Expand description
Remote-prompt data-classification sensitivity gate.
Any memory or context item that exceeds the operator-configured
MaxSensitivity level is excluded from remote prompts before they are
assembled. This prevents inadvertent data exfiltration to external hosted
models (Anthropic API, remote Ollama, etc.) when the operator has not
explicitly opted in to sending high-sensitivity data off-machine.
§Architecture (ADR 0048 §3 follow-on)
The primary enforcement point is now a real per-memory domain-tag query:
before a prompt is dispatched to a remote endpoint, cortex-cli’s run
pipeline calls MemoryRepo::max_sensitivity_for_active_memories, parses
the result as a MaxSensitivity, and refuses with
LlmError::InvalidRequest when active memories exceed the configured
threshold. See crates/cortex-cli/src/cmd/run.rs for the call site.
check_remote_prompt_sensitivity remains as the adapter-layer fallback
for inline [SENSITIVITY:HIGH] markers. It is called inside
ClaudeHttpAdapter::complete as a defense-in-depth guard after the
store-query check in the run pipeline.
Structs§
- Sensitivity
Gate Result - Result of a domain-tag sensitivity gate evaluation (ADR 0048 §3).
Enums§
- MaxSensitivity
- Maximum data-classification level permitted in a remote prompt.
Functions§
- check_
remote_ prompt_ sensitivity - Gate that returns
Okwhen the prompt content passes the max-sensitivity threshold for remote delivery.