{
  "id": "OS_LEVEL_PICKUP_RUNNER_IMPLEMENTATION_SPEC_PENDING_ACTIVE_FALSE",
  "ts_kst": "2026-06-09 22:35 KST",
  "packet_doc": "memory/plans/p0b-pickup/os_level_pickup_runner_implementation_spec_packet_260609.md",
  "basis": "DECISION_PACKET 4결정 회장 확정(path+timer / collector_result schema / 2-tier relay / field+prompt now·hook followup) + 6 구현전제. read-only 설계. 구현/PR/설치/ACTIVE=true/queue 0.",
  "core_change": "process_one 의 owner-proof(verify_fn=AUTHORITATIVE)↔wake(launcher_fn) 사이에 deterministic closeout 삽입. CLOSEOUT_DONE 신규 verdict=green-path 결정론 종료(wake 0). agent_relay.required=true 예외만 2-tier relay. 기존 launcher_fn surface-only 보존→ACTIVE=false 안전 불변.",
  "14_items_summary": {
    "1_expected_files": "신규4(anu-pickup.timer / anu_collector_result.py / anu_terminal_relay.py / tests 3) + 수정2(anu_pickup_driver.py process_one / devbot dispatch prompt) + 재사용3(owned_callback_enforcement owner-proof·result_pickup_runner dedupe·entrypoint+path+service 수정0) + 후속1설계(PreToolUse hook). forbidden_paths: owner-proof 핵심·.env.keys·harness·canonical reset",
    "2_path_timer_unit": "anu-pickup.path(기존 수정0 즉시) + anu-pickup.timer(신규 OnBootSec=2min+OnUnitActiveSec=120s) 둘 다 같은 service→entrypoint→driver. 중복은 idempotency 흡수. 설치=activation 단계만",
    "3_collector_schema": "memory/events/task-<id>.collector_result.json(원본 1:1 분리·atomic os.replace). task_id/source_result_sha256/verdict/owner_proof{outcome,schedule_id,query_ok}/dedupe{hit,ledger_key}/scope{pass,detail}/closeout_action{none|done_acked|quarantined|deferred}/agent_relay{required,reason}/ts_kst/runner_version. raw key 0(sha·argv_len만)",
    "4_verdict_table": "NOOP_DISABLED/NOT_TARGET/LEGACY_SKIP→none·wake0 / NOT_READY·MAX_FILES→deferred·wake0 / QUARANTINE→quarantined·relay예외 / PICKUP_SKIP→이미처리 / CLOSEOUT_DONE(신규 owner-proof ANU+scope PASS+relay불요)→done_acked·wake0 / WAKE_BUILT→RELAY(agent_relay.required)→relay1회",
    "5_agent_relay_branch": "none(green)→relay0(sendfile 선택) / quarantine_reason(owner-proof NOT_ANU·QUERY_FAILED) / gemini_finding / merge_ready_ambiguous / critical7 / consolidated_report→예외 cron ANU relay(merge/dispatch/PR 금지)",
    "6_owner_proof_4outcome": "resolve_authoritative_owner(schedule_id, RealCokacdirCronHistoryProbe)=cokacdir --cron-history --key ANU read-only. ANU→통과closeout / NOT_ANU→fail-closed QUARANTINE / QUERY_FAILED→fail-closed QUARANTINE / PENDING→retry보류 NOOP_NOT_READY. self_key_used:true→거부. stale→REJECT. read전용→cron-fire 의존0→coupling 무관",
    "7_idempotency": "3중: dedupe ledger((task_id,sha256) pickup_once 재사용) + .done.acked rename(기존 .done 프로토콜 정합)+pickup.done 내부마커 + flock single-flight(entrypoint). path 재발화/timer 중복/재부팅→SKIP. real closeout 1회",
    "8_callback_field": "result.json callback_schedule_created:false 필수화. 봇=false 작성(cokacdir --cron callback 미등록 선언). runner 검증: 부재/true→계약위반 기록(collector_result contract_violation)+경고. 즉시분=관측·기록(차단은 후속 hook). dispatch prompt 명문",
    "9_hook_followup": "PreToolUse hook(dev bot 세션 settings): Bash 중 'cokacdir ... --cron' 매칭→deny(self-collector 실차단). 결선=세션 launch settings.json hook 등록. 미적용시 dispatch 거부 fail-closed. 난이도(결선+false positive 회피)→별도 task. 이 spec 설계만 구현0",
    "10_legacy_0": "mtime<epoch→NOOP_LEGACY_SKIP(move0/wake0/quarantine0/collector_result 미작성). events 128 무변동. scan_once 단일 path 대상 광역0. queue 미터치",
    "11_epoch_failclosed": "activation_epoch 부재→skip(epoch_absent, fail-open 절대금지). epoch 설정=activation 단계만. 현재 ABSENT 유지",
    "12_dryrun_isolated": "dry-run(process_one dry_run=True 실 rename0·relay0·collector_result temp만, 분기경로만). isolated test(tmp workspace 미접촉+fake probe 4outcome fixture+fake result 완전/위반/legacy/dedupe/self_key→각 verdict·closeout·agent_relay 단위검증, canonical 0 touch, green-path launcher호출0 assert)",
    "13_activation_gate": "regression/dry-run GREEN→owner-proof read quiet 성공→devbot 계약 관측→relay 경계(merge/dispatch/PR 0)→legacy 128 NOOP→(회장 승인) systemd path+timer 설치+flag enabled+epoch 설정+통제 1회 canary(단일 result·ack≤1·write≤1)→real activation 회장 승인",
    "14_rollback": "flag OFF→전면 no-op 즉시. systemctl disable --now path+timer→트리거0. PR revert(process_one·신규파일). collector_result 추가 산출물이라 result.json/events 무영향. epoch 제거→전 result legacy fail-closed. ledger/.done.acked idempotent→재처리 SKIP. canonical HEAD/events 원상복귀"
  },
  "spec_exactness_note": "회장 검토용 설계 spec. dispatch task 발행 시 D-SPEC-EXACTNESS(self-check→external lint Codex→spec-anchor) 별도 적용. 현재 spec locked 아님.",
  "capability_matrix": {
    "spec_scope": "IMPLEMENTATION_SPEC_DESIGN (미구현)",
    "core_change": "PROCESS_ONE_DETERMINISTIC_CLOSEOUT_INSERT",
    "expected_files": "4신규+2수정+3재사용+1후속설계",
    "ACTIVE": "false", "production_activation_gate": "HARD BLOCK"
  },
  "forbidden_now": ["구현", "PR", "systemd 설치", "ACTIVE=true", "production queue 처리", "daemon restart", "direct Claude launch", "추가 canary 실행"],
  "state_preserved": "canonical HEAD 75fdf540(task-2716) 무손상 / events 무변동 / p0b flags(driver/real_wake/epoch) ABSENT / systemd anu-pickup NOT installed / 구현 0.",
  "verdict": "OS_LEVEL_PICKUP_RUNNER_IMPLEMENTATION_SPEC_PACKET_READY — process_one owner-proof↔wake 사이 deterministic closeout(CLOSEOUT_DONE) 삽입, green-path wake 0·예외만 2-tier relay. expected_files 최소(4/2/3), owner-proof read-only 재사용, 3중 idempotency, legacy/epoch fail-closed, dry-run isolated, rollback flag/systemd/revert. 구현/PR/설치/canary=회장 별도 승인+dispatch 시 D-SPEC-EXACTNESS external lint."
}