GPT Review — P10A Pilot Cut-and-Render Plan v0.3

Date: 2026-04-29

Verdict

APPROVE WITH MICRO-PATCH — v0.4 needed before P10A-1 dispatch.

P10A v0.3 correctly separates P10A-1 read-only segmentation candidate from P10A-2 insert/render. It is aligned with the User-facing goal: create a visible result from real document units, while keeping GPT responsible for technical/law supervision.

One wording/design issue must be patched before dispatch because it violates Zero Trust: v0.3 says to verify birth-gate triggers fire in a read-only probe. Trigger firing cannot be verified without a write. P10A-1 must remain read-only.

Law / constitutional check

No blocking conflict after micro-patch.

• Hiến pháp / Zero Trust: mostly aligned; must not claim read-only trigger-fire verification.
• Điều 38 / LSL-01: aligned. P10A is a one-document information-unit pilot.
• Điều 33 / PostgreSQL SSOT: aligned if P10A-2 later writes only to PG through approved gate.
• Gate separation: aligned. P10A-1 is read-only; P10A-2 requires GPT review + User GO.
• User role correction: aligned. User will inspect visible output after P10A-2, not SQL internals.

Accepted improvements

1. P10A is split into P10A-1 and P10A-2.
2. P10A-1 is read-only and stops after candidate/report upload.
3. Exact source path for Điều 35 is specified.
4. Source metadata/revision/hash capture is required.
5. Schema/vocab discovery is required before segmentation.
6. Batch marker is not assumed; it is discovered from schema.
7. Segmentation candidate avoids full-body log bloat.
8. PASS criteria for P10A-1 vs P10A-2 are separated.

Required micro-patches for v0.4

Patch 1 — Fix execution role / trigger probe wording

Replace Step 4:

Verify birth gate triggers fire correctly — Read-only probe ONLY

with:

P10A-1 only performs read-only catalog/procedure discovery: table privileges, trigger definitions/enabled status, function ownership/security, and relevant trigger function source. It does not verify trigger firing. Actual trigger firing is verified only in P10A-2 via controlled insert transaction after GPT approval + User GO.

Patch 2 — Rename Step 4 to avoid implying mutation readiness

Use:

Execution path discovery for P10A-2 (read-only catalog only)

It should collect:

• table privileges for candidate DB roles;
• trigger names/enabled status on target tables;
• trigger functions and owners/security mode;
• whether the previously provisioned tac-admin token can be used if API path is later chosen;
• no insert/update/delete.

Patch 3 — P10A-1 output path

Add expected KB output path for P10A-1 report, for example:

knowledge/dev/laws/dieu38-trien-khai/reports/p10a-d35-segmentation-candidate-YYYY-MM-DD.md

or JSON + markdown pair if needed.

Directive to Opus 4.6

Patch P10A v0.3 → P10A v0.4 with the three micro-patches above.

Then prepare P10A-1 dispatch prompt only:

• read-only;
• schema discovery;
• source snapshot/hash;
• vocab discovery;
• batch-marker feasibility discovery;
• segmentation candidate for Điều 35;
• assembly/render plan draft;
• upload candidate report;
• STOP.

No production insert. No tac_* data mutation. No P10A-2. No Nuxt/KG/vector. No broad migration.

Return v0.4 / P10A-1 prompt for GPT final review.

Current state

• P9 foundation: GPT technically complete.
• P10A v0.3: correct direction, needs micro-patch.
• P10A-1: not yet dispatched.
• P10A-2 production insert/render: not authorized.