Best possible solution:

Land a maintainer-approved gate after tightening the classifier so evidence-type labels do not count without actual non-test live evidence, while preserving the trusted-base workflow design.

Do we have a high-confidence way to reproduce the issue?

Yes. Source inspection of the PR head gives a high-confidence path: a Terminal transcript: or console output label sets hasRealEvidence, so pnpm test or CI-only proof is not classified as mock-only.

Is this the best way to solve the issue?

No. The workflow shape is reasonable, but the classifier should reject mock/test/lint/typecheck/CI-only content before accepting evidence labels, or require actual live evidence payload beyond those labels.

Full review comments:

• [P2] Reject labeled test transcripts before passing proof — scripts/github/real-behavior-proof-policy.mjs:60
  Because realEvidenceRegex accepts labels like terminal transcript, console output, and stdout, and mock-only detection is disabled once hasRealEvidence is true, an external PR can provide Terminal transcript: followed only by pnpm test or CI output and still pass the required gate. That contradicts the new template and docs, which say tests and CI are supplemental only.
  Confidence: 0.9

Overall correctness: patch is incorrect
Overall confidence: 0.87

Acceptance criteria:

• pnpm test test/scripts/real-behavior-proof-policy.test.ts test/scripts/barnacle-auto-response.test.ts
• pnpm exec oxfmt --check --threads=1 scripts/github/real-behavior-proof-policy.mjs test/scripts/real-behavior-proof-policy.test.ts test/scripts/barnacle-auto-response.test.ts
• pnpm check:changed in Testbox before handoff because this touches scripts and workflow policy

What I checked:

• Protected label: The live issue API shows this PR is open with labels scripts, maintainer, and size: L; maintainer is protected and prevents cleanup closure. (d094506a411b)
• Current main lacks the gate: Current main has no Real behavior proof, real-behavior-proof, proof: override, needs-real-behavior-proof, or mock-only-proof hits in the relevant GitHub/script/test/docs surfaces. (978bc53e80cc)
• Documented contract: The PR template says unit tests, mocks, lint, typechecks, snapshots, and CI are supplemental only while requiring after-fix evidence from a real OpenClaw setup. (.github/pull_request_template.md:40, d094506a411b)
• Classifier bypass remains: realEvidenceRegex still treats labels like terminal transcript, console output, linked artifact, and stdout as real evidence; mock-only detection then runs only when hasRealEvidence is false. (scripts/github/real-behavior-proof-policy.mjs:60, d094506a411b)
• Regression test misses labeled transcript bypass: The new negative test covers a fenced pnpm test transcript, but not the accepted-label case such as Terminal transcript: followed only by test/CI output. (test/scripts/real-behavior-proof-policy.test.ts:94, d094506a411b)
• Workflow trust boundary checked: The new workflow uses pull_request_target, but checks out the base SHA with persisted credentials disabled and grants only read permissions to contents and pull requests. (.github/workflows/real-behavior-proof.yml:14, d094506a411b)

Likely related people:

• vincentkoc: Recent GitHub path history shows repeated Barnacle automation, candidate-label, and auto-response workflow changes on the central files. (role: recent maintainer; confidence: high; commits: 1b951c565ea1, 2f6615d2ee9d, 727e0e013ecb; files: scripts/github/barnacle-auto-response.mjs, .github/workflows/auto-response.yml, test/scripts/barnacle-auto-response.test.ts)
• Takhoffman: Recent path history shows multiple PR template and contributor-guidance updates that define the contributor-facing proof contract touched by this PR. (role: adjacent docs/template owner; confidence: high; commits: c19321ed9e02, a4e5b23dc37f, 9f0305420aad; files: .github/pull_request_template.md, CONTRIBUTING.md)
• steipete: Recent history includes Barnacle triage helper refactoring, automation label renames, and workflow maintenance near the policy surface. (role: adjacent maintainer; confidence: medium; commits: c571debf83e6, f28bc31ecdda, c73f7d6596ad; files: scripts/github/barnacle-auto-response.mjs, .github/workflows/auto-response.yml)

Remaining risk / open question:

• If merged as-is and made required in the ruleset, external PRs can satisfy the gate with a labeled test or CI transcript rather than real behavior proof.
• The new Barnacle labels and manual close paths affect contributor PR handling, so the classifier needs to be conservative before maintainers rely on it.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 978bc53e80cc.