feat(P5): IHF Phase 5 complete — agent-assisted distillation

Adds bounded AI support to the IHF governance loop. All AI outputs are attributed (model_ref), reviewable (AgentReviewRecord), and reversible. No autonomous decisions; no silent requirement promotion. - T01: Schema — agent_proposals, agent_review_records, confidence_annotations (migration 1743379200) - T02: AgentProposalsController (index/show/accept/reject, idempotent review guard), global nav "Agent" link - T03: SummarizeClusterAction — Claude API cluster summary on widget show - T04: DraftRequirementAction — AI requirement draft; acceptance creates RequirementCandidate (human-gated) - T05: DetectDuplicatesAction — duplicate_flag proposal on candidate show - T06: DetectPolicySensitivityAction — policy_flag with ConfidenceAnnotations per concern scope - T07: ProposeImplementationAction — impl_proposal from decision show - T08: AgentAuditDashboardAction — autoRefresh; KPI row, unreviewed queue, recent proposals, attribution log matrix - T09: integration tests, SCOPE.md updated, phase5-summary.md, flake.nix adds http-conduit/aeson/string-conversions Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-29 15:54:33 +00:00
parent 1862bb295a
commit 2605c1c977
23 changed files with 1284 additions and 21 deletions
--- a/Application/Helper/Controller.hs
+++ b/Application/Helper/Controller.hs
@@ -5,6 +5,14 @@ import Generated.Types
 import Data.Time.Clock (addUTCTime)
 import Data.List (sortBy)

+-- Phase 5: Anthropic API
+import Network.HTTP.Conduit (newManager, tlsManagerSettings, parseRequest, httpLbs, responseBody, method, requestHeaders, requestBody, RequestBodyLBS(..))
+import Data.Aeson (object, (.=), encode, eitherDecode, Value)
+import Data.Aeson.Lens (key, _String, nth)
+import Control.Lens ((^?))
+import Data.String.Conversions (cs)
+import System.Environment (lookupEnv)
+
 -- Here you can add functions which are available in all your controllers

 -- | Returns the set of widget IDs that are currently in regression.
@@ -68,4 +76,53 @@ widgetCycleCounts candidates requirements decisions deployments =
            [ ()
            | deplTime <- deplTimes
            , any (\c -> c.createdAt > deplTime) widCandidates
-            ]
+            ]
+
+-- | Call the Anthropic Messages API.
+--
+-- Returns the text content of the first content block, or an error message.
+-- API key read from IHP_ANTHROPIC_API_KEY env var.
+-- On any error (missing key, HTTP failure, unexpected JSON) returns Left with a description.
+callClaudeApi
+    :: Text   -- ^ system prompt
+    -> Text   -- ^ user message
+    -> Int    -- ^ max_tokens
+    -> IO (Either Text Text)
+callClaudeApi systemPrompt userMessage maxTokens = do
+    mApiKey <- lookupEnv "IHP_ANTHROPIC_API_KEY"
+    case mApiKey of
+        Nothing -> pure (Left "IHP_ANTHROPIC_API_KEY is not set")
+        Just apiKey -> do
+            let url = "https://api.anthropic.com/v1/messages"
+            let body = object
+                    [ "model"      .= ("claude-sonnet-4-6" :: Text)
+                    , "max_tokens" .= maxTokens
+                    , "system"     .= systemPrompt
+                    , "messages"   .= [ object
+                            [ "role"    .= ("user" :: Text)
+                            , "content" .= userMessage
+                            ] ]
+                    ]
+            let reqBody = RequestBodyLBS (encode body)
+            manager  <- newManager tlsManagerSettings
+            initReq  <- parseRequest url
+            let req = initReq
+                    { method      = "POST"
+                    , requestHeaders =
+                        [ ("content-type",      "application/json")
+                        , ("x-api-key",         cs apiKey)
+                        , ("anthropic-version", "2023-06-01")
+                        ]
+                    , requestBody = reqBody
+                    }
+            resp <- httpLbs req manager
+            let respBody = responseBody resp
+            case eitherDecode respBody of
+                Left err  -> pure (Left ("JSON parse error: " <> cs err))
+                Right val ->
+                    case val ^? key "content" . nth 0 . key "text" . _String of
+                        Just txt -> pure (Right txt)
+                        Nothing  ->
+                            case val ^? key "error" . key "message" . _String of
+                                Just msg -> pure (Left ("API error: " <> msg))
+                                Nothing  -> pure (Left "Unexpected API response shape")
--- a/Application/Migration/1743379200-ihf-phase5-agent-distillation.sql
+++ b/Application/Migration/1743379200-ihf-phase5-agent-distillation.sql
@@ -0,0 +1,44 @@
+-- Phase 5: Agent-Assisted Distillation and Suggestion
+-- AgentProposal, AgentReviewRecord, ConfidenceAnnotation
+
+CREATE TABLE agent_proposals (
+    id UUID DEFAULT uuid_generate_v4() PRIMARY KEY NOT NULL,
+    proposal_type TEXT NOT NULL,
+    source_widget_id    UUID REFERENCES widgets(id) ON DELETE SET NULL,
+    source_candidate_id UUID REFERENCES requirement_candidates(id) ON DELETE SET NULL,
+    source_thread_id    UUID REFERENCES annotation_threads(id) ON DELETE SET NULL,
+    source_decision_id  UUID REFERENCES decision_records(id) ON DELETE SET NULL,
+    content   TEXT NOT NULL,
+    model_ref TEXT NOT NULL,
+    confidence NUMERIC CHECK (confidence BETWEEN 0 AND 1),
+    status TEXT NOT NULL DEFAULT 'pending',
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT now() NOT NULL
+);
+
+CREATE INDEX agent_proposals_proposal_type_idx ON agent_proposals (proposal_type);
+CREATE INDEX agent_proposals_status_idx ON agent_proposals (status);
+CREATE INDEX agent_proposals_source_widget_id_idx ON agent_proposals (source_widget_id);
+CREATE INDEX agent_proposals_created_at_idx ON agent_proposals (created_at DESC);
+
+CREATE TABLE agent_review_records (
+    id UUID DEFAULT uuid_generate_v4() PRIMARY KEY NOT NULL,
+    proposal_id UUID NOT NULL REFERENCES agent_proposals(id) ON DELETE CASCADE,
+    reviewer_id UUID REFERENCES users(id),
+    decision TEXT NOT NULL,
+    notes TEXT,
+    reviewed_at TIMESTAMP WITH TIME ZONE DEFAULT now() NOT NULL,
+    UNIQUE (proposal_id)
+);
+
+CREATE INDEX agent_review_records_proposal_id_idx ON agent_review_records (proposal_id);
+
+CREATE TABLE confidence_annotations (
+    id UUID DEFAULT uuid_generate_v4() PRIMARY KEY NOT NULL,
+    proposal_id UUID NOT NULL REFERENCES agent_proposals(id) ON DELETE CASCADE,
+    dimension TEXT NOT NULL,
+    score NUMERIC NOT NULL CHECK (score BETWEEN 0 AND 1),
+    explanation TEXT,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT now() NOT NULL
+);
+
+CREATE INDEX confidence_annotations_proposal_id_idx ON confidence_annotations (proposal_id);
--- a/Application/Schema.sql
+++ b/Application/Schema.sql
@@ -263,3 +263,52 @@ CREATE TABLE change_evaluations (
 );

