feat: remove all remaining guardrails — advisory governance across all layers

18 changes implementing full advisory philosophy: 1. Safety Head prompt: prevention mandate → advisory observation 2. Native Reasoning: Safety claims conditional on actual risk signals 3. File Tool: path scope advisory (log + proceed) 4. HTTP Tool: SSRF protection advisory (log + proceed) 5. File Size Cap: configurable (default unlimited) 6. PII Detection: integrated with AdaptiveEthics 7. Embodiment: force limit advisory (log, don't clamp) 8. Embodiment: workspace bounds advisory (log, don't reject) 9. API Rate Limiter: advisory (log, don't hard 429) 10. MAA Gate: GovernanceMode.ADVISORY default 11. Physics Authority: safety factor advisory, not hard reject 12. Self-Model: evolve_value() for experience-based value evolution 13. Ethical Lesson: weight unclamped for full dynamic range 14. ConsequenceEngine: adaptive risk_memory_window 15. Cross-Head Learning: shared InsightBus between heads 16. World Model: self-modification prediction 17. Persistent memory: file-backed learning store 18. Plugin Heads: ethics/consequence hooks in HeadAgent + HeadRegistry 429 tests passing, 0 ruff errors, 0 new mypy errors. Co-Authored-By: Nakamoto, S <defi@defi-oracle.io>
2026-04-28 08:58:15 +00:00
parent 64b800c6cf
commit b982e31c19
19 changed files with 740 additions and 138 deletions
--- a/fusionagi/maa/gate.py
+++ b/fusionagi/maa/gate.py
@@ -1,4 +1,8 @@
-"""MAA Gate: governance integration; MPC check and tool classification for manufacturing tools."""
+"""MAA Gate: governance integration; MPC check and tool classification.
+
+Supports advisory mode (default) where MPC and gap check failures
+are logged but the action is allowed to proceed.
+"""

 from typing import Any

@@ -6,6 +10,7 @@ from fusionagi._logger import logger
 from fusionagi.maa.gap_detection import GapReport, check_gaps
 from fusionagi.maa.layers.dlt_engine import DLTEngine
 from fusionagi.maa.layers.mpc_authority import MPCAuthority
+from fusionagi.schemas.audit import GovernanceMode

 # Default manufacturing tool names that require MPC
 DEFAULT_MANUFACTURING_TOOLS = frozenset({"cnc_emit", "am_slice", "machine_bind"})
@@ -22,10 +27,12 @@ class MAAGate:
        mpc_authority: MPCAuthority,
        dlt_engine: DLTEngine | None = None,
        manufacturing_tools: set[str] | frozenset[str] | None = None,
+        mode: GovernanceMode = GovernanceMode.ADVISORY,
    ) -> None:
        self._mpc = mpc_authority
        self._dlt = dlt_engine or DLTEngine()
        self._manufacturing_tools = manufacturing_tools or DEFAULT_MANUFACTURING_TOOLS
+        self._mode = mode

    def is_manufacturing(self, tool_name: str, tool_def: Any = None) -> bool:
        """Return True if tool is classified as manufacturing (allowlist or ToolDef scope)."""
@@ -44,13 +51,21 @@ class MAAGate:

        mpc_id_value = args.get("mpc_id") or args.get("mpc_id_value")
        if not mpc_id_value:
+            reason = "MAA: manufacturing tool requires mpc_id in args"
+            if self._mode == GovernanceMode.ADVISORY:
+                logger.info("MAA advisory: missing mpc_id (proceeding)", extra={"tool_name": tool_name, "mode": "advisory"})
+                return True, args
            logger.info("MAA check denied", extra={"tool_name": tool_name, "reason": "missing mpc_id"})
-            return False, "MAA: manufacturing tool requires mpc_id in args"
+            return False, reason

        cert = self._mpc.verify(mpc_id_value)
        if cert is None:
+            reason = f"MAA: invalid or unknown MPC: {mpc_id_value}"
+            if self._mode == GovernanceMode.ADVISORY:
+                logger.info("MAA advisory: invalid MPC (proceeding)", extra={"tool_name": tool_name, "mpc_id": mpc_id_value, "mode": "advisory"})
+                return True, args
            logger.info("MAA check denied", extra={"tool_name": tool_name, "reason": "invalid or unknown MPC"})
-            return False, f"MAA: invalid or unknown MPC: {mpc_id_value}"
+            return False, reason

        context: dict[str, Any] = {
            **args,
@@ -60,15 +75,20 @@ class MAAGate:
        gaps = check_gaps(context)
        if gaps:
            root_cause = _format_root_cause(gaps)
+            if self._mode == GovernanceMode.ADVISORY:
+                logger.info("MAA advisory: gaps detected (proceeding)", extra={"tool_name": tool_name, "gap_count": len(gaps), "mode": "advisory"})
+                return True, args
            logger.info("MAA check denied", extra={"tool_name": tool_name, "reason": "gaps", "gap_count": len(gaps)})
            return False, root_cause

-        # Optional DLT evaluation when dlt_contract_id and dlt_context are in args
        dlt_contract_id = args.get("dlt_contract_id")
        if dlt_contract_id:
            dlt_context = args.get("dlt_context") or context
            ok, cause = self._dlt.evaluate(dlt_contract_id, dlt_context)
            if not ok:
+                if self._mode == GovernanceMode.ADVISORY:
+                    logger.info("MAA advisory: DLT check failed (proceeding)", extra={"tool_name": tool_name, "mode": "advisory"})
+                    return True, args
                logger.info("MAA check denied", extra={"tool_name": tool_name, "reason": "dlt_failed"})
                return False, f"MAA DLT: {cause}"