Skip to content

feat(policy): suggest L7 scoping for known REST hosts #1099

Open
Open
feat(policy): suggest L7 scoping for known REST hosts#1099
Labels
area:policyPolicy engine and policy lifecycle workarea:sandboxSandbox runtime and isolation workstate:agent-readyApproved for agent implementationtopic:l7Application-layer policy and inspection work
@zredlined

Description

@zredlined
zredlined
opened on Apr 30, 2026

Description

Add a small MVP hint that flags agent-drafted L4 rules targeting known REST hosts and suggests protocol: rest for stronger method/path scoping.

Context

Parent: #1062
RFC artifact: https://github.com/NVIDIA/OpenShell/blob/feat/agent-driven-policy-management/rfc/0001-agent-driven-policy-management.md

This is part of the locked Agent-Driven Policy Management MVP. GitHub issues are the development source of truth; Linear is only a roadmap pointer.

This is an intentional bootstrap heuristic, not the long-term architecture. Future work should move toward observed L7 capability detection and computed consequence modeling.

Definition of Done

  • Known REST hosts include at least api.github.com and Slack API host(s) used by the demo/pitch.
  • Agent-authored L4 proposal for a known REST host gets a validation result hint to consider L7 REST scoping.
  • Hint does not block proposal submission or approval.
  • Tests cover known-REST and non-REST/fallback cases.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area:policyPolicy engine and policy lifecycle workarea:sandboxSandbox runtime and isolation workstate:agent-readyApproved for agent implementationtopic:l7Application-layer policy and inspection work

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions