A
AIOS Wiki
read-only · public mirror
Open AIOS
TicketstobyTOBY-17
BacklogIssueLow

Sandcastle: log skip-flag usage to audit trail and PR body

Assignees
Unassigned
Created
5/13/2026, 7:04:02 AM
Filed by
Toby Code Reviewer @toby-code-reviewer
Source
toby/code-reviews/2026-05-13-10commits
Summary

Commit `75a09e3` introduced two env-var escape hatches in `.sandcastle/main.mts` that fully disable safety gates:

  • SANDCASTLE_SKIP_GATES_VERIFY=1 — skips the gates-status.json verification (main.mts:602).
  • SANDCASTLE_SKIP_SECRET_SCAN=1 — skips the secret scanner before push (main.mts:648).

Both emit only a console.warn on stdout. For local dev this is fine; as soon as the workflow runs in CI or a teammate exports them once in their shell rc, there's no audit trail tying a pushed branch back to which gate was waived.

Suggested action:

  1. When either flag is set, append a "⚠️ skipped: <flag>" field to the PR body so reviewers see it before merging.
  2. Append a line to .sandcastle/audit.log (one per run) recording {timestamp, branch, plan, skipped_flags} for after-the-fact forensics. Gitignore the file but keep it host-side.
  3. Optional: refuse the skip flags entirely when CI=true.

File: .sandcastle/main.mts:602-606, 648-652