zeph-core 0.16.0

Core agent loop, configuration, context builder, metrics, and vault for Zeph
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215

// SPDX-FileCopyrightText: 2026 Andrei G <bug-ops>
// SPDX-License-Identifier: MIT OR Apache-2.0

use std::collections::HashMap;
use std::fmt::Write;

use zeph_skills::TrustLevel;

use super::{Agent, Channel};

impl<C: Channel> Agent<C> {
    /// Handle `/skill trust [name [level]]`.
    pub(super) async fn handle_skill_trust_command(
        &mut self,
        args: &[&str],
    ) -> Result<(), super::error::AgentError> {
        let Some(memory) = &self.memory_state.memory else {
            self.channel.send("Memory not available.").await?;
            return Ok(());
        };

        match args.first().copied() {
            None => {
                // List all trust levels
                let rows = memory.sqlite().load_all_skill_trust().await?;
                if rows.is_empty() {
                    self.channel.send("No skill trust data recorded.").await?;
                    return Ok(());
                }
                let mut output = String::from("Skill trust levels:\n\n");
                for row in &rows {
                    let _ = writeln!(
                        output,
                        "- {} [{}] (source: {}, hash: {}..)",
                        row.skill_name,
                        row.trust_level,
                        row.source_kind,
                        &row.blake3_hash[..row.blake3_hash.len().min(8)]
                    );
                }
                self.channel.send(&output).await?;
            }
            Some(name) => {
                if let Some(level_str) = args.get(1).copied() {
                    // Set trust level
                    let level = match level_str {
                        "trusted" => TrustLevel::Trusted,
                        "verified" => TrustLevel::Verified,
                        "quarantined" => TrustLevel::Quarantined,
                        "blocked" => TrustLevel::Blocked,
                        _ => {
                            self.channel
                                .send("Invalid trust level. Use: trusted, verified, quarantined, blocked")
                                .await?;
                            return Ok(());
                        }
                    };
                    let updated = memory
                        .sqlite()
                        .set_skill_trust_level(name, &level.to_string())
                        .await?;
                    if updated {
                        self.channel
                            .send(&format!("Trust level for \"{name}\" set to {level}."))
                            .await?;
                    } else {
                        self.channel
                            .send(&format!("Skill \"{name}\" not found in trust database."))
                            .await?;
                    }
                } else {
                    // Show single skill trust
                    let row = memory.sqlite().load_skill_trust(name).await?;
                    match row {
                        Some(r) => {
                            self.channel
                                .send(&format!(
                                    "{}: level={}, source={}, hash={}",
                                    r.skill_name, r.trust_level, r.source_kind, r.blake3_hash
                                ))
                                .await?;
                        }
                        None => {
                            self.channel
                                .send(&format!("No trust data for \"{name}\"."))
                                .await?;
                        }
                    }
                }
            }
        }
        Ok(())
    }

    /// Handle `/skill block <name>`.
    pub(super) async fn handle_skill_block(
        &mut self,
        name: Option<&str>,
    ) -> Result<(), super::error::AgentError> {
        let Some(name) = name else {
            self.channel.send("Usage: /skill block <name>").await?;
            return Ok(());
        };
        let Some(memory) = &self.memory_state.memory else {
            self.channel.send("Memory not available.").await?;
            return Ok(());
        };
        let updated = memory
            .sqlite()
            .set_skill_trust_level(name, "blocked")
            .await?;
        if updated {
            self.channel
                .send(&format!("Skill \"{name}\" blocked."))
                .await?;
        } else {
            self.channel
                .send(&format!("Skill \"{name}\" not found in trust database."))
                .await?;
        }
        Ok(())
    }

    /// Handle `/skill unblock <name>`.
    pub(super) async fn handle_skill_unblock(
        &mut self,
        name: Option<&str>,
    ) -> Result<(), super::error::AgentError> {
        let Some(name) = name else {
            self.channel.send("Usage: /skill unblock <name>").await?;
            return Ok(());
        };
        let Some(memory) = &self.memory_state.memory else {
            self.channel.send("Memory not available.").await?;
            return Ok(());
        };
        let updated = memory
            .sqlite()
            .set_skill_trust_level(name, "quarantined")
            .await?;
        if updated {
            self.channel
                .send(&format!("Skill \"{name}\" unblocked (set to quarantined)."))
                .await?;
        } else {
            self.channel
                .send(&format!("Skill \"{name}\" not found in trust database."))
                .await?;
        }
        Ok(())
    }

    /// Handle `/skill scan` — scan all loaded skills for injection patterns.
    ///
    /// Results are advisory only. Does not change trust levels or block tool calls.
    pub(super) async fn handle_skill_scan(&mut self) -> Result<(), super::error::AgentError> {
        // Scope the lock guard so it is dropped before the first await point.
        let findings = {
            let registry = self
                .skill_state
                .registry
                .read()
                .expect("registry read lock");
            registry.scan_loaded()
        };

        if findings.is_empty() {
            self.channel
                .send("Skill scan complete: no injection patterns detected.")
                .await?;
        } else {
            let mut output = format!(
                "Skill scan complete: {} skill(s) with potential injection patterns (advisory):\n\n",
                findings.len()
            );
            for (name, result) in &findings {
                use std::fmt::Write as _;
                let _ = writeln!(
                    output,
                    "- {} ({} pattern(s)): {}",
                    name,
                    result.pattern_count,
                    result.matched_patterns.join(", ")
                );
            }
            output.push_str(
                "\nNote: scan results are advisory. Use `/skill trust` to adjust trust levels.",
            );
            self.channel.send(&output).await?;
        }

        Ok(())
    }

    pub(super) async fn build_skill_trust_map(&self) -> HashMap<String, TrustLevel> {
        let Some(memory) = &self.memory_state.memory else {
            return HashMap::new();
        };
        let Ok(rows) = memory.sqlite().load_all_skill_trust().await else {
            return HashMap::new();
        };
        rows.into_iter()
            .filter_map(|r| {
                let level = match r.trust_level.as_str() {
                    "trusted" => TrustLevel::Trusted,
                    "verified" => TrustLevel::Verified,
                    "quarantined" => TrustLevel::Quarantined,
                    "blocked" => TrustLevel::Blocked,
                    _ => return None,
                };
                Some((r.skill_name, level))
            })
            .collect()
    }
}