Skip to content

SECURITY-169-API-08: harden EQ agent runtime safety and cost controls#2808

Merged
fermatmind merged 1 commit into
mainfrom
codex/security-169-api-08-harden-eq-agent-runtime-safety-and-cost-controls
Jul 6, 2026
Merged

SECURITY-169-API-08: harden EQ agent runtime safety and cost controls#2808
fermatmind merged 1 commit into
mainfrom
codex/security-169-api-08-harden-eq-agent-runtime-safety-and-cost-controls

Conversation

@fermatmind

Copy link
Copy Markdown
Owner

What changed

  • Skip the EQ LLM provider when forbidden claims are detected or the intent context requires a boundary-only response.
  • Add deterministic fallback phrase coverage for EQ forbidden claims that must not depend only on compiled content-pack wording.
  • Add per-attempt EQ provider throttling and clamp OpenAI max output tokens through runtime config.
  • Suppress eq_journey_feedback_submitted analytics unless consent-to-store is true and the journey state persisted.
  • Update the SECURITY-169 API08 train ledger with validation and scope evidence.

Why

  • API08 closes the EQ agent runtime safety/cost scope by keeping forbidden-claim and unavailable-plan responses deterministic, bounding provider spend, and preventing no-consent feedback from entering analytics.

Validation

  • php -l backend/app/Services/Eq/EqAgentRuntimeResponder.php
  • php -l backend/app/Services/Eq/EqAgentProviderManager.php
  • php -l backend/app/Services/Eq/OpenAiEqAgentProviderClient.php
  • php -l backend/app/Http/Controllers/API/V0_3/AttemptReadController.php
  • php -l backend/app/Services/Analytics/EventRecorder.php
  • php -l backend/config/ai.php
  • cd backend && ./vendor/bin/pint app/Services/Eq/EqAgentRuntimeResponder.php app/Services/Eq/EqAgentProviderManager.php app/Services/Eq/OpenAiEqAgentProviderClient.php app/Http/Controllers/API/V0_3/AttemptReadController.php app/Services/Analytics/EventRecorder.php config/ai.php
  • cd backend && APP_ENV=testing DB_CONNECTION=sqlite DB_DATABASE=:memory: php artisan test --filter=EqAgentContextApiTest --no-ansi
  • cd backend && APP_ENV=testing DB_CONNECTION=sqlite DB_DATABASE=:memory: php artisan test --filter=Eq60JourneyStateContractTest --no-ansi
  • cd backend && php artisan route:list --no-ansi
  • cd backend && APP_ENV=testing DB_CONNECTION=sqlite DB_DATABASE=/tmp/fap-api-security-169-api-08.sqlite php artisan migrate --force --no-ansi
  • cd backend && bash scripts/ci_verify_mbti.sh
  • python3 -m json.tool docs/codex/pr-train-state.json >/dev/null
  • ruby -e "require 'yaml'; YAML.load_file('docs/codex/pr-train.yaml'); puts 'yaml ok'"
  • git diff --check

Deferred items

  • No staging deploy wait.
  • No manual deploy.
  • No production deploy.
  • No CMS, search, sitemap, llms, canonical, noindex, JSON-LD, or production import work.
  • External docs-only main advances were rebased over and recorded in the ledger as outside API08 scope.

@chatgpt-codex-connector

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

@fermatmind fermatmind force-pushed the codex/security-169-api-08-harden-eq-agent-runtime-safety-and-cost-controls branch from aa034b9 to f4ee6c2 Compare July 6, 2026 08:27
@fermatmind fermatmind merged commit bd69039 into main Jul 6, 2026
15 checks passed
@fermatmind fermatmind deleted the codex/security-169-api-08-harden-eq-agent-runtime-safety-and-cost-controls branch July 6, 2026 08:32
fermatmind added a commit that referenced this pull request Jul 6, 2026
Close SECURITY-169-API-08 train ledger after implementation PR #2808 merged and post-merge validation completed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant