Incomex AI Portal
KB-79C5

Reuse Extraction Map v0.1 — Implementation Package DOT (READ-ONLY, after Authority Contract, 2026-06-09)

31 min read Revision 1
tool-kiem-thureuse-extraction-mapv0.1implementation-package-dotread-onlyauthority-contractbcdgh-sealeddenominatortrue-gapprohibited-overlapfor-gpt-review2026-06-09

Reuse Extraction Map v0.1 — Implementation Package DOT

Nature: a READ-ONLY, capability-by-capability map of what the future read/report-only Implementation Package DOT v0.1 may reuse from the deployed estate, what needs a small read-only adapter, what is reference-only, what is a prohibited overlap, what is a true gap, and what is unverified. This is NOT a tool spec, NOT an implementation, NOT a schema, NOT a runner. It maps reuse; it builds nothing and decides no sealed question. Date: 2026-06-09 Production mutation: NO. No install, no PG/Directus/registry/filesystem mutation, no system_issues write, no tool/schema/runner created, no FIX7 resumed, no filesystem DOT invoked, no command called, no detector executed, no denominator collapsed, no Codex-sealed decision reopened. Governing authority: contracts/authority-contract-v0-1-2026-06-09.{md,json} (AUTHORITY_CONTRACT_V0_1_READY_FOR_GPT_REVIEW) over the Codex seal reviews/codex-seal-authority-matrix-bcdgh-2026-06-09.md (BCDGH_SEALED), the fresh-read closure reports/authority-matrix-fresh-read-closure-bcdgh-2026-06-09.md (FRESH_READ_CLOSURE_PARTIAL), the baseline ledger reports/dot-registry-directus-text-as-code-baseline-reconciliation-2026-06-09.md (BASELINE_READY_FOR_AUTHORITY_DECISION, live read 2026-06-09 07:11 UTC, role context_pack_readonly, READ ONLY), and the reuse audit reports/text-as-code-reuse-anti-duplication-audit-2026-06-09.md. Evidence discipline: every count is dated evidence carrying surface + denominator + observation timestamp + match key + population + confidence — never an invariant, never collapsed into one canonical DOT number. Anything not directly re-confirmed here is carried at the sealed baseline's confidence or marked UNVERIFIED ("Không chắc đúng = sai"). No fresh live read was taken for this map; the sealed 2026-06-09 baseline stands as the evidence base.

1. Final verdict

REUSE_EXTRACTION_MAP_READY_FOR_GPT_REVIEW

All 18 required capabilities are mapped to exactly one of the six classes (REUSE_AS_IS / REUSE_WITH_ADAPTER / REFERENCE_ONLY / PROHIBITED_OVERLAP / TRUE_GAP / UNVERIFIED), each with a named asset/surface and evidence basis. Enough reuse is established that a Gap-only Scope Spec can be written for the read/report-only gap surface — but only partially: the execution-dependent gaps (command-runner, the run-half of the claim↔test binder, a generic manifest schema) are blocked behind the not-yet-existing Call Contract and two unresolved owner decisions, and must be carved out of any v0.1 spec.

This map reopens nothing sealed and builds nothing. It is routed to GPT review before any Gap-only Scope Spec.

2. Executive summary

  • Enough reuse to proceed? Yes, for the read/report-only surface; partial overall. The deployed estate already supplies the listing, reconciliation, presence, graph/orphan/duplicate, context, corpus, denominator, and report-format capabilities a read/report-only verifier needs — every one of them as a read of a named surface. The capabilities that remain genuinely missing are exactly the ones v0.1 is forbidden to perform (calling/running), so they are deferred, not blockers to a read-only spec.

  • Biggest reuse candidate: the deployed reconciliation + graph + corpus read surfaces consumed strictly read-only — dot_tools (listing, 309), v_dot_reconciliation_reliability over wf_fs_dot_bin_snapshot (canonical current diff: 186 CONFIRMED / 100 REGISTERED / 19 HELPER / 4 MISSING_FILE), universal_edges (2199) / v_kg_edges_all (2259) / entity_dependencies (142), information_unit (219) + tac_logical_unit (102) dual-report, and the knowledge/dev/laws/tool-kiem-thu/ report+JSON+checkpoint pattern itself. None require a new authority; all are live SELECTs with full provenance.

