Add allowed/forbidden workflow steps to the review-merge skill and document the #594 cleanup gate on the Safety-and-Gates wiki page.
2.0 KiB
2.0 KiB
Safety and Gates
Navigation
- Home | Operator Guide | Repositories Map | Identity and Profiles | Workflow Model | Safety and Gates | MCP Tools Reference | Operator Runbooks | Open Decisions | Project History
Prompts express intent; MCP tools enforce safety.
Primary gates
- Fail closed — Unknown tasks, missing capability resolution, or profile mismatches block mutations.
- Task capability map —
gitea_resolve_task_capabilitymust precede gated issue/PR mutations. - Issue lock —
gitea_lock_issuerequired before author implementation on a tracked issue. - Head SHA pinning — Reviews and merges refuse when the PR head moved.
- Explicit merge confirmation —
gitea_merge_prrequiresconfirmation="MERGE PR <n>". - No self-review / self-merge — Authenticated user must differ from PR author for approve/merge.
- Review decision lock — Live review mutations require validation-phase dry-run and
gitea_mark_final_review_decision. - Terminal review hard-stop (#332) — After a terminal live review mutation, only same-PR merge after
approvemay continue. Durable locks (#559) must not be deleted by hand. - Stale decision-lock cleanup (#594) —
gitea_cleanup_stale_review_decision_lockmay clear a durable #332 lock only when the last terminal mutation's PR is live-state merged or closed, identity/profile gates pass, and apply uses a reviewer-capable profile. Open/ambiguous locks stay fail-closed. Successful cleanup records a durable audit trail. - Redaction — Tokens, passwords, and keychain material never appear in tool output.
- Wiki publication (#224) —
docs/wiki/and the sync helper are prerequisites only. Closing a wiki issue requires live Gitea Wiki proof on the repo Wiki tab. See Runbooks.