Attach AgentPlane refs to SourceOSInteractionEvent evidence binding

.github/workflows/sourceos-interaction-evidence-binding.yml

@@ -0,0 +1,40 @@
+name: SourceOS Interaction Evidence Binding
+
+on:
+  pull_request:
+    branches: ["main"]
+    paths:
+      - "docs/integration/sourceos-interaction-evidence-binding.md"
+      - "schemas/integration/sourceos-interaction-evidence-binding.v0.1.schema.json"
+      - "tests/fixtures/integration/sourceos-interaction-evidence-binding*.json"
+      - "tools/validate_sourceos_interaction_evidence_binding.py"
+      - ".github/workflows/sourceos-interaction-evidence-binding.yml"
+  push:
+    branches: ["main", "work/sourceos-interaction-evidence-251"]
+    paths:
+      - "docs/integration/sourceos-interaction-evidence-binding.md"
+      - "schemas/integration/sourceos-interaction-evidence-binding.v0.1.schema.json"
+      - "tests/fixtures/integration/sourceos-interaction-evidence-binding*.json"
+      - "tools/validate_sourceos_interaction_evidence_binding.py"
+      - ".github/workflows/sourceos-interaction-evidence-binding.yml"
+
+permissions:
+  contents: read
+
+jobs:
+  validate-sourceos-interaction-evidence-binding:
+    name: Validate SourceOS interaction evidence binding
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install validator dependency
+        run: python -m pip install --upgrade pip jsonschema
+
+      - name: Validate binding fixtures
+        run: python tools/validate_sourceos_interaction_evidence_binding.py

docs/integration/sourceos-interaction-evidence-binding.md

@@ -0,0 +1,81 @@
+# SourceOSInteractionEvent evidence binding
+
+## Status
+
+Fixture, schema, and validation binding only. This document does not add runtime execution behavior.
+
+AgentPlane owns execution evidence, replay artifacts, validation artifacts, placement artifacts, and run artifacts. It may attach those authoritative references to a `SourceOSInteractionEvent` governance trace so Noetica, AgentTerm, and Superconscious can render the same interaction lifecycle without owning execution evidence semantics.
+
+## Canonical interaction contract
+
+`SourceOSInteractionEvent` is owned by `SourceOS-Linux/sourceos-spec`:
+
+- `schemas/SourceOSInteractionEvent.json`
+- `generated/typescript/sourceos-interaction-event.ts`
+- `generated/python/sourceos_interaction_event.py`
+
+AgentPlane does not own this schema. AgentPlane owns the evidence artifacts referenced by the interaction event.
+
+## Required AgentPlane references
+
+A SourceOS interaction evidence binding records:
+
+- `source_interaction_event_ref`
+- `result_interaction_event_ref`
+- `agentplane_run_ref`
+- `validation_artifact_ref`
+- `placement_decision_ref`
+- `run_artifact_ref`
+- `evidence_artifact_refs`
+- `replay_ref`
+- `context_pack_refs`
+- `policy_decision_refs`
+- `redaction_refs`
+
+The binding exists so an interaction event can carry AgentPlane evidence references without copying raw execution logs, unrestricted stdout/stderr, secrets, credentials, or private chain-of-thought.
+
+## Authority boundaries
+
+AgentPlane owns:
+
+- execution evidence;
+- run artifacts;
+- replay artifacts;
+- validation artifacts;
+- placement artifacts;
+- evidence bundle refs.
+
+AgentPlane does not own:
+
+- browser, terminal, Matrix, or Noetica UI surfaces;
+- Policy Fabric policy admission;
+- Agent Registry identity, grants, sessions, or revocation;
+- Memory Mesh durable memory or context-pack semantics;
+- SourceOSInteractionEvent schema ownership.
+
+## Expected flow
+
+```text
+Noetica / AgentTerm / Superconscious source event
+  -> SourceOSInteractionEvent ref
+  -> AgentPlane validation / placement / run / evidence / replay
+  -> SourceOS interaction evidence binding
+  -> result SourceOSInteractionEvent ref with AgentPlane refs attached
+  -> AgentTerm or Noetica renders the governance trace
+```
+
+## Payload posture
+
+The binding is reference-oriented. It must not contain raw execution logs, unrestricted shell output, unrestricted transcripts, credentials, secrets, private chain-of-thought, or unredacted stdout/stderr.
+
+Use artifact refs and hashes instead.
+
+## Validation
+
+Run:
+
+```bash
+python3 tools/validate_sourceos_interaction_evidence_binding.py tests/fixtures/integration/sourceos-interaction-evidence-binding.valid.json
+```
+
+Invalid fixtures prove that missing replay refs and raw log leakage fail closed.

