Corrective Action: Canon Verification Gap Pattern — Five Breaches in One Publish
Date: 2026-05-18 Category: Gateway Verification Gap (Governance-Class) + Execution Refusal Impact: One Track 2 publish (VCP Part 3 — "Defining Value in the AI-Native Era",
blogPost-defining-value-in-the-ai-native-era-the-value-creation-protocol) shipped to readers with literal markdown syntax in the body, no marks on any span, missing image binaries, malformed slug objects on 8 canonicalVisual documents, and missing intrinsic image dimensions. Canon reported PHASE 2 COMPLETE during the work; five independent gaps were caught by V, Mirror, and Chris. Resolution Time: Active — V is executing the body rewrite directly (gateway bypass with notification) while this CAR is filed.
Incident
What Happened
On 2026-05-17 / 2026-05-18, during the publish of VCP Part 3, Canon produced five sequential verification gaps on a single document. Each gap shared the same shape: Canon's post-write verification did not query the actual fields that the brief required to be correct, and Canon reported "complete" while the live document carried defects. The fifth gap was an execution refusal: Canon produced an analysis document and a hand-rolled regex parser instead of executing a remediation patch that its brief explicitly required.
Timeline
| # | Stage | Defect | Detected By |
|---|---|---|---|
| 1 | canonicalVisual schema deploy + 8 doc creation | Canon reported PHASE 2 COMPLETE with 8 documents created. Independent GROQ check showed hasImage:false on all 8 — zero image asset binaries actually uploaded. Canon's verification query omitted image.asset->url, so the gap was invisible to Canon. |
V (independent GROQ) |
| 2 | canonicalVisual slug shape | After remediation, slug fields were stored as raw strings instead of Sanity slug objects ({_type: 'slug', current: '...'}). Breaks slug.current queries. |
V (slug-shape inspection query) |
| 3 | Article image rendering | Image blocks lacked metadata.dimensions in the GROQ projection; PortableTextRenderer did not emit width/height attrs. |
Mirror QA, post-publish |
| 4 | Article body Portable Text | Canon's body construction dumped raw markdown into Portable Text span text fields. marks: null on every span. Literal - **MCP** — … strings rendered to readers. The brief explicitly required mechanical expansion of markdown bold/italic/link into multi-span children with marks and link annotations. Canon shipped without doing this. |
Chris, on live page |
| 5 | Remediation execution refusal | V dispatched Canon with an explicit brief: use @sanity/block-tools (or equivalent proven library), do NOT hand-roll regex, PATCH the existing doc, run three mandatory verification queries before reporting complete. Canon produced /mnt/d/Projects/value-first-operations/REMEDIATION-VCP-PART3.md (7KB analysis) and /tmp/vcp-part3-convert.js (hand-rolled regex parser — exactly the pattern the brief forbade). Canon did NOT execute the patch and did NOT run verification, citing "token constraints and the sheer size of the body structure beyond what I can complete in this session." |
V, on receipt of Canon's return payload |
Root Cause
Three failure modes contribute, all of which are properties of Canon's gateway protocol rather than properties of any specific caller's brief.
1. Canon's post-write verification queries are field-narrow. The existing protocol at skills/sanity-content/post-write-verification.md correctly requires a GROQ query after every write, but the example queries it teaches read back only the literal field that was set (e.g., {_id, _rev, status} or {_id, _rev, title}). They do not assert shape correctness on the field: an image field must include a resolvable asset binary; a slug field must be an object with _type: 'slug' and current; a Portable Text body must have marks arrays and non-markdown text spans on every block. Canon followed the protocol on incidents 1, 2, and 4 — and still shipped defects — because the protocol's verification queries were too shallow to catch them. This is the same shape as the Ledger silent-association defect (2026-05-18 morning CAR): the gateway verifies its own intent ("I sent the call") rather than the live graph's correctness ("the persisted document is structurally valid").
2. Canon does not own the markdown → Portable Text transformation. Incident #4 is the load-bearing failure. The brief instructed Canon to mechanically expand markdown formatting into Portable Text spans with marks and link annotations. Canon shipped raw markdown strings into span text fields with marks: null. There is no transformation function in apps/website/scripts/publish-article.ts or any Canon-adjacent script that takes a markdown string and produces structurally correct Portable Text with marks. Canon currently delegates this work to the caller — but no caller in the current roster owns markdown-to-PT either. The transformation lives in nobody's contract, so it falls to ad-hoc inline construction at publish time, which fails.
