external-surface-is-fully-controlled
OUT derived (depth 4)
The system's external surface is fully controlled along independent axes: bidirectional bounds constrain output size (token budgets) and input quality (staleness detection), while defensive containment layers (validation pipelines, namespace isolation) prevent external beliefs from violating internal invariants.
Summary
Every way the system touches the outside world is locked down from two angles: hard limits on how much data goes in and out, and safety filters that catch bad or stale external data before it can corrupt anything internally. This belief is currently marked OUT, meaning one or both of those guarantees — the bidirectional size/freshness bounds or the defensive containment layers — no longer fully holds, so the claim of complete external surface control is not currently supported.
Justifications
SL — Bidirectional I/O bounding and defensive containment together control the full external surface (depth-4)
Antecedents (all must be IN):
- external-interface-is-bidirectionally-bounded — The system's interaction with external systems is bounded in both directions: output is budget-limited through accurate token estimation ensuring context windows are respected, and input drift is comprehensively detected through staleness checking — no unbounded data flows cross the system boundary.
- external-beliefs-defensively-contained — External beliefs pass through two independent safety layers: defensive ingestion pipelines (fail-soft validation, Jaccard guards, dual import/sync reconciliation modes) filter and validate beliefs on entry, while the self-contained agent subsystem (namespace isolation, relay-pair kill-switches, reversible lifecycle management) constrains their operational footprint after ingestion.
Dependents
These beliefs depend on this one:
- information-boundaries-are-controlled-at-all-levels — The system controls information flow at every boundary: internally through access-tag authorization gating and token-budget constraints on output, and externally through bidirectional bounds on LLM input/output quality and defensive belief ingestion pipelines
- system-is-externally-controlled-and-internally-self-correcting — The system achieves dual-layer assurance: external interfaces are fully controlled through bidirectional token bounds and defensive belief ingestion, while internal consistency is actively maintained through contradiction resolution at derivation time and staleness detection at maintenance time.