will/flynn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0220ec10ddf258e77b04bf0793bc533350ffb4e0
flynn/src/audit/types.ts
T
William Valentin 735f14d0b1 feat(security): add /elevate command and audit events
2026-02-15 16:56:49 -08:00

227 lines
5.2 KiB
TypeScript
Raw Blame History

export type AuditLevel = 'debug' | 'info' | 'warn' | 'error';
export type AuditEventType =
// Tool execution
| 'tool.start' | 'tool.success' | 'tool.error' | 'tool.denied' | 'tool.approval'
// Security
| 'security.elevation.enabled' | 'security.elevation.disabled' | 'security.elevation.expired'
// Skills scan
| 'skills.scan.pass' | 'skills.scan.fail'
// Skills installer
| 'skills.installer.execution_blocked' | 'skills.installer.command_result'
// Session lifecycle
| 'session.create' | 'session.message' | 'session.delete' | 'session.transfer' | 'session.compact'
// Automation - Cron
| 'cron.trigger' | 'cron.sent' | 'cron.add' | 'cron.remove'
// Automation - Webhook
| 'webhook.receive' | 'webhook.sent' | 'webhook.not_found' | 'webhook.denied'
// Automation - Heartbeat
| 'heartbeat.cycle' | 'heartbeat.check' | 'heartbeat.fail' | 'heartbeat.recover'
// Automation - Gmail
| 'gmail.poll' | 'gmail.new_email' | 'gmail.error'
// System events
| 'system.start' | 'system.stop' | 'system.config';
export interface AuditEvent {
timestamp: number;
level: AuditLevel;
event_type: AuditEventType;
event: Record<string, unknown>;
}
export interface AuditConfig {
enabled: boolean;
path: string;
max_size_mb: number;
keep_days: number;
levels: {
tools: AuditLevel;
sessions: AuditLevel;
automation: AuditLevel;
};
}
export interface AuditQuery {
start_time?: number;
end_time?: number;
event_types?: AuditEventType[];
session_id?: string;
tool_name?: string;
level?: AuditLevel;
}
export interface ToolStartEvent {
tool_name: string;
tool_args: unknown;
execution_id?: string;
execution_environment?: 'host' | 'sandbox';
skill_name?: string;
redactions_applied?: number;
session_id?: string;
channel?: string;
sender?: string;
agent_tier?: string;
}
export interface ToolSuccessEvent {
tool_name: string;
result: { success: boolean; output: string; error?: string };
duration_ms: number;
execution_id?: string;
execution_environment?: 'host' | 'sandbox';
skill_name?: string;
redactions_applied?: number;
session_id?: string;
}
export interface ToolErrorEvent {
tool_name: string;
error: string;
duration_ms: number;
reason?: string;
execution_id?: string;
execution_environment?: 'host' | 'sandbox';
skill_name?: string;
redactions_applied?: number;
session_id?: string;
}
export interface ToolDeniedEvent {
tool_name: string;
reason: string;
execution_id?: string;
execution_environment?: 'host' | 'sandbox';
skill_name?: string;
redactions_applied?: number;
session_id?: string;
denial_type: 'policy' | 'hook' | 'not_found' | 'autonomy_override';
}
export interface ToolApprovalEvent {
tool_name: string;
approved: boolean;
reason?: string;
execution_id?: string;
execution_environment?: 'host' | 'sandbox';
skill_name?: string;
redactions_applied?: number;
session_id?: string;
}
export interface SkillsInstallerExecutionBlockedEvent {
skill_name: string;
phase: 'install' | 'execute';
execution_requested: boolean;
execution_enabled: boolean;
reason: string;
attempted_command_count: number;
}
export interface SkillsInstallerCommandResultEvent {
skill_name: string;
phase: 'install' | 'execute';
installer_type: string;
command: string;
status: 'blocked' | 'skipped' | 'succeeded' | 'failed';
reason: string;
}
export interface SkillsScanEvent {
skill_name: string;
tier: 'bundled' | 'managed' | 'workspace' | 'unknown';
phase: 'load' | 'install';
ok: boolean;
error_count: number;
warn_count: number;
issue_codes: string[];
}
export interface SecurityElevationEvent {
session_id: string;
channel: string;
sender: string;
elevation_id: string;
until_ms?: number;
ttl_ms?: number;
reason?: string;
}
export interface SessionCreateEvent {
session_id: string;
frontend: string;
user_id: string;
}
export interface SessionMessageEvent {
session_id: string;
role: 'user' | 'assistant';
content_length: number;
}
export interface SessionDeleteEvent {
session_id: string;
message_count: number;
}
export interface SessionCompactEvent {
session_id: string;
messages_before: number;
messages_after: number;
tokens_before: number;
tokens_after: number;
}
export interface CronTriggerEvent {
job_name: string;
schedule: string;
message: string;
output_channel: string;
output_peer: string;
}
export interface WebhookReceiveEvent {
webhook_name: string;
body: string;
signature_verified: boolean;
output_channel: string;
output_peer: string;
}
export interface HeartbeatCycleEvent {
interval_ms: number;
checks: string[];
healthy: boolean;
consecutive_failures: number;
}
export interface HeartbeatCheckEvent {
check_name: string;
healthy: boolean;
message: string;
duration_ms: number;
}
export interface HeartbeatFailEvent {
checks_failed: string[];
consecutive_failures: number;
threshold: number;
}
export interface HeartbeatRecoverEvent {
consecutive_failures_before: number;
}
export interface GmailPollEvent {
mode: 'watch' | 'poll';
interval_ms?: number;
emails_processed: number;
new_emails: number;
}
export interface GmailNewEmailEvent {
email_id: string;
from: string;
subject: string;
labels: string[];
}
Reference in New Issue View Git Blame Copy Permalink