Add OfficeAI-500 Sovereign Mesh demo: backend API, memory/capsule system, governance, audit and minimal frontend#2
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 572141a2c5
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| task.updated_at = datetime.utcnow() | ||
| db.commit() | ||
|
|
||
| payload = eval(task.payload) if isinstance(task.payload, str) else task.payload |
There was a problem hiding this comment.
Remove eval on task payload before processing
The dispatcher executes eval(task.payload) on data that originates from the request body (TaskInput.payload), so a client can submit a string expression and run arbitrary Python code on the server during /mesh/dispatch or /mesh/batch. This is a direct remote code execution path (for example, any non-empty expression is evaluated before governance), and should be replaced with safe parsing/serialization (e.g., JSON) rather than eval.
Useful? React with 👍 / 👎.
| candidate = eval(db.query(Task).filter(Task.type==c.task_type).first().payload) | ||
| ok = integrity_for(c.task_type, candidate, c.result) == c.integrity_hash |
There was a problem hiding this comment.
Verify capsules against the wrong payload source
Integrity verification is recomputed using the payload from the first task with the same task_type instead of the payload that produced this capsule. When multiple tasks share a type but differ in payload, /memory/{capsule_id}/verify can incorrectly mark an untampered capsule as invalid (verified=False), which corrupts memory reuse behavior and auditability.
Useful? React with 👍 / 👎.
Motivation
Description
OfficeAI-500-Sovereign-Mesh/backendwith models (Agent,Task,MemoryCapsule,AuditTrace) and SQLite integration via SQLAlchemy indatabase.pyandconfig.py.memory.pyincluding deterministic capsule ids viasha384and a secret salt inconfig.settings.governance.pywith rules forINVOICE,EMAIL,COMPLIANCE,PAYMENT_EXCEPTION, andFINANCIALtypes.mesh.pythat assigns/release agents, performs memory reuse, applies governance, writes memory capsules, and emits audit traces viaaudit.py.main.pyfor health, agents, tasks, mesh dispatch/batch, demo load/run_500, memory tamper/verify, review approve/reject, audit and metrics endpoints.OfficeAI-500-Sovereign-Mesh/frontendwith basic UI and API client insrc/api.jsto exercise the demo endpoints and review flow.demo.py) to seed 500 agents and produce a stable set of 500 tasks, and add tests underbackend/tests/test_officeai.pycovering health, dispatch, governance rules, demo runs, tamper verification, and metrics.requirements.txtand arun.pyto start the backend withuvicorn.Testing
pytest(tests inOfficeAI-500-Sovereign-Mesh/backend/tests/test_officeai.py) which exercise endpoints including/health,/mesh/dispatch, governance failure cases,/demo/run_500behavior, tamper/verify flow, and/metrics; tests passed.OfficeAI-500-Sovereign-Mesh/README.mdto validate increasedmemory_hitson a second run and tamper detection behavior.Codex Task