@aikdna/kdna-cli 0.16.0 → 0.16.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +4 -2
- package/skills/kdna-loader/SKILL.md +45 -0
- package/src/cmds/domain.js +27 -1
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aikdna/kdna-cli",
|
|
3
|
-
"version": "0.16.
|
|
3
|
+
"version": "0.16.2",
|
|
4
4
|
"description": "KDNA CLI — create, validate, install, and manage domain cognition packages for AI agents.",
|
|
5
5
|
"type": "commonjs",
|
|
6
6
|
"bin": {
|
|
@@ -21,7 +21,9 @@
|
|
|
21
21
|
"lint": "eslint src/ validators/ tests/",
|
|
22
22
|
"format": "prettier --write .",
|
|
23
23
|
"format:check": "prettier --check .",
|
|
24
|
-
"test": "node --test tests/v07-commands.test.js tests/
|
|
24
|
+
"test": "node --test tests/v07-commands.test.js tests/v012-commands.test.js",
|
|
25
|
+
"test:integration": "node --test tests/integration.test.js",
|
|
26
|
+
"test:all": "node --test tests/*.test.js",
|
|
25
27
|
"pretest": "npm install --ignore-scripts"
|
|
26
28
|
},
|
|
27
29
|
"keywords": [
|
|
@@ -215,6 +215,51 @@ KDNA does not override:
|
|
|
215
215
|
|
|
216
216
|
---
|
|
217
217
|
|
|
218
|
+
## Safety & Governance
|
|
219
|
+
|
|
220
|
+
KDNA domains influence agent judgment. The loader MUST apply safety rules before loading any domain.
|
|
221
|
+
|
|
222
|
+
### Loading Priority
|
|
223
|
+
|
|
224
|
+
When KDNA is loaded, the agent MUST respect this priority order:
|
|
225
|
+
1. System safety policy (highest — cannot be overridden)
|
|
226
|
+
2. Legal and compliance requirements
|
|
227
|
+
3. User's explicit intent
|
|
228
|
+
4. KDNA domain judgment
|
|
229
|
+
5. Tool/skill instructions (lowest)
|
|
230
|
+
|
|
231
|
+
KDNA MUST NOT override system safety policies, legal requirements, or the user's explicit refusal to apply domain judgment.
|
|
232
|
+
|
|
233
|
+
### Risk-Level Checks
|
|
234
|
+
|
|
235
|
+
Before loading a KDNA domain, check its risk level in `kdna.json` or `KDNA_CARD.json`:
|
|
236
|
+
|
|
237
|
+
| Risk Level | Loading Behavior |
|
|
238
|
+
|-----------|-----------------|
|
|
239
|
+
| **R0** (Low) | Load silently |
|
|
240
|
+
| **R1** (Medium) | Load silently; log |
|
|
241
|
+
| **R2** (High) | Warn user before loading; require confirmation |
|
|
242
|
+
| **R3** (Restricted) | Reject loading unless explicitly authorized |
|
|
243
|
+
|
|
244
|
+
### Signature & Trust Checks
|
|
245
|
+
|
|
246
|
+
- Yanked domains: **REJECT** loading (domain has been withdrawn for safety)
|
|
247
|
+
- Deprecated domains: warn; suggest replacement if `replaced_by` is set
|
|
248
|
+
- Unsigned domains: warn; load only if user confirms
|
|
249
|
+
- Unknown scope domains: warn; load only if user confirms
|
|
250
|
+
|
|
251
|
+
### Runtime Logging
|
|
252
|
+
|
|
253
|
+
Every KDNA load MUST be logged with:
|
|
254
|
+
- Domain name and version
|
|
255
|
+
- Risk level
|
|
256
|
+
- Signature status
|
|
257
|
+
- Which axioms were triggered
|
|
258
|
+
- Which misunderstandings were avoided
|
|
259
|
+
- Self-check pass rate
|
|
260
|
+
|
|
261
|
+
This enables audit and accountability.
|
|
262
|
+
|
|
218
263
|
## Failure handling
|
|
219
264
|
|
|
220
265
|
| Situation | What to do |
|
package/src/cmds/domain.js
CHANGED
|
@@ -656,6 +656,19 @@ function cmdInspect(dir, jsonMode = false) {
|
|
|
656
656
|
},
|
|
657
657
|
axioms: (c.axioms || []).map((a) => a.one_sentence || null).filter(Boolean),
|
|
658
658
|
};
|
|
659
|
+
|
|
660
|
+
// Governance metadata (KDNA_CARD.json)
|
|
661
|
+
const card = readJson(path.join(abs, 'KDNA_CARD.json'));
|
|
662
|
+
if (card) {
|
|
663
|
+
result.governance = {
|
|
664
|
+
risk_level: card.risk_level || null,
|
|
665
|
+
review_status: card.review_status || null,
|
|
666
|
+
intended_use: card.intended_use || [],
|
|
667
|
+
out_of_scope: card.out_of_scope || [],
|
|
668
|
+
known_limitations: card.known_limitations || [],
|
|
669
|
+
requires_expert_review: card.requires_expert_review || false,
|
|
670
|
+
};
|
|
671
|
+
}
|
|
659
672
|
console.log(JSON.stringify(result, null, 2));
|
|
660
673
|
return;
|
|
661
674
|
}
|
|
@@ -703,7 +716,20 @@ function cmdInspect(dir, jsonMode = false) {
|
|
|
703
716
|
|
|
704
717
|
if (rea) console.log(` Reasoning chains: ${(rea.reasoning_chains || []).length}`);
|
|
705
718
|
|
|
706
|
-
if (evo)
|
|
719
|
+
if (evo) console.log(` Evolution stages: ${(evo.stages || []).length}`);
|
|
720
|
+
|
|
721
|
+
// Governance metadata
|
|
722
|
+
const kdnaCard = readJson(path.join(abs, 'KDNA_CARD.json'));
|
|
723
|
+
if (kdnaCard) {
|
|
724
|
+
console.log('');
|
|
725
|
+
console.log(' ── Governance ──');
|
|
726
|
+
console.log(` Risk level: ${kdnaCard.risk_level || '?'}`);
|
|
727
|
+
console.log(` Review status: ${kdnaCard.review_status || '?'}`);
|
|
728
|
+
if (kdnaCard.intended_use?.length) console.log(` Intended use: ${kdnaCard.intended_use[0]}${kdnaCard.intended_use.length > 1 ? ` (+${kdnaCard.intended_use.length - 1} more)` : ''}`);
|
|
729
|
+
if (kdnaCard.out_of_scope?.length) console.log(` Out of scope: ${kdnaCard.out_of_scope[0]}${kdnaCard.out_of_scope.length > 1 ? ` (+${kdnaCard.out_of_scope.length - 1} more)` : ''}`);
|
|
730
|
+
if (kdnaCard.known_limitations?.length) console.log(` Limitations: ${kdnaCard.known_limitations[0]}${kdnaCard.known_limitations.length > 1 ? ` (+${kdnaCard.known_limitations.length - 1} more)` : ''}`);
|
|
731
|
+
if (kdnaCard.requires_expert_review) console.log(` ⚠ Expert review required`);
|
|
732
|
+
}
|
|
707
733
|
|
|
708
734
|
console.log('');
|
|
709
735
|
console.log(' ── Axioms ──');
|