auto-sync: tudo-para-ia-mais-humana 2026-05-02 04:14:46

2026-05-02 04:14:46 -03:00
parent 71c6db6e54
commit a9d9b363d0
6 changed files with 234 additions and 59 deletions
--- a/dados/mcp-publication-gate-central-write-status.json
+++ b/dados/mcp-publication-gate-central-write-status.json
@@ -8,7 +8,7 @@
      "path": "G:\\_codex-git\\nucleo-gestao-operacional\\central-de-ordem-de-servico\\projects\\15_repo_tudo-para-ia-mais-humana-platform\\reports\\executivos\\MCP-PUBLICATION-GATE-MAIS-HUMANA__RODADA015.md"
    }
  ],
-  "generatedAt": "2026-05-02T06:07:10+00:00",
+  "generatedAt": "2026-05-02T07:13:16+00:00",
  "ok": false,
  "policy": "falha de escrita central nao aborta artefatos do projeto real"
 }
--- a/dados/mcp-publication-gate-mais-humana.json
+++ b/dados/mcp-publication-gate-mais-humana.json
@@ -17,7 +17,10 @@
    "repo_remote": "https://git.ami.app.br/admin/tudo-para-ia-mais-humana.git"
  },
  "blockers": [
-    "wrangler_auth_not_confirmed",
+    "mais_humana.rulebook.compact:missing_transit:payload",
+    "mais_humana.admin_ui.same_source:missing_transit:payload",
+    "mais_humana.mcp_transit.ledger:missing_transit:payload",
+    "mais_humana.admin_routes.acceptance:missing_transit:payload",
    "canonical_name_requires_institutional_decision",
    "git_sync_blocked"
  ],
@@ -27,7 +30,7 @@
  "decisions": [
    {
      "evidence_refs": [
-        "6032d87c13f58ddb8ba217955c95baf1841bd1b8b8a98a090282bc562cafb6ff",
+        "c22d27b86de895b23a8a1f9cd932361cce45297757bb0c74bf88cf955a8cdd6d",
        "wrangler_runner"
      ],
      "next_action": "homologar runner Node/esbuild/workerd e repetir wrangler deploy --dry-run antes do deploy real",
@@ -39,12 +42,13 @@
      "evidence_refs": [
        "evidence-a75a27e0669c49da1db8b615",
        "evidence-af37a8d489b0038a7a6b5575",
-        "evidence-3f0e3b9f829c7ff912b335d0"
+        "evidence-3f0e3b9f829c7ff912b335d0",
+        "evidence-6be52832c728db2bbbbce461"
      ],
      "next_action": "retestar as tres tools apos deploy do mcps-gateway contendo o provider Mais Humana",
      "order_id": "0032_EXECUTIVA__validar-live-tools-mais-humana-v1-execute-com-evidencia",
      "reason": "endpoint live foi sondado sem persistir bearer bruto",
-      "status": "passed"
+      "status": "partial"
    },
    {
      "evidence_refs": [
@@ -52,7 +56,7 @@
      ],
      "next_action": "corrigir credencial Git/Schannel e reconciliar ahead/behind sem reset destrutivo",
      "order_id": "0033_EXECUTIVA__sincronizar-git-mais-humana-mcps-central-com-credenciais",
-      "reason": "fetch/push bloqueados por SEC_E_NO_CREDENTIALS e FETCH_HEAD/index.lock conforme auditoria segura",
+      "reason": "fetch normal falhou por SEC_E_NO_CREDENTIALS; fetch em memoria no repo real OK; central suja/divergente sem reconciliação destrutiva",
      "status": "blocked"
    },
    {
@@ -76,7 +80,7 @@
    {
      "evidence_refs": [
        "wrangler_runner",
-        "6032d87c13f58ddb8ba217955c95baf1841bd1b8b8a98a090282bc562cafb6ff"
+        "c22d27b86de895b23a8a1f9cd932361cce45297757bb0c74bf88cf955a8cdd6d"
      ],
      "next_action": "definir owner, janela, version atual, rollback e criterio de sucesso antes de deploy real",
      "order_id": "0043_GERENCIAL__aprovar-janela-publicacao-provider-mais-humana-com-rollback",
@@ -86,7 +90,7 @@
    {
      "evidence_refs": [
        "mcp_transit_ledger",
-        "6032d87c13f58ddb8ba217955c95baf1841bd1b8b8a98a090282bc562cafb6ff"
+        "c22d27b86de895b23a8a1f9cd932361cce45297757bb0c74bf88cf955a8cdd6d"
      ],
      "next_action": "aplicar requiredFields em toda publicacao interplataforma",
      "order_id": "0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release",
@@ -97,7 +101,8 @@
      "evidence_refs": [
        "evidence-a75a27e0669c49da1db8b615",
        "evidence-af37a8d489b0038a7a6b5575",
