adversarial-scenario: un-defer the SHACL gate with negative fixtures + validator#121
Merged
Conversation
Main had documented the adversarial-scenario SHACL gate as intentionally deferred "so they can be introduced with negative fixtures and failure-output visibility." This lands the gate and satisfies that condition. Reconciles adversarial-scenario-semantics onto main (docs conflicts resolved: kept main's hyphenated "agentic-purple-team" spelling; took the branch's implemented-gate language in the purple-team spec) and brings the deferred gate in properly: - Domains/adversarial-scenario.ttl, shapes/adversarial-scenario.shacl.ttl, catalog/adversarial_scenario_registry.ttl, and the SCOPE-D positive example (from the branch). - NEW negative fixtures under examples/adversarial-scenario/invalid/ — each trips one SCOPE-D safety invariant: runtime-authority-claimed (scenario claims runtime authority), memory-writeback-allowed (MemoryEffect authorizes durable writeback), claim-promotion-finding (ClaimPromotionState promotes to a finding). - NEW scripts/validate_adversarial_scenario_examples.py + a validate-adversarial-scenario make target wired into `validate`, giving the gate failure-output visibility (positive conforms; every negative is rejected with its expected safety signal). make validate green (all 5 sub-validators, incl. adversarial-scenario); tools/validate_parsing.py green.
… gate The global SHACL gate rglobs all *.ttl under examples/ and expects everything to conform. The new adversarial-scenario negative fixtures (examples/adversarial-scenario/invalid/*.ttl) are deliberately non-conformant and are checked by their own lane validator (validate-adversarial-scenario), which expects them to fail. Exclude any file under an invalid/ directory from the global gate so negative .ttl fixtures don't break it (privacy negatives escaped only because they are .jsonld).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Un-defers the adversarial-scenario SHACL gate. Main documented it as intentionally deferred — "...introduced with negative fixtures and failure-output visibility." This lands the gate and meets that condition, rather than merging the bare gate.
Changes
adversarial-scenario-semanticsonto current main. Docs conflicts resolved: kept main's hyphenatedagentic-purple-teamspelling inmodule-map.md; took the branch's implemented-gate language in the purple-team spec (now true).Domains/adversarial-scenario.ttl,shapes/adversarial-scenario.shacl.ttl,catalog/adversarial_scenario_registry.ttl, and the SCOPE-D positive example.examples/adversarial-scenario/invalid/) — each trips one SCOPE-D safety invariant the gate enforces:runtime-authority-claimed— scenario assertsruntimeAuthority truememory-writeback-allowed—MemoryEffectauthorizes durable writebackclaim-promotion-finding—ClaimPromotionStatepromotes to a findingscripts/validate_adversarial_scenario_examples.py+validate-adversarial-scenariomake target wired intovalidate— the failure-output visibility the deferral asked for: the positive conforms, every negative is rejected with its expected safety signal.Verification
make validate→ all 5 sub-validators green, incl.Adversarial-scenario examples validated.tools/validate_parsing.pygreen. No conflict markers.