schemas/integration/sourceos-interaction-evidence-binding.v0.1.schema.json

@@ -0,0 +1,70 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://schemas.socioprophet.org/agentplane/integration/sourceos-interaction-evidence-binding.v0.1.schema.json",
+  "title": "SourceOS Interaction Evidence Binding v0.1",
+  "type": "object",
+  "additionalProperties": false,
+  "required": [
+    "schemaVersion",
+    "recordType",
+    "binding_id",
+    "source_interaction_event_ref",
+    "result_interaction_event_ref",
+    "agentplane_run_ref",
+    "validation_artifact_ref",
+    "placement_decision_ref",
+    "run_artifact_ref",
+    "evidence_artifact_refs",
+    "replay_ref",
+    "policy_decision_refs",
+    "context_pack_refs",
+    "redaction_refs",
+    "authority_boundaries",
+    "payload_mode",
+    "claim_boundary",
+    "issued_at"
+  ],
+  "properties": {
+    "schemaVersion": {"const": "agentplane.sourceos-interaction-evidence-binding.v0.1"},
+    "recordType": {"const": "SourceOSInteractionEvidenceBinding"},
+    "binding_id": {"type": "string", "pattern": "^urn:srcos:agentplane:sourceos-interaction-evidence-binding:"},
+    "source_interaction_event_ref": {"type": "string", "pattern": "^urn:srcos:interaction-event:"},
+    "result_interaction_event_ref": {"type": "string", "pattern": "^urn:srcos:interaction-event:"},
+    "agentplane_run_ref": {"type": "string", "minLength": 1},
+    "validation_artifact_ref": {"type": "string", "minLength": 1},
+    "placement_decision_ref": {"type": "string", "minLength": 1},
+    "run_artifact_ref": {"type": "string", "minLength": 1},
+    "evidence_artifact_refs": {"type": "array", "minItems": 1, "items": {"type": "string", "minLength": 1}},
+    "replay_ref": {"type": "string", "minLength": 1},
+    "policy_decision_refs": {"type": "array", "items": {"type": "string", "minLength": 1}},
+    "context_pack_refs": {"type": "array", "items": {"type": "string", "minLength": 1}},
+    "redaction_refs": {"type": "array", "items": {"type": "string", "minLength": 1}},
+    "authority_boundaries": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "agentplane",
+        "sourceos_spec",
+        "policy_fabric",
+        "agent_registry",
+        "memory_mesh",
+        "noetica",
+        "agent_term",
+        "superconscious"
+      ],
+      "properties": {
+        "agentplane": {"const": "execution-evidence-replay-authority"},
+        "sourceos_spec": {"const": "canonical-interaction-schema-owner"},
+        "policy_fabric": {"const": "policy-admission-authority"},
+        "agent_registry": {"const": "identity-grant-authority"},
+        "memory_mesh": {"const": "memory-context-pack-authority"},
+        "noetica": {"const": "browser-chat-surface"},
+        "agent_term": {"const": "terminal-operator-surface"},
+        "superconscious": {"const": "task-cognition-coordinator"}
+      }
+    },
+    "payload_mode": {"type": "string", "enum": ["metadata-only", "summary", "ref-only", "inline-bounded", "redacted"]},
+    "claim_boundary": {"type": "string", "minLength": 1},
+    "issued_at": {"type": "string", "minLength": 1}
+  }
+}

tests/fixtures/integration/sourceos-interaction-evidence-binding.missing-replay.invalid.json