-        "evidence-3f0e3b9f829c7ff912b335d0"
+        "evidence-3f0e3b9f829c7ff912b335d0",
+        "evidence-6be52832c728db2bbbbce461"
      ],
      "next_action": "formalizar headers minimos, WAF, rate limit, logs e retencao de evidencias",
      "order_id": "0045_GERENCIAL__pactuar-politica-acesso-waf-gpt-mcp-gateway",
@@ -111,7 +116,7 @@
      "next_action": "homologar host que permita Node, esbuild/workerd e node --test sem spawn EPERM",
      "order_id": "0046_GERENCIAL__homologar-runner-oficial-wrangler-node-esbuild",
      "reason": "Wrangler autenticou quando executado diretamente, mas deploy dry-run nao ficou confirmado",
-      "status": "blocked"
+      "status": "not_run"
    },
    {
      "evidence_refs": [
@@ -137,20 +142,22 @@
      "executeMaisHumanaGatewayTool",
      "mais_humana.rulebook.compact",
      "mais_humana.admin_ui.same_source",
-      "mais_humana.mcp_transit.ledger"
+      "mais_humana.mcp_transit.ledger",
+      "mais_humana.admin_routes.acceptance"
    ],
    "provider_id": "mais_humana",
-    "source_hash": "6032d87c13f58ddb8ba217955c95baf1841bd1b8b8a98a090282bc562cafb6ff",
+    "source_hash": "c22d27b86de895b23a8a1f9cd932361cce45297757bb0c74bf88cf955a8cdd6d",
    "tests_path": "G:\\_codex-git\\tudo-para-ia-mcps-internos-plataform\\tests\\platform\\mcps-gateway-mais-humana-provider.test.ts",
    "tests_present": true,
    "tool_ids": [
      "mais_humana.rulebook.compact",
      "mais_humana.admin_ui.same_source",
-      "mais_humana.mcp_transit.ledger"
+      "mais_humana.mcp_transit.ledger",
+      "mais_humana.admin_routes.acceptance"
    ]
  },
-  "generated_at": "2026-05-02T06:07:10+00:00",
-  "liveReady": true,
+  "generated_at": "2026-05-02T07:13:16+00:00",
+  "liveReady": false,
  "live_probes": [
    {
      "audit_id": "audit-a75a27e0669c49da1db8b615",
@@ -158,7 +165,10 @@
      "error_code": "",
      "evidence_id": "evidence-a75a27e0669c49da1db8b615",
      "http_status": 200,
-      "observed_at": "2026-05-02T06:07:09+00:00",
+      "missing_transit_fields": [
+        "payload"
+      ],
+      "observed_at": "2026-05-02T07:13:16+00:00",
      "ok": true,
      "response_excerpt": {
        "__truncated__": true,
@@ -183,7 +193,18 @@
      "source_records_hash": "a75a27e0669c49da1db8b6157757c0615eed06c32674c7ed87a6db5d071359de",
      "status": "ok",
      "tool_id": "mais_humana.rulebook.compact",
-      "trace_id": "trace-3e1c8f057ac439f4b9b3eb7f"
+      "trace_id": "trace-3e1c8f057ac439f4b9b3eb7f",
+      "transit_fields_present": [
+        "origin",
+        "destination",
+        "tool",
+        "actor",
+        "permission",
+        "result",
+        "traceId",
+        "auditId",
+        "timestamp"
+      ]
    },
    {
      "audit_id": "audit-af37a8d489b0038a7a6b5575",
@@ -191,7 +212,10 @@
      "error_code": "",
      "evidence_id": "evidence-af37a8d489b0038a7a6b5575",
      "http_status": 200,
-      "observed_at": "2026-05-02T06:07:10+00:00",
+      "missing_transit_fields": [
+        "payload"
+      ],
+      "observed_at": "2026-05-02T07:13:16+00:00",
      "ok": true,
      "response_excerpt": {
        "__truncated__": true,
@@ -216,7 +240,18 @@
      "source_records_hash": "af37a8d489b0038a7a6b5575970ec69855dd0f0e0ab09cf38b0e7658d3678195",
      "status": "ok",
      "tool_id": "mais_humana.admin_ui.same_source",
-      "trace_id": "trace-17e7d8039c8c34e3f570b6de"
+      "trace_id": "trace-17e7d8039c8c34e3f570b6de",
+      "transit_fields_present": [
+        "origin",
+        "destination",
+        "tool",
+        "actor",
+        "permission",
+        "result",
+        "traceId",
+        "auditId",
+        "timestamp"
+      ]
    },
    {
      "audit_id": "audit-3f0e3b9f829c7ff912b335d0",
@@ -224,7 +259,10 @@
      "error_code": "",
      "evidence_id": "evidence-3f0e3b9f829c7ff912b335d0",
