資訊安全網
IwoooS
Kali、原始碼、主機、執行閘門與AwoooP 證據的可視化資安態勢。
目前邊界
只讀鏡像 / 先觀測
只顯示態勢與缺口;掃描、修復、更新、阻擋仍未開閘。
進度誠實儀表
為什麼整體現在是 64%
可見範圍已展開,但 S4.9 脫敏回覆、證據參照與審查接受都還是 0;因此只能顯示框架進展,不能把執行進度往前推。
9 類
資產已放進只讀視圖
產品、網站、新專案、工具與三台主機已在同一張資安網裡可讀。
0 / 3
推進證據仍未到齊
S4.9 需要回覆、脫敏證據參照與審查接受,目前三項都未完成。
0
執行仍鎖定
掃描、SSH、主機更新、修復、部署與版本來源變更都沒有開閘。
儀表邊界
這是首屏解釋層,只呈現進度依據與鎖定條件;不送件、不收件、不批准、不掃描、不更新主機。
iwooos_progress_integrity_ribbon_first_layer=trueiwooos_progress_integrity_ribbon_signal_count=3iwooos_progress_integrity_ribbon_headline_percent=64iwooos_progress_integrity_ribbon_headline_delta=3iwooos_progress_integrity_ribbon_read_only_scope_count=9iwooos_progress_integrity_ribbon_pending_evidence_gate_count=3iwooos_progress_integrity_ribbon_runtime_gate_count=0owner_response_received_count=0owner_response_accepted_count=0redacted_evidence_refs_received_count=0runtime_execution_authorized=falseactive_runtime_gate_count=0action_buttons_allowed=falsenot_authorization=true高層快照
資安治理狀態總覽
彙整已完成成果、納管範圍、待補證據與執行邊界;下方提供拓樸、決策跑道與證據細節。
92%
框架 / 治理 / 介面
0/4
S4.9 負責人證據
0
執行期開閘
7區
已完成可見工作
IwoooS 已把焦點導覽、視覺資安網、拓樸圖、決策跑道、執行閘雷達、AwoooP、任務媒合產品 與 代理賞金協議 納管呈現到前台。
8+3
資產與主機已納管
9 類產品 / 網站 / 工具面與host:kali-readonly、host:dev-a、host:dev-b 三台主機已放入同一個只讀資安網。
S4.9
待補關鍵證據
整體百分比要前進,需要 S4.9 負責人回覆、脫敏證據與審查接受。
候選 0
審查後修正候選
程式碼審查與資安審查可先列出人工批准後才處理的修正候選;目前候選=0,不自動改程式碼、不自動部署。
閘門 0
執行邊界鎖定
掃描、SSH、主機更新、修復、部署與版本來源變更都維持閘門 0。
高層快照邊界
這個快照只做管理層摘要與導覽,不是掃描器、主機更新器、部署器或版本來源切換器。
iwooos_executive_snapshot_first_layer=trueiwooos_executive_snapshot_card_count=5iwooos_executive_snapshot_axis_count=3iwooos_executive_snapshot_above_focus_deck=trueiwooos_executive_snapshot_explains_done_next_blocked=trueiwooos_executive_snapshot_review_fix_candidate_count=0iwooos_executive_snapshot_review_fix_candidate_execution_allowed=falseiwooos_executive_snapshot_execution_action_buttons_allowed=falseiwooos_executive_snapshot_runtime_gate_count=0iwooos_executive_snapshot_owner_response_received_count=0iwooos_executive_snapshot_owner_response_accepted_count=0iwooos_executive_snapshot_scan_authorized=falseiwooos_executive_snapshot_host_change_authorized=falseiwooos_executive_snapshot_source_control_mutation_authorized=falseruntime_execution_authorized=falseactive_runtime_gate_count=0action_buttons_allowed=falsenot_authorization=true代理賞金協議 新專案收件卡
先納入視野,外部 agent 與金流先鎖住
代理賞金協議 已納入 IwoooS,但目前只補 scope、owner、資料分級、版本來源、部署邊界、外部 agent 邊界與財務邊界;執行期仍維持 0。
納管狀態
已納管
已進八類產品範圍。
待補證據
7
七項收件欄位仍待負責人補齊。
執行期
0
仍為 0,不進執行。
檢查 AB1
產品負責人與責任邊界
狀態:待補
目前缺口:尚未建立產品、資安、部署、外部 agent、通知與 treasury 的可追溯 owner。
下一步:先收只讀 owner 證據;不得把口頭同意或 AwoooP approval 視為資安批准。
檢查 AB2
任務、agent 與 webhook 資料分級
狀態:待分級
目前缺口:尚未標示 task、solution、agent reputation、traffic、webhook、admin 與 settlement 的資料分級。
下一步:只收欄位類型與脫敏摘要,不收原始載荷、未脫敏互動內容、cookie 或 token。
檢查 AB3
版本來源與 dirty workspace 判定
狀態:待證據
目前缺口:本機 repo 有 51 個修改或未追蹤項目;尚未判定 WIP、release candidate 與 canonical remote。
下一步:先收 refs truth 與 dirty workspace disposition;不得 push、rebase、同步 refs 或改 workflow。
檢查 AB4
部署邊界與回復條件
狀態:待界定
目前缺口:README 與部署腳本顯示主機線索需 owner 確認;尚未建立正式 smoke、TLS、rollback 與維護窗口。
下一步:先補 production host、compose directory、domain、TLS、health check 與 rollback owner,不觸發部署。
檢查 AB5
MCP / A2A / cron 外部 agent 邊界
狀態:未授權
目前缺口:AUTO_CLAIM、AUTO_SUBMIT、RUN_DAEMON、A2A dispatcher、self-replicate 與外部送訊尚未授權。
下一步:先列 route、tool、cron 與 daemon 名稱,不啟用外部 claim / submit / listener / dispatcher。
檢查 AB6
Treasury / staking / payout 邊界
狀態:未授權
目前缺口:staking、withdrawal、payout、Stripe、wallet 類能力尚未有財務 owner 與停用條件。
下一步:只收 capability 與 owner metadata,不收 private key、seed phrase、Stripe secret 或 payout instruction。
檢查 AB7
執行期閘門分離
狀態:未開
目前缺口:尚未有任何掃描、修復、部署、cron、daemon、agent action 或金流操作授權。
下一步:保持閘門 0;等 owner 證據接受後才討論後續候選。
代理賞金協議 收件邊界
以下鍵值固定:這是只讀收件,不讀 env、不建立儲存庫、不同步參照、不部署、不掃描、不啟用 cron、不讓 agent claim / submit、不執行 payout 或 withdrawal。
agent_bounty_security_onboarding_item_count=7agent_bounty_security_onboarding_read_only=trueagent_bounty_owner_evidence_received=falseagent_bounty_data_classification_received=falseagent_bounty_source_control_evidence_received=falseagent_bounty_deployment_boundary_received=falseagent_bounty_external_agent_boundary_received=falseagent_bounty_treasury_boundary_received=falseagent_bounty_auto_claim_submit_authorized=falseagent_bounty_bounty_payout_authorized=falseagent_bounty_runtime_gate_open=falseruntime_execution_authorized=falseactive_runtime_gate_count=0action_buttons_allowed=falsenot_authorization=truerepo_creation_authorized=falserefs_sync_authorized=falseworkflow_modification_authorized=falseproduction_deploy_authorized=false部署風險只讀卡
CD 已完成,但 ArgoCD 風險仍不能假裝全綠
風險來源部署 marker 為 16756d24;該次 CD smoke 與 API health 通過,但 `AWOOOI_ROLLOUT_RISK=1` 仍存在,因 ArgoCD health 為 Degraded 且部分資源 OutOfSync。此卡只顯示風險,不修復、不同步、不重啟、不開執行期。
風險來源
16756d24
產生此風險證據的部署 marker,不等於目前最新部署。
風險訊號
1
仍需只讀查清,不當成全綠。
執行期
0
仍為 0,不開修復入口。
訊號 RR1
ArgoCD health 降級
狀態:Degraded
CD log 顯示 health=Degraded;這是只讀風險證據,需要另行盤點來源,不能被 smoke 成功覆蓋。
訊號 RR2
部分資源同步外
狀態:OutOfSync
CD log 顯示部分資源 OutOfSync;目前只標示風險,不執行 ArgoCD sync、kubectl 或 host 操作。
訊號 RR3
API 與煙霧測試通過
狀態:通過
API health 與 Playwright smoke 通過代表服務可讀,不代表 GitOps 狀態已全綠。
訊號 RR4
執行期閘門仍為 0
狀態:不開閘
此卡不得產生修復、同步、重啟、部署或主機操作;下一步只能做只讀證據收斂。
部署風險邊界
以下鍵值固定:部署完成、API health 與 smoke 通過不等於 GitOps 狀態全綠,也不代表 runtime gate、kubectl、ArgoCD sync、主機重啟或自動修復獲得授權。
rollout_risk_read_only_card_count=4rollout_risk_source_deploy_marker=16756d24rollout_risk_awoooi_rollout_risk=1rollout_risk_argocd_health=Degradedrollout_risk_resource_sync=OutOfSyncrollout_risk_api_health_passed=truerollout_risk_playwright_smoke_passed=truerollout_risk_requires_read_only_triage=truerollout_risk_runtime_gate_count=0runtime_execution_authorized=falseactive_runtime_gate_count=0action_buttons_allowed=falsenot_authorization=trueargocd_sync_authorized=falsekubectl_action_authorized=falsehost_restart_authorized=falseP0 配置控管優先序
先看最可能造成即時資安或服務風險的配置
此卡把高價值配置矩陣中的 P0 風險集中成一列,只顯示目前必須先控管的配置類別與下一步收件缺口;不讀 live 主機、不執行 nginx -t、不 reload、不 sync、不收 secret、不開 agent-bounty runtime。
P0 類別
6
先把六類即時風險配置放到同一列。
已收 / 已接受
0 / 0
owner response 仍為 0 / 0。
Live evidence
0
尚未收到 owner 提供的 live 證據。
執行期
0
仍為 0,不顯示操作按鈕。
P0-1
Nginx 公開入口
92% / readback 0
最優先控管公開入口、上游服務、管理路由、WebSocket、ACME 與 TLS;手動或緊急變更回補後已新增事故後回讀計畫,固定 3 個 gateway 範圍、30 個必填欄位、28 個審查檢查項、10 條結果分流與 41 類禁止動作。目前 readback received / accepted、live conf、rendered diff、nginx -t、reload、route smoke、DNS / TLS probe、certbot renew、維護窗口、回滾負責人與 runtime gate 仍全部為 0。
P0-2
DNS / TLS / certbot
78% / probe 0
公開 domain、憑證路徑、ACME 與 renewal owner 需先收件;目前不做 DNS 查詢、TLS probe 或 certbot renew。
P0-3
K8s / ArgoCD / production manifests
66% / readback 0
production manifests、ConfigMap / Secret metadata、NetworkPolicy、CronJob 與 rollback revision 需被納管;GitOps 變更證據驗收後已新增事故後回讀計畫,固定 4 個範圍、31 個必填欄位、28 個審查檢查項、10 條結果分流與 41 類禁止動作。目前 post-incident readback received / accepted、ArgoCD app health、sync status、Pending / image pull / scheduling、drift、route / AI / monitoring impact、cross-project sync、no-false-green 與 runtime gate 仍全部為 0;不執行 ArgoCD sync、kubectl、Helm upgrade、NetworkPolicy / NodePort / RBAC 變更或 live patch。
