Skip to content

[codex] prevent unsafe readiness-policy contradictions#910

Merged
madara88645 merged 1 commit into
mainfrom
codex/readiness-policy-safety
Jul 1, 2026
Merged

[codex] prevent unsafe readiness-policy contradictions#910
madara88645 merged 1 commit into
mainfrom
codex/readiness-policy-safety

Conversation

@madara88645

Copy link
Copy Markdown
Owner

Summary

  • make readiness consume the compiled IR safety policy that the compile route already passes in
  • prevent high risk or otherwise-ready human_approval_required requests from being shown as Ready to compile
  • preserve existing Clarify behavior for unresolved references and vague requests
  • add unit and API regression coverage for destructive production-database requests

Root cause

The readiness analyzer accepted the compiled IR but ignored it. It independently inspected only a narrow set of text risk keywords, so a destructive request could have policy.risk_level=high and execution_mode=human_approval_required while readiness still returned ready.

User impact

The offline page now displays the readiness banner. This fix prevents that banner from presenting a green, safe-to-run message when the compiler's own policy requires review.

Scope

Changed:

  • app/readiness/analyzer.py
  • tests/test_readiness_analyzer.py
  • tests/test_readiness_api.py

Not touched: environment files, secrets, auth, schemas, migrations, deploy/provider settings, LLM prompts, model parameters, response formats, or dependencies.

Validation

  • focused readiness/safety set: 100 passed
  • full backend suite: 1642 passed, 5 skipped
  • pre-commit run --all-files: passed
  • uv pip check: passed
  • seven QA prompts re-run; the destructive database scenario now reports readiness=risky while existing clarify behavior remains intact

@vercel

vercel Bot commented Jul 1, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
compiler Ready Ready Preview, Comment Jul 1, 2026 6:32am

@madara88645 madara88645 marked this pull request as ready for review July 1, 2026 06:36

@cursor cursor Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR Risk Assessment — Low

Decision: Approved (no reviewer assignment required)

Evidence (from diff only)

Area Finding
Files changed 3 (app/readiness/analyzer.py, 2 test files)
Production logic +24 / −2 lines in readiness analyzer
Blast radius Readiness verdict only — aligns banner with compiled IR policy
Infra / auth / schema None
Tests Unit + API regression coverage added
CI All checks green (Smoke, PR Tests, CodeQL, Snyk, Vercel)

What changed

Adds _policy_review() so the readiness analyzer respects policy.risk_level=high and execution_mode=human_approval_required from the compiled IR. Prevents the readiness banner from showing "Ready to compile" when the compiler policy already requires review.

Why Low (not Medium)

  • Single-module, narrowly scoped behavioral fix
  • Low blast radius; improves safety by removing a policy/readiness contradiction
  • Straightforward logic with focused regression tests
  • No shared infrastructure, auth, migrations, or prompt changes

Reviewers

None assigned — risk is below Medium threshold. No CODEOWNERS file in repo; 0 reviewers currently requested.

Slack

Slack notification tool not available in this automation run; summary posted here instead.


Automated risk assessment — conclusions derived from diff evidence only.

Open in Web View Automation 

Sent by Cursor Automation: Assign PR reviewers

@madara88645 madara88645 merged commit 0ae11ea into main Jul 1, 2026
12 checks passed
@madara88645 madara88645 deleted the codex/readiness-policy-safety branch July 1, 2026 15:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant