03 - O3 LiveDiscoverer Implementation Or Gap

Gate

G2 - inspect discoverer seams and author minimal live read-only adapter only if needed.

Existing seam

cutter_agent/orchestrator/discover.py already defined the read-only Discoverer protocol and InMemoryDiscoverer. Before O3, the live path was not implemented.

Implementation

Added minimal adapter:

• ReadOnlyRoleStatus
• LiveConstitutionSurvey
• LiveReadOnlyDiscoverer
• pin_live_constitution_survey(ctx, survey)

Changed files:

• /Users/nmhuyen/iu-cutter-build/repo/iu-cutter/cutter_agent/orchestrator/discover.py
• /Users/nmhuyen/iu-cutter-build/repo/iu-cutter/cutter_agent/orchestrator/__init__.py
• /Users/nmhuyen/iu-cutter-build/repo/iu-cutter/tests/test_orchestrator_o2_e2e.py
• /Users/nmhuyen/iu-cutter-build/repo/iu-cutter/tests/test_orchestrator_o3_live_readonly.py

Local commit:

3d26a09 feat(orchestrator): add O3 live read-only discovery

Design constraints preserved

• Adapter accepts injected select_rows(sql, params) callable.
• Adapter stores no secret, DSN, host, container, or runtime ID.
• Adapter executes only SELECT SQL text and result interpretation.
• Live survey pins are stored only in per-run RunContext.context_pins.
• No module-level PIN_* constants were introduced.
• No mutating phase behavior changed.
• __execution_enabled__ remains False.
• Mode.LIVE remains refused.

Static safety evidence

git diff --check output:

<empty>

Hardcode scan output:

<empty>

Command scanned for: contabo, IP fragments, postgres, docker exec, ssh, PGPASSWORD, DATABASE_URL, known runtime IDs, and prior approval UUIDs inside orchestrator code and O3 test.

Result

G2 PASS. No architecture change was needed.