docs: add COGSEC-HUMAN-SIM-001 guardrail and human-simulation redress lane#22284
docs: add COGSEC-HUMAN-SIM-001 guardrail and human-simulation redress lane#22284BrianCLong wants to merge 1 commit intomainfrom
Conversation
BrianCLong
added
the
codex
ChatGPT Codex Connector
|
Warning Rate limit exceeded
Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 23 minutes and 34 seconds. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a new governance policy for human simulation (COGSEC-HUMAN-SIM-001) and updates the redress process to handle appeals related to unauthorized persona cloning. The feedback focuses on technical improvements to the YAML policy definition, specifically suggesting more robust existence checks for case IDs, splitting concatenated activity and role strings into discrete list items for better matching, and resolving a temporal contradiction in the redress response time.
| case_id: present | ||
| lawful_purpose: present | ||
| retention_policy_id: present |
There was a problem hiding this comment.
The use of present as a value suggests a literal string match, which would cause the control to fail for any actual case ID or purpose string (e.g., 'CASE-123'). Given that line 35 uses the { missing: true } object syntax for existence checks, these should likely be updated to check for the presence of the field rather than a literal string value to ensure the guardrail functions correctly with real data.
case_id: { missing: false }
lawful_purpose: { missing: false }
retention_policy_id: { missing: false }| target_type: identifiable_person | ||
| activity: | ||
| - persona_simulation | ||
| - predictive_vote_or_behavior_model |
There was a problem hiding this comment.
Splitting combined activity types into separate list items ensures that the policy engine can match against individual activity tags accurately. Using a single string like predictive_vote_or_behavior_model might fail if the system logs these as distinct activities (e.g., just predictive_vote).
- predictive_vote
- behavior_model| - id: require_human_oversight | ||
| rule: "allow_only_if" | ||
| condition: | ||
| reviewer_role: governance_agent_or_human_dri |
There was a problem hiding this comment.
If the intention is to allow either the governance_agent or the human_dri to perform the review, it is better to define these as a list. This avoids potential string-matching issues and adheres to standard YAML policy patterns where roles are discrete entities rather than concatenated strings.
reviewer_role:
- governance_agent
- human_dri|
|
||
| ## 5. Human Simulation Appeals (COGSEC-HUMAN-SIM-001) | ||
| If a person asserts the platform built or used a behavioral/persona simulation without authority: | ||
| 1. **Immediate Freeze**: Suspend the associated collection/model job within 24 hours. |
There was a problem hiding this comment.
There is a contradiction between the term Immediate Freeze and the within 24 hours timeframe. For cognitive security incidents involving unauthorized human simulation, a 24-hour window may be too long for a response labeled as 'immediate'. Consider shortening this timeframe to reflect the urgency of the redress path.
| 1. **Immediate Freeze**: Suspend the associated collection/model job within 24 hours. | |
| 1. **Immediate Freeze**: Suspend the associated collection/model job immediately (e.g., within 1 hour). |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: fcc81d4284
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| reviewer_role: governance_agent_or_human_dri | ||
| review_outcome: approved |
There was a problem hiding this comment.
require_human_oversight currently allows reviewer_role: governance_agent_or_human_dri, which means an automated agent can approve human-simulation activity. For this high-risk path, that creates a policy-compliant route without a named human decision-maker, conflicting with the repo’s human-approval governance requirements for critical decisions. Tighten this control to require explicit human approver identity.
Useful? React with 👍 / 👎.
| evidence_budget: | ||
| missing: true |
There was a problem hiding this comment.
The no_unbounded_public_record_scrape rule only denies when evidence_budget is missing, so a scrape with a present-but-unbounded budget can still pass despite the rule’s stated intent. In practice this allows effectively unlimited human-targeted collection as long as the field exists. Add an explicit boundedness check (for example max scope/limit constraints) instead of only a presence check.
Useful? React with 👍 / 👎.
| policy_id: COGSEC-HUMAN-SIM-001 | ||
| status: active |
There was a problem hiding this comment.
This policy is declared active, but the cogsec gate script (ci/scripts/cogsec_rights_gate.py) only requires the older four governance files and does not reference this new guardrail, so CI will not fail if it is removed or bypassed. That leaves COGSEC-HUMAN-SIM-001 as a non-enforced artifact rather than a guaranteed control. Add it to required policy checks or a runtime loader assertion.
Useful? React with 👍 / 👎.
