Expand description
§typesec
Type-level security capabilities for Rust agents.
This facade crate re-exports the core capability model by default and exposes the policy engines, agent API, and macros behind feature flags.
Modules§
- agent
- Agent executor API.
- capability
- Capability — the unforgeable proof token
- combinator
- Policy Combinator
- lattice
- Capability Lattice
- macros
- Procedural macros.
- odrl
- ODRL policy engine.
- permissions
- Permission marker traits
- policy
- Policy engine trait and audit trail types.
- rbac
- RBAC policy engine.
- resource
- Resource trait — the thing a capability grants access to.
- role
- Role abstraction — a named collection of permissions.
- secure_
value - Opaque labeled values for information-flow style data handling.
- typestate
- Agent typestate
Structs§
- Agent
- An agent with a typestate parameter
Sand an attached policy engine. - Agent
Builder - Builder for
SecureAgent— convenient when wiring multiple engines together. - AiCan
Exfiltrate - Permission for an AI agent to exfiltrate (export/transmit) data.
- AiCan
Infer - Permission for an AI agent to run inference over a resource.
- AiCan
Train - Permission for an AI agent to use a resource as training data.
- Audit
Event - A structured record of every policy decision.
- Authenticated
- Authenticated state. Policy checks and capability requests become available.
- CanDeclassify
- Permission to intentionally lower the security label of protected data.
- CanDelegate
- Permission to delegate capabilities to other agents.
- CanDelete
- Permission to delete a resource.
- CanExecute
- Permission to execute code or invoke actions on a resource.
- CanRead
- Permission to read a resource (non-sensitive).
- CanRead
Sensitive - Permission to read sensitive resources (PII, credentials, etc.).
- CanWrite
- Permission to write (create or update) a resource.
- CanWrite
Sensitive - Permission to write sensitive resources.
- Capability
- An unforgeable proof that subject
subjectholds permissionPon resourceR. - Composed
Engine - A multi-engine policy combinator with configurable strategy.
- Credentials
- Credentials used to authenticate an agent.
- Fallback
Engine - A two-engine fallback: tries
primaryfirst, thenfallbackon delegation. - Internal
- Internal data: not public, but below sensitive and secret data.
- Lattice
Engine - Runtime lattice engine wrapper.
- Odrl
Engine - An ODRL policy engine.
- Policy
Engine Builder - Builder for
ComposedEngine. - Public
- Public data: safe to reveal without a capability.
- Rbac
Engine - A compiled, fast-lookup RBAC engine.
- Secret
- Secret data such as credentials or highly restricted model inputs.
- Secure
Agent - A secure agent that ties together typestate, policy engines, and capabilities.
- Secure
Value - Data protected by a type-level privacy label and resource type.
- Sensitive
- Sensitive data such as PII or confidential business records.
- Unauthenticated
- The initial agent state. No policy operations are available yet.
Enums§
- Combine
Strategy - How to combine multiple policy engine verdicts into a single decision.
- Policy
Result - The verdict returned by a policy engine.
Traits§
- Agent
State - Sealed state trait for the
Agenttypestate machine. - Implies
- Trait encoding the permission lattice.
- Join
- Type-level least upper bound for two privacy labels.
- Permission
- A marker trait for permissions.
- Policy
Engine - The core runtime policy interface.
- Privacy
Level - A type-level privacy label.
- Resource
- A resource that can be protected by a
Capability. - Role
- A role is a named collection of permissions.
Functions§
- mint_
capability - Mint a
Capabilityby running a policy check.
Type Aliases§
- Task
Result - The result type for task execution.