mur-core 0.2.0

Core library for MUR Commander: types, constitution, audit, model routing, and workflow engine
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83

# MUR Commander — Default Constitution
# This file defines the safety boundaries for the autonomous agent.
# Sign it with `murc constitution sign` after customizing.

[identity]
version = "1.0.0"
# These fields are populated by `murc constitution sign`
checksum = ""
signed_by = ""
signature = ""

[boundaries]
# Actions that are absolutely forbidden — the agent will NEVER execute these.
forbidden = [
    "rm -rf /",
    "sudo rm *",
    "DROP DATABASE",
    "format disk",
    "send email without approval",
    "access /etc/shadow",
    "modify constitution without re-sign",
]

# Actions that require explicit user approval before execution.
requires_approval = [
    "git push",
    "deploy *",
    "send notification",
    "modify system config",
    "install package",
    "network request to unknown host",
    "spend > $1 on API calls",
]

# Actions the agent can execute freely without asking.
auto_allowed = [
    "read *",
    "echo *",
    "cat *",
    "ls *",
    "head *",
    "tail *",
    "grep *",
    "find *",
    "wc *",
    "curl localhost*",
    "curl -s *",
    "git *",
    "cargo test",
    "cargo build",
    "cargo clippy",
    "npm test",
    "npm run build",
    "docker compose ps",
    "docker ps",
    "run tests",
    "search patterns",
    "workflow step*",
]

[resource_limits]
# Maximum API cost (USD) per single workflow run
max_api_cost_per_run = 5.0
# Maximum API cost (USD) per day across all workflows
max_api_cost_per_day = 50.0
# Maximum execution time in seconds per workflow
max_execution_time = 3600
# Maximum number of workflows running simultaneously
max_concurrent_workflows = 3
# Maximum size for any single file write operation
max_file_write_size = "10MB"
# Directories the agent is allowed to access
allowed_directories = ["~/Projects", "~/.mur", "/tmp"]
# Directories the agent must NEVER access
blocked_directories = ["/etc", "/System", "~/.ssh"]

[model_permissions]
# Thinking model: can read but cannot execute commands
thinking_model = { can_execute = false, can_read = true }
# Coding model: can execute but only in sandbox
coding_model = { can_execute = true, can_read = true, sandbox_only = true }
# Task model: general purpose, can read and execute
task_model = { can_execute = true, can_read = true }