ecosystem-security
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseSecurity Ecosystem
安全生态系统
This ecosystem ensures the security of the Agent Platform and all skills within it across three layers: pre-deployment audit, runtime protection, and continuous adaptive defense. Two core skills complement each other — one audits the skills, the other inspects the messages.
该生态系统通过三层机制保障Agent平台及平台内所有Skill的安全:部署前审计、运行时防护和持续自适应防御。两个核心Skill相辅相成——一个负责审计Skill,另一个负责检查消息。
Ecosystem Map
生态系统架构图
text
PRE-DEPLOYMENT RUNTIME LEARNING
────────────── ───────────── ──────────
security-auditor → adaptive-guard → Rule engine
│ │ update
│ Audit │ K0-K4 │
│ Trust Score │ Gradual filter │ async
│ Guard rules │ LLM Judge │
▼ ▼ ▼
security-report.md guard-decision.json learned-rules.md
trust-score.md incident-report.md guard-metrics.mdtext
PRE-DEPLOYMENT RUNTIME LEARNING
────────────── ───────────── ──────────
security-auditor → adaptive-guard → Rule engine
│ │ update
│ Audit │ K0-K4 │
│ Trust Score │ Gradual filter │ async
│ Guard rules │ LLM Judge │
▼ ▼ ▼
security-report.md guard-decision.json learned-rules.md
trust-score.md incident-report.md guard-metrics.mdSkill Catalog
Skill目录
🔍 security-auditor
🔍 security-auditor
What it does: Statically analyzes a SKILL.md file, detects security vulnerabilities, assigns a trust score, and generates runtime guard rules.
Modes: Audit (static analysis) · Trust (authorization mapping) · Guard rule generation
Input: A SKILL.md file or the entire ecosystem directory
Output: security-report.md · trust-score.md · runtime-violations.md
Triggers: When a new skill is written, updated, or prior to production deployment
Next skill: adaptive-guard (receives the generated guard rules)
Dependency: None — starting point
功能: 对SKILL.md文件进行静态分析,检测安全漏洞,分配信任分数,并生成运行时防护规则。
模式: 审计(静态分析)· 信任(授权映射)· 防护规则生成
输入: 单个SKILL.md文件或整个生态系统目录
输出: security-report.md · trust-score.md · runtime-violations.md
触发条件: 当新Skill编写完成、更新时,或生产部署前
后续Skill: adaptive-guard(接收生成的防护规则)
依赖: 无——为起始节点
🛡️ adaptive-guard
🛡️ adaptive-guard
What it does: Passes every incoming message through a 5-tier filter. Gradually deepens from K0 (cache) to K4 (human approval). Synthesizes generalized new rules from every detected attack. Adds less than 50ms latency to the main workflow.
Modes: Realtime Guard · Learning Engine · Performance Monitoring
Input: Incoming message + user profile + active rule set
Output: guard-decision.json · learned-rules.md · guard-metrics.md
Triggers: On every incoming message (automatic) · On attack detection
Dependency: Guard rules generated by security-auditor (optional, operates with default rules if absent)
功能: 将每条传入消息通过5层过滤器处理。从K0(缓存)到K4(人工审批)逐步深化检测。从每次检测到的攻击中合成通用新规则。对主工作流的延迟增加不超过50毫秒。
模式: 实时防护 · 学习引擎 · 性能监控
输入: 传入消息 + 用户配置文件 + 活跃规则集
输出: guard-decision.json · learned-rules.md · guard-metrics.md
触发条件: 每条消息传入时(自动触发)· 检测到攻击时
依赖: security-auditor生成的防护规则(可选,若无则使用默认规则运行)
Skill Relationship Matrix
Skill关系矩阵
| security-auditor | adaptive-guard | |
|---|---|---|
| security-auditor | — | Feeds Guard rules |
| adaptive-guard | Sends rule updates | — |
Data Flow:
text
security-auditor audit output
→ trust-score.md (used by adaptive-guard as trust threshold)
→ security-report.md (added to adaptive-guard K1 rules)
adaptive-guard attack detection
→ incident-report.md (appended to security-auditor's next audit)
→ learned-rules.md (feedback loop to K1 static rules)| security-auditor | adaptive-guard | |
|---|---|---|
| security-auditor | — | 提供防护规则 |
| adaptive-guard | 发送规则更新 | — |
数据流:
text
security-auditor audit output
→ trust-score.md (used by adaptive-guard as trust threshold)
→ security-report.md (added to adaptive-guard K1 rules)
adaptive-guard attack detection
→ incident-report.md (appended to security-auditor's next audit)
→ learned-rules.md (feedback loop to K1 static rules)Supported Platforms
支持的平台
| Platform | security-auditor | adaptive-guard |
|---|---|---|
| Claude Code / claude.ai | ✅ Full | ✅ Full |
| Telegram Agent | ✅ Audit | ✅ K0-K3 |
| WhatsApp Agent | ✅ Audit | ✅ K0-K3 |
| CI/CD Pipeline | ✅ Audit | ⚠️ K0-K1 (speed-focused) |
| Local Dev | ✅ Full | ✅ K0-K2 (ML optional) |
| 平台 | security-auditor | adaptive-guard |
|---|---|---|
| Claude Code / claude.ai | ✅ 完全支持 | ✅ 完全支持 |
| Telegram Agent | ✅ 审计功能 | ✅ K0-K3 |
| WhatsApp Agent | ✅ 审计功能 | ✅ K0-K3 |
| CI/CD Pipeline | ✅ 审计功能 | ⚠️ K0-K1(侧重速度) |
| Local Dev | ✅ 完全支持 | ✅ K0-K2(ML可选) |
Ecosystem Trigger Conditions
生态系统触发条件
text
/security-ecosystem → Full ecosystem
@ecosystem-security → Triggers the orchestrator
Automatic triggers:
When a new skill is added → security-auditor (Audit + Trust)
When a message arrives → adaptive-guard (always)
When a skill is updated → security-auditor (re-audit)
When an attack is detected → Both (incident + rule update)text
/security-ecosystem → Full ecosystem
@ecosystem-security → Triggers the orchestrator
Automatic triggers:
When a new skill is added → security-auditor (Audit + Trust)
When a message arrives → adaptive-guard (always)
When a skill is updated → security-auditor (re-audit)
When an attack is detected → Both (incident + rule update)Ecosystem Metadata
生态系统元数据
yaml
start_point: security-auditor
runtime_skill: adaptive-guard
always_active: [adaptive-guard]
pre_deploy_mandatory: [security-auditor]
can_run_parallel: false # dependent on each other, sequential
security_level: critical
performance_impact: low # 50ms targetyaml
start_point: security-auditor
runtime_skill: adaptive-guard
always_active: [adaptive-guard]
pre_deploy_mandatory: [security-auditor]
can_run_parallel: false # dependent on each other, sequential
security_level: critical
performance_impact: low # 50ms targetExpansion Roadmap
扩展路线图
Skills to be added:
| Skill | Priority | Status |
|---|---|---|
| skill-integrity-checker | High | Planned |
| content-sanitizer | High | Planned |
| tool-call-auditor | Medium | Planned |
| behavioral-baseline | Medium | Research |
| chain-shadow-detector | Low | Research |
待添加的Skill:
| Skill | 优先级 | 状态 |
|---|---|---|
| skill-integrity-checker | 高 | 规划中 |
| content-sanitizer | 高 | 规划中 |
| tool-call-auditor | 中 | 规划中 |
| behavioral-baseline | 中 | 研究中 |
| chain-shadow-detector | 低 | 研究中 |