Skip to content

feat(supply-chain): candidate generator + combined promotion gate (v0.1) #122

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Davincc77 merged 1 commit into from
Jun 2, 2026
Merged

feat(supply-chain): candidate generator + combined promotion gate (v0.1) #122

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
81 changes: 81 additions & 0 deletions .internal-skills/supply-chain/ACTION_LOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
# `.internal-skills/supply-chain/ACTION_LOG.md` — append-only internal action log

> Internal · NON-NORMATIVE. Append-only. Records actions, validations, and
> limitations for supply-chain runner/gate work. No external action is recorded
> here because none was taken (no release, tag, DOI, publish, deploy, or
> communication). The private repo `Davincc77/klickd-ai` was not touched.

---

## 2026-06-02 — candidate generator + promotion gate (v0.1)

- **Branch:** `feat/supply-chain-runner-gate`, stacked on
`integration/supply-chain-cumulative` (PR #121).
- **Base for PR:** `integration/supply-chain-cumulative` (NOT `main`).

### Added
- `scripts/generate_supply_chain_candidate.py` — internal candidate generator
(runner). Config-only `build_request` JSON → candidate skill in the internal
v4.2 target shape under `.internal-skills/supply-chain/candidates/` or
`--out`. Deterministic: `candidate_id` / `candidate_hash` / `run_id` derived
only from canonical build_request bytes (+ resolved source manifest hash).
No `generated_at` in the hashed core. Sources come only from the
build_request / referenced source_manifest; missing domain info →
`requires_human_premium_pass`, never hallucinated.
- `scripts/run_supply_chain_promotion_gate.py` — combined promotion gate.
Orchestrates threat model (always), source/license (when `--source-manifest`),
logical diff (when `--before`), candidate shape checks, and forbidden-claim /
public-private boundary tripwires. Classifies ACCEPT / ACCEPT_WITH_REVIEW /
BLOCK. Exit 0 acceptable, 1 BLOCK, 2 usage. `deterministic_gate_id` excludes
the clock (`eval_date`). Reports — does not run — premium pass. `not_run`
checks recorded with a reason, never as `pass`.
- `tests/test_supply_chain_candidate.py` (20 tests),
`tests/test_supply_chain_promotion_gate.py` (19 tests).
- `tests/fixtures/supply_chain_candidate/` — `build_request_clean.json`,
`build_request_missing_domain.json`, `source_manifest_ok.json`.
- Example artefacts: `candidates/xklickd-research-reader.json`,
`promotion-gate/xklickd-research-reader.gate.json` + `.gate.md`.
- Updated `README.md` integration index: moved Candidate generation + Promotion
gate from "planned" to tool-backed, with literal scope notes.

### Commands run (local, offline, stdlib-only)
- `python scripts/generate_supply_chain_candidate.py --build-request <req> --out <path>`
- `python scripts/run_supply_chain_promotion_gate.py --candidate <cand> [--source-manifest <m>] [--before <prev>] --out <path> --md <path> --eval-date 2026-06-02`
- `python -m pytest tests/test_supply_chain_*.py` → 102 passed.
- `python -m pytest tests/` → 283 passed, 1 unrelated DeprecationWarning
(jsonschema.__version__), 0 failures.
- `python scripts/verify_xklickd_skill_packs.py verify` → rc 0.
- `python scripts/validate_v4_schemas.py` → rc 0.
- `python scripts/validate_v4_1_candidate_mapping.py` → rc 0.
- Forbidden-claims / codename grep over committed `candidates/` and
`promotion-gate/` artefacts → CLEAN (no banned substring). Internal track name
`xklickd_internal_skill_v4_2` appears only inside the candidate's
`internal_target` block, as designed.

### Validations / behaviour confirmed
- Deterministic repeatability: identical build_request → identical
candidate_id/hash; identical candidate → identical gate_id, stable across
differing `--eval-date`.
- Missing domain info → `requires_human_premium_pass=true` with named gaps;
no competencies/sources hallucinated.
- Clean candidate → gate ACCEPT (exit 0).
- Missing-domain candidate → gate ACCEPT_WITH_REVIEW (exit 0),
premium_pass_required=true.
- Forbidden claim, internal codename, private→public leak, public v4.2
over-claim, missing v4.2 layer, completeness claim → gate BLOCK (exit 1).

### Limitations (no mirage)
- Emitting the v4.2 target shape is NOT a claim of supply-chain completeness; a
generated candidate is NOT a loaded executable skill (fails the loaded-skill
gate: requires artifact_loaded AND sha256_matches_manifest).
- The gate's boundary tripwire is a coarse guard, not a full PII/secrets
scanner (still a planned stage). Runtime enforcement remains planned.
- No legal/compliance, security-certification, or benchmark-superiority claim.
- Premium pass is reported as required where applicable but is NOT executed.

