Chitin Moat
Enforce contextual agent permissions based on where a conversation happens.
Trust Levels
| Level | Name | Capabilities |
|---|
| 0 | INLINECODE0 | Full autonomy (1:1 with verified owner) |
| 1 |
trusted | Read/write, scoped tools, no secrets (private known group) |
| 2 |
guarded | Respond on @mention only, no tools (semi-public) |
| 3 |
observer | React only (public channels) |
| 4 |
silent | No interaction (blocked surfaces) |
Configuration
Create chitin-trust-channels.yaml in the agent workspace root:
CODEBLOCK0
Setup
- 1. Copy the example config: �INLINECODE6
- Edit with your channel IDs and owner identity
- Run the validator: �INLINECODE7
- Run the audit: �INLINECODE8
Permission Matrix
See references/permission-matrix.md for the full capability × trust-level matrix.
Scripts
- -
scripts/validate_config.py <config> — Validate a trust channels config file - INLINECODE11� — Audit current channel bindings against the config and report mismatches
- INLINECODE12� — Resolve the trust level for a specific channel ID
Integration with AGENTS.md
Add to the agent's workspace instructions:
CODEBLOCK1
几丁质护城河
基于对话发生位置强制执行上下文智能体权限。
信任等级
| 等级 | 名称 | 能力 |
|---|
| 0 | 主权级 | 完全自主(与已验证所有者一对一) |
| 1 |
可信级 | 读写、限定工具、无机密(私密已知群组) |
| 2 | 警戒级 | 仅在被@提及后回复,无工具(半公开) |
| 3 | 观察级 | 仅可回应(公开频道) |
| 4 | 静默级 | 无交互(被屏蔽界面) |
配置
在智能体工作区根目录创建 chitin-trust-channels.yaml:
yaml
version: 0.1
owner:
telegram: <所有者用户ID>
channels:
- id: telegram:<所有者用户ID>
level: sovereign
- id: discord:<服务器ID>
level: guarded
overrides:
- channel: owners-lounge
level: trusted
- channel: pro-*
level: trusted
- id: telegram:group:*
level: observer
defaults:
unknown_channel: observer
unknown_dm: guarded
设置
- 1. 复制示例配置:cp references/example-config.yaml chitin-trust-channels.yaml
- 编辑频道ID和所有者身份
- 运行验证器:python3 scripts/validateconfig.py chitin-trust-channels.yaml
- 运行审计:python3 scripts/auditchannels.py chitin-trust-channels.yaml
权限矩阵
完整的能力×信任等级矩阵请参见 references/permission-matrix.md。
脚本
- - scripts/validateconfig.py <配置> — 验证信任频道配置文件
- scripts/auditchannels.py <配置> — 审计当前频道绑定与配置的匹配情况并报告不匹配项
- scripts/resolve_channel.py <配置> <频道ID> — 解析特定频道ID的信任等级
与AGENTS.md集成
添加到智能体的工作区指令中:
markdown
几丁质护城河
在任何频道回复前,使用 chitin-trust-channels.yaml 解析信任等级。
将能力限制在解析后的等级范围内。切勿超出频道上限。
