01 — Production Safety Preflight (Hard Gate 0)

Verdict: PASS — production verified read-only & safe before any infra action. All reads via independent MCP query_pg (read-only role context_pack_readonly) + read-only ssh introspection. No production mutation.

1. DB identity: current_database()=directus; host 172.19.0.3/32 (container postgres, postgres:16, PG 16.13).

2. Production baseline (entry): governance_object_ownership=0, governance_ruleset=0, candidate_scan_run=0, governance_candidate_state=0, governance_candidate_object=0, gov_worker_cursor=0, event_outbox(governance)=0, system_issues=200480, approval_requests=211, apr_approvals=42, os_proposal_approvals=0 (gate closed), apr_action_types=14, dot_tools=309, idle_in_txn=0.

3. F-4 seams live: v_governance_object_inventory=35, v_governance_object_containment=35, scopes active=6, v_object_owner_gap=210 (35×6). Matches recorded F-6 baseline.

4. Integrity fingerprints (entry): gov_schema_md5=6800392375898de4a37de1667da094da; row-count fingerprint own=0|gap=210|ospa=0|gov_emit=0|ruleset=0|scan_run=0.

5. Backups/infra: disk / = 73G used / 24G free (96G). DB sizes: directus 1296MB, incomex_metadata 227MB, workflow 7.5MB. Pre-existing container pg-restore-test-20260520T031054Z (postgres:16, separate instance, port not host-published) holds only trivial 9MB restore_test DB — NOT reused (not mine; separate instance lacks in-instance roles). Clone method: CREATE DATABASE + pg_dump|psql (chosen). TEMPLATE rejected (live connections to directus).

6. Roles: context_pack_readonly, workflow_admin, directus, incomex, cutter_ro/_exec/_verify.

7. Isolation pre-conditions: Directus env DB_DATABASE=directus; live connections by datname = directus(3), incomex_metadata(6), nothing else.

8. Gate decision: ospa=0 ⇒ production persistent seed NO-GO. Proceed to clone. Hard Gate 0 satisfied.