KB-A8C5
12 — Next Paste-Ready Prompts (One-Roof Governance) (2026-06-01)
10 min read Revision 1
one-roof-governancenext-promptspaste-readycouncil-critiquedesign-patchclause-draftingview-rehearsalscanner-dotciproduction-acceptance2026-06-01
12 — Next Paste-Ready Prompts
§15. Nine paste-ready prompts, sequenced to doc 10's phases. Each locks output/boundary/authority/evidence (prompt standard §8). All carry Hard Gate 0 and the no-version-bump policy where laws/designs are touched. Package root below =
knowledge/dev/reports/architecture/one-roof-governance-decision-pack-2026-06-01/.
Prompt 1 — Council / Cowork critique of this decision pack
MISSION: COUNCIL_CRITIQUE_ONE_ROOF_GOVERNANCE_DECISION_PACK
Effort: high. Mode: READ-ONLY. Output: KB review doc only.
Read the full pack at knowledge/dev/reports/architecture/one-roof-governance-decision-pack-2026-06-01/ (docs 00–13).
Hard Gate 0: confirm KB read; no PG/Directus/Qdrant/Nuxt/law/approval mutation.
For each branch (One-Roof principle, Governed-Object Contract, Orphan/Anarchic defs, Coverage Invariant,
Detection Architecture, GOV-SIV/GOV-DOT lifecycle, Issue/Event model, Law clause drafts, RP patch plan,
Impl plan, Scale strategy): score 0–10, list specific defects, and either GO / REVISE with exact revision text.
Adversarially attack: (a) does the federated-but-central model leak any local island? (b) does the coverage
invariant close for every scope or can an object escape all four terms? (c) is the §5.4-EXT object-edge change
truly required or avoidable via law_jurisdiction+inheritance? (d) does anything depend on memory rather than a
computed scanner? (e) does any draft clause conflict with an enacted clause (Đ37 §4.12 SSOT)?
Output: knowledge/dev/reports/architecture/one-roof-governance-council-critique-<date>.md with per-branch verdict
matrix + a single GO/REVISE recommendation for the whole pack. Do NOT mutate the pack.
Prompt 2 — Canonical Registries-Pivot design patch (content-only, no version bump)
MISSION: PATCH_RP_DESIGN_FOR_ONE_ROOF_GOVERNANCE
Effort: high. Mode: KB content-only editorial. NO version bump, NO status change, NO enactment.
Prereq: Council GO on the decision pack (Prompt 1).
Apply doc 09 patch plan to the REAL files under knowledge/dev/design/registries-pivot-os-agency/:
P-09.1 00-master-design-v0.1.md (One-Roof statement); P-09.2 04-dynamic-drilldown-layer-model.md
(grouping/layer governance-covered); P-09.3 07-label-grouping-policy.md (central grouping framework);
P-09.4 NEW 14-governance-coverage-and-anarchy-detection.md; P-09.5 10-ui-contract-os-agency.md
(display-only, pivot-backed); P-09.6 12-implementation-readiness-gate.md (GOVERNANCE_COVERAGE_PASS gate);
P-09.7 13-next-macro-prompts.md (coverage macros before surface macros).
Each patch carries a header note "supplemental One-Roof alignment; content-only; no version change".
Hard Gate 0: no PG/Directus/Qdrant/Nuxt/law/approval mutation; do NOT touch normative_registry/law_catalog/governance_docs.
Output: the 7 patched/created design docs + a patch-log report; list/read each after write to verify content.
Prompt 3 — Law / design clause drafting → ratification packet
MISSION: DRAFT_AND_PREP_RATIFICATION_ONE_ROOF_CLAUSES
Effort: high. Mode: KB draft only. NO enactment (engine blocks amend_law/enact_nrm = unimplemented).
Prereq: Prompt 2 done.
Take doc 08 drafts (Đ37 §4.15–4.18 + §5.4-EXT deferred; Đ31 §4.3-Loại6/§4.6/§4.8/§4.9; Đ35 §6.2-bis;
Đ24/29 §0-OWNER+§5.2-ext; Đ26 §0-OWNER/PIVOT_MISSING; Đ28 §0-OWNER/NT-D1-ext/§VIII-ext; Đ45 notes).
For each: produce final clause text + the exact governance_relations owner-edge proposals (e.g. GOV-COUNCIL→NRM-LAW-24/26,
GOV-SIV→NRM-LAW-26, GOV-MOUT→NRM-LAW-28) + Đ37 §4.12 SSOT-overlap check + Đ37 §4.14 cross-ref block.
Assemble a human-ratification packet (council quorum: president + 2 ai_council, Đ32 §4.2) with exact paste sign-off.
Hard Gate 0: no normative_registry write, no APR creation, no version bump. Output: KB ratification-packet doc.
Clearly state law enactment is a SEPARATE human phase and may await Information-Unit law substrate.
Prompt 4 — Governance-coverage PG view rehearsal (BEGIN..ROLLBACK)
MISSION: REHEARSE_GOVERNANCE_COVERAGE_VIEWS_READ_ONLY
Effort: high. Mode: live PG but ZERO NET MUTATION (BEGIN..ROLLBACK only).
Prereq: clause design accepted (Prompt 3 conditional GO ok for design-only rehearsal).
Apply channel: ssh contabo → docker exec -i postgres psql -U workflow_admin -d directus, with
-v ON_ERROR_STOP=1 + SET LOCAL lock/statement/idle timeouts, all inside BEGIN; ... ROLLBACK;.
Rehearse the 6-layer design (doc 05): v_governed_object_candidates, v_governance_coverage,
v_governance_orphans, v_governance_coverage_summary. Resolve owner via governance_relations + law_jurisdiction
+ bounded inheritance; use SCALAR/EXISTS only (NO fan-out joins). Verify the accounting identity (doc 04 §4.2)
closes exactly per scope; report the honest live coverage baseline (expect non-zero truth-class orphans).
