{"ok":true,"phase":"v17.6 Phase 196","service":"Connector Install Review UI","review":{"system":"OmegaCrownAI Connector Install Review UI","phase":"v17.6 Phase 196","status":"install_review_ready","purpose":"Show connector permissions, risks, approval gates, credential rules, blocked actions, and validation status before any connector is installed or activated.","corePrinciple":"No connector should be installed silently. The user/admin must see what it can read, draft, write, publish, store, or block before activation.","sampleConnector":{"connectorId":"github","name":"GitHub","category":"development","version":"0.1.0","authType":"oauth","riskLevel":"medium","permissionsRequested":["connector_read","connector_write_draft"],"actionCount":2,"healthcheck":"Verify repository access and scopes.","disconnectPolicy":"Revoke OAuth token and remove cached repository metadata.","dataRetentionPolicy":"Store only required issue/PR metadata and delete on disconnect.","validationOk":true,"validationScore":100,"validationWarnings":[],"validationErrors":[]},"reviewSections":[{"section":"Connector identity","description":"Shows connector name, category, version, auth type, and marketplace listing status."},{"section":"Permission review","description":"Shows requested permissions and explains read, draft write, external write, financial, and secret-management scopes."},{"section":"Risk review","description":"Shows low, medium, high, or blocked-by-default risk level before installation."},{"section":"Action review","description":"Shows each connector action, input/output schema, approval gate, and audit requirement."},{"section":"Credential safety","description":"Shows OAuth/API-key/webhook safety rules and warns that secrets must stay server-side."},{"section":"Healthcheck and disconnect","description":"Shows how the connector is tested, revoked, disconnected, and cleaned up."},{"section":"Blocked action review","description":"Shows actions that cannot run by default: financial actions, destructive deletes, secret exposure, public publishing, and live trading."}],"installDecisionStates":[{"state":"ready_for_review","meaning":"Manifest exists but user/admin has not approved installation."},{"state":"validation_failed","meaning":"Manifest failed safety or schema validation and cannot be installed."},{"state":"approval_required","meaning":"Connector includes high-risk or external-write capabilities."},{"state":"approved_for_install","meaning":"Connector passed validation and user/admin approved scoped installation."},{"state":"installed_limited","meaning":"Connector is installed with read/draft permissions only."},{"state":"installed_active","meaning":"Connector is installed and active under approved permission gates."},{"state":"blocked","meaning":"Connector is blocked due to unsafe permissions, secrets, financial actions, or missing audit requirements."}],"adminChecklist":["Confirm connector identity and category.","Review requested permissions.","Confirm auth type is allowed.","Review every action and approval gate.","Confirm all actions require audit.","Confirm no secrets are exposed client-side.","Run connector manifest validator.","Run connector healthcheck before activation.","Confirm disconnect and data retention policy.","Approve only the minimum required scope."],"uiRequirements":["Show connector risk level prominently.","Show requested permissions as badges.","Show blocked-by-default warnings in red/critical state.","Show validation score before approval.","Show install workflow steps.","Link to manifest validator API.","Link to connector marketplace smoke test.","Explain that external writes require explicit approval.","Explain that financial actions are blocked by default."],"marketplaceInstallFlow":["User selects connector from marketplace.","OmegaCrownAI displays requested permissions and risk level.","User/admin approves installation.","Connector stores credentials in server-side secret storage only.","Connector healthcheck runs.","Connector actions become available according to permission level.","External writes require explicit approval gate.","Audit trail records install, action use, failures, and disconnect."],"blockedConnectorActions":["No connector may expose secrets in logs, commits, artifacts, or UI.","No connector may send external messages without approval unless explicitly configured.","No connector may publish public content without review.","No connector may charge, refund, transfer funds, or place trades by default.","No connector may delete customer data without explicit owner approval and rollback plan.","No connector may request broader scopes than needed."],"apiLinks":["/api/sovereign/connector-marketplace-foundation","/api/sovereign/connector-marketplace-smoke-test","/api/sovereign/connector-manifest-validator","/api/sovereign/connector-manifest-validator-smoke-test"]}}