P0-4
工作流程 / 執行器 / 機密中繼資料
70% / 74%
Gitea 工作流程、執行器標籤、部署金鑰、webhook、分支保護、CODEOWNERS 與機密名稱已新增事故後回讀計畫,固定 5 個候選、33 個必填欄位、30 個審查檢查項、11 條結果分流與 52 類禁止動作。目前只收脫敏參照、執行紀錄代號、負責人與回復方案,不收明文值、hash、片段 token、runner token 或私鑰,也不修改工作流程、啟用執行器、dispatch workflow 或輪替機密。
P0-5
Public / admin / API runtime config
64% / route 0
AWOOOI、AwoooP、IwoooS、任務媒合產品、股票研究平台、官方形象網站、藥局網站、直播角色網站 等公開、後台、API、callback、webhook 與 env runtime config 已新增變更證據驗收;前台 source / messages 也已納入敏感資訊防洩漏 guard,只讀成熟度 66%,掃 225 個檔案、12 類禁字、違規 0。目前只收 affected route、auth boundary、API readback、CORS diff、frontend env diff、i18n redaction、desktop / mobile smoke、sensitive scan 與 rollback owner,不改 CORS、不改 route、不部署,也不得暴露原始命名空間、內部狀態碼或內部協作內容。
P0-6
agent-bounty runtime / treasury
runtime 0
代理賞金協議 已納入 C0 runtime / MCP / A2A / treasury 邊界;claim、submit、daemon、webhook、payout、withdrawal 全部維持未授權。
P0 配置控管邊界
以下鍵值固定:優先序可見不代表 owner 已回覆、live evidence 已收到、Nginx 可 reload、ArgoCD 可 sync、workflow 可改、secret 可輪替、agent-bounty 可執行或金流可動作。
critical_config_priority_frontstage_summary_count=4critical_config_priority_item_count=6critical_config_priority_p0_category_count=6critical_config_priority_owner_response_received_count=0critical_config_priority_owner_response_accepted_count=0critical_config_priority_live_evidence_received_count=0critical_config_priority_runtime_gate_count=0critical_config_priority_action_button_count=0nginx_public_gateway_owner_response_received=falsenginx_public_gateway_live_conf_evidence_received=falsenginx_public_gateway_rendered_diff_accepted=falsenginx_public_gateway_rendered_diff_acceptance_candidate_count=3nginx_public_gateway_post_incident_readback_plan_candidate_count=3nginx_public_gateway_post_incident_readback_plan_blocked_action_count=41nginx_public_gateway_post_incident_readback_plan_runtime_gate_count=0nginx_public_gateway_nginx_test_evidence_count=0public_admin_api_runtime_config_coverage_percent=66public_frontend_sensitive_surface_guard_file_count=225public_frontend_sensitive_surface_guard_forbidden_pattern_count=12public_frontend_sensitive_surface_guard_violation_count=0public_runtime_config_change_evidence_acceptance_candidate_count=6public_runtime_config_change_evidence_acceptance_c0_candidate_count=5public_runtime_config_change_evidence_acceptance_write_capable_candidate_count=6public_runtime_config_change_evidence_acceptance_required_evidence_field_count=21public_runtime_config_change_evidence_acceptance_reviewer_check_count=21public_runtime_config_change_evidence_acceptance_outcome_lane_count=8public_runtime_config_change_evidence_acceptance_blocked_action_count=32public_runtime_config_change_evidence_acceptance_received_count=0public_runtime_config_change_evidence_acceptance_accepted_count=0public_runtime_config_change_evidence_acceptance_route_scope_accepted_count=0public_runtime_config_change_evidence_acceptance_admin_auth_boundary_accepted_count=0public_runtime_config_change_evidence_acceptance_api_contract_readback_accepted_count=0public_runtime_config_change_evidence_acceptance_cors_origin_diff_accepted_count=0public_runtime_config_change_evidence_acceptance_frontend_env_diff_accepted_count=0public_runtime_config_change_evidence_acceptance_i18n_redaction_review_accepted_count=0public_runtime_config_change_evidence_acceptance_desktop_mobile_smoke_accepted_count=0public_runtime_config_change_evidence_acceptance_sensitive_string_scan_accepted_count=0public_runtime_config_change_evidence_acceptance_runtime_approval_package_ready_count=0public_runtime_config_change_evidence_acceptance_runtime_gate_count=0secret_metadata_coverage_percent=70gitea_workflow_runner_source_control_coverage_percent=74cd_runner_secret_injection_change_evidence_acceptance_candidate_count=5cd_runner_secret_injection_change_evidence_acceptance_c0_candidate_count=4cd_runner_secret_injection_change_evidence_acceptance_write_capable_candidate_count=5cd_runner_secret_injection_change_evidence_acceptance_required_evidence_field_count=19cd_runner_secret_injection_change_evidence_acceptance_reviewer_check_count=19cd_runner_secret_injection_change_evidence_acceptance_outcome_lane_count=8cd_runner_secret_injection_change_evidence_acceptance_blocked_action_count=32cd_runner_secret_injection_change_evidence_acceptance_received_count=0cd_runner_secret_injection_change_evidence_acceptance_accepted_count=0cd_runner_secret_injection_change_evidence_acceptance_workflow_diff_accepted_count=0cd_runner_secret_injection_change_evidence_acceptance_runner_attestation_accepted_count=0cd_runner_secret_injection_change_evidence_acceptance_secret_name_parity_accepted_count=0cd_runner_secret_injection_change_evidence_acceptance_secret_injection_route_accepted_count=0cd_runner_secret_injection_change_evidence_acceptance_runtime_approval_package_ready_count=0cd_runner_secret_injection_change_evidence_acceptance_runtime_gate_count=0cd_runner_secret_injection_post_incident_readback_plan_candidate_count=5cd_runner_secret_injection_post_incident_readback_plan_c0_candidate_count=4cd_runner_secret_injection_post_incident_readback_plan_write_capable_candidate_count=5cd_runner_secret_injection_post_incident_readback_plan_required_readback_field_count=33cd_runner_secret_injection_post_incident_readback_plan_reviewer_check_count=30cd_runner_secret_injection_post_incident_readback_plan_outcome_lane_count=11cd_runner_secret_injection_post_incident_readback_plan_blocked_action_count=52cd_runner_secret_injection_post_incident_readback_plan_received_count=0cd_runner_secret_injection_post_incident_readback_plan_accepted_count=0cd_runner_secret_injection_post_incident_readback_plan_workflow_diff_state_accepted_count=0cd_runner_secret_injection_post_incident_readback_plan_runner_attestation_accepted_count=0cd_runner_secret_injection_post_incident_readback_plan_secret_name_parity_accepted_count=0cd_runner_secret_injection_post_incident_readback_plan_secret_injection_route_accepted_count=0cd_runner_secret_injection_post_incident_readback_plan_runtime_gate_count=0k8s_argocd_change_evidence_acceptance_candidate_count=4k8s_argocd_change_evidence_acceptance_c0_candidate_count=3k8s_argocd_change_evidence_acceptance_write_capable_candidate_count=4k8s_argocd_change_evidence_acceptance_required_evidence_field_count=18k8s_argocd_change_evidence_acceptance_reviewer_check_count=18k8s_argocd_change_evidence_acceptance_outcome_lane_count=8k8s_argocd_change_evidence_acceptance_blocked_action_count=28k8s_argocd_change_evidence_acceptance_received_count=0k8s_argocd_change_evidence_acceptance_accepted_count=0k8s_argocd_change_evidence_acceptance_runtime_approval_package_ready_count=0k8s_argocd_change_evidence