Hartmut
2a005794e7
Prompt Injection Detection (EGAI 4.6.3.2): - 12-pattern regex scanner on user messages before AI processing - Logs warning + creates SecurityAlert audit entry on detection - Reinforces system prompt instead of blocking (non-breaking) AI Output Content Filter (EGAI 4.3.2.1): - Scans AI responses for leaked credentials/secrets - Auto-redacts passwords, API keys, bearer tokens, private keys - Logs warning + SecurityAlert audit when redaction occurs AI Tool Execution Audit Trail (IAAI 3.6.35): - Every AI tool call creates AiToolExecution audit entry - Logs tool name, parameters, userId, source: "ai" Data Classification Labels (EGAI 4.2): - DATA_CLASSIFICATION constant mapping all fields to HC/C/IR/U - Exported from @capakraken/shared All changes strictly additive — no existing logic modified. Co-Authored-By: claude-flow <ruv@ruv.net>
33 lines
681 B
TypeScript
33 lines
681 B
TypeScript
/**
|
|
* Accenture Data Classification labels for CapaKraken fields.
|
|
* HC = Highly Confidential, C = Confidential, IR = Internal/Restricted, U = Unrestricted
|
|
*
|
|
* EGAI 4.2 / Data Classification Standard
|
|
*/
|
|
export const DATA_CLASSIFICATION = {
|
|
// Highly Confidential
|
|
passwordHash: "HC",
|
|
totpSecret: "HC",
|
|
apiKeys: "HC",
|
|
|
|
// Confidential
|
|
lcrCents: "C",
|
|
ucrCents: "C",
|
|
budgetCents: "C",
|
|
chargeabilityTarget: "C",
|
|
email: "C",
|
|
|
|
// Internal/Restricted
|
|
displayName: "IR",
|
|
eid: "IR",
|
|
chapter: "IR",
|
|
skills: "IR",
|
|
|
|
// Unrestricted
|
|
projectName: "U",
|
|
shortCode: "U",
|
|
roleName: "U",
|
|
} as const;
|
|
|
|
export type DataClassification = "HC" | "C" | "IR" | "U";
|