@atrib/action-gate 0.0.2 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +9 -9
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
# @atrib/action-gate
|
|
2
2
|
|
|
3
|
-
`@atrib/action-gate` signs policy decisions and outcomes
|
|
4
|
-
|
|
3
|
+
`@atrib/action-gate` signs policy decisions and outcomes for actions a host
|
|
4
|
+
needs to check before execution.
|
|
5
5
|
|
|
6
6
|
Use it when a host already knows where an action boundary is: browser
|
|
7
7
|
automation, computer use, support tooling, payment workflows, admin changes, or
|
|
8
8
|
production writes. The host owns policy, identity, approval UI, and execution.
|
|
9
9
|
atrib records what the host decided and what happened next.
|
|
10
10
|
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
11
|
+
Use the signed hashes when follow-up work needs a stable reference to the same
|
|
12
|
+
action. A browser click, desktop action, support reply, admin change, or
|
|
13
|
+
payment-impacting step can move through recall, handoff, review, or verifier
|
|
14
|
+
workflows without exposing raw runtime payloads in public records.
|
|
15
15
|
|
|
16
16
|
## Install
|
|
17
17
|
|
|
@@ -86,15 +86,15 @@ not run. If an allowed action body throws, the package signs an
|
|
|
86
86
|
## Boundary
|
|
87
87
|
|
|
88
88
|
This package does not issue authorization, run a browser, store raw session
|
|
89
|
-
data, or replace a host policy engine. It gives hosts a small
|
|
89
|
+
data, or replace a host policy engine. It gives hosts a small action-gate
|
|
90
90
|
contract:
|
|
91
91
|
|
|
92
92
|
1. propose an action;
|
|
93
93
|
2. evaluate policy before execution;
|
|
94
94
|
3. run only when allowed;
|
|
95
95
|
4. sign the decision and outcome;
|
|
96
|
-
5. pass the accepted record hashes
|
|
97
|
-
|
|
96
|
+
5. pass the accepted record hashes into recall, handoff, review, verifier, or
|
|
97
|
+
proof-packet workflows.
|
|
98
98
|
|
|
99
99
|
Browserbase, Stagehand, browser-use, Playwright, OpenAI Computer Use, hosted
|
|
100
100
|
desktop runtimes, and support tools can keep their own automation layer while
|