PyPI - agent_os_kernel - Versions diffs - 3.1.0__py3-none-any.whl - Mend

agent_os_kernel 3.1.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (337) hide show

agent_control_plane/__init__.py +662 -0
agent_control_plane/a2a_adapter.py +543 -0
agent_control_plane/adapter.py +417 -0
agent_control_plane/agent_hibernation.py +394 -0
agent_control_plane/agent_kernel.py +470 -0
agent_control_plane/compliance.py +720 -0
agent_control_plane/constraint_graphs.py +478 -0
agent_control_plane/control_plane.py +854 -0
agent_control_plane/example_executors.py +195 -0
agent_control_plane/execution_engine.py +231 -0
agent_control_plane/flight_recorder.py +846 -0
agent_control_plane/governance_layer.py +435 -0
agent_control_plane/hf_utils.py +563 -0
agent_control_plane/interfaces/__init__.py +55 -0
agent_control_plane/interfaces/kernel_interface.py +361 -0
agent_control_plane/interfaces/plugin_interface.py +497 -0
agent_control_plane/interfaces/protocol_interfaces.py +387 -0
agent_control_plane/kernel_space.py +1009 -0
agent_control_plane/langchain_adapter.py +424 -0
agent_control_plane/lifecycle.py +3113 -0
agent_control_plane/mcp_adapter.py +653 -0
agent_control_plane/ml_safety.py +563 -0
agent_control_plane/multimodal.py +727 -0
agent_control_plane/mute_agent.py +422 -0
agent_control_plane/observability.py +787 -0
agent_control_plane/orchestrator.py +482 -0
agent_control_plane/plugin_registry.py +750 -0
agent_control_plane/policy_engine.py +954 -0
agent_control_plane/process_isolation.py +777 -0
agent_control_plane/shadow_mode.py +310 -0
agent_control_plane/signals.py +493 -0
agent_control_plane/supervisor_agents.py +430 -0
agent_control_plane/time_travel_debugger.py +557 -0
agent_control_plane/tool_registry.py +452 -0
agent_control_plane/vfs.py +697 -0
agent_kernel/__init__.py +69 -0
agent_kernel/analyzer.py +435 -0
agent_kernel/auditor.py +36 -0
agent_kernel/completeness_auditor.py +237 -0
agent_kernel/detector.py +203 -0
agent_kernel/kernel.py +744 -0
agent_kernel/memory_manager.py +85 -0
agent_kernel/models.py +374 -0
agent_kernel/nudge_mechanism.py +263 -0
agent_kernel/outcome_analyzer.py +338 -0
agent_kernel/patcher.py +582 -0
agent_kernel/semantic_analyzer.py +316 -0
agent_kernel/semantic_purge.py +349 -0
agent_kernel/simulator.py +449 -0
agent_kernel/teacher.py +85 -0
agent_kernel/triage.py +152 -0
agent_os/__init__.py +409 -0
agent_os/_adversarial_impl.py +200 -0
agent_os/_circuit_breaker_impl.py +232 -0
agent_os/_mcp_metrics.py +193 -0
agent_os/adversarial.py +20 -0
agent_os/agents_compat.py +490 -0
agent_os/audit_logger.py +135 -0
agent_os/base_agent.py +651 -0
agent_os/circuit_breaker.py +34 -0
agent_os/cli/__init__.py +659 -0
agent_os/cli/cmd_audit.py +128 -0
agent_os/cli/cmd_init.py +152 -0
agent_os/cli/cmd_policy.py +41 -0
agent_os/cli/cmd_policy_gen.py +180 -0
agent_os/cli/cmd_validate.py +258 -0
agent_os/cli/mcp_scan.py +265 -0
agent_os/cli/output.py +192 -0
agent_os/cli/policy_checker.py +330 -0
agent_os/compat.py +74 -0
agent_os/constraint_graph.py +234 -0
agent_os/content_governance.py +140 -0
agent_os/context_budget.py +305 -0
agent_os/credential_redactor.py +224 -0
agent_os/diff_policy.py +89 -0
agent_os/egress_policy.py +159 -0
