Governance & Prompt Control

Key facts

• StagesGovernance and Clean Prompt — stages 2 and 3 of the pipeline.
• SurfacesApproval gate, governor admission, trusted projects, prompt weaver, context modal.
• Trust stateTwo-state today: trusted | untrusted. Four-state (restricted / verified) is roadmap.

What it does

• Approval gate

  Flagged tool calls halt the loop for explicit user approval before they run. The gate never claims every action is approved — only flagged ones.

  evidence · electron/orchestrator/approvalGate.ts · src/components/chat/ApprovalGate.tsx

• Governor admission

  The governor reject lane refuses or downgrades context that exceeds the memory budget under pressure.

  evidence · src/components/chat/GovernorRejectLane.tsx

• Prompt weaver

  buildClaudePrompt assembles the final English prompt: objective, scope in/out, inspection requirements, P0 constraints, active blocks, detected validation commands, and an enforced final-report contract.

  evidence · electron/orchestrator/promptWeaver.ts · src/lib/promptBuilder.ts

• Context modal

  Exposes the exact injected [MEMORY] block and the system prompt before sending. Nothing reaches the model implicitly.

  evidence · src/components/chat/ContextModal.tsx

• 18 governance blocks

  Mandatory inspection, anti-duplication, root-cause discipline, security guardrails, Supabase/migration safety, validation gates, scope guards, and more. Custom blocks persist per project.

  evidence · src/lib/blocks.ts · BlocksLibrary.tsx

• Trusted projects

  Project trust is granted only via native dialog; the renderer cannot self-grant. Agent safety policy is user-auditable.

  evidence · src/components/settings/TrustedProjects.tsx · AgentSafetyPolicy.tsx

Surfaces

Screenshots captured in a later phase. Frame names + intended dimensions shown today.