      "http_status": 200,
-      "observed_at": "2026-05-02T06:07:10+00:00",
+      "missing_transit_fields": [
+        "payload"
+      ],
+      "observed_at": "2026-05-02T07:13:16+00:00",
      "ok": true,
      "response_excerpt": {
        "__truncated__": true,
@@ -249,35 +287,92 @@
      "source_records_hash": "3f0e3b9f829c7ff912b335d01afb5e78acdaa331bd984713dfca757072be6bbf",
      "status": "ok",
      "tool_id": "mais_humana.mcp_transit.ledger",
-      "trace_id": "trace-dae7d91a59e37901d50c027d"
+      "trace_id": "trace-dae7d91a59e37901d50c027d",
+      "transit_fields_present": [
+        "origin",
+        "destination",
+        "tool",
+        "actor",
+        "permission",
+        "result",
+        "traceId",
+        "auditId",
+        "timestamp"
+      ]
+    },
+    {
+      "audit_id": "audit-6be52832c728db2bbbbce461",
+      "endpoint": "https://mcps-gateway.ami-app.workers.dev/v1/execute",
+      "error_code": "",
+      "evidence_id": "evidence-6be52832c728db2bbbbce461",
+      "http_status": 200,
+      "missing_transit_fields": [
+        "payload"
+      ],
+      "observed_at": "2026-05-02T07:13:16+00:00",
+      "ok": true,
+      "response_excerpt": {
+        "__truncated__": true,
+        "actorId": "codex.service-order-round",
+        "auditId": "audit:mcps-gateway:codex.service-order-round:mais_humana.admin_routes.acceptance",
+        "blockers": "[]",
+        "consumption": "None",
+        "nextActions": "[]",
+        "ok": "True",
+        "organizationId": "None",
+        "productId": "None",
+        "providerId": "mais_humana",
+        "readiness": "None",
+        "sampleData": "False",
+        "simulated": "False",
+        "status": "blocked",
+        "traceId": "trace:mcps-gateway:codex.service-order-round:mais_humana.admin_routes.acceptance",
+        "userId": "None",
+        "workspaceId": "None"
+      },
+      "source_payload_hash": "364a5b5997194d485948655720ff713f61ec091dc08ab899e302ad965ace04ba",
+      "source_records_hash": "6be52832c728db2bbbbce461ff39cbf52b8e26111b0710f303061dc38a0ecb3d",
+      "status": "ok",
+      "tool_id": "mais_humana.admin_routes.acceptance",
+      "trace_id": "trace-364a5b5997194d4859486557",
+      "transit_fields_present": [
+        "origin",
+        "destination",
+        "tool",
+        "actor",
+        "permission",
+        "result",
+        "traceId",
+        "auditId",
+        "timestamp"
+      ]
    }
  ],
  "localReady": true,
  "provider_id": "mais_humana",
-  "report_id": "mcp-publication-gate-2026-05-02t0607100000",
+  "report_id": "mcp-publication-gate-2026-05-02t0713160000",
  "status": "partial",
  "summary": [
    "Provider local Mais Humana pronto: True.",
    "Wrangler autenticado: False; deploy dry-run OK: False.",
-    "Tools live prontas: 3/3.",
+    "Tools live prontas: 0/4.",
+    "Probes live com envelope MCP completo: 0/4.",
    "Nome atual: tudo-para-ia-mais-humana; canonico recomendado: tudo-para-ia-mais-humana-platform; ownerPlatformId MCP: tudo-para-ia-mais-humana-platform.",
    "Decisoes de OS avaliadas: 10."
  ],
  "wrangler_runner": {
    "account_id": "",
    "account_name": "",
-    "attempted": true,
+    "attempted": false,
    "authenticated": false,
-    "blockers": [
-      "wrangler_auth_not_confirmed"
-    ],
+    "blockers": [],
    "command_status": {
      "wrangler_deploy_dry_run": "not_confirmed",
      "wrangler_version": "unknown",
      "wrangler_whoami": "unknown"
    },
    "deploy_dry_run_ok": false,
-    "raw_summary": "deploy manual informado pelo roteador; wrangler local nao utilizado nesta etapa; conferir live por HTTP",
+    "raw_summary": "",
    "version": ""
  }
 }
--- a/ecossistema/MCP-PUBLICATION-GATE-MAIS-HUMANA.md
+++ b/ecossistema/MCP-PUBLICATION-GATE-MAIS-HUMANA.md
@@ -1,21 +1,22 @@
 # Gate de publicacao MCP Mais Humana