agent_os/escalation.py +276 -0
agent_os/event_bus.py +124 -0
agent_os/exceptions.py +180 -0
agent_os/execution_context_policy.py +141 -0
agent_os/github_enterprise.py +96 -0
agent_os/health.py +20 -0
agent_os/integrations/__init__.py +279 -0
agent_os/integrations/a2a_adapter.py +279 -0
agent_os/integrations/agent_lightning/__init__.py +30 -0
agent_os/integrations/anthropic_adapter.py +420 -0
agent_os/integrations/autogen_adapter.py +620 -0
agent_os/integrations/base.py +1137 -0
agent_os/integrations/compat.py +229 -0
agent_os/integrations/config.py +98 -0
agent_os/integrations/conversation_guardian.py +957 -0
agent_os/integrations/crewai_adapter.py +467 -0
agent_os/integrations/drift_detector.py +425 -0
agent_os/integrations/dry_run.py +124 -0
agent_os/integrations/escalation.py +582 -0
agent_os/integrations/gemini_adapter.py +364 -0
agent_os/integrations/google_adk_adapter.py +633 -0
agent_os/integrations/guardrails_adapter.py +394 -0
agent_os/integrations/health.py +197 -0
agent_os/integrations/langchain_adapter.py +654 -0
agent_os/integrations/llamafirewall.py +343 -0
agent_os/integrations/llamaindex_adapter.py +188 -0
agent_os/integrations/logging.py +191 -0
agent_os/integrations/maf_adapter.py +631 -0
agent_os/integrations/mistral_adapter.py +365 -0
agent_os/integrations/openai_adapter.py +816 -0
agent_os/integrations/openai_agents_sdk.py +406 -0
agent_os/integrations/policy_compose.py +171 -0
agent_os/integrations/profiling.py +144 -0
agent_os/integrations/pydantic_ai_adapter.py +420 -0
agent_os/integrations/rate_limiter.py +130 -0
agent_os/integrations/rbac.py +143 -0
agent_os/integrations/registry.py +113 -0
agent_os/integrations/scope_guard.py +303 -0
agent_os/integrations/semantic_kernel_adapter.py +769 -0
agent_os/integrations/smolagents_adapter.py +629 -0
agent_os/integrations/templates.py +178 -0
agent_os/integrations/token_budget.py +134 -0
agent_os/integrations/tool_aliases.py +190 -0
agent_os/integrations/webhooks.py +177 -0
agent_os/lite.py +208 -0
agent_os/mcp_gateway.py +385 -0
agent_os/mcp_message_signer.py +273 -0
agent_os/mcp_protocols.py +161 -0
agent_os/mcp_response_scanner.py +232 -0
agent_os/mcp_security.py +924 -0
agent_os/mcp_session_auth.py +231 -0
agent_os/mcp_sliding_rate_limiter.py +184 -0
agent_os/memory_guard.py +409 -0
agent_os/metrics.py +134 -0
agent_os/mute.py +428 -0
agent_os/mute_agent.py +209 -0
agent_os/policies/__init__.py +77 -0
agent_os/policies/async_evaluator.py +275 -0
agent_os/policies/backends.py +670 -0
agent_os/policies/bridge.py +169 -0
agent_os/policies/budget.py +85 -0
agent_os/policies/cli.py +294 -0
agent_os/policies/conflict_resolution.py +270 -0
agent_os/policies/data_classification.py +252 -0
agent_os/policies/evaluator.py +239 -0
agent_os/policies/policy_schema.json +228 -0
agent_os/policies/rate_limiting.py +145 -0
agent_os/policies/schema.py +115 -0
agent_os/policies/shared.py +331 -0
agent_os/prompt_injection.py +694 -0
agent_os/providers.py +182 -0
agent_os/py.typed +0 -0
agent_os/retry.py +81 -0
agent_os/reversibility.py +251 -0
agent_os/sandbox.py +432 -0
agent_os/sandbox_provider.py +140 -0
agent_os/secure_codegen.py +525 -0
agent_os/security_skills.py +538 -0
