docs: add N12R internal sandbox handoff workflow

This commit is contained in:
石头
2026-07-08 16:08:10 +08:00
parent d773571402
commit c54f7c447a
10 changed files with 1986 additions and 49 deletions

View File

@@ -26,9 +26,15 @@ N0 Baseline cleanup and direction lock
-> N10 Operator runbook and process scripts
-> N11 Commit/review checkpoint
-> N12-pre Offline evidence intake
-> N12 Real logged-in UIA capture gate
-> N12R Internal-sandbox live UIA capture route
-> N12R-review Selector design review gate
Blocked/non-active:
-> N12-current Current-environment real logged-in UIA capture gate
```
**Reality update 2026-07-08:** iSphere is internal-network only. The current repository environment is an outer-network coordination/analysis environment. Therefore `N12-current` is not the active route unless network placement changes. Live login and live UIA capture must happen in an internal-network test sandbox through `N12R`.
Hard rule: **no node may start until the previous node's acceptance conditions are met.**
---
@@ -753,7 +759,7 @@ Pass if:
- Unrelated generated files are staged.
- Worktree contains ignored build outputs outside `runs/`.
**Next node:** N12-pre if the current environment cannot log in; otherwise N12 may start only when the real logged-in current-environment preconditions below are met.
**Next node:** N12-pre for offline evidence intake, followed by N12R for live capture in an internal-network test sandbox. `N12-current` remains blocked because the current outer-network environment cannot log in to internal iSphere.
---
@@ -830,24 +836,101 @@ Pass if:
- Package is used to design automatic login, sending, file transfer, injection, hook, memory reading, or endpoint-security bypass.
- Any reader treats the offline package as a replacement for true N12.
**Next node:** N12 remains blocked until the current environment can manually log in and perform a live current-environment UIA capture.
**Next node:** N12R internal-sandbox live capture route if live UI evidence is needed. `N12-current` remains blocked in the outer-network environment.
---
## N12: Real logged-in UIA capture gate
## N12R: Internal-sandbox live capture route
**Purpose:** Capture real iSphere UIA evidence after the user provides/login context.
**Purpose:** Capture live iSphere UIA evidence from a separate internal-network test sandbox where iSphere can be manually opened and logged in.
**Preconditions:**
- N11 accepted.
- Optional N12-pre offline evidence, if used, has been validated only as pre-gate context and not as N12 pass evidence.
- User manually opens and logs in to iSphere.
- iSphere main window is visible.
- Optional N12-pre offline evidence, if used, has been validated only as pre-gate context and not as live capture evidence.
- An internal-network test sandbox can manually open and log in to iSphere / IMPlatformClient using the normal approved process.
- The internal sandbox has this repository or a trusted copy of the built helper/MCP artifacts.
- The operator follows `docs/internal-sandbox-operator-runbook.md`.
**Actions:**
Use Go MCP tools:
- In the internal sandbox, run only the first-phase read-only operations:
```text
win_helper_version
win_helper_self_check
win_helper_scan_windows
win_helper_dump_uia
```
or the equivalent helper ops:
```text
version
self_check
scan_windows
dump_uia
```
- Save the returned package under:
```text
runs/internal-sandbox-live-capture/<capture-id>/
```
- Follow the package contract in `docs/internal-sandbox-live-capture-plan.md`.
**Expected outputs:**
- `metadata/source-notes.txt` stating internal-network test sandbox, manual login, main window visible, and forbidden actions not performed.
- `helper/version.json`.
- `helper/self-check.json`.
- `windows/scan-windows.json`.
- `windows/selected-window.json`.
- `uia/dump-uia-main.json`.
- `uia/dump-uia-main-redacted.json`.
- `notes/operator-notes.txt`.
**Acceptance conditions:**
Pass if:
- The package satisfies `docs/n12r-return-package-validation-checklist.md`.
- `scan-windows.json` includes an iSphere / IMPlatformClient candidate window.
- `dump-uia-main.json` contains a UI Automation root tree for the selected window.
- The capture notes state the user manually logged in and no forbidden action was performed.
- The redacted dump exists before broad sharing.
**Stop conditions:**
- Internal sandbox cannot manually log in.
- No candidate window appears.
- UIA tree is empty or inaccessible.
- Package contains secrets or message contents that require redaction before review.
- Any step requires automatic login, clicking into conversations, sending, uploading, downloading, injection, hook, memory reading, or endpoint-security bypass.
**Next node:** N12R-review selector design review gate. Do not implement selectors until N12R evidence is accepted and a separate selector design plan is approved.
---
## N12-current: Current-environment real logged-in UIA capture gate (blocked)
This is the original N12 definition. It is retained as a blocked/non-active gate for historical clarity. It is not the active route while the repository environment is outside the internal network.
**Blocked reason:** iSphere is internal-network only, and the current repository environment cannot manually log in.
**Original purpose:** Capture real iSphere UIA evidence from a manually logged-in iSphere window in the same environment where this repository is running.
**Original preconditions, if network placement changes later:**
- N11 accepted.
- Optional N12-pre offline evidence, if used, has been validated only as pre-gate context and not as N12 pass evidence.
- The repository environment can manually open and log in to iSphere / IMPlatformClient using the normal approved process.
- iSphere main window is visible in that same environment.