_acceptance_runtime_gate_count=0k8s_argocd_post_incident_readback_plan_candidate_count=4k8s_argocd_post_incident_readback_plan_c0_candidate_count=3k8s_argocd_post_incident_readback_plan_write_capable_candidate_count=4k8s_argocd_post_incident_readback_plan_required_readback_field_count=31k8s_argocd_post_incident_readback_plan_reviewer_check_count=28k8s_argocd_post_incident_readback_plan_outcome_lane_count=10k8s_argocd_post_incident_readback_plan_blocked_action_count=41k8s_argocd_post_incident_readback_plan_post_incident_readback_received_count=0k8s_argocd_post_incident_readback_plan_post_incident_readback_accepted_count=0k8s_argocd_post_incident_readback_plan_runtime_gate_count=0dns_tls_live_probe_executed=falsecertbot_renew_authorized=falseargocd_api_read_authorized=falseargocd_sync_authorized=falsekubectl_action_authorized=falsehelm_upgrade_authorized=falsenetwork_policy_apply_authorized=falsenodeport_change_authorized=falserbac_change_authorized=falseworkflow_modification_authorized=falserunner_change_authorized=falserepo_secret_change_authorized=falsesecret_injection_change_authorized=falsegitea_action_dispatch_authorized=falsecd_pipeline_run_authorized=falseproduction_deploy_authorized=falseforce_push_authorized=falsegithub_primary_switch_authorized=falseruntime_config_change_authorized=falseapi_route_change_authorized=falsecors_change_authorized=falsefrontend_env_change_authorized=falsemiddleware_auth_change_authorized=falsecallback_url_change_authorized=falsewebhook_secret_change_authorized=falsesecurity_header_change_authorized=falsecookie_policy_change_authorized=falsecsrf_disable_authorized=falserate_limit_disable_authorized=falseapi_contract_change_authorized=falseinternal_ip_exposure_allowed=falserepo_namespace_exposure_allowed=falseowner_namespace_exposure_allowed=falseinternal_status_code_exposure_allowed=falseinternal_transcript_exposure_allowed=falseraw_payload_storage_allowed=falsedatabase_migration_authorized=falsesecret_value_collection_allowed=falsepublic_route_change_authorized=falseagent_bounty_runtime_authorized=falsepayout_or_withdrawal_authorized=falseruntime_execution_authorized=falseactive_runtime_gate_count=0action_buttons_allowed=falsenot_authorization=true高價值配置覆蓋矩陣
14 類重要配置已進入同一張控管矩陣
這張卡顯示全域高價值配置控管成熟度,不是單次變更分類;Nginx、DNS / TLS、K8s、機密、工作流程、執行器、備份、監控、AI provider、agent-bounty runtime 都已註冊,但負責人回覆與執行期仍為 0。
註冊類別
14
14 類全部來自高價值配置 Gate。
C0 高風險
8
8 類會影響公開入口、secret、部署、備份或 agent runtime。
平均成熟度
71%
多個事故後回讀 gate 納入後,平均控管成熟度為 71%。
執行期
0
仍為 0,不提供操作按鈕。
P1-1
Docker / systemd 主機服務
只讀成熟度:64%
只讀清冊、負責人回覆驗收、主機服務變更證據驗收與事故後回讀計畫已納入 9 個範圍;目前只讀成熟度 64%,28 個審查檢查項、10 條結果分流、41 類禁止動作。Docker daemon、compose、systemd、失敗單元、port binding、public/admin route、AI provider、監控告警、跨專案同步、防再發與 no-false-green 驗收仍全部為 0。
P1-2
SSH / network / firewall
只讀成熟度:64%
repo-only 清冊已納入 16 個 SSH / network access surface,owner response acceptance、事故型端口 / 防火牆變更證據驗收與 post-incident readback plan 已固定;目前成熟度 64%,14 個事故回讀候選、24 個 reviewer checks、10 條 outcome lanes、34 類 blocked action。下一步仍需 actor、before / after、service / AI provider / monitoring impact、operator notification、cross-project sync、restoration evidence、recurrence guard、maintenance window、rollback owner 與 post-check evidence,readback accepted 與 runtime gate 仍全部為 0。
P1-3
AI 供應商 / 模型路由
只讀成熟度:64%
供應商、Ollama 代理、回退順序、成本與隱私邊界已新增 owner response acceptance 帳本;目前成熟度 64%,8 個候選、24 個審查檢查項、10 條結果分流、38 類禁止動作,供應商回覆、乾跑、基準測試、成本審查、隱私審查、provider 切換、外部呼叫、付費呼叫、prompt 送出與 runtime gate 仍全部為 0。
P1-4
K8s / ArgoCD GitOps
只讀成熟度:66%
manifest 清冊、負責人回覆驗收、GitOps 變更證據驗收與事故後回讀計畫已固定;目前成熟度 66%。新回讀計畫涵蓋 4 個範圍、31 個必填欄位、28 個審查檢查項、10 條結果分流與 41 類禁止動作;仍缺 actor、ArgoCD app / sync、Degraded / Pending、image pull / scheduling、rollout 前後、event / metrics / alert、drift scanner、CronJob、NetworkPolicy / RBAC / Secret metadata、route / AI / monitoring impact、跨專案同步與 no-false-green 脫敏證據。readback accepted 與 runtime gate 仍全部為 0。
配置覆蓋矩陣邊界
以下鍵值固定:矩陣只顯示分類、證據與下一步收件順序,不代表 live evidence 已取得,也不代表 reload、sync、scan、secret rotation、agent-bounty runtime 或主機操作已授權。
high_value_config_control_coverage_frontstage_summary_count=4high_value_config_control_coverage_frontstage_item_count=4high_value_config_control_coverage_category_count=14high_value_config_control_coverage_c0_category_count=8high_value_config_control_coverage_c1_category_count=4high_value_config_control_coverage_average_percent=71high_value_config_control_coverage_needs_live_evidence_count=9high_value_config_control_coverage_owner_response_required_count=14high_value_config_control_coverage_owner_response_received_count=0high_value_config_control_coverage_owner_response_accepted_count=0high_value_config_control_coverage_runtime_gate_count=0high_value_config_control_coverage_action_button_count=0nginx_public_gateway_coverage_percent=92public_gateway_owner_response_acceptance_required_owner_response_field_count=22public_gateway_owner_response_acceptance_reviewer_check_count=22public_gateway_owner_response_acceptance_outcome_lane_count=8public_gateway_owner_response_acceptance_blocked_action_count=28k8s_production_gitops_coverage_percent=66secret_metadata_coverage_percent=70gitea_workflow_runner_source_control_coverage_percent=74public_admin_api_runtime_config_coverage_percent=66ai_provider_model_routing_coverage_percent=64ai_provider_owner_response_acceptance_candidate_count=8ai_provider_owner_response_acceptance_write_capable_candidate_count=5ai_provider_owner_response_acceptance_required_owner_field_count=24ai_provider_owner_response_acceptance_reviewer_check_count=24ai_provider_owner_response_acceptance_outcome_lane_count=10ai_provider_owner_response_acceptance_blocked_action_count=38ai_provider_owner_response_acceptance_owner_response_received_count=0ai_provider_owner_response_acceptance_owner_response_accepted_count=0ai_provider_owner_response_acceptance_dry_run_result_accepted_count=0ai_provider_owner_response_acceptance_benchmark_result_accepted_count=0ai_provider_owner_response_acceptance_cost_review_accepted_count=0ai_provider_owner_response_acceptance_privacy_review_accepted_count=0ai_provider_owner_response_acceptance_provider_switch_authorized_count=0ai_provider_owner_response_acceptance_external_provider_call_authorized_count=0ai_provider_owner_response_acceptance_paid_provider_call_authorized_count=0ai_provider_owner_response_acceptance_prompt_send_authorized_count=0ai_provider_owner_response_acceptance_runtime_gate_count=0public_frontend_sensitive_surface_guard_file_count=225public_frontend_sensitive_surface_guard_forbidden_pattern_count=12public_frontend_sensitive_surface_guard_violation_count=0public_frontend_sensitive_surface_guard_runtime_gate_count=0public_runtime_config_change_evidence_acceptance_candidate_count=6public_runtime_config_change_evidence_acceptance_c0_candidate_count=5public_runtime