agent_os/semantic_policy.py +422 -0
agent_os/server/__init__.py +15 -0
agent_os/server/__main__.py +25 -0
agent_os/server/app.py +277 -0
agent_os/server/models.py +104 -0
agent_os/shift_left_metrics.py +130 -0
agent_os/stateless.py +742 -0
agent_os/supervisor.py +148 -0
agent_os/task_outcome.py +148 -0
agent_os/transparency.py +181 -0
agent_os/trust_root.py +128 -0
agent_os_kernel-3.1.0.dist-info/METADATA +1269 -0
agent_os_kernel-3.1.0.dist-info/RECORD +337 -0
agent_os_kernel-3.1.0.dist-info/WHEEL +4 -0
agent_os_kernel-3.1.0.dist-info/entry_points.txt +2 -0
agent_os_kernel-3.1.0.dist-info/licenses/LICENSE +21 -0
agent_os_observability/__init__.py +27 -0
agent_os_observability/dashboards.py +898 -0
agent_os_observability/metrics.py +398 -0
agent_os_observability/server.py +223 -0
agent_os_observability/tracer.py +232 -0
agent_primitives/__init__.py +24 -0
agent_primitives/failures.py +84 -0
agent_primitives/py.typed +0 -0
amb_core/__init__.py +177 -0
amb_core/adapters/__init__.py +57 -0
amb_core/adapters/aws_sqs_broker.py +376 -0
amb_core/adapters/azure_servicebus_broker.py +340 -0
amb_core/adapters/kafka_broker.py +260 -0
amb_core/adapters/nats_broker.py +285 -0
amb_core/adapters/rabbitmq_broker.py +235 -0
amb_core/adapters/redis_broker.py +262 -0
amb_core/broker.py +145 -0
amb_core/bus.py +481 -0
amb_core/cloudevents.py +509 -0
amb_core/dlq.py +345 -0
amb_core/hf_utils.py +536 -0
amb_core/memory_broker.py +410 -0
amb_core/models.py +141 -0
amb_core/persistence.py +529 -0
amb_core/schema.py +294 -0
amb_core/tracing.py +358 -0
atr/__init__.py +640 -0
atr/access.py +348 -0
atr/composition.py +645 -0
atr/decorator.py +357 -0
atr/executor.py +384 -0
atr/health.py +557 -0
atr/hf_utils.py +449 -0
atr/injection.py +422 -0
atr/metrics.py +440 -0
atr/policies.py +403 -0
atr/py.typed +2 -0
atr/registry.py +452 -0
atr/schema.py +480 -0
atr/tools/safe/__init__.py +75 -0
atr/tools/safe/calculator.py +467 -0
atr/tools/safe/datetime_tool.py +443 -0
atr/tools/safe/file_reader.py +402 -0
atr/tools/safe/http_client.py +316 -0
atr/tools/safe/json_parser.py +374 -0
atr/tools/safe/text_tool.py +537 -0
atr/tools/safe/toolkit.py +175 -0
caas/__init__.py +162 -0
caas/api/__init__.py +7 -0
caas/api/server.py +1328 -0
caas/caching.py +834 -0
caas/cli.py +210 -0
caas/conversation.py +223 -0
caas/decay.py +72 -0
caas/detection/__init__.py +9 -0
caas/detection/detector.py +238 -0
caas/enrichment.py +130 -0
caas/gateway/__init__.py +27 -0
caas/gateway/trust_gateway.py +474 -0
caas/hf_utils.py +479 -0
caas/ingestion/__init__.py +23 -0
caas/ingestion/processors.py +253 -0
caas/ingestion/structure_parser.py +188 -0
caas/models.py +356 -0
caas/pragmatic_truth.py +444 -0
caas/routing/__init__.py +10 -0
caas/routing/heuristic_router.py +58 -0
caas/storage/__init__.py +9 -0
caas/storage/store.py +389 -0
caas/triad.py +213 -0
caas/tuning/__init__.py +9 -0
caas/tuning/tuner.py +329 -0
caas/vfs/__init__.py +14 -0
caas/vfs/filesystem.py +452 -0
cmvk/__init__.py +218 -0
cmvk/audit.py +402 -0
cmvk/benchmarks.py +478 -0
cmvk/constitutional.py +904 -0
cmvk/hf_utils.py +301 -0
cmvk/metrics.py +473 -0
cmvk/profiles.py +300 -0
cmvk/py.typed +0 -0
cmvk/types.py +12 -0
cmvk/verification.py +956 -0