- report_id: `mcp-publication-gate-2026-05-02t0607100000`
- generated_at: `2026-05-02T06:07:10+00:00`
+- report_id: `mcp-publication-gate-2026-05-02t0713160000`
+- generated_at: `2026-05-02T07:13:16+00:00`
 - provider_id: `mais_humana`
 - current_project_id: `tudo-para-ia-mais-humana`
 - canonical_project_id: `tudo-para-ia-mais-humana-platform`
 - control_plane: `tudo-para-ia-mcps-internos-plataform`
 - status: `partial`
 - local_ready: `True`
- live_ready: `True`
+- live_ready: `False`
 - deploy_ready: `False`

 ## Sumario

 - Provider local Mais Humana pronto: True.
 - Wrangler autenticado: False; deploy dry-run OK: False.
- Tools live prontas: 3/3.
+- Tools live prontas: 0/4.
+- Probes live com envelope MCP completo: 0/4.
 - Nome atual: tudo-para-ia-mais-humana; canonico recomendado: tudo-para-ia-mais-humana-platform; ownerPlatformId MCP: tudo-para-ia-mais-humana-platform.
 - Decisoes de OS avaliadas: 10.

@@ -25,20 +26,18 @@
 - managed_catalog: `G:\_codex-git\tudo-para-ia-mcps-internos-plataform\deploy\mcps-gateway\src\providers\managed-catalog.ts`
 - managed_provider_manager: `G:\_codex-git\tudo-para-ia-mcps-internos-plataform\deploy\mcps-gateway\src\managers\managed-provider-manager.ts`
 - tests: `G:\_codex-git\tudo-para-ia-mcps-internos-plataform\tests\platform\mcps-gateway-mais-humana-provider.test.ts`
- source_hash: `6032d87c13f58ddb8ba217955c95baf1841bd1b8b8a98a090282bc562cafb6ff`
- snippets_presentes: `6`
+- source_hash: `c22d27b86de895b23a8a1f9cd932361cce45297757bb0c74bf88cf955a8cdd6d`
+- snippets_presentes: `7`
 - snippets_ausentes: `0`

 ## Wrangler

- attempted: `True`
+- attempted: `False`
 - version: `nao_confirmada`
 - authenticated: `False`
 - account_name: `nao_confirmada`
 - account_id: `nao_confirmada`
 - deploy_dry_run_ok: `False`
- blockers:
-  - `wrangler_auth_not_confirmed`

 ## Probes live

@@ -47,16 +46,29 @@
  - evidenceId: `evidence-a75a27e0669c49da1db8b615`
  - traceId: `trace-3e1c8f057ac439f4b9b3eb7f`
  - auditId: `audit-a75a27e0669c49da1db8b615`
+  - transit_fields_present: `origin, destination, tool, actor, permission, result, traceId, auditId, timestamp`
+  - missing_transit_fields: `payload`
 - `mais_humana.admin_ui.same_source` status `ok` http `200` ok `True`
  - error_code: `none`
  - evidenceId: `evidence-af37a8d489b0038a7a6b5575`
  - traceId: `trace-17e7d8039c8c34e3f570b6de`
  - auditId: `audit-af37a8d489b0038a7a6b5575`
+  - transit_fields_present: `origin, destination, tool, actor, permission, result, traceId, auditId, timestamp`
+  - missing_transit_fields: `payload`
 - `mais_humana.mcp_transit.ledger` status `ok` http `200` ok `True`
  - error_code: `none`
  - evidenceId: `evidence-3f0e3b9f829c7ff912b335d0`
  - traceId: `trace-dae7d91a59e37901d50c027d`
  - auditId: `audit-3f0e3b9f829c7ff912b335d0`
+  - transit_fields_present: `origin, destination, tool, actor, permission, result, traceId, auditId, timestamp`
+  - missing_transit_fields: `payload`
+- `mais_humana.admin_routes.acceptance` status `ok` http `200` ok `True`
+  - error_code: `none`
+  - evidenceId: `evidence-6be52832c728db2bbbbce461`
+  - traceId: `trace-364a5b5997194d4859486557`
+  - auditId: `audit-6be52832c728db2bbbbce461`
+  - transit_fields_present: `origin, destination, tool, actor, permission, result, traceId, auditId, timestamp`
+  - missing_transit_fields: `payload`

 ## Politica de nome canonico e aliases

@@ -74,20 +86,20 @@

 - status: `partial`
 - motivo: codigo local do provider existe; publicacao live depende de runner Wrangler sem spawn EPERM
- evidencias: `6032d87c13f58ddb8ba217955c95baf1841bd1b8b8a98a090282bc562cafb6ff; wrangler_runner`
+- evidencias: `c22d27b86de895b23a8a1f9cd932361cce45297757bb0c74bf88cf955a8cdd6d; wrangler_runner`
 - proxima_acao: homologar runner Node/esbuild/workerd e repetir wrangler deploy --dry-run antes do deploy real

 ### 0032_EXECUTIVA__validar-live-tools-mais-humana-v1-execute-com-evidencia

- status: `passed`
+- status: `partial`
 - motivo: endpoint live foi sondado sem persistir bearer bruto
- evidencias: `evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0`
+- evidencias: `evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461`
 - proxima_acao: retestar as tres tools apos deploy do mcps-gateway contendo o provider Mais Humana

