# AGENTS.md

Overview
- This repository implements a production-ready, cross-organization IR orchestration MVP called GuardRailOps. It targets offline/partitioned networks with eventual reconciliation and auditable governance.

Tech stack (Python-based MVP)
- Core: Python 3.11+ (dataclasses, typing, simple cryptographic placeholders)
- Packaging: pyproject.toml with setuptools
- Tests: pytest
- Adapters: minimal SIEM/EDR adapters scaffolds

Architecture components
- LocalIRTask, SharedTelemetry, PlanDelta: core DSL primitives implemented as dataclasses
- DeltaSyncEngine: simple offline delta propagation and deterministic replay
- GovernanceLedger: append-only, cryptographically-signed entries (simulated)
- GoCRegistry: skeleton registry for Graph-of-Contracts, to be extended
- Adapters: SIEMAdapter, EDRAdapter with TLS mutual authentication hooks (simulated)

Development and testing workflow
- Run tests with test.sh (located in root)
- Packaging: build w/ python -m build via test.sh
- Use AGENTS.md guidelines to extend; avoid breaking the contract DSL unless explicitly required

Contribution rules
- Minimal, atomic changes preferred
- Add tests for new features; ensure all tests pass before merging
- Do not push to remote unless explicitly requested

- Notes
- This is a multi-organization, highway-to-production project. The MVP emphasizes determinism, data locality, and governance transparency.
- Architecture augmentation for GuardRailOps MVP (federated IR):
- 1) Governance scaffolds: GovernanceLedger, PrivacyBudget, and a minimal AuditLog flow for provenance.
- 2) Graph-of-Contracts skeleton: GoCRegistry for contract/adaptor metadata with a tiny in-memory store.
- 3) Adapters marketplace: AdapterMarketplace container to register and discover adapters (e.g., SIEM/EDR).
- 4) Existing core primitives (LocalIRTask, SharedTelemetry, PlanDelta) remain the core DSL, extended for privacy-preserving telemetry and deterministic delta-reconciliation.