You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Batch 4 of 26 (rotation index 4). Five Draft specs reviewed: model-alias-specification.md, repository-package-manifest-specification.md, safe-outputs-specification.md, github-mcp-access-control-specification.md, and guard-policies-specification.md. All have gaps in Safeguards, Sync Notes, or Norms; one is still proposal-grade and needs structural promotion.
Priority Work Queue
P0
guard-policies-specification.md is a proposal doc; promote to formal spec (Conformance + Safeguards sections) before implementation can be verified.
repository-package-manifest-specification.md has no Safeguards/Norms; atomic-write and rollback safety are unspecified.
model-alias-specification.md §13: Max alias recursion depth is unstated; overflow error code missing.
github-mcp-access-control-specification.md §11: Compliance test fixtures referenced but not created.
P2
Norms language in model-alias-specification.md §15 needs RFC 2119 keywords.
guard-policies-specification.md: Deprecation policy for legacy repos field is informal.
SPDD Checklist
[/spdd-generate]scratchpad/guard-policies-specification.md — Add ## Conformance, ## Entities, and ## Safeguards sections (≥3 MUST each) to match W3C-style structure. Done when document mirrors github-mcp-access-control-specification.md format.
[/spdd-generate]docs/src/content/docs/specs/repository-package-manifest-specification.md — Add ## 10. Safeguards covering atomic-write guarantee, rollback on failure, and filesystem permission errors. Done when §5.1 and §5.3 each cross-reference Safeguards.
[/spdd-generate]docs/src/content/docs/specs/repository-package-manifest-specification.md — Add ## 11. Norms with ≥4 SHOULD/MUST-NOT rules for naming, description length, and orphan-file warnings. Done when all informal SHOULD warn prose in §7 maps to a normative rule.
[/spdd-analysis]docs/src/content/docs/specs/safe-outputs-specification.md §11 — Define a normative decision table for cross-integrity cache reads (approved run reading unapproved branch). Done when §11 contains a MUST-level algorithm.
[/spdd-reasons-canvas]docs/src/content/docs/specs/model-alias-specification.md §13 — Add a MUST requirement naming the max recursion depth integer and the error code on overflow. Done when §13 contains a concrete limit and a test case ID.
[/spdd-generate]scratchpad/github-mcp-access-control-specification.md §11 — Create ≥5 compliance fixture stubs in specs/ covering exact-match allow, wildcard deny, role-deny, private-repo block, integrity-level block. Done when §11 links to those files.
[/spdd-sync]scratchpad/guard-policies-specification.md — Add ## Sync Notes citing pkg/workflow/mcp_github_config.go, pkg/workflow/safeoutputs_guard_policy_test.go, and deprecated repos migration path. Done when ≥2 Go paths are referenced.
[/spdd-reasons-canvas]docs/src/content/docs/specs/repository-package-manifest-specification.md §4.8 — Add MUST NOT path-traversal rule for files entries. Done when §4.8 explicitly prohibits ../ patterns.
[/spdd-sync]docs/src/content/docs/specs/model-alias-specification.md §14 — Expand Sync Notes stubs with ≥2 Go source file paths for alias resolution and parameter parsing.
Summary
Batch 4 of 26 (rotation index 4). Five Draft specs reviewed:
model-alias-specification.md,repository-package-manifest-specification.md,safe-outputs-specification.md,github-mcp-access-control-specification.md, andguard-policies-specification.md. All have gaps in Safeguards, Sync Notes, or Norms; one is still proposal-grade and needs structural promotion.Priority Work Queue
P0
guard-policies-specification.mdis a proposal doc; promote to formal spec (Conformance + Safeguards sections) before implementation can be verified.repository-package-manifest-specification.mdhas no Safeguards/Norms; atomic-write and rollback safety are unspecified.P1
safe-outputs-specification.md §11: Cache-memory branch reconciliation algorithm is undefined (cross-integrity read behaviour).model-alias-specification.md §13: Max alias recursion depth is unstated; overflow error code missing.github-mcp-access-control-specification.md §11: Compliance test fixtures referenced but not created.P2
model-alias-specification.md §15needs RFC 2119 keywords.guard-policies-specification.md: Deprecation policy for legacyreposfield is informal.SPDD Checklist
scratchpad/guard-policies-specification.md— Add## Conformance,## Entities, and## Safeguardssections (≥3 MUST each) to match W3C-style structure. Done when document mirrorsgithub-mcp-access-control-specification.mdformat.docs/src/content/docs/specs/repository-package-manifest-specification.md— Add## 10. Safeguardscovering atomic-write guarantee, rollback on failure, and filesystem permission errors. Done when §5.1 and §5.3 each cross-reference Safeguards.docs/src/content/docs/specs/repository-package-manifest-specification.md— Add## 11. Normswith ≥4 SHOULD/MUST-NOT rules for naming, description length, and orphan-file warnings. Done when all informalSHOULD warnprose in §7 maps to a normative rule.docs/src/content/docs/specs/safe-outputs-specification.md §11— Define a normative decision table for cross-integrity cache reads (approved run reading unapproved branch). Done when §11 contains a MUST-level algorithm.docs/src/content/docs/specs/model-alias-specification.md §13— Add a MUST requirement naming the max recursion depth integer and the error code on overflow. Done when §13 contains a concrete limit and a test case ID.scratchpad/github-mcp-access-control-specification.md §11— Create ≥5 compliance fixture stubs inspecs/covering exact-match allow, wildcard deny, role-deny, private-repo block, integrity-level block. Done when §11 links to those files.scratchpad/guard-policies-specification.md— Add## Sync Notescitingpkg/workflow/mcp_github_config.go,pkg/workflow/safeoutputs_guard_policy_test.go, and deprecatedreposmigration path. Done when ≥2 Go paths are referenced.docs/src/content/docs/specs/repository-package-manifest-specification.md §4.8— Add MUST NOT path-traversal rule forfilesentries. Done when §4.8 explicitly prohibits../patterns.docs/src/content/docs/specs/model-alias-specification.md §14— Expand Sync Notes stubs with ≥2 Go source file paths for alias resolution and parameter parsing.Per-Spec Findings
model-alias-specification.md (v1.2.0)
repository-package-manifest-specification.md (v0.2.0)
files.safe-outputs-specification.md (v1.24.0)
IntegrityBranchintroduced but branch-selection algorithm not normative.github-mcp-access-control-specification.md (v1.1.0)
blocked-usersprecedence overtrusted-usersnot normative.guard-policies-specification.md (v0.1.0)
reposdeprecation informal; security implications ofallowed-repos: allunaddressed.Sync Follow-ups
guard-policies-specification.md: updatepkg/workflow/tools_types.godoc-comments to reference spec version.pkg/workflow/compiler_orchestrator_workflow.gohonours atomic-write MUST.specs/compliance test discovery.Context
model-alias-specification.md,repository-package-manifest-specification.md,safe-outputs-specification.md,github-mcp-access-control-specification.md,guard-policies-specification.md