amr/passepartout
1
0
Fork 0
Code Issues 15 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
a593b76015ff35ec0a397feeb7ffc8a5802df751
passepartout/org/security-validator.org
Amr Gharbeia 33993d2d73
Some checks failed
Deploy (Gitea) / deploy (push) Failing after 2s
Details
rename: remaining Bouncer mentions → Dispatcher 
- BOUNCER-PRIVACY-TAGS → *DISPATCHER-PRIVACY-TAGS*
- BOUNCER-SHELL-TIMEOUT → *DISPATCHER-SHELL-TIMEOUT*
- BOUNCER-SHELL-MAX-OUTPUT → *DISPATCHER-SHELL-MAX-OUTPUT*
- bouncer-privacy-tags docstrings → Dispatcher privacy tags
- 'Bouncer' in log messages, docstrings, test descriptions
- 'Bouncer Security Dispatcher' → 'Security Dispatcher'
2026-05-06 18:43:25 -04:00

3.1 KiB
Raw Blame History

SKILL: Protocol Validator (org-skill-protocol-validator.org)

Overview

The Protocol Validator enforces schema compliance on every message entering or leaving the cognitive pipeline. It checks that messages are valid plists, that they have the required :type and :payload fields, and that the type is one of the known types (:REQUEST, :EVENT, :RESPONSE, :LOG, :STATUS). This prevents malformed messages from crashing the pipeline and ensures backward compatibility when the protocol evolves.

Architectural Intent

The Protocol Validator wraps validate-communication-protocol-schema (the core communication function) in a skill-level gate. It is the first filter every message passes through — malformed messages are rejected before they reach any cognitive stage.

Contract

  1. (validator-protocol-check msg): returns msg if valid per validate-communication-protocol-schema. Signals error on malformed messages (caught by the skill's deterministic gate).
  2. The skill's deterministic gate wraps the validator: valid actions pass through; invalid actions produce a :LOG rejection with :level :error.

Boundaries

  • Does NOT define the schema — that is core-communication.org.
  • Does NOT validate semantic content — that is the Dispatcher and Policy.

Implementation

Package Context 

(in-package :passepartout)

Validation Logic

;; REPL-VERIFIED: 2026-05-03T13:00:00

(defun validator-protocol-check (msg)
  "Enforces structural schema compliance on protocol messages."
  (validate-communication-protocol-schema msg))

Skill Registration 

(defskill :passepartout-security-validator
  :priority 95
  :trigger (lambda (ctx) (declare (ignore ctx)) t)
  :deterministic (lambda (action ctx)
                   (declare (ignore ctx))
                   (handler-case
                       (progn (validator-protocol-check action) action)
                     (error (c)
                       (list :type :LOG :payload (list :level :error :text (format nil "Protocol Violation: ~a" c)))))))

Test Suite 

(eval-when (:compile-toplevel :load-toplevel :execute)
  (ql:quickload :fiveam :silent t))

(defpackage :passepartout-security-validator-tests
  (:use :cl :fiveam :passepartout)
  (:export #:validator-suite))

(in-package :passepartout-security-validator-tests)

(def-suite validator-suite :description "Verification of the Protocol Validator")
(in-suite validator-suite)

(test test-validator-passes-valid-message
  "Contract 1: a valid message passes protocol check."
  (let ((msg '(:type :EVENT :payload (:sensor :heartbeat))))
    (handler-case
        (progn
          (validator-protocol-check msg)
          (pass))
      (error (c)
        (fail "Validator rejected a valid message: ~a" c)))))

(test test-validator-rejects-missing-type
  "Contract 1: a message missing :type is rejected."
  (let ((msg '(:payload (:sensor :heartbeat))))
    (signals error
      (validator-protocol-check msg))))
Reference in New Issue View Git Blame Copy Permalink