Endgame Campaign — 11 Prompt / Control-Tower Pack (20 large paste-ready prompts)
11 — Prompt / Control-Tower Pack (20 large prompts)
Every prompt is open-goal, self-contained, host-aware (contabo VPS · Docker postgres/directus · PG16.13 · read=MCP query_pg role context_pack_readonly · apply=ssh contabo → docker exec -i postgres psql -U workflow_admin -d directus), and forbidden-aware (never flip iu_enact.allow_no_review_decision / iu_core.vector_sync_enabled; no Directus/vector/UI/job/real-delivery; no law enactment; no agent self-mint of review_decision; dress-rehearse BEGIN..ROLLBACK → COMMIT → fresh-conn verify; every commit needs a tested rollback). Read this package first.
P1 — Candidate Registry G1 final activation. Goal: with a human Điều 32 approval id + enacting-law clause in hand, execute the proven one-shot birth of field_registry, input_form_registry, tier_registry (doc 01 §3). Create tables → meta_catalog(managed, next CAT code) → entity_species(management_mode='governed') → species_collection_map → collection_registry(draft) → then human cert: UPDATE birth_registry SET certified=true. Verify fn_pre_birth_check 5/5 each, gate verify all_safe. Provide full rollback incl. the meta_catalog cascade/guard handling. Stop if no human Đ32 id.
P2 — Factory row G4 final activation. Goal: with enacting-law clause + human approval, flip GOV-MOW/MOT/MOIT/MOUT draft→active and certify their births. Re-verify capability matrix no-double-ownership before flip; confirm no runtime gate opens as a side effect; gate verify all_safe after. Keep MOIT/MOUT activation blocked until P1 (their output tables) exists. Rollback = active→draft + certified=false.
P3 — Production review_decision governance (G3). Goal: as a privileged operator inside cutter_governance, build fn_governance_proposal_create per doc 03 §2 (status='proposed' only, verdict non-final, manifest binding, requester identity, refuses approve/reject, no agent self-approve, audit/evidence, reversible). Add the cross-sign (≥2 human/council) finalization workflow separately. Prove the agent cannot self-approve. Do NOT expose to context_pack_readonly.
P4 — Human-org-role law implementation (G2). Goal: take doc 04 to enactable form — council-review the role×verb×scope matrix, then (in a human window) birth the human_org_role + role_permission_grant registries via the proven G1 birth sequence, map each role to a Directus policy, and document the Nuxt nav model (Điều 28, no UI build). agent role can never hold approve. No enactment without council/sovereign.
P5 — Mother event type live seed (DONE — verify + extend). Goal: confirm the 9 dormant mother.* rows (doc 05); if Điều 45 is enacted and factories activated, flip selected types active=true under governance. Add any missing lifecycle types (e.g. mother.config.updated, mother.output.superseded) refs-only, active=false. Never wire delivery while delivery_enabled=false.
P6 — KG relation DOT enrichment. Goal: under an explicit Điều 39 clause, (a) decide + apply the iu_relation vocab expansion (DROP/ADD CHECK) for the agreed conceptual edge types with atom-law justification per type; (b) build fn_iu_kg_relation_upsert + catalog row (category=write, mutating=true) enforcing vocab membership, provenance-or-quarantine, assertion_mode, self-edge reject, write-gate allowlist (doc 06 §4). Dress-rehearse; verify v_kg_edges_all still coherent; no second SoT; vector off.
P7 — IU pilot Day 1 run. Goal: execute doc 08 — open with fn_iu_gate_verify_closed(), do the day's read + any bounded governed compose/split/merge inside the gate protocol with a real review_decision, run hourly health checks, file evidence under knowledge/dev/reports/operations/iu-pilot/<date>/, close out PASS/PARTIAL/BLOCKED. Halt on any stop condition.
P8 — IU pilot Week 1 monitoring. Goal: aggregate 5–7 days of pilot evidence — gate-verify trend, dot_iu_command_run growth, DLQ depth, gate-transition TTL hygiene, any drift in iu/iu_relation counts. Produce a week-1 health report + a decision on widening pilot scope. No scope widening without council sign-off.
P9 — Master Design truth patch (Rev6). Goal: fold doc 07 into v0.6-iu-4mothers-event-foundation-rev2 — add a "Live Status 2026-05-28" banner, replace the 3 buggy DDL snippets, add the capability jsonb factory model, document cutter_governance walling + the live 6-value relation vocab + dormant mother.*. Prefer editing the actual design docs over a new report.
P10 — 4 Mothers Phase 0 config-only substrate. Goal: stand up a non-runtime config layer that reads live draft factory rows + capability + dormant events and stores proposed config envelopes (no active, no generation). Decide its storage (reuse governance_registry.capability/a draft collection birth in a human window). Bounded by doc 10 §4.
P11 — MOW dry config prototype. Goal: produce a concrete MOW config envelope (doc 09) for one real workflow need — input contract (IU/task refs), output contract (proposed workflows row shape), event mapping, governance proposal flow — as data only, no generation, no UI. Validate against MOW capability (creates workflows, references-only the rest).
P12 — MOT dry config prototype. Goal: same for MOT — a tasks output envelope referencing IU/field_registry/workflows, never owning workflows/IU. Data only.
P13 — MOIT dry config prototype. Goal: same for MOIT — input_form_registry+field_registry outputs; explicitly mark blocked-on-G1 (tables absent) and show how it unblocks post-P1. Data only.
P14 — MOUT dry config prototype. Goal: same for MOUT — design_templates output referencing IU/input_form_registry; blocked-on-G1 for the input_form reference. Data only.
P15 — Governance cockpit non-UI data model. Goal: design a read-only cockpit data model (views/queries) over governance_registry (incl. factory class + capability), birth_registry (certified state), event_type_registry (mother.* dormant), and gate-verify output. Read-only; no UI; no new SoT. Deliver SQL views (additive, reversible) if safe.
P16 — Event/Queue hardening for Mothers (Điều 45). Goal: specify the absent job substrate — executor_class, retry_policy, idempotency_key, dlq_replay_request registries — as apply-ready DDL with the executor boundary (emit events / enqueue jobs, never sync-execute). Do NOT enact Điều 45 or enable any queue gate. Authority-pack until Điều 45 enacted.
P17 — Factory birth contract verification. Goal: prove each of the 4 factory rows has a correct uncertified birth_registry entry and that activation will require certification; verify fn_birth_registry_auto behavior on governance_registry; confirm no factory can be activated without a certified birth. Read + targeted in-tx rehearsal only.
P18 — Mother output no-double-ownership verification. Goal: build a standing check (query or fn_*) that asserts pairwise-disjoint can_create and empty can_create ∩ must_not_own across all gov_group='mother' rows, and that every output_target is owned by exactly one Mother. Wire it as a health DOT (read-only). Fail loudly if a future edit breaks Điều 7.
P19 — Nuxt template readiness (Điều 28, document-only). Goal: document the template/page inventory needed for the governance cockpit + Mother config review + pilot dashboard, mapped to roles (doc 04) and the cockpit data model (P15). Templates/specs only — no component implementation, no build.
P20 — Phase 0 final go/no-go (next macro). Goal: FOURMOTHERS_PHASE0_CONFIG_PROTOTYPE_AND_G1G4_HUMAN_ACTIVATION_1000000000X — drive the human activation window for G1 (P1) + G4 (P2), stand up the config-only prototype (P10–P14), prepare G2/G3 enactment artifacts (P3/P4), and re-issue the go/no-go with runtime still blocked. Acceptance: ≥2 gates cross to human-activated, all invariants intact, no runtime.