Incomex AI Portal
KB-3189

Codex Checkpoint Packet — Gap-only Scope Spec + FIX7 Read/Report Pilot (compact review, 2026-06-09)

6 min read Revision 1
tool-kiem-thucodexcheckpoint-packetreviewgap-only-scope-specfix7-pilotv0.1read-report-onlycompact2026-06-09

Codex Checkpoint Packet — Gap-only Scope Spec + FIX7 Read/Report Pilot

Nature: a compact review packet so Codex can adjudicate the v0.1 planning layer without redoing the baseline / authority-matrix / fresh-read / reuse-extraction investigation. It asks five questions only. It carries the verbatim sealed constraints and the new design deltas; it reopens nothing. Date: 2026-06-09 Production mutation: NO. Review target: designs/implementation-package-dot-v0-1-gap-only-scope-spec-2026-06-09.{md,json} + designs/fix7-read-report-pilot-design-for-implementation-package-dot-v0-1-2026-06-09.md (+ MVP plan, acceptance matrix, future-contracts queue as supporting context). Decision sought: seal the Gap-only Scope Spec for the read/report-only surface, or return blockers. MVP greenlight is gated on this seal.

1. One-paragraph context (do not re-investigate)

BCDGH_SEALED (Codex) + Authority Contract v0.1 + Reuse Extraction Map (PARTIAL_READY) are the inputs. v0.1 is read/report-only: it invokes nothing, mutates nothing, creates no runner/registry/logger/graph/corpus authority, keeps 7 denominators separate, and dual-reports TAC/IU. The new work under review is the Gap-only Scope Spec (what the read/report-only inspector is/does, its verdict vocab, fail-closed rules, output contract) and the FIX7 read/report pilot (catch the Article-14 "claim-without-evidence" class without running anything). Every execution-dependent capability is carved out behind named future contracts (Call Contract keystone).

2. What changed since the seal (the deltas to review)

  1. A verdict vocabulary that structurally cannot emit proof-of-run: strongest positive = EVIDENCE_PRESENT (is_proof_of_run:false); READ_REPORT_PASS/FLAG/BLOCKED/NOT_APPLICABLE per dossier.
  2. A claim/evidence inventory rule: enumerate executable claims, check only whether a resolvable evidence artifact exists; never run the claim. EVIDENCE_ABSENT → FLAG is the Article-14 catch.
  3. Eight read-only adapters (existence resolver, claim-inventory existence-half, reconciliation report, dual-corpus reporter, provenance writer, read-only dead-link report, FIX7 pilot, flow/command-catalog reporter) — each a read of a named sealed surface; none invokes/mutates.
  4. 12 failure modes + 7 validation gates (provenance, denominator-separation, dual-corpus, no-run, no-mutation, proof-of-run=false, canonical-diff) all fail-closed.
  5. FIX7 pilot mapping all 7 Recheck-8 reasons (C1–C7) to read-only verdicts + a stripped-dossier negative fixture (Acceptance Test #20).
  6. Eight carve-outs routed to named future contracts.

3. The five questions (answer each YES/NO + note)

  1. Does the spec obey Authority Contract v0.1? (read/report-only; no invoke; no mutation; 7 denominators separate; dual-report TAC/IU; canonical code-keyed diff; file-report-only under knowledge/dev/laws/tool-kiem-thu/.)
  2. Does it accidentally create runner / logger / registry / graph / corpus authority? (Intended answer: NO on all five — confirm or flag where a module or rule drifts.)
  3. Is the FIX7 read/report pilot sufficient to catch Recheck 8 at read/report level? (i.e. is "claim has a resolvable evidence artifact?" the right read-only test for the Article-14 class, with the run-half correctly deferred?)
  4. Are all execution-dependent gaps correctly deferred? (command-runner, run/pass binder, generic manifest schema, --selftest/module_sha256, audit_dead_links() engine+sink, Directus write, TAC↔IU bridge, CI/policy gates — each behind a named contract.)
  5. Is MVP implementation allowed after this spec, or still blocked? (Greenlight the read/report-only MVP build, or name the blocker.)

4. Hard limits Codex should hold the spec to (fail-closed checklist)

  • No verdict may assert proof-of-run (is_proof_of_run must be false everywhere).
  • No single canonical DOT number; ≥2 denominators kept separate with full provenance.
  • dual_corpus.joined must be false; 219/102 shown separately.
  • Name-keyed diagnostic (41) must never override canonical code-keyed diff (4).
  • The module set must contain no invoke/dispatch/mutate/sink/resolver/bridge capability.
  • Nothing executes the FIX7 canonicalizer, any command, or any detector.

5. Out of scope for this review (do not adjudicate here)

  • The Call Contract and proof-of-run semantics (separate future review).
  • iu_corecutter_governance lineage decision and TAC↔IU corpus authority (owner decisions, then Codex).
  • Any production mutation, install, or FIX7 resume.

6. Requested disposition

  • GAP_ONLY_SPEC_SEALED → read/report-only MVP build may start (no execution capability).
  • or RETURN_BLOCKERS → list the minimal modifications; nothing builds until re-sealed.

Cross-references

  • Gap-only Scope Spec: designs/implementation-package-dot-v0-1-gap-only-scope-spec-2026-06-09.{md,json}
  • FIX7 pilot: designs/fix7-read-report-pilot-design-for-implementation-package-dot-v0-1-2026-06-09.md
  • MVP plan: planning/mvp-read-report-inspector-implementation-plan-no-code-2026-06-09.md
  • Acceptance matrix: designs/acceptance-test-matrix-implementation-package-dot-v0-1-2026-06-09.md
  • Future contracts queue: planning/future-contracts-queue-after-v0-1-2026-06-09.md
  • Authority Contract: contracts/authority-contract-v0-1-2026-06-09.{md,json} · Codex seal: reviews/codex-seal-authority-matrix-bcdgh-2026-06-09.md
Back to Knowledge Hub knowledge/dev/laws/tool-kiem-thu/reviews/codex-checkpoint-packet-gap-only-spec-and-fix7-pilot-2026-06-09.md