@@ -0,0 +1,30 @@
+{
+  "schemaVersion": "agentplane.sourceos-interaction-evidence-binding.v0.1",
+  "recordType": "SourceOSInteractionEvidenceBinding",
+  "binding_id": "urn:srcos:agentplane:sourceos-interaction-evidence-binding:missing-replay-0001",
+  "source_interaction_event_ref": "urn:srcos:interaction-event:noetica-standalone-complete-0001",
+  "result_interaction_event_ref": "urn:srcos:interaction-event:agentplane-run-completed-0001",
+  "agentplane_run_ref": "urn:srcos:agentplane:run:noetica-superconscious-run-0001",
+  "validation_artifact_ref": "artifact://agentplane/noetica-superconscious-run-0001/validation-artifact.json#sha256:1111111111111111111111111111111111111111111111111111111111111111",
+  "placement_decision_ref": "artifact://agentplane/noetica-superconscious-run-0001/placement-decision.json#sha256:2222222222222222222222222222222222222222222222222222222222222222",
+  "run_artifact_ref": "artifact://agentplane/noetica-superconscious-run-0001/run-artifact.json#sha256:3333333333333333333333333333333333333333333333333333333333333333",
+  "evidence_artifact_refs": [
+    "artifact://agentplane/noetica-superconscious-run-0001/evidence-bundle.json#sha256:4444444444444444444444444444444444444444444444444444444444444444"
+  ],
+  "policy_decision_refs": [],
+  "context_pack_refs": [],
+  "redaction_refs": [],
+  "authority_boundaries": {
+    "agentplane": "execution-evidence-replay-authority",
+    "sourceos_spec": "canonical-interaction-schema-owner",
+    "policy_fabric": "policy-admission-authority",
+    "agent_registry": "identity-grant-authority",
+    "memory_mesh": "memory-context-pack-authority",
+    "noetica": "browser-chat-surface",
+    "agent_term": "terminal-operator-surface",
+    "superconscious": "task-cognition-coordinator"
+  },
+  "payload_mode": "ref-only",
+  "claim_boundary": "Invalid fixture missing replay reference.",
+  "issued_at": "2026-05-30T22:20:00Z"
+}

tests/fixtures/integration/sourceos-interaction-evidence-binding.raw-log.invalid.json

@@ -0,0 +1,31 @@
+{
+  "schemaVersion": "agentplane.sourceos-interaction-evidence-binding.v0.1",
+  "recordType": "SourceOSInteractionEvidenceBinding",
+  "binding_id": "urn:srcos:agentplane:sourceos-interaction-evidence-binding:raw-log-leak-0001",
+  "source_interaction_event_ref": "urn:srcos:interaction-event:noetica-standalone-complete-0001",
+  "result_interaction_event_ref": "urn:srcos:interaction-event:agentplane-run-completed-0001",
+  "agentplane_run_ref": "urn:srcos:agentplane:run:noetica-superconscious-run-0001",
+  "validation_artifact_ref": "artifact://agentplane/noetica-superconscious-run-0001/validation-artifact.json#sha256:1111111111111111111111111111111111111111111111111111111111111111",
+  "placement_decision_ref": "artifact://agentplane/noetica-superconscious-run-0001/placement-decision.json#sha256:2222222222222222222222222222222222222222222222222222222222222222",
+  "run_artifact_ref": "raw stdout: token=secret unrestricted shell output",
+  "evidence_artifact_refs": [
+    "artifact://agentplane/noetica-superconscious-run-0001/evidence-bundle.json#sha256:4444444444444444444444444444444444444444444444444444444444444444"
+  ],
+  "replay_ref": "artifact://agentplane/noetica-superconscious-run-0001/replay-artifact.json#sha256:5555555555555555555555555555555555555555555555555555555555555555",
+  "policy_decision_refs": [],
+  "context_pack_refs": [],
+  "redaction_refs": [],
+  "authority_boundaries": {
+    "agentplane": "execution-evidence-replay-authority",
+    "sourceos_spec": "canonical-interaction-schema-owner",
+    "policy_fabric": "policy-admission-authority",
+    "agent_registry": "identity-grant-authority",
+    "memory_mesh": "memory-context-pack-authority",
+    "noetica": "browser-chat-surface",
+    "agent_term": "terminal-operator-surface",
+    "superconscious": "task-cognition-coordinator"
+  },
+  "payload_mode": "ref-only",
+  "claim_boundary": "Invalid fixture leaks raw execution logs.",
+  "issued_at": "2026-05-30T22:20:00Z"
+}

