Implement Kernel class — wire all components

## Summary
Implement the Kernel class that orchestrates the full request → grant → invoke → expand → explain flow.

## Constructor
```python
Kernel(
    registry: CapabilityRegistry,
    policy: PolicyEngine | None = None,       # Default: DefaultPolicyEngine
    token_provider: TokenProvider | None = None, # Default: HMACTokenProvider
    router: Router | None = None,              # Default: StaticRouter
    firewall: Firewall | None = None,          # Default: Firewall()
    handle_store: HandleStore | None = None,   # Default: HandleStore()
    trace_store: TraceStore | None = None,     # Default: TraceStore()
)
```

## Methods

### `request_capabilities(goal, context_tags=None) → list[CapabilityRequest]`
Delegate to registry. Deterministic.

### `grant_capability(request, principal, justification) → CapabilityGrant`
1. Get capability from registry (raise CapabilityNotFound if missing)
2. Evaluate policy → if denied, raise PolicyDenied with denial_reason
3. Issue token with enforced_constraints
4. Return CapabilityGrant(token, enforced_constraints)

### `invoke(token, args, response_mode="summary") → Frame`
1. Verify token (raise TokenExpired/TokenInvalid)
2. Select route via router
3. Execute via driver. If primary fails and fallbacks exist, try next. If all fail, raise last DriverError.
4. Apply redaction (based on capability sensitivity + token constraints)
5. Apply firewall transform (with budgets from capability defaults merged with token constraints)
6. Store raw data in handle store
7. Record ActionTrace
8. Return Frame

### `expand(handle, query) → Frame`
Delegate to handle store expand. Apply budgets to result.

### `explain(action_id) → ActionTrace`
Delegate to trace store.

## Acceptance criteria
- [ ] Full happy path: request → grant → invoke → expand → explain works end-to-end
- [ ] Policy denial raises PolicyDenied with message
- [ ] Expired token raises TokenExpired
- [ ] Tampered token raises TokenInvalid
- [ ] Driver fallback: primary fails → secondary succeeds
- [ ] All drivers fail → last DriverError propagated
- [ ] Trace recorded for every invoke
- [ ] explain() returns matching trace

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Implement Kernel class — wire all components #24

Summary

Constructor

Methods

`request_capabilities(goal, context_tags=None) → list[CapabilityRequest]`

`grant_capability(request, principal, justification) → CapabilityGrant`

`invoke(token, args, response_mode="summary") → Frame`

`expand(handle, query) → Frame`

`explain(action_id) → ActionTrace`

Acceptance criteria

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Implement Kernel class — wire all components #24

Description

Summary

Constructor

Methods

request_capabilities(goal, context_tags=None) → list[CapabilityRequest]

grant_capability(request, principal, justification) → CapabilityGrant

invoke(token, args, response_mode="summary") → Frame

expand(handle, query) → Frame

explain(action_id) → ActionTrace

Acceptance criteria

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions

`request_capabilities(goal, context_tags=None) → list[CapabilityRequest]`

`grant_capability(request, principal, justification) → CapabilityGrant`

`invoke(token, args, response_mode="summary") → Frame`

`expand(handle, query) → Frame`

`explain(action_id) → ActionTrace`