ARCH: Finalize semantic reorganization, skill jailing, and unified CLI
Some checks failed
Deploy-Agent-V15-Stdin / JOB-V15-STDIN (push) Failing after 4s
Some checks failed
Deploy-Agent-V15-Stdin / JOB-V15-STDIN (push) Failing after 4s
This commit is contained in:
@@ -12,7 +12,7 @@
|
||||
The *Deterministic Engine Bouncer* is the authorization gate for high-risk actions. It serializes intercepted actions into Org nodes ("Flight Plans") and re-injects them once manually approved by the Autonomous.
|
||||
|
||||
* Package Context
|
||||
#+begin_src lisp
|
||||
#+begin_src lisp :tangle ../library/gen/org-skill-bouncer.lisp
|
||||
(in-package :opencortex)
|
||||
#+end_src
|
||||
|
||||
@@ -22,7 +22,7 @@ The Bouncer ensures the action is "safe" by inspecting the payload content via D
|
||||
** Secret Exposure Check
|
||||
Retrieves all active secrets from the vault and scans the payload for potential leaks.
|
||||
|
||||
#+begin_src lisp
|
||||
#+begin_src lisp :tangle ../library/gen/org-skill-bouncer.lisp
|
||||
(defun bouncer-scan-secrets (text)
|
||||
"Returns the name of the secret found in TEXT, or NIL if clean."
|
||||
(when (and text (stringp text))
|
||||
@@ -38,7 +38,7 @@ Retrieves all active secrets from the vault and scans the payload for potential
|
||||
** Network Exfiltration Check
|
||||
Inspects shell commands for unwhitelisted domains or IP addresses.
|
||||
|
||||
#+begin_src lisp
|
||||
#+begin_src lisp :tangle ../library/gen/org-skill-bouncer.lisp
|
||||
(defun bouncer-check-network-exfil (cmd)
|
||||
"Returns T if the command appears to target an unwhitelisted external host."
|
||||
(when (and cmd (stringp cmd))
|
||||
@@ -55,7 +55,7 @@ Inspects shell commands for unwhitelisted domains or IP addresses.
|
||||
* Runtime Guard (bouncer-check)
|
||||
The primary entry point for all high-impact actions. It blocks or queues actions based on risk vectors.
|
||||
|
||||
#+begin_src lisp
|
||||
#+begin_src lisp :tangle ../library/gen/org-skill-bouncer.lisp
|
||||
(defun bouncer-check (action context)
|
||||
"The 5-Vector security gate. Blocks or queues actions based on risk."
|
||||
(let* ((target (getf action :target))
|
||||
@@ -98,7 +98,7 @@ The primary entry point for all high-impact actions. It blocks or queues actions
|
||||
* Approval Processing
|
||||
The Bouncer periodically scans the Memex for approved "Flight Plans" and re-injects them into the metabolic loop.
|
||||
|
||||
#+begin_src lisp
|
||||
#+begin_src lisp :tangle ../library/gen/org-skill-bouncer.lisp
|
||||
(defun bouncer-process-approvals ()
|
||||
"Scans the object store for APPROVED flight plans and re-injects their actions."
|
||||
(let ((approved-nodes (list-objects-with-attribute :TODO "APPROVED"))
|
||||
@@ -123,7 +123,7 @@ The Bouncer periodically scans the Memex for approved "Flight Plans" and re-inje
|
||||
The Bouncer skill reacts to approval requirements by creating flight plan nodes, and periodically checks for manual approvals via heartbeats.
|
||||
|
||||
** Skill Logic
|
||||
#+begin_src lisp
|
||||
#+begin_src lisp :tangle ../library/gen/org-skill-bouncer.lisp
|
||||
(defun bouncer-deterministic-gate (action context)
|
||||
"Main gate for the bouncer skill."
|
||||
(let* ((payload (getf context :payload))
|
||||
@@ -148,7 +148,7 @@ The Bouncer skill reacts to approval requirements by creating flight plan nodes,
|
||||
#+end_src
|
||||
|
||||
** Skill Registration
|
||||
#+begin_src lisp
|
||||
#+begin_src lisp :tangle ../library/gen/org-skill-bouncer.lisp
|
||||
(defskill :skill-bouncer
|
||||
:priority 150
|
||||
:trigger (lambda (ctx) t) ;; Bouncer evaluates all actions deterministically
|
||||
|
||||
Reference in New Issue
Block a user