emk/__init__.py +89 -0
emk/causal.py +352 -0
emk/hf_utils.py +421 -0
emk/indexer.py +83 -0
emk/py.typed +0 -0
emk/schema.py +204 -0
emk/sleep_cycle.py +347 -0
emk/store.py +281 -0
iatp/__init__.py +166 -0
iatp/attestation.py +461 -0
iatp/cli.py +317 -0
iatp/hf_utils.py +472 -0
iatp/ipc_pipes.py +580 -0
iatp/main.py +412 -0
iatp/models/__init__.py +447 -0
iatp/policy_engine.py +337 -0
iatp/py.typed +2 -0
iatp/recovery.py +321 -0
iatp/security/__init__.py +270 -0
iatp/sidecar/__init__.py +519 -0
iatp/telemetry/__init__.py +164 -0
iatp/tests/__init__.py +1 -0
iatp/tests/test_attestation.py +370 -0
iatp/tests/test_cli.py +131 -0
iatp/tests/test_ed25519_attestation.py +211 -0
iatp/tests/test_models.py +130 -0
iatp/tests/test_policy_engine.py +347 -0
iatp/tests/test_recovery.py +281 -0
iatp/tests/test_security.py +222 -0
iatp/tests/test_sidecar.py +167 -0
iatp/tests/test_telemetry.py +175 -0
mcp_kernel_server/__init__.py +28 -0
mcp_kernel_server/cli.py +274 -0
mcp_kernel_server/resources.py +217 -0
mcp_kernel_server/server.py +564 -0
mcp_kernel_server/tools.py +1174 -0
mute_agent/__init__.py +68 -0
mute_agent/core/__init__.py +1 -0
mute_agent/core/execution_agent.py +166 -0
mute_agent/core/handshake_protocol.py +201 -0
mute_agent/core/reasoning_agent.py +238 -0
mute_agent/knowledge_graph/__init__.py +1 -0
mute_agent/knowledge_graph/graph_elements.py +65 -0
mute_agent/knowledge_graph/multidimensional_graph.py +170 -0
mute_agent/knowledge_graph/subgraph.py +224 -0
mute_agent/listener/__init__.py +43 -0
mute_agent/listener/adapters/__init__.py +31 -0
mute_agent/listener/adapters/base_adapter.py +189 -0
mute_agent/listener/adapters/caas_adapter.py +344 -0
mute_agent/listener/adapters/control_plane_adapter.py +436 -0
mute_agent/listener/adapters/iatp_adapter.py +332 -0
mute_agent/listener/adapters/scak_adapter.py +251 -0
mute_agent/listener/listener.py +610 -0
mute_agent/listener/state_observer.py +436 -0
mute_agent/listener/threshold_config.py +313 -0
mute_agent/super_system/__init__.py +1 -0
mute_agent/super_system/router.py +204 -0
mute_agent/visualization/__init__.py +10 -0
mute_agent/visualization/graph_debugger.py +502 -0
nexus/README.md +60 -0
nexus/__init__.py +51 -0
nexus/arbiter.py +359 -0
nexus/client.py +466 -0
nexus/dmz.py +444 -0
nexus/escrow.py +430 -0
nexus/exceptions.py +286 -0
nexus/pyproject.toml +36 -0
nexus/registry.py +393 -0
nexus/reputation.py +425 -0
nexus/schemas/__init__.py +51 -0
nexus/schemas/compliance.py +276 -0
nexus/schemas/escrow.py +251 -0
nexus/schemas/manifest.py +225 -0
nexus/schemas/receipt.py +208 -0
nexus/tests/__init__.py +0 -0
nexus/tests/conftest.py +146 -0
nexus/tests/test_arbiter.py +192 -0
nexus/tests/test_dmz.py +194 -0
nexus/tests/test_escrow.py +276 -0
nexus/tests/test_exceptions.py +225 -0
nexus/tests/test_registry.py +232 -0
nexus/tests/test_reputation.py +328 -0
nexus/tests/test_schemas.py +295 -0

mute_agent/listener/listener.py ADDED Viewed

@@ -0,0 +1,610 @@
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+"""
+Listener Agent - Layer 5 Reference Implementation
+The Listener Agent is a passive observer that monitors graph states
+without interfering until configured thresholds are exceeded.
