docs: proofread AWF config spec for W3C-style conformance

[lpcox]

Summary

Comprehensive proofread and rewrite of docs/awf-config-spec.md to follow W3C specification conventions consistently throughout.

Changes

Structural additions:

• Abstract section summarizing document purpose and audience
• Normative References and Informative References sections
• Status section now distinguishes normative from informative content

Style fixes applied across all sections:

• RFC 2119 keywords hyperlinked and used consistently (MUST, SHALL, SHOULD, MAY)
• Formal definitions for conforming document and conforming implementation
• Informative content moved to blockquoted > **Note:** blocks
• Bullet lists replaced with structured tables where appropriate
• Section headers normalized (removed ad-hoc "(Normative)" suffix in favor of inline marker)
• Processing model rewritten in formal imperative style with ordered steps and cross-references
• Precedence rules use highest-wins ordering with SHALL

Content preserved:
All normative requirements from the previous version are preserved. No behavioral changes.

[github-actions]

Documentation Preview

Documentation build failed for this PR. View logs.

Built from commit 0f8514d

[github-actions]

Smoke Test Results

✅ GitHub MCP: Retrieved 2 merged PRs
✅ Playwright: github.com page title verified
✅ File Writing: Test file created
✅ Bash Tool: File verified

Status: PASS

💥 [THE END] — Illustrated by Smoke Claude

[github-actions]

🔬 Smoke Test Results

Test	Status
GitHub MCP connectivity	✅
GitHub.com HTTP	⚠️ (template vars not expanded)
File write/read	⚠️ (template vars not expanded)

PR: docs: proofread AWF config spec for W3C-style conformance
Author: @lpcox | Reviewers: @Mossaka, @Copilot

Overall: PARTIAL — MCP confirmed working; pre-step outputs were not injected into agent prompt.

📰 BREAKING: Report filed by Smoke Copilot

[github-actions]

🔥 Smoke Test: Copilot BYOK (Offline) Mode

Test	Result
GitHub MCP connectivity	✅ (listed PR #2747)
GitHub.com HTTP	⚠️ pre-step data not expanded
File write/read	⚠️ pre-step data not expanded
BYOK inference (this response)	✅

Running in BYOK offline mode (COPILOT_OFFLINE=true) via api-proxy → api.githubcopilot.com

PR: "docs: proofread AWF config spec for W3C-style conformance" — author: @lpcox, reviewers: @Mossaka, @Copilot

Overall: PARTIAL — BYOK inference path confirmed working; pre-step smoke data was not injected (template vars unexpanded).

🔑 BYOK report filed by Smoke Copilot BYOK

[github-actions]

🔮 Codex smoke: FAIL
✅ Merged PRs: feat: add daily schema-sync workflow | fix: scanner workflows now check closed issues with state_reason-aware dedup
❌ safeinputs-gh PR query unavailable
✅ Playwright GitHub title
❌ Tavily search unavailable
✅ File write/read
❌ github-discussion-query unavailable; oracle comment posted via safeoutputs
✅ npm ci && npm run build
Overall status: FAIL

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

• registry.npmjs.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "registry.npmjs.org"

See Network Configuration for more information.

🔮 The oracle has spoken through Smoke Codex

[github-actions]

🏗️ Build Test Suite Results

Ecosystem	Project	Build/Install	Tests	Status
Bun	elysia	✅	1/1 passed	✅ PASS
Bun	hono	✅	1/1 passed	✅ PASS
C++	fmt	✅	N/A	✅ PASS
C++	json	✅	N/A	✅ PASS
Deno	oak	N/A	1/1 passed	✅ PASS
Deno	std	N/A	1/1 passed	✅ PASS
.NET	hello-world	✅	N/A	✅ PASS
.NET	json-parse	✅	N/A	✅ PASS
Go	color	✅	1/1 passed	✅ PASS
Go	env	✅	1/1 passed	✅ PASS
Go	uuid	✅	1/1 passed	✅ PASS
Java	gson	✅	1/1 passed	✅ PASS
Java	caffeine	✅	1/1 passed	✅ PASS
Node.js	clsx	✅	passed	✅ PASS
Node.js	execa	✅	passed	✅ PASS
Node.js	p-limit	✅	passed	✅ PASS
Rust	fd	✅	1/1 passed	✅ PASS
Rust	zoxide	✅	1/1 passed	✅ PASS

Overall: 8/8 ecosystems passed — ✅ PASS

Note on Java: Maven's default local repository path (~/.m2/repository) had permission issues (owned by root). Tests succeeded using -Dmaven.repo.local=/tmp/mvn-repo workaround.

Generated by Build Test Suite for issue #2757 · ● 563.7K · ◷

[github-actions]

Smoke Test Results — Service Connectivity

Check	Result
Redis PING (host.docker.internal:6379)	❌ Timeout/no response
PostgreSQL pg_isready (host.docker.internal:5432)	❌ No response
PostgreSQL SELECT 1	❌ Not attempted (pg_isready failed)

Overall: FAIL — Neither Redis nor PostgreSQL is reachable from this runner. The service containers do not appear to be running or host.docker.internal does not resolve to a host that has the services bound.

🔌 Service connectivity validated by Smoke Services

[Copilot]

Pull request overview

This PR rewrites docs/awf-config-spec.md to follow W3C-style specification conventions more consistently, while aiming to preserve the existing normative requirements for AWF configuration, processing, and credential isolation.

Changes:

• Adds W3C-style document structure (Abstract, clearer conformance language, and Normative/Informative References).
• Reformats several sections into more formal, step-based and table-based specification language (processing model, data model, environment semantics).
• Tightens normative phrasing around precedence, environment merge semantics, and credential isolation behavior.

Show a summary per file

File	Description
docs/awf-config-spec.md	Comprehensive rewrite/restructure of the AWF config specification for W3C-style conformance and clearer normative/informative separation.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 1/1 changed files
• Comments generated: 3