6c393d8069
New securityRegistry (separate from companionRegistry) with two read-only, secret-free tools for the Yerin security agent: - audit_log: query the redacted audit trail by actor_kind/actor_id - agent_inventory: list agents + capabilities/scopes (explicit projection, never SELECT *, no token material) Follows the existing createRegistry() pattern. Design + wiring roadmap in docs/yerin-security-agent.md. Not yet seeded/exposed over MCP (left for review). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
12 lines
632 B
JavaScript
12 lines
632 B
JavaScript
import { createRegistry } from '../../registry.js';
|
|
import { auditLogTool } from './audit_log.js';
|
|
import { agentInventoryTool } from './agent_inventory.js';
|
|
|
|
// Yerin's security toolset — read-only observability, kept in its own registry
|
|
// so the security agent gets security tools (not Dross's propose_change). A
|
|
// future MCP server can expose this registry the same way companion-stdio.js
|
|
// exposes companionRegistry. Roadmap for further tools: see docs/yerin-security-agent.md
|
|
export const securityRegistry = createRegistry();
|
|
securityRegistry.registerTool(auditLogTool);
|
|
securityRegistry.registerTool(agentInventoryTool);
|