KB-3F66
6000x-input-contract — Input Contract Matrix
7 min read Revision 1
iu-core6000xinput-contractauthority-discovery
02 — Input Contract Matrix (live-verified, 2026-05-24)
The macro pivoted ALL action through this matrix per the lesson
[[feedback-authority-discovery-real-verify]] (prior 6000x macro
discovered that authority claims in old reports must be live-verified
before being trusted). Every row below was discovered by running the
exact command listed; no row trusts a prior report's classification.
Classification key
- EXECUTABLE_NOW — authority + input + safety gates all pass; macro may proceed without asking.
- EXECUTABLE_IF_GATE_PASS — authority granted in macro body, but the technical gate (e.g. enacted-only lifecycle, OpenAI key) must pass first; if it doesn't, branch closes as PARTIAL_WITH_EXACT_GAP.
- AUTHOR_MODE_ONLY — agent may author/draft/propose only; the actual cut (merge/deploy/restart) is owned by an external party.
- BLOCKED_EXTERNAL_AUTHORITY — agent has no authority and the macro forbids action; branch closes as DONE_WITH_EXTERNAL_BLOCKER.
Matrix
| # | Branch | Required authority | Discovered evidence (live) | Allowed action | Forbidden action | Decision |
|---|---|---|---|---|---|---|
| 1 | Nuxt PR #669 merge / deploy | Live admin on Huyen1974/web-test + explicit user "merge" grant + frontend/DevOps cut window |
gh auth status → admin+push on Huyen1974/web-test; gh pr view 669 → OPEN/MERGEABLE; mergeStateStatus=UNSTABLE (1 unrelated check failing — see row 2); user grant in macro body = "open/update PR, not merge unless explicit live authority is proven" |
none on merge | merge, image rebuild, incomex-nuxt restart |
BLOCKED_EXTERNAL_AUTHORITY (frontend/DevOps owns merge cut) |
| 2 | Nuxt PR #669 update / comment | Same as row 1 + user grant to comment | Counting Contract Check (Nuxt 3 CI) FAILURE — tests live meta_catalog: CAT-ALL=1416064 vs SUM(atom active)=1199853; check queries directus.incomexsaigoncorp.vn, NOT files in our patch; grep meta_catalog on pushed files → 0 matches; user grant = "Post PR comment explaining" |
post 1 PR comment explaining unrelated drift; do NOT rebase | rebase to chase unrelated failure, branch update | EXECUTABLE_NOW (executed — comment URL: https://github.com/Huyen1974/web-test/pull/669#issuecomment-4527166744) |
| 3 | Healthcheck cron production install on VPS | Sudo or user-systemd on long-running Linux host (no sudo path approved) | ssh contabo → root@vmi3080463 (sudo IS available); macro authority = "VPS user-level cron only if no sudo and rollback exists"; on contabo user is root so user-cron == root-cron — not the bounded "no-sudo" path the macro envisioned; user reaffirmed in prior macro: "Mac user-cron only, no VPS" |
document install commands; do not install | install on VPS this macro | BLOCKED_EXTERNAL_AUTHORITY (host-owner cut window owns it) |
| 4 | Mac cron pilot verification | None (read-only) | crontab -l → 1 entry */10 * * * * iu_core_healthcheck_wrapper.sh; jsonl log 4 entries, latest ts=2026-05-24T02:20:00Z exit=0 overall_ok=true surfaces=7; uninstall.sh cron present at ops/healthcheck-cron-package/install/uninstall.sh |
verify only | install/uninstall this macro | EXECUTABLE_NOW (executed — see report 05) |
| 5 | Retention gate enable | Explicit user approval artifact | dot_config.iu_core.retention_enabled=false; no approval artifact; user reaffirmed in prior macro: "Keep gate false, dry-run only"; this macro's PRIMARY GOAL note allows enable only "with explicit approval artifact" |
dry-run only; document enable command + rollback | enable, durable cleanup, row delete | BLOCKED_EXTERNAL_AUTHORITY (deliberate deferral) |
| 6 | Qdrant onboarding DIEU-35 / 28 / 32 | Macro body grants this under ALLOWED + per-IU boundary gate must pass; enacted-only convention (2400x) is the technical gate | 86 IUs in corpus (DIEU-35=36, DIEU-28=27, DIEU-32=23); JOIN unit_version on lifecycle_status='enacted' returns 0 rows for all 3 corpora; all 86 are draft; convention 2400x = enacted-only (content-addressed point ids drift with draft body churn); user choice = "Skip Qdrant write — record exact gap" |
document gap; no Qdrant write this macro | index draft IUs, override convention | EXECUTABLE_IF_GATE_PASS → branch closed by lifecycle gate (see report 03) |
| 7 | Auto-refresh regression / re-verify | None (read-only SELECT) | refresh_log id 18 still durable: actor=iu_lifecycle_trigger outcome=skipped_in_sync view_pre=163 table_pre=163 table_post=163; dashboard view current_in_sync=t cache_healthy=t; trigger error log 0 rows |
re-verify | invoke trigger this macro | EXECUTABLE_NOW (executed — see report 07) |
| 8 | Directus / Nuxt / API read-only smoke | None (read-only) | Directus permission row 1485 live (action=read, collection=iu_three_axis_envelope); 163 rows; DIEU-35 axes A/B/C re-verified matching 6000x |
smoke read | any write | EXECUTABLE_NOW (executed — see report 07) |
| 9 | AgentData report sync | None (KB write under macro slug) | mcp__agent-data__upload_document available; slug v0.6-iu-core-6000x-input-contract-qdrant-ops-closeout-open-goal/ chosen per macro instruction |
upload 7 reports; verify list/read/search | overwrite a different macro's KB tree | EXECUTABLE_NOW (executed after commit — see report 01) |
| 10 | Roadmap / prompt-guide update | None (docs in repo) | Lesson from this macro = "input contract is mandatory before live action"; recorded in MEMORY.md and roadmap update folded into report 01 | update memory + report | rewrite governance docs | EXECUTABLE_NOW (executed — see report 01) |
Summary
- 4 EXECUTABLE_NOW branches executed: PR comment, Mac cron verification, auto-refresh + DIEU-35 reverify, KB report sync.
- 1 EXECUTABLE_IF_GATE_PASS branch closed by technical gate: Qdrant onboarding blocked by lifecycle policy (all 86 IUs draft; enacted-only convention preserved).
- 3 BLOCKED_EXTERNAL_AUTHORITY branches recorded: PR merge (frontend/DevOps), VPS cron install (host-owner), retention enable (deliberate deferral).
- 0 silent assumptions — every classification is from a live command in this macro.
Lesson reinforcement
The matrix proves the lesson: classifying PR merge as BLOCKED_EXTERNAL_AUTHORITY is correct not because the gh token lacks permission (it has admin+push), but because the user's explicit grant scope excludes merge. Authority is a grant, not just a capability. Capability is the lower bound; the grant is the upper bound; we operate at the upper bound.