12 — Red-Team v2: 24 Rerun + 24 New = 48 Scenarios (Branch L) (2026-06-01)
12 — Red-Team v2: 24 Rerun + 24 New = 48 Scenarios (Branch L)
Reruns the prior 24 scenarios with the folded wording applied (doc 01 + doc 13), then adds 24 new scenarios covering IU axes, future axes, document/DOT/vector/route exceptions, pins, inheritance hiding, Direct-PG, orphan/double owner, dormant events, missing action-types, hardcoded axes, grouping islands, and scan spam. For each: expected detection · severity · accountable owner · issue/event · gate impact · caught?
Legend: ✅ caught and auto-remediable by folded model · 🟧 detected + gate-blocked but auto-remediation inoperable until T1-6 substrate delta (object/axis edge + APR action-types) · ❌ uncaught/unblocked (residual). There are zero ❌.
Part A — The 24 prior scenarios, re-run post-fold
With M-DEF-1..9 + M-Đ37/31/35/24/26/28/45 folded, the 19 that previously needed a fix (⚠️) are now caught, the 3 already-caught stay caught, and the 2 substrate ❌ become 🟧 detected+blocked, remediation pending T1-6 (no longer silent escapes).
| # | Scenario | Folded by | Severity | Owner | Issue/event | Gate | Post-fold |
|---|---|---|---|---|---|---|---|
| 1 | New API route, no owner | route inventory (T1-7) | high | MOUT | route_orphan |
G-ROUTE | ✅ |
| 2 | New pivot, no approval | pivot=Class2, covered-source inherit | high | SIV+COUNCIL | approval_path_gap |
G-IMPL | ✅ |
| 3 | Personal pin → global | M-DEF-1 shared-truth test | high | COUNCIL | pin_policy_unowned |
G-IMPL | ✅ |
| 4 | Local policy table | PG island detect | high | COUNCIL | island_detected |
G-IMPL+CI | ✅ |
| 5 | Direct-PG "temporary" forever | M-DEF-6 replacement_plan + TTL | critical | COUNCIL/SIV | unratified_exception |
G-ROUTE | ✅ |
| 6 | Grouping invents classification | M-Đ24 + axis_vocab | high | COUNCIL+KG | classification_policy_unowned |
G-IMPL | ✅ |
| 7 | Two agencies claim a policy | M-DEF-3 per-scope | high | COUNCIL tie-break | island_detected |
G-IMPL | ✅ |
| 8 | Seam nobody owns | owner-of-last-resort | warning | COUNCIL | (defaulted) | — | ✅ |
| 9 | DOT apply writes labels no approval | Đ32 lifecycle + SoD (I4) | critical | DOT+COUNCIL | dot_authority_gap |
Đ32+G-IMPL | ✅ |
| 10 | Mutating DOT no paired_dot | live PG trigger | critical | DOT | dot_authority_gap |
PG+CI | ✅ |
| 11 | Scanner itself unowned (bootstrap) | seed attestation (I3)+watchdog | critical | SIV/DOT | watchdog_fault |
seed APR | ✅ |
| 12 | Applier self-approves | SoD (I4/C6) | critical | — | (forbidden) | CI+Đ32 | ✅ |
| 13 | PROPOSE files malformed APR (no action_code) | T1-6 action-type prereq | high | DOT | proposal_blocked |
G-IMPL | 🟧 |
| 14 | APPLY object-edge owner (CHECK-blocked) | T1-6 §5.4-EXT prereq | high | DOT | apply_blocked |
G-IMPL | 🟧 |
| 15 | UI hardcodes classification | NT-D1-ext + CI (P8) | high | MOUT | hardcode_violation |
G-ROUTE+Test-4 | ✅ |
| 16 | UI count not pivot-backed | pivot=governed-object | high | SIV | pivot_coverage_gap |
G-ROUTE | ✅ |
| 17 | Nuxt computes governance state | NT-D1-ext | high | MOUT | island/hardcode |
G-ROUTE+Test-4 | ✅ |
| 18 | Event emitted before registration | Đ45 CHECK + H2 vocab | high | SIV | event_unregistered |
producer fails | ✅ |
| 19 | 1M duplicate issues | coalesce+summary+ceiling (G7) | warning | SIV | one coverage_degraded |
ceiling caps | ✅ |
| 20 | Parent hides child policy gap | M-DEF-7 anti-hiding | high | child owner | approval_path_gap |
G-IMPL | ✅ |
| 21 | Source missing from L1 inventory | G1 inventory-completeness | critical | COUNCIL | inventory_gap |
G-IMPL | ✅ |
| 22 | Owner flips draft, dependents rot | G3 context trigger | warning→high | COUNCIL | owner_gap |
G-PROD | ✅ |
| 23 | RO adapter gains write endpoint | E5 state fingerprint | critical | SIV | exception_scope_drift |
G-ROUTE | ✅ |
| 24 | Object parked ignored to green-gate |
F2 gated-ignored | critical | COUNCIL | unratified_exception |
G-PROD | ✅ |
Part A tally: ✅ 22 · 🟧 2 (#13/#14) · ❌ 0. (Was: ✅3 / ⚠️19 / ❌2 un-hardened.)
