Skip to content

feat: setup command, auto-pull model, 7 full trust layers#11

Open
shotwellj wants to merge 3 commits intomainfrom
feat/setup-command-auto-pull-trust-layers
Open

feat: setup command, auto-pull model, 7 full trust layers#11
shotwellj wants to merge 3 commits intomainfrom
feat/setup-command-auto-pull-trust-layers

Conversation

@shotwellj
Copy link
Member

@shotwellj shotwellj commented Mar 17, 2026

Summary

  • air-blackbox setup — new CLI command for one-command model installation (checks Ollama → pulls model → verifies)
  • Auto-pull from registry — scanner automatically downloads airblackbox/air-compliance model on first run if missing
  • Smart reconciliation — rule-based evidence now corrects model false-FAILs (2+ PASS checks override model FAIL)
  • Full trust layers — CrewAI, AutoGen, ADK upgraded from scaffold to production; Haystack added new
  • 7 frameworks at ✅ Full — LangChain, OpenAI Agents, CrewAI, AutoGen, ADK, Haystack, Claude Agent SDK

Changes

  • cli.py — added setup command, smart reconciliation logic, rule-context passing to model
  • deep_scan.py — added _auto_pull_model(), updated prompt to use rule-based context, new rule_context param
  • trust/crewai/, trust/autogen/, trust/adk/ — full production implementations with HMAC chains
  • trust/haystack/ — new trust layer with pre/post hooks, ConsentGate, DataVault, AuditLedger
  • README.md — updated install instructions, all 7 trust layers showing ✅ Full

Test plan

  • All 17 existing tests pass
  • Run air-blackbox setup on Mac with Ollama installed
  • Run air-blackbox comply --scan . -v on a real project to verify smart reconciliation
  • Test auto-pull by removing local model and running a scan

🤖 Generated with Claude Code

@claude
feat: setup command, auto-pull model, full trust layers, smart reconc…
9aa1206 
…iliation

- Add `air-blackbox setup` CLI command for guided one-command installation
- Add auto-pull from Ollama registry when model not found locally
- Upgrade CrewAI, AutoGen, ADK trust layers from scaffold to full production
- Add Haystack trust layer (new)
- Add smart reconciliation: rule-based evidence corrects model false-FAILs
- Pass rule-based context to LLM prompt so model aligns with verified findings
- Update README with setup instructions and all 7 trust layers at ✅ Full

All 17 tests pass.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
github-code-quality[bot]
github-code-quality bot found potential problems Mar 17, 2026
View reviewed changes
shotwellj and others added 2 commits March 16, 2026 22:21
@shotwellj @claude
fix: skip model on empty code, improve evidence specificity in prompts
831142e 
- Guard against 0-files bug: skip AI model when no Python files found
- Add empty-code guard in deep_scan() itself as safety net
- Require specific file/function citations in model evidence

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@shotwellj
Support single-file scanning and fix empty except clauses
cd66ad0 
- Add os.path.isfile() check so --scan works on individual .py files
- Fix two empty except clauses flagged by code quality bot
- Single-file scans now use parent directory for doc checks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@github-code-quality github-code-quality[bot] github-code-quality[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@shotwellj