Execution catalog codex
private Inert read-only browser — no execution from this UI.
Governed execution declarations only — runtime truth comes from receipts and EVD.
← Shell home · Product catalog →
Codex rules
- If a capability is not in this codex, it is outside the governed execution lane.
- Catalog describes allowed behavior; receipts prove what ran.
- Never expose this file on public HTTP without mesh auth.
- Product SKUs sell work; codex entries authorize how work may execute.
offsec_collect — OffSecAgent read-only collection
OffSecAgent read-only collect EXEC-OFFSEC-COLLECT · SKU OFFSEC-LOCAL-AUDIT
mesh_gate: optional
scope
targets: Hosts in signed authority.json and scope.json onlyactions: Policy-gated collectors from collection_policy.jsondisallowed: secrets, exploitation, network egress, persistence, stealth
authority
requires: signed authority, signed scope, client record, invoicewriter: operatorapproval: scope lock before agent.sh
artifacts
outputs: posture.json, authority.json, scope.jsonreceipt_link: shield ingest → RECEIPT.jsonevd_path: engagement.evd_path
failure_escalation
on_policy_violation: refuse run, non-zero exiton_collector_error: record in posture meta, stopescalation: operator review — no auto-widen scope
offsec_shield — Shield ingest receipt proofpack
OffSecShield proofpack deliver EXEC-OFFSEC-PROOFPACK · SKU OFFSEC-PILOT
mesh_gate: optional
scope
targets: Single run ID under shield store/actions: ingest, findings, report, receipt, sign, proofpack, verifydisallowed: fabricated hashes, unsigned delivery
authority
requires: completed collect, payment linkage when settledwriter: operatorapproval: pilot/PILOT_RUNBOOK gates
artifacts
outputs: proofpack zip, MANIFEST.sha256, RECEIPT.sig.json, BUYER_WALKTHROUGH.mdreceipt_link: security_service_receipt.jsonpublic_verify: buyer offline verify-sig
failure_escalation
on_verify_fail: do not deliver — fix or re-runon_tamper: non-zero verify exitescalation: receipt mismatch → halt engagement
proof_workflow — WitnessOps bounded workflow package
WitnessOps workflow fit check EXEC-WORKFLOW-FIT · SKU WORKFLOW-FIT
mesh_gate: N/A
scope
targets: One non-secret workflow descriptionactions: Intake, scope boundary, go/no-godisallowed: secrets in intake, proof run from pricing page
authority
requires: /review/request form, email confirmationwriter: witnessops-consoleapproval: operator email before evidence accept
artifacts
outputs: scope map draft, fit assessmentreceipt_link: engagement var/ record when openedpublic_surface: witnessops.com/review
failure_escalation
on_scope_creep: stop — re-fiton_secret_submitted: reject intakeescalation: Support path for access-change scoping
Codex / GitHub workflow proof package EXEC-WORKFLOW-CODEX · SKU WORKFLOW-S
mesh_gate: PASS required for mesh-tied engagements
scope
targets: One bounded Codex, GitHub, or patch workflowactions: Scope map, evidence package, receipt, verifier result, challenge pathdisallowed: full repo exfil, credential storage, compliance certification claims
authority
requires: WORKFLOW-FIT closed, fee/timing agreed, evidence handling agreedwriter: witnessops-consoleapproval: signed scope before materials accepted
artifacts
outputs: scope map, security decision record, evidence package, receipt artifactreceipt_link: verify-runs/ + package/[issuanceId]sample: /review/sample-cases/ai-agent-action-proof-run
failure_escalation
on_evidence_gap: name limits in package — no fill with inferenceon_verify_fail: challenge path documentedescalation: WORKFLOW-RERUN for same scope
Public receipt verify (witnessops.com) EXEC-PUBLIC-VERIFY
mesh_gate: N/A
scope
targets: Submitted receipt JSON onlyactions: PV/QV/WV structural verify — no executiondisallowed: scope-lock ingest, full EVD upload, execution from verify
authority
requires: witnessops-web proof kernel on goal0writer: noneapproval: public API boundary
artifacts
outputs: verify result JSONreceipt_link: buyer-held receiptcanonical: https://witnessops.com/api/verify
failure_escalation
on_mismatch: MISMATCH / MISSING — non-zeroon_adapter_gap: SCHEMA_RECONCILIATION R0-R3escalation: offline verify-sig on proofpack
hunt_loop — 0day-hunt engineer loop on fleet VM
0day-hunt engineer loop EXEC-HUNT-0DAY-LOOP
mesh_gate: PASS
scope
targets: Operator-owned infrastructure in engagement scope-lockactions: Evidence refresh, LIVE gate, LLM triage, loop_action JSONdisallowed: off-scope targets, witnessops.com public ingest of full EVD
authority
requires: WOPS_HUNT_EVD, scope-lock ROE, LIVE gatewriter: witnessops-consoleapproval: hunt orchestrate / route CLI
artifacts
outputs: hunt-llm-loop.jsonl, hunt-snapshots/latest.json, mesh receiptreceipt_link: var/hunt-snapshots/<engagement_id>/evd_path: engagement.evd_path
failure_escalation
on_live_gate_fail: stop loop — refresh evidenceon_scope_lock: deny by defaultescalation: bastion-relay hunt-orch record-only path
mesh_hygiene — Branch C federation hygiene
Mesh federation full loop (Branch C) EXEC-MESH-FULL-LOOP
mesh_gate: PASS
scope