  • Biggest prohibited overlap: a second runner / dispatcher that invokes anything (filesystem DOT or IU command) — sealed out by Domains B and C. Tied closely: a third cut/verify/manifest authority (the pre-existing iu_corecutter_governance duplication means building on neither = a third lineage), a new logger (the deployed fn_tac_log_checker_issue → system_issues is the only sink), a new graph/duplicate/orphan/canonical-id resolver (Domain G), and any TAC↔IU bridge/merge/canonical choice (Domain H).

  • Biggest true gap: a command-runner that captures exit codes — the literal heart of the FIX7/Article-14 failure class ("prose claims an executable that does not actually run"). cutter_agent/dryrun.py deliberately refuses to run anything; no deployed asset executes a declared command and records its return code. This gap is real but out of scope for read/report-only v0.1 — it requires the separate Call Contract (sealed B/C) and Codex review before any build.

  • Biggest unverified area: runnability of any filesystem DOT and the actual_count=163 filter. "Can run" is NOT AVAILABLE for filesystem DOT in v0.1 (Domain B); a direct OS listing of /opt/incomex/dot/bin is unreachable read-only (read_file allowlist + no shell), so the PG mirror is the canonical-available FS evidence; actual_count=163 is an external dot-catalog-sync artifact with an undefined filter and is UNVERIFIABLE/UNSAFE as a denominator. Secondary unverified: Directus 100%-DOT-control (PARTIAL_EVIDENCE_ONLY) and the doc-level canonical-id gap (UNPROVEN — not yet a true gap).

3. Capability map table

Classes: A REUSE_AS_IS · B REUSE_WITH_ADAPTER (read-only, file-report-only) · C REFERENCE_ONLY · D PROHIBITED_OVERLAP · E TRUE_GAP · F UNVERIFIED. "Req v0.1" = yes / no / deferred. Counts are dated evidence from the sealed 2026-06-09 baseline, never invariants.

