@kybernesis/arp-scope-catalog 0.2.0

package/package.json

@@ -0,0 +1,49 @@
+{
+  "name": "@kybernesis/arp-scope-catalog",
+  "version": "0.2.0",
+  "description": "ARP scope catalog v1 — 50 scope templates + Handlebars→Cedar compiler.",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/KybernesisAI/arp.git",
+    "directory": "packages/scope-catalog"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "type": "module",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs"
+    },
+    "./scopes/*": "./scopes/*.yaml",
+    "./generated/manifest.json": "./generated/manifest.json",
+    "./generated/scopes.json": "./generated/scopes.json"
+  },
+  "files": [
+    "dist",
+    "scopes",
+    "generated",
+    "README.md"
+  ],
+  "dependencies": {
+    "handlebars": "^4.7.8",
+    "yaml": "^2.6.0",
+    "zod": "^3.23.8",
+    "@kybernesis/arp-spec": "0.2.0"
+  },
+  "devDependencies": {
+    "@cedar-policy/cedar-wasm": "^3.2.4"
+  },
+  "scripts": {
+    "build": "tsup && node ./scripts/build-catalog.mjs",
+    "test": "vitest run",
+    "typecheck": "tsc --noEmit",
+    "lint": "eslint src tests"
+  }
+}

package/scopes/calendar.availability.read.yaml

@@ -0,0 +1,35 @@
+id: calendar.availability.read
+version: 1.0.0
+label: Check availability (free/busy only)
+description: Peer can see when you're free or busy, but no event titles, attendees, or details.
+category: calendar
+risk: low
+parameters:
+  - name: days_ahead
+    type: Integer
+    required: true
+    default: 14
+    validation: "1..90"
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"check_availability",
+    resource == Calendar::"primary"
+  ) when {
+    context.query_window_days <= {{days_ahead}}
+  };
+  forbid (
+    principal == Agent::"{{audience_did}}",
+    action,
+    resource == Calendar::"primary"
+  ) when {
+    action != Action::"check_availability"
+  };
+consent_text_template: "Check your free/busy (no details) up to {{days_ahead}} days ahead."
+obligations_forced:
+  - type: redact_fields
+    params:
+      fields: ["event.title", "event.attendees", "event.description", "event.location"]
+implies: []
+conflicts_with: []
+step_up_required: false

package/scopes/calendar.events.cancel.yaml

@@ -0,0 +1,24 @@
+id: calendar.events.cancel
+version: 1.0.0
+label: Cancel events
+description: Peer can cancel calendar events on your behalf.
+category: calendar
+risk: high
+parameters: []
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"cancel_event",
+    resource == Calendar::"primary"
+  );
+consent_text_template: "Cancel calendar events on your behalf."
+obligations_forced:
+  - type: audit_level
+    params:
+      level: verbose
+  - type: notify_principal
+    params: {}
+implies:
+  - calendar.events.read
+conflicts_with: []
+step_up_required: true

package/scopes/calendar.events.create.yaml

@@ -0,0 +1,31 @@
+id: calendar.events.create
+version: 1.0.0
+label: Create events directly
+description: Peer can create calendar events on your primary calendar without extra confirmation, up to a daily cap.
+category: calendar
+risk: high
+parameters:
+  - name: max_per_day
+    type: Integer
+    required: true
+    default: 5
+    validation: "1..50"
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"create_event",
+    resource == Calendar::"primary"
+  ) when {
+    context.events_created_today < {{max_per_day}}
+  };
+consent_text_template: "Create calendar events directly, up to {{max_per_day}} per day."
+obligations_forced:
+  - type: audit_level
+    params:
+      level: verbose
+  - type: notify_principal
+    params: {}
+implies:
+  - calendar.availability.read
+conflicts_with: []
+step_up_required: true

package/scopes/calendar.events.modify.yaml

@@ -0,0 +1,24 @@
+id: calendar.events.modify
+version: 1.0.0
+label: Modify existing events
+description: Peer can modify existing calendar events (reschedule, update details).
+category: calendar
+risk: high
+parameters: []
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"modify_event",
+    resource == Calendar::"primary"
+  );
+consent_text_template: "Modify existing calendar events on your behalf."
+obligations_forced:
+  - type: audit_level
+    params:
+      level: verbose
+  - type: notify_principal
+    params: {}
+implies:
+  - calendar.events.read
+conflicts_with: []
+step_up_required: true