 ### 0033_EXECUTIVA__sincronizar-git-mais-humana-mcps-central-com-credenciais

 - status: `blocked`
- motivo: fetch/push bloqueados por SEC_E_NO_CREDENTIALS e FETCH_HEAD/index.lock conforme auditoria segura
+- motivo: fetch normal falhou por SEC_E_NO_CREDENTIALS; fetch em memoria no repo real OK; central suja/divergente sem reconciliação destrutiva
 - evidencias: `git_sync_status`
 - proxima_acao: corrigir credencial Git/Schannel e reconciliar ahead/behind sem reset destrutivo

@@ -109,26 +121,26 @@

 - status: `partial`
 - motivo: janela pode ser planejada, mas deploy real ainda depende do runner homologado
- evidencias: `wrangler_runner; 6032d87c13f58ddb8ba217955c95baf1841bd1b8b8a98a090282bc562cafb6ff`
+- evidencias: `wrangler_runner; c22d27b86de895b23a8a1f9cd932361cce45297757bb0c74bf88cf955a8cdd6d`
 - proxima_acao: definir owner, janela, version atual, rollback e criterio de sucesso antes de deploy real

 ### 0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release

 - status: `passed`
 - motivo: ledger MCP existe como contrato local e deve ser criterio de release
- evidencias: `mcp_transit_ledger; 6032d87c13f58ddb8ba217955c95baf1841bd1b8b8a98a090282bc562cafb6ff`
+- evidencias: `mcp_transit_ledger; c22d27b86de895b23a8a1f9cd932361cce45297757bb0c74bf88cf955a8cdd6d`
 - proxima_acao: aplicar requiredFields em toda publicacao interplataforma

 ### 0045_GERENCIAL__pactuar-politica-acesso-waf-gpt-mcp-gateway

 - status: `partial`
 - motivo: probes usam User-Agent controlado, bearer redigido e response excerpt seguro
- evidencias: `evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0`
+- evidencias: `evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461`
 - proxima_acao: formalizar headers minimos, WAF, rate limit, logs e retencao de evidencias

 ### 0046_GERENCIAL__homologar-runner-oficial-wrangler-node-esbuild

- status: `blocked`
+- status: `not_run`
 - motivo: Wrangler autenticou quando executado diretamente, mas deploy dry-run nao ficou confirmado
 - evidencias: `wrangler_runner`
 - proxima_acao: homologar host que permita Node, esbuild/workerd e node --test sem spawn EPERM
@@ -142,6 +154,9 @@