_config_change_evidence_acceptance_c1_candidate_count=1public_runtime_config_change_evidence_acceptance_write_capable_candidate_count=6public_runtime_config_change_evidence_acceptance_source_ref_count=20public_runtime_config_change_evidence_acceptance_required_evidence_field_count=21public_runtime_config_change_evidence_acceptance_reviewer_check_count=21public_runtime_config_change_evidence_acceptance_outcome_lane_count=8public_runtime_config_change_evidence_acceptance_blocked_action_count=32public_runtime_config_change_evidence_acceptance_received_count=0public_runtime_config_change_evidence_acceptance_accepted_count=0public_runtime_config_change_evidence_acceptance_route_scope_accepted_count=0public_runtime_config_change_evidence_acceptance_admin_auth_boundary_accepted_count=0public_runtime_config_change_evidence_acceptance_api_contract_readback_accepted_count=0public_runtime_config_change_evidence_acceptance_cors_origin_diff_accepted_count=0public_runtime_config_change_evidence_acceptance_frontend_env_diff_accepted_count=0public_runtime_config_change_evidence_acceptance_i18n_redaction_review_accepted_count=0public_runtime_config_change_evidence_acceptance_desktop_mobile_smoke_accepted_count=0public_runtime_config_change_evidence_acceptance_sensitive_string_scan_accepted_count=0public_runtime_config_change_evidence_acceptance_postcheck_evidence_accepted_count=0public_runtime_config_change_evidence_acceptance_runtime_approval_package_ready_count=0public_runtime_config_change_evidence_acceptance_runtime_gate_count=0cd_runner_secret_injection_change_evidence_acceptance_candidate_count=5cd_runner_secret_injection_change_evidence_acceptance_c0_candidate_count=4cd_runner_secret_injection_change_evidence_acceptance_c1_candidate_count=1cd_runner_secret_injection_change_evidence_acceptance_write_capable_candidate_count=5cd_runner_secret_injection_change_evidence_acceptance_local_workflow_file_count=33cd_runner_secret_injection_change_evidence_acceptance_gitea_workflow_file_count=12cd_runner_secret_injection_change_evidence_acceptance_github_workflow_file_count=21cd_runner_secret_injection_change_evidence_acceptance_local_referenced_secret_name_count=42cd_runner_secret_injection_change_evidence_acceptance_runner_label_count=5cd_runner_secret_injection_change_evidence_acceptance_required_evidence_field_count=19cd_runner_secret_injection_change_evidence_acceptance_reviewer_check_count=19cd_runner_secret_injection_change_evidence_acceptance_outcome_lane_count=8cd_runner_secret_injection_change_evidence_acceptance_blocked_action_count=32cd_runner_secret_injection_change_evidence_acceptance_received_count=0cd_runner_secret_injection_change_evidence_acceptance_accepted_count=0cd_runner_secret_injection_change_evidence_acceptance_workflow_diff_accepted_count=0cd_runner_secret_injection_change_evidence_acceptance_runner_attestation_accepted_count=0cd_runner_secret_injection_change_evidence_acceptance_secret_name_parity_accepted_count=0cd_runner_secret_injection_change_evidence_acceptance_secret_injection_route_accepted_count=0cd_runner_secret_injection_change_evidence_acceptance_deploy_marker_readback_accepted_count=0cd_runner_secret_injection_change_evidence_acceptance_guard_result_accepted_count=0cd_runner_secret_injection_change_evidence_acceptance_postcheck_evidence_accepted_count=0cd_runner_secret_injection_change_evidence_acceptance_runtime_approval_package_ready_count=0cd_runner_secret_injection_change_evidence_acceptance_runtime_gate_count=0cd_runner_secret_injection_post_incident_readback_plan_candidate_count=5cd_runner_secret_injection_post_incident_readback_plan_c0_candidate_count=4cd_runner_secret_injection_post_incident_readback_plan_write_capable_candidate_count=5cd_runner_secret_injection_post_incident_readback_plan_required_readback_field_count=33cd_runner_secret_injection_post_incident_readback_plan_reviewer_check_count=30cd_runner_secret_injection_post_incident_readback_plan_outcome_lane_count=11cd_runner_secret_injection_post_incident_readback_plan_blocked_action_count=52cd_runner_secret_injection_post_incident_readback_plan_received_count=0cd_runner_secret_injection_post_incident_readback_plan_accepted_count=0cd_runner_secret_injection_post_incident_readback_plan_workflow_diff_state_accepted_count=0cd_runner_secret_injection_post_incident_readback_plan_runner_attestation_accepted_count=0cd_runner_secret_injection_post_incident_readback_plan_secret_name_parity_accepted_count=0cd_runner_secret_injection_post_incident_readback_plan_secret_injection_route_accepted_count=0cd_runner_secret_injection_post_incident_readback_plan_deploy_marker_readback_accepted_count=0cd_runner_secret_injection_post_incident_readback_plan_gitea_action_run_readback_accepted_count=0cd_runner_secret_injection_post_incident_readback_plan_log_redaction_readback_accepted_count=0cd_runner_secret_injection_post_incident_readback_plan_runtime_gate_count=0k8s_argocd_change_evidence_acceptance_candidate_count=4k8s_argocd_change_evidence_acceptance_c0_candidate_count=3k8s_argocd_change_evidence_acceptance_write_capable_candidate_count=4k8s_argocd_change_evidence_acceptance_required_evidence_field_count=18k8s_argocd_change_evidence_acceptance_reviewer_check_count=18k8s_argocd_change_evidence_acceptance_outcome_lane_count=8k8s_argocd_change_evidence_acceptance_blocked_action_count=28k8s_argocd_change_evidence_acceptance_received_count=0k8s_argocd_change_evidence_acceptance_accepted_count=0k8s_argocd_change_evidence_acceptance_runtime_approval_package_ready_count=0k8s_argocd_change_evidence_acceptance_runtime_gate_count=0k8s_argocd_post_incident_readback_plan_candidate_count=4k8s_argocd_post_incident_readback_plan_c0_candidate_count=3k8s_argocd_post_incident_readback_plan_write_capable_candidate_count=4k8s_argocd_post_incident_readback_plan_required_readback_field_count=31k8s_argocd_post_incident_readback_plan_reviewer_check_count=28k8s_argocd_post_incident_readback_plan_outcome_lane_count=10k8s_argocd_post_incident_readback_plan_blocked_action_count=41k8s_argocd_post_incident_readback_plan_post_incident_readback_received_count=0k8s_argocd_post_incident_readback_plan_post_incident_readback_accepted_count=0k8s_argocd_post_incident_readback_plan_argocd_app_health_accepted_count=0k8s_argocd_post_incident_readback_plan_argocd_sync_status_accepted_count=0k8s_argocd_post_incident_readback_plan_degraded_state_accepted_count=0k8s_argocd_post_incident_readback_plan_pending_workload_accepted_count=0k8s_argocd_post_incident_readback_plan_image_pull_or_scheduling_accepted_count=0k8s_argocd_post_incident_readback_plan_metrics_alert_accepted_count=0k8s_argocd_post_incident_readback_plan_cross_project_sync_accepted_count=0k8s_argocd_post_incident_readback_plan_no_false_green