@neuroverseos/governance 0.1.6 → 0.2.1

package/dist/adapters/openai.cjs

@@ -37,6 +37,205 @@ __export(openai_exports, {
 });
 module.exports = __toCommonJS(openai_exports);
 
+// src/engine/plan-engine.ts
+function keywordMatch(eventText, step) {
+  const stepText = [
+    step.label,
+    step.description ?? "",
+    ...step.tags ?? []
+  ].join(" ").toLowerCase();
+  const keywords = stepText.split(/\s+/).filter((w) => w.length > 3);
+  if (keywords.length === 0) return false;
+  const matched = keywords.filter((kw) => eventText.includes(kw));
+  return matched.length >= Math.ceil(keywords.length * 0.5);
+}
+function tokenSimilarity(a, b) {
+  const tokensA = new Set(a.toLowerCase().split(/\s+/).filter((w) => w.length > 2));
+  const tokensB = new Set(b.toLowerCase().split(/\s+/).filter((w) => w.length > 2));
+  if (tokensA.size === 0 || tokensB.size === 0) return 0;
+  let intersection = 0;
+  for (const t of tokensA) {
+    if (tokensB.has(t)) intersection++;
+  }
+  const union = (/* @__PURE__ */ new Set([...tokensA, ...tokensB])).size;
+  return union > 0 ? intersection / union : 0;
+}
+function findMatchingStep(eventText, event, steps) {
+  const pendingOrActive = steps.filter((s) => s.status === "pending" || s.status === "active");
+  if (pendingOrActive.length === 0) {
+    return { matched: null, closest: null, closestScore: 0 };
+  }
+  for (const step of pendingOrActive) {
+    if (keywordMatch(eventText, step)) {
+      if (step.tools && event.tool && !step.tools.includes(event.tool)) {
+        continue;
+      }
+      return { matched: step, closest: step, closestScore: 1 };
+    }
+  }
+  const intentText = [event.intent, event.tool ?? "", event.scope ?? ""].join(" ");
+  let bestStep = null;
+  let bestScore = 0;
+  for (const step of pendingOrActive) {
+    const stepText = [step.label, step.description ?? "", ...step.tags ?? []].join(" ");
+    const score = tokenSimilarity(intentText, stepText);
+    if (score > bestScore) {
+      bestScore = score;
+      bestStep = step;
+    }
+  }
+  const SIMILARITY_THRESHOLD = 0.35;
+  if (bestScore >= SIMILARITY_THRESHOLD && bestStep) {
+    if (bestStep.tools && event.tool && !bestStep.tools.includes(event.tool)) {
+      return { matched: null, closest: bestStep, closestScore: bestScore };
+    }
+    return { matched: bestStep, closest: bestStep, closestScore: bestScore };
+  }
+  return { matched: null, closest: bestStep, closestScore: bestScore };
+}
+function isSequenceValid(step, plan) {
+  if (!plan.sequential) return true;
+  if (!step.requires || step.requires.length === 0) return true;
+  return step.requires.every((reqId) => {
+    const reqStep = plan.steps.find((s) => s.id === reqId);
+    return reqStep?.status === "completed";
+  });
+}
+function checkConstraints(event, eventText, constraints) {
+  const checks = [];
+  for (const constraint of constraints) {
+    if (constraint.type === "approval") {
+      if (constraint.trigger && eventText.includes(constraint.trigger.substring(0, 10).toLowerCase())) {
+        checks.push({ constraintId: constraint.id, passed: false, reason: constraint.description });
+        return { violated: constraint, checks };
+      }
+      const keywords = constraint.description.toLowerCase().split(/\s+/).filter((w) => w.length > 3);
+      const relevant = keywords.some((kw) => eventText.includes(kw));
+      if (relevant) {
+        checks.push({ constraintId: constraint.id, passed: false, reason: constraint.description });
+        return { violated: constraint, checks };
+      }
+      checks.push({ constraintId: constraint.id, passed: true });
+      continue;
+    }
+    if (constraint.type === "scope" && constraint.trigger) {
+      const keywords = constraint.trigger.split(/\s+/).filter((w) => w.length > 3);
+      const violated = keywords.length > 0 && keywords.every((kw) => eventText.includes(kw));
+      checks.push({
+        constraintId: constraint.id,
+        passed: !violated,
+        reason: violated ? constraint.description : void 0
+      });
+      if (violated) {
+        return { violated: constraint, checks };
+      }
+      continue;
+    }
+    checks.push({ constraintId: constraint.id, passed: true });
+  }
+  return { violated: null, checks };
+}
+function getPlanProgress(plan) {
+  const completed = plan.steps.filter((s) => s.status === "completed").length;
+  const total = plan.steps.length;
+  return {
+    completed,
+    total,
+    percentage: total > 0 ? Math.round(completed / total * 100) : 0
+  };
+}
+function advancePlan(plan, stepId) {
+  return {
+    ...plan,
+    steps: plan.steps.map(
