY is consistent with DOT_KG_EXPLAIN ↔ DOT_KG_EXPLAIN_VERIFY and DOT-HC-EXECUTOR ↔ -VERIFY.
6. Decision
DECISION = CREATE_NEW_DOT
selected primary DOT : DOT_TKT_DRYRUN_READ_REPORT_INSPECTOR
paired verify DOT : DOT_TKT_DRYRUN_READ_REPORT_INSPECTOR_VERIFY
rationale : no existing DOT exactly/safely supports a read-only "read TKT KB markdown + emit ONE markdown report" inspector
(read surfaces don't match; nearest names are partial/triage/wrong-zone). DOT_KG_EXPLAIN is the template, not a reusable instance.
safety : doc-only spec + handbook admission DONE now (KB-zone, allowed); the inspector is read-only and stays in the KB zone (§12), never the DOT-only schema zone (§3).
NOT HOLD because : a safe doc-only path to BIND + SPEC + ADMIT the DOT exists and was executed (06). The only act that cannot be done now —
live dot_tools registration — is an Owner-gated authority act folded into GATE-3 (05), an EXPECTED gate, not a design-clarification gap.
7. What this decision does NOT assert
- It does NOT register the DOT into dot_tools (still 309; REGISTRATION_HOLD).
- It does NOT open any runtime gate.
- It does NOT claim the inspector exists, is built, or can run today.
- It binds the design to a DOT and proves a safe doc-only admission path; runtime registration is the Owner's GATE-3 act.