Follow-up from the #285 review (finding #4).
Today applyPlatformGuardrailsOverlay logs the overlay's tightenings via logger.Info (the ops/stdout log per FWS-9), not the audit NDJSON pipeline. Every comparable platform-policy decision has a first-class audit event — policy_loaded, policy_violation_at_build_time, channel_denied_by_policy. The guardrails overlay should be SIEM-visible the same way.
Ask
- Emit a
guardrails_overlay_applied audit event (or extend policy_loaded) carrying the tightened fields and the contributing layers, through the same AuditLogger BuildGuardrailChecker already receives.
- Per-field layer attribution: the current log carries the folded
layers list, but which layer tightened which field is lost by pre-folding. The platform-policy convention is "first layer to deny takes credit" (see FirstLayerDenyingTool etc.). Fold with attribution so each tightening names its originating layer.
Acceptance
- A structured audit event fires when the overlay tightens anything.
- Each tightening is attributed to the layer (system/user/workspace) that caused it.
- Test asserts the event shape + attribution.
Related: #284, PR #285, forge-core/security/platform_policy_layers.go (attribution precedent).
Follow-up from the #285 review (finding #4).
Today
applyPlatformGuardrailsOverlaylogs the overlay's tightenings vialogger.Info(the ops/stdout log per FWS-9), not the audit NDJSON pipeline. Every comparable platform-policy decision has a first-class audit event —policy_loaded,policy_violation_at_build_time,channel_denied_by_policy. The guardrails overlay should be SIEM-visible the same way.Ask
guardrails_overlay_appliedaudit event (or extendpolicy_loaded) carrying the tightened fields and the contributing layers, through the sameAuditLoggerBuildGuardrailCheckeralready receives.layerslist, but which layer tightened which field is lost by pre-folding. The platform-policy convention is "first layer to deny takes credit" (seeFirstLayerDenyingTooletc.). Fold with attribution so each tightening names its originating layer.Acceptance
Related: #284, PR #285,
forge-core/security/platform_policy_layers.go(attribution precedent).