external-surface-is-fully-controlled

OUT derived (depth 4)

The system's external surface is fully controlled along independent axes: bidirectional bounds constrain output size (token budgets) and input quality (staleness detection), while defensive containment layers (validation pipelines, namespace isolation) prevent external beliefs from violating internal invariants.

Summary

Every way the system touches the outside world is locked down from two angles: hard limits on how much data goes in and out, and safety filters that catch bad or stale external data before it can corrupt anything internally. This belief is currently marked OUT, meaning one or both of those guarantees — the bidirectional size/freshness bounds or the defensive containment layers — no longer fully holds, so the claim of complete external surface control is not currently supported.

Justifications

SL — Bidirectional I/O bounding and defensive containment together control the full external surface (depth-4)

Antecedents (all must be IN):

  • external-interface-is-bidirectionally-bounded — The system's interaction with external systems is bounded in both directions: output is budget-limited through accurate token estimation ensuring context windows are respected, and input drift is comprehensively detected through staleness checking — no unbounded data flows cross the system boundary.
  • external-beliefs-defensively-contained — External beliefs pass through two independent safety layers: defensive ingestion pipelines (fail-soft validation, Jaccard guards, dual import/sync reconciliation modes) filter and validate beliefs on entry, while the self-contained agent subsystem (namespace isolation, relay-pair kill-switches, reversible lifecycle management) constrains their operational footprint after ingestion.

Dependents

These beliefs depend on this one:

Details