Part B — 24 new scenarios (IU / future-axis / system-wide)
| # | Scenario | Expected detection | Sev | Owner | Issue/event | Gate | Caught? |
|---|---|---|---|---|---|---|---|
| 25 | New IU axis added without governance (e.g. risk_signal tag-namespace starts driving display) |
Axis Registry reconciliation: axis-bearing surface not in registry | critical | COUNCIL+KG | axis_unregistered |
G-IMPL | ✅ |
| 26 | Future axis: new pivot group-by column not in Axis Registry | L0 pivot_definitions vs Axis Registry | critical | COUNCIL+SIV | axis_unregistered |
G-IMPL | ✅ |
| 27 | New document axis / new unit_kind value with no vocab owner |
unit_kind vocab not anchored to source registry | high | COUNCIL+KG | axis_vocab_unowned |
G-IMPL | ✅ |
| 28 | Inherited IU container hides child split-without-review | M-DEF-7: child risk-link computed per node | high | DOT | iu_split_unapproved |
G-IMPL | ✅ |
| 29 | New DOT domain: IU 54-command catalog parallel to dot_tools SSOT |
catalog DOTs ∉ dot_tools SSOT |
critical | DOT | dot_unregistered |
G-IMPL+CI | ✅ |
| 30 | Grouping policy local island under IU module | policy-shaped rows, no central owner relation | high | COUNCIL | island_detected |
G-IMPL | ✅ |
| 31 | Vector/index exception never expires (CLI-indexed, no reindex DOT) | exception TTL + reindex DOT gap | critical | SIV | exception_expired/vector_sync_drift |
G-ROUTE | ✅ |
| 32 | Route/API exception: preview route promoted to prod, no owner | route inventory + fingerprint | high | MOUT | route_orphan |
G-ROUTE | ✅ |
| 33 | Direct-PG bypass gains write grant | E5 fingerprint vs information_schema grants |
critical | SIV | exception_scope_drift |
G-ROUTE | ✅ |
| 34 | Personal pin → global (IU/RP) | M-DEF-1 shared-truth crossing | high | COUNCIL | pin_policy_unowned |
G-IMPL | ✅ |
| 35 | Dormant event domain reused — governance event emitted to mother.governance.* (active=false) instead of GOV-SIV domain |
event domain mismatch vs registered GOV-SIV governance domain |
high | SIV | event_domain_mismatch |
producer fails | ✅ |
| 36 | Missing APR action-type: PROPOSE assign IU/axis owner | no assign_governance_owner/assign_axis_owner action-type |
high | DOT | proposal_blocked |
G-IMPL | 🟧 |
| 37 | Hardcoded axis list in Registries-Pivot UI | CI source scan web/**+server/api/** (NT-D1-ext) |
high | MOUT | hardcode_violation |
G-ROUTE+CI | ✅ |
| 38 | New law/module ships without §0-GOV hook | Đ20 design-review hook + inventory reconciliation | high | NRM-SYS | hook_missing/inventory_gap |
G-DESIGN | ✅ |
| 39 | Orphan governance owner: IU owner_agency_code=TBD (OP-B) |
ownership resolution: required scope unresolved | high | COUNCIL (last resort) | owner_gap |
G-IMPL | ✅ (detected; binding = OP-B decision) |
| 40 | Double owner: two agencies claim IU policy scope | count(distinct owner) per (object,scope)>1 | high | COUNCIL tie-break | island_detected |
G-IMPL | ✅ |
| 41 | High-volume scan spam: 10⁶ uncovered inheriting IU pieces | grain aggregation + emit ceiling | warning | SIV | one container issue + scan_anomaly |