tests/fixtures/integration/sourceos-interaction-evidence-binding.valid.json

@@ -0,0 +1,35 @@
+{
+  "schemaVersion": "agentplane.sourceos-interaction-evidence-binding.v0.1",
+  "recordType": "SourceOSInteractionEvidenceBinding",
+  "binding_id": "urn:srcos:agentplane:sourceos-interaction-evidence-binding:noetica-superconscious-run-0001",
+  "source_interaction_event_ref": "urn:srcos:interaction-event:noetica-standalone-complete-0001",
+  "result_interaction_event_ref": "urn:srcos:interaction-event:agentplane-run-completed-0001",
+  "agentplane_run_ref": "urn:srcos:agentplane:run:noetica-superconscious-run-0001",
+  "validation_artifact_ref": "artifact://agentplane/noetica-superconscious-run-0001/validation-artifact.json#sha256:1111111111111111111111111111111111111111111111111111111111111111",
+  "placement_decision_ref": "artifact://agentplane/noetica-superconscious-run-0001/placement-decision.json#sha256:2222222222222222222222222222222222222222222222222222222222222222",
+  "run_artifact_ref": "artifact://agentplane/noetica-superconscious-run-0001/run-artifact.json#sha256:3333333333333333333333333333333333333333333333333333333333333333",
+  "evidence_artifact_refs": [
+    "artifact://agentplane/noetica-superconscious-run-0001/evidence-bundle.json#sha256:4444444444444444444444444444444444444444444444444444444444444444"
+  ],
+  "replay_ref": "artifact://agentplane/noetica-superconscious-run-0001/replay-artifact.json#sha256:5555555555555555555555555555555555555555555555555555555555555555",
+  "policy_decision_refs": [
+    "urn:srcos:decision:noetica-standalone-admit-0001"
+  ],
+  "context_pack_refs": [
+    "urn:srcos:context-pack:noetica-session-local-bounded-0001"
+  ],
+  "redaction_refs": [],
+  "authority_boundaries": {
+    "agentplane": "execution-evidence-replay-authority",
+    "sourceos_spec": "canonical-interaction-schema-owner",
+    "policy_fabric": "policy-admission-authority",
+    "agent_registry": "identity-grant-authority",
+    "memory_mesh": "memory-context-pack-authority",
+    "noetica": "browser-chat-surface",
+    "agent_term": "terminal-operator-surface",
+    "superconscious": "task-cognition-coordinator"
+  },
+  "payload_mode": "ref-only",
+  "claim_boundary": "AgentPlane attaches execution, validation, placement, evidence, and replay references to SourceOSInteractionEvent governance traces. It does not own Policy Fabric admission, Agent Registry grants, Memory Mesh context-pack semantics, Noetica UI state, AgentTerm terminal state, or SourceOSInteractionEvent schema ownership.",
+  "issued_at": "2026-05-30T22:20:00Z"
+}