 ## Blockers

- `wrangler_auth_not_confirmed`
+- `mais_humana.rulebook.compact:missing_transit:payload`
+- `mais_humana.admin_ui.same_source:missing_transit:payload`
+- `mais_humana.mcp_transit.ledger:missing_transit:payload`
+- `mais_humana.admin_routes.acceptance:missing_transit:payload`
 - `canonical_name_requires_institutional_decision`
 - `git_sync_blocked`
--- a/matrizes/mcp-publication-gate-decisions.csv
+++ b/matrizes/mcp-publication-gate-decisions.csv
@@ -1,11 +1,11 @@
 order_id,status,reason,next_action,evidence_refs
-0031_EXECUTIVA__publicar-provider-mais-humana-no-mcps-gateway-via-wrangler-homologado,partial,codigo local do provider existe; publicacao live depende de runner Wrangler sem spawn EPERM,homologar runner Node/esbuild/workerd e repetir wrangler deploy --dry-run antes do deploy real,6032d87c13f58ddb8ba217955c95baf1841bd1b8b8a98a090282bc562cafb6ff; wrangler_runner
-0032_EXECUTIVA__validar-live-tools-mais-humana-v1-execute-com-evidencia,passed,endpoint live foi sondado sem persistir bearer bruto,retestar as tres tools apos deploy do mcps-gateway contendo o provider Mais Humana,evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0
-0033_EXECUTIVA__sincronizar-git-mais-humana-mcps-central-com-credenciais,blocked,fetch/push bloqueados por SEC_E_NO_CREDENTIALS e FETCH_HEAD/index.lock conforme auditoria segura,corrigir credencial Git/Schannel e reconciliar ahead/behind sem reset destrutivo,git_sync_status
+0031_EXECUTIVA__publicar-provider-mais-humana-no-mcps-gateway-via-wrangler-homologado,partial,codigo local do provider existe; publicacao live depende de runner Wrangler sem spawn EPERM,homologar runner Node/esbuild/workerd e repetir wrangler deploy --dry-run antes do deploy real,c22d27b86de895b23a8a1f9cd932361cce45297757bb0c74bf88cf955a8cdd6d; wrangler_runner
+0032_EXECUTIVA__validar-live-tools-mais-humana-v1-execute-com-evidencia,partial,endpoint live foi sondado sem persistir bearer bruto,retestar as tres tools apos deploy do mcps-gateway contendo o provider Mais Humana,evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461
+0033_EXECUTIVA__sincronizar-git-mais-humana-mcps-central-com-credenciais,blocked,fetch normal falhou por SEC_E_NO_CREDENTIALS; fetch em memoria no repo real OK; central suja/divergente sem reconciliação destrutiva,corrigir credencial Git/Schannel e reconciliar ahead/behind sem reset destrutivo,git_sync_status
 0034_EXECUTIVA__corrigir-acl-escrita-central-e-sql-semantico-plataforma-15,partial,artefatos centrais foram testados pelo gerador de gate; falhas ficam registradas no projeto real,manter escrita automatica central e SQL semantico sob teste em toda rodada,central_write_status
 0035_EXECUTIVA__reconciliar-nome-canonico-real-alias-platform,blocked,politica de alias foi materializada sem renome destrutivo,"aguardar decisao institucional antes de renomear remote, pasta central, ownerPlatformId ou referencias historicas",alias_policy
-0043_GERENCIAL__aprovar-janela-publicacao-provider-mais-humana-com-rollback,partial,"janela pode ser planejada, mas deploy real ainda depende do runner homologado","definir owner, janela, version atual, rollback e criterio de sucesso antes de deploy real",wrangler_runner; 6032d87c13f58ddb8ba217955c95baf1841bd1b8b8a98a090282bc562cafb6ff
-0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release,passed,ledger MCP existe como contrato local e deve ser criterio de release,aplicar requiredFields em toda publicacao interplataforma,mcp_transit_ledger; 6032d87c13f58ddb8ba217955c95baf1841bd1b8b8a98a090282bc562cafb6ff
-0045_GERENCIAL__pactuar-politica-acesso-waf-gpt-mcp-gateway,partial,"probes usam User-Agent controlado, bearer redigido e response excerpt seguro","formalizar headers minimos, WAF, rate limit, logs e retencao de evidencias",evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0
-0046_GERENCIAL__homologar-runner-oficial-wrangler-node-esbuild,blocked,"Wrangler autenticou quando executado diretamente, mas deploy dry-run nao ficou confirmado","homologar host que permita Node, esbuild/workerd e node --test sem spawn EPERM",wrangler_runner
+0043_GERENCIAL__aprovar-janela-publicacao-provider-mais-humana-com-rollback,partial,"janela pode ser planejada, mas deploy real ainda depende do runner homologado","definir owner, janela, version atual, rollback e criterio de sucesso antes de deploy real",wrangler_runner; c22d27b86de895b23a8a1f9cd932361cce45297757bb0c74bf88cf955a8cdd6d
+0044_GERENCIAL__institucionalizar-ledger-transito-mcp-como-gate-release,passed,ledger MCP existe como contrato local e deve ser criterio de release,aplicar requiredFields em toda publicacao interplataforma,mcp_transit_ledger; c22d27b86de895b23a8a1f9cd932361cce45297757bb0c74bf88cf955a8cdd6d
+0045_GERENCIAL__pactuar-politica-acesso-waf-gpt-mcp-gateway,partial,"probes usam User-Agent controlado, bearer redigido e response excerpt seguro","formalizar headers minimos, WAF, rate limit, logs e retencao de evidencias",evidence-a75a27e0669c49da1db8b615; evidence-af37a8d489b0038a7a6b5575; evidence-3f0e3b9f829c7ff912b335d0; evidence-6be52832c728db2bbbbce461
+0046_GERENCIAL__homologar-runner-oficial-wrangler-node-esbuild,not_run,"Wrangler autenticou quando executado diretamente, mas deploy dry-run nao ficou confirmado","homologar host que permita Node, esbuild/workerd e node --test sem spawn EPERM",wrangler_runner
 0047_GERENCIAL__decidir-nome-canonico-e-politica-alias-mais-humana,blocked,"nome atual, nome canonico recomendado e aliases estao documentados",registrar decisao formal: preservar alias ou executar migracao coordenada,alias_policy
--- a/src/mais_humana/mcp_publication_gate.py
+++ b/src/mais_humana/mcp_publication_gate.py
@@ -29,6 +29,7 @@ from .mcp_contract import (
    CURRENT_PROJECT_ID,
    MCP_CONTROL_PLANE_ID,
    MCP_EXECUTE_ENDPOINT,
+    MCP_TRANSIT_FIELDS,
    PROVIDER_ID,
    PROVIDER_TOOL_ID,
    stable_hash,
@@ -41,6 +42,7 @@ DEFAULT_GATEWAY_TOOLS = (
    "mais_humana.rulebook.compact",
    "mais_humana.admin_ui.same_source",
    "mais_humana.mcp_transit.ledger",
+    "mais_humana.admin_routes.acceptance",
 )

 EXPECTED_GATEWAY_SNIPPETS = (
@@ -50,6 +52,7 @@ EXPECTED_GATEWAY_SNIPPETS = (
    "mais_humana.rulebook.compact",
    "mais_humana.admin_ui.same_source",
    "mais_humana.mcp_transit.ledger",
+    "mais_humana.admin_routes.acceptance",
 )

