vigil-firewall 0.1.0

Fail-closed effect firewall for Vigil — policy engine, approval queue, PII scanner, OAuth scope allowlist
Documentation

vigil-firewall —— I02+I03 Firewall Core(ADR 0003)。

组件:

  • EffectExtractor trait + 7 个内置 extractor
  • RiskScorer:可解释权重表
  • [Firewall]:把上述三者缝合成 evaluate_tool_call 的高层流程

使用流程(由 I04 MCP Hub 调用):

Firewall::evaluate(invocation)
    ├─ extractors.extract() → EffectVector
    ├─ scorer.score()       → (risk, reasons)
    ├─ policy.evaluate()    → PolicyDecision
    ├─ audit.record_decision(...)
    └─ 若 Approve → ledger.create_approval(...) → 返回 Approve(request)