Agentic AI Atlasby a5c.ai
/
GitHubDocsDiscord
iiRecord
Agentic AI Atlas · GAP-SEC-001: Governance Policy Layer
page:docs-harness-features-backlog-gaps-security-gap-sec-001a5c.ai
II.
Page JSON

page:docs-harness-features-backlog-gaps-security-gap-sec-001

Structured · live

GAP-SEC-001: Governance Policy Layer json

Inspect the normalized record payload exactly as the atlas UI reads it.

File · wiki/docs/harness-features-backlog/gaps/security/gap-sec-001.mdCluster · wiki
Record JSON
{
  "id": "page:docs-harness-features-backlog-gaps-security-gap-sec-001",
  "_kind": "Page",
  "_file": "wiki/docs/harness-features-backlog/gaps/security/gap-sec-001.md",
  "_cluster": "wiki",
  "attributes": {
    "nodeKind": "Page",
    "sourcePath": "docs/harness-features-backlog/gaps/security/GAP-SEC-001.md",
    "sourceKind": "repo-docs",
    "title": "GAP-SEC-001: Governance Policy Layer",
    "displayName": "GAP-SEC-001: Governance Policy Layer",
    "slug": "docs/harness-features-backlog/gaps/security/gap-sec-001",
    "articlePath": "wiki/docs/harness-features-backlog/gaps/security/GAP-SEC-001.md",
    "article": "\n# GAP-SEC-001: Governance Policy Layer\n\n| Field | Value |\n|-------|-------|\n| Category | security |\n| Priority | Critical |\n| Effort | L |\n| Status | Missing |\n\n## Description\nCentralized policy engine for evaluating security rules at effect dispatch and task execution. Unified policy model replacing fragmented policy across breakpoint rules, env vars, and advisory hints.\n\n## Current State\nSecurity policy fragmented: breakpoint rules in ~/.a5c/breakpoint-approvals/rules.json, advisory execution.permissions in task definitions, env var limits (BABYSITTER_MAX_ITERATIONS, BABYSITTER_HOOK_TIMEOUT). No unified evaluation point.\n\n## Target State\nPolicyEngine evaluates declarative rules at effect dispatch and task execution. Policy types: rate-limit, permission, resource-limit, trust-level. Policy decisions persisted for audit trail. Existing breakpoint rules integrated as policy source.\n\n## Dependencies\n- None (foundation gap)\n\n## Key Files\n| Component | Path |\n|-----------|------|\n| Breakpoint types | `packages/sdk/src/breakpoints/types.ts` |\n| Breakpoint evaluator | `packages/sdk/src/breakpoints/evaluator.ts` |\n| Config module | `packages/sdk/src/config/` |\n| Process context | `packages/sdk/src/runtime/processContext.ts` |\n\n## Recommendation\nPhase 1 implementation. Create packages/sdk/src/governance/ module. Define PolicyRule type with evaluation logic. Evaluate at effect dispatch in processContext.ts. Log decisions to structured JSONL.\n",
    "documents": []
  },
  "outgoingEdges": [],
  "incomingEdges": [
    {
      "from": "page:docs-harness-features-backlog",
      "to": "page:docs-harness-features-backlog-gaps-security-gap-sec-001",
      "kind": "contains_page"
    }
  ]
}