Commit 8d9167f
committed
feat(prover): add native Rust policy prover with Z3 solver
Add openshell-prover crate implementing formal policy verification
using Z3 SMT solving. Answers two questions about any sandbox policy:
"Can data leave?" and "Can the agent write despite read-only intent?"
Native Rust — no Python subprocess, no PYTHONPATH, no uv dependency.
Z3 bundled via z3-sys for self-contained builds.
Replaces the Python prototype from #703.
Closes #699
Signed-off-by: Alexander Watson <zredlined@gmail.com>1 parent dd8dd8a commit 8d9167f
File tree
29 files changed
+3137
-0
lines changed- crates
- openshell-cli
- src
- openshell-prover
- registry
- apis
- binaries
- src
- testdata
29 files changed
+3137
-0
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
197 | 197 | | |
198 | 198 | | |
199 | 199 | | |
| 200 | + | |
0 commit comments