Doc 06 — Branch G: Author-Ready Next Macro Prompts

Open-goal, self-contained. Each locks objective + evidence + boundary + forbidden and pressures completion onto the Agent without over-prescribing internals. Shared header below; per-macro objective/actions follow.

Shared header (paste into each)

Host: contabo VPS. Container: postgres (postgres:16). DB: directus.
Apply channel: docker exec -i postgres psql -U workflow_admin -d directus  (SELECT-first; BEGIN..ROLLBACK dress-rehearse; prove durability via FRESH psql connection).
Read-proof channel: MCP query_pg role context_pack_readonly.
KB: Incomex_KB (search_knowledge / get_document / patch_document / upload_document).
Hard Gate 0: confirm host/container/db; fn_iu_gate_verify_closed() all_safe=true; snapshot all touched tables + gates; prepare rollback BEFORE any apply; if unsafe → document-only authority pack for that branch and continue.
Forbidden (all macros): no never_flip flip (iu_core.vector_sync_enabled, iu_enact.allow_no_review_decision stay false); no gate left open; no Đ32 bypass; no Directus mutation; no Qdrant/vector write; no real route delivery unless explicitly isolated+approved; no law enactment; no hidden second graph SoT; no 4 Mothers implementation; no Nuxt/UI.
Underload rule: this is an authority-class macro — complete every safe branch; precisely defer unsafe ones with authority-ready follow-ups; do not stop after one patch.
Output: KB report(s) under knowledge/dev/reports/architecture/ with dated path; final status PASS/PARTIAL/BLOCKED + paths + forbidden compliance.
Read first: the bundle iu-limited-production-promotion-kg-relationship-and-4mothers-gate-authority-2026-05-28/ (docs 00–07).

---

Macro 1 — IU_PPUB_BIRTH_GATE_SAFE_PROMOTION_OR_STAGED_AUTHORITY_60000X

Objective: Make P-pub birth-gate enforcement promotable without breaking IU birth, or stage it precisely. Evidence to establish: live fn_iu_birth_gate_layer1, fn_iu_create, split/merge child constructors; current 133 authority-less / 73 type-less IUs; vocab.publication_authority.* (1) / vocab.publication_type.* (2). Actions (open-goal): decide & if safe implement: (a) fn_iu_create + split/merge write a validated publication_authority_ref; (b) introduce iu_create.ppub.enforcement_mode ∈ {warn,block_new,block_all} read by L1; (c) prove in BEGIN..ROLLBACK that block_new blocks authority-less INSERT, allows valid INSERT, leaves existing-row UPDATE working; (d) author the vocab-expansion Đ32 proposal and the 133/73 backfill plan (do NOT auto-assign). Promote only to block_new and only if §3.8 of doc 01 conditions hold; otherwise deliver the staged authority pack. Boundary: block_all requires Macro 2 (prod review_decision) for the backfill approval — do not attempt block_all here. Forbidden (extra): no blanket authority assignment; no warn→block_all in one step.

---

Macro 2 — IU_PRODUCTION_REVIEW_DECISION_GOVERNANCE_PATH_50000X

Objective: Define (and, only if legally non-bypassing, scaffold a draft-only builder for) the production review_decision path under Đ32. Evidence: re-introspect cutter_governance.review_decision + manifest_envelope via workflow_admin (readonly is privilege-walled); compare to test builder fn_iu_test_review_decision_create. Actions: specify who/what decides (human/council/sovereign, NOT automated_agent for approval), verdict vocab, manifest/cut binding (manifest_unit_local_id non-null), cross_signed_by_dot_verifier=true, audit, supersede-not-delete rollback. An agent may scaffold a builder that only mints status='proposed', verdict=NULL drafts; it must REFUSE to mint an approving verdict. Keep test and production builders separate. Forbidden (extra): never set iu_enact.allow_no_review_decision=true; no agent-issued approve; no removal of test_scope guards from the test builder.

---

Macro 3 — IU_KG_RELATIONSHIP_ENRICHMENT_READINESS_AND_DESIGN_PATCH_40000X

Objective: Make IU relationships Điều-39-compliant in their uuid-native home and design (paper) a governed unified projection — no migration into universal_edges. Evidence: iu_relation (uuid, 60 contains, no provenance/confidence), iu_sql_link, iu_tree_path, iu_metadata_tag; universal_edges (2,199, integer-keyed, full Đ39 columns, excludes IU); Đ39 v2.3 A8/C7/C8 + kg_constraint_config. Actions: (a) design additive Đ39 enrichment for iu_relation (provenance jsonb [A8 quarantine rule], confidence, assertion_mode, override, explanation_path, negative-knowledge, feedback) — implement only the obviously-safe additive parts under Hard Gate 0, else paper; (b) broaden relation_type vocab (uses/used_by, depends_on, references, conflicts_with); (c) design the read-only UNION projection over IU edges + universal_edges, origin-tagged, derived-only; (d) confirm vector/similar_to stays disabled. Forbidden (extra): no IU→integer surrogate in universal_edges; no write-back from projection; no hidden second graph SoT; vector stays off.

---

Macro 4 — IU_CANDIDATE_REGISTRY_SURVEY_FOR_4MOTHERS_40000X

Objective: Survey/define the Candidate + Tier registries the 4 Mothers need to know what they may produce and under which governance (Rev5 MP-D24/25, G7 CRS). Evidence: live presence of candidate/tier/task_template/policy registries (most are "paper" per prior surveys); Đ0-G birth registry, Đ36 collection_registry, Đ37 governance_registry (factory agency), species_collection_map. Actions: classify each required registry as live / exists-not-autowired / paper; define the candidate-requires-survey gate (M-005); define tier_registry shape; map each Mother's output_target to existing Đ37 factory agency. Document-only unless an obviously-safe additive registry row is warranted under Hard Gate 0. Boundary: do NOT implement Mothers; this is the registry-readiness survey that gates them.

---

Macro 5 — IU_LIMITED_PRODUCTION_PILOT_OPERATING_PROTOCOL_30000X

Objective: Write the operating protocol under which the IU limited-production pilot runs safely (Branch A declared it READY). Evidence: bounded gate protocol (fn_iu_gate_open/close/verify_closed/watchdog, iu_gate_transition); DOT command catalog (52); warn-only P-pub; test review_decision builder; emit_enabled gate. Actions: define per-operation gate open→act→close discipline; emission only under protocol; mandatory fn_iu_gate_verify_closed=all_safe at session start/end; audited DOT-only path; what a pilot operator may/may not do (e.g. no never-flip, no real route, retire-not-delete); incident/rollback runbook; daily integrity check. Document-only (this is a protocol, not a mutation). Boundary: pilot uses TEST review_decision + warn-only P-pub knowingly; protocol must state these limits explicitly.

---

Macro 6 (optional) — MASTER_DESIGN_LIVE_INVENTORY_RECONCILIATION_PATCH_20000X

Objective: Patch Master Design Rev5 to match live reality (doc 04 reconciliation), via patch_document not re-upload. Evidence: doc 04 table (10 reconciliation rows). Actions: patch the relevant Rev5 docs to mark gates/DOT-wrappers/durable-run/DLQ/emit-gate as live/proven; record review_decision test-vs-prod split; record P-pub warn-only + staged plan; record KG projection design + Đ39 gap; record vocab-expansion as Đ32 work. Serialize same-doc patches; revision +1 per patch (Status-line label authoritative). Forbidden (extra): no semantic redesign — documentation-truth only.