docs: fix incorrect job name 'Execution' → correct 'Agent'/'SafeOutputs' names (#620)

github-actions[bot] · Copilot · web-flow · commit 8480ae88d0b1 · 2026-05-18T17:15:03.000+01:00
The three pipeline jobs are named Agent (Stage 1), Detection (Stage 2),
and SafeOutputs (Stage 3). Three documentation files incorrectly referred
to Stage 1 as the 'Execution job' (docs/extending.md, docs/filter-ir.md)
and to Stage 3 as the 'Execution job' (docs/network.md). Fix all three to
use the actual job identifiers from the compiled pipeline templates.

Co-authored-by: github-actions[bot] &lt;41898282+github-actions[bot]@users.noreply.github.com&gt;
Co-authored-by: Copilot &lt;223556219+Copilot@users.noreply.github.com&gt;
diff --git a/docs/extending.md b/docs/extending.md
@@ -40,7 +40,7 @@ pub trait CompilerExtension {
     fn required_hosts(&self) -> Vec<String>;                   // AWF network allowlist
     fn required_bash_commands(&self) -> Vec<String>;           // Agent bash allow-list
     fn prompt_supplement(&self) -> Option<String>;              // Agent prompt markdown
-    fn prepare_steps(&self) -> Vec<String>;                    // Execution job steps (install, etc.)
+    fn prepare_steps(&self) -> Vec<String>;                    // Agent job steps (install, etc.)
     fn setup_steps(&self, ctx: &CompileContext) -> Result<Vec<String>>; // Setup job steps (gates, pre-checks)
     fn mcpg_servers(&self, ctx: &CompileContext) -> Result<Vec<(String, McpgServerConfig)>>; // MCPG entries
     fn allowed_copilot_tools(&self) -> Vec<String>;            // --allow-tool values
@@ -53,8 +53,8 @@ pub trait CompilerExtension {
 ```
 
 **`prepare_steps()` vs `setup_steps()`**: `prepare_steps()` injects into the
-Execution job (before the agent runs). `setup_steps()` injects into the Setup
-job (before the Execution job starts). Use `setup_steps()` for pre-activation
+Agent job (before the agent runs). `setup_steps()` injects into the Setup
+job (before the Agent job starts). Use `setup_steps()` for pre-activation
 gates or checks that must complete before the agent is launched.
 
 **Phase ordering**: Extensions are sorted by phase — runtimes
diff --git a/docs/filter-ir.md b/docs/filter-ir.md
@@ -367,7 +367,7 @@ When Tier 2/3 filters are configured, the `TriggerFiltersExtension`
    during compilation via the `validate()` trait method
 
 The extension uses the `setup_steps()` trait method (not `prepare_steps()`)
-because the gate must run in the **Setup job** (before the Execution job).
+because the gate must run in the **Setup job** (before the Agent job).
 
 ### Tier 1 Inline Path
 
diff --git a/docs/network.md b/docs/network.md
@@ -128,7 +128,7 @@ permissions:
 ### Security Model
 
 - **`permissions.read`**: Mints a read-only ADO-scoped token given to the agent inside the AWF sandbox (Stage 1). The agent can query ADO APIs but cannot write.
-- **`permissions.write`**: Mints a write-capable ADO-scoped token used **only** by the executor in Stage 3 (`Execution` job). This token is never exposed to the agent.
+- **`permissions.write`**: Mints a write-capable ADO-scoped token used **only** by the executor in Stage 3 (`SafeOutputs` job). This token is never exposed to the agent.
 - **Both omitted**: No ADO tokens are passed anywhere. The agent has no ADO API access.
 
 ### Compile-Time Validation
