Implementation Plan: Workbench UI

Provide an operator/developer “Workbench” UI for inspecting semantic state and operating the system: KGS explorer, manifest inspector, adapter/gateway console, governance console, and simulation cockpit.

Provenance & Traceability

Architectural Decisions (ADRs)

ADR ID	Decision Title	Impact on This Plan
ADR-033	Kernel-Shell Architecture	Workbench is a shell; kernel remains authoritative.
ADR-029	Observability Stack Architecture	Workbench consumes telemetry and evidence safely.

Product Requirements (PRDs)

PRD ID	Requirement Title	Satisfied By (SDS)	Acceptance Criteria
PRD-025	Workbench UI	SDS-054	Inspect KGS/manifests, view governance evidence, operate safely

Software Design Specifications (SDS)

SDS ID	Service/Component	Bounded Context	SEA-DSL Spec File	Implementation Status
SDS-054	Workbench UI Service	`developer-tooling`	N/A	Draft

Dependencies (Existing Specs This Plan Builds On)

KGS querying: docs/specs/semantic-core/sds/003-knowledge-graph-service.md
Manifest inspection: docs/specs/shared/reference/011-manifest-schema.md
Governance evidence: docs/specs/shared/sds/047-governedspeed-governance-runtime.sds.yaml (supersedes SDS-043)
Observability envelope: docs/specs/shared/sds/030-semantic-observability.md
UI shells integration patterns: docs/specs/shared/sds/048-platform-ui-integration.md

Architecture and Design

Design Principles Applied

Isomorphism: Workbench surfaces are projections of semantic state (KGS/manifest/evidence), not hand-maintained.
Invariants: No privileged actions without explicit authority/approval (SDS-031).
Idempotency: Operational actions triggered from UI are commands with request IDs (like SDS-048 CMD-060).

Expected Filetree

/
├── docs/specs/**                             # (new) PRD/SDS for workbench UI
└── apps/**/src/gen/**                        # generated UI shell code (if applicable)

Proposed Cycles

Cycle	Branch	Wave	Files Modified	Files Created	Specs Implemented
C1A	`cycle/p014-c1a-specs`	1	—	`docs/specs//prd/-workbench-ui.md`, `docs/specs//sds/-workbench-ui.md`	NEW PRD/SDS
C1B	`cycle/p014-c1b-read-only-console`	1	`docs/specs/shared/sds/048-platform-ui-integration.md` (if needed)	generated `apps//src/gen/`	Read-only dashboards
C1C	`cycle/p014-c1c-case-console`	1	`docs/specs/shared/sds/054-workbench-ui-service.md`	—	Case Management Console
C2A	`cycle/p014-c2a-ops-actions`	2	`docs/specs/shared/sds/031-authority-ownership-boundaries.md`	generated adapters under `/src/gen/`	Guarded operational actions

Task Breakdown

Wave 1 (Parallel)

C1A: Author missing PRD/SDS for Workbench UI ✅ PRD-025 and SDS-054 already complete
- Implements: Read-only views (KGS, manifests, evidence) and gated actions (simulations, approvals)
- Satisfies: PRD-025, ADR-033
- Files: docs/specs/shared/prd/025-workbench-ui.md, docs/specs/shared/sds/054-workbench-ui-service.md
C1B: Define read-only “console” endpoints and models for workbench consumption
- Implements: Queries and DTOs for KGS/manifest/evidence browsing
- Satisfies: Operator inspection use-cases
- Files: docs/specs/shared/sds/048-platform-ui-integration.md (extend with workbench endpoints) or new SDS
C1C: Add Case Management Console integration
- Implements: Case dashboard, task queue, artifact pipeline, timeline (incl. historical cases)
- Satisfies: PRD-026 (Case Management Platform), SDS-012
- Files: docs/specs/shared/sds/054-workbench-ui-service.md (extended)

Wave 2 (Depends on Wave 1)

C2A: Define and enforce privileged operational actions (approvals, break-glass, simulation runs) ✅ SDS-054 §Action Endpoints
- Implements: Authority + audit rules (SDS-031, REF-012 §10)
- Satisfies: Governance invariants and auditability requirements (REQ-WB-004, REQ-WB-005)
- Files: docs/specs/shared/sds/054-workbench-ui-service.md (Action Endpoints + Authorization Middleware)

Validation & Verification

Spec Validation

All workbench actions map to explicit commands/queries with schemas (SDS-054 BFF)
All privileged actions reference SDS-031 and are auditable (SDS-054 §Authorization)

Implementation Validation

Read-only views are safe-by-default (no secrets/PII leaks per SDS-030)
Operational actions require approvals and produce evidence artifacts where applicable (SDS-047)

Note: SDS-043 (Risk & Evidence Service) has been superseded by SDS-047 per ADR-031.

Open Questions

Is Workbench a web app inside this repo (apps/*) or an external UI (like Zed/LibreChat)? apps/workbench (internal)
What is the minimal read-only surface to ship first (KGS explorer vs governance console)? KGS explorer
Should simulation cockpit be part of Workbench or a separate shell/service? Part of Workbench

Risks & Mitigation

Risk	Likelihood	Impact	Mitigation Strategy
Workbench becomes a “backdoor” for privileged actions	Medium	Critical	Enforce SDS-031/035; deny-by-default; log all actions to evidence/ledger.
Workbench leaks sensitive semantic/provenance data	Medium	High	Use SDS-030 payload modes and sensitivity hashing; RBAC on read-time.

Rollback Strategy

Ship read-only mode only until authority and audit are fully enforced.

Reference Documents

docs/specs/shared/sds/048-platform-ui-integration.md
docs/specs/shared/sds/030-semantic-observability.md