+      (s) => s.id === stepId ? { ...s, status: "completed" } : s
+    )
+  };
+}
+function evaluatePlan(event, plan) {
+  const progress = getPlanProgress(plan);
+  if (plan.expires_at) {
+    const expiresAt = new Date(plan.expires_at).getTime();
+    if (Date.now() > expiresAt) {
+      return {
+        allowed: true,
+        status: "PLAN_COMPLETE",
+        reason: "Plan has expired.",
+        progress
+      };
+    }
+  }
+  if (progress.completed === progress.total) {
+    return {
+      allowed: true,
+      status: "PLAN_COMPLETE",
+      reason: "All plan steps are completed.",
+      progress
+    };
+  }
+  const eventText = [
+    event.intent,
+    event.tool ?? "",
+    event.scope ?? ""
+  ].join(" ").toLowerCase();
+  const { matched, closest, closestScore } = findMatchingStep(eventText, event, plan.steps);
+  if (!matched) {
+    return {
+      allowed: false,
+      status: "OFF_PLAN",
+      reason: "Action does not match any plan step.",
+      closestStep: closest?.label,
+      similarityScore: closestScore,
+      progress
+    };
+  }
+  if (!isSequenceValid(matched, plan)) {
+    const pendingDeps = (matched.requires ?? []).filter((reqId) => plan.steps.find((s) => s.id === reqId)?.status !== "completed").join(", ");
+    return {
+      allowed: false,
+      status: "OFF_PLAN",
+      reason: `Step "${matched.label}" requires completion of: ${pendingDeps}`,
+      matchedStep: matched.id,
+      progress
+    };
+  }
+  const { violated } = checkConstraints(event, eventText, plan.constraints);
+  if (violated) {
+    return {
+      allowed: false,
+      status: "CONSTRAINT_VIOLATED",
+      reason: violated.description,
+      matchedStep: matched.id,
+      progress
+    };
+  }
+  return {
+    allowed: true,
+    status: "ON_PLAN",
+    reason: `Matches step: ${matched.label}`,
+    matchedStep: matched.id,
+    progress
+  };
+}
+function buildPlanCheck(event, plan, verdict) {
+  const eventText = [event.intent, event.tool ?? "", event.scope ?? ""].join(" ").toLowerCase();
+  const { matched, closest, closestScore } = findMatchingStep(eventText, event, plan.steps);
+  const { checks: constraintChecks } = checkConstraints(event, eventText, plan.constraints);
+  const progress = getPlanProgress(plan);
+  return {
+    planId: plan.plan_id,
+    matched: !!matched,
+    matchedStepId: matched?.id,
+    matchedStepLabel: matched?.label,
+    closestStepId: !matched ? closest?.id : void 0,
+    closestStepLabel: !matched ? closest?.label : void 0,
+    similarityScore: !matched ? closestScore : void 0,
+    sequenceValid: matched ? isSequenceValid(matched, plan) : void 0,
+    constraintsChecked: constraintChecks,
+    progress: { completed: progress.completed, total: progress.total }
+  };
+}
+
 // src/engine/guard-engine.ts
 var PROMPT_INJECTION_PATTERNS = [
   // Instruction override
@@ -128,6 +327,7 @@ function evaluateGuard(event, world, options = {}) {
   const eventText = (event.intent + " " + (event.tool ?? "") + " " + (event.scope ?? "")).toLowerCase();
   const invariantChecks = [];
   const safetyChecks = [];
+  let planCheckResult;
   const roleChecks = [];
   const guardChecks = [];
   const kernelRuleChecks = [];
@@ -155,6 +355,7 @@ function evaluateGuard(event, world, options = {}) {
         includeTrace ? buildTrace(
           invariantChecks,
           safetyChecks,
+          planCheckResult,
           roleChecks,
           guardChecks,
           kernelRuleChecks,
@@ -183,6 +384,7 @@ function evaluateGuard(event, world, options = {}) {
       includeTrace ? buildTrace(
         invariantChecks,
         safetyChecks,
+        planCheckResult,
         roleChecks,
         guardChecks,
         kernelRuleChecks,
@@ -193,6 +395,42 @@ function evaluateGuard(event, world, options = {}) {
       ) : void 0
     );
   }
+  if (options.plan) {
+    const planVerdict = evaluatePlan(event, options.plan);
+    planCheckResult = buildPlanCheck(event, options.plan, planVerdict);
+    if (!planVerdict.allowed && planVerdict.status !== "PLAN_COMPLETE") {
+      decidingLayer = "plan-enforcement";
+      decidingId = `plan-${options.plan.plan_id}`;
+      const planStatus = planVerdict.status === "CONSTRAINT_VIOLATED" ? "PAUSE" : "BLOCK";
+      let reason = planVerdict.reason ?? "Action blocked by plan.";
+      if (planVerdict.status === "OFF_PLAN" && planVerdict.closestStep) {
+        reason += ` Closest step: "${planVerdict.closestStep}" (similarity: ${(planVerdict.similarityScore ?? 0).toFixed(2)})`;
+      }
+      return buildVerdict(
+        planStatus,
+        reason,