# Capability Req v0.1 Existing asset / surface / report Class Evidence basis Adapter (read-only) Prohibited actions True gap remaining Codex review
1 Dossier/package identification (package_id / dossier_id / blueprint_ref / revision / document_id) yes KB document_id + path + revision (agent-data MCP); FIX7 exact-MCP-id model; P3D dry-run pkgs; context_pack_manifest; registry-pivot reports A KB list/get returns document_id+revision per doc; FIX7 recheck-8 D pinned document_id = exact MCP id — (native KB fields) Inventing a parallel id namespace Generic cross-package-type package_id envelope → see #2 No (reuse); yes for any new envelope
2 Manifest / package envelope deferred iu_core fn_iu_mark_create_manifest; cutter_governance envelope/manifest/dot_pair_signature/verify_result; context_pack_manifest; 86-units Validation Contract C Reuse audit §2/§5; all are domain-specific manifests; no generic one exists Creating a 3rd manifest/envelope authority; forking either lineage before the owner decision Generic package_manifest schema across pkg types (spec/schema-gated; blocked on iu_core↔cutter_governance) Yes (owner lineage decision + schema)
3 Artifact existence evidence (prove a declared path/reference exists, read-only) yes KB list_documents/get_document; v_kg_edges_all (2259) / universal_edges (2199); Đ19 orphan/dead-link views; v_dot_reconciliation_reliability; wf_fs_dot_bin_snapshot mirror A Fresh-read closure §6; reuse audit §3 ("declared artifact resolves? = orphan/dead-link query") "declared-artifact existence resolver" (reads above, emits resolves?+surface) Invoking filesystem DOT; executing orphan/detector functions; direct OS listing — (existence = read; running the artifact is #4/gap) No
4 Claim-to-evidence binding (link a prose claim to a runnable test result) deferred P11E checker_run_status 4-case truth table + readiness sentence (verdict vocab); 86-units Validation Contract; system_issues; evidence tables E Reuse audit §6 gap #2 ("nothing links a Markdown claim to a runnable test entry"); P11E is the vocab, not the binder "claim-inventory extractor": enumerate declared claims/tests + check evidence-artifact existence (read-only) Asserting PASS without a run; prose-only PASS The run/pass half (binding a claim to an actual execution result) — needs Call Contract Yes
5 Denominator separation / count matrix yes Authority Contract §3 (7-denominator contract); baseline ledger dot-registry-…-baseline-reconciliation (+JSON); fresh-read closure §3 count table A Sealed denominator contract; baseline live read 07:11 UTC "provenance report writer" (emits surface/query/ts/key/population/confidence per count) Collapsing counts into one canonical DOT number (= disguised hardcode) No (sealed)
6 Registry / catalog listing yes dot_tools = meta_catalog CAT-006 = PIV-007 = PIV-104 = 309 (frozen 2026-04-02); pivot_results A Domain A sealed; baseline R1/R2; listing = live SELECT FROM dot_tools Using 309 as runnable/file-backed count; forking the registry No (sealed)
7 Registry↔filesystem current diff yes v_dot_reconciliation_reliability over wf_fs_dot_bin_snapshot (code-key, all 309) = canonical; v_dot_registry_no_file (41, name-key, stale 06-03) = diagnostic only; v_dot_fs_reconciliation A Domain D sealed; closure §App-4 (41-vs-4 = base+key+population); unmatched = NON-CALLABLE "reconciliation report" (both-direction diffs + provenance) Reconciliation/registry mutation; letting name-keyed 41 override canonical No (sealed)
8 Filesystem DOT read-only presence (/opt/incomex/dot/bin) yes wf_fs_dot_bin_snapshot (observed 2026-06-09 02:10:15): total 289 / OPERATIONAL 214 / NOISE_BACKUP 75 / mapped 186 A Domain B sealed; closure §App-2 (mirror reproduced exactly); live OS listing BLOCKED Invoking filesystem DOT; inferring "can run" from presence/exec-bit Direct live OS listing → F (permanently unreachable read-only; mirror is canonical-available) No (B sealed)
9 Command catalog / IU command layer yes (report) / deferred (call) dot_iu_command_catalog (54: 39 mutating / 15 mutating=false, 12 reversible); dot_iu_command_run (55 ledger); dot_iu_runtime_lease (0) A Domain C sealed; closure §App-5; the 15 = candidate future governed set, not a v0.1 call set "command-catalog reporter" (lists the 15 read-only candidates with flags) Invoking any IU command; treating the 15 as an authorized v0.1 call set; new dispatcher A governed call (the 15) — deferred to Call Contract Yes (future Call Contract)
10 Checker / logger / report sink deferred (write) / yes (read) fn_tac_log_checker_issue → system_issues (Đ23, S183; severity-map, md5 dedup, escalate); system_issues open 223,313 C Domain F sealed; closure §App-6; named authoritative sink, write deferred — (read system_issues read-only is allowed) New logger / sink; writing system_issues in v0.1 — (sink exists) Yes (system_issues wiring timing)
11 Graph / orphan / duplicate / impact yes (read) universal_edges 2199 / v_kg_edges_all 2259 / entity_dependencies 142; fn_dot_wf_orphan_detector(_v2), wf_orphan_digest_v2 6, wf_orphan_remediation_queue 145; v_birth_duplicate_issue_guard / v_rp_dedup_signature_gap / v_system_issue_semantic_duplicate_dashboard / v_system_issue_idempotency_guard A Domain G sealed (EXISTING_AUTHORITY_SUFFICIENT); closure §6; read result tables/views only "impact/orphan reporter" (reads result surfaces) Executing detector functions; new graph/duplicate/orphan resolver; writing findings Doc-level canonical-id resolver = UNPROVEN (see #UNVERIFIED), not a true gap Light (confirm no-fork); yes if a new resolver is ever proposed
12 Context Pack / active context yes v_context_pack_latest, context_pack_manifest.health_status, v_entity_full_classification, rendered PROJECT_MAP/LAWS_INDEX/DOT_REGISTRY/RED_ZONES (Đ43); dot-context-pack-{build,verify}.sh (rev 11/5) A Reuse audit §2/§5; Đ43 deployed (VPS, cron) "approved-SSOT/scope reader" Re-deriving context health; rebuilding/mutating the pack pipeline — (paired build/verify script pattern = C, not v0.1 work) No
13 Text-as-Code / IU / TAC corpus yes information_unit (219) and tac_logical_unit (102); 0 joining views/functions; fn_iu_* lifecycle (edit/apply/save/supersede/merge/split) A Domain H sealed (NO_BRIDGE_DUAL_REPORT_ONLY); closure §5; dual-report only "dual-corpus reporter" (219 + 102 side-by-side, never joined) TAC↔IU bridge / merge / canonical choice; calling mutating fn_iu_* — (corpus authority unresolved by design) Yes (corpus authority = owner+Codex)
14 Directus DOT control deferred (read-only observe ok) directus_flows (128 total / 111 active / 36 DOT-named) incl. [DOT-REG] sync / [WATCHDOG] A Domain E adopted; baseline; read-only observe "flow-inventory reporter" Directus mutation (CRUD); claiming 100% DOT control 100%-DOT-control = F UNVERIFIED (PARTIAL_EVIDENCE_ONLY) Deferred (E default); yes if a write path is proposed
15 Report output format yes knowledge/dev/laws/tool-kiem-thu/ report.md + report.json + checkpoint pattern; P11E CheckerOutput; healthcheck.HealthcheckReport.to_json() A Domain I adopted; this folder's own dual-artifact convention — (pattern is the deliverable shape) Prose-only PASS; writing outside knowledge/dev/laws/tool-kiem-thu/ No
16 Negative / adversarial test evidence deferred P11E §4.5 four-case truth table; dryrun.py fail-closed negatives; P9-G6 dry-run package; FIX7 recheck-failure cases C Reuse audit §2/§5; design precedents / acceptance fixtures Running negatives in v0.1 (no execution) A runnable negative-test harness (deferred with #4) Yes (gap-only spec)
17 Fail-closed behavior deferred dryrun.py (FailClosed→exit 3, sha256-gate-before-parse, artifact-only, env-cred refusal); P11E "no metadata → NOT_READY not FAIL"; Đ43 §5.8 guards C Reuse audit §2; local non-production checkout …/iu-cutter/ (not a runtime) Implementing executable fail-closed logic in v0.1 (build prohibited pre-spec) Built fail-closed verifier (deferred to post-spec) Yes (at impl)
18 FIX7 pilot readiness deferred FIX7 blueprint KB docs (read); existence checks (#3); P11E verdict vocab (#4); report format (#15) B Reuse audit §8 R4 ("pilot only, no FIX7 resume"); read/report-only pilot is composable from read surfaces "FIX7 read/report pilot": report which declared artifacts resolve / which claims lack a runnable binding Resuming FIX7; running its declared executables (no Call Contract) The executable pilot (run all 5 CONSTITUTION_14_EXECUTABLE_CHECK_FAIL reasons) → E, deferred Yes

