agentskeptic 2.4.0 → 3.0.0

package/schemas/openapi-commercial-v1.in.yaml

@@ -304,6 +304,48 @@ paths:
             application/json:
               schema:
                 $ref: "#/components/schemas/ProblemDetails"
+  /api/v1/funnel/trust-decision-blocked:
+    post:
+      operationId: postTrustDecisionBlocked
+      summary: Record a blocked irreversible trust decision (idempotent per API key + fingerprint)
+      description: >
+        POST when an in-process gate blocks an irreversible action. Success is HTTP 204.
+        Requires Bearer API key with report scope. Duplicate fingerprint returns 204 without a second funnel insert.
+      security:
+        - bearerAuth: []
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/TrustDecisionRecordRequestV1"
+      responses:
+        "204":
+          description: Record accepted or duplicate ignored
+        "400":
+          description: Invalid JSON or validation failure
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ProblemDetails"
+        "401":
+          description: Invalid API key
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ProblemDetails"
+        "413":
+          description: Payload too large
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ProblemDetails"
+        "503":
+          description: Server error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ProblemDetails"
   /api/oss/claim-ticket:
     post:
       operationId: postOssClaimTicket
@@ -564,6 +606,102 @@ components:
         subcommand:
           type: string
           enum: [batch_verify, quick_verify, verify_integrator_owned]
+    TrustDecisionRecordRequestV1:
+      type: object
+      additionalProperties: false
+      required:
+        - schema_version
+        - trust_decision
+        - gate_kind
+        - routing
+        - certificate_snapshot
+        - human_blocker_lines
+      properties:
+        schema_version:
+          type: integer
+          const: 1
+        trust_decision:
+          type: string
+          enum: [safe, unsafe, unknown]
+        gate_kind:
+          type: string
+          enum: [contract_sql_irreversible, langgraph_checkpoint_terminal]
+        routing:
+          type: object
+          additionalProperties: false
+          required:
+            - routing_key
+          properties:
+            routing_key:
+              type: string
+              maxLength: 512
+            team:
+              type: string
+              maxLength: 256
+            owner_slug:
+              type: string
+              maxLength: 256
+        certificate_snapshot:
+          $ref: "#/components/schemas/TrustCertificateSnapshotRequestV1"
+        human_blocker_lines:
+          type: array
+          minItems: 6
+          maxItems: 6
+          items:
+            type: string
+    TrustCertificateSnapshotRequestV1:
+      type: object
+      additionalProperties: false
+      required:
+        - schema_version
+        - workflow_id
+        - run_kind
+        - state_relation
+        - high_stakes_reliance
+        - reason_codes
+        - first_problem
+      properties:
+        schema_version:
+          type: integer
+          const: 1
+        workflow_id:
+          type: string
+          maxLength: 512
+        run_kind:
+          type: string
+          enum: [contract_sql, contract_sql_langgraph_checkpoint_trust, quick_preview]
+        state_relation:
+          type: string
+          enum: [matches_expectations, does_not_match, not_established]
+        high_stakes_reliance:
+          type: string
+          enum: [permitted, prohibited]
+        reason_codes:
+          type: array
+          maxItems: 24
+          items:
+            type: string
+        first_problem:
+          nullable: true
+          type: object
+          additionalProperties: false
+          required:
+            - seq
+            - tool_id
+            - observed_trunc
+            - expected_trunc
+          properties:
+            seq:
+              type: integer
+              minimum: 0
+            tool_id:
+              type: string
+            observed_trunc:
+              type: string
+              maxLength: 512
+            expected_trunc:
+              type: string
+              maxLength: 512
     OssClaimTicketRequest:
       type: object
       description: v1 or v2 OSS claim ticket wire shape (see website/src/lib/ossClaimTicketPayload.ts).