Hard Gate 0: confirm read-only role for measurement queries; confirm 0 leftover objects + 0 idle_tx after ROLLBACK.
Forbidden: any COMMIT, any DDL outside the rolled-back txn, any approval. Output: KB rehearsal report + the SQL.
Prompt 5 — Governance scanner DOT design + read-only rehearsal
MISSION: DESIGN_GOVERNANCE_COVERAGE_SCANNER_DOTS
Effort: high. Mode: design + read-only rehearsal. NO dot_tools INSERT (or is_active=false off-peak only with approval).
Prereq: Prompt 4 views validated.
Design the 7 DOTs (doc 06): GOV-COVERAGE-SCAN[A], ORPHAN-DETECT[A], GAP-PROPOSE[B], ASSIGNMENT-APPLY[B],
COVERAGE-AUDIT[A], EXCEPTION-REVIEW[B], ISSUE-ROUTE[B], each with paired_dot (Đ35 §3), tier, read/mutate,
approval gate, inputs/outputs, audit, rollback, failure mode, issue/event type. Rehearse DETECT against a
SEEDED synthetic orphan (in BEGIN..ROLLBACK) to prove the detector is not blind. Prove PROPOSE writes only
approval_requests and APPLY is blocked without Đ32 quorum.
Hard Gate 0: no live DOT registration, no APR, no emit. Output: KB DOT-design doc + rehearsal evidence.
Prompt 6 — Issue/event type registration (register-before-emit)
MISSION: REGISTER_GOVERNANCE_ISSUE_EVENT_TYPES
Effort: medium. Mode: governed registration ONLY (Đ45 §3.2 register-before-emit). NO emit.
Prereq: Prompts 4–5; council/Đ45 ratification path.
Register the ~10 event_type_registry rows from doc 07 §7.2 (governance.orphan_detected, island_detected,
approval_path_gap, rollback_gap, dot_authority_gap, law_ref_gap, unratified_exception, display_owner_gap,
pivot_coverage_gap, policy_unowned, phantom_definition_gap), activating/generalizing dormant mother.governance.*.
Validate safe_payload CHECK (signal-not-data), inclusion criteria (Đ45 §6.4, not telemetry), severity defaults.
Document the governance system_issues.issue_type values (free-text, no schema change).
Hard Gate 0: register with active=false until the scanner is live; NO event emitted in this macro; no schema change.
Output: KB registration report + the registry rows.
Prompt 7 — Registries-Pivot UI correction after governance coverage
MISSION: RP_UI_RENDER_GOVERNANCE_COVERAGE
Effort: high. Mode: implementation, gated. Prereq: Prompts 2,4,6 + GOV-MOUT activation + RG human approval.
Render v_governance_coverage_summary (L5) on Registries-Pivot via a REGISTERED design_template (Đ28).
Coverage tiles = pivot-backed drill-down dimensions, NOT hardcoded. RETIRE the live anti-patterns:
health.get.ts:123 totalGap=reduce(+Math.abs(gap)); index.vue hardcoded CAT-017 / orphan_count:hd.totalGap.
Record the Direct-PG read-only adapter as an APPROVED EXCEPTION + add the missing vps_deploy_log ledger entry.
Hard Gate 0: confirm RG human approval exists (os_proposal_approvals currently 0 → COMMIT_FORBIDDEN without it);
no UI count/grouping math (Test-4 100% Nuxt=PG). Output: route + report + rollback script.
Forbidden: frontend governance logic, unregistered template, un-ledgered exception.
Prompt 8 — No-local-governance / no-hardcode CI enforcement
MISSION: CI_ENFORCE_NO_LOCAL_GOVERNANCE
Effort: high. Mode: CI contract design + registration. Prereq: Prompt 7.
Implement CI checks for F-ISLAND-1..9 (doc 01 §1.7): local owner constant; local approval flag/table;
policy table without owner_gov_code; mutating DOT without paired_dot; unregistered event_type emit;
UI computing count/grouping/governance truth; production object with no owner AND no detection coverage;
exception without approved-record/expired TTL; governance enforced only by docs/memory (no scanner+gate).
Reuse the live no-hardcode scanner (hc_finding_* issue types) + Đ28 coverage scanner + Đ30 regression framework.
Plant a synthetic local-island violation; CI MUST fail it; finding routes to system_issues.
Hard Gate 0: CI is additive/gates only; no production mutation. Output: CI contracts + evidence of a caught violation.
Prompt 9 — Production acceptance (GOVERNANCE_COVERAGE_PASS)
MISSION: ACCEPT_ONE_ROOF_GOVERNANCE_PRODUCTION
Effort: high. Mode: acceptance, evidence-based (NO blind PASS, Đ30 §V). Prereq: Prompts 1–8.
Verify GOVERNANCE_COVERAGE_PASS(Registries-Pivot) = true: truth/authority-class governance_orphans = 0
(or covered by unexpired approved exceptions); coverage scanner live + audited (WATCHDOG green);
CI green for F-ISLAND-1..9; Test-4 (100% Nuxt=PG) green for coverage tiles; Direct-PG exception ledgered.
Attach ALL evidence as artifacts (scanner output, exception ledger, CI logs, Test-4 results) — no claim-only PASS.
Confirm Đ32 high quorum (president + 2 ai_council) + RG human sign-off recorded.
Hard Gate 0: no mutation beyond the approved go-live; full rollback script ready (scanner DOTs → inactive,
template status flip, view drop). Output: KB acceptance report + final GOVERNANCE_COVERAGE_PASS verdict.
These nine prompts implement doc 10's phases P1→P9 in order. Each can be run as its own 100000x macro.