4. Reuse-as-is list (read/reference directly, no new authority)

Each is consumed strictly read-only; none creates authority. Listing/reads are always live SELECT/KB-read, never a baked constant.

  1. dot_tools registry listing — catalog of record (309 = CAT-006 = PIV-007 = PIV-104, frozen 2026-04-02). Listing only (Domain A). [cap 6]
  2. v_dot_reconciliation_reliability over wf_fs_dot_bin_snapshot — canonical current registry↔FS diff (code-key, all 309: 186/100/19/4). Unmatched = NON-CALLABLE (Domain D). [cap 7]
  3. v_dot_registry_no_file (41) / v_dot_fs_reconciliation — separately dated, name-keyed diagnostics; must not override the canonical diff (Domain D). [cap 7]
  4. wf_fs_dot_bin_snapshot — filesystem-presence mirror (214 operational / 186 mapped). Presence only; never "can run" (Domain B). [cap 8]
  5. dot_iu_command_catalog / dot_iu_command_run / dot_iu_runtime_lease — read-only reporting of the command layer incl. the 15 mutating=false candidate set (NOT a v0.1 call set) (Domain C). [cap 9]
  6. universal_edges (2199) / v_kg_edges_all (2259) / entity_dependencies (142) — graph / impact / resolve-ref / dead-link substrate; read, never write-back (Domain G). [cap 11]
  7. Đ19 orphan result surfaceswf_orphan_digest_v2 (6), wf_orphan_remediation_queue (145), v_birth_orphan/v_workflow_orphan_v2 etc. Read outputs; do not execute detectors (Domain G). [cap 3, 11]
  8. Duplicate-engine result viewsv_birth_duplicate_issue_guard, v_rp_dedup_signature_gap, v_system_issue_semantic_duplicate_dashboard, v_system_issue_idempotency_guard. Read only (Domain G). [cap 11]
  9. Đ43 published context packv_context_pack_latest, context_pack_manifest.health_status, v_entity_full_classification, rendered LAWS_INDEX/DOT_REGISTRY/RED_ZONES. Read to resolve approved-SSOT/scope. [cap 12]
  10. information_unit (219) and tac_logical_unit (102) — dual-report, read-only, never joined/chosen/bridged (Domain H). [cap 13]
  11. directus_flows — read-only observe (128/111/36 DOT-named); no CRUD (Domain E). [cap 14]
  12. system_issues — read-only (open 223,313 / resolved 674 / archived 20); the named write sink is fn_tac_log_checker_issue, write deferred (Domain F). [cap 10]
  13. The 7-denominator contract + baseline ledger — reuse verbatim as the count discipline; every count carries full provenance and stays separate (Authority Contract §3). [cap 5]
  14. KB document_id + path + revision — native, read-only package/dossier identifiers (agent-data MCP). [cap 1]
  15. The knowledge/dev/laws/tool-kiem-thu/ report+JSON+checkpoint pattern — the file-report-only output shape (Domain I). [cap 15]