 DEFAULT_OWNER_PLATFORM_ID = "tudo-para-ia-mais-humana-platform"
@@ -143,12 +146,14 @@ class LiveToolProbe:
    evidence_id: str
    source_payload_hash: str
    source_records_hash: str
+    transit_fields_present: tuple[str, ...]
+    missing_transit_fields: tuple[str, ...]
    response_excerpt: Mapping[str, Any]
    observed_at: str

    @property
    def live_ready(self) -> bool:
-        return self.status == ProbeStatus.OK and self.ok
+        return self.status == ProbeStatus.OK and self.ok and not self.missing_transit_fields

    def to_dict(self) -> dict[str, Any]:
        return as_plain_data(self)
@@ -279,6 +284,20 @@ def _safe_excerpt(value: object, *, max_items: int = 16) -> dict[str, Any]:
    return {"value": redact_sensitive_text(str(value))[:600]}


+def _transit_fields(payload: Mapping[str, Any]) -> tuple[tuple[str, ...], tuple[str, ...]]:
+    result = payload.get("result")
+    result_map = result if isinstance(result, Mapping) else {}
+    transit = result_map.get("transit")
+    transit_map = transit if isinstance(transit, Mapping) else {}
+    present = tuple(
+        field
+        for field in MCP_TRANSIT_FIELDS
+        if field in transit_map and transit_map[field] not in ("", None, {}, [])
+    )
+    missing = tuple(field for field in MCP_TRANSIT_FIELDS if field not in present)
+    return present, missing
+
+
 def _status_from_http(status: int | None, payload: Mapping[str, Any]) -> ProbeStatus:
    if status is None:
        return ProbeStatus.NETWORK_ERROR
@@ -365,7 +384,7 @@ def build_wrangler_runner_evidence(
    blockers: list[str] = []
    if spawn_blocked:
        blockers.append("runner_node_esbuild_spawn_eperm")
-    if not authenticated:
+    if attempted and not authenticated:
        blockers.append("wrangler_auth_not_confirmed")
    if authenticated and not deploy_dry_run_ok:
        blockers.append("wrangler_deploy_dry_run_not_confirmed")
@@ -437,6 +456,7 @@ def execute_live_tool_probe(
        error_code = str(error_value or payload.get("code") or "").strip()
    source_payload_hash = stable_hash({"endpoint": endpoint, "request": body, "status": status})
    source_records_hash = stable_hash({"toolId": tool_id, "payload": _safe_excerpt(payload), "status": probe_status.value})
+    transit_present, transit_missing = _transit_fields(payload)
    return LiveToolProbe(
        tool_id=tool_id,
        endpoint=endpoint,
@@ -449,6 +469,8 @@ def execute_live_tool_probe(
        evidence_id=f"evidence-{source_records_hash[:24]}",
        source_payload_hash=source_payload_hash,
        source_records_hash=source_records_hash,
+        transit_fields_present=transit_present,
+        missing_transit_fields=transit_missing,
        response_excerpt=_safe_excerpt(payload),
        observed_at=utc_now(),
    )
@@ -471,6 +493,8 @@ def build_not_run_probe(tool_id: str, reason: str, *, endpoint: str = MCP_EXECUT
        evidence_id=f"evidence-{source_records_hash[:24]}",
        source_payload_hash=source_payload_hash,
        source_records_hash=source_records_hash,
+        transit_fields_present=(),
+        missing_transit_fields=MCP_TRANSIT_FIELDS,
        response_excerpt={"reason": reason},
        observed_at=utc_now(),
    )
@@ -644,7 +668,16 @@ def build_publication_gate_report(
        (
            *gateway.missing_snippets,
            *wrangler.blockers,
-            *(f"{probe.tool_id}:{probe.status.value}:{probe.error_code}" for probe in probes if not probe.live_ready),
+            *(
+                f"{probe.tool_id}:{probe.status.value}:{probe.error_code}"
+                for probe in probes
+                if probe.status != ProbeStatus.OK or probe.error_code
+            ),
+            *(
+                f"{probe.tool_id}:missing_transit:{','.join(probe.missing_transit_fields)}"
+                for probe in probes
+                if probe.missing_transit_fields and probe.status == ProbeStatus.OK
+            ),
            *alias.blockers,
            *(("git_sync_blocked" if "SEC_E_NO_CREDENTIALS" in git_sync_status else ""),),
        )
@@ -653,6 +686,7 @@ def build_publication_gate_report(
        f"Provider local Mais Humana pronto: {gateway.ready}.",
        f"Wrangler autenticado: {wrangler.authenticated}; deploy dry-run OK: {wrangler.deploy_dry_run_ok}.",
        f"Tools live prontas: {sum(1 for item in probes if item.live_ready)}/{len(probes)}.",
+        f"Probes live com envelope MCP completo: {sum(1 for item in probes if not item.missing_transit_fields)}/{len(probes)}.",
        f"Nome atual: {CURRENT_PROJECT_ID}; canonico recomendado: {CANONICAL_PROJECT_ID}; ownerPlatformId MCP: {DEFAULT_OWNER_PLATFORM_ID}.",
        f"Decisoes de OS avaliadas: {len(decisions)}.",
    )
@@ -762,6 +796,8 @@ def publication_gate_markdown(report: McpPublicationGateReport) -> str:
                f"  - evidenceId: `{probe.evidence_id}`",
                f"  - traceId: `{probe.trace_id}`",
                f"  - auditId: `{probe.audit_id}`",
+                f"  - transit_fields_present: `{', '.join(probe.transit_fields_present) or 'none'}`",
+                f"  - missing_transit_fields: `{', '.join(probe.missing_transit_fields) or 'none'}`",
            ]
        )
    lines.extend(["", "## Politica de nome canonico e aliases", ""])
--- a/tests/test_mcp_publication_gate.py
+++ b/tests/test_mcp_publication_gate.py
@@ -8,6 +8,7 @@ from mais_humana.cli import main
 from mais_humana.mcp_publication_gate import (
    DEFAULT_GATEWAY_TOOLS,
    GateStatus,
+    LiveToolProbe,
    ProbeStatus,
    build_alias_policy,
    build_not_run_probe,
@@ -37,7 +38,7 @@ class McpPublicationGateTests(unittest.TestCase):
                    'const PLATFORM_IDS = { maisHumana: "tudo-para-ia-mais-humana-platform" };',
                    "const MAIS_HUMANA_PROVIDER_ID = \"mais_humana\";",
                    "async function executeMaisHumanaGatewayTool() { return true; }",
-                    "const ids = ['mais_humana.rulebook.compact', 'mais_humana.admin_ui.same_source', 'mais_humana.mcp_transit.ledger'];",
+                    "const ids = ['mais_humana.rulebook.compact', 'mais_humana.admin_ui.same_source', 'mais_humana.mcp_transit.ledger', 'mais_humana.admin_routes.acceptance'];",
                ]
            ),
            encoding="utf-8",
@@ -46,7 +47,7 @@ class McpPublicationGateTests(unittest.TestCase):
            "\n".join(
                [
                    "const MAIS_HUMANA_CATALOG = { providerId: 'mais_humana' };",
-                    "export const tools = ['mais_humana.rulebook.compact', 'mais_humana.admin_ui.same_source', 'mais_humana.mcp_transit.ledger'];",
+                    "export const tools = ['mais_humana.rulebook.compact', 'mais_humana.admin_ui.same_source', 'mais_humana.mcp_transit.ledger', 'mais_humana.admin_routes.acceptance'];",
                ]
            ),
            encoding="utf-8",
@@ -57,6 +58,7 @@ class McpPublicationGateTests(unittest.TestCase):
                    "case 'mais_humana:rulebook.compact': return {};",
                    "case 'mais_humana:admin_ui.same_source': return {};",
                    "case 'mais_humana:mcp_transit.ledger': return {};",
+                    "case 'mais_humana:admin_routes.acceptance': return {};",
                ]
            ),
            encoding="utf-8",
@@ -87,6 +89,34 @@ class McpPublicationGateTests(unittest.TestCase):
        self.assertEqual(evidence.status, GateStatus.PARTIAL)
        self.assertIn("runner_node_esbuild_spawn_eperm", evidence.blockers)

