Skip to content

feat(cortex): add trust visibility to cortex agents (#275 slice A)#312

Merged
hurttlocker merged 1 commit intomainfrom
feat/275-trust-visibility
Mar 10, 2026
Merged

feat(cortex): add trust visibility to cortex agents (#275 slice A)#312
hurttlocker merged 1 commit intomainfrom
feat/275-trust-visibility

Conversation

@hurttlocker
Copy link
Owner

@hurttlocker hurttlocker commented Mar 10, 2026
edited
Loading

What this does

Implements a bounded #275 slice A for trust-boundary groundwork by making trust config visible in read-only operator surfaces.

  • Adds trust config parsing + validation for agents.<id>.trust in ~/.cortex/config.yaml
  • Surfaces trust_level + trust_scope in cortex agents --json
  • Extends cortex agents table output with TRUST/SCOPE columns
  • Explicitly labels this as read-only visibility (no write enforcement in this slice)

Problem / Context

Issue #275 needs scoped multi-agent trust boundaries, but the full system is too large for one PR. We needed the smallest safe first slice that:

  1. validates trust config early, and
  2. gives operators a deterministic read-only view of trust metadata.

How it works

Files touched

  • internal/config/resolver.go
    • Added AgentTrustRule + AgentTrustEntry
    • Added ResolveAgentTrustConfig(configPath)
    • Added AgentTrustScope(trustLevel) with allowed values:
      • owner -> read:all write:all
      • collaborator -> read:all write:own
      • reader -> read:all write:none
    • Extended config schema with optional agents: map
  • cmd/cortex/main.go
    • runAgents now loads/validates trust config before rendering output
    • agentSummary now includes trust visibility fields
    • TTY table now includes TRUST + SCOPE columns
    • Added explicit note that this is visibility-only (no cross-agent write enforcement yet)
  • internal/config/resolver_test.go
    • Added deterministic tests for valid/invalid trust config parsing
  • cmd/cortex/main_test.go
    • Added deterministic tests for JSON trust visibility, TTY trust visibility, and invalid trust config handling

Testing done

go test ./internal/config ./cmd/cortex
go test ./...

Screenshots / before-after

CLI surface change only (no UI). Example cortex agents output now includes TRUST/SCOPE columns and a read-only visibility note.

Breaking changes / risks

None.

Primary risk: cortex agents now fails fast when agents.<id>.trust is invalid in config. This is intentional validation behavior, but operators with malformed trust config will need to fix it.

Merge notes

@hurttlocker hurttlocker merged commit 163ec59 into main Mar 10, 2026
4 checks passed
@hurttlocker hurttlocker deleted the feat/275-trust-visibility branch March 10, 2026 18:17
This was referenced Mar 11, 2026
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hurttlocker