feat(#263): WallGuard collaboration and delegation admission gate — gate module, extended fixtures, Makefile target

Makefile

@@ -1,6 +1,6 @@
-.PHONY: validate test validate-agent-cycle-health validate-authority-dependency-evidence validate-prometheus-sr validate-reasoning-failure-traces validate-governance-context validate-lattice-data-governai-execution-refs validate-lattice-runtime-profile-refs validate-network-native-assistant-evidence validate-guardrail-evidence-artifacts validate-stop-gate-evaluator validate-guarded-workcell-artifact validate-guarded-workcell-executor validate-guarded-invocation-artifact validate-guarded-invocation validate-agentic-pr-work-order validate-semantic-enterprise-agent-boundary validate-ops-history-contracts validate-action-contracts validate-agent-operation-contract validate-superconscious-reasoning-import validate-agent-harness-runtime-contracts validate-bounded-action-loop agentplane-evidence-receipt-composition-tier2-binding-ci lawful-learning-phase9-contract-ci validate-evidence-receipt-binding validate-semantic-activation-receipt validate-governed-run-contract validate-preflight-receipt validate-attempt-admission-receipt validate-verification-execution-receipt validate-synthetic-verification-receipt validate-governed-runner-v0-2-contract-chain validate-budget-settlement-receipt validate-rollback-receipts validate-run-dossier validate-governed-runner-readonly validate-workroom-context-evidence validate-wallguard-collaboration-admission validate-prophet-mesh-agentplane-adapter
+.PHONY: validate test validate-agent-cycle-health validate-authority-dependency-evidence validate-prometheus-sr validate-reasoning-failure-traces validate-governance-context validate-lattice-data-governai-execution-refs validate-lattice-runtime-profile-refs validate-network-native-assistant-evidence validate-guardrail-evidence-artifacts validate-stop-gate-evaluator validate-guarded-workcell-artifact validate-guarded-workcell-executor validate-guarded-invocation-artifact validate-guarded-invocation validate-agentic-pr-work-order validate-semantic-enterprise-agent-boundary validate-ops-history-contracts validate-action-contracts validate-agent-operation-contract validate-superconscious-reasoning-import validate-agent-harness-runtime-contracts validate-bounded-action-loop agentplane-evidence-receipt-composition-tier2-binding-ci lawful-learning-phase9-contract-ci validate-evidence-receipt-binding validate-semantic-activation-receipt validate-governed-run-contract validate-preflight-receipt validate-attempt-admission-receipt validate-verification-execution-receipt validate-synthetic-verification-receipt validate-governed-runner-v0-2-contract-chain validate-budget-settlement-receipt validate-rollback-receipts validate-run-dossier validate-governed-runner-readonly validate-workroom-context-evidence validate-wallguard-collaboration-admission validate-prophet-mesh-agentplane-adapter validate-civic-stack-runtime-evidence validate-conversational-evidence validate-concept-to-artifact-lineage validate-model-routing-lane-receipts validate-shir-governed-chain-job validate-device-actuation-boundary validate-reasoning-run-evidence validate-graph-aware-work-orders validate-orggov-work-order-evidence-bridge validate-substrate-trust-gates validate-workcell-stop-gates validate-rollback-restore validate-agentic-runtime-state validate-wallguard-collaboration-gate
 
-validate: validate-agent-cycle-health validate-authority-dependency-evidence validate-prometheus-sr validate-reasoning-failure-traces validate-governance-context validate-lattice-data-governai-execution-refs validate-lattice-runtime-profile-refs validate-network-native-assistant-evidence validate-guardrail-evidence-artifacts validate-stop-gate-evaluator validate-guarded-workcell-artifact validate-guarded-workcell-executor validate-guarded-invocation-artifact validate-guarded-invocation validate-agentic-pr-work-order validate-semantic-enterprise-agent-boundary validate-ops-history-contracts validate-action-contracts validate-agent-operation-contract validate-superconscious-reasoning-import validate-agent-harness-runtime-contracts validate-bounded-action-loop agentplane-evidence-receipt-composition-tier2-binding-ci lawful-learning-phase9-contract-ci validate-evidence-receipt-binding validate-semantic-activation-receipt validate-governed-run-contract validate-preflight-receipt validate-attempt-admission-receipt validate-verification-execution-receipt validate-synthetic-verification-receipt validate-governed-runner-v0-2-contract-chain validate-budget-settlement-receipt validate-rollback-receipts validate-run-dossier validate-governed-runner-readonly validate-workroom-context-evidence validate-wallguard-collaboration-admission validate-prophet-mesh-agentplane-adapter
+validate: validate-agent-cycle-health validate-authority-dependency-evidence validate-prometheus-sr validate-reasoning-failure-traces validate-governance-context validate-lattice-data-governai-execution-refs validate-lattice-runtime-profile-refs validate-network-native-assistant-evidence validate-guardrail-evidence-artifacts validate-stop-gate-evaluator validate-guarded-workcell-artifact validate-guarded-workcell-executor validate-guarded-invocation-artifact validate-guarded-invocation validate-agentic-pr-work-order validate-semantic-enterprise-agent-boundary validate-ops-history-contracts validate-action-contracts validate-agent-operation-contract validate-superconscious-reasoning-import validate-agent-harness-runtime-contracts validate-bounded-action-loop agentplane-evidence-receipt-composition-tier2-binding-ci lawful-learning-phase9-contract-ci validate-evidence-receipt-binding validate-semantic-activation-receipt validate-governed-run-contract validate-preflight-receipt validate-attempt-admission-receipt validate-verification-execution-receipt validate-synthetic-verification-receipt validate-governed-runner-v0-2-contract-chain validate-budget-settlement-receipt validate-rollback-receipts validate-run-dossier validate-governed-runner-readonly validate-workroom-context-evidence validate-wallguard-collaboration-admission validate-prophet-mesh-agentplane-adapter validate-civic-stack-runtime-evidence validate-conversational-evidence validate-concept-to-artifact-lineage validate-model-routing-lane-receipts validate-shir-governed-chain-job validate-device-actuation-boundary validate-reasoning-run-evidence validate-graph-aware-work-orders validate-orggov-work-order-evidence-bridge validate-substrate-trust-gates validate-workcell-stop-gates validate-rollback-restore validate-agentic-runtime-state validate-wallguard-collaboration-gate
 	python3 tools/validate_execution_timing.py
 
 validate-governance-context:
@@ -248,6 +248,65 @@ validate-prophet-mesh-agentplane-adapter:
 	python3 -m json.tool contracts/prophet-mesh/prophet-mesh-agentplane-adapter.v0.1.json >/dev/null
 	python3 tools/validate_prophet_mesh_agentplane_adapter.py
 
