Action-Ready Blockers after B7 Governed Export-Packet — tool-kiem-thu

Date: 2026-06-10 · Context: the B7 export-packet core closed (design + reference validation, real packet 10/10+7/7). These are the residual items that keep the full B7 layer at PARTIAL, each action-ready. None blocks Phase 2/3 (already PASS). Production mutation: NO. Codex: NO.

---

B7-EXP-1 — Named-query catalog is provisional, not a governed authority

• Class: missing named-query authority + owner decision.
• Evidence: verified 2026-06-10 — no generic named-query catalog surface exists in directus.public (only domain-specific v_*_packet/manifest views + dot_iu_command_catalog). Catalog is PROVISIONAL_NON_AUTHORITY (designs/b7-named-query-catalog-spec-2026-06-10.md).
• Routes inspected: adapt dot_iu_command_catalog shape (done, as model); fork it (rejected — Domain C/H no new authority/mutation); invent new table (rejected — owner decision, creates authority surface).
• Why it blocks: a catalog that is editable post-approval without detection cannot be load-bearing (feedback_self_audit_before_external_review_mutable_authority).
• Exact next action: owner decides the governed home (new sealed named_query_catalog table or sanctioned extension of dot_iu_command_catalog); Codex seals the model + initial entries; add content-hash/version seal.
• Needs: owner + Codex. Blocks: B7 promotion (not Phase 2/3, not the core pipeline).

B7-EXP-2 — Automated, audited export service not built

• Class: missing execution venue + (optional) network-policy contract.
• Evidence: the 2026-06-10 export was operator-run (agent through the query_pg gateway). No automated service exists; the rev4 spec sanctions interim manual export.
• Routes inspected: operator-run (works today, demonstrated); automated service (needs an authorized runtime venue + network-policy enforcement = D9).
• Why it blocks: batch/scheduled governed export and end-to-end network-policy enforcement require a service the macro did not authorize building.
• Exact next action: owner authorizes a read-only runtime venue (e.g. the existing CI repo tool-kiem-thu-ci, or a VPS read-only job); design+Codex-review the network-policy half (D9).
• Needs: owner (venue) + Codex (network policy). Blocks: automation only; manual governed export is unblocked.

B7-D10 — Path-scoped server-enforced KB report writer (PROHIBITED to build here)

• Class: missing server-enforced write surface.
• Evidence: the KB write connector exposes broad verbs (upload/update/patch/delete/ingest) with no server-enforced path scope (Codex-confirmed, rev4 §10). No reusable bounded writer exists.
• Routes inspected: none safe — this macro prohibits building a KB writer; uploading the local report remains a separate human governed action.
• Exact next action: owner+Codex commission a path-scoped, server-enforced writer (scope = knowledge/dev/laws/tool-kiem-thu/… only).
• Needs: owner + Codex + build. Blocks: tool-side report persistence (D10). Interim: human upload.

B7-D11 — Downstream gate-consumer / authority contract (PROHIBITED to build here)

• Class: missing sealed downstream authority.
• Evidence: macro prohibits creating a gate consumer / pre-report mandatory gate. Report stays decision_effect=NONE, may_gate=false.
• Exact next action: owner+Codex seal a downstream consumer contract before any output is allowed to gate/authorize anything.
• Needs: owner + Codex. Blocks: any gating use (D11); not the read/report pipeline.

Summary

Blocker	Needs	Blocks B7 promotion?	Blocks Phase 4?	Blocks the closed core?
B7-EXP-1 catalog authority	owner+Codex	yes	catalog-as-authority	no
B7-EXP-2 export service	owner+Codex	partial (automation)	export automation	no (manual works)
B7-D10 KB writer	owner+Codex+build	yes	tool report persistence	no
B7-D11 gate consumer	owner+Codex	yes	gating use	no

None is a TRUE blocker (each has a clear owner/Codex route) and none blocks the closed export-packet core, which is why overall status is PARTIAL, not BLOCKED.