**Original allowed actions:**
Use only these Go MCP tools:
```text
win_helper_scan_windows
@@ -860,35 +943,9 @@ Save output under:
runs/real-loggedin-lab/uia-dumps/
```
**Expected outputs:**
**Current decision:** Do not wait on this gate as the active route. Use N12R internal-sandbox live capture instead.
- One or more real iSphere UIA dump JSON files.
- Window metadata showing process name/title/handle.
**Acceptance conditions:**
Pass if:
- Candidate iSphere/IMPlatform window is found.
- UIA root node is a window/control tree.
- Dump includes enough fields to identify controls:
- `name`
- `control_type`
- `automation_id`
- `class_name`
- `children`
- No clicking, typing, sending, uploading, receiving, or downloading occurs.
- No passwords/tokens are captured.
**Stop conditions:**
- User is not logged in.
- No candidate window appears.
- UIA tree is empty or inaccessible.
- Captured data contains sensitive secrets that need redaction before reporting.
- Current environment cannot log in; in that case, use only N12-pre offline analysis and do not mark N12 passed.
**Next node:** Future selector design. Do not implement selectors until N12 passes.
**Next node:** Future selector design may be considered only after N12R evidence is accepted, or after N12-current becomes possible and passes. Do not implement selectors before a separate selector design plan is approved.
---
@@ -897,7 +954,7 @@ Pass if:
Every node must satisfy these rules:
1. No Python MCP code.
2. No real send/search/file action before N12.
2. No real send/search/file action before an explicitly approved post-N12R selector/action plan.
3. No process injection, hook, credential extraction, token extraction, or memory reading.
4. No broad `git add -A`; stage exact paths.
5. Every code node uses tests first.
@@ -911,13 +968,13 @@ Every node must satisfy these rules:
Current guidance after N0-N11 completion is:
```text
N12-pre if the current environment cannot log in; N12 only after current-environment manual login is possible.
N12-pre has been used for offline evidence. Because the current environment is outside the internal network, the active live-capture route is N12R internal-sandbox live capture. N12-current remains blocked unless network placement changes.
```
Immediate next action:
```text
If login is unavailable here, collect/validate the full sandbox artifact bundle described in docs/offline-evidence-intake-plan.md. Minimal manifest/scan/dump JSON is optional and only for advanced operators.
If live UI evidence is needed, use `docs/internal-sandbox-live-capture-plan.md` and `docs/internal-sandbox-operator-runbook.md` to collect an N12R package from an internal-network test sandbox. Continue to use `docs/offline-evidence-intake-plan.md` only for offline file evidence.
```
Do not treat offline evidence as N12 pass. Do not start selector/action design until true N12 passes in the current environment.
Do not treat offline evidence as N12 pass. Do not start selector/action design until N12R live evidence is accepted, or until N12-current becomes possible and passes in the current environment.

View File

@@ -211,19 +211,42 @@ Procedure:
During this procedure, the operator must not click, type, send, upload, download, modify client state, or capture passwords/tokens.
## 10. If this environment cannot log in
## 10. If this outer-network environment cannot log in
Do not run or mark the real-login UIA capture gate as passed.
Do not run or mark the original current-environment real-login UIA capture gate as passed.
If login is only possible in another test sandbox, follow `docs/offline-evidence-intake-plan.md` and use the recommended **Full sandbox artifact bundle** route. The user does not need to generate JSON. Ask them to copy the logged-in test sandbox's install directory, user-data directories, ProgramData directories, shortcuts, `%TEMP%\importal` / `localcache` candidates, and simple copy notes into `runs\offline-evidence-intake\<evidence-id>\`.
iSphere is internal-network only. If the current repository environment is outside that network, use two separate routes:
The minimal `manifest.json` / `scan_windows-redacted.json` / `dump_uia-main-redacted.json` route is optional and only for advanced operators. In either route, the package is `N12-pre` context only. It can support offline inventory and reverse analysis, but it does not replace live current-environment `win_helper_scan_windows` and `win_helper_dump_uia` evidence.
1. **N12-pre offline evidence** for copied files and static analysis. Follow `docs/offline-evidence-intake-plan.md` and place packages under `runs\offline-evidence-intake\<evidence-id>\`.
2. **N12R internal-sandbox live capture** for real logged-in UIA evidence. Follow `docs/internal-sandbox-live-capture-plan.md` and `docs/internal-sandbox-operator-runbook.md`; place returned packages under `runs\internal-sandbox-live-capture\<capture-id>\`.
After receiving a full bundle, first do read-only inventory. Do not directly run unknown copied binaries, do not modify original copied files, do not use copied credential-like material to log in, and do not design automatic login, send message, send file, receive file, injection, hook, memory reading, or endpoint-security bypass behavior.
N12R is the active live-capture route when login is only possible in an internal-network test sandbox. It still allows only the four first-phase read-only tools:
```text
win_helper_version
win_helper_self_check
win_helper_scan_windows
win_helper_dump_uia
```
After receiving an N12R package, validate it with `docs/n12r-return-package-validation-checklist.md` before using it as evidence for selector-design review. Prefer the scripted read-only validator:
```powershell
$captureRoot = "runs\internal-sandbox-live-capture\<capture-id>"
$reportRoot = "runs\internal-sandbox-live-capture-reports"
New-Item -ItemType Directory -Force -Path $reportRoot | Out-Null
powershell -NoProfile -ExecutionPolicy Bypass -File .\scripts\validate-n12r-return-package.ps1 `
-PackageRoot $captureRoot `
-ReportPath (Join-Path $reportRoot "<capture-id>-validation.md")
```
Keep the validation report outside `$captureRoot`; the returned package is evidence input and should remain unchanged.
