Context
The project forbids the term "auto-approval" and any claim of OS-level sandboxing, total security, tamper-proofing, invulnerability, risk-free operation, or impossibility of manipulation. A CI check should catch violations instead of manual review.
Requisito o riesgo al que responde
- Requisito: THEKEY_CONTRACT (terminology rule) — "deterministic policy authorization", never "auto-approval"; honest claims only.
- Riesgo cubierto: THREAT surface "Alteración de artefactos de evidencia" extended to docs — false claims in README/THREAT_MODEL erode trust and contradict the honest-threat-model stance.
Impacto si no se resuelve
A single disallowed phrase in a translated doc ships a false guarantee; the project's core honesty claim is violated and only caught by a human re-reading.
Acceptance criteria
Cómo se verifica
python scripts/ci/docs_claims.py
# expected: exit 0 on current docs; exit 1 if a forbidden term is injected
python -m thekey demo
# expected: RELEASE_ELIGIBLE, gates_passed: 4/4
Evidencia en event store
On merge record Closes #3 + docs_claims.py output in the PR body; the demo run must reach RELEASE_ELIGIBLE with evidence_mismatches: [].
Docs afectados
Context
The project forbids the term "auto-approval" and any claim of OS-level sandboxing, total security, tamper-proofing, invulnerability, risk-free operation, or impossibility of manipulation. A CI check should catch violations instead of manual review.
Requisito o riesgo al que responde
Impacto si no se resuelve
A single disallowed phrase in a translated doc ships a false guarantee; the project's core honesty claim is violated and only caught by a human re-reading.
Acceptance criteria
scripts/ci/docs_claims.pyscans normative docs (ES+EN) for the forbidden terms and for the required "deterministic policy authorization" / "workflow isolation" phrasing.docs-gatesCI job on every PR.Cómo se verifica
Evidencia en event store
On merge record
Closes #3+docs_claims.pyoutput in the PR body; the demo run must reachRELEASE_ELIGIBLEwithevidence_mismatches: [].Docs afectados