+    def test_wrangler_not_attempted_is_observation_not_auth_blocker(self) -> None:
+        evidence = build_wrangler_runner_evidence("", attempted=False)
+
+        self.assertEqual(evidence.status, GateStatus.NOT_RUN)
+        self.assertFalse(evidence.authenticated)
+        self.assertEqual(evidence.blockers, ())
+
+    def test_live_probe_requires_complete_mcp_transit_envelope(self) -> None:
+        probe = LiveToolProbe(
+            tool_id="mais_humana.admin_routes.acceptance",
+            endpoint="https://mcps-gateway.ami-app.workers.dev/v1/execute",
+            http_status=200,
+            status=ProbeStatus.OK,
+            ok=True,
+            error_code="",
+            trace_id="trace-live",
+            audit_id="audit-live",
+            evidence_id="evidence-live",
+            source_payload_hash="a" * 64,
+            source_records_hash="b" * 64,
+            transit_fields_present=("origin", "destination", "tool", "actor", "permission", "traceId", "auditId", "timestamp"),
+            missing_transit_fields=("payload", "result"),
+            response_excerpt={"ok": "True"},
+            observed_at="2026-05-02T00:00:00+00:00",
+        )
+
+        self.assertFalse(probe.live_ready)
+
    def test_order_decisions_keep_live_and_git_blockers_explicit(self) -> None:
        repo = self.make_mcp_repo(make_tmp())
        gateway = scan_gateway_source(repo)
@@ -186,4 +216,3 @@ class McpPublicationGateTests(unittest.TestCase):

 if __name__ == "__main__":
    unittest.main()
-