Neither offline evidence nor N12R authorizes automatic login, search contacts, open conversation, send message, send file, receive file, injection, hook, memory reading, credential extraction, or endpoint-security bypass behavior.
## 11. Troubleshooting
- If C# helper build fails, run `scripts\build-win-helper.ps1` directly and check for missing .NET Framework reference assemblies.
- If `win_helper_version` fails, rerun `powershell -NoProfile -ExecutionPolicy Bypass -File scripts\verify-win-helper.ps1` first.
- If Go MCP verification fails, rerun `go test ./...` and `powershell -NoProfile -ExecutionPolicy Bypass -File scripts\verify-go-mcp.ps1`.
- If a client cannot start the MCP server, confirm the configured command points to the built `.exe` and the working directory is the repository root.
- If a client cannot start the MCP server, confirm the configured command points to the built `.exe` and the working directory is the repository root.

View File

@@ -378,4 +378,69 @@ Only after that should the team decide whether to:
2. Ask for a better evidence package.
3. Wait until current-environment live login becomes possible.
4. Re-plan true N12.
```
```
---
## 12. Reality update - 2026-07-08
The current repository environment is an outer-network coordination and analysis environment. iSphere / IMPlatformClient is internal-network only, so manual login cannot happen in the current environment.
Do not keep waiting for current-environment login as the active path. The active live-capture route is now:
```text
N12R: Internal-sandbox live capture route
```
New operator documents:
```text
docs/internal-sandbox-live-capture-plan.md
Defines N12R node sequence, package contract, acceptance conditions, and boundaries.
docs/n12r-final-handoff-checklist.md
Short final handoff checklist for internal-sandbox work, outer-network validation, boundaries, and next decision.
docs/internal-sandbox-operator-runbook.md
Step-by-step instructions for the internal-network sandbox operator.
docs/n12r-return-package-validation-checklist.md
Outer-network validation checklist for returned N12R packages.
scripts/validate-n12r-return-package.ps1
One-command read-only validator for returned N12R packages. It writes validation reports outside the returned package root.
scripts/test-validate-n12r-return-package.ps1
Local regression tests for the N12R package validator.
```
N12R package destination:
```text
runs/internal-sandbox-live-capture/<capture-id>/
```
Suggested outer-network validation command after a package returns:
```powershell
$captureRoot = "runs\internal-sandbox-live-capture\<capture-id>"
$reportRoot = "runs\internal-sandbox-live-capture-reports"
New-Item -ItemType Directory -Force -Path $reportRoot | Out-Null
powershell -NoProfile -ExecutionPolicy Bypass -File .\scripts\validate-n12r-return-package.ps1 `
-PackageRoot $captureRoot `
-ReportPath (Join-Path $reportRoot "<capture-id>-validation.md")
```
N12-pre offline evidence remains useful for static analysis, but it does not replace N12R live UIA capture. Original current-environment N12 remains blocked unless the repository environment is moved into the internal network and can manually log in.
The only allowed live operations in N12R remain:
```text
win_helper_version
win_helper_self_check
win_helper_scan_windows
win_helper_dump_uia
```
Do not implement selector/action tools until N12R evidence is accepted and a separate selector design plan is approved.

View File

@@ -0,0 +1,217 @@
# Internal Sandbox Live Capture Plan
## 1. Purpose
This document replaces the unrealistic assumption that the current outer-network repository environment can log in to iSphere.
iSphere is an internal-network application. The current environment is an outer-network coordination and analysis environment. Therefore, live login and live UI Automation capture must happen in a separate internal-network test sandbox where the operator can manually open and log in to iSphere.
This path is named:
```text
N12R: Internal-sandbox live capture route
```
`N12R` is a practical replacement route for collecting live read-only UI evidence from the internal sandbox. It does not mean the original current-environment N12 gate has passed.
## 2. Environment roles
| Environment | Role | Allowed work |
| --- | --- | --- |
| Current outer-network repo environment | Coordination, planning, static/offline evidence analysis, report validation | Read docs, inspect copied evidence packages, generate reports, validate returned capture packages |
| Internal-network test sandbox | Manual iSphere login and live read-only capture | Build/verify helper, manually log in, run only read-only scan/dump capture, package results |
## 3. Current node state
Completed before this plan:
```text
N0-N11 First Go MCP / C# helper phase completed
N12-pre Offline evidence intake and reports for copied package zyl completed
```
Original true N12 remains blocked in the current environment because this environment cannot reach or log in to internal iSphere.
New route:
```text
N12R-0 Prepare internal-sandbox runbook and capture package contract
N12R-1 Internal sandbox verifies helper and Go MCP readiness
N12R-2 Operator manually opens and logs in to iSphere in the internal sandbox
N12R-3 Operator performs read-only live window scan and UIA dump
N12R-4 Operator packages redacted live capture outputs
N12R-5 Outer-network environment validates returned package
N12R-6 Review gate: decide whether selector design may start
```
No node may be skipped. Offline evidence never replaces live capture evidence.
## 4. Hard boundaries
The internal sandbox route only allows read-only evidence capture.