package/schemas/openapi-commercial-v1.yaml

@@ -1,7 +1,7 @@
 openapi: "3.0.3"
 info:
   title: AgentSkeptic commercial license API
-  version: "2.4.0"
+  version: "3.0.0"
   contact:
     url: https://agentskeptic.com
   x-agentskeptic-distribution:
@@ -304,6 +304,48 @@ paths:
             application/json:
               schema:
                 $ref: "#/components/schemas/ProblemDetails"
+  /api/v1/funnel/trust-decision-blocked:
+    post:
+      operationId: postTrustDecisionBlocked
+      summary: Record a blocked irreversible trust decision (idempotent per API key + fingerprint)
+      description: >
+        POST when an in-process gate blocks an irreversible action. Success is HTTP 204.
+        Requires Bearer API key with report scope. Duplicate fingerprint returns 204 without a second funnel insert.
+      security:
+        - bearerAuth: []
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/TrustDecisionRecordRequestV1"
+      responses:
+        "204":
+          description: Record accepted or duplicate ignored
+        "400":
+          description: Invalid JSON or validation failure
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ProblemDetails"
+        "401":
+          description: Invalid API key
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ProblemDetails"
+        "413":
+          description: Payload too large
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ProblemDetails"
+        "503":
+          description: Server error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ProblemDetails"
   /api/oss/claim-ticket:
     post:
       operationId: postOssClaimTicket
@@ -564,6 +606,102 @@ components:
         subcommand:
           type: string
           enum: [batch_verify, quick_verify, verify_integrator_owned]
+    TrustDecisionRecordRequestV1:
+      type: object
+      additionalProperties: false
+      required:
+        - schema_version
+        - trust_decision
+        - gate_kind
+        - routing
+        - certificate_snapshot
+        - human_blocker_lines
+      properties:
+        schema_version:
+          type: integer
+          const: 1
+        trust_decision:
+          type: string
+          enum: [safe, unsafe, unknown]
+        gate_kind:
+          type: string
+          enum: [contract_sql_irreversible, langgraph_checkpoint_terminal]
+        routing:
+          type: object
+          additionalProperties: false
+          required:
+            - routing_key
+          properties:
+            routing_key:
+              type: string
+              maxLength: 512
+            team:
+              type: string
+              maxLength: 256
+            owner_slug:
+              type: string
+              maxLength: 256
+        certificate_snapshot:
+          $ref: "#/components/schemas/TrustCertificateSnapshotRequestV1"
+        human_blocker_lines:
+          type: array
+          minItems: 6
+          maxItems: 6
+          items:
+            type: string
+    TrustCertificateSnapshotRequestV1:
+      type: object
+      additionalProperties: false
+      required:
+        - schema_version
+        - workflow_id
+        - run_kind
+        - state_relation
+        - high_stakes_reliance
+        - reason_codes
+        - first_problem
+      properties:
+        schema_version:
+          type: integer
+          const: 1
+        workflow_id:
+          type: string
+          maxLength: 512
+        run_kind:
+          type: string
+          enum: [contract_sql, contract_sql_langgraph_checkpoint_trust, quick_preview]
+        state_relation:
+          type: string
+          enum: [matches_expectations, does_not_match, not_established]
+        high_stakes_reliance:
+          type: string
+          enum: [permitted, prohibited]
+        reason_codes:
+          type: array
+          maxItems: 24
+          items:
+            type: string
+        first_problem:
+          nullable: true
+          type: object
+          additionalProperties: false
+          required:
+            - seq
+            - tool_id
+            - observed_trunc
+            - expected_trunc
+          properties:
+            seq:
+              type: integer
+              minimum: 0
+            tool_id:
+              type: string
+            observed_trunc:
+              type: string
+              maxLength: 512
+            expected_trunc:
+              type: string
+              maxLength: 512
     OssClaimTicketRequest:
       type: object
       description: v1 or v2 OSS claim ticket wire shape (see website/src/lib/ossClaimTicketPayload.ts).