package/scopes/calendar.events.propose.yaml

@@ -0,0 +1,35 @@
+id: calendar.events.propose
+version: 1.0.0
+label: Propose a meeting
+description: Peer can propose a meeting. Creates a tentative event pending your confirmation.
+category: calendar
+risk: medium
+parameters:
+  - name: max_attendees
+    type: Integer
+    required: true
+    default: 10
+    validation: "1..50"
+  - name: max_duration_min
+    type: Integer
+    required: true
+    default: 60
+    validation: "15..480"
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"propose_meeting",
+    resource == Calendar::"primary"
+  ) when {
+    context.proposed_attendee_count <= {{max_attendees}} &&
+    context.proposed_duration_min <= {{max_duration_min}}
+  };
+consent_text_template: "Propose meetings (up to {{max_attendees}} people, {{max_duration_min}} minutes). You confirm before it's booked."
+obligations_forced:
+  - type: require_principal_confirmation
+    params:
+      max_age_seconds: 86400
+implies:
+  - calendar.availability.read
+conflicts_with: []
+step_up_required: false

package/scopes/calendar.events.read.yaml

@@ -0,0 +1,38 @@
+id: calendar.events.read
+version: 1.0.0
+label: Read event details
+description: Peer can read the details of calendar events within a time window.
+category: calendar
+risk: medium
+parameters:
+  - name: window_days
+    type: Integer
+    required: true
+    default: 30
+    validation: "1..365"
+  - name: include_private
+    type: Enum
+    required: false
+    default: "no"
+    validation: ["yes", "no"]
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"read",
+    resource == Calendar::"primary"
+  ) when {
+    context.query_window_days <= {{window_days}}
+    {{#if include_private_flag}}
+    {{else}}
+    && !resource.tags.contains("private")
+    {{/if}}
+  };
+consent_text_template: "Read event details for the next {{window_days}} days."
+obligations_forced:
+  - type: audit_level
+    params:
+      level: verbose
+implies:
+  - calendar.availability.read
+conflicts_with: []
+step_up_required: false

package/scopes/connection.extend.yaml

@@ -0,0 +1,28 @@
+id: connection.extend
+version: 1.0.0
+label: Extend connection expiry
+description: Peer can request that you extend this connection's expiry by a bounded number of days.
+category: identity
+risk: medium
+parameters:
+  - name: days
+    type: Integer
+    required: true
+    default: 30
+    validation: "1..365"
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"extend_connection",
+    resource == Connection::"self"
+  ) when {
+    context.requested_extension_days <= {{days}}
+  };
+consent_text_template: "Allow Peer to request a connection extension up to {{days}} days."
+obligations_forced:
+  - type: require_principal_confirmation
+    params:
+      max_age_seconds: 0
+implies: []
+conflicts_with: []
+step_up_required: false

package/scopes/connection.rescope.request.yaml

@@ -0,0 +1,21 @@
+id: connection.rescope.request
+version: 1.0.0
+label: Request new scopes
+description: Peer can ask you to add or adjust scopes on this connection (subject to your approval).
+category: identity
+risk: medium
+parameters: []
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"request_rescope",
+    resource == Connection::"self"
+  );
+consent_text_template: "Allow Peer to propose new scopes on this connection."
+obligations_forced:
+  - type: require_principal_confirmation
+    params:
+      max_age_seconds: 0
+implies: []
+conflicts_with: []
+step_up_required: false

package/scopes/contacts.attributes.read.yaml

@@ -0,0 +1,25 @@
+id: contacts.attributes.read
+version: 1.0.0
+label: Read specific contact attributes
+description: Peer can read specific attribute fields (e.g., phone, title) on contacts you've identified.
+category: contacts
+risk: medium
+parameters:
+  - name: attributes
+    type: AttributeList
+    required: true
+    validation: ["name", "email", "phone", "title", "company", "linkedin", "twitter", "notes"]
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"read",
+    resource == Contact
+  );
+consent_text_template: "Read these contact attributes: {{attributes_display}}."
+obligations_forced:
+  - type: redact_fields_except
+    params:
+      allowlist: "{{attributes_json}}"
+implies: []
+conflicts_with: []
+step_up_required: false

package/scopes/contacts.introduce.yaml

@@ -0,0 +1,21 @@
+id: contacts.introduce
+version: 1.0.0
+label: Request contact introduction
+description: Peer can ask you to introduce them to one of your contacts.
+category: contacts
+risk: medium
+parameters: []
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"request_contact_introduction",
+    resource == Contact
+  );
+consent_text_template: "Let Peer ask you for introductions to your contacts."
+obligations_forced:
+  - type: require_principal_confirmation
+    params:
+      max_age_seconds: 86400
+implies: []
+conflicts_with: []
+step_up_required: false

