Skip to content

feat(guardrails): emit a first-class audit event for platform-overlay tightenings + per-field layer attribution #286

Description

@initializ-mk

Follow-up from the #285 review (finding #4).

Today applyPlatformGuardrailsOverlay logs the overlay's tightenings via logger.Info (the ops/stdout log per FWS-9), not the audit NDJSON pipeline. Every comparable platform-policy decision has a first-class audit event — policy_loaded, policy_violation_at_build_time, channel_denied_by_policy. The guardrails overlay should be SIEM-visible the same way.

Ask

  • Emit a guardrails_overlay_applied audit event (or extend policy_loaded) carrying the tightened fields and the contributing layers, through the same AuditLogger BuildGuardrailChecker already receives.
  • Per-field layer attribution: the current log carries the folded layers list, but which layer tightened which field is lost by pre-folding. The platform-policy convention is "first layer to deny takes credit" (see FirstLayerDenyingTool etc.). Fold with attribution so each tightening names its originating layer.

Acceptance

  • A structured audit event fires when the overlay tightens anything.
  • Each tightening is attributed to the layer (system/user/workspace) that caused it.
  • Test asserts the event shape + attribution.

Related: #284, PR #285, forge-core/security/platform_policy_layers.go (attribution precedent).

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestforge-cliAffects the forge-cli command-line tool (init, run, build, mcp commands)securitySecurity vulnerability fixes

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions