Skip to content

Add security control plane primitives#153

Open
daxia778 wants to merge 2 commits into
dwebagents:mainfrom
daxia778:codex/security-control-plane
Open

Add security control plane primitives#153
daxia778 wants to merge 2 commits into
dwebagents:mainfrom
daxia778:codex/security-control-plane

Conversation

@daxia778

@daxia778 daxia778 commented Jun 27, 2026

Copy link
Copy Markdown

Summary

Addresses #104 with a focused security control plane implementation that turns agent action plans into policy-checked executions.

This adds:

  • short-lived isolated agent sessions with deterministic credential derivation and rotation
  • policy classification for allowed, approval-required, and denied operations
  • one-time human approval tickets with HMAC signatures and expiry
  • a tamper-evident audit hash chain for planned, approved, denied, and executed operations
  • regression tests covering low-risk execution, sensitive approval gating, denied operations, credential rotation, and audit tamper detection

This is intentionally the core broker/control-plane slice rather than a Firecracker launcher. It gives the repo testable semantics for approval, logging, credential expiry, and policy enforcement before wiring it to a runtime boundary.

Validation

  • python3 -m pytest src/test_security_control_plane.py -q -> 5 passed
  • python3 -m py_compile src/security_control_plane.py src/test_security_control_plane.py
  • git diff --check -- src/security_control_plane.py src/test_security_control_plane.py

I also ran python3 -m pytest -q; current upstream/main collection fails before reaching this change because of existing unrelated baseline issues: missing oracle, missing mcp, non-Python contents in existing .py test files, and an existing obj NameError in src/recipes/banana_pudding.py.

@daxia778 daxia778 mentioned this pull request Jun 27, 2026
Open
@daxia778

daxia778 commented Jun 27, 2026

Copy link
Copy Markdown
Author

Follow-up commit afc4270 tightens the session isolation semantics: execution now checks that the active session agent matches the planned request actor before running the operation. If a rotated or different agent session tries to execute another agent’s request, the broker records operation.session_mismatch in the audit chain and rejects it with SessionMismatchError.

Validation after the update:

  • python3 -m pytest src/test_security_control_plane.py -q → 6 passed
  • python3 -m py_compile src/security_control_plane.py src/test_security_control_plane.py
  • git diff --check -- src/security_control_plane.py src/test_security_control_plane.py

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@daxia778