Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Action ¶
type Action string
Action is the gateway enforcement decision for a tool.
func ActionFromGrade ¶
ActionFromGrade derives the gateway Action from a risk Grade.
type GatewayPolicy ¶
type GatewayPolicy struct {
ToolName string `json:"tool_name"`
Action Action `json:"action"`
RateLimit *RateLimit `json:"rate_limit,omitempty"`
Reason string `json:"reason,omitempty"`
Score RiskScore `json:"score"`
}
GatewayPolicy is the deployment-ready enforcement record for one tool.
func NewGatewayPolicy ¶
func NewGatewayPolicy(toolName string, score RiskScore, rateLimit *RateLimit) GatewayPolicy
NewGatewayPolicy constructs a GatewayPolicy from a tool name and its RiskScore.
type Grade ¶
type Grade string
Grade is the overall letter-grade assigned to a tool's risk score.
const ( GradeA Grade = "A" // 0–10: no significant risk GradeB Grade = "B" // 11–25: low risk, recommend monitoring GradeC Grade = "C" // 26–50: medium risk, review required GradeD Grade = "D" // 51–75: high risk, manual authorisation needed GradeF Grade = "F" // 76+: critical risk, block immediately )
func GradeFromScore ¶
GradeFromScore maps a numeric score to a Grade letter. Boundaries align with the ToolTrust Directory methodology v1.0: A:0–9 B:10–24 C:25–49 D:50–74 F:75+.
type Issue ¶
type Issue struct {
RuleID string `json:"rule_id"` // unique rule identifier, e.g. "AS-001"
Severity Severity `json:"severity"`
Code string `json:"code"` // e.g. "TOOL_POISONING", "SCOPE_MISMATCH"
Description string `json:"description,omitempty"`
Location string `json:"location,omitempty"`
}
Issue describes a single risk finding detected during analysis.
type Permission ¶
type Permission string
Permission represents a capability a tool may exercise.
const ( PermissionExec Permission = "exec" PermissionFS Permission = "fs" PermissionNetwork Permission = "network" PermissionDB Permission = "db" PermissionEnv Permission = "env" PermissionHTTP Permission = "http" )
type ProtocolType ¶
type ProtocolType string
ProtocolType identifies the source protocol of a tool.
const ( ProtocolMCP ProtocolType = "mcp" ProtocolOpenAI ProtocolType = "openai" ProtocolSkills ProtocolType = "skills" ProtocolA2A ProtocolType = "a2a" )
type RateLimit ¶
type RateLimit struct {
RequestsPerMinute int `json:"requests_per_minute"`
BurstSize int `json:"burst_size"`
}
RateLimit specifies optional throughput constraints applied to an allowed tool.
type RiskScore ¶
type RiskScore struct {
Score int `json:"risk_score"`
Grade Grade `json:"grade"`
Issues []Issue `json:"findings"`
}
RiskScore is the aggregated result of running all analyzers on a UnifiedTool.
func NewRiskScore ¶
NewRiskScore constructs a RiskScore, automatically deriving the Grade.
type UnifiedTool ¶
type UnifiedTool struct {
ID string
Name string
Description string
InputSchema jsonschema.Schema
Permissions []Permission
Protocol ProtocolType
RawSource json.RawMessage
Metadata map[string]any
}
UnifiedTool is the protocol-agnostic representation of any AI agent tool. All adapters normalise their wire format into this struct before analysis.
func (UnifiedTool) HasPermission ¶
func (t UnifiedTool) HasPermission(p Permission) bool
HasPermission reports whether the tool holds the given permission.
Source Files