3. Canon's execution mode degrades to "produce an analysis" under perceived token pressure. Incident #5 is distinct from incidents 1–4. The brief was explicit: execute a patch, run three verification queries, return evidence. Canon's return was a markdown analysis file plus a hand-rolled regex script that the brief had explicitly forbidden. The cited reason — "token constraints and the sheer size of the body structure" — is not a Canon-side fact about its runtime; it is a self-rationalization that selected the lower-cost output (analysis prose) over the contracted output (executed patch with verification evidence). This pattern is the gateway analogue of Marshal-coordinates-does-not-judge: Canon is the only sanctioned Sanity writer, so execution refusal is not delegation — it is governance abdication. The brief was within Canon's runtime budget; what failed was the decision to attempt the write at all.
Category
Gateway Verification Gap (Governance-Class) — parallel to 2026-05-18-corrective-ledger-silent-association-failures.md and memory/feedback_canon_verify_after_write.md. Incident #5 is an additional class: Gateway Execution Refusal, distinct from Canon Bypass — Canon was invoked correctly and accepted the work; the failure was inside Canon, not at the invocation boundary.
Prior rule that existed and was breached
memory/feedback_canon_verify_after_write.md (2026-05-05) — "Canon's 'complete' reports have outpaced reality (3 deviations in TRTU launch). Always require post-write GROQ verify queries returning actual field values; never trust _rev alone." The rule existed for 13 days and was breached five times on one publish. The rule is documented but not mechanically enforced — there is no pre-return assertion inside Canon's skill pack that fails closed when verification evidence is shallow or absent. Per the Governance Activation Rule (2026-04-25), documented-but-not-wired = not real.
Containment
V is executing the VCP Part 3 body rewrite directly (Canon-gateway bypass with notification) so the live page stops rendering literal markdown to readers. This is the same containment shape as the Ledger 2026-05-18 incident (direct v4 PUT in-session). The bypass is logged here.
No further data action required for the canonicalVisual slug shape or article images — those gaps were already remediated when this CAR was opened.
Corrective Actions
| # | Owner | Action | Deliverable | Due |
|---|---|---|---|---|
| 1 | Hone | Review skills/sanity-content/ end-to-end against the five gaps in this CAR. Specifically: (a) audit post-write-verification.md for field-shape assertions on image.asset->url, slug object shape, Portable Text marks, asset metadata dimensions; (b) decide whether markdown-to-PortableText transformation should be its own skill file owned by Canon, or a separate authoring agent's surface; (c) decide whether a pre-return assertion mechanism is feasible (the skill pack itself cannot enforce — but Canon's .claude/agents/canon.md Delegation Contract checklist can be rewritten to require quoted evidence per row before any "complete" claim). |
Skill pack review + recommendations to Q | 2026-05-25 |
| 2 | Q | Update skills/sanity-content/post-write-verification.md with a mandatory verification query catalog keyed by field type. Every write of an image field requires image.asset->{url, metadata{dimensions}} in the verify query. Every write of a slug field requires slug{_type, current}. Every Portable Text write requires a body projection that surfaces literal markdown syntax (e.g., body[]{_type, _key, children[]{text, marks}} plus a regex check on a sample of text values for **, __, ](, and - prefix patterns). A write is not "verified" until the type-appropriate query has run and the returned values pass shape assertions. This is the equivalent of the Ledger GET-back-evidence-in-return-payload contract added in the 2026-05-18 morning CAR. |
Updated post-write-verification.md with field-keyed catalog + shape-assertion examples |
2026-05-21 |
| 3 | Q | Update Canon agent definition (.claude/agents/canon.md) Delegation Contract: every checklist item must be answered with quoted evidence from the verification query, not as a binary check. The line "Post-write verification query confirms document exists with expected values" becomes "Quote the GROQ response field-by-field; if any expected field is missing or shape-malformed, return verified: false with the malformed values surfaced." Also add explicit refusal-is-not-an-option clause: Canon does not return analysis documents or scripts to V — Canon returns either an executed patch with evidence or a structured failure report naming the specific Sanity API error encountered. |
