Files
yao-meta-skill/scripts/world_class_native_permission_evidence.py
YAO 31ce04c655 Split meta skill CLI and review gates
Merge the beta-ready Yao Meta Skill architecture, report, evidence gate, and release-boundary updates.\n\nRelease boundary: beta/public testing is allowed; formal world-class, fully reviewed, or superiority claims remain blocked until the pending evidence gates are accepted.
2026-06-17 18:43:02 +08:00

158 lines
7.5 KiB
Python

#!/usr/bin/env python3
from typing import Any
from output_review_privacy import forbidden_decision_field_paths
SCRIPT_INTERFACE = "internal-module"
SCRIPT_INTERFACE_REASON = "Imported by world_class_evidence_contract.py to validate runtime permission evidence from target-level probe rows."
def add_error(errors: list[str], condition: bool, message: str) -> None:
if not condition:
errors.append(message)
def real_int(value: Any) -> int | None:
return value if isinstance(value, int) and not isinstance(value, bool) else None
def object_list(value: Any) -> list[dict[str, Any]]:
return [item for item in value if isinstance(item, dict)] if isinstance(value, list) else []
def sorted_strings(value: Any) -> list[str]:
return sorted(str(item) for item in value) if isinstance(value, list) else []
def validate_no_raw_fields(payload: dict[str, Any], label: str, errors: list[str]) -> None:
blocked = forbidden_decision_field_paths(payload, label)
add_error(
errors,
not blocked,
f"native-permission-enforcement {label} must not include raw content, credential, secret, token, prompt, output, transcript, message, or answer-key fields: "
+ ", ".join(blocked[:8]),
)
def validate_target_rows(probes: dict[str, Any], summary: dict[str, Any], errors: list[str]) -> None:
targets = object_list(probes.get("targets", []))
target_count = real_int(summary.get("target_count"))
native_count = real_int(summary.get("native_enforcement_count"))
fail_count = real_int(summary.get("fail_count"))
expected_capabilities = sorted_strings(probes.get("expected_capabilities"))
add_error(errors, bool(targets), "native-permission-enforcement runtime probe targets must not be empty")
if target_count is not None:
add_error(errors, len(targets) == target_count, "native-permission-enforcement runtime probe targets length must equal summary.target_count")
add_error(errors, fail_count == 0, "native-permission-enforcement runtime probe summary.fail_count must be 0")
observed_native = 0
for index, target in enumerate(targets, start=1):
target_name = str(target.get("target", "")).strip() or str(index)
add_error(errors, target.get("status") == "pass", f"native-permission-enforcement target {target_name} status must be pass")
add_error(errors, not target.get("failures"), f"native-permission-enforcement target {target_name} failures must be empty")
checks = object_list(target.get("checks", []))
add_error(errors, bool(checks), f"native-permission-enforcement target {target_name} checks must not be empty")
add_error(
errors,
all(item.get("passed") is True for item in checks),
f"native-permission-enforcement target {target_name} checks must all pass",
)
native = target.get("native_enforcement") is True
if native:
observed_native += 1
add_error(
errors,
target.get("assurance") == "native-enforced",
f"native-permission-enforcement target {target_name} assurance must be native-enforced",
)
else:
add_error(
errors,
target.get("metadata_fallback_explicit") is True,
f"native-permission-enforcement fallback target {target_name} must keep metadata_fallback_explicit true",
)
add_error(
errors,
bool(target.get("residual_risks")),
f"native-permission-enforcement fallback target {target_name} must retain residual risks",
)
if expected_capabilities:
add_error(
errors,
sorted_strings(target.get("declared_capabilities")) == expected_capabilities,
f"native-permission-enforcement target {target_name} declared_capabilities must match expected_capabilities",
)
installer = target.get("installer_enforcement", {}) if isinstance(target.get("installer_enforcement"), dict) else {}
add_error(
errors,
installer.get("enforced") is True,
f"native-permission-enforcement target {target_name} installer_enforcement.enforced must be true",
)
add_error(
errors,
not installer.get("missing_capabilities"),
f"native-permission-enforcement target {target_name} installer_enforcement missing_capabilities must be empty",
)
add_error(
errors,
not installer.get("failure_details"),
f"native-permission-enforcement target {target_name} installer_enforcement failure_details must be empty",
)
add_error(errors, bool(native_count and observed_native == native_count), "native-permission-enforcement native target rows must match summary.native_enforcement_count")
add_error(errors, observed_native > 0, "native-permission-enforcement must include at least one native-enforced target row")
def validate_install_simulation_report(install: dict[str, Any], errors: list[str]) -> None:
summary = install.get("summary", {}) if isinstance(install.get("summary", {}), dict) else {}
validate_no_raw_fields(install, "install_simulation", errors)
add_error(errors, install.get("ok") is True, "native-permission-enforcement install simulation report ok must be true")
add_error(
errors,
bool(real_int(summary.get("installer_permission_enforced_count")) and summary["installer_permission_enforced_count"] > 0),
"native-permission-enforcement install simulation summary.installer_permission_enforced_count must be >0",
)
add_error(
errors,
summary.get("installer_permission_failure_count") == 0,
"native-permission-enforcement install simulation summary.installer_permission_failure_count must be 0",
)
add_error(errors, summary.get("failure_count") == 0, "native-permission-enforcement install simulation summary.failure_count must be 0")
permission_checks = [
item
for item in object_list(install.get("checks", []))
if str(item.get("id", "")).startswith("permission-") and str(item.get("id", "")).endswith(("-approved", "-target-enforcement"))
]
if permission_checks:
add_error(
errors,
all(item.get("status") == "pass" for item in permission_checks),
"native-permission-enforcement install simulation permission checks must all pass",
)
def validate_native_permission_report(probes: dict[str, Any], install: dict[str, Any], errors: list[str]) -> None:
summary = probes.get("summary", {}) if isinstance(probes.get("summary", {}), dict) else {}
validate_no_raw_fields(probes, "runtime_permission_probes", errors)
add_error(errors, probes.get("ok") is True, "native-permission-enforcement runtime probe report ok must be true")
add_error(
errors,
bool(real_int(summary.get("native_enforcement_count")) and summary["native_enforcement_count"] > 0),
"native-permission-enforcement runtime probe summary.native_enforcement_count must be >0",
)
add_error(
errors,
summary.get("failure_count") == 0,
"native-permission-enforcement runtime probe summary.failure_count must be 0",
)
add_error(
errors,
summary.get("installer_enforcement_ready") is True,
"native-permission-enforcement runtime probe summary.installer_enforcement_ready must be true",
)
validate_target_rows(probes, summary, errors)
if install:
validate_install_simulation_report(install, errors)