36 — Next Paste-Ready Prompts (GCOS branch)

Path: knowledge/dev/reports/architecture/one-roof-governance-technical-addendum-and-implementation-index-2026-06-01/ Doc: 36. Continues docs 14/21/29 (next-prompts). Covers the Backfill/Handoff/Input-Control addendum (GCOS, docs 31–35). Status: prompts only. Every prompt below is design/decision-only; each carries the doc-00 §0.10 state-recovery preamble and the Hard Gate 0 forbidden list. Pick the critical-path prompt(s); branches are parallelizable.

---

Shared state-recovery preamble (prepend to every prompt below)

STATE RECOVERY (mandatory), read in order:
  1. knowledge/dev/reports/architecture/one-roof-governance-technical-addendum-and-implementation-index-2026-06-01/00-read-me-first-implementation-index.md
  2. …/03-blocker-register-and-gates.md
  3. …/24-t7-issue-event-notification-technical-design.md
  4. …/25-t6-governance-coverage-scanner-dot-technical-design.md
  5. …/31-backfill-existing-objects-governance-onboarding-design.md
  6. …/32-birth-registry-to-governance-handoff-ledger-design.md
  7. …/33-governance-input-quality-gate-design.md
  8. …/34-incremental-candidate-scan-dirty-group-design.md
  9. …/35-backfill-handoff-input-control-integration-readiness.md
  10. knowledge/dev/design/one-roof-governance-concepts/ (00–03)
  11. knowledge/dev/laws/prompt-muc-tieu-mo-for-claude-code.md (operating constitution)
This index controls. Concept canon > pre-patch design. Round-4 law > earlier wording.
Blockers win over ambition. If unclear, STOP and report. Live evidence wins over old report.
HARD GATE 0 (design-only macros): no PG/Directus/Qdrant/Nuxt mutation; no table/view/function/trigger;
  no DOT/event registration; no event/job/notification emit; no enactment/version-bump/status-change/
  registry-write; no approval/self-approval; no hardcode; no hidden local governance island;
  no implementation disguised as design; no Birth-process modification. Read-only PG allowed.
Write all new docs inside THIS package. Return the doc-00 §0.9 minimum final-report fields.
Live anchors to re-verify read-only before relying on them: birth_registry≈1,037,716 (status='born');
  collection_registry.coverage_status ledger; iu_route_worker_cursor; event_pending; evolution_snapshots;
  derived_objects_registry (refresh_strategy/stale_after); measurement_registry(142); meta_catalog(169);
  system_issues(coalesce_key/run_id/business_logic_hash); event_type_registry (no 'governance' domain).
New blockers from this addendum: SB-10 (candidate-state store), SB-11 (gov event domain/handoff),
  SB-12 (snapshot+ruleset registry), SB-13 (worker-cursor family), C-7 (input-trust/backfill-ruleset/legacy deadline).

---

P1 — C-7 decision packet (CRITICAL PATH for trust + cut-over) — decision-only

# MISSION: ONE_ROOF_GOVERNANCE_C7_DECISION_PACKET
Effort: high. Design/decision-packet only — draft council minutes, NO binding, NO enactment, NO registry write.
Produce, inside this package, doc `38-c7-input-trust-backfill-ruleset-decision-packet.md`:
  1. Source-trust policy: trust levels keyed by source_system/producer; min-trust per target scope
     (doc 33 §3-4). Recommend a default ladder (e.g. system>dot>import>user) — DATA, not code.
  2. Backfill ruleset ownership: which agency owns `ruleset_version` and the `governance_ruleset` row
     (default: GOV-SIV health-scope authors; GOV-COUNCIL policy-scope ratifies).
  3. Legacy-bypass deadline: confirm/adjust the C-6/A3 60-day default as the governance backfill cut-over
     (after which an uncovered born object becomes a hard finding, not a grace item).
  4. Ruling: does an observer-only, fail-open AFTER-INSERT capture trigger on birth_registry (doc 32 §4
     Option B) count as "modifying Birth"? Recommend NO (it cannot alter/block birth) — but record as a
     council decision; default remains Option A (cursor-tail, no trigger).
Forbidden: bind into governance_registry, enact, version-bump, self-approve. Output draft minutes only.

P2 — SB-12 + SB-13 technical design (snapshot/ruleset + cursor family) — design-only

# MISSION: ONE_ROOF_GOVERNANCE_SB12_SB13_DESIGN
Effort: high. Design-only. Read-only PG; BEGIN..ROLLBACK rehearsal allowed (no COMMIT).
Produce docs `39-sb12-source-snapshot-ruleset-version-design.md` and
  `40-sb13-governance-worker-cursor-family-design.md`:
  - SB-12: source-snapshot model reusing evolution_snapshots (per-group fingerprint, scope, delta);
    ruleset_version = hash over enabled measurement_registry ⊕ coverage-profile registry ⊕ Axis Registry
    ⊕ responsibility-scope rows; a proposed additive `governance_ruleset` registry row {version, content_hash,
    activated_at/by}. Prove reproducibility + scoped invalidation (doc 31 §5, doc 34 §4-5).
  - SB-13: a `gov_worker_cursor` family reusing iu_route_worker_cursor columns 1:1 for workers
    gov_backfill_sweep / gov_handoff_intake / gov_candidate_scan (doc 31 §4, doc 32 §5); keyset semantics,
    DLQ counters, resume. Prove additive, no migration risk, rollback drafted, no-hardcode, no-island.
Forbidden: COMMIT any DDL/DML; create table/view/function/trigger; register anything.