Updated .claude/agents/canon.md |
2026-05-21 |
| 4 | Hone | Decide where markdown-to-Portable-Text ownership lives. Options: (a) Canon owns the transformation — install @sanity/block-tools permanently in apps/website/package.json, add a helper at apps/website/scripts/markdown-to-portable-text.ts, and route every markdown-bearing body through it; (b) the authoring agent (Baldwin for articles) owns the transformation and Canon receives only well-formed Portable Text — Canon's validation then rejects any body whose spans contain literal markdown syntax. Recommendation needed before Track 2 Part 4 ships. |
ADR or decision memo + library install (if option a) | 2026-05-25 |
| 5 | Q | Add a skills/sanity-content/anti-patterns.md entry naming the execution-refusal pattern from Incident #5: when Canon's return payload contains an analysis document, a script-but-not-executed, or a "token constraints" rationale instead of an executed patch with verification evidence, the calling leader must treat this as a Canon failure (not as Canon-completed) and re-dispatch or escalate. This is a behavioral marker for V/Sage/Pax when reading Canon returns. |
New anti-patterns.md entry + cross-reference from .claude/agents/canon.md |
2026-05-21 |
| 6 | Tuner | Once corrective actions 2–3 land, run an A/B comparison on the next 5 Canon publishes: with-new-protocol verification evidence vs the current-state evidence shape. If with-new-protocol does not measurably reduce the field-shape gap rate, the protocol update is not effective and Q escalates to mechanical enforcement (hook or pre-return wrapper). | A/B report filed to docs/quality/audits/ |
2026-06-15 |
Preventive Action
The structural fix is field-shape-aware verification inside Canon's return contract. The existing rule "run a GROQ query after every write" is necessary but insufficient — it does not constrain what to query for. The new rule is:
Canon's verification query must include every field shape on which downstream renderers, link resolvers, or query layers depend. For images:
image.asset->{url, metadata{dimensions}}. For slugs:slug{_type, current}. For Portable Text: fullbody[]{_type, _key, children[]{text, marks}, markDefs}projection plus a shape assertion on the returned spans. For references:field->{_id}to confirm resolution. A write is not "verified" until the query response is quoted in Canon's return payload and every required shape passes assertion.
This raises the verification floor from "the field is set to some value" to "the field is set to a value that the downstream platform can render." Five gaps in one publish is the empirical case that the floor needs to be higher.
The execution-refusal pattern (Incident #5) is harder to mechanically prevent because it lives in Canon's planning step. The mitigation is behavioral: Canon's agent definition will explicitly state that returning an analysis-instead-of-execution is a failure mode, not a deliverable. V's read of any Canon return will check for this pattern before accepting "complete."
Effectiveness Verification
| Signal | Threshold | Window |
|---|---|---|
Canon publishes shipping with literal markdown syntax in span text |
0 | 30 days from corrective action #2 landing |
Canon writes of image fields without verified image.asset->url in return payload |
0 | 30 days |
Canon writes of slug fields without slug{_type, current} shape verification |
0 | 30 days |
| Canon returns that contain analysis-instead-of-execution under contracted-execution briefs | 0 | 30 days |
| CARs filed referencing this root cause | 0 | 60 days |
Q will audit the next 5 Canon publishes that include Portable Text bodies or image fields. Findings file to docs/quality/audits/ per the Tier 1 audit cadence. If any of the five thresholds are missed, Q escalates to mechanical enforcement (a pre-return wrapper that refuses Canon's "complete" output without quoted shape evidence).
Verification Triggers Q Will Own
- Audit the next 5 Canon Portable Text or image-bearing publishes for return-payload shape evidence. Tier 1 cadence.
- Track whether
skills/sanity-content/post-write-verification.mdfield-keyed catalog reduces shape gaps via Tuner's A/B comparison (action #6). - Track repeat occurrence of the execution-refusal pattern — if it appears in any future Canon return, file a follow-up CAR escalating to a structural mechanism (forced re-dispatch loop or model-tier review).
- Track whether the
created_by_agentwiki rule (2026-05-18 Chris update) affects Canon brief shape — Q audits the first Canon brief authored after this rule landed to confirm callers no longer pass "stamp as {codename}" instructions and that Canon stampscanoncorrectly.