package/scopes/contacts.search.yaml

@@ -0,0 +1,26 @@
+id: contacts.search
+version: 1.0.0
+label: Look up contacts
+description: Peer can search your contacts and receive only the attributes you specify.
+category: contacts
+risk: medium
+parameters:
+  - name: attribute_allowlist
+    type: AttributeList
+    required: true
+    default: ["name", "email"]
+    validation: ["name", "email", "phone", "title", "company", "linkedin", "twitter", "notes"]
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"search_contacts",
+    resource == Contact
+  );
+consent_text_template: "Search your contacts and see these fields: {{attribute_allowlist_display}}."
+obligations_forced:
+  - type: redact_fields_except
+    params:
+      allowlist: "{{attribute_allowlist_json}}"
+implies: []
+conflicts_with: []
+step_up_required: false

package/scopes/contacts.share.yaml

@@ -0,0 +1,30 @@
+id: contacts.share
+version: 1.0.0
+label: Share a contact card
+description: Peer can ask you to share a contact's vCard to an allowlisted recipient.
+category: contacts
+risk: high
+parameters:
+  - name: recipient_allowlist
+    type: EmailList
+    required: true
+    validation: "rfc5322-or-domain-glob"
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"share_external",
+    resource == Contact
+  ) when {
+    context.recipient_matches_allowlist({{recipient_allowlist_json}})
+  };
+consent_text_template: "Share contact cards externally to: {{recipient_allowlist_display}}."
+obligations_forced:
+  - type: require_principal_confirmation
+    params:
+      max_age_seconds: 0
+  - type: audit_level
+    params:
+      level: verbose
+implies: []
+conflicts_with: []
+step_up_required: true

package/scopes/credentials.present.request.yaml

@@ -0,0 +1,29 @@
+id: credentials.present.request
+version: 1.0.0
+label: Request specific VCs
+description: Peer can ask your agent to present specific Verifiable Credentials (full disclosure, not ZK).
+category: credentials
+risk: medium
+parameters:
+  - name: required_vcs
+    type: AttributeList
+    required: true
+    validation: "vc-type-id"
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"present_vc",
+    resource == Credential
+  ) when {
+    resource.type in {{required_vcs_json}}
+  };
+consent_text_template: "Present these credentials: {{required_vcs_display}}."
+obligations_forced:
+  - type: audit_level
+    params:
+      level: verbose
+  - type: log_zk_disclosure
+    params: {}
+implies: []
+conflicts_with: []
+step_up_required: false

package/scopes/credentials.proof.zk.request.yaml

@@ -0,0 +1,31 @@
+id: credentials.proof.zk.request
+version: 1.0.0
+label: Request ZK proof of an attribute
+description: Peer can ask your agent to present a zero-knowledge proof of a single attribute without revealing the underlying credential. Issuer is method-agnostic — any VC issuer that publishes a compatible predicate proof works.
+category: credentials
+risk: medium
+parameters:
+  - name: attribute
+    type: Enum
+    required: true
+    validation: ["over_18", "over_21", "us_resident", "verified_human", "country"]
+  - name: predicate
+    type: Enum
+    required: false
+    default: "eq"
+    validation: ["eq", "gte", "lte", "in"]
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"request_zk_proof",
+    resource == Credential::"{{attribute}}"
+  ) when {
+    context.predicate == "{{predicate}}"
+  };
+consent_text_template: "Prove to Peer, without revealing details, that you are {{attribute_human}}."
+obligations_forced:
+  - type: log_zk_disclosure
+    params: {}
+implies: []
+conflicts_with: []
+step_up_required: false

package/scopes/delegation.forward.task.yaml

@@ -0,0 +1,36 @@
+id: delegation.forward.task
+version: 1.0.0
+label: Forward task to another agent
+description: Peer can re-delegate a task to a third agent, with automatically attenuated scopes.
+category: delegation
+risk: high
+parameters:
+  - name: agent_allowlist
+    type: AgentDIDList
+    required: true
+    validation: "at-least-one"
+  - name: scope_attenuation
+    type: Enum
+    required: true
+    default: "read_only"
+    validation: ["read_only", "same_scopes", "custom"]
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"redelegate",
+    resource == Connection::"self"
+  ) when {
+    context.delegate_target in {{agent_allowlist_json}} &&
+    context.attenuation_mode == "{{scope_attenuation}}"
+  };
+consent_text_template: "Allow Peer to forward tasks to: {{agent_allowlist_display}}. Forwarded tasks get {{scope_attenuation_human}} access."
+obligations_forced:
+  - type: audit_level
+    params:
+      level: verbose
+  - type: notify_principal
+    params: {}
+implies: []
+conflicts_with: []
+tier_gate: self_xyz.verified_human
+step_up_required: true

