# Internal Sandbox Live Capture Plan ## 1. Purpose This document replaces the unrealistic assumption that the current outer-network repository environment can log in to iSphere. iSphere is an internal-network application. The current environment is an outer-network coordination and analysis environment. Therefore, live login and live UI Automation capture must happen in a separate internal-network test sandbox where the operator can manually open and log in to iSphere. This path is named: ```text N12R: Internal-sandbox live capture route ``` `N12R` is a practical replacement route for collecting live read-only UI evidence from the internal sandbox. It does not mean the original current-environment N12 gate has passed. ## 2. Environment roles | Environment | Role | Allowed work | | --- | --- | --- | | Current outer-network repo environment | Coordination, planning, static/offline evidence analysis, report validation | Read docs, inspect copied evidence packages, generate reports, validate returned capture packages | | Internal-network test sandbox | Manual iSphere login and live read-only capture | Build/verify helper, manually log in, run only read-only scan/dump capture, package results | ## 3. Current node state Completed before this plan: ```text N0-N11 First Go MCP / C# helper phase completed N12-pre Offline evidence intake and reports for copied package zyl completed ``` Original true N12 remains blocked in the current environment because this environment cannot reach or log in to internal iSphere. New route: ```text N12R-0 Prepare internal-sandbox runbook and capture package contract N12R-1 Internal sandbox verifies helper and Go MCP readiness N12R-2 Operator manually opens and logs in to iSphere in the internal sandbox N12R-3 Operator performs read-only live window scan and UIA dump N12R-4 Operator packages redacted live capture outputs N12R-5 Outer-network environment validates returned package N12R-6 Review gate: decide whether selector design may start ``` No node may be skipped. Offline evidence never replaces live capture evidence. ## 4. Hard boundaries The internal sandbox route only allows read-only evidence capture. Allowed operations: ```text win_helper_version win_helper_self_check win_helper_scan_windows win_helper_dump_uia ``` Equivalent C# helper operations are also allowed only for capture fallback: ```text version self_check scan_windows dump_uia ``` Forbidden operations and designs: ```text search contacts open conversation send message send file receive/download file automatic login using copied credentials credential/token/cookie extraction process injection hook memory reading endpoint-security bypass/evasion stealth/persistence modifying the iSphere client running copied executables from offline evidence packages ``` The operator must use normal manual login only. ## 5. N12R package contract Returned live capture packages should be placed in this repository under: ```text runs/internal-sandbox-live-capture// ``` Recommended package shape: ```text runs/internal-sandbox-live-capture// metadata/ source-notes.txt os-version.txt process-list.txt repo-status.txt verification-summary.txt helper/ version.json self-check.json windows/ scan-windows.json selected-window.json uia/ dump-uia-main.json dump-uia-main-redacted.json notes/ operator-notes.txt ``` Optional files: ```text helper/ verify-win-helper-output.txt mcp/ verify-go-mcp-output.txt mcp-client-config.txt screenshots/ main-window-redacted.png ``` Do not include passwords, tokens, cookies, private keys, full message bodies, or unrelated business documents. ## 6. Required package notes `metadata/source-notes.txt` must include: ```text capture_id: source_environment: internal-network test sandbox operator: capture_time_local: iSphere manually logged in: yes client opened before capture: yes main window visible: yes operations used: version, self_check, scan_windows, dump_uia forbidden actions performed: no this package is N12R live evidence, not current-environment N12 pass ``` `notes/operator-notes.txt` should include: ```text What client was opened: How login was performed: manual normal company process Any MFA/SSO used: yes/no, no secrets included Selected window reason: Redactions applied: <brief list> Any capture problems: <brief list> ``` ## 7. Acceptance conditions for N12R N12R package validation passes only if all are true: 1. Package is under `runs/internal-sandbox-live-capture/<capture-id>/`. 2. `metadata/source-notes.txt` exists and states this came from an internal-network test sandbox. 3. Notes state iSphere was manually logged in and the main window was visible. 4. `helper/version.json` exists and reports `ISphereWinHelper`. 5. `helper/self-check.json` exists and indicates desktop/UIA availability. 6. `windows/scan-windows.json` exists and includes an iSphere / IMPlatformClient candidate window. 7. `windows/selected-window.json` records the selected candidate window metadata. 8. `uia/dump-uia-main.json` exists and contains a UI Automation root tree. 9. Redacted copy `uia/dump-uia-main-redacted.json` exists before broad sharing. 10. No evidence suggests clicking, typing, sending, uploading, downloading, automatic login, injection, hook, memory reading, or bypass behavior. ## 8. What N12R does not authorize N12R does not authorize selector implementation or action tools by itself. It only provides live UI structure evidence. After N12R package validation, the next step is a review gate: ```text Review whether selector design may start. ``` Selector design, if approved later, must begin as a separate written plan. It must still avoid message sending, file transfer, automatic login, injection, hook, memory reading, and bypass behavior unless an explicit later plan changes the project boundary. ## 9. Relationship to existing offline evidence Existing package: ```text runs/offline-evidence-intake/zyl/ ``` Existing reports: ```text runs/offline-evidence-intake-reports/zyl/ ``` Those reports remain useful for: ```text application inventory local data discovery static evidence analysis MsgLib format hypotheses timeline and redaction planning ``` They do not replace N12R live UIA capture. Offline evidence is context only.