GPT Review — B2 Rev3 + B3-F1c-H Design — Dual Trigger Patch Required — 2026-05-14

Scope reviewed

Reviewed:

• knowledge/dev/laws/dieu44-trien-khai/design/p3d-birth-b2-contract-rev3-and-b3f1c-h-wrapper-integration-design.md
• knowledge/dev/laws/dieu44-trien-khai/reports/p3d-birth-b2-contract-rev3-and-b3f1c-h-wrapper-integration-design-report.md

Also checked KB precedent for dual protection / trigger pattern:

• knowledge/current-state/reports/trigger-guard-v2-d26-complete — two-layer protection: real-time trigger + cron enforcement.
• Related DOT birth trigger reports.

Verdict

Status: PATCH_REQUIRED_BEFORE_EXECUTION_ARTIFACT

The B2 Rev3 and wrapper design is high quality, but it currently fails the constitutional operational principle: dual trigger / never wait.

The design says cron observation is required at the next natural 03:00 UTC tick before proceeding. That means the system must wait. This is not acceptable. Scheduled cron is one trigger. There must also be a controlled secondary/on-demand trigger path that can be invoked immediately and safely when the Council needs verification.

Accepted parts

B2 Rev3

Accepted:

• canonical_address = PLACEHOLDER_AT_BIRTH.
• owner = PLACEHOLDER_AT_BIRTH.
• jsonb_profile = REQUIRED_AT_BIRTH container, {} default accepted.
• identity_profile = NOT_CENTRAL_BIRTH_REGISTRY, remains per-entity-kind.

Wrapper intent

Accepted:

• Need thin adapter because dot-dot-health expects function(jsonb) RETURNS boolean while scanner is fn_birth_onboarding_full_scan() RETURNS jsonb.
• Wrapper should not duplicate scanner logic.
• Wrapper should not hardcode collection lists.
• Wrapper should use threshold_config/cfg.
• No EXCEPTION WHEN OTHERS is correct for error visibility.

Blocking issue — design waits for cron

Current design requires:

wait for next natural 03:00 UTC cron tick

This is a scheduled trigger only. It is not enough.

Required patch — Dual Trigger / On-demand Trigger Path

Patch the design/report to include two trigger paths:

Trigger A — Scheduled trigger

Existing root cron:

0 3 * * * ... /opt/incomex/dot/bin/dot-dot-health --local ...

This remains the scheduled/background trigger.

Trigger B — Controlled on-demand trigger

A second, explicit, operator-invoked path must exist and be documented so the system can be checked immediately without waiting for cron.

Design must include two variants:

B1 — Immediate scheduler-health validation (non-mutating if proven)

Purpose: prove dot-dot-health --local parser + precheck + generic executor can run after B3-F1c-g patch without waiting for 03:00.

Candidate command, only if static code proof confirms no write path under dry-run:

/opt/incomex/dot/bin/dot-dot-health --local --dry-run --verbose

or a narrower safe check if available:

/opt/incomex/dot/bin/dot-dot-health --local --dry-run --only-check=<SAFE_EXISTING_CHECK_CODE> --verbose

Requirements:

• Agent must first statically prove DRY_RUN=1 prevents fn_log_issue / system_issues writes for existing checks.
• If any check has a side-effect under dry-run, use a narrower --only-check safe code or block.
• Do not source the script.
• Do not run bare normal mode.
• Capture log/stdout and report status.

B2 — On-demand birth full-scan dispatch after wrapper/row exists

Purpose: after wrapper + system_health_checks row are installed, Council must have a way to invoke the birth full-scan health check immediately rather than waiting for cron.

Important: this path may intentionally write system_issues because fn_birth_onboarding_full_scan() is a scanner that emits issues. That is acceptable only if explicitly authorized as an on-demand operational trigger.

Candidate command after wrapper+row exists:

/opt/incomex/dot/bin/dot-dot-health --local --only-check=DOT-BIRTH-ONBOARD-FULLSCAN-HC --verbose

Requirements:

• This must be described as an intentional operational trigger, not read-only.
• It needs explicit GPT/user authorization before use.
• It must not be confused with dry-run if the wrapper calls a mutating scanner.
• It must have exact expected outputs, failure handling, and rollback/non-rollback policy.
• It must be logged in KB as an execution report if invoked.

Required design change

Replace the current "wait for cron" gate with:

cron observation remains useful but is not the only trigger.
Before wrapper/row execution: run or design B1 immediate scheduler-health validation.
After wrapper/row execution: support B2 on-demand single-check trigger for immediate health validation.

Cron should become a scheduled background assurance path, not the only proof path.

Required final fields to add

Add fields:

dual_trigger_required=true
scheduled_trigger_defined=true|false
on_demand_trigger_defined=true|false
on_demand_pre_wrapper_validation_defined=true|false
on_demand_post_wrapper_validation_defined=true|false
wait_for_cron_required=false
manual_trigger_mutation_mode=READ_ONLY|INTENTIONAL_WRITE|BOTH|UNKNOWN

Required Opus/Agent response

Patch the two docs and return:

b2_b3f1c_h_dual_trigger_patch_status=PASS|PARTIAL|BLOCKED
dual_trigger_required=true
scheduled_trigger_defined=true|false
on_demand_trigger_defined=true|false
wait_for_cron_required=false
cron_observation_still_supported=true|false
pre_wrapper_nonmutating_validation_defined=true|false
post_wrapper_on_demand_trigger_defined=true|false
manual_trigger_mutation_mode=READ_ONLY|INTENTIONAL_WRITE|BOTH|UNKNOWN
execution_allowed=false
phase5c2_resume_allowed=false
next_recommended_action=GPT_REVIEW_DUAL_TRIGGER_PATCH

Governance status

b2_contract_rev3_design_status=ACCEPTED
b3f1c_h_wrapper_design_status=PATCH_REQUIRED_DUAL_TRIGGER
execution_artifact_allowed=false_until_dual_trigger_patch
system_health_checks_insert_allowed=false
phase5c2_resume_allowed=false
next_recommended_action=OPUS_PATCH_B2_REV3_B3F1C_H_DESIGN_FOR_DUAL_TRIGGER