 CREATE INDEX change_evaluations_deployment_id_idx ON change_evaluations (deployment_id);
+
+-- Agent proposals — AI-generated outputs awaiting human review (Phase 5)
+CREATE TABLE agent_proposals (
+    id UUID DEFAULT uuid_generate_v4() PRIMARY KEY NOT NULL,
+    proposal_type TEXT NOT NULL,
+    -- proposal_type values: summary | requirement_draft | duplicate_flag |
+    --                        policy_flag | impl_proposal
+    source_widget_id    UUID REFERENCES widgets(id) ON DELETE SET NULL,
+    source_candidate_id UUID REFERENCES requirement_candidates(id) ON DELETE SET NULL,
+    source_thread_id    UUID REFERENCES annotation_threads(id) ON DELETE SET NULL,
+    source_decision_id  UUID REFERENCES decision_records(id) ON DELETE SET NULL,
+    content   TEXT NOT NULL,
+    model_ref TEXT NOT NULL,
+    confidence NUMERIC CHECK (confidence BETWEEN 0 AND 1),
+    status TEXT NOT NULL DEFAULT 'pending',
+    -- status values: pending | accepted | rejected | superseded
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT now() NOT NULL
+);
+
+CREATE INDEX agent_proposals_proposal_type_idx ON agent_proposals (proposal_type);
+CREATE INDEX agent_proposals_status_idx ON agent_proposals (status);
+CREATE INDEX agent_proposals_source_widget_id_idx ON agent_proposals (source_widget_id);
+CREATE INDEX agent_proposals_created_at_idx ON agent_proposals (created_at DESC);
+
+-- One review record per proposal (human decision on AI output) (Phase 5)
+CREATE TABLE agent_review_records (
+    id UUID DEFAULT uuid_generate_v4() PRIMARY KEY NOT NULL,
+    proposal_id UUID NOT NULL REFERENCES agent_proposals(id) ON DELETE CASCADE,
+    reviewer_id UUID REFERENCES users(id),
+    decision TEXT NOT NULL,  -- accepted | rejected | modified
+    notes TEXT,
+    reviewed_at TIMESTAMP WITH TIME ZONE DEFAULT now() NOT NULL,
+    UNIQUE (proposal_id)
+);
+
+CREATE INDEX agent_review_records_proposal_id_idx ON agent_review_records (proposal_id);
+
+-- Confidence annotations — per-dimension breakdown of AI confidence (Phase 5)
+CREATE TABLE confidence_annotations (
+    id UUID DEFAULT uuid_generate_v4() PRIMARY KEY NOT NULL,
+    proposal_id UUID NOT NULL REFERENCES agent_proposals(id) ON DELETE CASCADE,
+    dimension TEXT NOT NULL,
+    -- dimension values: accuracy | relevance | completeness | policy_alignment
+    score NUMERIC NOT NULL CHECK (score BETWEEN 0 AND 1),
+    explanation TEXT,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT now() NOT NULL
+);
+
+CREATE INDEX confidence_annotations_proposal_id_idx ON confidence_annotations (proposal_id);