Failure Atlas

Navigate failure domains, deterministic reproductions, containment guardrails, and postmortems as one connected documentation system.

FP = Failure Pattern FM = Failure Mode / Reproduction GR = Guardrail PM = Postmortem

GR_003 · Capability Surface Reduction at Startup

Type
GR
Failure domain
Policy Enforcement
Mechanism
Read/Write Boundary Drift
Status
proposed
View source on GitHub

Related artifacts

FM_001 · FP_002 · FP_003 · PM_003

Failure Pattern Mitigated

  • FP_003 Read-only Enforcement Gap

Invariant Enforced

  • INV_003 — policy state must map to explicit executable state transitions.

Guardrail Design

Project policy mode into the runtime capability surface during registration, not at invocation hints.

Implementation Sketch

  • if read_only=true, do not register write tools
  • return "not found" for write operations in read-only mode
  • include startup assertion for forbidden capability exposure

Tradeoffs

  • reduced operational flexibility without restart/reconfiguration
  • explicit mode switching semantics required
  • FP_003
  • FP_002