diff --git a/skills/org-skill-bouncer.org b/skills/org-skill-bouncer.org index 4af8a7b..f83691c 100644 --- a/skills/org-skill-bouncer.org +++ b/skills/org-skill-bouncer.org @@ -30,7 +30,7 @@ Retrieves all active secrets from the vault and scans the payload for potential (when (and val (stringp val) (> (length val) 5)) (when (search val text) (setf found-secret key)))) - *vault-memory*) + opencortex::*vault-memory*) found-secret))) #+end_src diff --git a/skills/org-skill-credentials-vault.org b/skills/org-skill-credentials-vault.org index e293e0b..106f595 100644 --- a/skills/org-skill-credentials-vault.org +++ b/skills/org-skill-credentials-vault.org @@ -68,7 +68,7 @@ Tests in `tests/vault-tests.lisp` will verify: We maintain an in-memory hash table for secrets, which is hydrated from and persisted to the Memory. #+begin_src lisp -(defvar *vault-memory* (make-hash-table :test 'equal) +(defvar opencortex::*vault-memory* (make-hash-table :test 'equal) "In-memory cache of sensitive credentials.") #+end_src @@ -90,7 +90,7 @@ This function is the secure getter for all system secrets. It prioritizes the Va (defun vault-get-secret (provider &key (type :api-key)) "Retrieves a credential. Type can be :api-key or :session." (let* ((key (format nil "~a-~a" provider type)) - (val (gethash key *vault-memory*))) + (val (gethash key opencortex::*vault-memory*))) (if val val ;; Fallback to environment @@ -116,7 +116,7 @@ When a secret is updated, we immediately snapshot the Memory to ensure the crede (defun vault-set-secret (provider secret &key (type :api-key)) "Securely stores a secret and triggers a Merkle snapshot." (let ((key (format nil "~a-~a" provider type))) - (setf (gethash key *vault-memory*) secret) + (setf (gethash key opencortex::*vault-memory*) secret) (harness-log "VAULT - Updated ~a for ~a. Triggering Merkle snapshot..." type provider) (snapshot-memory) t)) @@ -176,7 +176,7 @@ Note: Tests disabled in jail load. ** 2. Chaos Scenarios - *Scenario A (Vault Poisoning):* Inject a malformed session string and verify the `llm-gateway` detects the invalid format and returns a standardized error instead of crashing. -- *Scenario B (Memory Wipe):* Clear `*vault-memory*` during runtime and verify the vault successfully re-hydrates from the Memory (or environment fallback). +- *Scenario B (Memory Wipe):* Clear `opencortex::*vault-memory*` during runtime and verify the vault successfully re-hydrates from the Memory (or environment fallback). * Phase F: Memory (RCA) - *[2026-04-09 Thu]:* Consolidated `auth-api-key` and `auth-google-oauth` into this vault. Introduced mandatory masking for all credential-related logging.