README
¶
workflow/security
Maps content-guard mode names to fully-configured *contentguard.Guard instances. Consumed by workflow.Workflow.Execute when a workflow declares a security mode and the caller has not pre-supplied a guard.
Modes
| Mode | Behaviour |
|---|---|
Default |
Tier-1 deterministic checks on every tool call; tier-2/3 fire only on escalation. Lowest overhead. |
Paranoid |
All tiers (deterministic + screener + reviewer) run on every tool call regardless of triggers. Highest assurance. |
Research |
Same staging as Paranoid; the reviewer receives a free-text scope string that declares what security-relevant operations are permitted within the engagement. |
Usage
guard, err := security.Build(security.Paranoid, "", model)
guard, err := security.Build(security.Research, "authorized pentest of lab.example.internal", model)
Build takes an llm.Model used by both the screener (cheap triage) and reviewer (full evaluation) stages. Pass the same model for both or construct your own *contentguard.Guard directly when you need distinct models per tier.
Wiring
The workflow builds a guard automatically when Workflow.Security(mode) is declared and Runtime.Guard is nil. Callers who need explicit control — or who want to reuse a guard across multiple workflows — can pre-supply Runtime.Guard directly; the auto-build path is skipped.
wf := workflow.New("threat-model").Security(security.Research).Scope("authorized lab")
// guard is built from Runtime.Model at Execute time if rt.Guard == nil
state, err := wf.Execute(ctx, rt, inputs)
Documentation
¶
Overview ¶
Package security defines the workflow's content-guard tier modes and the logic that turns a mode into a fully-configured *contentguard.Guard.
The package owns BOTH the mode constants and the policy that maps each mode to a concrete pipeline of contentguard stages — there is no separate "constants here, behavior elsewhere" split.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Build ¶
Build constructs a *contentguard.Guard configured for the given mode.
model is the LLM used by both the screener (cheap triage) and reviewer (full evaluation) stages. Consumers needing distinct models for each tier should construct their own guard instead of going through Build.
scope is meaningful only for Research mode; it's ignored for the others.
Types ¶
type Mode ¶
type Mode int
Mode controls how aggressively the content guard runs its tiers.
const ( // Default runs deterministic tier-1 checks on every tool call. Higher // tiers fire only when tier-1 escalates (e.g., suspicious patterns or // untrusted content present). Lowest overhead. Default Mode = iota // Paranoid runs all tiers (deterministic + screener + reviewer) on every // tool call regardless of triggers. Highest overhead, highest assurance. // Deny-on-any-deny: any stage's deny verdict short-circuits the rest. Paranoid // Research permits security-relevant actions inside a free-text scope. // Same staging as Paranoid; the scope flows to the reviewer's system // prompt so it knows what is permitted within the engagement. Research )
Source Files