amr/passepartout
1
0
Fork 0
Code Issues 15 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
8fd56dece3847164af1faa8816565cbcfbbc83b2
passepartout/org/security-validator.org
Amr Gharbeia 8fd56dece3 v0.8.2: cleanup + prose + structure + decomposition + budget + errors 
Phase 1 — dedup + hardening (~9 items):
- Remove duplicate *skill-registry* defvar from core-skills
- Merge *backend-registry* into *probabilistic-backends*, delete backend-register
- Remove inject-stimulus alias, standardize on stimulus-inject
- Add pre-eval sandbox (skill-source-scan) blocks restricted symbols before eval
- Remove dead plist-get function; remove duplicate json-alist-to-plist export
- Fix read-framed-message whitespace DoS (4096-iteration max)
- Add *read-eval* nil to dispatcher-approvals-process read-from-string (RCE)
- Add test-op to ASDF; update .asd version 0.4.3→0.7.2

Phase 2 — prose + contracts + reorder:
- Split ROADMAP: 2623→1089 lines (TODO only), CHANGELOG: 260→1528 lines (full DONE history, 14 versions reverse chron)
- Add Contracts + Overview to 6 channel files + embedding-native + programming-standards + symbolic-scope
- Reorder 28 .org files: Contract → Test Suite → Implementation (TDD order)
- Add 7-phase inline prose to think() in core-reason
- Expand USER_MANUAL: 183→461 lines (10 new sections)

Phase 3 — decomposition + export organization:
- Decompose think() into think-assemble-prompt, think-call-llm, think-parse-response orchestrator
- Organize 188 exports into 16 grouped sections by module

Phase 4 — budget enforcement + error protocol:
- Per-session budget enforcement (SESSION_BUDGET_USD env var, budget-exhausted-p, guard in think-call-llm)
- Error condition hierarchy (6 conditions: pipeline-error, llm-error, gate-error, budget-error, protocol-error)
- Restarts in loop-process: skip-signal, use-fallback, abort-pipeline
2026-05-13 09:17:48 -04:00

3.1 KiB
Raw Blame History

SKILL: Protocol Validator (org-skill-protocol-validator.org)

Overview

The Protocol Validator enforces schema compliance on every message entering or leaving the cognitive pipeline. It checks that messages are valid plists, that they have the required :type and :payload fields, and that the type is one of the known types (:REQUEST, :EVENT, :RESPONSE, :LOG, :STATUS). This prevents malformed messages from crashing the pipeline and ensures backward compatibility when the protocol evolves.

Architectural Intent

The Protocol Validator wraps validate-communication-protocol-schema (the core communication function) in a skill-level gate. It is the first filter every message passes through — malformed messages are rejected before they reach any cognitive stage.

Contract

  1. (validator-protocol-check msg): returns msg if valid per validate-communication-protocol-schema. Signals error on malformed messages (caught by the skill's deterministic gate).
  2. The skill's deterministic gate wraps the validator: valid actions pass through; invalid actions produce a :LOG rejection with :level :error.

Boundaries

  • Does NOT define the schema — that is core-transport.org.
  • Does NOT validate semantic content — that is the Dispatcher and Policy.

Test Suite 

(eval-when (:compile-toplevel :load-toplevel :execute)
  (ql:quickload :fiveam :silent t))

(defpackage :passepartout-security-validator-tests
  (:use :cl :fiveam :passepartout)
  (:export #:validator-suite))

(in-package :passepartout-security-validator-tests)

(def-suite validator-suite :description "Verification of the Protocol Validator")
(in-suite validator-suite)

(test test-validator-passes-valid-message
  "Contract 1: a valid message passes protocol check."
  (let ((msg '(:type :EVENT :payload (:sensor :heartbeat))))
    (handler-case
        (progn
          (validator-protocol-check msg)
          (pass))
      (error (c)
        (fail "Validator rejected a valid message: ~a" c)))))

(test test-validator-rejects-missing-type
  "Contract 1: a message missing :type is rejected."
  (let ((msg '(:payload (:sensor :heartbeat))))
    (signals error
      (validator-protocol-check msg))))

Implementation

Package Context 

(in-package :passepartout)

Validation Logic

;; REPL-VERIFIED: 2026-05-03T13:00:00

(defun validator-protocol-check (msg)
  "Enforces structural schema compliance on protocol messages."
  (validate-communication-protocol-schema msg))

Skill Registration 

(defskill :passepartout-security-validator
  :priority 95
  :trigger (lambda (ctx) (declare (ignore ctx)) t)
  :deterministic (lambda (action ctx)
                   (declare (ignore ctx))
                   (handler-case
                       (progn (validator-protocol-check action) action)
                     (error (c)
                       (list :type :LOG :payload (list :level :error :text (format nil "Protocol Violation: ~a" c)))))))
Reference in New Issue View Git Blame Copy Permalink