FORWAID Release Gate

A-side Preview Readiness

Aggregated release gate for Account, Store, Drive, Studio, OneCloud, and production boundary checks. This page is read-only and does not approve production writes, remote runtime, billing, or customer send.

readiness_layer_complete_with_limits

recommendation

PREVIEW_PUSH_ALLOWED_RELEASE_GATE_REVIEW_REQUIRED

cloud testable

true

target repo

ai-site-creator.git

Lovable

Founder manual

Gate Matrix

What can be tested now / what remains held

PREVIEW_PUSH_ALLOWED_RELEASE_GATE_REVIEW_REQUIRED
pass

Release item

Remote Codex Drops status mirror

PLT-CODEX-001 · same_machine_rehearsal_pass_remote_transport_pending

Next: Run a remote PC readonly Drop roundtrip: remote writes Drop, current runner executes readonly audit, remote reads callback.

pass

Release item

Account / Entitlement / Credits read model

platform-entitlement-read-model-v0.1 · read_only_preview · 3/5 app slots

Next: Connect Store install requests, account admin, and OneCloud status to this read-only snapshot before enabling backend mutations.

pass

Release item

Store install / request / approval draft queue

App Detail uses Store request draft queue with review status and handoff target.

Next: Route approved preview drafts to real account admin only after backend entitlement design.

pass

Release item

Drive / Sync / Content Maker / Drops loop

platform-source-to-output-read-model-v0.1 · localDriveDocuments=1

Next: Approve real source storage and Drive persistence design, then run readonly remote Drops roundtrip before any patch or production write.

pass

Release item

Web / Pad / Pod / OneCloud same capability map

platform-multisurface-capability-v0.1 · 能力在云端,形态在龙虾,状态通过 OneCloud 同步

Next: Wire this read model into Pod/Harness and OneCloud node status before enabling any local-node trigger or runtime launch.

pass

Release item

OneCloud capability handoff manifest

forwaid-onecloud-capability-manifest-v0.1 · handoffContracts=2

Next: OneCloud consumes handoffContract as read-only route/output metadata before any action intent or local-node writeback.

hold

Release item

Oneclaw local file bridge

Browser-to-local-node file bridge is a gated integration because it can pass file payloads to a host surface.

Next: Founder and Release Gate must approve exact host origin, payload redaction, file-size limits, callback contract, and local-node ownership before any bridge code is shipped.

hold

Release item

Production integration

All real production switches remain false by design.

Next: Founder and Release Gate must separately approve real AI, storage, remote runtime, payment/billing, and customer-send gates.

Next smallest action

If build remains PASS, push preview changes to ai-site-creator.git for Founder remote testing; Lovable publish remains manual.

Oneclaw Bridge Authorization

Local bridge remains held

The browser-to-local-node file bridge is not shipped until Founder and Release Gate approve host origin, payload policy, callback shape, and readonly ownership.

release_gate_hold

Host origin whitelist

hold

Approve exact OneCloud / 1claw host origins before using postMessage.

safeDefault: Do not ship wildcard host messaging.

File policy

hold

Approve allowed mime types, single-file size, total batch size, and count.

safeDefault: Do not pass file payloads to a local host.

Payload mode

hold

Choose source-ref-first handles or explicitly approve base64 transfer with redaction.

safeDefault: Prefer source refs; keep raw payload transfer disabled.

Callback contract

hold

Confirm job_id, source_ref_id, callback_id, workflow, and ledger fields as standard.

safeDefault: Display callback shape only; do not rely on it for production workflow.

Readonly boundary

hold

Confirm first release only allows readonly analysis and local callback preview.

safeDefault: No source mutation, no production data write, no customer send.

Owner lane

hold

Confirm OneCloud / 1claws owns local node transport while FORWAID owns cloud capability definition.

safeDefault: Do not merge bridge behavior into the FORWAID A-side product body.

nextGate: Founder must explicitly approve all HOLD gates before Oneclaw bridge code can be shipped or tested remotely.

Release Items

Remote Codex Drops status mirror

pass

PLT-CODEX-001 · same_machine_rehearsal_pass_remote_transport_pending

nextGate: Run a remote PC readonly Drop roundtrip: remote writes Drop, current runner executes readonly audit, remote reads callback.

Account / Entitlement / Credits read model

pass

platform-entitlement-read-model-v0.1 · read_only_preview · 3/5 app slots

nextGate: Connect Store install requests, account admin, and OneCloud status to this read-only snapshot before enabling backend mutations.

Store install / request / approval draft queue

pass

App Detail uses Store request draft queue with review status and handoff target.

nextGate: Route approved preview drafts to real account admin only after backend entitlement design.

Drive / Sync / Content Maker / Drops loop

pass

platform-source-to-output-read-model-v0.1 · localDriveDocuments=1

nextGate: Approve real source storage and Drive persistence design, then run readonly remote Drops roundtrip before any patch or production write.

Web / Pad / Pod / OneCloud same capability map

pass

platform-multisurface-capability-v0.1 · 能力在云端,形态在龙虾,状态通过 OneCloud 同步

nextGate: Wire this read model into Pod/Harness and OneCloud node status before enabling any local-node trigger or runtime launch.

