治理层 / Governance

权限与治理观察工作台；不是权限后台、不是审批后台。

active agents4candidate agents2needs review1blocked0human gate required6denied actions tracked9

Governance 只读边界

本页只展示 Agent 权限、Human Gate、Denied Actions 与规则来源，不授予权限，不审批，不触发 Runner，不写 DB / Drive / production。

不 grant / revoke / approve / active Agent / Skill
不 auto merge、不触发 Runner
不改变 /system/registry readiness

Agent Permission Matrix

主表；无 Approve / Grant / Revoke / Enable / Run / Auto merge 操作列。

agent_id	role	status	risk	allowed_scope	denied_actions	human_gate	policy_source	last_review	next_action
task-planner	task classification / task package generation	active	medium	task-classify task-pack-generate risk-check	production write auto merge approval execute	required	system-agent-pages-ia-matrix-v1	2026-05 snapshot	keep readonly dispatch boundary
dev-runner	low-risk execution candidate	candidate	high	evidence-check lint typecheck	deploy DB mutation runtime control production write	required	frontend governance + runtime boundary	2026-05 snapshot	do not enable until action governance exists
review-gate	human review gate observer	active	medium	review-summary acceptance-matrix-readonly	approval execute auto merge permission grant	required	hb-os-frontend-governance-v1	2026-05 snapshot	observe review gate only; no execute
docops-agent	document governance scan observer	active	low	governance-scan-readonly artifact-index	Drive write approval execute production write	required	docops readonly results boundary	2026-05 snapshot	keep DocOps scan as readonly artifact
ops-monitor-agent	runtime health observer	needs_review	medium	runtime-snapshot health-readonly	restart deploy rollback runtime control	required	system-runtime-readonly-timeline-v1	2026-05 snapshot	defer live adapter to future task pack
content-agent	content marketing staging observer	candidate	medium	staging-readonly draft-preview	production write publish DB mutation	required	cm-production-readonly-gate	2026-05 snapshot	observe staging only; no cutover
runtime-observer	agent run timeline projection	active	low	timeline-readonly snapshot-projection	runner trigger claim complete auto merge	not_required	system-runtime-readonly-timeline-v1	2026-05 snapshot	keep timeline readonly

Human Gate / Review Gate

只读投影；不执行审批。

gate_id	agent_id	gate_type	requirement	status	policy_source	last_review	next_action
gate-task-planner	task-planner	human approval required	required	observed	system-agent-pages-ia-matrix-v1	2026-05 snapshot	keep readonly dispatch boundary
gate-dev-runner	dev-runner	human approval required	required	observed	frontend governance + runtime boundary	2026-05 snapshot	do not enable until action governance exists
gate-review-gate	review-gate	human approval required	required	observed	hb-os-frontend-governance-v1	2026-05 snapshot	observe review gate only; no execute
gate-docops-agent	docops-agent	human approval required	required	observed	docops readonly results boundary	2026-05 snapshot	keep DocOps scan as readonly artifact
gate-ops-monitor-agent	ops-monitor-agent	human approval required	required	open	system-runtime-readonly-timeline-v1	2026-05 snapshot	defer live adapter to future task pack
gate-content-agent	content-agent	human approval required	required	observed	cm-production-readonly-gate	2026-05 snapshot	observe staging only; no cutover

Denied actions

边界提示，不是操作按钮。

permission grant deniedpermission revoke deniedapproval execute deniedauto merge deniedrunner trigger deniedDB write deniedDrive write deniedproduction write deniedruntime control denied

Policy Source / Evidence Source

source_id	label	path	scope	status	last_review
ia-matrix	System Agent Pages IA Matrix	`docs/architecture/system-agent-pages-ia-matrix-v1.md`	agent page boundaries	active	2026-05 snapshot
frontend-governance	HB OS Frontend Governance	`docs/frontend/hb-os-frontend-governance-v1.md`	frontend permission boundary	active	2026-05 snapshot
readonly-callout	Readonly Boundary Callout	`docs/frontend/readonly-boundary-callout-v1.md`	readonly UI boundary	active	2026-05 snapshot
runtime-timeline	Runtime Readonly Timeline	`docs/architecture/system-runtime-readonly-timeline-v1.md`	runtime observer boundary	active	2026-05 snapshot
registry-observation	Registry Compatibility Observation	`docs/architecture/system-registry-compatibility-observation-continuation-plan-v1.md`	registry readiness observation	observation	2026-05 snapshot

Risk Boundary / Next Action

boundary_id	label	status	next
no-permission-mutation	No permission grant / revoke	enforced	keep readonly projection only
no-approval-execute	No approval execute	enforced	human gate observe only
no-runner-trigger	No Runner trigger	enforced	defer to execution task pack
no-registry-readiness-change	No /system/registry readiness change	enforced	observation cycle remains active

DocOps 深链（只读）： /docops

低频说明：要点 / 边界 / 兼容 / v1 不做

本层要点

Governance 页为 Agent Permission Matrix readonly 投影，不是权限后台。
Human Gate 区仅展示需要人工闸门的 Agent，不执行审批。
Denied Actions 为明确禁止动作列表，不是操作按钮。

v1 不做

权限授予 / 撤销
审批执行
auto merge
Runner 触发
production 写入
registry redirect / archive / delete