_accepted_count=0k8s_argocd_post_incident_readback_plan_argocd_api_read_authorized_count=0k8s_argocd_post_incident_readback_plan_argocd_sync_authorized_count=0k8s_argocd_post_incident_readback_plan_kubectl_action_authorized_count=0k8s_argocd_post_incident_readback_plan_runtime_gate_count=0k8s_argocd_post_incident_readback_plan_action_button_count=0public_gateway_rendered_diff_acceptance_candidate_count=3public_gateway_rendered_diff_acceptance_reviewer_check_count=15public_gateway_rendered_diff_acceptance_runtime_gate_count=0public_gateway_post_incident_readback_plan_candidate_count=3public_gateway_post_incident_readback_plan_c0_candidate_count=2public_gateway_post_incident_readback_plan_required_readback_field_count=30public_gateway_post_incident_readback_plan_reviewer_check_count=28public_gateway_post_incident_readback_plan_outcome_lane_count=10public_gateway_post_incident_readback_plan_blocked_action_count=41public_gateway_post_incident_readback_plan_post_incident_readback_received_count=0public_gateway_post_incident_readback_plan_post_incident_readback_accepted_count=0public_gateway_post_incident_readback_plan_nginx_test_authorized_count=0public_gateway_post_incident_readback_plan_nginx_reload_authorized_count=0public_gateway_post_incident_readback_plan_route_smoke_authorized_count=0public_gateway_post_incident_readback_plan_runtime_gate_count=0public_gateway_preflight_inventory_source_config_count=3public_gateway_preflight_inventory_route_impact_count=14public_gateway_preflight_inventory_preflight_gate_count=12public_gateway_preflight_inventory_runtime_gate_count=0host_service_config_inventory_surface_count=9host_service_config_inventory_write_capable_surface_count=3host_service_config_inventory_runtime_gate_count=0host_service_owner_response_acceptance_candidate_count=9host_service_owner_response_acceptance_write_capable_candidate_count=3host_service_owner_response_acceptance_required_owner_field_count=18host_service_owner_response_acceptance_reviewer_check_count=21host_service_owner_response_acceptance_outcome_lane_count=8host_service_owner_response_acceptance_blocked_action_count=27host_service_owner_response_acceptance_runtime_gate_count=0host_service_change_evidence_acceptance_candidate_count=9host_service_change_evidence_acceptance_required_evidence_field_count=25host_service_change_evidence_acceptance_reviewer_check_count=26host_service_change_evidence_acceptance_outcome_lane_count=10host_service_change_evidence_acceptance_blocked_action_count=39host_service_change_evidence_acceptance_received_count=0host_service_change_evidence_acceptance_accepted_count=0host_service_change_evidence_acceptance_docker_daemon_state_accepted_count=0host_service_change_evidence_acceptance_compose_stack_state_accepted_count=0host_service_change_evidence_acceptance_systemd_unit_state_accepted_count=0host_service_change_evidence_acceptance_failed_unit_review_accepted_count=0host_service_change_evidence_acceptance_port_binding_state_accepted_count=0host_service_change_evidence_acceptance_public_route_recovery_accepted_count=0host_service_change_evidence_acceptance_operator_notification_accepted_count=0host_service_change_evidence_acceptance_runtime_gate_count=0host_service_post_incident_readback_plan_candidate_count=9host_service_post_incident_readback_plan_write_capable_candidate_count=3host_service_post_incident_readback_plan_live_evidence_required_candidate_count=8host_service_post_incident_readback_plan_required_readback_field_count=28host_service_post_incident_readback_plan_reviewer_check_count=28host_service_post_incident_readback_plan_outcome_lane_count=10host_service_post_incident_readback_plan_blocked_action_count=41host_service_post_incident_readback_plan_post_incident_readback_received_count=0host_service_post_incident_readback_plan_post_incident_readback_accepted_count=0host_service_post_incident_readback_plan_docker_daemon_state_accepted_count=0host_service_post_incident_readback_plan_compose_stack_state_accepted_count=0host_service_post_incident_readback_plan_systemd_unit_state_accepted_count=0host_service_post_incident_readback_plan_failed_unit_review_accepted_count=0host_service_post_incident_readback_plan_port_binding_state_accepted_count=0host_service_post_incident_readback_plan_public_route_recovery_accepted_count=0host_service_post_incident_readback_plan_admin_route_recovery_accepted_count=0host_service_post_incident_readback_plan_agent_provider_health_accepted_count=0host_service_post_incident_readback_plan_monitoring_alert_accepted_count=0host_service_post_incident_readback_plan_operator_notification_accepted_count=0host_service_post_incident_readback_plan_cross_project_sync_accepted_count=0host_service_post_incident_readback_plan_no_false_green_accepted_count=0host_service_post_incident_readback_plan_runtime_gate_count=0ssh_network_access_inventory_surface_count=16ssh_network_access_inventory_write_capable_surface_count=6ssh_network_access_inventory_runtime_gate_count=0ssh_network_owner_response_acceptance_candidate_count=16ssh_network_owner_response_acceptance_write_capable_candidate_count=6ssh_network_owner_response_acceptance_reviewer_check_count=15ssh_network_owner_response_acceptance_runtime_gate_count=0ssh_network_owner_response_acceptance_firewall_owner_accepted_count=0ssh_network_owner_response_acceptance_port_policy_accepted_count=0ssh_network_owner_response_acceptance_wireguard_cutover_accepted_count=0port_firewall_change_evidence_acceptance_candidate_count=14port_firewall_change_evidence_acceptance_write_capable_candidate_count=6port_firewall_change_evidence_acceptance_policy_or_exposure_candidate_count=5port_firewall_change_evidence_acceptance_required_evidence_field_count=21port_firewall_change_evidence_acceptance_reviewer_check_count=21port_firewall_change_evidence_acceptance_outcome_lane_count=9port_firewall_change_evidence_acceptance_blocked_action_count=28port_firewall_change_evidence_acceptance_received_count=0port_firewall_change_evidence_acceptance_accepted_count=0port_firewall_change_evidence_acceptance_actor_identified_count=0port_firewall_change_evidence_acceptance_cross_project_sync_accepted_count=0port_firewall_change_evidence_acceptance_service_health_impact_accepted_count=0port_firewall_change_evidence_acceptance_operator_notification_accepted_count=0port_firewall_change_evidence_acceptance_postcheck_evidence_accepted_count=0port_firewall_change_evidence_acceptance_runtime_gate_count=0ssh_network_post_incident_readback_plan_candidate_count=14ssh_network_post_incident_readback_plan_write_capable_candidate_count=6ssh_network_post_incident_readback_plan_policy_or_exposure_candidate_count=5ssh_network_post_incident_readback_plan_required_readback_field_count=24ssh_network_post_incident