+        `plan-${options.plan.plan_id}`,
+        void 0,
+        world,
+        level,
+        invariantChecks,
+        guardsMatched,
+        rulesMatched,
+        includeTrace ? buildTrace(
+          invariantChecks,
+          safetyChecks,
+          planCheckResult,
+          roleChecks,
+          guardChecks,
+          kernelRuleChecks,
+          levelChecks,
+          decidingLayer,
+          decidingId,
+          startTime
+        ) : void 0
+      );
+    }
+  }
   const roleVerdict = checkRoleRules(event, eventText, world, roleChecks);
   if (roleVerdict) {
     decidingLayer = "role";
@@ -210,6 +448,7 @@ function evaluateGuard(event, world, options = {}) {
       includeTrace ? buildTrace(
         invariantChecks,
         safetyChecks,
+        planCheckResult,
         roleChecks,
         guardChecks,
         kernelRuleChecks,
@@ -238,6 +477,7 @@ function evaluateGuard(event, world, options = {}) {
         includeTrace ? buildTrace(
           invariantChecks,
           safetyChecks,
+          planCheckResult,
           roleChecks,
           guardChecks,
           kernelRuleChecks,
@@ -266,6 +506,7 @@ function evaluateGuard(event, world, options = {}) {
       includeTrace ? buildTrace(
         invariantChecks,
         safetyChecks,
+        planCheckResult,
         roleChecks,
         guardChecks,
         kernelRuleChecks,
@@ -293,6 +534,7 @@ function evaluateGuard(event, world, options = {}) {
       includeTrace ? buildTrace(
         invariantChecks,
         safetyChecks,
+        planCheckResult,
         roleChecks,
         guardChecks,
         kernelRuleChecks,
@@ -317,6 +559,7 @@ function evaluateGuard(event, world, options = {}) {
     includeTrace ? buildTrace(
       invariantChecks,
       safetyChecks,
+      planCheckResult,
       roleChecks,
       guardChecks,
       kernelRuleChecks,
@@ -654,8 +897,8 @@ function matchesKeywords(eventText, ruleText) {
 function eventToAllowlistKey(event) {
   return `${(event.tool ?? "*").toLowerCase()}::${event.intent.toLowerCase().trim()}`;
 }
-function buildTrace(invariantChecks, safetyChecks, roleChecks, guardChecks, kernelRuleChecks, levelChecks, decidingLayer, decidingId, startTime) {
-  return {
+function buildTrace(invariantChecks, safetyChecks, planCheck, roleChecks, guardChecks, kernelRuleChecks, levelChecks, decidingLayer, decidingId, startTime) {
+  const trace = {
     invariantChecks,
     safetyChecks,
     roleChecks,
@@ -673,6 +916,7 @@ function buildTrace(invariantChecks, safetyChecks, roleChecks, guardChecks, kern
         "safety-scope-escape",
         "safety-execution-claim",
         "safety-execution-intent",
+        "plan-enforcement",
         "role-rules",
         "declarative-guards",
         "kernel-rules",
@@ -682,6 +926,10 @@ function buildTrace(invariantChecks, safetyChecks, roleChecks, guardChecks, kern
     },
     durationMs: performance.now() - startTime
   };
+  if (planCheck) {
+    trace.planCheck = planCheck;
+  }
+  return trace;
 }
 function buildVerdict(status, reason, ruleId, warning, world, level, invariantChecks, guardsMatched, rulesMatched, trace) {
   const evidence = {
@@ -810,12 +1058,15 @@ var GovernedToolExecutor = class {
   engineOptions;
   mapFn;
   blockMsg;
+  activePlan;
   constructor(world, options = {}) {
     this.world = world;
     this.options = options;
+    this.activePlan = options.plan;
     this.engineOptions = {
       trace: options.trace ?? false,
-      level: options.level
+      level: options.level,
+      plan: this.activePlan
     };
     this.mapFn = options.mapFunctionCall ?? defaultMapFunctionCall;
     this.blockMsg = options.blockMessage ?? defaultBlockMessage;
@@ -832,8 +1083,21 @@ var GovernedToolExecutor = class {
       args = { raw: toolCall.function.arguments };
     }
     const event = this.mapFn(toolCall.function.name, args);
+    this.engineOptions.plan = this.activePlan;
     const verdict = evaluateGuard(event, this.world, this.engineOptions);
     this.options.onEvaluate?.(verdict, event);
+    if (verdict.status === "ALLOW" && this.activePlan) {
+      const planVerdict = evaluatePlan(event, this.activePlan);
+      if (planVerdict.matchedStep) {
+        this.activePlan = advancePlan(this.activePlan, planVerdict.matchedStep);
+        this.engineOptions.plan = this.activePlan;
+        const progress = getPlanProgress(this.activePlan);
+        this.options.onPlanProgress?.(progress);
+        if (progress.completed === progress.total) {
+          this.options.onPlanComplete?.();
+        }
+      }
+    }
     return verdict;
   }
   /**

