Owlibou/gnoma
2
0
Fork 0
Code Issues Pull Requests Actions 4 Packages Projects Releases Wiki Activity
Files
6322d10686d42efea5fc040017c655736fe5cdc6
gnoma/internal/security
T
History
vikingowl 3c875276c9 feat(security): implement multi-wave audit remediation and agy provider support 
Implemented full security remediation following Universal Security Pilot protocol:
- W1: Enforced SecureProvider at router and engine boundaries to prevent bypasses.
- W1: Implemented path-sensitive policy for MCP tools.
- W2: Added SHA256 hash verification for SLM downloads (llamafile).
- W3: Enhanced secret redaction for private keys (full body) and high-entropy strings.
- W4: Fixed symlink-based filesystem sandbox escapes in paths and grep.
- W4: Documented CLI agent trust boundaries.

Also added 'agy' (Antigravity) as a subprocess CLI provider with plain-text JSON schema support.
2026-05-20 01:13:13 +02:00
..
firewall.go
feat(security): implement multi-wave audit remediation and agy provider support
2026-05-20 01:13:13 +02:00
incognito.go
feat(security): incognito coherence across firewall/router/persist (Wave 2)
2026-05-19 22:57:36 +02:00
integration_test.go
feat(security): wire SafeProvider into all provider sites (W1-2/3/4)
2026-05-19 22:33:24 +02:00
redactor.go
feat: add security firewall with secret scanning and incognito mode
2026-04-03 14:07:50 +02:00
safeprovider_test.go
feat(security): add SafeProvider boundary wrapper (W1-1)
2026-05-19 22:28:46 +02:00
safeprovider.go
feat(security): implement multi-wave audit remediation and agy provider support
2026-05-20 01:13:13 +02:00
saferef.go
feat(security): add SafeProvider boundary wrapper (W1-1)
2026-05-19 22:28:46 +02:00
sanitize.go
feat: add security firewall with secret scanning and incognito mode
2026-04-03 14:07:50 +02:00
scanner.go
feat(security): implement multi-wave audit remediation and agy provider support
2026-05-20 01:13:13 +02:00
security_test.go
feat(security): implement multi-wave audit remediation and agy provider support
2026-05-20 01:13:13 +02:00