+validate-civic-stack-runtime-evidence:
+	python3 -m json.tool schemas/civic-stack-run-capsule.schema.v0.1.json >/dev/null
+	python3 tools/validate_civic_stack_runtime_evidence.py
+
+validate-conversational-evidence:
+	python3 -m json.tool schemas/conversational-action-evidence.schema.v0.1.json >/dev/null
+	python3 -m json.tool schemas/conversational-replay-record.schema.v0.1.json >/dev/null
+	python3 tools/validate_conversational_evidence.py
+
+validate-concept-to-artifact-lineage:
+	python3 -m json.tool schemas/concept-to-artifact-lineage-receipt.schema.v0.1.json >/dev/null
+	python3 tools/validate_concept_to_artifact_lineage.py
+
+validate-model-routing-lane-receipts:
+	python3 -m json.tool schemas/model-routing-lane-decision-receipt.schema.v0.1.json >/dev/null
+	python3 tools/validate_model_routing_lane_receipts.py
+
+validate-shir-governed-chain-job:
+	python3 -m json.tool schemas/shir-governed-chain-job.schema.v0.1.json >/dev/null
+	python3 tools/validate_shir_governed_chain_job.py
+
+validate-device-actuation-boundary:
+	python3 -m json.tool schemas/device-actuation-boundary-receipt.schema.v0.1.json >/dev/null
+	python3 tools/validate_device_actuation_boundary.py
+
+validate-reasoning-run-evidence:
+	python3 -m json.tool schemas/reasoning-run-evidence-receipt.schema.v0.1.json >/dev/null
+	python3 tools/validate_reasoning_run_evidence.py
+
+validate-graph-aware-work-orders:
+	python3 -m json.tool schemas/graph-aware-work-order.schema.v0.1.json >/dev/null
+	python3 tools/validate_graph_aware_work_orders.py
+
+validate-orggov-work-order-evidence-bridge:
+	python3 -m json.tool schemas/orggov-work-order-evidence-bridge.schema.v0.1.json >/dev/null
+	python3 tools/validate_orggov_work_order_evidence_bridge.py
+
+validate-substrate-trust-gates:
+	python3 -m json.tool schemas/substrate-trust-gate.schema.v0.1.json >/dev/null
+	python3 tools/validate_substrate_trust_gates.py
+
+validate-workcell-stop-gates:
+	python3 -m json.tool schemas/human-override-artifact.schema.v0.1.json >/dev/null
+	python3 -m json.tool schemas/guardrail-replay-artifact.schema.v0.1.json >/dev/null
+	python3 tools/validate_workcell_stop_gates.py
+
+validate-rollback-restore:
+	python3 -m json.tool schemas/rollback-restore-request.schema.v0.1.json >/dev/null
+	python3 -m json.tool schemas/rollback-restore-receipt.schema.v0.1.json >/dev/null
+	python3 tools/validate_rollback_restore.py
+
+validate-agentic-runtime-state:
+	python3 -m json.tool schemas/agentic-runtime-state.schema.v0.1.json >/dev/null
+	python3 tools/validate_agentic_runtime_state.py
+
+validate-wallguard-collaboration-gate:
+	python3 -m json.tool schemas/receipts/wallguard-collaboration-admission.v0.1.schema.json >/dev/null
+	cd tools && python3 validate_wallguard_collaboration_gate.py
+
 validate-agent-cycle-health:
 	python3 tools/validate_agent_cycle_health.py
 

docs/doctrine/tensegrity-runtime-contract.md

@@ -0,0 +1,55 @@
+# Tensegrity Runtime Contract
+
+## Purpose
+
+AgentPlane's execution model is a **tensegrity structure**: agents, tools, services, models, repos, and hosts are **compression members** — structural elements that do work. They are stabilized by continuous **tension members**: policy, identity, provenance, tests, signatures, audits, ledgers, capability grants, replay, and revocation.
+
+Neither class functions alone. A compression member without tension yields ungoverned execution. A tension member without a compression member yields policy theater with no work done.
+
+This contract defines how AgentPlane enforces tensegrity at runtime.
+
+## Compression Members
+
+| Compression Member | Description |
+|--------------------|-------------|
+| Agent | Execution actor with bounded capability radius |
+| Tool | Callable surface scoped by tool grant and CGRM decision |
+| Service | External or internal service endpoint with policy gate |
+| Model | Inference engine with model-routing lane decision |
+| Repo | Source repository with branch and GitOps audit chain |
+| Host | Execution environment with resource scope and capability radius R5 guard |
+
+## Tension Members
+
+| Tension Member | Description |
+|----------------|-------------|
+| Policy | Policy decision ref from PolicyFabric; required on every execution artifact |
+| Identity | Actor ref and post/authority binding; required for all dispatches |
+| Provenance | Hash-chain of inputs, prior artifacts, and upstream anchors |
+| Tests | Validation receipts and verification execution receipts |
+| Signatures | Attestation events and cryptographic seals on receipts |
+| Audits | Audit trail refs on intervention outcomes and blocked dispatches |
+| Ledgers | Evidence ledger refs and budget settlement receipts |
+| Capability Grants | Tool grants scoped by CGRM and capability radius level |
+| Replay | Replay artifact ref required on all governed runs |
+| Revocation | Revocation path declared at compression member registration |
+
+## Tensegrity Invariants
+
+1. **No compression member executes without a policy tension member.** Every agent action, tool invocation, service call, and model routing decision must carry a `policy_decision_ref`.
+
+2. **Tension members must form a closed chain.** Policy → Identity → Provenance → Evidence → Replay → Revocation must each reference the same run or be transitively linkable through `upstream_anchors`.
+
+3. **Revocation dissolves a tension member's grip immediately.** A revoked capability grant, expired policy decision, or invalidated identity ref causes the dependent compression member to transition to `blocked` or `deferred` — not to `completed`.
+
+4. **Replay seals the tensegrity loop.** A governed run without a `replay_artifact_ref` is structurally incomplete. Replay verifies that the compression-plus-tension envelope produces the same result under rerun, or surfaces a `divergence_record` for escalation.
+
+5. **Oversteer detection is a governance obligation, not an optimization.** See `cybernetic-oversteer-v0.md`.
+
+## Integration Points
+
+- `ConversationalActionEvidence` — tension: policy, identity, replay_linkage
+- `CivicStackRunCapsule` — tension: policy, provenance_refs, rationalgrl_trace, hellgraph_evidence_refs
+- `BoundaryCalculusEvidenceEnvelope` — tension: promotion_gate, policy_result, attribution_discriminating_evidence_refs
+- `GovernedRunContract` — tension: policy, budget, verifier chain, replay_artifact_ref
+- `CapabilityRadiusProfile` — defines tension member scope per compression member level (R0–R5)

