amr/passepartout
1
0
Fork 0
Code Issues 15 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
c0d3f066e8758653beb0afacc5f25ae0307d92a8
passepartout/skills/org-skill-bouncer.org
Amr Gharbeia c0d3f066e8
Some checks failed
Deploy-Agent-V15-Stdin / JOB-V15-STDIN (push) Failing after 3s
Details
Proactive doctor, setup wizard, and TUI fixes 
BREAKING CHANGES / KNOWN ISSUES:
- 8 skills have syntax errors causing loader warnings:
  org-skill-bouncer, org-skill-config-manager, org-skill-credentials-vault,
  org-skill-engineering-standards, org-skill-gardener, org-skill-homoiconic-memory,
  org-skill-peripheral-vision, org-skill-policy
- These skills fail to load but don't block system operation
- TUI works despite these errors

FEATURES ADDED:

1. Proactive Doctor System
   - Doctor runs automatically on daemon startup
   - Health check runs before accepting connections
   - Adds /health endpoint for health status queries
   - *system-health* variable tracks: :healthy, :degraded, :unhealthy, :unknown

2. Error Handling (Option B - Debugger Hook)
   - TUI and CLI now run doctor diagnostics on errors
   - Shows "Run opencortex doctor" message on crash
   - Suggests repair commands after failures

3. Interactive Setup Wizard (org-skill-config-manager)
   - Full wizard implemented in config-manager skill:
     * LLM provider configuration (OpenAI, Anthropic, OpenRouter, Groq, Gemini, Ollama)
     * Gateway linking (Slack, Discord)
     * Memory settings (auto-save interval, history retention)
     * Network settings (timeout, proxy)
   - Saves to ~/.config/opencortex/.env (KEY=VALUE format)
   - CLI integration: opencortex setup, setup --add-provider, setup --link

4. CLI Enhancements
   - doctor --watch: Background health monitoring (60s interval)
   - doctor --fix: Interactive repair (falls back to full setup if core files missing)
   - setup command runs wizard or delegates to setup_system

5. TUI Fixes
   - Inlined message formatting to avoid dependency issues
   - Added error handling in handle-return
   - Cleaner error messages

6. Thin Harness Compliance
   - Removed doctor from harness (now in org-skill-diagnostics skill)
   - XDG directories: only .lisp in harness, .org kept in skills for loader
2026-04-29 12:58:09 -04:00

5.6 KiB
Raw Blame History

SKILL: Bouncer (org-skill-bouncer.org)

Overview

The Bouncer Skill is the physical security layer of OpenCortex. It enforces operational security checks on all proposed actions.

Implementation

Package Context 

(in-package :opencortex)

Security Configuration 

(defvar *bouncer-network-whitelist*
  '("api.telegram.org" "matrix.org" "googleapis.com" "openai.com" "anthropic.com")
  "Domains that the Bouncer considers safe for outbound connections.")

Secret Scanning (bouncer-scan-secrets) 

(defun bouncer-scan-secrets (text)
  "Scans TEXT for known secrets from the vault."
  (when (and text (stringp text))
    (let ((found-secret nil))
      (maphash (lambda (key val)
                 (when (and val (stringp val) (> (length val) 5))
                   (when (search val text)
                     (setf found-secret key))))
               *vault-memory*)
      found-secret)))

Network Check (bouncer-check-network-exfil) 

(defun bouncer-check-network-exfil (cmd)
  "Detects if CMD attempts to contact an unwhitelisted external host."
  (when (and cmd (stringp cmd))
    (multiple-value-bind (match regs)
        (cl-ppcre:scan-to-strings "(http|https|ftp)://([\\w\\.-]+)" cmd)
      (declare (ignore match))
      (when regs
        (let ((domain (aref regs 1)))
          (not (some (lambda (safe) (search safe domain))
                    *bouncer-network-whitelist*)))))))

Main Security Gate (bouncer-check) 

