Skip to main content

zeph_common/
audit.rs

1// SPDX-FileCopyrightText: 2026 Andrei G <bug-ops>
2// SPDX-License-Identifier: MIT OR Apache-2.0
3
4//! Shared audit signal types used by both the sanitizer and memory subsystems.
5//!
6//! Defined here in `zeph-common` to eliminate the duplicate definitions that previously
7//! existed in `zeph-sanitizer::audit` and `zeph-memory::shadow`. Both crates re-export
8//! from this module.
9
10/// Signal type emitted by a sanitizer subsystem.
11///
12/// Variants correspond to the four signal classes defined in spec 004-16, FR-007.
13#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
14#[non_exhaustive]
15pub enum AuditSignalType {
16    /// A policy gate denied or flagged an operation.
17    PolicyViolation,
18    /// A prompt-injection pattern was detected in untrusted content.
19    PromptInjectionPattern,
20    /// An anomalous tool-call chain was observed (e.g., rapid multi-tool escalation).
21    ToolChainAnomaly,
22    /// LLM response confidence dropped significantly between turns.
23    ConfidenceDrop,
24}
25
26/// Severity level for an [`AuditSignalType`].
27///
28/// Mapped to a numeric multiplier by `TrajectorySeverityMultipliers`:
29/// `Low → 0.5`, `Medium → 1.0`, `High → 2.0` (defaults).
30#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
31#[non_exhaustive]
32pub enum Severity {
33    /// Minor or likely-benign signal.
34    Low,
35    /// Moderate concern; warrants accumulation.
36    Medium,
37    /// Strong indicator; highest multiplier.
38    High,
39}
40
41/// A single audit event emitted by a sanitizer subsystem.
42///
43/// Carries the minimum information needed by `TrajectoryRiskAccumulator::ingest`.
44/// No heap allocation — both fields are `Copy`.
45#[derive(Debug, Clone, Copy)]
46pub struct AuditSignal {
47    /// Category of the detected signal.
48    pub signal_type: AuditSignalType,
49    /// Severity of the detected signal.
50    pub severity: Severity,
51}
52
53impl AuditSignal {
54    /// Construct a new audit signal.
55    #[must_use]
56    pub const fn new(signal_type: AuditSignalType, severity: Severity) -> Self {
57        Self {
58            signal_type,
59            severity,
60        }
61    }
62}