OneCloud capability handoff manifest

pass

forwaid-onecloud-capability-manifest-v0.1 · handoffContracts=2

nextGate: OneCloud consumes handoffContract as read-only route/output metadata before any action intent or local-node writeback.

Oneclaw local file bridge

hold

Browser-to-local-node file bridge is a gated integration because it can pass file payloads to a host surface.

nextGate: Founder and Release Gate must approve exact host origin, payload redaction, file-size limits, callback contract, and local-node ownership before any bridge code is shipped.

Production integration

hold

All real production switches remain false by design.

nextGate: Founder and Release Gate must separately approve real AI, storage, remote runtime, payment/billing, and customer-send gates.

Production flags

productionReadyfalse
realAiEnabledfalse
realStorageEnabledfalse
remoteRuntimeLaunchAllowedfalse
paymentBillingAllowedfalse
customerSendAllowedfalse
autoLovableDeployAllowedfalse
requiresCleanBuildtrue

JSON preview

OneCloud status
{
  "snapshotId": "platform-a-side-release-readiness-v0.1",
  "status": "readiness_layer_complete_with_limits",
  "releaseRecommendation": "PREVIEW_PUSH_ALLOWED_RELEASE_GATE_REVIEW_REQUIRED",
  "cloudTestableAfterPush": true,
  "lovablePublishByFounderOnly": true,
  "productionReady": false,
  "realAiEnabled": false,
  "realStorageEnabled": false,
  "remoteRuntimeLaunchAllowed": false,
  "paymentBillingAllowed": false,
  "customerSendAllowed": false,
  "items": [
    {
      "id": "remote-codex-drops-status",
      "label": "Remote Codex Drops status mirror",
      "status": "pass",
      "evidence": "PLT-CODEX-001 · same_machine_rehearsal_pass_remote_transport_pending",
      "nextGate": "Run a remote PC readonly Drop roundtrip: remote writes Drop, current runner executes readonly audit, remote reads callback."
    },
    {
      "id": "account-entitlement-read-model",
      "label": "Account / Entitlement / Credits read model",
      "status": "pass",
      "evidence": "platform-entitlement-read-model-v0.1 · read_only_preview · 3/5 app slots",
      "nextGate": "Connect Store install requests, account admin, and OneCloud status to this read-only snapshot before enabling backend mutations."
    },
    {
      "id": "store-install-approval",
      "label": "Store install / request / approval draft queue",
      "status": "pass",
      "evidence": "App Detail uses Store request draft queue with review status and handoff target.",
      "nextGate": "Route approved preview drafts to real account admin only after backend entitlement design."
    },
    {
      "id": "source-to-output-loop",
      "label": "Drive / Sync / Content Maker / Drops loop",
      "status": "pass",
      "evidence": "platform-source-to-output-read-model-v0.1 · localDriveDocuments=1",
      "nextGate": "Approve real source storage and Drive persistence design, then run readonly remote Drops roundtrip before any patch or production write."
    },
    {
      "id": "multisurface-map",
      "label": "Web / Pad / Pod / OneCloud same capability map",
      "status": "pass",
      "evidence": "platform-multisurface-capability-v0.1 · 能力在云端,形态在龙虾,状态通过 OneCloud 同步",
      "nextGate": "Wire this read model into Pod/Harness and OneCloud node status before enabling any local-node trigger or runtime launch."
    },
    {
      "id": "onecloud-handoff-manifest",
      "label": "OneCloud capability handoff manifest",
      "status": "pass",
      "evidence": "forwaid-onecloud-capability-manifest-v0.1 · handoffContracts=2",
      "nextGate": "OneCloud consumes handoffContract as read-only route/output metadata before any action intent or local-node writeback."
    },
    {
      "id": "oneclaw-local-bridge",
      "label": "Oneclaw local file bridge",
      "status": "hold",
      "evidence": "Browser-to-local-node file bridge is a gated integration because it can pass file payloads to a host surface.",
      "nextGate": "Founder and Release Gate must approve exact host origin, payload redaction, file-size limits, callback contract, and local-node ownership before any bridge code is shipped."
    },
    {
      "id": "production-integration",
      "label": "Production integration",
      "status": "hold",
      "evidence": "All real production switches remain false by design.",
      "nextGate": "Founder and Release Gate must separately approve real AI, storage, remote runtime, payment/billing, and customer-send gates."
    }
  ],
  "pushGate": {
    "githubPushAllowedByPolicy": true,
    "targetRepo": "ai-site-creator.git",
    "requiresCleanBuild": true,
    "requiresFounderLovablePublish": true,
    "autoLovableDeployAllowed": false
  },
  "heldItems": [
    "real AI adapter/provider calls",
    "real upload/storage/Drive persistence",
    "remote PC runtime launch beyond readonly roundtrip",
    "Auth/RLS/Supabase schema mutation",
    "payment/billing/credit deduction",
    "customer-send/live publishing",
    "Oneclaw local file bridge / host postMessage payload transfer",
    "automatic Lovable publish"
  ],
  "nextSmallestAction": "If build remains PASS, push preview changes to ai-site-creator.git for Founder remote testing; Lovable publish remains manual."
}