#+TITLE: SKILL: Global Safety Harness (Universal Literate Note)
#+ID: skill-safety-harness
#+STARTUP: content
#+FILETAGS: :security:sandbox:ast:psf:

* Overview
The *Global Safety Harness* is the primary "Safety Gate" for the Neurosymbolic Lisp Machine. It provides a recursive AST validator that subjects all Elisp proposals from System 1 to a strict "Deny-by-Default" sandbox, preventing arbitrary code execution while allowing high-fidelity system manipulation.

* Phase A: Demand (PRD)
:PROPERTIES:
:STATUS: FROZEN
:END:

** 1. Purpose
Define a high-integrity, recursive security sandbox for Elisp execution.

** 2. User Needs
- *Recursive Validation:* Every nested function call and variable access MUST be checked.
- *Deny-by-Default:* Only explicitly whitelisted functions and variables are permitted.
- *Eval Protection:* Block all forms of `eval`, `load`, or dynamic execution.
- *Symbolic Preemption:* This skill acts as a mandatory global System 2 check.

** 3. Success Criteria
*** TODO Implement recursive AST walker in Lisp
*** TODO Establish strict function whitelist (surgical Org operations)
*** TODO Detect and block nested 'eval' attempts
*** TODO Verify that malformed or malicious sexps are rejected

* Phase B: Blueprint (PROTOCOL)
:PROPERTIES:
:STATUS: SIGNED
:END:

** 1. Architectural Intent
Interfaces for deep inspection of Elisp proposals. Source of truth is the Lisp reader and the security whitelist.

** 2. Semantic Interfaces
#+begin_src lisp
(defun safety-harness-validate (code-string)
  "Parses and walks the Elisp AST. Returns T if safe, NIL otherwise.")

(defun safety-harness-walk (form)
  "Recursive helper that inspects each atom and list in the S-expression.")
#+end_src

* Phase D: Build (Implementation)

** The Validator
#+begin_src lisp :tangle projects/org-skill-safety-harness/src/safety-logic.lisp
(defparameter *approved-functions* 
  '(message insert org-set-property org-id-goto save-excursion get-buffer-create format plist-get list quote))

(defun safety-harness-walk (form)
  "Recursively ensures all function calls in FORM are whitelisted."
  (cond
    ((atom form) t) ; Atoms (strings, numbers, symbols) are inherently safe
    ((listp form)
     (let ((fn (car form))
           (args (cdr form)))
       (and (member fn *approved-functions*)
            (every #'safety-harness-walk args))))
    (t nil)))

(defun safety-harness-validate (code-string)
  "Parses the string and triggers the recursive walk."
  (handler-case
      (let ((form (read-from-string code-string)))
        (safety-harness-walk form))
    (error (c)
      (kernel-log "SAFETY HARNESS - Parse error: ~a" c)
      nil)))
#+end_src

* Registration
#+begin_src lisp
(defskill :skill-safety-harness
  :priority 100 ; Mandatory high-priority gate
  :trigger (lambda (context) nil) ; Triggered manually by kernel 'decide'
  :neuro (lambda (context) nil)
  :symbolic (lambda (action context) action))
#+end_src