5. Reuse-with-adapter list (read-only, file-report-only adapters — proposed later, in a spec)

All adapters are read-only and file-report-only; none invokes, mutates, or creates authority. They are candidates for the Gap-only Scope Spec, not built here.

  1. Declared-artifact existence resolver — given a package's declared references, query KB list_documents/get_document + v_kg_edges_all + v_dot_reconciliation_reliability and emit {reference, resolves?, surface, observation_ts}. Pure read. [cap 3]
  2. Claim-inventory extractor — enumerate the declared claims/tests/artifacts in a package's prose and emit a table of which have a resolvable evidence artifact (existence only — does not run them). The run/pass binding is a true gap (#4). [cap 4]
  3. Registry↔FS reconciliation report — wrap the canonical code-keyed reliability view with both-direction diffs + the name-keyed diagnostic shown separately, full provenance per count. [cap 7]
  4. Dual-corpus reporter — emit information_unit (219) and tac_logical_unit (102) side-by-side with provenance; structurally incapable of joining/choosing (Domain H). [cap 13]
  5. Provenance report writer — for every count emitted, attach surface + query + observation timestamp + match key + population + confidence; refuse to print a bare count. [cap 5, 15]
  6. FIX7 read/report pilot — report, for the FIX7 package, which declared artifacts resolve and which claims lack any runnable binding (read-only; no FIX7 resume, no execution). [cap 18]
  7. Flow-inventory / command-catalog reporters — read-only listings of directus_flows and the 15 mutating=false IU commands as candidate future governed sets. [cap 9, 14]

6. Reference-only list (design precedents — do NOT copy into runtime without spec approval)

  1. cutter_agent/dryrun.py + cli.py + isolation test suite (local /Users/nmhuyen/iu-cutter-build/repo/iu-cutter/, not production) — the fail-closed verifier backbone: extract_regionsnapshot_gate (sha256-before-parse) → coverage proof → determinism re-run → FailClosed→exit 3 → artifact-only. Precedent only; v0.1 builds no code. [cap 17]
  2. P11E checker_run_status (ran_clean|ran_with_drift|not_ready|error_running) + §4.5 truth table + readiness sentence — adopt the verdict vocabulary verbatim so an incomplete/unrunnable manifest is structurally incapable of reading PASS. [cap 4, 16]
  3. P6 checker taxonomy + severity (BLOCK/ERROR/WARN/INFO) + {TYPE}-{DOMAIN}-{SEQ} registry fields — checker design contract. [cap 4]
  4. iu_core fn_iu_mark_create_manifest / cutter_governance envelope + dot_pair_signature + verify_result — two existing manifest/verify lineages; precedents for the manifest model — adapt at most one, after the owner decision; forking either or building a third is prohibited. [cap 2]
  5. 86-units 19-gate preflight + Validation Contract + exact-key dual-write rollback (p3d-phase5c2-86-units-completion-report.md §5) — preflight/verify/rollback precedent (--doc_code--manifest generalization is post-spec). [cap 4, 16]
  6. Đ43 dot-context-pack-{build,verify}.sh paired-DOT patterndot_config_get no-fallback, §5.8 five-guard read-only SQL, generic executor_type dispatch, dual-checksum, staging→promote. Pattern only; the deployed scripts/cron are untouchable. [cap 12]
  7. P9-G6 dry-run package (fail-loud search_path, pg_catalog.sha256(), DROP-CASCADE 0-residue, KB-report-only) — DB-step dry-run template. [cap 16, 17]
  8. iu_core.healthcheck per-surface verdict-dispatch + HealthcheckReport.to_json() — per-claim verdict/report shape. [cap 15]