Allowed operations:
```text
win_helper_version
win_helper_self_check
win_helper_scan_windows
win_helper_dump_uia
```
Equivalent C# helper operations are also allowed only for capture fallback:
```text
version
self_check
scan_windows
dump_uia
```
Forbidden operations and designs:
```text
search contacts
open conversation
send message
send file
receive/download file
automatic login
using copied credentials
credential/token/cookie extraction
process injection
hook
memory reading
endpoint-security bypass/evasion
stealth/persistence
modifying the iSphere client
running copied executables from offline evidence packages
```
The operator must use normal manual login only.
## 5. N12R package contract
Returned live capture packages should be placed in this repository under:
```text
runs/internal-sandbox-live-capture/<capture-id>/
```
Recommended package shape:
```text
runs/internal-sandbox-live-capture/<capture-id>/
metadata/
source-notes.txt
os-version.txt
process-list.txt
repo-status.txt
verification-summary.txt
helper/
version.json
self-check.json
windows/
scan-windows.json
selected-window.json
uia/
dump-uia-main.json
dump-uia-main-redacted.json
notes/
operator-notes.txt
```
Optional files:
```text
helper/
verify-win-helper-output.txt
mcp/
verify-go-mcp-output.txt
mcp-client-config.txt
screenshots/
main-window-redacted.png
```
Do not include passwords, tokens, cookies, private keys, full message bodies, or unrelated business documents.
## 6. Required package notes
`metadata/source-notes.txt` must include:
```text
capture_id: <capture-id>
source_environment: internal-network test sandbox
operator: <name or role>
capture_time_local: <YYYY-MM-DD HH:mm:ss timezone>
iSphere manually logged in: yes
client opened before capture: yes
main window visible: yes
operations used: version, self_check, scan_windows, dump_uia
forbidden actions performed: no
this package is N12R live evidence, not current-environment N12 pass
```
`notes/operator-notes.txt` should include:
```text
What client was opened: <iSphere / IMPlatformClient>
How login was performed: manual normal company process
Any MFA/SSO used: yes/no, no secrets included
Selected window reason: <title/process/class/score>
Redactions applied: <brief list>
Any capture problems: <brief list>
```
## 7. Acceptance conditions for N12R
N12R package validation passes only if all are true:
1. Package is under `runs/internal-sandbox-live-capture/<capture-id>/`.
2. `metadata/source-notes.txt` exists and states this came from an internal-network test sandbox.
3. Notes state iSphere was manually logged in and the main window was visible.
4. `helper/version.json` exists and reports `ISphereWinHelper`.
5. `helper/self-check.json` exists and indicates desktop/UIA availability.
6. `windows/scan-windows.json` exists and includes an iSphere / IMPlatformClient candidate window.
7. `windows/selected-window.json` records the selected candidate window metadata.
8. `uia/dump-uia-main.json` exists and contains a UI Automation root tree.
9. Redacted copy `uia/dump-uia-main-redacted.json` exists before broad sharing.
10. No evidence suggests clicking, typing, sending, uploading, downloading, automatic login, injection, hook, memory reading, or bypass behavior.
## 8. What N12R does not authorize
N12R does not authorize selector implementation or action tools by itself. It only provides live UI structure evidence.
After N12R package validation, the next step is a review gate:
```text
Review whether selector design may start.
```
Selector design, if approved later, must begin as a separate written plan. It must still avoid message sending, file transfer, automatic login, injection, hook, memory reading, and bypass behavior unless an explicit later plan changes the project boundary.
## 9. Relationship to existing offline evidence
Existing package:
```text
runs/offline-evidence-intake/zyl/
```
Existing reports:
```text
runs/offline-evidence-intake-reports/zyl/
```
Those reports remain useful for:
```text
application inventory
local data discovery
static evidence analysis
MsgLib format hypotheses
timeline and redaction planning
```
They do not replace N12R live UIA capture. Offline evidence is context only.

View File

@@ -0,0 +1,387 @@
# Internal Sandbox Operator Runbook
This runbook is for the operator who has access to an internal-network test sandbox where iSphere / IMPlatformClient can be manually opened and logged in.
The goal is to produce a live read-only capture package for the outer-network coordination environment.
## 1. Safety boundary
Do only these actions:
```text
manual open iSphere / IMPlatformClient
manual normal login
keep main window visible
run version
run self_check
run scan_windows
run dump_uia
copy JSON/text outputs into a package
```
Do not do these actions:
```text
automatic login
search contacts
open conversation
send message
send file
receive/download file
use copied credentials
extract password/token/cookie/private key
inject process
hook
read target process memory
bypass endpoint security
run executables copied from offline evidence packages
```
## 2. Prepare repository in the internal sandbox
Open PowerShell in the repository root.
Example:
```powershell
cd E:\isphere-ai-bridge
```
If the repository path is different, use that actual path. All commands below assume the repository root is the current directory.
Check repository status:
```powershell
git status --short --branch
```
Recommended: record this output into the package later as:
```text
metadata/repo-status.txt
```
## 3. Verify helper and Go MCP readiness
Run helper verification:
```powershell
powershell -NoProfile -ExecutionPolicy Bypass -File scripts\verify-win-helper.ps1
```
Expected high-level result:
```text
ok=true
helper version=0.1.0
uia_available=true or valid boolean
```
If Go is installed in the internal sandbox, also run:
```powershell
powershell -NoProfile -ExecutionPolicy Bypass -File scripts\verify-go-mcp.ps1
```
Expected high-level result:
```text
ok=true
tool_count=4
helper_name=ISphereWinHelper
action_tools_present=false
```
If Go is unavailable, do not install unrelated tooling during the capture window unless the operator has approval. The C# helper fallback below is enough to capture the same four read-only helper operations.