docs/specs/agent-action-tension-members-v0.md

@@ -0,0 +1,47 @@
+# Agent Action Tension Members v0
+
+## Purpose
+
+Defines how a single agent action declares its compression role and the tension members that stabilize it.
+
+## Structure
+
+Every agent action artifact in AgentPlane should carry the following tension member declarations:
+
+```
+action_id            — unique identifier for this action
+compression_member   — agent | tool | service | model | repo | host
+policy_ref           — policy decision ref (PolicyFabric)
+identity_ref         — actor or post/authority ref
+provenance_refs      — hash chain: prior action, run capsule, upstream anchors
+evidence_refs        — evidence artifacts emitted by or consumed for this action
+replay_ref           — replay artifact ref (required for governed runs)
+revocation_path      — revocation URI; if revoked, action transitions to blocked
+audit_ref            — audit trail ref (required on interventions and blocked outcomes)
+```
+
+## Tension Member Obligations by Action Type
+
+| Action Type          | Policy | Identity | Provenance | Evidence | Replay | Revocation | Audit |
+|----------------------|--------|----------|------------|----------|--------|------------|-------|
+| observe              | ✓      | ✓        | ✓          | ✓        | —      | optional   | —     |
+| query                | ✓      | ✓        | ✓          | ✓        | —      | optional   | —     |
+| transform            | ✓      | ✓        | ✓          | ✓        | ✓      | ✓          | —     |
+| write                | ✓      | ✓        | ✓          | ✓        | ✓      | ✓          | —     |
+| deploy               | ✓      | ✓        | ✓          | ✓        | ✓      | ✓          | ✓     |
+| revoke               | ✓      | ✓        | ✓          | ✓        | ✓      | ✓          | ✓     |
+| escalate             | ✓      | ✓        | ✓          | ✓        | ✓      | ✓          | ✓     |
+| trigger_execution    | ✓      | ✓        | ✓          | ✓        | ✓      | ✓          | —     |
+| approval_denial      | ✓      | ✓        | ✓          | ✓        | ✓      | optional   | ✓     |
+
+## Structural Rules
+
+1. **`policy_ref` is always required.** No action without a PolicyFabric decision ref is structurally valid.
+2. **`replay_ref` is required for actions that mutate state.** transform, write, deploy, revoke, escalate, trigger_execution, approval_denial.
+3. **`audit_ref` is required for denied or blocked outcomes** and for any intervention (modified, blocked, escalated) per the bounded-action-loop contract.
+4. **`revocation_path` is required for actions at R2 or above** (capability radius). See `capability-radius-v0.md`.
+5. **`provenance_refs` must include at least one upstream anchor** linking this action to a run capsule, governed run, or admission artifact.
+
+## Example
+
+See `examples/tensegrity/agent-action-tension-members.example.json`.