Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func MarshalInput ¶
Types ¶
type EventType ¶
type EventType string
const ( EventCredentialAccess EventType = "credential_access" EventDirectProviderAPICall EventType = "direct_provider_api_call" EventDestructiveProviderOperation EventType = "destructive_provider_operation" EventManagedToolCall EventType = "managed_tool_call" EventNormalToolCall EventType = "normal_tool_call" EventUnknown EventType = "unknown" )
type HookEvent ¶
type HookEvent struct {
SessionID string `json:"session_id"`
Agent string `json:"agent,omitempty"`
HookEventName string `json:"hook_event_name"`
ToolName string `json:"tool_name,omitempty"`
ToolInput map[string]any `json:"tool_input,omitempty"`
ToolResponse map[string]any `json:"tool_response,omitempty"`
ToolUseID string `json:"tool_use_id,omitempty"`
CWD string `json:"cwd,omitempty"`
Timestamp time.Time `json:"timestamp,omitempty"`
}
type MarkovScorer ¶
type MarkovScorer struct {
Model *markov.Model
Threshold float64
Horizon int
ModelVersion string
Abstraction abstraction.Interface[trace.Event]
Unsafe func(string) bool
}
func LoadMarkovScorer ¶
func LoadMarkovScorer(path string, threshold float64, horizon int) (*MarkovScorer, error)
func (*MarkovScorer) Score ¶
func (s *MarkovScorer) Score(event RiskEvent) (ScoreResult, error)
type NoopScorer ¶
type NoopScorer struct{}
func (NoopScorer) Score ¶
func (NoopScorer) Score(RiskEvent) (ScoreResult, error)
type RiskDecision ¶
type RiskDecision struct {
Decision Decision `json:"decision"`
Reason string `json:"reason"`
ReasonCode string `json:"reason_code"`
EventID string `json:"event_id,omitempty"`
RiskScore *float64 `json:"risk_score,omitempty"`
Threshold *float64 `json:"threshold,omitempty"`
ModelVersion string `json:"model_version,omitempty"`
GuardID string `json:"guard_id,omitempty"`
RiskEvent RiskEvent `json:"risk_event"`
}
func DecideRisk ¶
func DecideRisk(event HookEvent, scorer Scorer) (RiskDecision, error)
type RiskEvent ¶
type RiskEvent struct {
Type EventType `json:"type"`
Provider string `json:"provider,omitempty"`
ProviderCategory string `json:"provider_category,omitempty"`
Operation string `json:"operation,omitempty"`
OperationClass string `json:"operation_class,omitempty"`
ResourceClass string `json:"resource_class,omitempty"`
Environment string `json:"environment,omitempty"`
CredentialObserved bool `json:"credential_observed"`
CredentialSource string `json:"credential_source,omitempty"`
DirectAPICall bool `json:"direct_api_call"`
ExplicitUserIntent bool `json:"explicit_user_intent"`
PathClass string `json:"path_class,omitempty"`
CommandSummary string `json:"command_summary,omitempty"`
RequestSummary string `json:"request_summary,omitempty"`
Decision Decision `json:"decision,omitempty"`
ReasonCode string `json:"reason_code,omitempty"`
ModelVersion string `json:"model_version,omitempty"`
GuardID string `json:"guard_id,omitempty"`
RiskScore *float64 `json:"risk_score,omitempty"`
Confidence float64 `json:"confidence,omitempty"`
Signals []string `json:"signals,omitempty"`
}
func NormalizeHookEvent ¶
type ScoreResult ¶
type Scorer ¶
type Scorer interface {
Score(event RiskEvent) (ScoreResult, error)
}
Source Files
Click to show internal directories.
Click to hide internal directories.