Files
isphere-ai-bridge/docs/internal-sandbox-live-capture-plan.md

218 lines
6.4 KiB
Markdown

# Internal Sandbox Live Capture Plan
## 1. Purpose
This document replaces the unrealistic assumption that the current outer-network repository environment can log in to iSphere.
iSphere is an internal-network application. The current environment is an outer-network coordination and analysis environment. Therefore, live login and live UI Automation capture must happen in a separate internal-network test sandbox where the operator can manually open and log in to iSphere.
This path is named:
```text
N12R: Internal-sandbox live capture route
```
`N12R` is a practical replacement route for collecting live read-only UI evidence from the internal sandbox. It does not mean the original current-environment N12 gate has passed.
## 2. Environment roles
| Environment | Role | Allowed work |
| --- | --- | --- |
| Current outer-network repo environment | Coordination, planning, static/offline evidence analysis, report validation | Read docs, inspect copied evidence packages, generate reports, validate returned capture packages |
| Internal-network test sandbox | Manual iSphere login and live read-only capture | Build/verify helper, manually log in, run only read-only scan/dump capture, package results |
## 3. Current node state
Completed before this plan:
```text
N0-N11 First Go MCP / C# helper phase completed
N12-pre Offline evidence intake and reports for copied package zyl completed
```
Original true N12 remains blocked in the current environment because this environment cannot reach or log in to internal iSphere.
New route:
```text
N12R-0 Prepare internal-sandbox runbook and capture package contract
N12R-1 Internal sandbox verifies helper and Go MCP readiness
N12R-2 Operator manually opens and logs in to iSphere in the internal sandbox
N12R-3 Operator performs read-only live window scan and UIA dump
N12R-4 Operator packages redacted live capture outputs
N12R-5 Outer-network environment validates returned package
N12R-6 Review gate: decide whether selector design may start
```
No node may be skipped. Offline evidence never replaces live capture evidence.
## 4. Hard boundaries
The internal sandbox route only allows read-only evidence capture.
Allowed operations:
```text
win_helper_version
win_helper_self_check
win_helper_scan_windows
win_helper_dump_uia
```
Equivalent C# helper operations are also allowed only for capture fallback:
```text
version
self_check
scan_windows
dump_uia
```
Forbidden operations and designs:
```text
search contacts
open conversation
send message
send file
receive/download file
automatic login
using copied credentials
credential/token/cookie extraction
process injection
hook
memory reading
endpoint-security bypass/evasion
stealth/persistence
modifying the iSphere client
running copied executables from offline evidence packages
```
The operator must use normal manual login only.
## 5. N12R package contract
Returned live capture packages should be placed in this repository under:
```text
runs/internal-sandbox-live-capture/<capture-id>/
```
Recommended package shape:
```text
runs/internal-sandbox-live-capture/<capture-id>/
metadata/
source-notes.txt
os-version.txt
process-list.txt
repo-status.txt
verification-summary.txt
helper/
version.json
self-check.json
windows/
scan-windows.json
selected-window.json
uia/
dump-uia-main.json
dump-uia-main-redacted.json
notes/
operator-notes.txt
```
Optional files:
```text
helper/
verify-win-helper-output.txt
mcp/
verify-go-mcp-output.txt
mcp-client-config.txt
screenshots/
main-window-redacted.png
```
Do not include passwords, tokens, cookies, private keys, full message bodies, or unrelated business documents.
## 6. Required package notes
`metadata/source-notes.txt` must include:
```text
capture_id: <capture-id>
source_environment: internal-network test sandbox
operator: <name or role>
capture_time_local: <YYYY-MM-DD HH:mm:ss timezone>
iSphere manually logged in: yes
client opened before capture: yes
main window visible: yes
operations used: version, self_check, scan_windows, dump_uia
forbidden actions performed: no
this package is N12R live evidence, not current-environment N12 pass
```
`notes/operator-notes.txt` should include:
```text
What client was opened: <iSphere / IMPlatformClient>
How login was performed: manual normal company process
Any MFA/SSO used: yes/no, no secrets included
Selected window reason: <title/process/class/score>
Redactions applied: <brief list>
Any capture problems: <brief list>
```
## 7. Acceptance conditions for N12R
N12R package validation passes only if all are true:
1. Package is under `runs/internal-sandbox-live-capture/<capture-id>/`.
2. `metadata/source-notes.txt` exists and states this came from an internal-network test sandbox.
3. Notes state iSphere was manually logged in and the main window was visible.
4. `helper/version.json` exists and reports `ISphereWinHelper`.
5. `helper/self-check.json` exists and indicates desktop/UIA availability.
6. `windows/scan-windows.json` exists and includes an iSphere / IMPlatformClient candidate window.
7. `windows/selected-window.json` records the selected candidate window metadata.
8. `uia/dump-uia-main.json` exists and contains a UI Automation root tree.
9. Redacted copy `uia/dump-uia-main-redacted.json` exists before broad sharing.
10. No evidence suggests clicking, typing, sending, uploading, downloading, automatic login, injection, hook, memory reading, or bypass behavior.
## 8. What N12R does not authorize
N12R does not authorize selector implementation or action tools by itself. It only provides live UI structure evidence.
After N12R package validation, the next step is a review gate:
```text
Review whether selector design may start.
```
Selector design, if approved later, must begin as a separate written plan. It must still avoid message sending, file transfer, automatic login, injection, hook, memory reading, and bypass behavior unless an explicit later plan changes the project boundary.
## 9. Relationship to existing offline evidence
Existing package:
```text
runs/offline-evidence-intake/zyl/
```
Existing reports:
```text
runs/offline-evidence-intake-reports/zyl/
```
Those reports remain useful for:
```text
application inventory
local data discovery
static evidence analysis
MsgLib format hypotheses
timeline and redaction planning
```
They do not replace N12R live UIA capture. Offline evidence is context only.