(defun bouncer-check (action context)
  "The 5-Vector security gate for high-risk actions."
  (declare (ignore context))
  (let* ((target (proto-get action :target))
         (payload (proto-get action :payload))
         (text (or (proto-get payload :text) (proto-get action :text)))
(cmd (or (proto-get payload :cmd)
                  (when (and (eq target :tool) (equal (proto-get payload :tool) "shell"))
                    (proto-get (proto-get payload :args) :cmd)))))
         (approved (proto-get action :approved)))

    (cond
      (approved action)

      ((and text (bouncer-scan-secrets text))
       (let ((secret-name (bouncer-scan-secrets text)))
         (harness-log "SECURITY VIOLATION: Blocked potential leak of secret '~a'" secret-name)
         (list :type :LOG
               :payload (list :level :error
                              :text (format nil "Action blocked: Potential exposure of '~a'" secret-name)))))

((and (or (eq target :shell)
                (and (eq target :tool) (equal (proto-get payload :tool) "shell")))
             (bouncer-check-network-exfil cmd))
        (harness-log "SECURITY WARNING: External network call detected. Queuing for approval."))
       (list :type :EVENT :payload (list :sensor :approval-required :action action)))

((or (member target '(:shell))
           (and (eq target :tool) (member (proto-get payload :tool) '("shell" "repair-file") :test #'string=))
           (and (eq target :emacs) (eq (proto-get payload :action) :eval))))
       (harness-log "SECURITY: High-impact action requires approval: ~a" (or (proto-get payload :tool) target))
       (list :type :EVENT :payload (list :sensor :approval-required :action action)))

      (t action))))

Approval Processing (bouncer-process-approvals) 

(defun bouncer-process-approvals ()
  "Scans for APPROVED flight plans and re-injects them."
  (let ((approved-nodes (list-objects-with-attribute :TODO "APPROVED"))
        (found-any nil))
    (dolist (node approved-nodes)
      (let* ((attrs (org-object-attributes node))
             (tags (getf attrs :TAGS))
             (action-str (getf attrs :ACTION)))
        (when (and (member "FLIGHT_PLAN" tags :test #'string-equal) action-str)
          (harness-log "BOUNCER: Found approved flight plan '~a'. Re-injecting..." (org-object-id node))
          (let ((action (ignore-errors (read-from-string action-str))))
            (when action
              (setf (getf action :approved) t)
              (inject-stimulus action)
              (setf (getf (org-object-attributes node) :TODO) "DONE")
              (setq found-any t))))))
    found-any))

Flight Plan Creation (bouncer-create-flight-plan) 

(defun bouncer-create-flight-plan (blocked-action)
  "Creates a Flight Plan node for manual approval."
  (let ((id (org-id-new)))
    (harness-log "BOUNCER: Creating flight plan node '~a'..." id)
    (list :type :REQUEST :target :emacs
          :payload (list :action :insert-node :id id
:attributes (list :TITLE "Flight Plan: High-Risk Action"
                                          :TODO "PLAN" :TAGS '("FLIGHT_PLAN")
                                          :ACTION (format nil "~s" blocked-action))))))

Gate Logic (bouncer-deterministic-gate) 

(defun bouncer-deterministic-gate (action context)
  "Main deterministic gate for the Bouncer skill."
  (let* ((payload (getf context :payload))
         (sensor (getf payload :sensor)))
    (case sensor
      (:approval-required
       (bouncer-create-flight-plan (getf payload :action)))
      (:heartbeat
       (bouncer-process-approvals)
       (if action (bouncer-check action context) action))
      (otherwise
       (if action (bouncer-check action context) action)))))

Skill Registration 

(defskill :skill-bouncer
  :priority 150
  :trigger (lambda (ctx) (declare (ignore ctx)) t)
  :deterministic #'bouncer-deterministic-gate)
Reference in New Issue View Git Blame Copy Permalink