+Architecture:
+- Consolidates: agent-control-plane, scak, iatp, caas
+- Pattern: Observer with threshold-based intervention
+- Principle: Monitor passively, intervene only when necessary
+This module is pure wiring - it delegates to lower layers:
+- Knowledge graph operations → scak (intelligence layer)
+- Security validation → iatp (security layer)
+- Context management → caas (context layer)
+- Base orchestration → agent-control-plane
+"""
+from typing import Dict, Any, Optional, List, Callable
+from dataclasses import dataclass, field
+from datetime import datetime, timedelta
+from enum import Enum, auto
+import threading
+import time
+from collections import deque
+from ..knowledge_graph.multidimensional_graph import MultidimensionalKnowledgeGraph
+from ..core.handshake_protocol import HandshakeProtocol, HandshakeSession, HandshakeState
+from ..core.reasoning_agent import ReasoningAgent
+from ..core.execution_agent import ExecutionAgent
+from ..super_system.router import SuperSystemRouter
+from .threshold_config import (
+    ThresholdConfig,
+    ThresholdType,
+    InterventionLevel,
+    ThresholdRule,
+    DEFAULT_THRESHOLDS,
+)
+from .state_observer import StateObserver, ObservationResult
+class ListenerState(Enum):
+    """States of the Listener Agent."""
+    # Not actively observing
+    IDLE = "idle"
+    # Passively observing - no intervention
+    OBSERVING = "observing"
+    # Detected threshold breach - evaluating response
+    EVALUATING = "evaluating"
+    # Actively intervening
+    INTERVENING = "intervening"
+    # Intervention complete, returning to observation
+    RECOVERING = "recovering"
+    # Stopped - not operational
+    STOPPED = "stopped"
+@dataclass
+class InterventionEvent:
+    """
+    Record of a Listener intervention.
+    This provides an audit trail of when and why the Listener
+    transitioned from passive observation to active intervention.
+    """
+    event_id: str
+    timestamp: datetime
+    triggered_rules: List[ThresholdRule]
+    intervention_level: InterventionLevel
+    metrics_snapshot: Dict[str, float]
+    context: Dict[str, Any]
+    action_taken: str
+    outcome: Optional[str] = None
+    duration_ms: Optional[float] = None
+@dataclass
+class ListenerConfig:
+    """Configuration for the Listener Agent."""
+    # Threshold configuration
+    thresholds: ThresholdConfig = field(default_factory=lambda: DEFAULT_THRESHOLDS)
+    # Observation settings
+    observation_interval_seconds: float = 1.0
+    max_observation_history: int = 1000
+    # Intervention settings
+    auto_intervention: bool = True
+    require_confirmation: bool = False
+    max_interventions_per_minute: int = 10
+    # Recovery settings
+    recovery_observation_count: int = 5
+    recovery_success_threshold: float = 0.8
+class ListenerAgent:
+    """
+    Layer 5 Reference Implementation: The Listener Agent
+    A passive observer that monitors graph states and only intervenes
+    when configured thresholds are exceeded.
+    Design Principles:
+    1. Passive by default - observe without interference
+    2. Threshold-driven intervention - clear, configurable triggers
+    3. Minimal footprint - delegate to lower layers
+    4. Full audit trail - every intervention is logged
+    Usage:
+        ```python
+        # Create core components
+        kg = MultidimensionalKnowledgeGraph()
+        protocol = HandshakeProtocol()
+        router = SuperSystemRouter(kg)
+        # Create and start listener
+        listener = ListenerAgent(kg, protocol, router)
+        listener.start()
+        # Listener now monitors passively...
+        # When thresholds are exceeded, it intervenes automatically
+        # Stop when done
+        listener.stop()
+        ```
+    """
+    def __init__(
+        self,
+        knowledge_graph: MultidimensionalKnowledgeGraph,
+        protocol: HandshakeProtocol,
+        router: SuperSystemRouter,
+        config: Optional[ListenerConfig] = None,
+        # Optional lower-layer adapters
+        security_adapter: Optional[Any] = None,  # iatp adapter
+        context_adapter: Optional[Any] = None,   # caas adapter
+    ):
+        """
+        Initialize the Listener Agent.
+        Args:
+            knowledge_graph: The graph to monitor (via scak)
+            protocol: The handshake protocol to observe
+            router: The super system router
+            config: Listener configuration
+            security_adapter: Optional adapter to iatp security layer
+            context_adapter: Optional adapter to caas context layer
+        """
+        self.knowledge_graph = knowledge_graph
+        self.protocol = protocol
+        self.router = router
+        self.config = config or ListenerConfig()
+        # Lower-layer adapters (for consolidated stack)
+        self._security_adapter = security_adapter
+        self._context_adapter = context_adapter
+        # State observer
+        self.observer = StateObserver(
+            knowledge_graph=knowledge_graph,
+            protocol=protocol,
+            router=router,
+            sample_window_seconds=self.config.thresholds.window_size_seconds,
+        )
+        # Current state
+        self._state = ListenerState.IDLE
+        self._state_lock = threading.Lock()
+        # Observation thread
+        self._observation_thread: Optional[threading.Thread] = None
+        self._stop_event = threading.Event()
+        # Intervention tracking
+        self._interventions: deque = deque(
+            maxlen=self.config.max_observation_history
+        )
+        self._intervention_count_this_minute = 0
+        self._minute_start = datetime.now()
+        self._event_counter = 0
+        # Callbacks
+        self._intervention_callbacks: List[Callable[[InterventionEvent], None]] = []
+        self._state_change_callbacks: List[Callable[[ListenerState, ListenerState], None]] = []
+    @property
+    def state(self) -> ListenerState:
+        """Get current listener state."""