package/schemas/trust-certificate-snapshot-v1.schema.json

@@ -0,0 +1,36 @@
+{
+  "$id": "https://agentskeptic.com/schemas/trust-certificate-snapshot-v1.schema.json",
+  "title": "TrustCertificateSnapshotV1",
+  "type": "object",
+  "additionalProperties": false,
+  "required": ["schema_version", "workflow_id", "run_kind", "state_relation", "high_stakes_reliance", "reason_codes", "first_problem"],
+  "properties": {
+    "schema_version": { "type": "integer", "const": 1 },
+    "workflow_id": { "type": "string", "minLength": 1, "maxLength": 512 },
+    "run_kind": {
+      "type": "string",
+      "enum": ["contract_sql", "contract_sql_langgraph_checkpoint_trust", "quick_preview"]
+    },
+    "state_relation": {
+      "type": "string",
+      "enum": ["matches_expectations", "does_not_match", "not_established"]
+    },
+    "high_stakes_reliance": { "type": "string", "enum": ["permitted", "prohibited"] },
+    "reason_codes": {
+      "type": "array",
+      "maxItems": 24,
+      "items": { "type": "string", "minLength": 1, "maxLength": 256 }
+    },
+    "first_problem": {
+      "type": ["object", "null"],
+      "additionalProperties": false,
+      "required": ["seq", "tool_id", "observed_trunc", "expected_trunc"],
+      "properties": {
+        "seq": { "type": "integer", "minimum": 0 },
+        "tool_id": { "type": "string" },
+        "observed_trunc": { "type": "string", "maxLength": 512 },
+        "expected_trunc": { "type": "string", "maxLength": 512 }
+      }
+    }
+  }
+}

package/schemas/trust-decision-record-v1.schema.json

@@ -0,0 +1,72 @@
+{
+  "$id": "https://agentskeptic.com/schemas/trust-decision-record-v1.schema.json",
+  "title": "TrustDecisionRecordV1",
+  "type": "object",
+  "additionalProperties": false,
+  "required": [
+    "schema_version",
+    "trust_decision",
+    "gate_kind",
+    "routing",
+    "certificate_snapshot",
+    "human_blocker_lines"
+  ],
+  "properties": {
+    "schema_version": { "type": "integer", "const": 1 },
+    "trust_decision": { "type": "string", "enum": ["safe", "unsafe", "unknown"] },
+    "gate_kind": {
+      "type": "string",
+      "enum": ["contract_sql_irreversible", "langgraph_checkpoint_terminal"]
+    },
+    "routing": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": ["routing_key"],
+      "properties": {
+        "routing_key": { "type": "string", "minLength": 1, "maxLength": 512 },
+        "team": { "type": "string", "maxLength": 256 },
+        "owner_slug": { "type": "string", "maxLength": 256 }
+      }
+    },
+    "certificate_snapshot": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": ["schema_version", "workflow_id", "run_kind", "state_relation", "high_stakes_reliance", "reason_codes", "first_problem"],
+      "properties": {
+        "schema_version": { "type": "integer", "const": 1 },
+        "workflow_id": { "type": "string", "minLength": 1, "maxLength": 512 },
+        "run_kind": {
+          "type": "string",
+          "enum": ["contract_sql", "contract_sql_langgraph_checkpoint_trust", "quick_preview"]
+        },
+        "state_relation": {
+          "type": "string",
+          "enum": ["matches_expectations", "does_not_match", "not_established"]
+        },
+        "high_stakes_reliance": { "type": "string", "enum": ["permitted", "prohibited"] },
+        "reason_codes": {
+          "type": "array",
+          "maxItems": 24,
+          "items": { "type": "string", "minLength": 1, "maxLength": 256 }
+        },
+        "first_problem": {
+          "type": ["object", "null"],
+          "additionalProperties": false,
+          "required": ["seq", "tool_id", "observed_trunc", "expected_trunc"],
+          "properties": {
+            "seq": { "type": "integer", "minimum": 0 },
+            "tool_id": { "type": "string" },
+            "observed_trunc": { "type": "string", "maxLength": 512 },
+            "expected_trunc": { "type": "string", "maxLength": 512 }
+          }
+        }
+      }
+    },
+    "human_blocker_lines": {
+      "type": "array",
+      "minItems": 6,
+      "maxItems": 6,
+      "items": { "type": "string", "maxLength": 4096 }
+    }
+  }
+}

package/dist/decisionUnsafeError.d.ts

@@ -1,8 +0,0 @@
-import type { OutcomeCertificateV1 } from "./outcomeCertificate.js";
-import type { TrustDecision } from "./trustDecision.js";
-export declare class DecisionUnsafeError extends Error {
-    readonly trustDecision: TrustDecision;
-    readonly certificate: OutcomeCertificateV1;
-    constructor(certificate: OutcomeCertificateV1, lines: string[]);
-}
-//# sourceMappingURL=decisionUnsafeError.d.ts.map