targets: WitnessOps fleet nodes in mesh doc bundleactions: Weekly hygiene, DNS/docs sync, receipt closeoutdisallowed: customer environment claims from mesh PASS
authority
requires: fleet-mesh-full-loop skill, operator spine services.jsonwriter: operatorapproval: receipted closeout
artifacts
outputs: MESH-DNS-SYNC receipt, mesh-docs bundle MANIFESTreceipt_link: working/receipts/public_sample: integrator doc only — not end-customer SKU
failure_escalation
on_node_unreachable: record in receipt — partial PASSon_dns_drift: sync script dry-run firstescalation: hub-nginx-hygiene-loop
Mesh movement validation (receipt freshness) EXEC-MOVEMENT-VALIDATION
mesh_gate: PASS
scope
targets: Mesh DNS sync, operator full loop, hunt mesh loop receiptsactions: Read receipt JSON on disk; classify PASS/WARN/FAIL by age and presencedisallowed: hub WG mutate, Gitea runner mutate, scope-lock mutate, var/ writes
authority
requires: live mesh operator approval, LANE_TOP/working/receiptswriter: codex-self-buildapproval: CODEX_LIVE_MESH_APPROVED receipt
artifacts
outputs: movement-validation-LATEST.json, overall_gatereceipt_link: organization/OffSecGlobal/agents/movement-validation/receipts/monitoring: run.sh --write-receipt
failure_escalation
on_missing_receipt: FAIL — run operator-full-loop or mesh-full-loopon_stale_receipt: WARN >7d, FAIL >14descalation: EXEC-MESH-FULL-LOOP
Codex self-building robot (governed agent factory) EXEC-CODEX-SELF-BUILD
mesh_gate: N/A
scope
targets: Natural-language agent goals from operatoractions: Scaffold agents/<slug>/, codex entry, skill draft, receipt; evaluate before livedisallowed: direct ~/.grok/skills write, public codex HTTP, auto production enable
authority
requires: CODEX_SELF_BUILDING_ROBOT_V1 task, wops skill evaluate, operator approvewriter: goal0-codexapproval: live mesh approved + governed skill approve
artifacts
outputs: agents/<slug>/ tree, EXEC-<SLUG> codex entry, CODEX-AGENT-BUILD receiptreceipt_link: working/receipts/bootstrap_agent: EXEC-MOVEMENT-VALIDATION
failure_escalation
on_evaluate_fail: revise max 3 loops then stopon_scope_violation: refuse — ask operatorescalation: governed-create-skill pipeline
goal0_deploy — goal0 mesh public host deploy
goal0 witnessops-web mesh deploy EXEC-GOAL0-MESH-DEPLOY
mesh_gate: N/A
scope
targets: goal0-edge-01 public hostactions: Build image, deploy container, smoke / /review /verifydisallowed: moving verify authority off goal0, public EVD ingest
authority
requires: run-witnessops-mesh-goal0.sh, GHCR auth if privatewriter: operatorapproval: deploy script receipt
artifacts
outputs: container health, verify smoke JSONreceipt_link: working/receipts/public_surface: witnessops.com
failure_escalation
on_smoke_fail: auto-rollback per deploy.shon_tls_fail: Caddy/host edge — not appescalation: lane catalog mesh-goal0 copy block
operator_read — Read-only var/ and EVD surfaces
goal0 authenticated var read API EXEC-VAR-READ-API · SKU ADDON-GOAL0-READER
mesh_gate: N/A
scope
targets: Mirrored var/ at goal0 — mesh bind :3040actions: Read-only routes mirroring forge/operator-data schemasdisallowed: public unauthenticated access, var/ writes
authority
requires: bearer token, mesh bind 10.44.0.5:3040writer: witnessops-consoleapproval: FORGE_PHASE_4 apply receipt
artifacts
outputs: engagements list, verify-runs, hunt-snapshotsreceipt_link: goal0-read-api healthconsumers: witnessops-saas, witnessops-forge remote
failure_escalation
on_401: fail closedon_mirror_stale: re-run sync-var-to-goal0.shescalation: local var/ reader fallback
Inert operator-shell read surfaces EXEC-OPERATOR-READ-SHELL · SKU SAAS-DEMO
mesh_gate: optional display only
scope
targets: WITNESSOPS_VAR_DIR local or API mirroractions: Engagement picker, buyer demo, catalog/codex browsersdisallowed: auth, billing, verify POST, var/ writes
authority
requires: WITNESSOPS_INERT_BOUNDARY.jsonwriter: none — read onlyapproval: Phase 5 scaffold closed
artifacts
outputs: /demo, /catalog, /codex, /api/healthreceipt_link: operator-shell smokefuture: app.witnessops.com authenticated
failure_escalation
on_stale_operator_data: rebuild after @repo/operator-data changeon_ENOSPC_dev: use build+start not devescalation: run-operator-saas-shell.sh
operator_shell — lane
Buyer share links surface audit (live vs stub) EXEC-BUYER_SHARE_LINKS
mesh_gate: N/A
scope
targets: witnessops-saas buyer share UI, entitlements, deploy packet, production receiptsactions: Read source files and receipts; classify live, stub, missing per surfacedisallowed: var writes, stripe mutate, clerk mutate, neon mutate, hub WG mutate, scope-lock mutate
authority
requires: CODEX-LIVE-MESH-APPROVED receipt, EXEC-CODEX-SELF-BUILDwriter: codex-self-buildapproval: CODEX-AGENT-BUILD receipt
artifacts
outputs: buyer-share-links-LATEST.json, overall_gate, live vs stub summaryreceipt_link: organization/OffSecGlobal/agents/buyer-share-links/receipts/monitoring: run.sh --write-receipt
failure_escalation
on_missing_core_ui: FAIL — redeploy witnessops-saason_stub_peripheral: WARN — search/webhooks may remain stubescalation: EXEC-OPERATOR-SAAS-SHELL