08 - Hardcode / Disguised-Hardcode / PG-First-Native-Driven

Verdict

CHECK_H_FAIL_HARDCODE_OR_PG_NATIVE_GAP

The blueprint does not currently satisfy zero-disguised-hardcode or absolute PG-native-driven requirements.

Finding

The S00 set derived from owner=directus plus QT001 name pattern is used as the sealed target for S15 REVOKE, S16 ownership cutover, and S17 freeze. That pattern is therefore final operational authority, not a diagnostic candidate scan. It can omit a relevant object with another owner/name and can include an irrelevant object matching the pattern.

This directly contradicts:

• G-PGNATIVE: no name-pattern authority;
• S00 text: inventory is diagnostic/planning only;
• the requirement that classification and behavior be PG-data-driven.

Required T1 fix: candidate discovery may use names, but final membership must be established by typed, sealed classification and structural dependency/effective privilege evidence, exact-set compared to catalogs. No hand list or naming convention may decide authority.