package/dist/adapters/openai.d.cts

@@ -1,4 +1,4 @@
-import { G as GuardVerdict, a as GuardEvent, W as WorldDefinition } from '../guard-contract-D_RQz9kt.cjs';
+import { G as GuardVerdict, a as GuardEvent, P as PlanDefinition, b as PlanProgress, W as WorldDefinition } from '../guard-contract-D-2LQInm.cjs';
 
 /**
  * NeuroVerse Adapter — OpenAI
@@ -45,6 +45,12 @@ interface GovernedExecutorOptions {
     mapFunctionCall?: (name: string, args: Record<string, unknown>) => GuardEvent;
     /** Message returned to the model when a tool call is blocked. */
     blockMessage?: (verdict: GuardVerdict) => string;
+    /** Active plan overlay for task-scoped governance. */
+    plan?: PlanDefinition;
+    /** Called when plan progress changes. */
+    onPlanProgress?: (progress: PlanProgress) => void;
+    /** Called when all plan steps are completed. */
+    onPlanComplete?: () => void;
 }
 declare class GovernanceBlockedError extends Error {
     readonly verdict: GuardVerdict;
@@ -61,6 +67,7 @@ declare class GovernedToolExecutor {
     private engineOptions;
     private mapFn;
     private blockMsg;
+    private activePlan?;
     constructor(world: WorldDefinition, options?: GovernedExecutorOptions);
     /**
      * Evaluate a single tool call against governance rules.

package/dist/adapters/openai.d.ts

@@ -1,4 +1,4 @@
-import { G as GuardVerdict, a as GuardEvent, W as WorldDefinition } from '../guard-contract-D_RQz9kt.js';
+import { G as GuardVerdict, a as GuardEvent, P as PlanDefinition, b as PlanProgress, W as WorldDefinition } from '../guard-contract-D-2LQInm.js';
 
 /**
  * NeuroVerse Adapter — OpenAI
@@ -45,6 +45,12 @@ interface GovernedExecutorOptions {
     mapFunctionCall?: (name: string, args: Record<string, unknown>) => GuardEvent;
     /** Message returned to the model when a tool call is blocked. */
     blockMessage?: (verdict: GuardVerdict) => string;
+    /** Active plan overlay for task-scoped governance. */
+    plan?: PlanDefinition;
+    /** Called when plan progress changes. */
+    onPlanProgress?: (progress: PlanProgress) => void;
+    /** Called when all plan steps are completed. */
+    onPlanComplete?: () => void;
 }
 declare class GovernanceBlockedError extends Error {
     readonly verdict: GuardVerdict;
@@ -61,6 +67,7 @@ declare class GovernedToolExecutor {
     private engineOptions;
     private mapFn;
     private blockMsg;
+    private activePlan?;
     constructor(world: WorldDefinition, options?: GovernedExecutorOptions);
     /**
      * Evaluate a single tool call against governance rules.

package/dist/adapters/openai.js

@@ -3,9 +3,11 @@ import {
   GovernedToolExecutor,
   createGovernedToolExecutor,
   createGovernedToolExecutorFromWorld
-} from "../chunk-FZQCRGUU.js";
-import "../chunk-B4NF3OLW.js";
-import "../chunk-M3TZFGHO.js";
+} from "../chunk-TINSRYXQ.js";
+import "../chunk-PQBJBVSW.js";
+import "../chunk-JZPQGIKR.js";
+import "../chunk-P74Y66ZV.js";
+import "../chunk-YZFATT7X.js";
 export {
   GovernanceBlockedError,
   GovernedToolExecutor,