Enum RulesAction 

pub enum RulesAction {
    Add {
        id: String,
        kind: String,
        matcher: String,
        severity: String,
        reason: String,
        namespace: String,
        disabled: bool,
        sign: bool,
    },
    List,
    Check {
        kind: String,
        payload: String,
        agent_id: Option<String>,
    },
    Enable {
        id: String,
        sign: bool,
    },
    Disable {
        id: String,
        sign: bool,
    },
    Remove {
        id: String,
        sign: bool,
    },
    Keygen {
        out: Option<PathBuf>,
        force: bool,
    },
    SignSeed {
        key: Option<PathBuf>,
        db: Option<PathBuf>,
    },
}

Variants

Add

Add a new agent-action rule. Requires operator keypair on disk; signs the canonical row encoding before persisting.

Fields

id: String

Rule id (e.g. R005, tmp-noisy-build). Must be unique.

kind: String

Action kind: bash / filesystem_write / network_request / process_spawn / custom.

matcher: String

Matcher JSON. Shape depends on --kind. See docs/governance/agent-action-rules.md.

severity: String

Severity: refuse / warn / log.

reason: String

Human-readable reason surfaced to the agent on a match.

namespace: String

Optional namespace scope. Defaults to _global.

disabled: bool

Land the rule with enabled = 0 (operator activates later via ai-memory rules enable <id> --sign).

sign: bool

Sign the rule with the operator keypair on disk. Required for non-dry-run inserts; without --sign the CLI refuses.

List

List every rule (enabled + disabled). Read-only, no key required.

Check

Evaluate a proposed action against the live rule set without committing it. Read-only. The output is the same JSON [Decision] shape the MCP / HTTP path returns.

Fields

kind: String

Action kind: same vocabulary as add --kind.

payload: String

Action payload JSON. For Bash: {"command":"ls"}. For FilesystemWrite: {"path":"/tmp/x"}. Etc.

agent_id: Option<String>

Optional agent id; defaults to the resolved NHI id for audit-row provenance.

Enable

Activate a rule (flip enabled = 1). Requires --sign.

Fields

id: String

Rule id.

sign: bool

Sign the activation with the operator key.

Disable

Deactivate a rule (flip enabled = 0). Requires --sign.

Fields

id: String

Rule id.

sign: bool

Sign the deactivation with the operator key.

Remove

Remove a rule from the table. Requires --sign.

Fields

id: String

Rule id.

sign: bool

Sign the removal with the operator key.

Keygen

v0.7.0 L1-6 — generate a fresh Ed25519 operator keypair and write the private 32-byte seed to --out (mode 0600 on Unix) plus a base64-encoded public key sibling at <out>.pub (mode 0644). Default --out is ~/.config/ai-memory/operator.key.

Refuses to overwrite an existing file unless --force is passed; even with --force a stderr warning is emitted (an existing operator key is the keystone of the signature verify chain — a silent overwrite would invalidate every prior signed rule).

The 32-byte seed never appears in stdout, stderr, or any memory the agent emits. Only the fingerprint sha256(public_key)[:16] is logged.

Fields

out: Option<PathBuf>

Output path for the 32-byte private seed. The base64 public key sibling is written to <out>.pub.

force: bool

Overwrite an existing private/public key pair. Emits a stderr warning even when set. Default: refuse to overwrite.

SignSeed

v0.7.0 L1-6 — sign every seeded rule (R001..R004 today) with the operator key. Sets signature = ed25519(canonical_payload) and attest_level = 'operator_signed'. enabled stays at 0 — the operator audits and activates manually after this runs.

The canonical payload includes enabled, so a direct UPDATE governance_rules SET enabled = 1 after signing would fail signature verification at load time — that is the bypass-prevention property.

Fields

key: Option<PathBuf>

Path to the operator private seed (32 bytes) — same shape rules keygen --out writes. Defaults to ~/.config/ai-memory/operator.key.

db: Option<PathBuf>

Override the DB path (useful for smoke tests against a scratch sqlite file). Defaults to the same --db the rest of the rules verbs use (the top-level ai-memory --db flag).

Trait Implementations

impl FromArgMatches for RulesAction

fn from_arg_matches(__clap_arg_matches: &ArgMatches) -> Result<Self, Error>

Instantiate Self from ArgMatches, parsing the arguments as needed.

fn from_arg_matches_mut( __clap_arg_matches: &mut ArgMatches, ) -> Result<Self, Error>

Instantiate Self from ArgMatches, parsing the arguments as needed.

fn update_from_arg_matches( &mut self, __clap_arg_matches: &ArgMatches, ) -> Result<(), Error>

Assign values from ArgMatches to self.

fn update_from_arg_matches_mut<'b>( &mut self, __clap_arg_matches: &mut ArgMatches, ) -> Result<(), Error>

Assign values from ArgMatches to self.

impl Subcommand for RulesAction

fn augment_subcommands<'b>(__clap_app: Command) -> Command

Append to Command so it can instantiate Self via FromArgMatches::from_arg_matches_mut

fn augment_subcommands_for_update<'b>(__clap_app: Command) -> Command

Append to Command so it can instantiate self via FromArgMatches::update_from_arg_matches_mut

fn has_subcommand(__clap_name: &str) -> bool

Test whether Self can parse a specific subcommand