Skip to content

feat(security): TUI security indicators, event log, and metrics display (Phase 5, #1195)#1248

Merged
bug-ops merged 3 commits intomainfrom
feat/m32/security-tui
Mar 5, 2026
Merged

feat(security): TUI security indicators, event log, and metrics display (Phase 5, #1195)#1248
bug-ops merged 3 commits intomainfrom
feat/m32/security-tui

Conversation

@bug-ops
Copy link
Copy Markdown
Owner

@bug-ops bug-ops commented Mar 5, 2026

Summary

Phase 5 of Untrusted Content Isolation epic (#1195): TUI integration for security visibility.

  • Status bar: yellow "SEC: N flags" indicator for injection pattern detections, red "N blocked" for exfiltration guard blocks. Hidden when zero events.
  • Security side panel: aggregate metrics (sanitizer runs, injection flags, truncations, quarantine, exfiltration) + last 5 recent events with timestamps. Time-based toggle (60s recency) replaces Subagents panel only when recent events exist.
  • Command palette: security:events command outputs full security event history as system message (command palette only, no slash shortcut).
  • SecurityEvent types: SecurityEvent + SecurityEventCategory enum in zeph-core (unconditional, not feature-gated). Ring buffer (VecDeque, cap 100) in MetricsSnapshot, transported via existing watch channel.
  • Emission sites: SecurityEvent pushed at Agent call sites (context.rs, tool_execution.rs, persistence.rs) — not inside sanitizer structs. Covers injection flags, truncations, quarantine success/failure, exfiltration URL flags, image blocks, memory write guards.
  • Safety: UTF-8-safe truncation via floor_char_boundary() for detail (128 chars) and source (64 chars), ASCII control char stripping on source field.

Key files

  • crates/zeph-core/src/metrics.rs — SecurityEvent, SecurityEventCategory, ring buffer
  • crates/zeph-core/src/agent/utils.rs — Agent::push_security_event()
  • crates/zeph-tui/src/widgets/security.rs — security side panel widget (new)
  • crates/zeph-tui/src/widgets/status.rs — status bar SEC indicator
  • crates/zeph-tui/src/command.rs — SecurityEvents command palette entry
  • crates/zeph-tui/src/app.rs — format_security_report(), panel toggle, event handling

Test delta

4064 -> 4088 (+24 new tests)

Test plan

  • cargo +nightly fmt --check
  • cargo clippy --workspace --features full -- -D warnings
  • cargo nextest run --workspace --features full --lib --bins (4088 passed)
  • Manual TUI verification: trigger injection pattern, verify SEC indicator appears in status bar
  • Manual TUI verification: :security:events in command palette shows event history
  • Manual TUI verification: security panel appears and auto-hides after 60s

Closes phase 5 of #1195.

@github-actions github-actions bot added documentation Improvements or additions to documentation rust Rust code changes core zeph-core crate enhancement New feature or request size/XL Extra large PR (500+ lines) labels Mar 5, 2026
This was linked to issues Mar 5, 2026
Untrusted Content Isolation #1195
Closed
[SEC-5.1] TUI security indicators and event log #1208
Closed
[SEC-5.2] CLI security event reporting #1209
Closed
@bug-ops bug-ops enabled auto-merge (squash) March 5, 2026 21:52
@bug-ops bug-ops merged commit 8ecbc77 into main Mar 5, 2026
28 checks passed
@bug-ops bug-ops deleted the feat/m32/security-tui branch March 5, 2026 22:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

core zeph-core crate documentation Improvements or additions to documentation enhancement New feature or request rust Rust code changes size/XL Extra large PR (500+ lines)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[SEC-5.2] CLI security event reporting [SEC-5.1] TUI security indicators and event log Untrusted Content Isolation

1 participant

@bug-ops