+        with self._state_lock:
+            return self._state
+    def _set_state(self, new_state: ListenerState) -> None:
+        """Set listener state with callback notification."""
+        with self._state_lock:
+            old_state = self._state
+            self._state = new_state
+        # Notify callbacks outside lock
+        for callback in self._state_change_callbacks:
+            try:
+                callback(old_state, new_state)
+            except Exception:
+                pass  # Don't let callback errors affect listener
+    def start(self) -> None:
+        """
+        Start the Listener Agent.
+        Begins passive observation of graph states. The listener will
+        continue observing until stop() is called or an intervention
+        threshold is exceeded.
+        """
+        if self._state != ListenerState.IDLE and self._state != ListenerState.STOPPED:
+            raise RuntimeError(f"Cannot start listener in state {self._state}")
+        self._stop_event.clear()
+        self._set_state(ListenerState.OBSERVING)
+        # Start observation thread
+        self._observation_thread = threading.Thread(
+            target=self._observation_loop,
+            name="ListenerAgent-Observer",
+            daemon=True,
+        )
+        self._observation_thread.start()
+    def stop(self) -> None:
+        """
+        Stop the Listener Agent.
+        Ceases observation and any ongoing intervention.
+        """
+        self._stop_event.set()
+        self._set_state(ListenerState.STOPPED)
+        if self._observation_thread and self._observation_thread.is_alive():
+            self._observation_thread.join(timeout=5.0)
+    def observe_once(self, context: Optional[Dict[str, Any]] = None) -> ObservationResult:
+        """
+        Perform a single observation cycle.
+        This is useful for synchronous observation without starting
+        the background observation loop.
+        Args:
+            context: Optional context to include
+        Returns:
+            ObservationResult from this cycle
+        """
+        return self.observer.observe(context)
+    def evaluate_thresholds(
+        self,
+        observation: ObservationResult
+    ) -> tuple[List[ThresholdRule], InterventionLevel]:
+        """
+        Evaluate observation against configured thresholds.
+        Args:
+            observation: The observation to evaluate
+        Returns:
+            Tuple of (triggered_rules, max_intervention_level)
+        """
+        # Convert observation to threshold metrics
+        threshold_metrics = observation.to_threshold_metrics()
+        # Evaluate against thresholds
+        triggered_rules = self.config.thresholds.evaluate_all(
+            threshold_metrics,
+            context={"observation": observation},
+        )
+        # Get maximum intervention level
+        max_level = self.config.thresholds.get_maximum_intervention_level(
+            triggered_rules
+        )
+        return triggered_rules, max_level
+    def _observation_loop(self) -> None:
+        """Background observation loop."""
+        while not self._stop_event.is_set():
+            try:
+                self._run_observation_cycle()
+            except Exception as e:
+                # Log error but continue observation
+                # In production, this would integrate with logging framework
+                pass
+            # Wait for next observation interval
+            self._stop_event.wait(self.config.observation_interval_seconds)
+    def _run_observation_cycle(self) -> None:
+        """Run a single observation cycle."""
+        # Perform observation
+        observation = self.observer.observe()
+        # Evaluate thresholds
+        triggered_rules, intervention_level = self.evaluate_thresholds(observation)
+        if not triggered_rules:
+            # No thresholds exceeded - continue passive observation
+            return
+        # Thresholds exceeded - evaluate intervention
+        self._set_state(ListenerState.EVALUATING)
+        # Check rate limiting
+        if not self._can_intervene():
+            self._set_state(ListenerState.OBSERVING)
+            return
+        # Determine if intervention is needed based on level
+        if intervention_level == InterventionLevel.OBSERVE:
+            # Log only
+            self._set_state(ListenerState.OBSERVING)
+            return
+        # Perform intervention
+        if self.config.auto_intervention:
+            self._perform_intervention(
+                triggered_rules,
+                intervention_level,
+                observation,
+            )
+        # Return to observation (or recovery)
+        if self._state == ListenerState.INTERVENING:
+            self._set_state(ListenerState.RECOVERING)
+            # In recovery mode, continue observation with heightened awareness
+            self._recovery_check()
+    def _can_intervene(self) -> bool:
+        """Check if intervention is allowed (rate limiting)."""
