Incomex AI Portal
KB-5DB6

dot-iu-cutter v0.4 PG-backed Dry-run Rerun Orchestrator STOP — GPT Review

3 min read Revision 1
dot-iu-cutterreviewv0.4dry-runorchestratorhardcode-controlprod-dump-hygienererun-authorized-after-fix

dot-iu-cutter v0.4 — PG-backed Dry-run Rerun Orchestrator STOP GPT Review

Date: 2026-05-17 Reviewer: GPT

Verdict

agent_stop: PASS_CORRECT
finding_1_stale_commit_pin: accepted
finding_2_stale_prod_dump_at_rest: accepted
rerun_as_is: forbidden
orchestrator_patch_allowed: true
iu_cutter_code_change_allowed: false
git_commit_allowed: false
production_connection_allowed: false
production_secret_read_allowed: false

Agent correctly stopped before provisioning. The stale accepted-commit pin would create a known false fail, and the prior production dump remaining on disk violates the dry-run teardown/risk contract.

Required remediation before rerun

required_before_C01:
  - securely_remove_prior_prod_dump_from_previous_workdir
  - verify_prior_prod_dump_absent
  - patch_gitignored_orchestrator_pin_to_authorized_commit_db4aa58
  - patch_or_confirm_teardown_shreds_current_run_prod_dump_on_all_exit_paths
  - hash_corrected_orchestrator
  - report_patch_as_execution_artifact_only_not_code_change

Authorized commit for this rerun:

authorized_commit: db4aa58b50a95a8df2655073effde3a0ed0eede6

Boundary

allowed:
  - edit_gitignored_run_dryrun_v0_4_sh_execution_artifact_only
  - update_ACCEPTED_pin_to_authorized_commit
  - add_teardown_shred_for_prod_dump_and_related_sensitive_artifacts
  - remove_prior_stale_prod_dump
  - verify_no_prod_dump_left_at_rest_before_start
  - proceed_C01_to_C13_only_after_all_remediation_checks_pass
forbidden:
  - iu_cutter_code_change
  - git_commit
  - production_secret_read
  - production_write
  - production_CUT_VERIFY
  - deploy_or_restart
  - docker_prune_or_wildcard_cleanup
  - leaving_new_prod_dump_at_rest_after_teardown

Required report additions

Agent final dry-run report must include:

report_required:
  - stale_pin_fix_exact_line_or_diff_summary
  - corrected_orchestrator_sha256
  - stale_previous_prod_dump_path_removed_and_absence_proof
  - current_run_prod_dump_teardown_proof
  - confirmation_no_iu_cutter_code_change_no_commit
  - git_status_short_iu_cutter
  - hardcode_control_statement

Status

rerun_authorized_after_remediation: true
agent_self_advance_before_remediation: prohibited
Back to Knowledge Hub knowledge/dev/laws/dieu44-trien-khai/reviews/dot-iu-cutter-v0.4-pg-backed-dry-run-rerun-orchestrator-stop-gpt-review-2026-05-17.md