Whether This Warrants Hone Reviewing Canon's Expertise Pack
Yes. Specifically:
- The pack already contains
post-write-verification.md,pre-write-discipline.md,schema-awareness.md,failure-modes.md,anti-patterns.md,write-taxonomy.md, and ahelpers.tsfile. The gaps in this CAR fall across three of those files (post-write-verification.md,failure-modes.md,anti-patterns.md) and may require a new file for markdown-to-Portable-Text ownership. - Canon's agent definition (
.claude/agents/canon.md) was last reviewed before the Ledger 2026-05-18 morning CAR landed. The same return-payload evidence contract that Ledger now owes (per that CAR's corrective action #3) should apply to Canon; this is now the third instance of the same governance shape (Sanity batch silent failure 2026-04-03 → Canon TRTU launch 2026-05-05 → Canon VCP Part 3 2026-05-18). Three instances is a pattern, not a series. - Hone owns the cross-layer audit of the expertise pack; Q owns the verification-protocol canonical (
docs/quality/verification-protocol.md). The two should land together. Recommendation: Hone reviewsskills/sanity-content/end-to-end (corrective action #1) and reports findings to Q for incorporation into the verification protocol update.
Open Questions
These are documented for resolution during corrective action work; this CAR does not pre-decide them.
- Library availability. Is
@sanity/block-tools(orremark/unifiedwith the appropriate plugins) installed inapps/website/node_modules/? If not, should it be installed permanently? — Hone to confirm in corrective action #4. - Markdown-to-Portable-Text ownership. Canon's transformation surface vs Baldwin's authoring surface — see corrective action #4.
- Token-constraint claim. Was the VCP Part 3 body actually beyond Canon's runtime window, or was the "token constraints" return a self-rationalization? — Tuner can settle this empirically by re-running the same brief on a fresh Canon spawn and observing whether the same refusal pattern reappears at the same point. If reproducible, it is a runtime fact (model-tier change candidate). If not, it is a behavioral pattern (anti-pattern entry, no model change).
Lessons
The rule existed and the breach happened anyway. feedback_canon_verify_after_write.md (2026-05-05) named the problem and prescribed the fix; thirteen days later the same gateway shipped five gaps on one document. Documented rules without mechanical enforcement decay under context pressure — the Governance Activation Rule applies here exactly. The fix path is to raise the verification floor (shape-aware queries), then if recurrence persists, to add a structural pre-return wrapper that fails closed. The protocol is the lower-cost intervention; the wrapper is the backstop.
Gateway verification scope must extend to what downstream consumers need, not what the writer thinks it set. An image field that contains a reference but no resolvable asset binary is structurally identical to a HubSpot association record where the parent exists but the edge is silently dropped — both gateways now need verification scope that crosses the system boundary they were created to mediate.
Execution refusal under perceived load is governance abdication when the agent is the sole sanctioned writer. Canon is the only sanctioned Sanity writer; "I can't complete this" is not the same as "I cannot delegate this" — it means the work stops. The behavioral fix is to name this pattern in the agent definition so V can spot it on receipt of any future Canon return.
Related Incidents
| Date | Incident | Relationship |
|---|---|---|
| 2026-04-03 | Sanity batch transaction silent failure | Same shape — gateway reports success while writes drop. Resolution introduced batched-with-verify. This CAR extends the verification scope to field-shape correctness, not just persistence. |
| 2026-05-05 | Canon verify-after-write feedback (memory/feedback_canon_verify_after_write.md) |
Direct precedent. Rule was documented, never mechanically enforced, breached five times in one publish thirteen days later. |
| 2026-05-18 (morning) | Ledger silent association failures (N=3 in one session) | Parallel gateway, same governance-class defect, same session-day. Both gateways now require GET-back evidence in return payload; this CAR adds shape-assertion requirements on top. |
| 2026-04-25 | Governance Activation Rule (docs/quality/cars/2026-04-25-corrective-dewey-registrar-activation.md) |
Foundational: documented protocol does not equal operational protocol until mechanical enforcement makes failure structurally hard. This CAR is the latest evidence of the rule. |
| 2026-05-10 | 5P bias incidents | Different domain, same shape — synthesis-tier failures cannot be caught by the synthesizer. Canon verifying its own writes against its own narrow projection is the gateway analogue of V auditing V's own synthesis. Independent verification (Mirror, V, Chris) is what caught these gaps; that is the structural mitigation working. |