II.
Page JSON
Structured · livepage:docs-harness-features-backlog-gaps-ecosystem-gap-eco-003
GAP-ECO-003: Plugin Trust, Provenance, and Blocklist json
Inspect the normalized record payload exactly as the atlas UI reads it.
{
"id": "page:docs-harness-features-backlog-gaps-ecosystem-gap-eco-003",
"_kind": "Page",
"_file": "wiki/docs/harness-features-backlog/gaps/ecosystem/gap-eco-003.md",
"_cluster": "wiki",
"attributes": {
"nodeKind": "Page",
"sourcePath": "docs/harness-features-backlog/gaps/ecosystem/GAP-ECO-003.md",
"sourceKind": "repo-docs",
"title": "GAP-ECO-003: Plugin Trust, Provenance, and Blocklist",
"displayName": "GAP-ECO-003: Plugin Trust, Provenance, and Blocklist",
"slug": "docs/harness-features-backlog/gaps/ecosystem/gap-eco-003",
"articlePath": "wiki/docs/harness-features-backlog/gaps/ecosystem/GAP-ECO-003.md",
"article": "\n# GAP-ECO-003: Plugin Trust, Provenance, and Blocklist\n\n| Field | Value |\n|-------|-------|\n| Category | ecosystem |\n| Priority | High |\n| Effort | M |\n| Status | Missing |\n\n## Description\nPlugin trust chain from marketplace to installation with provenance tracking,\nblocklist enforcement, and trust class assignment.\n\n## CC Trust System\n\nCC implements multi-layer trust (`src/utils/plugins/`):\n- `pluginPolicy.ts` -- policy enforcement per plugin\n- `pluginBlocklist.ts` -- block known-malicious plugins\n- `pluginFlagging.ts` -- flag suspicious plugins\n- `schemas.ts` -- official marketplace name reservation, anti-impersonation patterns\n- `PluginTrustWarning.tsx` -- UI for trust warnings during install\n- Trust classes based on source: `@builtin` (shipped with CLI), `@official-marketplace`,\n `@third-party`\n- Non-ASCII name detection to prevent homograph attacks\n\n## Current State\nBabysitter's plugin system has no trust model. Any plugin can be installed\nfrom any marketplace. No blocklist. No provenance tracking. No impersonation\ndetection.\n\n## Target State\nTrust classification per plugin. Blocklist checked at install and startup.\nOfficial marketplace names reserved. Provenance (author, source org, verification\nstatus) stored in plugin registry. Trust warnings surfaced during installation.\n\n## Dependencies\n- [GAP-SEC-001](../security/GAP-SEC-001.md) -- governance policy layer\n\n## Key Files\n| Component | Path |\n|-----------|------|\n| CC plugin policy | `src/utils/plugins/pluginPolicy.ts` |\n| CC blocklist | `src/utils/plugins/pluginBlocklist.ts` |\n| CC trust UI | `src/commands/plugin/PluginTrustWarning.tsx` |\n\n## Recommendation\nPhase 2. Implement blocklist check first (highest security impact). Then add\ntrust classification based on marketplace source. Finally add provenance tracking.\n",
"documents": []
},
"outgoingEdges": [],
"incomingEdges": [
{
"from": "page:docs-harness-features-backlog",
"to": "page:docs-harness-features-backlog-gaps-ecosystem-gap-eco-003",
"kind": "contains_page"
}
]
}