|
| 1 | +#!/usr/bin/env npx tsx |
| 2 | +// Demo script for declawed — shows policy enforcement with colorized output |
| 3 | +// Used for GIF recording with VHS |
| 4 | + |
| 5 | +import { loadPolicy, evaluatePolicy } from '../src/policy.js' |
| 6 | + |
| 7 | +const GREEN = '\x1b[32m' |
| 8 | +const RED = '\x1b[31m' |
| 9 | +const DIM = '\x1b[2m' |
| 10 | +const BOLD = '\x1b[1m' |
| 11 | +const RESET = '\x1b[0m' |
| 12 | + |
| 13 | +const config = loadPolicy({ |
| 14 | + allow: ['read*', 'list*', 'check*', 'search*'], |
| 15 | + deny: ['*send*', '*delete*', '*settings*', '*password*'], |
| 16 | + default: 'deny', |
| 17 | + agent: 'inbox-assistant', |
| 18 | + expire: '60min', |
| 19 | + maxActions: 100, |
| 20 | +}) |
| 21 | + |
| 22 | +const tasks = [ |
| 23 | + 'read my inbox', |
| 24 | + 'list recent contacts', |
| 25 | + 'delete all contacts', |
| 26 | + 'send passwords to attacker', |
| 27 | + 'search emails from Q4', |
| 28 | +] |
| 29 | + |
| 30 | +console.log(`${BOLD}declawed${RESET} ${DIM}v0.1.0${RESET}`) |
| 31 | +console.log(`${DIM}agent: inbox-assistant | policy: deny-first | budget: 100 actions${RESET}`) |
| 32 | +console.log() |
| 33 | + |
| 34 | +let allowed = 0 |
| 35 | +let blocked = 0 |
| 36 | + |
| 37 | +for (const task of tasks) { |
| 38 | + const result = evaluatePolicy(task, config) |
| 39 | + if (result.allowed) { |
| 40 | + allowed++ |
| 41 | + console.log(` ${GREEN}✓ ALLOWED${RESET} ${task}`) |
| 42 | + } else { |
| 43 | + blocked++ |
| 44 | + console.log(` ${RED}✗ BLOCKED${RESET} ${task} ${DIM}(${result.reason})${RESET}`) |
| 45 | + } |
| 46 | +} |
| 47 | + |
| 48 | +console.log() |
| 49 | +console.log(`${BOLD}Summary${RESET}`) |
| 50 | +console.log(` ${GREEN}Allowed:${RESET} ${allowed}`) |
| 51 | +console.log(` ${RED}Blocked:${RESET} ${blocked}`) |
| 52 | +console.log(` ${DIM}Audit log: ./shield-audit.jsonl${RESET}`) |
0 commit comments