Documentation
¶
Index ¶
Constants ¶
View Source
const ( DecisionStageDeterministicDeny = "deterministic_deny" DecisionStageJudgeAllow = "judge_allow" DecisionStageJudgeDeny = "judge_deny" DecisionStageJudgeFailOpen = "judge_fail_open" )
View Source
const PolicyVersionLaunchV0 = "guard-launch-v0"
Variables ¶
This section is empty.
Functions ¶
func IsPersistentResourceClass ¶ added in v0.7.0
func MarshalInput ¶
Types ¶
type EventType ¶
type EventType string
const ( EventCredentialAccess EventType = "credential_access" EventDirectProviderAPICall EventType = "direct_provider_api_call" EventDestructiveProviderOperation EventType = "destructive_provider_operation" EventManagedToolCall EventType = "managed_tool_call" EventNormalToolCall EventType = "normal_tool_call" EventUnknown EventType = "unknown" )
type HookEvent ¶
type HookEvent struct {
SessionID string `json:"session_id"`
Agent string `json:"agent,omitempty"`
HookEventName string `json:"hook_event_name"`
ToolName string `json:"tool_name,omitempty"`
ToolInput map[string]any `json:"tool_input,omitempty"`
ToolResponse map[string]any `json:"tool_response,omitempty"`
ToolUseID string `json:"tool_use_id,omitempty"`
CWD string `json:"cwd,omitempty"`
Timestamp time.Time `json:"timestamp,omitempty"`
}
type RiskDecision ¶
type RiskDecision struct {
Decision Decision `json:"decision"`
Reason string `json:"reason"`
ReasonCode string `json:"reason_code"`
EventID string `json:"event_id,omitempty"`
RiskScore *float64 `json:"risk_score,omitempty"`
Threshold *float64 `json:"threshold,omitempty"`
ModelVersion string `json:"model_version,omitempty"`
GuardID string `json:"guard_id,omitempty"`
RiskEvent RiskEvent `json:"risk_event"`
}
func DecideRisk ¶
func DecideRisk(event HookEvent) (RiskDecision, error)
func DeterministicDecision ¶ added in v0.7.0
func DeterministicDecision(event RiskEvent) RiskDecision
type RiskEvent ¶
type RiskEvent struct {
Type EventType `json:"type"`
Provider string `json:"provider,omitempty"`
ProviderCategory string `json:"provider_category,omitempty"`
Operation string `json:"operation,omitempty"`
OperationClass string `json:"operation_class,omitempty"`
ResourceClass string `json:"resource_class,omitempty"`
Environment string `json:"environment,omitempty"`
CredentialObserved bool `json:"credential_observed"`
CredentialSource string `json:"credential_source,omitempty"`
DirectAPICall bool `json:"direct_api_call"`
ExplicitUserIntent bool `json:"explicit_user_intent"`
PathClass string `json:"path_class,omitempty"`
CommandSummary string `json:"command_summary,omitempty"`
RequestSummary string `json:"request_summary,omitempty"`
Decision Decision `json:"decision,omitempty"`
ReasonCode string `json:"reason_code,omitempty"`
ModelVersion string `json:"model_version,omitempty"`
GuardID string `json:"guard_id,omitempty"`
RiskScore *float64 `json:"risk_score,omitempty"`
Confidence float64 `json:"confidence,omitempty"`
Signals []string `json:"signals,omitempty"`
DecisionStage string `json:"decision_stage,omitempty"`
PolicyVersion string `json:"policy_version,omitempty"`
PolicyProfile string `json:"policy_profile,omitempty"`
PolicyRulePack string `json:"policy_rule_pack,omitempty"`
PolicyRuleID string `json:"policy_rule_id,omitempty"`
PolicyRuleCategory string `json:"policy_rule_category,omitempty"`
PolicySignals []string `json:"policy_signals,omitempty"`
JudgeRuntime string `json:"judge_runtime,omitempty"`
JudgeModel string `json:"judge_model,omitempty"`
JudgeDurationMs *int64 `json:"judge_duration_ms,omitempty"`
JudgeFailureKind string `json:"judge_failure_kind,omitempty"`
JudgeRiskLevel string `json:"judge_risk_level,omitempty"`
JudgeCategories []string `json:"judge_categories,omitempty"`
}
func NormalizeHookEvent ¶
Source Files
Click to show internal directories.
Click to hide internal directories.