Codex Stage 2.6A-FIX4 QT-001 Authoritative Path Audit

Date: 2026-06-07. Mode: READ-ONLY production audit. Status: COMPLETE - FAIL.

Final verdict: STAGE2_6A_FIX4_FAIL_HARDCODE_OR_BYPASS_STILL_DANGEROUS.

Production is currently blocked and birth-neutral, but FIX4 cannot be accepted as the authoritative-path/no-hardcode layer. The live writer and builder still consume fn_dot_birth_qt001_plan_v2; the no-legacy guard misses that dependency and transitive dependencies. Capability evidence is object-existence proof, several negative tests are constants or tautologies, and controlled identities/evidence are mutable rows owned by directus.

MCP read-back listed all 15/15 report documents; full read-back and semantic search passed. Final no-worse output remained QT001 births/permits/done ledgers/Tier1/signoff 0, readiness BLOCKED, and scale NOT_SAFE.

Do not proceed to apply or 2.6B implementation until the exact FIX4 repair scope passes independent re-audit.