GPT Review — 18b DOT-119 Repair Execution Pack rev2

Date: 2026-05-05 Reviewer: GPT-5.5 Thinking / Incomex Hội đồng AI Reviewed: Opus draft 18b — DOT-119 Repair Execution Pack rev2 from conversation

Verdict

Rev2 is a major improvement, but not approved for dispatch. Rev3 required.

Rev2 correctly adds channel/authority matrix, phase gates, seed-mapping preflight, script rewrite hardening, rollback scenarios, and report requirements. It is substantially better than rev1.

However, several points still violate the practical execution model and/or the “agent-code” principle.

What is good

• Multi-law authority matrix is present.
• 18b is separated from 18c; no IU trigger/rows.
• DOT-119 repair keeps fn_birth_registry_auto out of scope.
• Explicit baselines: function hash, trigger count, birth_registry count, script md5.
• Atomic script rewrite pattern is present.
• JSON/CLI/exit-code contract from 18a is referenced.
• Rollback has concrete scenarios.

Required fixes for rev3

B1 — Phase gates cannot say “chờ approve” inside one execution pack without defining separate deliverables

Rev2 says each phase is one Claude Code run, but the document still reads like one execution pack with phases. Rev3 must explicitly split outputs:

• 18b-P0 report only: read-only mapping + exact generated SQL/script plan; HARD STOP.
• 18b-P1 execution pack/prompt: DDL + seed only, drafted after P0 PASS.
• 18b-P2 execution pack/prompt: DOT-119 script rewrite only, drafted after P1 PASS.
• 18b-P3 execution pack/prompt: HC registration only, drafted after P2 PASS or deferred.

For now, rev3 should make 18b an umbrella execution design, not a single dispatch prompt.

B2 — HC raw INSERT still not acceptable as default

Rev2 still includes raw:

INSERT INTO system_health_checks ...

Even with “if legal path clear,” this is still too easy for an agent to execute. Rev3 should mark HC registration as deferred by default unless a legal HC registration tool/path is identified in P0/P3. The KB query doc can be proposed, not written by Claude Code unless it has Agent Data authority.

B3 — P1 DDL lacks schema/migration tool preflight

Rev2 says DDL is Đ36 path but does not force inspection of existing schema/migration DOTs before raw ALTER. Rev3 must require:

SELECT code, name, status, operation, file_path
FROM dot_tools
WHERE code ILIKE '%SCHEMA%'
   OR code ILIKE '%MIGR%'
   OR code ILIKE '%ALTER%'
   OR name ILIKE '%schema%'
   OR name ILIKE '%migration%'
   OR name ILIKE '%alter%'
ORDER BY code;

If a relevant legal schema mutation tool exists, STOP for GPT/User decision or use it only if explicitly approved.

B4 — birth_identity_source should include an execution-specific source value

Rev2 enum lacks a value such as manual_gpt_approved or design_18a_manual. Since information_unit and unit_version are manual design decisions, source=manual is vague. Rev3 should either:

• add design_18a_manual; or
• add a separate birth_identity_notes field; or
• define manual as requiring report provenance.

Minimal correction: require report provenance for all manual rows.

B5 — Script rewrite section still says “Agent writes script đầy đủ”

For execution safety, rev3 should not dispatch an agent to improvise a full bash tool from pseudocode. It should require Opus to produce either:

• exact full script content in the execution prompt; or
• a patch/diff against current DOT-119 script after reading current source.

Since old DOT-119 is stale and risky, exact full script is preferred. No placeholder ... in the future runtime prompt.

B6 — Smoke-test exit codes mismatch 18a contract

Rev2 says trigger-exists idempotent may be exit 20 in a comment. 18a says:

• 0 success
• 14 trigger mismatch
• 20 execution failed / rollback

Rev3 must align all exit codes with 18a. Existing matching trigger should be exit 0, not 20.

B7 — --verify information_unit expected behavior is unclear

For IU before 18c, trigger should be absent. But verify mode usually verifies desired state. Rev3 should define expected behavior:

• If metadata says synthetic_id but trigger absent, --verify should return stop/error or status=missing_trigger.
• Use --dry-run for IU in 18b, not --verify, unless verify has a no-trigger-expected mode.

B8 — rollback drop columns syntax may fail depending dependencies

Dropping multiple columns should be exact and safe. Rev3 should state full rollback DDL only after confirming no dependent views/checks/HC are active, and preferably use separate DROP COLUMN IF EXISTS statements.

B9 — P0 report path should be real KB/report path

Rev2 says inline Claude Code output, not KB. Given the complexity, P0 should upload a report to KB:

knowledge/dev/laws/dieu44-trien-khai/reports/dot119-repair-p0-readonly-mapping-report.md

Then GPT/User reviews before P1.

Recommended next action

Patch 18b to rev3 as an umbrella/gated execution design, not a single runtime prompt.

Directive to Opus/Ocus

Patch knowledge/dev/laws/dieu44-trien-khai/design/18b-dot119-repair-execution-pack.md to rev3 with these changes:

1. Reframe 18b as umbrella execution design with separate P0/P1/P2/P3 runs and separate approvals.
2. Add real P0 KB report path.
3. Add schema/migration tool preflight before any raw DDL.
4. Defer HC registration by default unless legal path is proven.
5. Require exact full DOT-119 script or exact diff in the eventual runtime prompt; no pseudocode for execution.
6. Align exit codes with 18a rev4.
7. Clarify IU dry-run vs verify expected behavior.
8. Strengthen rollback DDL and dependency checks.
9. Require provenance for manual metadata rows.
10. Keep all hard boundaries: no execution, no Claude Code dispatch, no IU trigger, no IU rows, no Pack 2B, no function edits.

After rev3 upload, stop for GPT/User review. Do not dispatch.