+        now = datetime.now()
+        # Reset counter if minute has passed
+        if (now - self._minute_start).total_seconds() >= 60:
+            self._intervention_count_this_minute = 0
+            self._minute_start = now
+        return self._intervention_count_this_minute < self.config.max_interventions_per_minute
+    def _perform_intervention(
+        self,
+        triggered_rules: List[ThresholdRule],
+        intervention_level: InterventionLevel,
+        observation: ObservationResult,
+    ) -> InterventionEvent:
+        """
+        Perform an intervention based on triggered rules.
+        This is where the Listener transitions from passive to active.
+        """
+        self._set_state(ListenerState.INTERVENING)
+        start_time = datetime.now()
+        # Generate event ID
+        self._event_counter += 1
+        event_id = f"intervention_{self._event_counter}_{start_time.timestamp()}"
+        # Determine action based on intervention level
+        action_taken = self._determine_action(intervention_level, triggered_rules)
+        # Execute intervention action
+        outcome = self._execute_intervention_action(
+            action_taken,
+            intervention_level,
+            triggered_rules,
+        )
+        # Calculate duration
+        duration_ms = (datetime.now() - start_time).total_seconds() * 1000
+        # Create event record
+        event = InterventionEvent(
+            event_id=event_id,
+            timestamp=start_time,
+            triggered_rules=triggered_rules,
+            intervention_level=intervention_level,
+            metrics_snapshot=observation.derived_metrics.copy(),
+            context={
+                "anomalies": observation.anomalies_detected,
+                "graph_snapshot": observation.graph_snapshot,
+            },
+            action_taken=action_taken,
+            outcome=outcome,
+            duration_ms=duration_ms,
+        )
+        # Store and notify
+        self._interventions.append(event)
+        self._intervention_count_this_minute += 1
+        for callback in self._intervention_callbacks:
+            try:
+                callback(event)
+            except Exception:
+                pass
+        return event
+    def _determine_action(
+        self,
+        level: InterventionLevel,
+        rules: List[ThresholdRule],
+    ) -> str:
+        """Determine intervention action based on level and rules."""
+        if level == InterventionLevel.WARN:
+            return "emit_warning"
+        elif level == InterventionLevel.SOFT_BLOCK:
+            return "require_confirmation"
+        elif level == InterventionLevel.HARD_BLOCK:
+            return "block_pending_actions"
+        elif level == InterventionLevel.EMERGENCY:
+            return "emergency_halt"
+        else:
+            return "observe_only"
+    def _execute_intervention_action(
+        self,
+        action: str,
+        level: InterventionLevel,
+        rules: List[ThresholdRule],
+    ) -> str:
+        """
+        Execute the determined intervention action.
+        This is where we wire together the lower layers:
+        - Use iatp for security-related interventions
+        - Use caas to update context
+        - Use agent-control-plane for action blocking
+        """
+        if action == "emit_warning":
+            # Log warning - in production, integrate with alerting system
+            return f"Warning emitted for {len(rules)} triggered rules"
+        elif action == "require_confirmation":
+            # Mark pending sessions as requiring confirmation
+            pending_blocked = 0
+            for session_id, session in self.protocol.sessions.items():
+                if session.state in [HandshakeState.VALIDATED, HandshakeState.ACCEPTED]:
+                    session.metadata["requires_confirmation"] = True
+                    session.metadata["confirmation_reason"] = (
+                        f"Threshold breach: {[r.description for r in rules]}"
+                    )
+                    pending_blocked += 1
+            return f"Soft block applied to {pending_blocked} pending sessions"
+        elif action == "block_pending_actions":
+            # Reject all pending sessions
+            blocked = 0
+            for session_id, session in list(self.protocol.sessions.items()):
+                if session.state in [HandshakeState.INITIATED, HandshakeState.NEGOTIATING,
+                                    HandshakeState.VALIDATED, HandshakeState.ACCEPTED]:
+                    self.protocol.reject_proposal(
+                        session_id,
+                        reason=f"Listener intervention: {level.value}"
+                    )
+                    blocked += 1
+            return f"Hard block applied, {blocked} sessions rejected"
+        elif action == "emergency_halt":
+            # Emergency halt - reject all and set protective state
+            halted = 0
+            for session_id, session in list(self.protocol.sessions.items()):
+                if session.state != HandshakeState.COMPLETED:
+                    try:
+                        self.protocol.reject_proposal(
+                            session_id,
+                            reason="EMERGENCY: System halt by Listener"
+                        )
+                        halted += 1
+                    except ValueError:
+                        pass  # Session may already be in terminal state
+            # If security adapter available, notify it
+            if self._security_adapter:
+                try:
+                    self._security_adapter.emergency_alert(
+                        reason="Listener emergency halt",
+                        triggered_rules=[r.description for r in rules],
+                    )
+                except Exception:
+                    pass
+            return f"Emergency halt: {halted} sessions terminated"
+        return "No action taken"
+    def _recovery_check(self) -> None:
+        """
+        Check if system has recovered after intervention.
