c/ietf-draft-analyzer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: proposal intake pipeline with AI-powered generation on /proposals/new

Browse Source 
Add full proposal system: DB schema (proposals + proposal_gaps tables),
CLI `ietf intake` command, and web UI with Quick Generate on /proposals/new.
The new page merges AI intake (paste URL/text → Haiku generates multiple
proposals auto-linked to gaps) with manual form entry. Generated proposals
are clickable cards that fill the editor below for refinement.

Uses claude_model_cheap (Haiku) for cost-efficient web intake. Includes
CaML-inspired draft proposals from arXiv:2503.18813 analysis.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Christian Nennemann
2026-03-09 03:15:11 +01:00
parent ae5e5f8cbf
commit 5ec7410b89
20 changed files with 3316 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
data/reports/dev-journal.md
View File

@@ -4,6 +4,25 @@
---
### 2026-03-09 SESSION — CaML-Inspired IETF Draft Proposals
**What**: Created 6 detailed IETF Internet-Draft proposals inspired by Google DeepMind's CaML paper ("Defeating Prompt Injections by Design", arXiv:2503.18813). Cross-referenced all 12 gaps from our analysis to identify where CaML's concepts map to missing standards.
**Why**: CaML introduces capability-based security for LLM agents — a fundamentally new approach that applies software security principles (CFI, capabilities, information flow control) to AI agent systems. The paper's concepts directly address 11 of our 12 identified gaps, but require multiple distinct standardization efforts.
**Result**: 7 files in `data/reports/draft-proposals/camel-inspired/` (1,639 lines total):
- `00-index.md` — Overview with dependency graph, gap coverage matrix
- `01-capability-security-policies.md` — Wire format for capability metadata + policy expressions
- `02-control-data-flow-integrity.md` — CFG/DFG specs, emergency halt protocol
- `03-data-provenance-tracking.md` — Per-value provenance records, privacy-preserving disclosure
- `04-security-policy-federation.md` — Cross-org policy negotiation + liability attribution
- `05-privileged-quarantined-execution.md` — Dual-LLM role contracts + behavioral specs
- `06-side-channel-mitigation.md` — BCP for agent-specific side-channel risks
**Surprise**: CaML's Section 6.4 ("when data flow becomes control flow") describes an attack pattern analogous to Return-Oriented Programming — a concept from 2007 applied to AI agents. The convergence of traditional security concepts and AI safety is deeper than expected.
---
### 2026-03-08 ANALYST — Pipeline run: authors + gaps refresh
**What**: Ran the processing pipeline on 474-draft corpus. Fetched authors for 102 previously-unlinked drafts (113 were missing, 11 had Datatracker issues). Re-ran gap analysis with --refresh on the full corpus. Checked idea extraction status.