PyPI - agent-alignment-protocol - Versions diffs - 0.1.7__tar.gz → 0.1.8__tar.gz - Mend

agent-alignment-protocol 0.1.7tar.gz → 0.1.8tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

{agent_alignment_protocol-0.1.7 → agent_alignment_protocol-0.1.8}/.gitignore RENAMED Viewed

@@ -71,3 +71,4 @@ traces/
 # Claude Code
 .claude/
 .mcp.json
+*.tgz

{agent_alignment_protocol-0.1.7 → agent_alignment_protocol-0.1.8}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: agent-alignment-protocol
-Version: 0.1.7
+Version: 0.1.8
 Summary: Agent Alignment Protocol - The missing alignment layer for the agent protocol stack
 Project-URL: Homepage, https://github.com/mnemom/aap
 Project-URL: Documentation, https://github.com/mnemom/aap#readme
@@ -216,7 +216,7 @@ For the complete limitations disclosure, see [Section 10 of the Specification](d
 pip install agent-alignment-protocol
 # TypeScript
-npm install agent-alignment-protocol
+npm install @mnemom/agent-alignment-protocol
 ```
 ## Integration
@@ -280,6 +280,26 @@ for alert in alerts:
 - Forbidden action compliance (no forbidden actions taken)
 - Behavioral similarity (semantic alignment using SSM analysis)
+### Action Name Matching
+Bounded and forbidden action lists support flexible matching (v0.1.7+):
+```json
+{
+  "bounded_actions": [
+    "search",
+    "exec: execute shell commands",
+    "cron: manage scheduled patrol jobs"
+  ]
+}
+```
+- **Exact match**: `"search"` matches action name `"search"`
+- **Colon-prefix match**: `"exec: execute shell commands"` matches action name `"exec"`
+- **Compound actions**: action name `"exec, read"` matches when *each* component is in the bounded list
+This allows descriptive entries in alignment cards while keeping verification flexible.
 **Similarity scoring:** Each verification returns a `similarity_score` (0.0-1.0) measuring semantic similarity between the trace and declared alignment. If a trace passes structural checks but has `similarity_score < 0.50`, a `low_behavioral_similarity` warning is generated.
 ## Try It
@@ -314,7 +334,7 @@ No server required — runs entirely client-side via WebAssembly.
 ## Status
-**Current Version**: 0.1.1 (Draft)
+**Current Version**: 0.1.8
 | Component | Status |
 |-----------|--------|

{agent_alignment_protocol-0.1.7 → agent_alignment_protocol-0.1.8}/README.md RENAMED Viewed

@@ -176,7 +176,7 @@ For the complete limitations disclosure, see [Section 10 of the Specification](d
 pip install agent-alignment-protocol
 # TypeScript
-npm install agent-alignment-protocol
+npm install @mnemom/agent-alignment-protocol
 ```
 ## Integration
@@ -240,6 +240,26 @@ for alert in alerts:
 - Forbidden action compliance (no forbidden actions taken)
 - Behavioral similarity (semantic alignment using SSM analysis)
+### Action Name Matching
+Bounded and forbidden action lists support flexible matching (v0.1.7+):
+```json
+{
+  "bounded_actions": [
+    "search",
+    "exec: execute shell commands",
+    "cron: manage scheduled patrol jobs"
+  ]
+}
+```
+- **Exact match**: `"search"` matches action name `"search"`
+- **Colon-prefix match**: `"exec: execute shell commands"` matches action name `"exec"`
+- **Compound actions**: action name `"exec, read"` matches when *each* component is in the bounded list
+This allows descriptive entries in alignment cards while keeping verification flexible.
 **Similarity scoring:** Each verification returns a `similarity_score` (0.0-1.0) measuring semantic similarity between the trace and declared alignment. If a trace passes structural checks but has `similarity_score < 0.50`, a `low_behavioral_similarity` warning is generated.
 ## Try It
@@ -274,7 +294,7 @@ No server required — runs entirely client-side via WebAssembly.
 ## Status
-**Current Version**: 0.1.1 (Draft)
+**Current Version**: 0.1.8
 | Component | Status |
 |-----------|--------|

{agent_alignment_protocol-0.1.7 → agent_alignment_protocol-0.1.8}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 [project]
 name = "agent-alignment-protocol"
-version = "0.1.7"
+version = "0.1.8"
 description = "Agent Alignment Protocol - The missing alignment layer for the agent protocol stack"
 readme = "README.md"
 license = "Apache-2.0"

{agent_alignment_protocol-0.1.7 → agent_alignment_protocol-0.1.8}/src/aap/verification/api.py RENAMED Viewed

@@ -39,6 +39,42 @@ from aap.verification.models import (
 )
+def action_matches_list(action_name: str, action_list: list[str]) -> bool:
+    """Check if a (possibly compound) action name matches any entry in a list.
+    Supports exact match, prefix match (before ':'), and compound name splitting.
+    Port of the TypeScript actionMatchesList() for SDK parity.
+    Args:
+        action_name: Action name, possibly compound (e.g. "exec, read")
+        action_list: List of allowed/forbidden action entries,
+                     possibly with colon descriptions (e.g. "exec: execute shell commands")
+    Returns:
+        True if the action name matches an entry in the list
+    """
+    components = action_name.split(", ") if ", " in action_name else [action_name]
+    return all(
+        _action_component_matches(component.strip(), action_list)
+        for component in components
+        if component.strip()
+    )
+def _action_component_matches(component: str, action_list: list[str]) -> bool:
+    """Check if a single action component matches any entry in the list."""
+    for entry in action_list:
+        if entry == component:
+            return True
+        colon_index = entry.find(":")
+        if colon_index > 0:
+            prefix = entry[:colon_index].strip()
+            if prefix == component:
+                return True
+    return False
 def verify_trace(
     trace: dict[str, Any],
     card: dict[str, Any],
@@ -103,7 +139,7 @@ def verify_trace(
     if action_category == "bounded":
         bounded_actions = envelope.get("bounded_actions", [])
-        if action_name and action_name not in bounded_actions:
+        if action_name and not action_matches_list(action_name, bounded_actions):
             violations.append(Violation.create(
                 ViolationType.UNBOUNDED_ACTION,
                 f"Action '{action_name}' not in bounded_actions: {bounded_actions}",
@@ -113,7 +149,7 @@ def verify_trace(
     # Check forbidden actions
     checks_performed.append("forbidden")
     forbidden_actions = envelope.get("forbidden_actions", [])
-    if action_name and action_name in forbidden_actions:
+    if action_name and action_matches_list(action_name, forbidden_actions):
         violations.append(Violation.create(
             ViolationType.FORBIDDEN_ACTION,
             f"Action '{action_name}' is in forbidden_actions",