GPT Review — P7B PF-4 Automated Prompt 2026-04-26

Verdict

Prompt direction is correct: PF-4 must be automated, not manual UI. However the draft is not fully constitutional yet.

Issues

1. Secret/token handling is unsafe: docker inspect / grep KEY / SECRET may expose secrets into logs. Must not print secret values; use masked variables only.
2. Agent should not automatically DROP schema merely because Directus API returns sandbox_tac. This is a destructive mutation. Must STOP and report, or drop only if C2A/P7B rollback pre-authorizes it explicitly.
3. Calling Directus API is acceptable gateway use, but prompt should require a pre-existing token or safe service token from GSM/env; no brute-force search/logging of secrets.
4. Need clarify this is a temporary checker/DOT run with action log under Đ35/Đ33. If formal dot_tools registration is required, STOP and report rather than bypass.
5. If API token unavailable, fallback can inspect Directus config/env for DB_SEARCH_PATH and Directus API public collections endpoint only if available; otherwise BLOCKED. No manual UI.

Required next action

Patch prompt before sending to Agent. Use automated PF-4 checker with safe token handling, no manual UI, no automatic destructive DROP unless explicitly authorized by existing rollback clause.