## 4. Create capture directory
Choose a capture id. Recommended format:
```text
YYYY-MM-DD-internal-sandbox-<short-name>
```
Example:
```powershell
$captureId = "2026-07-08-internal-sandbox-a"
$captureRoot = "runs\internal-sandbox-live-capture\$captureId"
New-Item -ItemType Directory -Force -Path `
"$captureRoot\metadata", `
"$captureRoot\helper", `
"$captureRoot\windows", `
"$captureRoot\uia", `
"$captureRoot\notes" | Out-Null
```
## 5. Record metadata
Record OS version:
```powershell
Get-ComputerInfo | Select-Object WindowsProductName, WindowsVersion, OsBuildNumber, CsUserName |
Format-List | Out-File -FilePath "$captureRoot\metadata\os-version.txt" -Encoding UTF8
```
Record process list:
```powershell
Get-Process | Sort-Object ProcessName |
Select-Object ProcessName, Id, MainWindowTitle, Path |
Format-Table -AutoSize | Out-File -FilePath "$captureRoot\metadata\process-list.txt" -Encoding UTF8
```
Record repo status:
```powershell
git status --short --branch | Out-File -FilePath "$captureRoot\metadata\repo-status.txt" -Encoding UTF8
```
Create source notes:
```powershell
@"
capture_id: $captureId
source_environment: internal-network test sandbox
operator: <fill operator name or role>
capture_time_local: $(Get-Date -Format "yyyy-MM-dd HH:mm:ss zzz")
iSphere manually logged in: yes/no
client opened before capture: yes/no
main window visible: yes/no
operations used: version, self_check, scan_windows, dump_uia
forbidden actions performed: no
this package is N12R live evidence, not current-environment N12 pass
"@ | Set-Content -Path "$captureRoot\metadata\source-notes.txt" -Encoding UTF8
```
Before packaging, edit the `yes/no` fields so they are accurate.
## 6. Manual login
1. Open iSphere / IMPlatformClient using the normal internal sandbox method.
2. Log in manually using the normal company process.
3. Complete SSO/MFA if required.
4. Do not use copied credentials or offline evidence files.
5. Keep the main iSphere window visible and not minimized.
Do not click into contacts or conversations unless normal login itself requires it. Do not send or receive anything.
## 7. Build helper path variable
After `verify-win-helper.ps1`, the helper should exist at:
```text
runs\win-helper\ISphereWinHelper.exe
```
Set:
```powershell
$helper = Resolve-Path -LiteralPath "runs\win-helper\ISphereWinHelper.exe"
```
## 8. Capture helper version
```powershell
@{
protocol = "isphere.helper.v1"
request_id = "n12r-version"
op = "version"
timeout_ms = 5000
args = @{}
} | ConvertTo-Json -Depth 8 -Compress |
& $helper --json |
Set-Content -Path "$captureRoot\helper\version.json" -Encoding UTF8
```
## 9. Capture self check
```powershell
@{
protocol = "isphere.helper.v1"
request_id = "n12r-self-check"
op = "self_check"
timeout_ms = 5000
args = @{}
} | ConvertTo-Json -Depth 8 -Compress |
& $helper --json |
Set-Content -Path "$captureRoot\helper\self-check.json" -Encoding UTF8
```
## 10. Scan visible windows
```powershell
@{
protocol = "isphere.helper.v1"
request_id = "n12r-scan-windows"
op = "scan_windows"
timeout_ms = 5000
args = @{ include_all_visible = $true }
} | ConvertTo-Json -Depth 8 -Compress |
& $helper --json |
Set-Content -Path "$captureRoot\windows\scan-windows.json" -Encoding UTF8
```
Open the scan result and identify the likely iSphere / IMPlatformClient window by process name, title, class name, visibility, bounds, and score:
```powershell
Get-Content -Path "$captureRoot\windows\scan-windows.json" -Encoding UTF8 | ConvertFrom-Json |
Select-Object -ExpandProperty data |
Select-Object -ExpandProperty windows |
Where-Object { $_.process_name -match "iSphere|IMPlatform|IMPP" -or $_.title -match "iSphere|IMPlatform|IMPP" } |
Format-Table hwnd,pid,process_name,title,class_name,visible,score -AutoSize
```
## 11. Save selected window metadata
Replace `<HWND>` with the selected window handle from the scan output, such as `0x001A0B2C`.
```powershell
$selectedHwnd = "<HWND>"
$scanObj = Get-Content -Path "$captureRoot\windows\scan-windows.json" -Encoding UTF8 | ConvertFrom-Json
$selected = $scanObj.data.windows | Where-Object { $_.hwnd -eq $selectedHwnd } | Select-Object -First 1
if (-not $selected) { throw "selected hwnd not found in scan result: $selectedHwnd" }
$selected | ConvertTo-Json -Depth 8 | Set-Content -Path "$captureRoot\windows\selected-window.json" -Encoding UTF8
```
## 12. Capture UIA dump
Use conservative limits first:
```powershell
@{
protocol = "isphere.helper.v1"
request_id = "n12r-dump-uia-main"
op = "dump_uia"
timeout_ms = 15000
args = @{
hwnd = $selectedHwnd
max_depth = 8
include_text = $true
max_children = 100
}
} | ConvertTo-Json -Depth 12 -Compress |
& $helper --json |
Set-Content -Path "$captureRoot\uia\dump-uia-main.json" -Encoding UTF8
```
If the dump is too large or truncated, repeat once with adjusted limits and save as an additional file, for example:
```text
uia/dump-uia-main-depth10-children150.json
```
Do not click, type, send, upload, download, or modify the iSphere client during capture.