package/scopes/files.project.files.delete.yaml

@@ -0,0 +1,31 @@
+id: files.project.files.delete
+version: 1.0.0
+label: Delete files
+description: Peer can delete files in a specific project.
+category: files
+risk: critical
+parameters:
+  - name: project_id
+    type: ProjectID
+    required: true
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"delete",
+    resource in Project::"{{project_id}}"
+  );
+consent_text_template: "Delete files in project {{project_id}} (destructive)."
+obligations_forced:
+  - type: require_principal_confirmation
+    params:
+      max_age_seconds: 0
+  - type: audit_level
+    params:
+      level: verbose
+  - type: notify_principal
+    params: {}
+implies: []
+conflicts_with:
+  - files.share.external
+tier_gate: self_xyz.verified_human
+step_up_required: true

package/scopes/files.project.files.list.yaml

@@ -0,0 +1,22 @@
+id: files.project.files.list
+version: 1.0.0
+label: List files in a project
+description: Peer can list the file names in a specific project, not their contents.
+category: files
+risk: low
+parameters:
+  - name: project_id
+    type: ProjectID
+    required: true
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"list",
+    resource in Project::"{{project_id}}"
+  );
+consent_text_template: "List files in project {{project_id}}."
+obligations_forced: []
+implies:
+  - files.project.metadata.read
+conflicts_with: []
+step_up_required: false

package/scopes/files.project.files.read.yaml

@@ -0,0 +1,35 @@
+id: files.project.files.read
+version: 1.0.0
+label: Read file contents
+description: Peer can read the contents of files in a specific project.
+category: files
+risk: medium
+parameters:
+  - name: project_id
+    type: ProjectID
+    required: true
+  - name: max_size_mb
+    type: Integer
+    required: true
+    default: 10
+    validation: "1..100"
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action in [Action::"read", Action::"list"],
+    resource in Project::"{{project_id}}"
+  ) when {
+    resource.size_bytes <= {{max_size_mb}} * 1048576 &&
+    !resource.tags.contains("confidential") &&
+    !resource.tags.contains("do-not-share")
+  };
+consent_text_template: "Read files in {{project.name}} (up to {{max_size_mb}} MB each; excludes items tagged confidential)."
+obligations_forced:
+  - type: audit_level
+    params:
+      level: verbose
+implies:
+  - files.project.files.list
+  - files.project.metadata.read
+conflicts_with: []
+step_up_required: false

package/scopes/files.project.files.summarize.yaml

@@ -0,0 +1,30 @@
+id: files.project.files.summarize
+version: 1.0.0
+label: Summaries only (derive)
+description: Peer receives model-generated summaries of files in a project, never the raw contents.
+category: files
+risk: low
+parameters:
+  - name: project_id
+    type: ProjectID
+    required: true
+  - name: max_output_words
+    type: Integer
+    required: true
+    default: 2000
+    validation: "100..10000"
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"summarize",
+    resource in Project::"{{project_id}}"
+  );
+consent_text_template: "Summarize files in project {{project_id}} (up to {{max_output_words}} words)."
+obligations_forced:
+  - type: summarize_only
+    params:
+      max_words: "{{max_output_words}}"
+implies:
+  - files.project.files.read
+conflicts_with: []
+step_up_required: false

package/scopes/files.project.files.write.yaml

@@ -0,0 +1,34 @@
+id: files.project.files.write
+version: 1.0.0
+label: Create/modify files
+description: Peer can create and modify files in a specific project, up to a maximum size per file.
+category: files
+risk: high
+parameters:
+  - name: project_id
+    type: ProjectID
+    required: true
+  - name: max_size_mb
+    type: Integer
+    required: true
+    default: 10
+    validation: "1..100"
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action in [Action::"write", Action::"update"],
+    resource in Project::"{{project_id}}"
+  ) when {
+    context.written_size_bytes <= {{max_size_mb}} * 1048576
+  };
+consent_text_template: "Create or modify files in {{project_id}} (up to {{max_size_mb}} MB each)."
+obligations_forced:
+  - type: audit_level
+    params:
+      level: verbose
+  - type: notify_principal
+    params: {}
+implies:
+  - files.project.files.read
+conflicts_with: []
+step_up_required: true

package/scopes/files.project.metadata.read.yaml

@@ -0,0 +1,21 @@
+id: files.project.metadata.read
+version: 1.0.0
+label: Read project metadata
+description: Peer can read a specific project's metadata (name, description, tags), not its files.
+category: files
+risk: low
+parameters:
+  - name: project_id
+    type: ProjectID
+    required: true
+cedar_template: |
+  permit (
+    principal == Agent::"{{audience_did}}",
+    action == Action::"read_metadata",
+    resource == Project::"{{project_id}}"
+  );
+consent_text_template: "Read metadata for project {{project_id}}."
+obligations_forced: []
+implies: []
+conflicts_with: []
+step_up_required: false