"Speech-to-code — operations, security, rollout"

Operations

Observability

Security and privacy

  • MCP vox_validate_file resolves relative paths against the bound repository root and rejects canonical paths outside it (including traversal via .. and absolute paths in other trees).
  • Avoid persisting raw audio in shared logs; redact paths if needed. MCP vox_oratio_listen logs path basename only for protected path-like tokens when LLM polish rejects a correction.
  • Speech trace / training rows: follow repo retention policy; use mens/schemas/speech_to_code_trace.schema.json only for opt-in export.
  • Labeling rubric (human QA): contracts/speech-to-code/labeling_rubric.md.

Release gates

  • Compile: cargo check -p vox-mcp -p vox-oratio -p vox-lsp -p vox-audio-ingress (and cargo check -p vox-cli --features oratio-mic when shipping mic capture).
  • Quality: MCP validate_file and vox_generate_code must use validate_document_with_hir; vox_speech_to_code delegates to the same codegen path.
  • Contract: MCP registry includes vox_speech_to_code (contracts/mcp/tool-registry.canonical.yaml); integration tests speech_schema_parity / manifest guards stay green.
  • Regression: run cargo test -p vox-oratio -p vox-lsp -p vox-corpus speech-related tests.

Incremental rollout stages

  1. Transcript-only: HTTP ingress + MCP transcribe; no automated codegen.
  2. Draft codegen: vox_speech_to_code with validate:false for exploratory drafts only.
  3. Validated codegen (default path): validate:true (default), bounded retries, HIR gate unchanged.
  4. Broader tooling: expand intent/routing; keep destructive repo operations behind explicit human confirmation outside this tool.

Canary / rollback (MENS)

  • Promote speech-tuned checkpoints only when compile-pass@k on the frozen benchmark set improves vs baseline.
  • Roll back if p95 latency or error-rate SLO regresses (define per deployment).

See speech-to-code-pipeline.md.