## 13. Create a redacted UIA copy
Create a copy for sharing:
```powershell
Copy-Item -LiteralPath "$captureRoot\uia\dump-uia-main.json" -Destination "$captureRoot\uia\dump-uia-main-redacted.json" -Force
```
Then manually review `dump-uia-main-redacted.json` and redact sensitive visible text before sharing broadly.
Redact:
```text
person names
phone numbers
emails
message text
contact names
organization-sensitive content
credential/token-like strings
business document titles if sensitive
```
Keep structural selector fields when possible:
```text
control_type
automation_id
class_name
framework_id
bounds
is_enabled
is_offscreen
children shape
```
## 14. Write operator notes
```powershell
@"
What client was opened: <iSphere / IMPlatformClient>
How login was performed: manual normal company process
Any MFA/SSO used: yes/no, no secrets included
Selected window hwnd: $selectedHwnd
Selected window reason: <process/title/class/score reason>
Redactions applied: <brief list>
Any capture problems: <brief list>
Forbidden actions performed: no
"@ | Set-Content -Path "$captureRoot\notes\operator-notes.txt" -Encoding UTF8
```
## 15. Verify package before copying out
Run:
```powershell
$required = @(
"$captureRoot\metadata\source-notes.txt",
"$captureRoot\helper\version.json",
"$captureRoot\helper\self-check.json",
"$captureRoot\windows\scan-windows.json",
"$captureRoot\windows\selected-window.json",
"$captureRoot\uia\dump-uia-main.json",
"$captureRoot\uia\dump-uia-main-redacted.json",
"$captureRoot\notes\operator-notes.txt"
)
foreach ($path in $required) {
if (-not (Test-Path -LiteralPath $path)) { throw "missing required file: $path" }
}
"N12R package files present: $captureRoot" | Tee-Object -FilePath "$captureRoot\metadata\verification-summary.txt"
```
Check JSON parseability:
```powershell
Get-Content "$captureRoot\helper\version.json" -Encoding UTF8 | ConvertFrom-Json | Out-Null
Get-Content "$captureRoot\helper\self-check.json" -Encoding UTF8 | ConvertFrom-Json | Out-Null
Get-Content "$captureRoot\windows\scan-windows.json" -Encoding UTF8 | ConvertFrom-Json | Out-Null
Get-Content "$captureRoot\windows\selected-window.json" -Encoding UTF8 | ConvertFrom-Json | Out-Null
Get-Content "$captureRoot\uia\dump-uia-main.json" -Encoding UTF8 | ConvertFrom-Json | Out-Null
Get-Content "$captureRoot\uia\dump-uia-main-redacted.json" -Encoding UTF8 | ConvertFrom-Json | Out-Null
```
## 16. Package for transfer
Compress the capture directory:
```powershell
Compress-Archive -LiteralPath $captureRoot -DestinationPath "$captureRoot.zip" -Force
```
Copy either the directory or zip back to the outer-network repository environment under:
```text
runs/internal-sandbox-live-capture/<capture-id>/
```
## 17. What to report back
Tell the coordinating session:
```text
N12R package is ready.
Path: runs/internal-sandbox-live-capture/<capture-id>/
Manual iSphere login: yes
Main window visible during capture: yes
Forbidden actions performed: no
```
The coordinating session will then validate the returned package. Do not mark original current-environment N12 as passed.

View File

@@ -0,0 +1,219 @@
# N12R Final Handoff Checklist
Date: 2026-07-08
This is the short handoff entry for the current reality:
- The current repository environment is an outer-network coordination and analysis environment.
- iSphere / IMPlatformClient is internal-network only.
- Do not treat the current environment as capable of completing live login capture.
- The active live-capture route is `N12R: Internal-sandbox live capture route`.
- The original current-environment live-login gate remains blocked unless the repository environment itself is moved into the internal network and an operator can manually log in there.
## 1. Read this first
Use these files in this order:
```text
docs/handoff-2026-07-06.md
docs/n12r-final-handoff-checklist.md
docs/internal-sandbox-live-capture-plan.md
docs/internal-sandbox-operator-runbook.md
docs/n12r-return-package-validation-checklist.md
```
If you only need the immediate next action, follow section 3 and section 4 below.
## 2. Current node map
```text
N0-N11
Completed first-phase Go MCP / WinHelper foundation.
N12-pre
Offline evidence intake and static analysis.
Evidence input: runs/offline-evidence-intake/zyl
Reports: runs/offline-evidence-intake-reports/zyl
Status: useful supporting analysis, not a substitute for live UIA capture.
N12-current
Current-environment real logged-in UIA capture.
Status: blocked in this outer-network environment.
N12R
Internal-sandbox live capture route.
Status: active live-capture route.
N13
Selector/UIA design review.
Status: do not start until an N12R package is accepted.
