stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
92536208334f3663fff4a850b39823cf7b31f9a8
git.stella-ops.org/src/AdvisoryAI/StellaOps.AdvisoryAI/TASKS.md
master 9253620833
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
feat: Implement Policy Engine Evaluation Service and Cache with unit tests 
Temp commit to debug
2025-11-05 09:44:37 +02:00

6.5 KiB
Raw Blame History

Advisory AI Task Board — Epic 8

ID Status Owner(s) Depends on Description Exit Criteria
AIAI-31-001 DONE (2025-11-02) Advisory AI Guild CONCELIER-VULN-29-001, EXCITITOR-VULN-29-001 Implement structured and vector retrievers for advisories/VEX with paragraph anchors and citation metadata. Retrievers return deterministic chunks with source IDs/sections; unit tests cover CSAF/OSV/vendor formats.
AIAI-31-002 DONE (2025-11-04) Advisory AI Guild, SBOM Service Guild SBOM-VULN-29-001 Build SBOM context retriever (purl version timelines, dependency paths, env flags, blast radius estimator). Retriever returns paths/metrics under SLA; tests cover ecosystems.
AIAI-31-003 DONE (2025-11-04) Advisory AI Guild AIAI-31-001..002 Implement deterministic toolset (version comparators, range checks, dependency analysis, policy lookup) exposed via orchestrator. Tools validated with property tests; outputs cached; docs updated.
AIAI-31-004 DONE (2025-11-04) Advisory AI Guild AIAI-31-001..003, AUTH-VULN-29-001 Build orchestration pipeline for Summary/Conflict/Remediation tasks (prompt templates, tool calls, token budgets, caching). Pipeline executes tasks deterministically; caches keyed by tuple+policy; integration tests cover tasks.
AIAI-31-004A DONE (2025-11-04) Advisory AI Guild, Platform Guild AIAI-31-004, AIAI-31-002 Wire AdvisoryPipelineOrchestrator into WebService/Worker, expose API/queue contracts, emit metrics, and stand up cache stub. API returns plan metadata; worker executes queue message; metrics recorded; doc updated.
AIAI-31-004B TODO Advisory AI Guild, Security Guild AIAI-31-004A, DOCS-AIAI-31-003, AUTH-AIAI-31-004 Implement prompt assembler, guardrail plumbing, cache persistence, DSSE provenance; add golden outputs. Deterministic outputs cached; guardrails enforced; tests cover prompt assembly + caching.
AIAI-31-004C TODO Advisory AI Guild, CLI Guild, Docs Guild AIAI-31-004B, CLI-AIAI-31-003 Deliver CLI stella advise run <task> command, renderers, documentation updates, and CLI golden tests. CLI command produces deterministic output; docs published; smoke run recorded.
AIAI-31-005 DONE (2025-11-04) Advisory AI Guild, Security Guild AIAI-31-004 Implement guardrails (redaction, injection defense, output validation, citation enforcement) and fail-safe handling. Guardrails block adversarial inputs; output validator enforces schemas; security tests pass.
AIAI-31-006 DONE (2025-11-04) Advisory AI Guild AIAI-31-004..005 Expose REST API endpoints (/advisory/ai/*) with RBAC, rate limits, OpenAPI schemas, and batching support. Endpoints deployed with schema validation; rate limits enforced; integration tests cover error codes.
AIAI-31-007 TODO Advisory AI Guild, Observability Guild AIAI-31-004..006 Instrument metrics (advisory_ai_latency, guardrail_blocks, validation_failures, citation_coverage), logs, and traces; publish dashboards/alerts. Telemetry live; dashboards approved; alerts configured.
AIAI-31-008 TODO Advisory AI Guild, DevOps Guild AIAI-31-006..007 Package inference on-prem container, remote inference toggle, Helm/Compose manifests, scaling guidance, offline kit instructions. Deployment docs merged; smoke deploy executed; offline kit updated; feature flags documented.
AIAI-31-010 DONE (2025-11-02) Advisory AI Guild CONCELIER-VULN-29-001, EXCITITOR-VULN-29-001 Implement Concelier advisory raw document provider mapping CSAF/OSV payloads into structured chunks for retrieval. Provider resolves content format, preserves metadata, and passes unit tests covering CSAF/OSV cases.
AIAI-31-011 DONE (2025-11-02) Advisory AI Guild EXCITITOR-LNM-21-201, EXCITITOR-CORE-AOC-19-002 Implement Excititor VEX document provider to surface structured VEX statements for vector retrieval. Provider returns conflict-aware VEX chunks with deterministic metadata and tests for representative statements.
AIAI-31-009 TODO Advisory AI Guild, QA Guild AIAI-31-001..006 Develop unit/golden/property/perf tests, injection harness, and regression suite; ensure determinism with seeded caches. Test suite green; golden outputs stored; injection tests pass; perf targets documented.

2025-11-02: AIAI-31-002 SBOM context domain models finalized with limiter guards; retriever tests now cover flag toggles and path dedupe. Service client integration still pending with SBOM guild. 2025-11-04: AIAI-31-002 Introduced SbomContextHttpClient, DI helper (AddSbomContext), and HTTP-mapping tests; retriever wired to typed client with tenant header support and deterministic query construction.

2025-11-02: AIAI-31-003 moved to DOING starting deterministic tooling surface (version comparators & dependency analysis). Added semantic-version + EVR comparators and published toolset interface; awaiting downstream wiring. 2025-11-04: AIAI-31-003 completed toolset wired via DI/orchestrator, SBOM context client available, and unit coverage for compare/range/dependency analysis extended.

2025-11-02: AIAI-31-004 started orchestration pipeline work begin designing summary/conflict/remediation workflow (deterministic sequence + cache keys). 2025-11-04: AIAI-31-004 DONE orchestrator composes structured/vector/SBOM context with stable cache keys and metadata (env flags, blast radius, dependency metrics); unit coverage via AdvisoryPipelineOrchestratorTests keeps determinism enforced.

2025-11-02: AIAI-31-004 orchestration prerequisites documented in docs/modules/advisory-ai/orchestration-pipeline.md (task breakdown 004A/004B/004C). 2025-11-04: AIAI-31-004A DONE WebService /v1/advisory-ai/pipeline/* + batch endpoints enqueue plans with rate limiting & scope headers, Worker drains filesystem queue, metrics/logging added, docs updated. Tests: dotnet test src/AdvisoryAI/__Tests/StellaOps.AdvisoryAI.Tests/StellaOps.AdvisoryAI.Tests.csproj --no-restore.

2025-11-04: AIAI-31-005 DONE guardrail pipeline redacts secrets, enforces citation/injection policies, emits block counters, and tests (AdvisoryGuardrailPipelineTests) cover redaction + citation validation.

2025-11-04: AIAI-31-006 DONE REST endpoints enforce header scopes, apply token bucket rate limiting, sanitize prompts via guardrails, and queue execution with cached metadata. Tests executed via dotnet test src/AdvisoryAI/__Tests/StellaOps.AdvisoryAI.Tests/StellaOps.AdvisoryAI.Tests.csproj --no-restore.