sovereign-mamba / tests /policyGate.test.ts
SNAPKITTYWEST's picture
Add sovereign-mamba source: Modelfile, kernel Prolog gates, sovereign_crypto Rust, Lean4, corpus policy
0427fad verified
Raw
History Blame Contribute Delete
1.51 kB
import test from "node:test";
import assert from "node:assert/strict";
import { fileURLToPath } from "node:url";
import { loadTrustDeed } from "../src/trustDeed.js";
import { checkSyscall } from "../src/policyGate.js";
import { normalizeModelOutput } from "../src/normalize.js";
import { resolvePreferredModel } from "../src/ollama.js";
test("enabled syscall is allowed", () => {
const deed = loadTrustDeed(fileURLToPath(new URL("../trust-deed.json", import.meta.url)));
const decision = checkSyscall(deed, "lean_gate");
assert.equal(decision.status, "ALLOW");
assert.equal(decision.requiresReceipt, true);
});
test("disabled dangerous syscall requires approval", () => {
const deed = loadTrustDeed(fileURLToPath(new URL("../trust-deed.json", import.meta.url)));
const decision = checkSyscall(deed, "bash_exec");
assert.equal(decision.status, "APPROVAL_REQUIRED");
});
test("normalizer extracts syscall tokens and uncertainty", () => {
const normalized = normalizeModelOutput("<|lean_gate|>\nSPEC\n<|receipt_seal|>");
assert.deepEqual(normalized.syscalls, ["lean_gate", "receipt_seal"]);
assert.equal(normalized.uncertainty, "SPEC");
});
test("preferred model resolves to installed snapkitty variant", () => {
const selected = resolvePreferredModel([
{ name: "nemotron-mini:latest", model: "nemotron-mini:latest" },
{ name: "snapkitty-nemotron:latest", model: "snapkitty-nemotron:latest" }
], undefined, "nemotron");
assert.equal(selected, "snapkitty-nemotron:latest");
});