amr/passepartout
1
0
Fork 0
Code Issues 15 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
337b8cdd86b6644a34cc3f1c603422825bf2d7f1
passepartout/org/security-validator.org
Amr Gharbeia b9a4318ef8 reorg: tangle to XDG, remove stale lisp files, fix tui input 
- Changed all 50 org file :tangle targets from ../lisp/ to
  ~/.local/share/passepartout/lisp/ (XDG data dir)
- Removed 49 generated .lisp files from project lisp/ directory
- Removed tests/system-integration-tests.lisp (generated)
- Removed lisp/*.fasl (compiled, stale)
- Updated core-manifest.org to tangle .asd to XDG root
- Remapped quicklisp symlink: local-projects/passepartout → XDG

TUI fixes in channel-tui-main.org:
- Removed with-raw-terminal (stty raw breaks fd 0 reads in this SBCL)
- Use cat subprocess + pipe for keyboard input (via :input :interactive)
- Blocking read-char on pipe with with-timeout 0.1s for daemon processing
- Key events queued via drain-queue alongside daemon messages
- Full dialog key routing (Escape, Up/Down, Enter, filters, Backspace)
- SIGWINCH resize handling
- Post-handshake backend-size re-query
- Daemon version in status bar (was v0.5.0 hardcoded)
- Handshake version stored in state, no add-msg
- :daemon-version and :size-queried in state plist
- view-status uses draw-rect for background
- Test section gated with #+passepartout-tests
2026-05-14 12:34:06 -04:00

88 lines
3.2 KiB
Org Mode
Raw Blame History

#+TITLE: SKILL: Protocol Validator (org-skill-protocol-validator.org)
#+AUTHOR: Agent
#+FILETAGS: :system:protocol:validation:
#+PROPERTY: header-args:lisp :tangle /home/user/.local/share/passepartout/lisp/security-validator.lisp
* Overview
The Protocol Validator enforces schema compliance on every message entering or leaving the cognitive pipeline. It checks that messages are valid plists, that they have the required ~:type~ and ~:payload~ fields, and that the type is one of the known types (~:REQUEST~, ~:EVENT~, ~:RESPONSE~, ~:LOG~, ~:STATUS~). This prevents malformed messages from crashing the pipeline and ensures backward compatibility when the protocol evolves.
* Architectural Intent
The Protocol Validator wraps ~validate-communication-protocol-schema~
(the core communication function) in a skill-level gate. It is the first
filter every message passes through — malformed messages are rejected
before they reach any cognitive stage.
** Contract
1. (validator-protocol-check msg): returns ~msg~ if valid per
~validate-communication-protocol-schema~. Signals ~error~ on
malformed messages (caught by the skill's deterministic gate).
2. The skill's deterministic gate wraps the validator: valid actions pass
through; invalid actions produce a ~:LOG~ rejection with
~:level :error~.
** Boundaries
- Does NOT define the schema — that is ~core-transport.org~.
- Does NOT validate semantic content — that is the Dispatcher and Policy.
* Implementation
** Package Context
#+begin_src lisp
(in-package :passepartout)
#+end_src
** Validation Logic
;; REPL-VERIFIED: 2026-05-03T13:00:00
#+begin_src lisp
(defun validator-protocol-check (msg)
"Enforces structural schema compliance on protocol messages."
(validate-communication-protocol-schema msg))
#+end_src
** Skill Registration
#+begin_src lisp
(defskill :passepartout-security-validator
:priority 95
:trigger (lambda (ctx) (declare (ignore ctx)) t)
:deterministic (lambda (action ctx)
(declare (ignore ctx))
(handler-case
(progn (validator-protocol-check action) action)
(error (c)
(list :type :LOG :payload (list :level :error :text (format nil "Protocol Violation: ~a" c)))))))
#+end_src
* Test Suite
#+begin_src lisp
(eval-when (:compile-toplevel :load-toplevel :execute)
(ql:quickload :fiveam :silent t))
(defpackage :passepartout-security-validator-tests
(:use :cl :fiveam :passepartout)
(:export #:validator-suite))
(in-package :passepartout-security-validator-tests)
(def-suite validator-suite :description "Verification of the Protocol Validator")
(in-suite validator-suite)
(test test-validator-passes-valid-message
"Contract 1: a valid message passes protocol check."
(let ((msg '(:type :EVENT :payload (:sensor :heartbeat))))
(handler-case
(progn
(validator-protocol-check msg)
(pass))
(error (c)
(fail "Validator rejected a valid message: ~a" c)))))
(test test-validator-rejects-missing-type
"Contract 1: a message missing :type is rejected."
(let ((msg '(:payload (:sensor :heartbeat))))
(signals error
(validator-protocol-check msg))))
#+end_src
Reference in New Issue View Git Blame Copy Permalink