### Explicitly NOT done
- No release, tag, DOI, npm/PyPI publish, GitHub Release, or deploy.
- No merge to `main`.
- No external communication.
- No change to `Davincc77/klickd-ai`.
- No public artefact promoted to v4.2 (public stays v4.1 candidates).
18 changes: 13 additions & 5 deletions .internal-skills/supply-chain/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,17 +21,25 @@ This README is the integration index that brings the supply-chain components tog
| **Logical diff** | `scripts/generate_supply_chain_diff.py` | `diff/` (report output) | `tests/test_supply_chain_diff.py` (+ `tests/fixtures/supply_chain_diff/`) |
| **Source freshness + license** | `scripts/check_supply_chain_sources.py` | `source-check/example_source_manifest.json` | `tests/test_supply_chain_sources.py` (+ `tests/fixtures/supply_chain_sources/`) |
| **Threat model** | `scripts/generate_supply_chain_threat_model.py` | (report output) · doc: `docs/supply-chain/THREAT_MODEL_GENERATOR.md` | `tests/test_supply_chain_threat_model.py` (+ `tests/fixtures/threat-model/`) |
| **Candidate generation** | `scripts/generate_supply_chain_candidate.py` | `candidates/` (example: `candidates/xklickd-research-reader.json`) | `tests/test_supply_chain_candidate.py` (+ `tests/fixtures/supply_chain_candidate/`) |
| **Promotion gate** | `scripts/run_supply_chain_promotion_gate.py` | `promotion-gate/` (example: `promotion-gate/xklickd-research-reader.gate.json` + `.md`) | `tests/test_supply_chain_promotion_gate.py` |

Each of these is `tool`: a runnable script with a passing test module and deterministic output. "Tool-backed" means the bytes and behaviour exist and are tested — it does **not** imply the end-to-end build runner exists.
Each of these is `tool`: a runnable script with a passing test module and deterministic output. "Tool-backed" means the bytes and behaviour exist and are tested — it does **not** imply the supply chain is complete, that any candidate is a loaded skill, or that a public release exists.

### Candidate generator scope (read literally)

`generate_supply_chain_candidate.py` emits the **internal v4.2 target shape** from a config-only `build_request`. Emitting the shape is **not** a claim that every lifecycle stage is implemented or verified — and a generated candidate is **not** a loaded executable skill (it fails the loaded-skill gate below). When domain information is missing, the runner marks `requires_human_premium_pass` rather than inventing competencies, risk, or sources. Sources come **only** from the `build_request` / referenced `source_manifest`.

### Promotion gate scope (read literally)

`run_supply_chain_promotion_gate.py` orchestrates the tool-backed checks (threat model always; source/license when a manifest is given; logical diff when a `--before` is given) plus candidate shape checks and forbidden-claim / public-private boundary tripwires. It classifies **ACCEPT / ACCEPT_WITH_REVIEW / BLOCK** and **reports** whether a human premium pass is required — it does **not** run that pass, and makes no compliance/security/benchmark claim. A check that could not run is recorded `not_run` with a reason, never as `pass`.

## Planned stages (specified, not built)

| Stage | What it will do | Why it is not claimed yet |
|---|---|---|
| **Candidate generation** | Produce a candidate `carrier_pack` from a config-only build request (the build *runner*). | No runner is shipped; the *process* is specified, the executor is not. |
| **Promotion gate** | Pass/fail enforcement that blocks a candidate from being promoted unless all checks pass. | No gate enforces promotion today; checks run, but nothing blocks on them. |
| **Full PII / secrets scanner** | Scan candidate inputs/outputs for PII and secrets beyond the engineering source/license checks. | Current `source-check` is an engineering license/freshness check, **not** a compliance attestation or a PII scanner. |
| **Runtime enforcement** | Enforce guardrails in-loop at execution time, not just at build/audit time. | Build-time checks exist; runtime enforcement does not. |
| **Full PII / secrets scanner** | Scan candidate inputs/outputs for PII and secrets beyond the engineering source/license checks. | Current `source-check` is an engineering license/freshness check, **not** a compliance attestation or a PII scanner. The gate's boundary tripwire is a coarse guard, not a full scanner. |
| **Runtime enforcement** | Enforce guardrails in-loop at execution time, not just at build/audit time. | Build-time checks + the promotion gate exist; runtime enforcement does not. |

---

Expand Down
Loading