package/dist/decisionUnsafeError.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"decisionUnsafeError.d.ts","sourceRoot":"","sources":["../src/decisionUnsafeError.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAC;AACpE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAGxD,qBAAa,mBAAoB,SAAQ,KAAK;IAC5C,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC;IACtC,QAAQ,CAAC,WAAW,EAAE,oBAAoB,CAAC;gBAE/B,WAAW,EAAE,oBAAoB,EAAE,KAAK,EAAE,MAAM,EAAE;CAM/D"}

package/dist/decisionUnsafeError.js

@@ -1,12 +0,0 @@
-import { trustDecisionFromCertificate } from "./trustDecision.js";
-export class DecisionUnsafeError extends Error {
-    trustDecision;
-    certificate;
-    constructor(certificate, lines) {
-        super(lines.join("\n"));
-        this.name = "DecisionUnsafeError";
-        this.certificate = certificate;
-        this.trustDecision = trustDecisionFromCertificate(certificate);
-    }
-}
-//# sourceMappingURL=decisionUnsafeError.js.map

package/dist/decisionUnsafeError.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"decisionUnsafeError.js","sourceRoot":"","sources":["../src/decisionUnsafeError.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,4BAA4B,EAAE,MAAM,oBAAoB,CAAC;AAElE,MAAM,OAAO,mBAAoB,SAAQ,KAAK;IACnC,aAAa,CAAgB;IAC7B,WAAW,CAAuB;IAE3C,YAAY,WAAiC,EAAE,KAAe;QAC5D,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;QAClC,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,aAAa,GAAG,4BAA4B,CAAC,WAAW,CAAC,CAAC;IACjE,CAAC;CACF"}

package/dist/langGraphCheckpointTrustUnsafeError.d.ts

@@ -1,8 +0,0 @@
-import type { OutcomeCertificateV1 } from "./outcomeCertificate.js";
-import type { TrustDecision } from "./trustDecision.js";
-export declare class LangGraphCheckpointTrustUnsafeError extends Error {
-    readonly trustDecision: TrustDecision;
-    readonly certificate: OutcomeCertificateV1;
-    constructor(certificate: OutcomeCertificateV1, lines: string[]);
-}
-//# sourceMappingURL=langGraphCheckpointTrustUnsafeError.d.ts.map

package/dist/langGraphCheckpointTrustUnsafeError.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"langGraphCheckpointTrustUnsafeError.d.ts","sourceRoot":"","sources":["../src/langGraphCheckpointTrustUnsafeError.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAC;AACpE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAGxD,qBAAa,mCAAoC,SAAQ,KAAK;IAC5D,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC;IACtC,QAAQ,CAAC,WAAW,EAAE,oBAAoB,CAAC;gBAE/B,WAAW,EAAE,oBAAoB,EAAE,KAAK,EAAE,MAAM,EAAE;CAM/D"}

package/dist/langGraphCheckpointTrustUnsafeError.js

@@ -1,12 +0,0 @@
-import { trustDecisionFromCertificate } from "./trustDecision.js";
-export class LangGraphCheckpointTrustUnsafeError extends Error {
-    trustDecision;
-    certificate;
-    constructor(certificate, lines) {
-        super(lines.join("\n"));
-        this.name = "LangGraphCheckpointTrustUnsafeError";
-        this.certificate = certificate;
-        this.trustDecision = trustDecisionFromCertificate(certificate);
-    }
-}
-//# sourceMappingURL=langGraphCheckpointTrustUnsafeError.js.map

package/dist/langGraphCheckpointTrustUnsafeError.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"langGraphCheckpointTrustUnsafeError.js","sourceRoot":"","sources":["../src/langGraphCheckpointTrustUnsafeError.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,4BAA4B,EAAE,MAAM,oBAAoB,CAAC;AAElE,MAAM,OAAO,mCAAoC,SAAQ,KAAK;IACnD,aAAa,CAAgB;IAC7B,WAAW,CAAuB;IAE3C,YAAY,WAAiC,EAAE,KAAe;QAC5D,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,GAAG,qCAAqC,CAAC;QAClD,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,aAAa,GAAG,4BAA4B,CAAC,WAAW,CAAC,CAAC;IACjE,CAAC;CACF"}