scoring

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 20, 2026 License: MIT Imports: 1 Imported by: 0

Documentation

Overview

Package scoring is the pure, shared risk-tier module (PRD §Risk-Based Governance, amendment #41 / D-11): it computes a qualitative RiskTier for scheduler tasks and skills so consumers can render an advisory gate. It is deliberately pure — no DB, no IO, no env read. The alert threshold is supplied by the caller (config owns the env read; this module mirrors dnspin taking its TTL as a constructor arg), keeping every function a total, testable transform.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GateRecommended

func GateRecommended(t RiskTier) bool

GateRecommended reports whether a tier should advise a confirmation gate (Risky or Destructive — the structurally vetoable tiers).

func RequiresImmediateAlert

func RequiresImmediateAlert(tier, threshold RiskTier) bool

RequiresImmediateAlert reports whether tier meets or exceeds the caller-supplied threshold (D-11; unwired in Phase 8). The threshold is an argument, never an env read — config owns AURA_RISK_ALERT_THRESHOLD and an unknown threshold value falls back to Risky via rank.

Types

type RiskTier

type RiskTier string

RiskTier is the qualitative, non-numeric risk classification an action carries. Order matters for thresholds and monotone modifiers: see rank.

const (
	// Safe is reversible, local, ephemeral, no side effect.
	Safe RiskTier = "safe"
	// Normal is reversible or easily recoverable.
	Normal RiskTier = "normal"
	// Risky is irreversible OR broad blast radius OR persistent self-modification.
	Risky RiskTier = "risky"
	// Destructive is rm -rf, drop table, force push, send-to-third-party, etc.
	Destructive RiskTier = "destructive"
)

func ComputeSkillTier

func ComputeSkillTier(action SkillAction, body string) RiskTier

ComputeSkillTier classifies a skill mutation (D-11; unwired in Phase 8). The body is reserved for future content-based escalation; today the action alone decides the tier, with delete the only Destructive (irreversible) action.

func ComputeTaskTier

func ComputeTaskTier(a TaskArgs) RiskTier

ComputeTaskTier classifies a scheduler task from its base kind, then applies the UP-only modifier table (D-11; unwired in Phase 8 per D-12). An agent_job whose payload matches a destructive keyword jumps straight to Destructive.

type SkillAction

type SkillAction string

SkillAction enumerates the skill mutations the Skills system (P11) gates.

const (
	SkillCreate  SkillAction = "create"
	SkillUpdate  SkillAction = "update"
	SkillInstall SkillAction = "install"
	SkillDelete  SkillAction = "delete"
)

The four gated skill mutations; delete is the only irreversible one.

type TaskArgs

type TaskArgs struct {
	Kind         string // reminder | agent_job | backup_postgres | backup_neo4j
	ScheduleKind string // oneoff | daily | every_hour | every_minute | ...
	Silent       bool
	AgentTier    string // worker | chat | reasoning (only for agent_job)
	Payload      []byte // raw, scanned for destructive keywords
}

TaskArgs is the scheduler-tier input. Built + unit-tested now (D-11) but has NO runtime consumer in Phase 8 — the Scheduler (P10) wires it later (D-12).

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL