Skip to main content

aa_security/
lib.rs

1//! Security primitives for Agent Assembly.
2//!
3//! This crate owns the credential-detection scanner, the redaction primitives,
4//! and the audit-normalization types relied on by the trusted enforcement
5//! layers (`aa-runtime`, `aa-gateway`, `aa-proxy`).
6//!
7//! It is deliberately a **leaf** crate: it does *not* depend on `aa-core`, so
8//! security authority comes from *where a primitive runs*, not from the core
9//! domain crate. The primitives are progressively moved here from `aa-core`
10//! (see AAASM-2567); `aa-core` keeps temporary `pub use` re-exports for
11//! migration compatibility.
12//!
13//! # Feature Flags
14//!
15//! - `serde`: enables `Serialize`/`Deserialize` derives on the public types.
16#![warn(missing_docs)]
17
18pub mod redaction;
19pub mod scanner;
20
21pub use redaction::Redaction;
22pub use scanner::{CredentialFinding, CredentialKind, CredentialScanner, ScanResult, ScannerConfig};