Incomex AI Portal
KB-6460

GPT Review — P10B-2B-FIX-REGEN-PROMOTE Prompt

3 min read Revision 1
s188p10bd28regen-promotevpsprompt-reviewapproved-with-patches

GPT Review — P10B-2B-FIX-REGEN-PROMOTE Prompt

Date: 2026-04-29

Verdict

Approved with 2 mandatory patches before dispatch.

The prompt correctly addresses the repeated machine-routing failure by requiring a VPS machine identity gate, regenerating from KB canonical inputs, and promoting the rebuilt package to KB with a manifest and read-back verification.

Constitutional / law check

Relevant constraints checked:

  • Đ43 Red Zones: no case-dispatch per section; no manual INSERT/UPDATE into kb_documents; no DDL/ALTER direct; no business logic in Nuxt.
  • Zero Trust: if the machine is not proven to be VPS, stop.
  • SSOT principle: /tmp is local workspace only; KB/repo must be cross-machine source of truth.
  • Birth-gate discipline: package must prove compliance before execute.

The prompt is compliant if the patches below are applied.

Mandatory patches

P1 — Clarify KB upload is via Agent Data API, not manual DB mutation

Because Red Zones prohibit manual INSERT/UPDATE into kb_documents, the prompt must explicitly say:

Upload files to KB using Agent Data / KB API only. Do not insert or update KB database rows directly. Do not use SQL against kb_documents.

This keeps KB promotion compliant with the gateway rule.

P2 — Strengthen Gate 0 host identity proof

The current Gate 0 checks Docker/psql. Add explicit host identity and fail-fast evidence:

  • hostname -f || hostname
  • uname -a
  • docker context ls || true
  • docker exec postgres psql -U directus -d directus -tAc "SELECT current_database() || '/' || current_user;"

Report the values. PASS only if:

  • local Docker postgres container is accessible;
  • DB/current_user = directus/directus;
  • the agent is not merely operating on Mac while calling remote APIs.

If uncertain, STOP.

Add package_origin to manifest:

"package_origin": {
  "machine_hostname": "...",
  "working_dir": "/tmp/p10b-2b-fix-vps",
  "gate0_db_identity": "directus/directus"
}

Dispatch condition

After P1–P2, dispatch Agent on VPS.

Do not run on Mac.

Next step after PASS

Patch PF-R2 so it fetches package artifacts from KB manifest, verifies SHA, then inspects locally. No execute until PF-R2 PASS.