Phase-2 prerequisite: validate teachback_approved payload shape (not just key presence)

[michael-wojcik]

Context

Surfaced during PR #477 round-8 adversarial review by round8-security. Task #91 / review round 8, #401 teachback gate.

Finding (HIGH, Phase-2 scope)

Unable to confirm whether teachback_check.py (and associated scanners / _classify_task_state) validate the internal shape of teachback_approved metadata values vs. merely detect key presence.

Exploit path (if validation is key-presence-only)

A compromised lead or a bug in orchestration could write:

TaskUpdate(taskId, metadata={"teachback_approved": true})
TaskUpdate(taskId, metadata={"teachback_approved": ""})
TaskUpdate(taskId, metadata={"teachback_approved": {}})

Any of these would satisfy a key-presence check but carry zero approval semantics. Under Phase-2 blocking mode (#481), teammate would proceed with work under a phantom approval.

Proposal

Add targeted unit test to pact-plugin/tests/test_teachback_gate.py:

• Scenario: task with metadata.teachback_approved = true (or "", {}, missing sub-fields)
• Mode: _TEACHBACK_MODE = "blocking"
• Assert: scanner/classifier treats this as NOT approved (state stays teachback_under_review / awaiting_approval), gate continues to block

If the scanner currently passes on these malformed values, that's the real bug — payload shape must be validated (all 5 sub-fields present, non-empty: scanned_candidate, response_to_assumption, response_to_least_confident, first_action_check, conditions_met).

Non-goals

• Not a merge blocker for PR feat(#401): variety-tiered teachback gate with generation-shaped content validation #477 in advisory mode (no real gate trip).
• Binding before Phase 2: flip teachback_gate to blocking mode (follow-up to #401) #481 Phase-2 flip.

Background

• PR feat(#401): variety-tiered teachback gate with generation-shaped content validation #477: teachback gate advisory mode ship
• Phase 2: flip teachback_gate to blocking mode (follow-up to #401) #481: Phase-2 flip criterion
• Phase-2 prerequisite: integration test for blocking-mode submit-only→exit-2 path with real metadata #487: integration test for blocking-mode submit-only path (parallel Phase-2 prerequisite)
• round-8 security review HANDOFF on task Add structured logging to refresh system #91

Priority: HIGH for Phase-2, not urgent.