consent-engine 0.1.0__tar.gz

consent_engine-0.1.0/.claude/skills/consent-audit/SKILL.md

@@ -0,0 +1,65 @@
+---
+name: consent-audit
+description: Run a forensic consent-compliance audit on a URL. Use whenever the user asks to audit, check, or scan a website for consent / cookie / CMP / CCPA / GDPR / privacy compliance. Captures every network request, classifies violations against the lawsuit-surge wiki, produces an HTML report + Marp deck + JSON audit result + evidence log.
+---
+
+# consent-audit
+
+A Claude Code skill that drives the `consent-engine` Python package to run a
+forensic consent-compliance audit and explain the results.
+
+## When to invoke
+
+Any of these:
+- "Audit https://example.com for consent compliance"
+- "Run a consent check on <url>"
+- "Why is <vendor> firing on <url> after reject?"
+- "Is this site CCPA / GDPR compliant?"
+- "Generate a forensic report for this site"
+
+## How to run it
+
+```bash
+uvx consent-engine audit <url> --output-dir ./consent-audits
+```
+
+Output bundle: `./consent-audits/<audit_id>/`
+- `report.html` — full forensic report with network evidence, vendor
+  lookups, legal exposure estimates, and remediation roadmap
+- `audit_result.json` — structured Pydantic model
+- `evidence.jsonl` — every captured network request (timestamped)
+- `deck.marp.md` — client-ready slide deck
+
+## Interpreting findings
+
+| Severity | What to do |
+|---|---|
+| **Definitive violation (S3)** | Tag fired after explicit reject. Quote the audit_id, evidence line, and legal exposure ($7,500 CCPA, $5,000 CIPA per event). Remediate this week. |
+| **Server-side bypass** | sSGTM detected in front of analytics. Client-side enforcement cannot block it. Architectural risk. Brief engineering. |
+| **Inconclusive (S2)** | Tag fired in ambiguous consent state. Re-run with S3 methodology before reporting. |
+| **Warning** | Configuration drift, deprecated tags, or compliance edge cases. Track. |
+
+## Follow-up questions to support
+
+- "Why did <vendor> fire?" → invoke `consent-engine chat <audit_id>` or call
+  the `consent-engine-mcp` `query_evidence` tool with `host_contains` set.
+- "What's the financial exposure?" → read the `legal_exposure` block in
+  `audit_result.json`.
+- "How do I remediate?" → read the `remediation` section in `report.html`
+  and cross-reference `data/wiki/technical/` pages.
+
+## Thorough audit sequence
+
+For high-stakes audits (regulated industry, healthcare, post-demand-letter):
+
+1. Audit with consent in **reject** (default S3 methodology).
+2. Audit with consent in **accept** — confirms the CMP toggles tags as
+   expected.
+3. Audit with GPC set (`Sec-GPC: 1`) — confirms Global Privacy Control
+   honored.
+4. Re-audit weekly for 90 days post-remediation. Drift is real.
+
+## Source
+
+[github.com/kb223/consent-engine](https://github.com/kb223/consent-engine).
+MIT license. Built by Kenneth Buchanan.

consent_engine-0.1.0/.github/workflows/ci.yml

@@ -0,0 +1,38 @@
+name: CI
+
+on:
+  pull_request:
+  push:
+    branches: [main]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v4
+        with:
+          version: "latest"
+
+      - name: Set up Python
+        run: uv python install 3.12
+
+      - name: Install dependencies
+        run: uv sync --group dev
+
+      - name: Lint with ruff
+        run: uv run ruff check src/
+
+      - name: Type check with mypy
+        run: uv run mypy src/ || true   # warnings, not failures, on first public release
+
+      - name: Install Playwright browsers
+        run: uv run playwright install chromium --with-deps
+
+      - name: Run tests
+        run: uv run pytest tests/ -v --tb=short
+        env:
+          ANTHROPIC_API_KEY: "test-key"
+          OPENAI_API_KEY: "test-key"