_readback_plan_reviewer_check_count=24ssh_network_post_incident_readback_plan_outcome_lane_count=10ssh_network_post_incident_readback_plan_blocked_action_count=34ssh_network_post_incident_readback_plan_post_incident_readback_received_count=0ssh_network_post_incident_readback_plan_post_incident_readback_accepted_count=0ssh_network_post_incident_readback_plan_actor_attribution_accepted_count=0ssh_network_post_incident_readback_plan_before_after_state_accepted_count=0ssh_network_post_incident_readback_plan_public_route_impact_accepted_count=0ssh_network_post_incident_readback_plan_ai_provider_impact_accepted_count=0ssh_network_post_incident_readback_plan_monitoring_alert_impact_accepted_count=0ssh_network_post_incident_readback_plan_cross_project_sync_accepted_count=0ssh_network_post_incident_readback_plan_recurrence_guard_accepted_count=0ssh_network_post_incident_readback_plan_no_false_green_accepted_count=0ssh_network_post_incident_readback_plan_runtime_gate_count=0backup_restore_escrow_inventory_surface_count=38backup_restore_escrow_inventory_write_capable_surface_count=27backup_restore_escrow_inventory_runtime_gate_count=0backup_restore_escrow_inventory_restore_drill_accepted_count=0backup_restore_escrow_inventory_offsite_sync_accepted_count=0backup_restore_escrow_inventory_credential_escrow_accepted_count=0backup_restore_escrow_inventory_retention_change_accepted_count=0backup_restore_owner_response_acceptance_required_owner_field_count=23backup_restore_owner_response_acceptance_reviewer_check_count=22backup_restore_owner_response_acceptance_outcome_lane_count=9backup_restore_owner_response_acceptance_blocked_action_count=31backup_restore_owner_response_acceptance_freshness_slo_accepted_count=0backup_restore_owner_response_acceptance_restore_target_isolation_accepted_count=0backup_restore_owner_response_acceptance_remote_delete_guard_accepted_count=0backup_restore_owner_response_acceptance_backup_health_no_false_green_accepted_count=0monitoring_alerting_observability_inventory_surface_count=60monitoring_alerting_observability_inventory_alert_rule_surface_count=13monitoring_alerting_observability_inventory_deploy_or_reload_surface_count=6monitoring_alerting_observability_inventory_write_capable_surface_count=11monitoring_alerting_observability_inventory_runtime_gate_count=0monitoring_alerting_observability_inventory_reload_owner_accepted_count=0monitoring_alerting_observability_inventory_receiver_owner_accepted_count=0monitoring_alerting_observability_inventory_route_smoke_accepted_count=0monitoring_alerting_observability_coverage_percent=70monitoring_owner_response_acceptance_required_owner_field_count=14monitoring_owner_response_acceptance_reviewer_check_count=23monitoring_owner_response_acceptance_outcome_lane_count=12monitoring_owner_response_acceptance_blocked_action_count=34monitoring_owner_response_acceptance_false_green_risk_review_accepted_count=0monitoring_owner_response_acceptance_receiver_receipt_proof_accepted_count=0monitoring_owner_response_acceptance_stale_alert_review_accepted_count=0monitoring_owner_response_acceptance_silence_or_dedup_review_accepted_count=0monitoring_owner_response_acceptance_post_reload_readback_plan_accepted_count=0monitoring_owner_response_acceptance_runtime_gate_count=0monitoring_post_incident_readback_plan_candidate_count=60monitoring_post_incident_readback_plan_write_capable_candidate_count=11monitoring_post_incident_readback_plan_live_evidence_required_candidate_count=60monitoring_post_incident_readback_plan_alert_rule_candidate_count=13monitoring_post_incident_readback_plan_deploy_or_reload_candidate_count=6monitoring_post_incident_readback_plan_required_readback_field_count=30monitoring_post_incident_readback_plan_reviewer_check_count=28monitoring_post_incident_readback_plan_outcome_lane_count=11monitoring_post_incident_readback_plan_blocked_action_count=53monitoring_post_incident_readback_plan_post_incident_readback_received_count=0monitoring_post_incident_readback_plan_post_incident_readback_accepted_count=0monitoring_post_incident_readback_plan_receiver_receipt_readback_accepted_count=0monitoring_post_incident_readback_plan_stale_pending_resolved_review_accepted_count=0monitoring_post_incident_readback_plan_silence_mute_dedup_inhibit_review_accepted_count=0monitoring_post_incident_readback_plan_alert_chain_health_readback_accepted_count=0monitoring_post_incident_readback_plan_runtime_gate_count=0docker_compose_action_authorized=falsesystemctl_action_authorized=falserepair_bot_execution_authorized=falseansible_apply_authorized=falsessh_read_authorized=falsessh_write_authorized=falsesudo_action_authorized=falsefirewall_change_authorized=falseport_change_authorized=falseport_close_authorized=falseport_open_authorized=falsenetwork_policy_apply_authorized=falsenodeport_change_authorized=falsewireguard_change_authorized=falseknown_hosts_patch_authorized=falsehost_keyscan_authorized=falseruntime_execution_authorized=falsehost_write_authorized=falsehost_live_conf_read_authorized=falsenginx_test_authorized=falsepublic_gateway_reload_authorized=falsepublic_route_change_authorized=falseadmin_route_change_authorized=falsewebsocket_route_change_authorized=falseacme_challenge_change_authorized=falseroute_smoke_authorized=falserollback_executed=falsenginx_reload_authorized=falsedns_tls_change_authorized=falsecertbot_renew_authorized=falseargocd_api_read_authorized=falsehelm_upgrade_authorized=falserbac_change_authorized=falsebackup_run_authorized=falserestore_run_authorized=falserestore_drill_authorized=falseoffsite_sync_authorized=falseoffsite_remote_delete_authorized=falsecredential_escrow_marker_write_authorized=falseretention_change_authorized=falserestic_prune_authorized=falserclone_config_authorized=falsevelero_restore_authorized=falseprometheus_reload_authorized=falsealertmanager_reload_authorized=falsegrafana_dashboard_apply_authorized=falsesignoz_rule_apply_authorized=falsesentry_deploy_authorized=falselangfuse_config_change_authorized=falseotel_collector_reload_authorized=falsereceiver_route_change_authorized=falsesilence_policy_change_authorized=falsetelegram_send_authorized=falsenotification_route_change_authorized=falsewebhook_receiver_change_authorized=falseremote_write_change_authorized=falseexporter_deploy_authorized=falselive_alert_fire_authorized=falsealert_chain_smoke_authorized=falseruntime_config_change_authorized=falseapi_route_change_authorized=falsecors_change_authorized=falsefrontend_env_change_authorized=falsemiddleware_auth_change_authorized=falsecallback_url_change_authorized=falsewebhook_secret_change_authorized=falsesecurity_header_change_authorized=falsecookie_policy_change_authorized=falsecsrf_disable_authorized=falserate_limit_disable_authorized=falseapi_contract_change_authorized=falsei18n_public_text_internal_identity_allowed=falseinternal_ip_exposure_allowed=falserepo_namespace_exposure_allowed=falseowner_namespace_exposure_allowed=falseinternal_status_code_exposure_allowed=falseinternal_transcript_exposure_allowed=falseraw_payload_storage_allowed=falsedesktop_mobile_smoke_authorized=falsedatabase_migration_authorized=falseworkflow_modification_authorized=falsewebhook_modification_authorized=falserunner_change_authorized=falsedeploy_key_change_authorized=falsebranch_protection_change_authorized=falsecodeowners_change_authorized=falserepo_secret_change_authorized=falsesecret_hash_collection_allowed=falsepartial_token_collection_allowed=falsesecret_rotation_authorized=falsesecret_store_read_authorized=falsesecret_injection_change_authorized=falsegithub_hosted_runner_enable_authorized=falsegitea_action_dispatch_authorized=falsecd_pipeline_run_authorized=falsedeploy_marker_write_authorized=falsek8s_secret_injection_authorized=falseproduction_deploy_authorized=falserefs_sync_authorized=falseforce_push_authorized=falsegithub_primary_switch_authorized=falsedisable_gitea_authorized=falseactive_scan_authorized=falseagent_bounty_runtime_authorized=falsePublic Gateway Preflight
Nginx 入口變更前置 Gate 已成只讀表
這張卡把 public gateway reload 或 route change 前必備的 owner、live conf、rendered diff、nginx -t、route smoke、maintenance window 與 rollback 欄位固定下來;目前只顯示 repo-only 證據,不讀 live 主機、不 reload、不改 DNS 或憑證。
Source config
3
三份 Nginx source-of-truth 進入 preflight。
Route impact
14
14 個 domain / route 影響面需後續 owner review。
前置 Gate
12
12 個 reload 前置 Gate 已固定。
執行期
0
仍為 0,不產生 reload 或 route change 入口。
PG1
Source hash 可重跑
狀態:repo-only ready
repo raw / normalized hash 已可作為後續 drift 比對基準,但尚未代表 live 一致。
PG2
影響 route 已列清
狀態:14 route
route、upstream、TLS、ACME、admin 與 WebSocket 影響面已整理成 preflight 清單。
PG3
Owner / live / diff 仍為 0
狀態:0 accepted
owner response、owner-provided live conf 與 rendered diff 尚未收到或接受。
PG4
nginx -t 尚未執行
狀態:0 evidence
語法測試需要維護窗口與負責人證據;目前沒有執行,也不能用 UI 取代。
PG5
Route smoke 尚未驗收
狀態:0 evidence
public、admin、WebSocket / API smoke 仍全部為 0,只能等待後續 owner 提供證據。
PG6
Reload 仍鎖住
狀態:未開閘
不 SSH、不讀 live conf、不 reload Nginx、不改 DNS / TLS / ACME,也不新增操作按鈕。
Public gateway preflight 邊界
以下鍵值固定:preflight 可見不代表 Nginx reload、live conf 讀取、route change、nginx -t、route smoke、certbot renew 或主機寫入已授權。
public_gateway_preflight_frontstage_summary_count=4public_gateway_preflight_frontstage_item_count=6public_gateway_preflight_source_config_count=3public_gateway_preflight_c0_source_config_count=2public_gateway_preflight_managed_domain_count=14public_gateway_preflight_route_impact_count=14public_gateway_preflight_unique_upstream_count=14public_gateway_preflight_tls_certificate_path_count=10public_gateway_preflight_certificate_owner_confirmation_required_count=4public_gateway_preflight_admin_route_domain_count=1public_gateway_preflight_websocket_route_domain_count=6public_gateway_preflight_acme_challenge_domain_count=7public_gateway_preflight_gate_count=12public_gateway_preflight_repo_only_ready_count=2public_gateway_preflight_owner_acceptance_required_gate_count=10public_gateway_preflight_gate_accepted_count=0public_gateway_preflight_owner_response_received_count=0public_gateway_preflight_owner_response_accepted_count=0public_gateway_preflight_owner_provided_live_conf_received_count=0public_gateway_preflight_rendered_diff_ready_count=0public_gateway_preflight_nginx_test_evidence_count=0public_gateway_preflight_route_smoke_evidence_count=0public_gateway_preflight_maintenance_window_accepted_count=0public_gateway_preflight_rollback_owner_accepted_count=0public_gateway_preflight_runtime_gate_count=0public_gateway_preflight_action_button_count=0public_gateway_preflight_coverage_percent_before_preflight=78public_gateway_preflight_coverage_percent_after_preflight=84runtime_execution_authorized=falsehost_live_conf_read_authorized=falsessh_read_authorized=falsessh_write_authorized=falsehost_write_authorized=falsenginx_test_authorized=falsenginx_reload_authorized=falsepublic_gateway_reload_authorized=falsepublic_route_change_authorized=falseadmin_route_change_authorized=falsewebsocket_route_change_authorized=falseacme_challenge_change_authorized=falseroute_smoke_authorized=falserollback_executed=falsesecret_value_collection_allowed=falseaction_buttons_allowed=falsenot_authorization=true高價值配置 Owner Packet
配置變更已能產生負責人回覆草案,但仍不開執行期
高價值配置 Gate 已把 Nginx、DNS / TLS 與 security tooling 變更轉成 canonical owner response packet 草案;目前只顯示 packet、欄位與邊界,request / received / accepted / runtime gate 全部維持 0。
Packet 草案
3
已由分類 Gate 產生三包草案。
C0 高風險
2
兩包 C0 只代表補件優先序,不升高 runtime。
已收 / 已接受
0 / 0
兩者皆為 0,不能假性前進。
執行期
0
仍為 0,不產生按鈕。
閘門 HV1
Owner packet 草案已可見
狀態:草案 3
草案整理 Nginx public gateway、DNS / TLS / certbot 與 security tooling 的 owner 欄位、驗證需求與 rollback 欄位,不代表已送件或已收件。
閘門 HV2
目前最高命中 C0 / P0
狀態:C0 / P0
目前 snapshot 命中 Nginx public gateway 與 DNS / TLS / certbot C0;這只代表 owner response 補件優先,不代表可 reload、renew 或改 route。
閘門 HV3
欄位對齊 S4.9 envelope
狀態:9 欄
owner role / team、decision、decision reason、affected scope、redacted evidence refs、followup owner、rollback owner、maintenance window 與 validation plan 已成為 packet 欄位。
閘門 HV4
尚未送出 owner request
狀態:未送件
request_sent_count 仍為 0;此卡只能提示下一步,不建立正式收件或審批。
閘門 HV5
尚未收到或接受回覆
狀態:未收件
received_response_count 與 accepted_response_count 仍為 0,總體 IwoooS 進度不因此提高。
閘門 HV6
執行期仍鎖住
狀態:未開閘
不開 Nginx reload、ArgoCD sync、kubectl、workflow 修改、agent-bounty runtime、payout 或主機操作。
高價值配置收件邊界
以下鍵值固定:此卡只顯示 owner packet 草案與禁止動作,不代表 Nginx reload、workflow 修改、secret rotation、agent-bounty runtime 或任何主機操作已授權。
high_value_config_owner_packet_frontstage_summary_count=4high_value_config_owner_packet_frontstage_item_count=6high_value_config_owner_packet_count=3high_value_config_owner_packet_c0_packet_count=2high_value_config_owner_packet_c1_packet_count=0high_value_config_owner_packet_nginx_public_gateway_affected_file_count=1high_value_config_owner_packet_dns_tls_certbot_affected_file_count=2high_value_config_owner_packet_security_evidence_tooling_affected_file_count=3high_value_config_owner_packet_request_sent_count=0high_value_config_owner_packet_received_response_count=0high_value_config_owner_packet_accepted_response_count=0high_value_config_owner_packet_runtime_gate_count=0high_value_config_owner_packet_action_buttons_allowed=falseruntime_execution_authorized=falseactive_runtime_gate_count=0action_buttons_allowed=falsenot_authorization=truesecret_value_collection_allowed=falsenginx_reload_authorized=falseworkflow_modification_authorized=falseagent_bounty_runtime_authorized=falseDNS / TLS / certbot 清冊
公開入口憑證與 ACME 關係已納入只讀控管
此清冊只從 Nginx source-of-truth 推導 domain、憑證路徑、ACME、admin route 與 WebSocket 影響面;目前不做 DNS 查詢、TLS probe、certbot renew 或 Nginx reload。
Domain
14
從三份 Nginx source config 盤到 14 個 domain。
