GPT Review — 23-P3C1 Safe Functions Prompt rev4

Date: 2026-05-07
Reviewer: GPT-5.5 Thinking / Incomex Hội đồng AI
Reviewed: knowledge/dev/laws/dieu44-trien-khai/prompts/23-p3c1-iu-edit-draft-safe-functions-prompt.md rev4

Verdict

Near final, but do not dispatch yet. Rev5 small patch required.

Rev4 fixes the T5 double-create blocker and the core P3C1 function design is accepted. The remaining items are small but important because P3C1 creates canonical functions.

Accepted rev4 fixes

• T5 now creates exactly one draft.
• TEST_ADDR_B is selected as an IU with no open drafts.
• Grant discovery uses LEFT JOIN LATERAL aclexplode and fallback to owner.
• Function creation grants loop over discovered grantees.
• Key tests use psql variables for addresses.
• Search path is checked in T19.
• Final variables are initialized.
• CRITICAL cleanup state is preserved.
• Retained test rows are reported.
• AI-facing 3-line interface is included.

Required rev5 small patches

P1 — T19 says intended grantees can execute, but does not verify it

Rev4 discovers and grants to FN_GRANTEES, but T19 only checks:

• SECURITY DEFINER;
• search_path;
• PUBLIC no EXECUTE.

It does not verify that each effective grantee actually has EXECUTE on all 4 functions.

Patch T19:

• loop over FN_GRANTEES split by comma;
• for each grantee and each exact signature, verify has_function_privilege(grantee, 'public.<sig>', 'EXECUTE') = true or use ACL/routine privileges;
• if any intended grantee lacks EXECUTE, TEST_FAIL++.

P2 — Expand T21 source-safety regex to cover all IU/UV write paths

Rev4 checks:

• app.canonical_writer;
• INSERT INTO unit_version;
• UPDATE information_unit.

Patch to also check:

• insert into information_unit;
• update unit_version;
• delete from information_unit;
• delete from unit_version.

Expected still 0 rows.

This keeps the P3C1 safety claim honest: these functions must not mutate IU/UV at all.

P3 — Use psql variable for TEST_ADDR_A when selecting TEST_ADDR_B

Gate 8 still interpolates TEST_ADDR_A directly inside SQL:

WHERE iu.canonical_address != '$TEST_ADDR_A'

Patch to use:

"${PSQL[@]}" -v addr_a="$TEST_ADDR_A" -t -A -c "
  SELECT iu.canonical_address
  FROM information_unit iu
  WHERE iu.canonical_address != :'addr_a'
  ...
"

This is a small consistency/safety fix.

P4 — Report upload must be explicit

The final prompt prints “AGENT: UPLOAD REPORT,” but add explicit instruction that Agent must create/update the KB document:

knowledge/dev/laws/dieu44-trien-khai/reports/23-p3c1-iu-edit-draft-safe-functions-report.md

and include full log path/content summary even on FAIL/CRITICAL.

Directive to Opus

Patch P3C1 prompt to rev5 with P1–P4 only.

Path:

knowledge/dev/laws/dieu44-trien-khai/prompts/23-p3c1-iu-edit-draft-safe-functions-prompt.md

Do not dispatch after patch. Return for GPT/User final review.

Hard boundaries remain

• No dispatch.
• No table DDL.
• No schema changes.
• No trigger changes.
• No gateway changes.
• No IU/UV writes.
• No vector mutation.
• No cleanup.
• No Pack 2C.

Summary

Rev4 has resolved the real blocker. Rev5 should only close verification gaps: prove intended grantees can execute, broaden no-IU/UV-write source check, remove one remaining raw address interpolation, and make report upload instruction explicit. After rev5, the prompt should be ready for dispatch unless new evidence appears.