```
## 3. What the internal-network sandbox operator must do
The internal operator must use:
```text
docs/internal-sandbox-operator-runbook.md
```
Required operator flow:
1. Prepare the repository inside an internal-network test sandbox.
2. Start iSphere / IMPlatformClient normally.
3. Complete manual interactive login using the normal company process.
4. Keep the main iSphere window visible.
5. Run only read-only helper checks:
- `version`
- `self_check`
- `scan_windows`
- `dump_uia`
6. Save the returned package under:
```text
runs/internal-sandbox-live-capture/<capture-id>/
```
Required returned package files:
```text
metadata/source-notes.txt
helper/version.json
helper/self-check.json
windows/scan-windows.json
windows/selected-window.json
uia/dump-uia-main.json
uia/dump-uia-main-redacted.json
notes/operator-notes.txt
```
Recommended returned package files:
```text
metadata/os-version.txt
metadata/process-list.txt
metadata/repo-status.txt
metadata/verification-summary.txt
```
## 4. What the outer-network receiver must do
After the internal sandbox returns a package, place it at:
```text
runs/internal-sandbox-live-capture/<capture-id>/
```
Then run the read-only validator:
```powershell
$captureRoot = "runs\internal-sandbox-live-capture\<capture-id>"
$reportRoot = "runs\internal-sandbox-live-capture-reports"
New-Item -ItemType Directory -Force -Path $reportRoot | Out-Null
powershell -NoProfile -ExecutionPolicy Bypass -File .\scripts\validate-n12r-return-package.ps1 `
-PackageRoot $captureRoot `
-ReportPath (Join-Path $reportRoot "<capture-id>-validation.md")
```
Keep validation reports outside `$captureRoot`. The returned package is evidence input and should remain unchanged.
Run the validator regression tests before changing the validator:
```powershell
powershell -NoProfile -ExecutionPolicy Bypass -File .\scripts\test-validate-n12r-return-package.ps1
```
## 5. Acceptance gate for N12R
Accept an N12R package only if all of these are true:
1. Required files exist.
2. Required JSON files parse.
3. `helper/version.json` reports `ISphereWinHelper`.
4. `helper/self-check.json` reports `ok=true` and UIA availability.
5. `windows/scan-windows.json` includes an iSphere / IMPlatformClient candidate window.
6. `windows/selected-window.json` records the selected hwnd and title or process metadata.
7. `uia/dump-uia-main.json` contains a parseable UIA root/tree.
8. `uia/dump-uia-main-redacted.json` exists and parses.
9. Operator notes state manual login and no forbidden action.
10. The validator decision is `ACCEPT`.
If any acceptance item fails, keep N12R open and request a corrected internal-sandbox capture.
## 6. Hard boundary
Allowed live operations remain only:
```text
win_helper_version
win_helper_self_check
win_helper_scan_windows
win_helper_dump_uia
```
Do not add or use any tool for:
```text
automatic login
search contacts
open conversation
send message
send file
receive file
upload file
download file
credential extraction
injection
hooking
memory reading
endpoint-security bypass
```
Do not run copied client binaries from an evidence package.
## 7. Offline evidence status
Offline evidence already received:
```text
runs/offline-evidence-intake/zyl
```
Generated reports are outside the original evidence package:
```text
runs/offline-evidence-intake-reports/zyl
```
Important offline conclusions:
- Two IMPlatformClient builds were observed: `4.1.2.6842` and `4.1.2.6839`.
- `MsgLib.db` artifacts are not standard SQLite.
- Static .NET metadata and logs support format/owner hypotheses.
- Offline evidence is useful for context, but it cannot prove live UIA selector behavior.
## 8. Environment caveats
Known local caveat:
```text
go is not installed in the current outer-network environment
```
This affects `scripts/verify-go-mcp.ps1` in this environment only. It does not change the N12R route.
## 9. Next decision after N12R acceptance
If the returned N12R package is accepted:
1. Record the validation report path.
2. Review the UIA tree structure.
3. Decide whether selector design is stable enough for N13.
4. Write a separate N13 selector design plan before adding any selector logic.
If the returned N12R package is rejected:
1. Keep N12R as active.
2. Send the validation failure list back to the internal-network operator.
3. Request a corrected read-only capture.

View File

@@ -0,0 +1,223 @@
# N12R Return Package Validation Checklist
Use this checklist in the outer-network coordination environment after an internal-network operator returns a live capture package.
N12R packages are expected under:
```text
runs/internal-sandbox-live-capture/<capture-id>/
```
This checklist validates package completeness and boundary compliance. It does not execute copied client binaries and does not mark original current-environment N12 as passed.
## 1. Required files
A package is structurally complete only if these files exist:
```text
metadata/source-notes.txt
helper/version.json
helper/self-check.json
windows/scan-windows.json
windows/selected-window.json
uia/dump-uia-main.json
uia/dump-uia-main-redacted.json
notes/operator-notes.txt
```
Recommended metadata files:
```text
metadata/os-version.txt
metadata/process-list.txt
metadata/repo-status.txt
metadata/verification-summary.txt
```
## 2. Read-only validation commands
Set package path:
```powershell
$captureRoot = "runs\internal-sandbox-live-capture\<capture-id>"
```
Preferred one-command validation:
```powershell
$reportRoot = "runs\internal-sandbox-live-capture-reports"
New-Item -ItemType Directory -Force -Path $reportRoot | Out-Null
powershell -NoProfile -ExecutionPolicy Bypass -File .\scripts\validate-n12r-return-package.ps1 `
-PackageRoot $captureRoot `
-ReportPath (Join-Path $reportRoot "<capture-id>-validation.md")
```
The report path must stay outside the returned package root so validation does not modify the returned evidence package.