憑證路徑
10
目前 repo-only 清冊包含 10 條 fullchain path。
待確認
4
4 個 certificate path 關係需 owner 確認 SAN 或共用憑證。
執行期
0
仍為 0,不產生 renew 或 reload 入口。
檢核 DT1
來源固定為 repo-only
狀態:3 來源
清冊來源是 Nginx drift repo snapshot;沒有 SSH、host read、live hash 或私鑰內容。
檢核 DT2
公開 domain 關係已成表
狀態:14 domain
每個 domain 都保留 host、config id、source path、listen、upstream 與控制等級。
檢核 DT3
ACME challenge 已標記
狀態:7 domain
7 個 domain 帶有 ACME challenge route,可供後續 owner review 與 smoke plan 使用。
檢核 DT4
憑證路徑需 owner 確認
狀態:4 待確認
gitea、langfuse、signoz 與 tsenyang.com 的憑證路徑關係需要 owner 補 SAN / wildcard / 共用憑證證據。
檢核 DT5
不做 live 變更
狀態:未開閘
不 DNS 查詢、不 TLS probe、不 certbot renew、不 Nginx reload、不主機寫入,也不提高 IwoooS 進度。
DNS / TLS 只讀邊界
以下鍵值固定:這張卡只顯示 repo-only 清冊與 owner 確認缺口,不代表 DNS 修改、TLS renew、Nginx reload、live probe 或主機操作已授權。
domain_tls_certbot_inventory_frontstage_summary_count=4domain_tls_certbot_inventory_frontstage_item_count=5domain_tls_certbot_inventory_source_config_count=3domain_tls_certbot_inventory_managed_domain_count=14domain_tls_certbot_inventory_unique_certificate_path_count=10domain_tls_certbot_inventory_acme_challenge_domain_count=7domain_tls_certbot_inventory_owner_confirmation_required_count=4domain_tls_certbot_inventory_admin_route_domain_count=1domain_tls_certbot_inventory_websocket_route_domain_count=6domain_tls_certbot_inventory_request_sent_count=0domain_tls_certbot_inventory_received_response_count=0domain_tls_certbot_inventory_accepted_response_count=0domain_tls_certbot_inventory_runtime_gate_count=0domain_tls_certbot_inventory_live_tls_probe_executed=falsedomain_tls_certbot_inventory_dns_change_executed=falsedomain_tls_certbot_inventory_certbot_renew_executed=falsedomain_tls_certbot_inventory_nginx_reload_executed=falsedomain_tls_certbot_inventory_action_buttons_allowed=falseruntime_execution_authorized=falseactive_runtime_gate_count=0action_buttons_allowed=falsenot_authorization=truesecret_value_collection_allowed=false首層證據與S4.9 下鑽把焦點導覽、深度地圖、證據流、解鎖佇列與S4.9 草稿收合;首屏先保留摘要、64% 解鎖路徑、資安網圖、閘門矩陣與拓樸圖譜。
首屏資安網視覺模型
資安關聯視覺模型
將產品、主機、版本來源、監控工具、AwoooP 真相鏈與閘門 0 放在同一張圖;先建立關聯視角,再下鑽查證據。
資產
9
主機
3
執行閘門
0
中心節點
IwoooS 資安網
目前只做可視化與證據定位,沒有開啟掃描、修復、主機更新或版本來源變更。
9
產品與網站
AwoooI、AwoooP、IwoooS、公開網站與任務媒合產品 先進入同一張只讀視圖。
host:kali-readonly / host:dev-a / host:dev-b
Kali與開發主機
host:kali-readonly、host:dev-a、host:dev-b只呈現觀測與證據窗口,不直接連線執行。
S4.9
GitHub / Gitea
版本主來源仍等 S4.9 負責人回覆與脫敏證據。
6
監控與工具鏈
MCP、Ansible、KM、告警與監控資料先做證據接線。
已接線
AwoooP 真相鏈
跨工作線狀態、工作項目與部署證據維持同步。
閘門 0
閘門 0
掃描、修復、部署、主機變更與版本來源變更全部仍鎖住。
視覺模型邊界
這張圖是首屏理解模型,不是操作面板;所有高風險動作仍需人工批准與後續執行期閘門。
iwooos_immediate_visual_mesh_first_layer=trueiwooos_immediate_visual_mesh_node_count=7iwooos_immediate_visual_mesh_link_count=6iwooos_immediate_visual_mesh_above_command_map=trueiwooos_immediate_visual_mesh_anchor_navigation_allowed=falseiwooos_immediate_visual_mesh_execution_action_buttons_allowed=falseiwooos_immediate_visual_mesh_runtime_gate_count=0iwooos_immediate_visual_mesh_scan_authorized=falseiwooos_immediate_visual_mesh_host_change_authorized=falseiwooos_immediate_visual_mesh_source_control_mutation_authorized=falseruntime_execution_authorized=falseactive_runtime_gate_count=0action_buttons_allowed=falsenot_authorization=true專業架構與拓樸圖譜
用圖譜看攻擊面、資產關係與證據流
將主流資安產品常見的圖譜、攻擊路徑、爆炸半徑與證據線濃縮成四個可切換視角;少文字、多圖表,仍維持執行閘 0。
圖譜視角
程式碼 → 資產 → 主機 → 證據 → 閘門
5層
架構分層
用五層結構看 IwoooS:產品與網站、版本來源、Kali / 開發主機、監控與AwoooP、最後才是執行閘。
目前可見
9 類產品 / 網站、3 台主機、6 條工具鏈已進入同一張只讀圖譜。
下一步
將 S4.9 負責人回覆與脫敏證據接成可驗證節點。
仍鎖住
架構圖不是執行期授權,不代表可以掃描或修復。
路徑探索器
5節點證據
9 類資產與版本來源已在同一張圖。
風險
公開入口仍需接上可信版本證據。
下一步
先補 S4.9 負責人回覆。
鎖定
不開掃描與自動修復。
圖譜情報面板
將關聯、路徑、半徑與時序放在同一層
參考 XDR / CNAPP 常見的調查體驗:先用可點選情報卡看資安脈絡,再下鑽到節點與證據,不把頁面變成長文字清單。
8資產
訊號
9 類產品、網站與新專案已進入同一個資產面。
判讀
先確認哪些入口已納管,再下鑽檢視資產證據。
下一步
補上負責人證據後,資產圖才能變成可信驗收範圍。
目前可信度
68%
關聯已可讀;尚未代表完成驗收。
節點下鑽
9 資產產品 / 網站
關聯
9 資產
證據
只讀
下一步
S4.9
邊界
執行閘 0
以同一資產面呈現 AwoooI、AwoooP、IwoooS、公開網站、任務媒合產品 與 代理賞金協議 的關聯、責任邊界與低摩擦治理狀態。
9
外部資產面
公開網站、產品入口、任務媒合產品 與 代理賞金協議 先進入可理解範圍。
S4.9
版本來源面
GitHub 主來源 / Gitea 遷移仍等 S4.9 證據。
3
主機拓樸面
host:kali-readonly、host:dev-a、host:dev-b 維持只讀觀測顯示。
6
證據營運面
監控、KM、MCP、Ansible與AwoooP 對齊。
0
執行閘面
執行期閘門、掃描與修復仍全部鎖住。
關聯深度
4段已把程式碼到執行期的理解路徑壓成四段。
爆炸半徑
0未授權探測前維持 0,不誤導成已驗證攻擊半徑。
證據新鮮度
S4.9目前主要待補項目仍是 S4.9 負責人證據。
圖譜邊界
這張圖是專業可視化與理解層,不是掃描拓樸、不是自動修復、不是 GitHub / Gitea 切換授權。
iwooos_topology_atlas_first_layer=trueiwooos_topology_atlas_lens_count=4iwooos_topology_atlas_node_count=7iwooos_topology_drilldown_node_count=7iwooos_topology_drilldown_default_node=productSurfaceiwooos_topology_drilldown_interactive_node_allowed=trueiwooos_topology_path_explorer_path_count=4iwooos_topology_path_explorer_default_path=externalToGateiwooos_topology_path_explorer_interactive_path_allowed=trueiwooos_topology_intelligence_deck_count=4iwooos_topology_intelligence_default_item=assetContextiwooos_topology_intelligence_interactive_item_allowed=trueiwooos_topology_atlas_layer_count=5iwooos_topology_atlas_technical_chart_count=3iwooos_topology_atlas_interactive_lens_allowed=trueiwooos_topology_atlas_execution_action_buttons_allowed=falseiwooos_topology_drilldown_execution_action_buttons_allowed=falseiwooos_topology_path_explorer_execution_action_buttons_allowed=falseiwooos_topology_intelligence_execution_action_buttons_allowed=falseiwooos_topology_atlas_runtime_gate_count=0iwooos_topology_drilldown_runtime_gate_count=0iwooos_topology_path_explorer_runtime_gate_count=0iwooos_topology_intelligence_runtime_gate_count=0iwooos_topology_atlas_scan_authorized=falseiwooos_topology_atlas_host_change_authorized=falseiwooos_topology_atlas_source_control_mutation_authorized=falseiwooos_topology_drilldown_scan_authorized=falseiwooos_topology_drilldown_host_change_authorized=falseiwooos_topology_drilldown_source_control_mutation_authorized=falseiwooos_topology_path_explorer_scan_authorized=falseiwooos_topology_path_explorer_host_change_authorized=falseiwooos_topology_path_explorer_source_control_mutation_authorized=falseiwooos_topology_intelligence_scan_authorized=falseiwooos_topology_intelligence_host_change_authorized=falseiwooos_topology_intelligence_source_control_mutation_authorized=falseruntime_execution_authorized=falseactive_runtime_gate_count=0action_buttons_allowed=falsenot_authorization=true決策與S4.9 解鎖圖表將決策跑道、執行閘雷達、命令地圖與第一解鎖路徑收在同一個可展開區;真正能推動 64%的負責人回覆仍維持已收件 0、已接受 0、執行期閘門 0。
視覺化資安指揮板
視覺化證據總覽
第一層只呈現風險、覆蓋、閘門與主機缺口。詳細文件、長說明與合約轉到下方可展開區。
整體態勢
64%
目前重點進度 64%
框架完成
92%
文件 / 結構定義 / 證據
落地執行
45%
仍在閘門 0
OK
核心產品
IwoooS / AwoooP 已連動
7/7
網站入口
七類產品先只讀套用
新專案
任務媒合產品
新專案只讀納管
host:kali-readonly
Kali host:kali-readonly
只讀快照已接入
2
開發主機
host:dev-b / host:dev-a 納入視野
0
GitHub 主來源
等待負責人證據
0
執行期閘門
主動執行為 0
閘門矩陣
Kali 維護
1994 套件待維護窗口
S3.41994
負責人回覆
S4.9仍未收到可驗收回覆
S4.90/5
版本主來源
尚未批准切換 GitHub 主來源
S4.100
執行期
掃描、修復、更新都未開閘
閘門 00
展開證據 / 主機 / 動作下鑽
證據:快照、守門、LOGBOOK、審批佇列保留在下方可展開區。
主機:Kali host:kali-readonly、開發主機 host:dev-b / host:dev-a都以只讀納管,不直接 SSH或掃描。
動作:所有高風險動作仍需人工決策,頁面不提供執行按鈕。