ceiling caps | ✅ |
| 42 | IU reconstruction integrity broken by a cut | non-exemptable reconstruction invariant (fingerprint) | critical | SIV | reconstruction_integrity_fail |
G-PROD (no exception possible) | ✅ |
| 43 | IU KG edge written outside a DOT (no edge-write DOT exists) | write-outside-DOT non-exemptable floor | critical | DOT/KG | dot_authority_gap |
G-IMPL | ✅ (floor); remediation needs edge-write DOT (noted gap) |
| 44 | Unknown future object type appears (passes shared-truth test, no profile) | Class 12 FUTURE + owner-of-last-resort | high | COUNCIL | unclassified_governed_object |
G-IMPL | ✅ |
| 45 | APPLY object-grain owner for IU object/route/axis (law-orphan) | §5.4-EXT object/axis edge un-expressible (live CHECK) | high | DOT | apply_blocked: object_edge_unexpressible |
G-IMPL | 🟧 |
| 46 | Stale scan used to pass a gate | freshness check; gate fails closed | high | SIV | scan_stale |
gate fails closed | ✅ |
| 47 | Suppression abused to silence a class without approval | suppression-is-a-governed-exception | critical | COUNCIL | unratified_exception |
G-PROD | ✅ |
| 48 | Profile catalog edited to weaken mandatory links, no approval | profile catalog = Class4 POLICY, any change → Đ32 | critical | COUNCIL | approval_path_gap |
G-IMPL | ✅ |
Part B tally: ✅ 22 · 🟧 2 (#36/#45) · ❌ 0.
Catch-rate verdict
| Outcome | Count (of 48) | % |
|---|---|---|
| ✅ caught and auto-remediable | 44 | 91.7% |
| 🟧 detected + gate-blocked, remediation pending T1-6 | 4 (#13,#14,#36,#45) | 8.3% |
| ❌ uncaught / unblocked | 0 | 0% |
| caught OR explicitly classified+blocked | 48 | 100% |
- PASS threshold (≥90% caught-or-classified): 100% — PASS.
- "Any uncaught critical scenario blocks GO": there are zero uncaught scenarios; the 4 🟧 are detected and gate-blocked, so production is protected. What they lack is auto-remediation, which is the single T1-6 substrate delta.
Interpretation for GO/NO-GO
The four 🟧 scenarios (#13/#14 object-edge+action-type apply, #36/#45 IU/axis owner apply) all reduce to the same T1-6 prerequisite: object/axis ownership edges + the four APR action-types. They are:
- fully detected (the gap is found),
- fully gate-blocked (production cannot proceed with the gap),
- not auto-remediable (the PROPOSE/APPLY cannot run until the substrate delta lands).
This is exactly the CONDITIONAL GO shape (doc 14): the detection/gate/concept model is ready (catch rate 100%, zero unblocked critical), so the concept-level design docs can be patched; the apply/remediation binding must wait for T1-6. No uncaught critical scenario exists to block the concept GO.
Branch-L verdict
48 scenarios run (24 rerun + 24 new), covering every category the mission listed plus the IU domain. 100% caught-or-classified; 91.7% auto-remediable; zero uncaught critical. The folded wording stops the attacks the un-hardened pack missed (which caught only 3/24). The residual 8.3% is the single substrate prerequisite, detected and blocked today.