feat(organizer): trust levels, audit attribution + export, guided setup#96
Conversation
Adopt the trust mechanics that make agentic automation trustworthy — inspired by cloud back-office agents, but kept local-first — and surface them across the Organizer trust pipeline. Per-rule trust levels (automate / ask-first / never): - add TrustLevel on FolderRule (serde+SQLite default ask_first, so old rules keep their exact behavior); migration V4 adds trust_level. - policy engine maps the stricter covering rule's trust to allow / require-confirmation / deny; reads stay allowed at every level; delete stays denied even under automate. - organizer_set_rule_trust command + in-place trust selector on rule chips. Audit rule attribution, provenance, and export: - evaluate_with_attribution returns the rule that fired; PlanAction and AuditEvent carry rule_path (+ provenance: automated vs user-approved), all serde-defaulted so old logs/plans still deserialize. - organizer_export_audit returns a run's log as JSON or CSV (RFC-4180); frontend adds per-row rule/provenance and Export buttons. Guided setup wizard: - generalize the client-filing preset into organizerRunWizard with three presets (client filing, bookkeeping inbox, downloads cleanup), composing existing create_zone / add_folder_rule commands. Local time-to-value instrumentation: - storage/milestones records first zone/plan/run/undo timestamps locally; organizer_time_to_value exposes them for diagnostics. No network. Marketing: name concrete failure modes and the trust trio on the site, contrast vs cloud agents that hold your logins, update the Organizer demo to show rule attribution + provenance, and add docs/gtm-organizer.md. Docs updated: policy-engine, organizer-commands, organizer-executor, command-registry. Validation: cargo fmt --check, clippy -D warnings, and 347 backend tests all pass; both frontend JS files pass node --check. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01Vy2Lt4hoeK6K4f8LfhWXWg
✅ Deploy Preview for muhammadghost ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: c89f96ded0
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| let from_rule = covered_by(from, rules, granted); | ||
| let to_rule = covered_by(to, rules, granted); |
There was a problem hiding this comment.
Honor nested Never rules before broader grants
When a user has overlapping rules such as /Downloads set to automate and /Downloads/DoNotTouch set to never, list_folder_rules returns them ordered by path, so the broader parent is seen first. These new evaluations call covered_by once for each endpoint, and covered_by returns only the first matching grant; the stricter nested rule is never considered, so moves/renames inside the never subfolder can still be allowed through the parent rule. This violates the documented “stricter covering rule” behavior and can mutate files in a folder the user explicitly marked as Never.
Useful? React with 👍 / 👎.
| let provenance = if evaluation.decision.is_allowed() { | ||
| Provenance::Automated | ||
| } else { |
There was a problem hiding this comment.
Attribute AskFirst folder creation as user-approved
For default ask_first rules, the policy engine returns Allow for CreateFolder to preserve the old behavior, so this branch records those category-folder creations as Provenance::Automated. In a normal Organizer run that creates destination folders, the audit UI/export now says those changes were automated / from an automate rule even though they happened under the user-approved run and the rule was not automate, making the new provenance record inaccurate. Derive provenance from the governing rule trust and capability instead of PolicyDecision::Allow alone.
Useful? React with 👍 / 👎.
| fn csv_field(field: &str) -> String { | ||
| if field.contains([',', '"', '\n', '\r']) { | ||
| format!("\"{}\"", field.replace('"', "\"\"")) | ||
| } else { | ||
| field.to_string() |
There was a problem hiding this comment.
Neutralize spreadsheet formulas in CSV exports
When a user exports the new audit CSV and opens it in Excel/Sheets, fields coming from local paths, targets, rule paths, or error text are written verbatim; filenames are user-controlled, so a file named with a leading =, +, -, or @ becomes a spreadsheet formula cell despite RFC quoting. In the audit-export flow this can trigger spreadsheet-side actions or network lookups when the user reviews the log, so csv_field should also neutralize formula-leading characters before returning the cell.
Useful? React with 👍 / 👎.
Summary
Adopts the product mechanics that make agentic automation trustworthy — inspired by cloud "agentic back-office" tools (Rational.to) but kept local-first — and surfaces them across the Ghost Organizer trust pipeline. Four SWE upgrades plus matching marketing. Ghost's architecture already embodied deny-by-default policy, audit, and undo; this makes those decisions legible and user-controllable.
Trust & safety
For mutating operations, the pipeline still holds (Intent → Plan → Policy → Approval → Execution → Audit → Undo):
automate)command-registry.md)Changes
Per-rule trust levels (automate / ask-first / never)
TrustLevelonFolderRule; serde + SQLite defaultask_first, so rules created before this field keep their exact prior behavior. Migration V4 addstrust_level.never.organizer_set_rule_trustcommand + in-place trust selector on rule chips and the add-folder row.Audit rule attribution, provenance, and export
evaluate_with_attributionreturns the rule that fired;PlanActionandAuditEventcarryrule_path(+provenance: automated vs user-approved), all#[serde(default)]so old persisted plans/logs still deserialize.organizer_export_auditreturns a run's log as pretty JSON or RFC-4180 CSV; frontend shows per-row rule/provenance and adds Export (CSV/JSON) buttons.Guided setup wizard
organizerRunWizardwith three presets (client filing, bookkeeping inbox, downloads cleanup), composing existingcreate_zone/add_folder_rule— no new backend.Local time-to-value instrumentation
storage/milestonesrecords first zone/plan/run/undo timestamps locally;organizer_time_to_valueexposes them for diagnostics. No network.Marketing
docs/gtm-organizer.md(beachhead persona, positioning, channels, gated time-to-value claim).Docs updated:
policy-engine.md,organizer-commands.md,organizer-executor.md,command-registry.md.Validation
cargo fmt --manifest-path src-tauri/Cargo.toml -- --checkcargo check --manifest-path src-tauri/Cargo.toml --all-targetscargo test --manifest-path src-tauri/Cargo.toml— 347 passed, 0 failed (incl. new trust-mapping, serde back-compat, migration V4, CSV escaping, provenance, and milestone tests)cargo clippy --manifest-path src-tauri/Cargo.toml --all-targets -- -D warnings— cleannode --checkpasses forsrc/main.jsandpublic/main.js; site JSON-LD intactcargo tauri build --no-bundle— not run locally (CI covers the macOS/Windows smoke build)Risks / follow-up
make devpass.🤖 Generated with Claude Code
https://claude.ai/code/session_01Vy2Lt4hoeK6K4f8LfhWXWg
Generated by Claude Code