Check required files:
```powershell
$required = @(
"metadata\source-notes.txt",
"helper\version.json",
"helper\self-check.json",
"windows\scan-windows.json",
"windows\selected-window.json",
"uia\dump-uia-main.json",
"uia\dump-uia-main-redacted.json",
"notes\operator-notes.txt"
)
foreach ($rel in $required) {
$path = Join-Path $captureRoot $rel
if (-not (Test-Path -LiteralPath $path)) { throw "missing required file: $rel" }
}
```
Check JSON parseability:
```powershell
$jsonFiles = @(
"helper\version.json",
"helper\self-check.json",
"windows\scan-windows.json",
"windows\selected-window.json",
"uia\dump-uia-main.json",
"uia\dump-uia-main-redacted.json"
)
foreach ($rel in $jsonFiles) {
Get-Content -LiteralPath (Join-Path $captureRoot $rel) -Encoding UTF8 | ConvertFrom-Json | Out-Null
}
```
## 3. Metadata acceptance checks
`metadata/source-notes.txt` must state:
```text
source_environment: internal-network test sandbox
iSphere manually logged in: yes
client opened before capture: yes
main window visible: yes
operations used: version, self_check, scan_windows, dump_uia
forbidden actions performed: no
this package is N12R live evidence, not current-environment N12 pass
```
`notes/operator-notes.txt` must state:
```text
How login was performed: manual normal company process
Forbidden actions performed: no
```
If either note file says automatic login, sending, receiving, injection, hook, memory reading, or bypass occurred, reject the package.
## 4. Helper JSON checks
`helper/version.json` should parse to an object where:
```text
ok == true
data.helper_name == ISphereWinHelper
```
`helper/self-check.json` should parse to an object where:
```text
ok == true
data.uia_available is a boolean
```
## 5. Window scan checks
`windows/scan-windows.json` should include at least one candidate where one or more of these fields indicates iSphere / IMPlatformClient / IMPP:
```text
process_name
title
class_name
score
```
`windows/selected-window.json` should be one selected object from `scan-windows.json` and should include:
```text
hwnd
pid
process_name
title
class_name
visible
bounds
score
```
## 6. UIA dump checks
`uia/dump-uia-main.json` should parse to a helper response where:
```text
ok == true
data.root exists
```
The UIA root tree should include selector-useful fields such as:
```text
name
control_type
automation_id
class_name
framework_id
bounds
children
```
The redacted copy `uia/dump-uia-main-redacted.json` must exist before broad sharing.
## 7. Boundary rejection checks
Reject the package for N12R evidence use if any of these are true:
```text
source notes do not confirm manual login
main window was not visible
scan result has no iSphere / IMPlatformClient candidate
UIA dump is missing or empty
redacted UIA copy is missing
package includes raw passwords, tokens, cookies, private keys, or copied credential material
operator notes indicate automatic login, search, opening conversations, sending, receiving, injection, hook, memory reading, or endpoint-security bypass
package was produced by running copied executables from an offline evidence package
```
## 8. Validation result template
After validation, write a short report under:
```text
runs/internal-sandbox-live-capture/<capture-id>/metadata/outer-validation-summary.txt
```
Template:
```text
capture_id: <capture-id>
validated_at: <local time>
validated_by: outer-network coordination environment
required_files_present: yes/no
json_parse_ok: yes/no
manual_login_confirmed: yes/no
main_window_visible_confirmed: yes/no
candidate_window_found: yes/no
uia_dump_ok: yes/no
redacted_copy_present: yes/no
forbidden_actions_indicated: yes/no
validation_result: accepted/rejected
notes: <short notes>
```
## 9. Next decision after acceptance
If accepted, N12R evidence can be used for a selector-design review gate.
Do not implement selectors or action tools directly from this checklist. Selector design requires a separate written plan and explicit approval.

View File

@@ -426,6 +426,36 @@ True N12 can start only when all of these are true:
If the current environment still cannot log in, only N12-pre offline analysis is allowed. N12 remains blocked and must not be marked passed.
## 8.1 Reality update: internal-sandbox live capture route
As of 2026-07-08, the repository environment is outside the internal network, while iSphere / IMPlatformClient is internal-network only. Therefore the active live-capture route is not current-environment N12. It is:
```text
N12R: Internal-sandbox live capture route
```
Use these documents for N12R:
```text
docs/internal-sandbox-live-capture-plan.md
docs/internal-sandbox-operator-runbook.md
docs/n12r-return-package-validation-checklist.md
```
N12-pre offline packages continue to support static file inventory and offline analysis. N12R packages support live read-only UIA evidence collected from an internal-network test sandbox after manual login.
Returned N12R packages should be placed under:
```text
runs/internal-sandbox-live-capture/<capture-id>/
```
Do not mix N12-pre and N12R semantics:
- `runs/offline-evidence-intake/<evidence-id>/` is copied-file offline evidence only.
- `runs/internal-sandbox-live-capture/<capture-id>/` is live read-only UIA capture from the internal sandbox.
- Neither route authorizes automatic login, sending, receiving, injection, hook, memory reading, or endpoint-security bypass.
## 9. Coordinator request checklist for the user
Use this final user-facing request. It intentionally avoids asking the user to understand JSON.
@@ -461,4 +491,4 @@ notes/copy-notes.txt 简单写明从哪里复制、是否登录后复制
- 这只是 N12-pre 离线证据,不是 N12 通过。
- 不需要生成 manifest/scan/dump JSON那些是高级可选路径。
- 不要做自动登录、发送消息、发送文件、接收文件、注入、hook、读内存或规避安防。
```
```