generated from coulomb/repo-seed
feat(WARDEN-WP-0014): T1 — structured handoff fields in routing catalog
Adds optional assist-layer fields (auth_method, path_template, fetch_command, exec_capable, policy_ref) to RouteEntry, parsed and secret-screened in catalog.py. Handoff fields are templates/pointers only — _assert_no_secret_material rejects known token prefixes and high-entropy runs, and exec_capable requires a fetch_command. The openbao-api-key entry is populated as the reference example (covers the coulomb_social npm shape). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -26,11 +26,26 @@ class RouteEntry:
|
||||
# SSH lane only — None/empty for routed (non-executed) needs.
|
||||
steps: List[str] = field(default_factory=list)
|
||||
cert_command: Optional[str] = None
|
||||
# Structured handoff (WP-0014) — optional, allowed on any lane. These are
|
||||
# *templates and pointers* the `warden access` assist layer renders (and, for
|
||||
# exec_capable lanes, proxies). They are NOT authored procedure prose and they
|
||||
# never carry a secret value — only placeholders (`<...>`) and field names.
|
||||
# Validation in catalog.py enforces the no-secret-material rule on every one.
|
||||
auth_method: Optional[str] = None # how the caller authenticates to the owner
|
||||
path_template: Optional[str] = None # owner-side path with `<...>` placeholders
|
||||
fetch_command: Optional[str] = None # command skeleton run *as the caller*
|
||||
exec_capable: bool = False # may `warden access --fetch/--exec` proxy it
|
||||
policy_ref: Optional[str] = None # flex-auth check the fetch path runs first
|
||||
|
||||
@property
|
||||
def is_active(self) -> bool:
|
||||
return self.status == "active"
|
||||
|
||||
@property
|
||||
def has_handoff(self) -> bool:
|
||||
"""True when structured assist fields are present (advisory richness)."""
|
||||
return any((self.auth_method, self.path_template, self.fetch_command))
|
||||
|
||||
def match_score(self, tokens: List[str]) -> int:
|
||||
"""Keyword-overlap score against need_keywords, title, and id.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user