feat(platform): add ID-DET-001 status visibility

[raylee-hawkins]

Summary

Adds platform status/plan visibility for ID-DET-001 and exposes the future gated integration roadmap without claiming those future phases in this PR.

Current scope

This PR establishes controlled-test validation/status support for ID-DET-001 only.

It updates the platform controller, controller documentation, and schema for bounded status/plan visibility.

Future gated phases

Live IdP log review, Wazuh/Splunk private receipt, Proxmox runtime identity evidence, AI-agent tool-scope telemetry, Cribl/Security Onion route checks, and production-grade identity coverage require separate gated phases.

Planned gates:

• ID-RUNTIME-001: Proxmox and Windows private runtime identity receipt.
• ID-CLOUD-001: IdP export/log review lane.
• ID-AGENT-001: AI or machine identity tool-scope validation lane.
• ID-ROUTE-001: SIEM/NDR route receipt lane.

Supported claim

ID-DET-001 has platform status/plan visibility for controlled-test validation only.

Not claimed here

This PR does not claim live IdP proof, live SIEM/NDR observation, production identity coverage, complete identity-attack coverage, autonomous SOC operation, disposition authority, proof promotion, public-safe status, or website/public-surface publication.

Validation

• Platform status command passes for ID-DET-001.
• Platform plan command passes for ID-DET-001.
• Platform all-detections plan command passes.
• Claim ceiling: CONTROLLED_TEST_VALIDATED.
• Public-safe status: NOT_PUBLIC_SAFE.

Boundary

No runtime ledger behavior. No proof dependency. No public-safe promotion. No runtime action. No website touch. Depends on validation PR HawkinsOperations/hawkinsoperations-validation#45 and detections PR HawkinsOperations/hawkinsoperations-detections#25.

[raylee-hawkins]

Governance review for ID-DET-001 platform scope.

Reviewed scope: platform status/plan visibility only for ID-DET-001 through the existing controller, docs, and schema enum.

Supported claim: ID-DET-001 has platform status/plan visibility for controlled-test validation only.

Blocked claims preserved: no runtime-active claim, no signal-observed claim, no public-safe claim, no evidence-linked public proof, no live Okta/Entra/IdP proof, no live Splunk/Wazuh/Security Onion/Cribl proof, no production identity coverage claim, no full identity attack coverage claim, no impossible-travel completeness claim, no session hijacking completeness claim, no autonomous SOC claim, no AI-approved disposition, no analyst-approved disposition, no proof promotion, and no website/public-surface promotion.

No proof/public-safe/runtime/signal promotion. No runtime systems touched. No website or proof touched. No runtime ledger behavior added.

Merge only after checks and dependency order pass.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 8ce59b51a4

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".