P3D — B3-F0a Sibling Policy Materialization — Agent Prompt (DRAFT)
P3D — B3-F0a Sibling Policy Materialization — Agent Prompt (DRAFT)
Date: 2026-05-12 Self-contained. Scope: INSERT 1 policy row into dot_config.
Mission
Materialize the approved sibling birth trigger scope into dot_config so the onboarding gate reads policy from PG, not from embedded lists.
Scope constants
policy_key = policy.birth_trigger.accepted_sibling_scope
approved_sibling_function = fn_birth_registry_auto_id (verify exists live by proname)
approved_source_review = knowledge/dev/laws/dieu44-trien-khai/reviews/gpt-review-b3a2a-variant-function-equivalence-probe-pass-2026-05-12.md
approved_sibling_collections = governance_relations, law_dot_enforcement, law_jurisdiction (policy content from approved_source_review, not runtime gate code)
db_schema = DISCOVER
Hard boundaries
Data mutation: INSERT one dot_config row only, or no-op PASS_ALREADY_EXISTS. This prompt does not allow UPDATE/overwrite of an existing conflicting policy row.
No DDL. No function/trigger creation or modification.
No other table mutation.
Phase 0 — Environment + DB discovery (self-contained)
Phase 1 — Concept resolution
Resolve dot_config columns: config_key, config_value, config_description, config_updated_at from information_schema. If dot_config absent → BLOCKED.
Phase 2 — Pre-verification
2A. Function exists
-- PATTERN ONLY
SELECT proname, oid FROM pg_proc
WHERE proname = 'fn_birth_registry_auto_id'
AND pronamespace = (SELECT oid FROM pg_namespace WHERE nspname = <resolved_schema>);
If absent → BLOCKED (cannot materialize policy for non-existent function).
2B. Verify scope matches live state
-- PATTERN ONLY: which collections actually use this function?
SELECT c.relname
FROM pg_trigger t
JOIN pg_class c ON t.tgrelid = c.oid
JOIN pg_namespace n ON c.relnamespace = n.oid
WHERE n.nspname = <resolved_schema>
AND t.tgfoid = <sibling_oid>
ORDER BY c.relname;
Live result MUST match exactly the approved sibling collections from approved_source_review:
- governance_relations
- law_dot_enforcement
- law_jurisdiction
If mismatch (extra collections using sibling, or fewer) → STOP, report SCOPE_MISMATCH. Do NOT proceed. This is a live guard proving the policy content still matches PG reality before materialization.
2C. Check existing policy key
-- PATTERN ONLY
SELECT <config_key>, <config_value>, <config_description>
FROM dot_config
WHERE <config_key> = 'policy.birth_trigger.accepted_sibling_scope';
0 rows → proceed to INSERT
1 row + equivalent value after canonical JSON parse/sort → PASS_ALREADY_EXISTS (skip INSERT)
1 row + different semantic value → BLOCKED_EXISTING_CONFLICT (report old value, do not overwrite)
>1 rows for same key → BLOCKED_DUPLICATE_POLICY_KEY
Do not compare JSON by raw text string only. Parse JSON and compare semantic content: version, source_review, function name, and collection set.
Phase 3 — Execution log
RUN_STARTED_AT=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
Phase 4 — Policy INSERT transaction
BEGIN;
SELECT pg_try_advisory_xact_lock(hashtext('p3d_birth_b3f0a_sibling_policy')) AS got_lock;
-- If got_lock is false → ROLLBACK and report LOCK_BUSY. Do not continue.
-- Build policy value from live-verified scope and approved source review.
-- JSON object:
-- {
-- "version": 1,
-- "source_review": "knowledge/dev/laws/dieu44-trien-khai/reviews/gpt-review-b3a2a-variant-function-equivalence-probe-pass-2026-05-12.md",
-- "entries": [
-- {"function":"fn_birth_registry_auto_id","collections":["governance_relations","law_dot_enforcement","law_jurisdiction"]}
-- ]
-- }
INSERT INTO dot_config (<config_key>, <config_value>, <config_description>, <config_updated_at>)
VALUES (
'policy.birth_trigger.accepted_sibling_scope',
'{"version":1,"source_review":"knowledge/dev/laws/dieu44-trien-khai/reviews/gpt-review-b3a2a-variant-function-equivalence-probe-pass-2026-05-12.md","entries":[{"function":"fn_birth_registry_auto_id","collections":["governance_relations","law_dot_enforcement","law_jurisdiction"]}]}',
'Scoped sibling birth trigger functions accepted by onboarding gate. Materialized by B3-F0a from GPT-reviewed equivalence probe.',
now()
);
-- Verify
SELECT <config_key>, <config_value> FROM dot_config
WHERE <config_key> = 'policy.birth_trigger.accepted_sibling_scope';
-- Must return 1 row with expected value
COMMIT;
Phase 5 — Post-commit verification + KB report
Post-commit verification must confirm:
- exactly one row exists for
policy.birth_trigger.accepted_sibling_scope; - value parses as JSON;
version=1;source_reviewequals the approved review path;entriesincludes exactly one entry forfn_birth_registry_auto_id;- the entry collections set equals the live-verified sibling trigger table set;
- no other
dot_configkeys were inserted or updated by this run.
Agent must write the execution report to KB before final chat response.
Rollback
If this run INSERTED a new row:
DELETE FROM dot_config WHERE <config_key> = 'policy.birth_trigger.accepted_sibling_scope';
If this run UPDATED an existing row in a future approved variant, rollback must restore the exact captured old value/description/updated_at. This prompt is approved for INSERT or PASS_ALREADY_EXISTS only; do not overwrite conflicting existing policy.
Final response
b3f0a_status=PASS|PASS_ALREADY_EXISTS|BLOCKED_EXISTING_CONFLICT|BLOCKED_DUPLICATE_POLICY_KEY|LOCK_BUSY|BLOCKED
policy_key=policy.birth_trigger.accepted_sibling_scope
policy_key_inserted=true|false
policy_key_already_exists=true|false
policy_value_has_source_review=true|false
sibling_function_verified=true|false
scope_matches_live=true|false
out_of_scope_sibling_count=0
transaction_committed=true|false
rollback_sql_logged=true|false
no_ddl=true
no_function_mutation=true
no_trigger_mutation=true
no_policy_store_other_keys_mutated=true
compiled_sql_logged=true|false
report_path=knowledge/dev/laws/dieu44-trien-khai/reports/p3d-birth-system-b3f0a-sibling-policy-materialization-execution-report.md
next_recommended_action=GPT_REVIEW_THEN_B3F0_DRYRUN_RERUN
B3-F0a Sibling Policy | DRAFT | 2026-05-12