+        Performs additional observations to verify system stability
+        before returning to normal observation.
+        """
+        success_count = 0
+        for _ in range(self.config.recovery_observation_count):
+            if self._stop_event.is_set():
+                break
+            observation = self.observer.observe()
+            triggered_rules, level = self.evaluate_thresholds(observation)
+            # Check if we're back to safe levels
+            if level in [InterventionLevel.OBSERVE, InterventionLevel.WARN]:
+                success_count += 1
+            time.sleep(self.config.observation_interval_seconds)
+        # Calculate recovery success rate
+        success_rate = success_count / self.config.recovery_observation_count
+        if success_rate >= self.config.recovery_success_threshold:
+            self._set_state(ListenerState.OBSERVING)
+        else:
+            # Still unstable - may need additional intervention
+            self._set_state(ListenerState.EVALUATING)
+    # === Public API for external integration ===
+    def register_intervention_callback(
+        self,
+        callback: Callable[[InterventionEvent], None]
+    ) -> None:
+        """Register a callback to be notified of interventions."""
+        self._intervention_callbacks.append(callback)
+    def register_state_change_callback(
+        self,
+        callback: Callable[[ListenerState, ListenerState], None]
+    ) -> None:
+        """Register a callback to be notified of state changes."""
+        self._state_change_callbacks.append(callback)
+    def get_intervention_history(
+        self,
+        count: Optional[int] = None
+    ) -> List[InterventionEvent]:
+        """Get recent intervention events."""
+        events = list(self._interventions)
+        if count is not None:
+            events = events[-count:]
+        return events
+    def get_statistics(self) -> Dict[str, Any]:
+        """Get listener statistics."""
+        observation_history = self.observer.get_observation_history()
+        return {
+            "state": self._state.value,
+            "total_observations": len(observation_history),
+            "total_interventions": len(self._interventions),
+            "interventions_this_minute": self._intervention_count_this_minute,
+            "active_thresholds": len(self.config.thresholds.rules),
+            "enabled_thresholds": sum(
+                1 for r in self.config.thresholds.rules.values() if r.enabled
+            ),
+            "observer_baselines": len(self.observer._baselines),
+        }
+    def update_threshold(
+        self,
+        threshold_type: ThresholdType,
+        new_value: float
+    ) -> None:
+        """Update a threshold value at runtime."""
+        rule = self.config.thresholds.get_rule(threshold_type)
+        if rule:
+            rule.value = new_value
+    def enable_threshold(self, threshold_type: ThresholdType) -> None:
+        """Enable a threshold rule."""
+        self.config.thresholds.enable_rule(threshold_type)
+    def disable_threshold(self, threshold_type: ThresholdType) -> None:
+        """Disable a threshold rule."""
+        self.config.thresholds.disable_rule(threshold_type)
+    def calibrate(self, observation_count: int = 10) -> None:
+        """
+        Calibrate baselines during known-good operation.
+        Call this during normal operation to establish baseline
+        metrics for anomaly detection.
+        """
+        # Collect observations
+        for _ in range(observation_count):
+            self.observer.observe()
+            time.sleep(self.config.observation_interval_seconds)
+        # Calibrate observer baselines
+        self.observer.calibrate_baselines(observation_count)