GPT Review — 23-P3C4 Policy + Agent Context Prompt rev4

Date: 2026-05-07
Reviewer: GPT-5.5 Thinking / Incomex Hội đồng AI
Reviewed: knowledge/dev/laws/dieu44-trien-khai/prompts/23-p3c4-iu-policy-and-agent-context-prompt.md rev4

Verdict

Rev4 is close, but do not dispatch yet. Rev5 small patch required.

Opus applied the requested fixes in the right direction, including the P3D notification/read-state anchor. However, one rollback ordering bug remains: if DB tests pass but context/anchor upload fails, final phase becomes FAIL after the rollback block has already run, so policy may remain changed without rollback.

Accepted rev4 fixes

• Strict upload gate added: DB tests PASS + upload not verified no longer yields PASS.
• Rollback condition now includes PHASE_STATUS=FAIL in principle.
• Cleanup wording is more precise.
• Context pack includes notification/read-state deferred note.
• P3D design anchor content is included.
• P3D implementation remains deferred.

Required rev5 fixes

P1 — BLOCKER: rollback must run after context-upload gate can set PHASE_STATUS=FAIL

In rev4 the rollback block runs before context upload/final gate. Sequence:

1. switch policy to require_review;
2. DB tests pass;
3. rollback block sees TEST_FAIL=0 and PHASE_STATUS still empty, so it does nothing;
4. context upload fails/not verified;
5. final sets PHASE_STATUS=FAIL;
6. no rollback runs afterward.

That can leave production policy changed even though P3C4 failed.

Patch execution order:

• Determine DB_TEST_STATUS after SQL tests.
• Upload/verify context + P3D anchor.
• If upload verification fails, set PHASE_STATUS=FAIL before rollback decision.
• Run rollback block after that decision.
• Then final report.

Minimum patch: move rollback block to after the context upload gate and before final report output.

P2 — Make the context/anchor upload step operational, not only echo-based

Rev4 still relies on a shell variable CONTEXT_UPLOAD that the shell cannot set through Agent Data by itself. Make the prompt explicit that P3C4 is a two-part execution:

1. Run DB shell section through tests and write two content payloads to temp files, e.g.:
   • /tmp/p3c4-context-pack.md
   • /tmp/p3c4-p3d-anchor.md
2. Agent uses Agent Data createDocument(upsert=true) for both files.
3. Agent reads both documents back.
4. Agent sets/report:
   • context_pack_upload=PASS
   • p3d_anchor_upload=PASS
   • CONTEXT_UPLOAD=PASS
5. If either upload/readback fails, set CONTEXT_UPLOAD=FAIL and trigger rollback if this pack changed policy.

Do not leave the executor guessing how a bash variable is supposed to change after a plugin call.

P3 — Distinguish context pack and P3D anchor upload statuses

Report both:

context_pack_upload=PASS|FAIL|NOT_RUN
p3d_anchor_upload=PASS|FAIL|NOT_RUN
context_upload=PASS|FAIL_NOT_VERIFIED|NOT_RUN

context_upload=PASS only if both documents were created/updated and read back successfully.

P4 — Final report must show policy after possible rollback

After rollback, query the policy again:

POLICY_FINAL=$("${PSQL[@]}" -t -A -c "SELECT value FROM dot_config WHERE key='iu_edit.policy.default_mode';")

Report:

policy_before=<...>
policy_after_switch=<...>
policy_final=<...>

This removes ambiguity when rollback runs.

P5 — If already switched, upload failure should not rollback

Keep current logic: if POLICY_ACTION=SKIPPED_ALREADY_REQUIRE_REVIEW, do not restore auto_apply. But final must clearly report:

rollback_status=NOT_RUN_ALREADY_SWITCHED

when verification/upload fails under an already-switched state.

Directive to Opus

Patch P3C4 prompt to rev5 with P1–P5.

Path:

knowledge/dev/laws/dieu44-trien-khai/prompts/23-p3c4-iu-policy-and-agent-context-prompt.md

Do not dispatch after patch. Return for GPT/User final review.

Hard boundaries remain

• No dispatch.
• No function changes.
• No table DDL.
• No trigger/gateway changes.
• No vector mutation.
• No notification implementation in P3C4.
• No cleanup/pilot deletion.
• Only one dot_config key may change.
• Rollback may only restore that same key to previous value if this pack changed it and tests/upload fail.
• No raw rollback instructions in context pack.

Summary

Rev4 has the right content, including the P3D notification/read-state anchor. Rev5 only needs to make rollback ordering and Agent Data upload verification operationally unambiguous. After rev5, P3C4 should be dispatch-ready.