7. Prohibited overlap list (would create parallel authority — must NOT be built or used)

  1. New runner / dispatcher of any kind — Domains B, C. v0.1 calls nothing.
  2. Filesystem DOT invocation — Domain B; "can run" is NOT AVAILABLE for filesystem DOT in v0.1.
  3. IU command invocation — Domain C; the 15 mutating=false commands are a candidate set for a future Call Contract, not a v0.1 call set.
  4. New registry authority / forking dot_tools — Domain A/D; the catalog is not replaced.
  5. New logger / writing system_issues in v0.1 — Domain F; the deployed fn_tac_log_checker_issue is the only sink, write deferred.
  6. New graph / duplicate / orphan / canonical-id resolver — Domain G; prohibited unless a separately authorized read-only gap proof shows a concrete miss against existing engines.
  7. Executing detector functions / writing findings — Domain G; presence of a view/function does not authorize running it.
  8. TAC↔IU bridge, merge, reconciliation, or canonical choice — Domain H; dual-report only.
  9. Directus mutation (CRUD) — Domain E; no write path until 100% DOT-control is proven.
  10. Registry cleanup / reconciliation mutation — no rebirth/cleanup of unmatched entries; reconciliation is read-only reporting.
  11. A third cut/verify/manifest authority — building on neither iu_core nor cutter_governance = a third lineage; resolve the duplication (owner) before any manifest work.
  12. Collapsed counts / a single canonical DOT number — a disguised hardcode.
  13. Prose-only PASS — no success claim without runtime evidence behind it.

8. True gaps list (only after reuse is exhausted)

Each is genuinely missing; for each: why reuse does not solve it, whether it belongs in v0.1 or is deferred, and whether Codex review is required before build.

  1. Command-runner that captures exit codes.

    • Why not solved: dryrun.py deliberately refuses to run anything (env-cred refusal, --no-* flags); no deployed asset executes a declared command and records its return code. This is the literal FIX7/Article-14 failure ("declared invocation exits non-zero because the artifact does not exist").
    • v0.1 or deferred: DEFERRED. Out of read/report-only scope; blocked on the sealed Call Contract (identity, permitted mode, inputs, exit-code semantics, timeout, lease/gate, audit ledger, non-mutation boundary).
    • Codex review: Yes, before any build.

  2. Claim ↔ executable-test run-binder.

    • Why not solved: P11E supplies the verdict vocabulary and the existence resolver (#3 adapter) proves a declared evidence artifact exists, but nothing binds a Markdown claim ("selftest passes / canonicalizer runs") to an actual execution result. The read-only existence half is reusable; the run/pass half is not.
    • v0.1 or deferred: read-only existence half = v0.1 (adapter §5.2); run/pass binding = DEFERRED with #1.
    • Codex review: Yes (for the run/pass half).

  3. Generic package_manifest envelope + schema across package types.

    • Why not solved: existing manifests are domain-specific (IU-cut / context-section / 86-units). A generic one does not exist.
    • v0.1 or deferred: DEFERRED. Schema build is prohibited before an approved spec, and the manifest lineage is blocked on the iu_corecutter_governance owner decision.
    • Codex review: Yes (owner lineage decision + Codex schema review).

  4. --selftest N/N counter + module_sha256 self-pin.

    • Why not solved: the repo proves isolation by AST test, not by a self-reporting pinned counter; this is a property of built code.
    • v0.1 or deferred: DEFERRED to post-spec build (small).
    • Codex review: at impl.

  5. audit_dead_links() doc-level broken-ref engine over declared references.

    • Why not solved: named "to-build (🔴)" in Đ23; a persistent engine does not exist. A read-only dead-link report over v_kg_edges_all is reusable now (adapter §5.1); a persistent audit_dead_links() engine that sinks to system_issues is the bounded new work.
    • v0.1 or deferred: read-only report = v0.1 (adapter); the engine + sink = DEFERRED (must reuse v_kg_edges_all + system_issues, no new graph/sink).
    • Codex review: Yes (sinks to system_issues).

Not a true gap: the doc-level canonical-id / duplicate-authority resolver. Per Domain G it is UNPROVEN — the deployed duplicate engines target DB entities, not KB-document canonical-id, but a concrete miss has not been demonstrated. It must be proven by running existing engines read-only under separate authorization before it may be called a gap or built. Listed under Unverified (§9).