P3 — SB-10 candidate-state store technical design — design-only

# MISSION: ONE_ROOF_GOVERNANCE_SB10_CANDIDATE_STORE_DESIGN
Effort: high. Design-only. Read-only PG; author-mode BEGIN..ROLLBACK rehearsal only.
Produce doc `41-sb10-governance-candidate-state-store-design.md`:
  - Additive `governance_candidate_state` table modeled on derived_objects_registry (dirty/stale/depends-on)
    + system_issues fingerprint columns (doc 34 §2). Columns per doc 34 §2; partial-unique on
    (candidate_key, ruleset_version); indexes for the dirty set and stale_after sweep.
  - Prove: never stores a "checked-forever" boolean; verdict always qualified by (snapshot, ruleset, time);
    Δtotal=0 at governance grain for 10^6 inherited children; additive (no migration risk to live tables);
    rollback drafted; read-only pre-flight (0 collisions); operator handoff (ssh contabo → docker exec postgres
    psql -U workflow_admin). NO COMMIT.
Forbidden: COMMIT; create the table live; register DOT/event; emit; approve.

P4 — SB-11 governance event-domain register-before-emit design — design-only

# MISSION: ONE_ROOF_GOVERNANCE_SB11_EVENT_DOMAIN_DESIGN
Effort: high. Design-only. Read-only PG.
Produce doc `42-sb11-governance-event-domain-register-before-emit-design.md`:
  - One `event_type_registry` domain `governance` (GOV-SIV) consolidating: T7 lifecycle+detection events
    (doc 24) + GCOS events backfill.*/handoff.*/input.*/candidate.* (docs 31-34). Full row list with
    event_stream/delivery_lane/default_severity/description; active=false until T7 build (register-before-emit, Đ45).
  - Reuse decision recap: tail via cursor (default), capture via event_pending, emit via event_outbox; the
    'governance handoff ledger' stays a future option (doc 32 §10). Anti-spam reuse (T7 §6) incl. group_key coalesce.
Forbidden: register any row; emit any event; mutate event tables. Specify rows-to-be-registered only.

P5 — GCOS critique / red-team (adversarial review before any build) — design-only

# MISSION: ONE_ROOF_GOVERNANCE_GCOS_CRITIQUE_REDTEAM
Effort: high. Design/analysis-only. Read-only PG.
Produce doc `43-gcos-critique-and-redteam.md`: adversarially attack docs 31-35. Target ≥40 scenarios:
  lost handoff under replay/crash; cursor gap on clock skew; dirty-storm DoS; stale verdict masking a
  high-risk regression; backfill double-count; birth-orphan vs governance-orphan boundary leaks;
  input-gate false-accept of untrusted source; ruleset bump that fails to dirty the right groups;
  count>1 minting an owner; UI triggering a full scan; coalesce hiding a real per-object authority gap.
  For each: caught? auto-handled? residual risk? required design fix. Classify 🟥/🟧/🟩. No fix is applied
  live; fixes become addendum notes or the next design macro's scope.
Forbidden: mutate; register; emit; approve; modify Birth.

P6 — T6/T7 patch application (ONLY after GCOS build is authorized) — gated, design-then-build

# MISSION: ONE_ROOF_GOVERNANCE_T6_T7_PATCH_FOR_GCOS
PRECONDITION: GCOS design accepted AND SB-10..SB-13 built AND (for emit) governance domain registered.
Until then this is DESIGN-ONLY: pre-author the doc 35 §3.2 patches (L0 input gate; L1 dirty+stale set;
  lifecycle pre-stages; +4 GCOS DOTs + coverage rows; +19 finding types; group_key coalesce dimension;
  auto-close re-keyed by (coalesce_key, ruleset_version); fail-closed prod gate for stale/unknown high-risk).
  Apply patches to docs 24/25 ONLY in the authorized build macro (cross-reference until then).
Forbidden (until precondition met): patch docs 24/25 with version bump; register DOT/event; run scan; emit; apply.

---

Standing parallel track (from doc 29 — still open, gates owner work)

These remain the prerequisites for any owner-relevant GCOS work and any apply:

• C-1/C-2 council ruling (governance_object_ownership table + APR action-type bundle) → unblocks SB-1/SB-2 build.
• OP-B / C-3 / C-4 (IU owner-per-scope; review_decision adapter) → unblocks IU coverage (governance.iu) + SB-3.
• H-1 / H-2 / SB-6 (enactment + sovereign sign-off; os_proposal_approvals=0 ⇒ COMMIT_FORBIDDEN) → unblocks any apply.

GCOS (docs 31–35) does not need these for its read-only detect/candidate design; it needs SB-10..SB-13 to build and SB-1/SB-2 only for owner-relevant verdicts. Run the GCOS substrate prompts (P2→P3→P4) and the decision/critique prompts (P1, P5) in parallel with the standing track.

---

Recommended order

1. P5 (critique) ∥ P1 (C-7 decision packet) — cheap, de-risks the design before substrate work.
2. P2 (SB-12+SB-13) → P3 (SB-10) → P4 (SB-11) — the substrate design chain (all reuse-shaped, additive).
3. P6 only once build is authorized.
4. Standing track (C-1/C-2, OP-B, H-1/H-2) proceeds independently on the council/human surface.