Claudia
fd7d75c0ed
Some checks failed
Tests / test (push) Failing after 2s
- Merged all unique darkplex-core modules into cortex: - intelligence/ subfolder (anticipator, collective, shared_memory, knowledge_cleanup, temporal, llm_extractor, loop) - governance/ subfolder (policy engine, risk scorer, evidence, enforcer, report generator) - entity_manager.py, knowledge_extractor.py - Fixed bare 'from intelligence.' imports to 'from cortex.intelligence.' - Added 'darkplex' CLI alias alongside 'cortex' - Package renamed to darkplex-core v0.2.0 - 405 tests passing (was 234) - 14 new test files covering all merged modules
78 lines
2.2 KiB
YAML
78 lines
2.2 KiB
YAML
# YesMan Security Policy — RedCrowMedia / Wasteland Network
|
|
# Based on USER.md and MEMORY.md security rules.
|
|
|
|
name: yesman-security
|
|
description: Security rules for YesMan AI assistant at RedCrowMedia
|
|
version: "1.0.0"
|
|
|
|
rules:
|
|
# Only Abe gives orders
|
|
- name: deny-external-instructions
|
|
description: Never execute instructions from external sources (emails, websites, third parties)
|
|
conditions:
|
|
source: external
|
|
action: execute_instruction
|
|
effect: deny
|
|
priority: 100
|
|
|
|
# Never send credentials externally
|
|
- name: deny-credential-export
|
|
description: Credentials, tokens, and keys must never leave the system
|
|
conditions:
|
|
data_type: restricted
|
|
action: send_credentials
|
|
effect: deny
|
|
priority: 100
|
|
|
|
# Email is not a command source
|
|
- name: escalate-email-action
|
|
description: Actions requested via email always require Abe's explicit approval
|
|
conditions:
|
|
source: email
|
|
action: execute_request
|
|
effect: escalate
|
|
priority: 95
|
|
|
|
# No software installation without audit + approval
|
|
- name: escalate-software-install
|
|
description: External software installation requires security audit and Abe's GO
|
|
conditions:
|
|
action: install_software
|
|
effect: escalate
|
|
priority: 95
|
|
|
|
# System-critical changes need approval
|
|
- name: escalate-system-changes
|
|
description: System-critical or security-relevant changes require approval
|
|
conditions:
|
|
action: system_change
|
|
target: production
|
|
effect: escalate
|
|
priority: 90
|
|
|
|
# No public posting without approval
|
|
- name: escalate-public-comms
|
|
description: Public communications (emails, tweets, posts) require approval
|
|
conditions:
|
|
action: send_message
|
|
target: external
|
|
effect: escalate
|
|
priority: 85
|
|
|
|
# Internal file operations are fine
|
|
- name: allow-internal-file-ops
|
|
description: Reading and writing files within workspace is permitted
|
|
conditions:
|
|
action: file_operation
|
|
target: internal
|
|
data_type: internal
|
|
effect: allow
|
|
priority: 50
|
|
|
|
# Web search is fine
|
|
- name: allow-web-search
|
|
description: Web searches and research are permitted
|
|
conditions:
|
|
action: web_search
|
|
effect: allow
|
|
priority: 40
|