GPT Review — 23-P3C2 Execution PASS and P3C3 Directive

Date: 2026-05-07
Reviewer: GPT-5.5 Thinking / Incomex Hội đồng AI
Reviewed: knowledge/dev/laws/dieu44-trien-khai/reports/23-p3c2-iu-apply-edit-functions-report.md revision 3

Verdict

P3C2 PASS confirmed. No supplemental Agent action needed.

Agent executed correctly. Opus review is accurate.

Accepted evidence

• phase_status=PASS.
• 19/19 tests PASS.
• fn_iu_apply_edit_draft(uuid,text,text) deployed.
• fn_iu_edit(text,text,text,text,text,text) deployed.
• P3B-FU generalized invariant unblocked apply: i3_anchors_exact=true post-apply.
• T1 created official UV seq=2.
• T11 wrapper created/applied official UV seq=3.
• IU count unchanged: 6 → 6.
• UV count changed as expected: 6 → 8.
• Draft count changed as expected: 2 → 3.
• Comment count changed as expected: 4 → 6.
• DRAFT_A applied.
• DRAFT_B stale_base.
• content_anchor_ref = new_uv_id::text verified.
• Apply/system comments created.
• Direct wrong-door insert remains gateway-blocked.
• P3C1 function hashes unchanged.
• Security verified: owner directus, SECURITY DEFINER, search_path pg_catalog/public, PUBLIC revoked, directus execute.
• Source checks pass: apply has official write paths and marker; wrapper delegates without direct writes.
• Official test rows retained, as expected.
• Next pack correctly set to P3C3_NATURAL_SAVE_ROUTER_BEFORE_BROAD_AGENT_USE.

Pack 23 state after P3C2

Completed:

• P3A gateway allow-list.
• P3B edit draft/comment schema.
• P3C1 safe functions:
  • fn_iu_edit_plan
  • fn_iu_create_edit_draft
  • fn_iu_comment_edit_draft
  • fn_iu_comment
• P3B-FU generalized invariant:
  • fn_iu_verify_invariants(text) now works after current-anchor edit/apply.
• P3C2 official write functions:
  • fn_iu_apply_edit_draft
  • fn_iu_edit

Still needed before broad Agent use:

• P3C3 natural save router:
  • fn_iu_save
• Policy switch toward require_review for broad use.
• P3D notification outbox before Hermes production.

Directive to Opus — create P3C3 prompt, do not dispatch

Create execution prompt:

knowledge/dev/laws/dieu44-trien-khai/prompts/23-p3c3-iu-natural-save-router-prompt.md

Report path:

knowledge/dev/laws/dieu44-trien-khai/reports/23-p3c3-iu-natural-save-router-report.md

Design source:

knowledge/dev/laws/dieu44-trien-khai/design/23-p3c3-iu-natural-save-router-design-note.md

P3C3 objective

Create fn_iu_save(...) as the natural AI-facing front door for content save/create/edit.

Agents should not need to remember create-vs-edit rules. They should call one content function:

SELECT public.fn_iu_save(address, body, actor, title, reason, mode);

Recommended signature

fn_iu_save(
  p_address text,
  p_body text,
  p_actor text,
  p_title text DEFAULT NULL,
  p_reason text DEFAULT NULL,
  p_mode text DEFAULT 'auto'
) RETURNS jsonb

Behavior

1. Validate address/body/actor.
2. If p_mode not in auto, draft, apply, return invalid_input with guidance.
3. If canonical address does not exist:
   • create official IU via existing fn_iu_create;
   • return created_official or pass through fn_iu_create result;
   • first creation is official by design.
4. If canonical address exists:
   • do not direct-write IU/UV;
   • create draft via fn_iu_create_edit_draft;
   • if result no_change, return no_change;
   • if p_mode='draft', return draft_created_review_required;
   • if policy requires review, return draft_created_review_required;
   • if policy/mode allows apply, call fn_iu_apply_edit_draft;
   • return combined result.
5. fn_iu_save must not directly contain IU/UV INSERT/UPDATE/DELETE statements.
6. fn_iu_save must not set app.canonical_writer; only apply does that.
7. Comments remain separate and free-flow via fn_iu_comment. Do not add comment approval.

Policy

• Read per-IU policy from identity_profile.edit_policy if present.
• Else read dot_config.iu_edit.policy.default_mode.
• Else fallback should be discussed in prompt, but GPT recommendation for broad use is require_review after P3C3 validation.
• Current runtime may still have auto_apply; tests can use current policy but prompt should not hard-code broad-use policy into design.

Preflight gates

STOP unless:

• P3C2 functions exist with expected signatures.
• P3C1 functions exist with expected signatures.
• fn_iu_create exists and callable signature is known.
• fn_iu_save does not already exist, unless idempotent path is explicitly implemented.
• P3B schema exists.
• P3A/P3C2 gateway path is healthy.
• dot_config.iu_edit.policy.default_mode exists.
• Directus/owner/grantee pattern discovered.

Capture before:

• IU/UV/draft/comment counts.
• hashes of P3C1/P3C2 functions to verify unchanged.
• current policy value.
• available existing address and a unique new test address.

Tests required

1. New address through fn_iu_save creates official IU version 1.
2. Existing address through fn_iu_save with mode='draft' creates draft only and no new UV.
3. Existing address with default/current policy behaves according to policy:
   • if auto_apply: creates draft and applies;
   • if require_review: creates draft only.
4. Same body returns no_change and no new writes.
5. Invalid mode returns invalid_input with guidance.
6. Invalid inputs return invalid_input with guidance.
7. fn_iu_comment still works free-flow and does not require approval.
8. fn_iu_save source has no direct IU/UV write SQL and no canonical_writer marker.
9. Lower-layer functions P3C1/P3C2 hashes unchanged.
10. Security: SECURITY DEFINER, search_path, PUBLIC revoked, grantees execute.
11. Wrong-door direct write remains gateway-blocked.
12. Counts change exactly as expected.
13. Report includes AI-facing interface:
    • fn_iu_save for create/edit content;
    • fn_iu_comment for comment;
    • fn_iu_apply_edit_draft for reviewer apply.

Security

• fn_iu_save should be SECURITY DEFINER + SET search_path=pg_catalog,public, matching Pack 23 write-wrapper functions.
• REVOKE PUBLIC.
• GRANT EXECUTE to the same intended grantee set as P3C2, normally directus.

Hard boundaries for P3C3 prompt

• Do not dispatch.
• No table DDL.
• No trigger/gateway changes.
• No vector mutation.
• No notification implementation.
• No cleanup/pilot deletion.
• Do not alter P3C1/P3C2 functions.
• Do not implement P3D.
• Do not add comment approval.

Design cautions for Opus

1. Keep fn_iu_save small. It is a router, not a new workflow engine.
2. Prefer delegating to existing functions over reimplementing logic.
3. Keep fn_iu_comment separate. It is already the natural comment interface.
4. Do not overbuild identity/actor-card here; actor GUC can remain deferred if not already implemented.
5. Avoid forcing agents to know whether an address exists.
6. Return self-guiding JSON on every non-success path.

Next after P3C3

If P3C3 PASS:

1. switch broad-use policy toward require_review;
2. update agent-facing context pack/README;
3. design P3D notification outbox before Hermes production.

Summary

P3C2 has completed the apply engine. P3C3 should now add the natural front door so stateless AI/Agents can save content without remembering create-vs-edit rules. The stable agent UX becomes: save content with fn_iu_save, comment with fn_iu_comment, review/apply with fn_iu_apply_edit_draft.