9. Unverified list (cannot be used for planning yet)

  1. actual_count = 163 (CAT-006) filter — external dot-catalog-sync (on-deploy) artifact; no DB writer produces 163; filter undefined. UNVERIFIABLE-by-design / UNSAFE as a denominator (baseline §App-1).
  2. Direct live OS listing of /opt/incomex/dot/bin and /opt/incomex/scriptsread_file allowlist (/opt/incomex/docs, /opt/incomex/dot/specs, /var/log/nginx) + no shell. Permanently unreachable read-only; the PG mirror (wf_fs_dot_bin_snapshot / wf_fs_script_snapshot) is the canonical-available FS evidence.
  3. Runnability ("can run") of any filesystem DOT — NOT AVAILABLE in v0.1 (Domain B); presence + exec-bit + historical run rows never prove it.
  4. Directus 100%-DOT-control — PARTIAL_EVIDENCE_ONLY; not proven; no mutation path until proven (Domain E).
  5. Doc-level canonical-id / duplicate-authority gap — UNPROVEN; not yet a true gap (Domain G); requires a read-only gap proof against existing engines first.
  6. iu_corecutter_governance canonical cutting/manifest/verify lineage — two deployed lineages; which is canonical is an owner decision, unresolved.
  7. TAC ↔ IU corpus authority + any bridge — unresolved by design (Domain H); owner+Codex decree required before any corpus is consumed as canonical.
  8. /opt/incomex/scripts "42" surface — resolved as a separate, non-DOT surface (wf_fs_script_snapshot, 42; mapped_dot_code=0); excluded from DOT authority — listed here only to fix it as out-of-scope, not as an open question.

10. Gap-only Spec readiness

PARTIAL_READY.

  • Ready now (read/report-only surface): every read-only capability a verifier needs is mapped to a named, sealed, reusable surface (§4), and a small set of read-only, file-report-only adapters (§5) covers the rest. A Gap-only Scope Spec scoped to the read/report-only gaps — existence resolver, claim-inventory extractor (existence half), dual-corpus reporter, reconciliation report, provenance writer, read-only dead-link report, FIX7 read/report pilot — can be written.
  • Not ready (must be carved out): the execution-dependent gaps — command-runner with exit codes (#8.1), the run/pass half of the claim↔test binder (#8.2), and the generic manifest schema (#8.3) — are blocked behind the not-yet-sealed Call Contract and two unresolved owner decisions (iu_corecutter_governance lineage; TAC↔IU corpus authority). Specifying them in v0.1 would violate Domains B/C/H and pre-empt owner decisions.
  • Net: the spec may proceed for the read-only gap surface only; the runnable verifier remains gated. This is honest PARTIAL_READY, not READY (the headline FIX7 capability — actually running declared executables — is deferred) and not NOT_READY (the read-only skeleton is fully reusable).

11. Minimal next step (exactly one)

GPT review Reuse Extraction Map. Route this map to GPT for review of the six-class assignments and the PARTIAL_READY gap-readiness call before drafting any Gap-only Scope Spec. No further read is productive for the map (the unverified residuals in §9 are owner decisions or permanently unreachable read-only). No tool/schema/runner, no call, no mutation until the map is reviewed and a spec is approved.

Cross-references

  • Authority Contract: contracts/authority-contract-v0-1-2026-06-09.{md,json} (AUTHORITY_CONTRACT_V0_1_READY_FOR_GPT_REVIEW)
  • Codex seal: reviews/codex-seal-authority-matrix-bcdgh-2026-06-09.md (BCDGH_SEALED)
  • Fresh-read closure: reports/authority-matrix-fresh-read-closure-bcdgh-2026-06-09.{md,json} (FRESH_READ_CLOSURE_PARTIAL)
  • Decision matrix draft: reports/authority-decision-matrix-draft-after-baseline-2026-06-09.{md,json}
  • Baseline ledger: reports/dot-registry-directus-text-as-code-baseline-reconciliation-2026-06-09.{md,json} (BASELINE_READY_FOR_AUTHORITY_DECISION)
  • Reuse audit (maturity-corrected source): reports/text-as-code-reuse-anti-duplication-audit-2026-06-09.md
  • Machine mirror of this map: reports/reuse-extraction-map-v0-1-2026-06-09.json
  • This map's checkpoint: checkpoints/checkpoint-reuse-extraction-map-v0-1-2026-06-09.md