consent_engine-0.1.0/.github/workflows/release.yml

@@ -0,0 +1,87 @@
+name: Release
+
+# Publishes consent-engine to PyPI on every pushed tag matching v*.
+# Uses PyPI Trusted Publishing — no API token needed; auth is via GitHub
+# OIDC. One-time setup on PyPI: https://docs.pypi.org/trusted-publishers/
+#
+# To release:
+#   1. Bump version in src/consent_engine/__init__.py + pyproject.toml
+#   2. Update CHANGELOG.md
+#   3. git tag v0.1.0 && git push --tags
+#   4. This workflow builds, attests, and publishes the wheel + sdist
+#   5. A GitHub Release is created from the tag automatically
+
+on:
+  push:
+    tags:
+      - "v*"
+
+permissions:
+  contents: write       # to create the GitHub Release
+  id-token: write       # PyPI Trusted Publishing OIDC
+
+jobs:
+  build:
+    name: Build distributions
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v4
+        with:
+          version: "latest"
+
+      - name: Set up Python
+        run: uv python install 3.12
+
+      - name: Build wheel + sdist
+        run: uv build
+
+      - name: Show artifacts
+        run: ls -la dist/
+
+      - uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/
+
+  publish-pypi:
+    name: Publish to PyPI
+    needs: build
+    runs-on: ubuntu-latest
+    environment:
+      name: pypi
+      url: https://pypi.org/p/consent-engine
+    steps:
+      - uses: actions/download-artifact@v4
+        with:
+          name: dist
+          path: dist/
+
+      - name: Publish via Trusted Publisher
+        uses: pypa/gh-action-pypi-publish@release/v1
+        # No `password:` — OIDC handles auth.
+
+  github-release:
+    name: Create GitHub Release
+    needs: publish-pypi
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/download-artifact@v4
+        with:
+          name: dist
+          path: dist/
+
+      - name: Create release + attach artifacts
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          gh release create "${GITHUB_REF_NAME}" \
+            --title "consent-engine ${GITHUB_REF_NAME}" \
+            --notes-from-tag \
+            --verify-tag \
+            dist/*.whl \
+            dist/*.tar.gz

consent_engine-0.1.0/.gitignore

@@ -0,0 +1,30 @@
+# Python
+__pycache__/
+*.py[cod]
+*.egg-info/
+.venv/
+.pytest_cache/
+.mypy_cache/
+.ruff_cache/
+
+# Audit outputs (transient)
+out/
+.tmp/
+
+# Local env
+.env
+.env.local
+
+# IDE
+.vscode/
+.idea/
+*.swp
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Build artifacts
+build/
+dist/
+*.egg

consent_engine-0.1.0/AGENTS.md

@@ -0,0 +1,79 @@
+# consent-engine — agent instructions
+
+> Public OSS repo. The full forensic engine. See `README.md` for the user-
+> facing pitch and `docs/scenarios.md` for the system flow.
+
+## Project purpose
+
+Forensic audit tool that compares cookie + tag enforcement against user
+consent preferences. Built for enterprises facing privacy-litigation
+demand letters.
+
+## Architecture
+
+- **Deterministic** by design. Decisions made at build time, not runtime.
+- 8 independently testable tools in `src/consent_engine/tools/`.
+- LLM scoped to executive-summary generation only, behind a LiteLLM wrapper.
+- Knowledge base is markdown (`data/wiki/`). No vector DB, no embeddings.
+- Vendor library is JSON (`data/vendor_library/vendors.json`) + the Open
+  Cookie Database CSV.
+
+## Domain context
+
+- OneTrust categories: C0001 (essential), C0002 (analytics), C0003
+  (functional), C0004 (targeting).
+- OneTrust data layer variable: `OnetrustActiveGroups`.
+- S2 = post-opt-out without page reload = INCONCLUSIVE. Never definitive.
+- S3 = fresh browser context with consent pre-set = DEFINITIVE.
+- GCS=G100 in a network request = Advanced Consent Mode active (Basic
+  blocks entirely).
+- Server-side GTM cannot be blocked by client-side enforcement snippets.
+- GPC (Sec-GPC: 1) signal cannot be forwarded to server-side containers.
+
+## Commands
+
+- Install: `uv sync`
+- CLI: `uv run consent-engine audit <url>`
+- API: `uv run uvicorn consent_engine.api:app --reload`
+- MCP server: `uv run consent-engine-mcp`
+- Test: `uv run pytest tests/ -v`
+- Lint: `uv run ruff check src/`
+- Type check: `uv run mypy src/`
+- Evals: `uv run python evals/run_evals.py`
+
+## When the user wants to audit a URL
+
+Use the CLI directly (`uv run consent-engine audit <url>`) or call the
+underlying tools. Output bundle lands in `./out/<audit_id>/` with
+`report.html`, `audit_result.json`, `evidence.jsonl`, `deck.marp.md`.
+
+## When the user wants to query a prior audit
+
+Use `consent-engine chat <audit_id>` or, if working through MCP, the
+`query_evidence` tool against the audit_id. The evidence.jsonl has every
+captured network request — grounding for follow-ups.
+
+## When adding knowledge
+
+Knowledge lives in `data/wiki/` as markdown. Add a new page, update
+`data/wiki/index.md`, ensure `tool_07_rag_retriever.py` knows which
+findings should retrieve it.
+
+## When adding a vendor
+
+Two paths:
+- Legally-annotated, lawsuit-relevant: edit
+  `data/vendor_library/vendors.json` (priority).
+- Standard, well-known: edit the Open Cookie DB CSV in the same folder.
+
+## When adding an eval case
+
+`evals/cases/NNN-<slug>.yaml`. Run
+`uv run python evals/run_evals.py --add-baseline evals/cases/NNN-<slug>.yaml`
+once to populate the expected block from current behavior.
+
+## Voice
+
+Public-facing docs and report copy: no emojis, no em dashes, no superlatives,
+no marketing-speak. Plain technical English. Audience is engineers, privacy
+officers, and legal counsel.

