GPT Final Review — Trigger Guard DROP Bug Investigation Prompt

Date: 2026-04-28

Verdict

CONDITIONALLY READY — patch 3 small clarifications before dispatch.

The prompt is safe in intent and has the previous critical patch: it does not call pg_event_trigger_dropped_objects() directly. It is read-only and suitable for low–medium effort after small clarifications.

Required small patches

1. Make SSH/VPS execution explicit for every command.

   • Either wrap commands as ssh contabo "docker exec ..." or state once: "All SQL commands below are examples to be executed on VPS via SSH contabo; do not run docker exec locally."

2. Apply steps 1, 3, 4, 5 to both DBs where relevant.

   • Current step 7 only checks incomex_metadata for source + table schema.
   • Add that directus is primary and incomex_metadata is comparison for: function source, function metadata/proconfig/security mode, alert table schema, recent rows if any.

3. Do not use SELECT * in report output for alert rows.

   • Replace with explicit safe columns: id, trigger_name, table_name, expected_enabled, actual_enabled, created_at.
   • This avoids accidentally logging unexpected columns if schema changed.

Accepted items

• Authorization wording is now safe: READY FOR USER DISPATCH — read-only only.
• No standalone call to pg_event_trigger_dropped_objects().
• Hard exclusions are correct: no ALTER, no DROP TRIGGER, no DDL/DML, no Gate B/C.
• Output asks for root cause and fix options only, not execution.

Direction

After these 3 clarifications, the prompt is ready to send to Claude Code with low–medium effort. No further GPT review needed unless Opus changes scope beyond read-only investigation.