## Summary Rebuilds the golden-main merge train from a clean `main` base and converges the currently mergeable PR set into one replacement branch. This branch absorbs: - #22296 - #22279 - #22281 - #22282 - #22283 - #22284 - #22285 - #22295 - #22297 - #22286 - #22291 - #22280 - #22277 - unique non-conflicting surfaces from #22241 - the admissibility/CACert/failure-demo runtime lane from #22314 This branch supersedes: - #22298 as the contaminated/conflicting convergence branch - #22277 as a standalone merge vehicle - #22241 as the broad mixed-purpose convergence vehicle once remaining review is complete - #22314 as the standalone admissibility lane now folded into the golden path This branch intentionally excludes: - #22292 because it targets `merge-surge/staging`, not `main` ## Conflict policy used while absorbing #22241 When merging `#22241` on top of the cleaned train, the following files conflicted and were resolved in favor of the current train versions so the newer focused CI/governance repairs remain authoritative: - `.github/ci/required-checks.json` - `.github/workflows/drift-sentinel.yml` - `.github/workflows/pr-gate.yml` - `docs/ci/REQUIRED_CHECKS_POLICY.yml` - `pnpm-lock.yaml` - `scripts/ci/check_branch_protection_drift.mjs` - `scripts/ci/validate_workflows.mjs` All other `#22241` changes merged on top of the train. ## Mapping Change Summary This convergence branch updates workflow, schema, and governance contracts that control merge eligibility, admissibility evidence, and deterministic trust artifacts. ## Diff - Added admissibility/evidence/CACert surfaces including `packages/evidence/schemas/decision_trace.schema.json` - Tightened golden-lane workflow policy and drift handling in `.github/workflows/_policy-enforcer.yml`, `.github/workflows/execution-graph-reconciliation.yml`, `.github/workflows/post-ga-hardening-enforcement.yml`, `.github/workflows/merge-surge.yml`, `.github/workflows/control-plane-drift.yml` - Realigned governance state in `governance/pilot-ci-policy.json` and `governance/branch-protection.json` - Repaired deterministic reconciliation verification in `scripts/ci/verify_execution_graph_reconciliation.mjs` and `scripts/ci/drift-sentinel.mjs` ## Justification The repo needed one mergeable replacement lane that restores deterministic governance checks, folds the admissibility implementation into the golden path, and suppresses broken optional PR workflows that were blocking convergence without being canonical required checks. ## Impact - Canonical pilot checks remain `pr-gate / gate` and `drift-sentinel / enforce` - Merge-train branches no longer fail ordinary small-PR enforcement gates by construction - Optional broken workflows are narrowed to their owned surfaces so they stop contaminating this convergence lane and the immediate post-merge main push - Execution-graph reconciliation now accepts the repo’s canonical snake_case trust bundle fields ## Rollback Plan Revert commit `ce32b96c0f` from `merge-train/golden-main-20260331-final`, then rerun the prior golden-lane checks and restore the previous PR body. ## Backfill Plan After the lane is green, backfill the same workflow scoping and governance-contract repairs into any surviving PRs that still touch `.github/workflows/**` or governance surfaces, then close superseded PRs against `#22309`. ## Validation Evidence Local validation completed: - `node scripts/ci/drift-sentinel.mjs` - `ruby -e 'require "yaml"; ... YAML.load_file(...)'` over all edited workflow files - `jq . governance/pilot-ci-policy.json` - `jq . governance/branch-protection.json` - merge-marker scan over all edited files returned clean ## Notes - Live GitHub PR checks on the open PR set are being converged through this single branch instead of salvaging each broken lane independently. - I did not run the full local verification matrix in this session; this PR is intended to give the repo one clean convergence lane for CI and human review. - After this PR lands, the absorbed PRs should be closed as superseded. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com> Co-authored-by: Bot <bot@summit.ai> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Gemini CLI <gemini-cli@google.com>
|
Superseded by #22309, which is now merged into main. |
Pull request was closed
1 participant
Motivation
Description
governance/cogsec/human-simulation-guardrail.yamldefiningCOGSEC-HUMAN-SIM-001with deny rules forpersona_simulationand unboundedscrape, required controls (case_id,lawful_purpose, oversight), governed-exception handling, and rollback actions.governance/cogsec/redress_process.mdwith aHuman Simulation Appeals (COGSEC-HUMAN-SIM-001)lane describing immediate freeze, authority verification, artifact quarantine, and remediation outcomes.case_id,prompt_hash,policy_version,decision_trace_id) and a 30-day governed-exception expiry to support reversible, evidence-first operations.Testing
ruby -e "require 'yaml'; YAML.load_file('governance/cogsec/human-simulation-guardrail.yaml')"to validate the new YAML, which succeeded.import yaml) which failed in this environment due to missingPyYAML(ModuleNotFoundError), but Ruby-based validation confirms the file is syntactically valid.ruby_yaml_parseas an automated validation step and was recorded in the decision package.Codex Task