consent_engine-0.1.0/CHANGELOG.md

@@ -0,0 +1,38 @@
+# Changelog
+
+All notable changes to consent-engine. Format loosely follows
+[Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
+
+## [0.1.0] — 2026-05-16 — initial public release
+
+### Added
+- Eight-tool deterministic audit pipeline:
+  - tool_01 GTM container parser (live interception or JSON upload)
+  - tool_02 violation classifier (S2 inconclusive vs S3 definitive)
+  - tool_03 Playwright browser scanner with consent state pre-set
+  - tool_04 HAR analyzer
+  - tool_05 vendor library lookup (custom + Open Cookie Database)
+  - tool_06 server-side GTM detector
+  - tool_06b out-of-GTM pixel detector
+  - tool_07 markdown wiki retriever (no vector DB)
+  - tool_08 report + Marp deck generator (LLM exec summary only)
+- CLI: `consent-engine audit <url>` + `consent-engine chat <audit_id>`
+- MCP server: `consent-engine-mcp` (Claude Desktop / Code integration)
+- Claude Code skill at `.claude/skills/consent-audit/SKILL.md`
+- Evals harness skeleton at `evals/` with golden-case YAML format
+- Glass-box reporting: every captured network request persisted to
+  `evidence.jsonl` per audit, queryable from CLI + MCP
+- Lawsuit-surge knowledge base page at
+  `data/wiki/enforcement/lawsuit-surge.md`
+- End-to-end scenarios doc at `docs/scenarios.md` with Mermaid diagram
+
+### Design decisions
+- Deterministic by default. LLM scoped to executive-summary generation
+  only. Credit to Fred Pike (MeasureSummit May 2026) for the explicit
+  framing.
+- Markdown wiki replaces vector DB. Karpathy LLM-wiki pattern. Zero
+  embeddings, zero Pinecone, zero fine-tuning. The whole knowledge layer
+  is version-controlled markdown.
+- Multi-tier vendor library: custom legally-annotated entries take
+  precedence, then the Open Cookie Database (~3,200 entries), then
+  flagged for manual review.

consent_engine-0.1.0/CLAUDE.md

@@ -0,0 +1,79 @@
+# consent-engine — agent instructions
+
+> Public OSS repo. The full forensic engine. See `README.md` for the user-
+> facing pitch and `docs/scenarios.md` for the system flow.
+
+## Project purpose
+
+Forensic audit tool that compares cookie + tag enforcement against user
+consent preferences. Built for enterprises facing privacy-litigation
+demand letters.
+
+## Architecture
+
+- **Deterministic** by design. Decisions made at build time, not runtime.
+- 8 independently testable tools in `src/consent_engine/tools/`.
+- LLM scoped to executive-summary generation only, behind a LiteLLM wrapper.
+- Knowledge base is markdown (`data/wiki/`). No vector DB, no embeddings.
+- Vendor library is JSON (`data/vendor_library/vendors.json`) + the Open
+  Cookie Database CSV.
+
+## Domain context
+
+- OneTrust categories: C0001 (essential), C0002 (analytics), C0003
+  (functional), C0004 (targeting).
+- OneTrust data layer variable: `OnetrustActiveGroups`.
+- S2 = post-opt-out without page reload = INCONCLUSIVE. Never definitive.
+- S3 = fresh browser context with consent pre-set = DEFINITIVE.
+- GCS=G100 in a network request = Advanced Consent Mode active (Basic
+  blocks entirely).
+- Server-side GTM cannot be blocked by client-side enforcement snippets.
+- GPC (Sec-GPC: 1) signal cannot be forwarded to server-side containers.
+
+## Commands
+
+- Install: `uv sync`
+- CLI: `uv run consent-engine audit <url>`
+- API: `uv run uvicorn consent_engine.api:app --reload`
+- MCP server: `uv run consent-engine-mcp`
+- Test: `uv run pytest tests/ -v`
+- Lint: `uv run ruff check src/`
+- Type check: `uv run mypy src/`
+- Evals: `uv run python evals/run_evals.py`
+
+## When the user wants to audit a URL
+
+Use the CLI directly (`uv run consent-engine audit <url>`) or call the
+underlying tools. Output bundle lands in `./out/<audit_id>/` with
+`report.html`, `audit_result.json`, `evidence.jsonl`, `deck.marp.md`.
+
+## When the user wants to query a prior audit
+
+Use `consent-engine chat <audit_id>` or, if working through MCP, the
+`query_evidence` tool against the audit_id. The evidence.jsonl has every
+captured network request — grounding for follow-ups.
+
+## When adding knowledge
+
+Knowledge lives in `data/wiki/` as markdown. Add a new page, update
+`data/wiki/index.md`, ensure `tool_07_rag_retriever.py` knows which
+findings should retrieve it.
+
+## When adding a vendor
+
+Two paths:
+- Legally-annotated, lawsuit-relevant: edit
+  `data/vendor_library/vendors.json` (priority).
+- Standard, well-known: edit the Open Cookie DB CSV in the same folder.
+
+## When adding an eval case
+
+`evals/cases/NNN-<slug>.yaml`. Run
+`uv run python evals/run_evals.py --add-baseline evals/cases/NNN-<slug>.yaml`
+once to populate the expected block from current behavior.
+
+## Voice
+
+Public-facing docs and report copy: no emojis, no em dashes, no superlatives,
+no marketing-speak. Plain technical English. Audience is engineers, privacy
+officers, and legal counsel.

consent_engine-0.1.0/Dockerfile

@@ -0,0 +1,49 @@
+FROM python:3.12-slim
+
+# System deps required by Playwright Chromium
+RUN apt-get update && apt-get install -y \
+    libglib2.0-0 \
+    libnss3 \
+    libnspr4 \
+    libdbus-1-3 \
+    libatk1.0-0 \
+    libatk-bridge2.0-0 \
+    libcups2 \
+    libdrm2 \
+    libxkbcommon0 \
+    libxcomposite1 \
+    libxdamage1 \
+    libxfixes3 \
+    libxrandr2 \
+    libgbm1 \
+    libasound2 \
+    libpango-1.0-0 \
+    libpangocairo-1.0-0 \
+    libcairo2 \
+    libfontconfig1 \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install uv
+COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv
+
+WORKDIR /app
+
+# Install Python dependencies (cached layer)
+COPY pyproject.toml ./
+RUN uv sync --no-dev --no-install-project
+
+# Install Playwright Chromium browser only
+RUN uv run playwright install chromium
+
+# Copy application source
+COPY src/ src/
+COPY data/ data/
+COPY templates/ templates/
+
+ENV PYTHONPATH=/app/src
+
+EXPOSE 8080
+
+# Default: HTTP API. Use `docker run consent-engine consent-engine audit <url>`
+# for CLI mode.
+CMD ["uv", "run", "uvicorn", "consent_engine.api:app", "--host", "0.0.0.0", "--port", "8080"]

consent_engine-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Kenneth Buchanan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.