Incomex AI Portal
KB-1FDE

RP DOT Pivot-Update — 07 Anti-Drift Health + Guardrail (live-validated)

4 min read Revision 1
registries-pivotanti-drifthealth-view2026-06-03

07 — Anti-Drift Health + Guardrail

Paste-ready view: sql/rp_dot_pivot_update/v_rp_classification_health.sql (one row, read-only, NOT applied — keep prod byte-identical until owner go). Verification SQL: sql/rp_dot_pivot_update/verify_classification.sql.

Live-validated signals (2026-06-03, prod=directus)

Code Signal Live Expected after cleanup
AD-1 literal species='species' that is not a governed meta-species 0 0 (governed; never a bug here)
AD-2 missing species on an active pivot 2 2 (MTX-L1-OVERVIEW, MTX-L2-ATOM — matrix, by design)
AD-3 invalid species (set but not governed) 0 0
AD-4 composition mismatch vs governed species 3 0 (PIV-001/016/021 fixed)
AD-5 unknown registry_group (not in-use, not FAC-02) 0 0
AD-6 provisional domain rows with no FAC-02 mapping 6 shrinks as council ratifies (quy_trình×5, dữ_liệu×1)
AD-7 L2 false-coverage claim (ownership while gate closed) false false
AD-8 parity: map rows == pivot rows 37 == 37 37 == 37
AD-9 island (view copies governed truth, copies nothing) 0 0

Plus a manual-drift detector after cleanup: AD-4 returning to >0 means a manual UPDATE bypassed the tool (composition diverged from governed species again).

How it detects each failure mode the mission named

  • literal species='species' → AD-1 (governance-aware: a real governed meta-species is not flagged)
  • missing species → AD-2 · invalid species → AD-3 · composition mismatch → AD-4
  • registry_group domain/pivot_kind conflation → AD-6 surfaces the unmapped domain rows; the structural cure is the schema split (§09), tracked separately
  • orphan species → AD-3 / verify_classification.sql check 4 (orphan=0 live)
  • manual drift after DOT cleanup → AD-4 re-rising
  • L2 false coverage claim → AD-7 (must stay false while gate CLOSED; never claim gap=0)

Guardrail wiring (recommendation, not executed)

  1. Apply v_rp_classification_health (one inert read-only view) via the governed channel after owner go — mirrors how v_rp_classification_governance_map was applied.
  2. Schedule a read-only check (no daemon, no system_issues write here): a cron that SELECT * from the health view and alerts a channel if ad3>0 OR ad4>0 OR ad5>0 OR ad7=true OR ad8_map<>ad8_pivot. Thresholds: those five are hard-zero/parity; ad2/ad6 are informational backlog counters.
  3. Optionally fold AD-1..AD-9 into the existing dot-pivot-health (DOT-114) as an auditor extension and register a law_dot_enforcement auditor row (governed). The existing dot-misclass-scanner (DOT-116) already audits collection-level classification (junction/directus tables) and is complementary, not a duplicate.

Anti-drift discipline honored this macro

Entry md5 == exit md5 (70d6df…). The health view is paste-ready, not applied — the anti-drift suite must not itself introduce drift.

Back to Knowledge Hub knowledge/dev/reports/architecture/registries-pivot-dot-pivot-update-author-register-cleanup-2026-06-03/07-antidrift-health-and-guardrail.md