Add v0.2.0 features: vector search + tool permissions

- Local vector search: Ollama embeddings + semantic search - get-embedding with caching - cosine-similarity computation - semantic-search cognitive tool - :semantic-search tool for LLM queries - Tool permission tiers: security gating for cognitive tools - Three tiers: :allow, :deny, :ask - Gate in execute-tool-action before tool runs - Defaults: :deny for shell/delete-file, :ask for eval/write-file - :tool-permissions cognitive tool for management - Embedding provider support: Ollama AND llama.cpp - EMBEDDING_PROVIDER env var - EMBEDDING_MODEL env var - LLAMA_HOST for llama.cpp server - .env.example: Add embedding config variables - Fix parse-message in communication.lisp - Update ASDF: add test files, tool-permissions skill All 60 tests pass (6 suites x 100%)
2026-04-23 13:43:50 -04:00
parent 4e553f654e
commit dfe318425f
13 changed files with 535 additions and 64 deletions
--- a/library/act.lisp
+++ b/library/act.lisp
@@ -81,8 +81,18 @@
         (meta (getf context :meta))
         (source (getf meta :source))
         (tool (gethash (string-downcase (string tool-name)) *cognitive-tools*)))
-    (if tool
-        (handler-case
+    (when tool
+      ;; Tool Permission Gate: Check permission before execution
+      (let ((permission (check-tool-permission-gate tool-name context)))
+        (when (eq permission :deny)
+          (return-from execute-tool-action
+            (list :TYPE :EVENT :DEPTH (1+ depth) :META meta
+                  :PAYLOAD (list :SENSOR :tool-error :tool tool-name :message (format nil "Tool PERMISSION DENIED: ~a" tool-name))))))
+        (when (listp permission)
+          (return-from execute-tool-action
+            (list :TYPE :EVENT :DEPTH (1+ depth) :META meta
+                  :PAYLOAD (list :SENSOR :permission-pending :tool tool-name :args tool-args)))))
+      (handler-case
            (let* ((clean-args (if (and (listp tool-args) (listp (car tool-args))) (car tool-args) tool-args))
                   (result (funcall (cognitive-tool-body tool) clean-args)))
              (let ((feedback (list :TYPE :EVENT :DEPTH (1+ depth) :META meta
@@ -94,10 +104,10 @@
                                    context))
                feedback))
          (error (c)
-            (list :TYPE :EVENT :DEPTH (1+ depth) :META meta
-                  :PAYLOAD (list :SENSOR :tool-error :tool tool-name :message (format nil "~a" c)))))
        (list :TYPE :EVENT :DEPTH (1+ depth) :META meta
-              :PAYLOAD (list :SENSOR :tool-error :message "Tool not found")))))
+              :PAYLOAD (list :SENSOR :tool-error :tool tool-name :message (format nil "~a" c)))))
+    (list :TYPE :EVENT :DEPTH (1+ depth) :META meta
+          :PAYLOAD (list :SENSOR :tool-error :message "Tool not found"))))

 (defun act-gate (signal)
  "Final Stage: Actuation and feedback generation."