fix: MEDIUM tier cont. — reconstruction ambiguity, governor fail-open, sim-scaffold marker, parity coverage gate#8
Closed
New1Direction wants to merge 4 commits into
Closed
Conversation
added 4 commits
June 1, 2026 13:40
…f guessing _find_output_model selected the agent module's pydantic model by field-set match, returning the FIRST hit in vars() order. If a module defines two models with identical field sets, the choice was arbitrary and could reconstruct the wrong type. Now raises on >1 match; _try_rust_agent catches it and falls back to the Python agent (safe) rather than risk a wrong reconstruction. + tests.
…fold 447-LOC module presented a distributed-execution API but execute_phase only hashes the input via _simulate_execution; no production caller (only tests). Added a prominent SIMULATION/REFERENCE-SCAFFOLD warning to the module docstring so it isn't mistaken for a real platform capability. No behaviour change.
…rict mode Four scanners (shadow/cot/surplus/spend) only rejected >=71 risk when their strict-mode toggle was on, so an env var / config could silently downgrade a high-risk admission to advisory — a per-detector kill switch. Now they reject unconditionally at >=71, matching detect_prompt_injection. Removed the now-unused is_*_strict_mode imports. + tests (high risk + strict OFF must still reject).
Existing rust/parity check only verifies specs ⊆ registry. Add the missing direction (registry ⊆ specs) so a Rust agent can't be added without a byte-equivalence spec and silently run unverified against Python. Pure-Python (parses registry.rs + spec RUST_NAMEs), so it runs in the main CI without the cdylib. Currently 205/205; this guards future drift.
Owner
Author
|
Consolidated. All commits from this PR are now in |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Continuing the MEDIUM tier — architectural/correctness items. Stacked on #7; base is
fix/medium-tier. All TDD/verified.Fixed
_find_output_modelreturned the FIRST pydantic model whose field set matched the Rust JSON; if two models share a field set it could build the wrong type. Now raises on >1 match, so_try_rust_agentfalls back to the Python agent (safe) instead of guessing.detect_prompt_injection.DeterministicExecutionFabricmislabeled as real (honesty) — 447-LOC module advertised distributed execution but only simulates (no production caller). Added a prominent SIMULATION/REFERENCE-SCAFFOLD warning to its docstring.Verification
ruff check/format: clean. Code fixes are RED→GREEN.Skipped (untracked — not committed, so not shipped)
pi_agent_interceptor/proxy.py) targets an untracked file — same pattern as the earlier corrections; left as-is.Genuinely remaining (need a decision / validation I can't do here — not rushed)
artifact=None— needs a design call: wire the real per-node artifact intokernel.execute(artifact=...), or remove the dead STEP-6 block and rely on the separateEntropyAnalysisValidator. Behavioral; want your steer.>=deps — fix is a hash-pinned lockfile (uv pip compile --generate-hashes) +--require-hashes; I can generate it but can't validate the Docker build in this environment.🤖 Generated with Claude Code