{"id":50665461,"url":"https://github.com/samuraiwriter7/defense-court-protocol","last_synced_at":"2026-06-08T06:01:18.046Z","repository":{"id":363224011,"uuid":"1262403200","full_name":"SamuraiWriter7/defense-court-protocol","owner":"SamuraiWriter7","description":"A governance kernel for AI cyber defense, integrating agent ranks, a Seventeen-Article Defense Charter, traceability, emergency containment, governance review, and human oversight.","archived":false,"fork":false,"pushed_at":"2026-06-08T02:19:47.000Z","size":46,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-08T02:21:27.682Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SamuraiWriter7.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-06-08T00:27:45.000Z","updated_at":"2026-06-08T02:19:51.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/SamuraiWriter7/defense-court-protocol","commit_stats":null,"previous_names":["samuraiwriter7/defense-court-protocol"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/SamuraiWriter7/defense-court-protocol","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SamuraiWriter7%2Fdefense-court-protocol","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SamuraiWriter7%2Fdefense-court-protocol/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SamuraiWriter7%2Fdefense-court-protocol/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SamuraiWriter7%2Fdefense-court-protocol/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SamuraiWriter7","download_url":"https://codeload.github.com/SamuraiWriter7/defense-court-protocol/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SamuraiWriter7%2Fdefense-court-protocol/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34050225,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-08T02:00:07.615Z","response_time":111,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-06-08T06:00:57.027Z","updated_at":"2026-06-08T06:01:18.036Z","avatar_url":"https://github.com/SamuraiWriter7.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Defense Court Protocol\n\n**Defense Court Protocol** is a governance kernel for AI cyber defense.\n\nIt defines a structured defensive operating model for multi-agent AI systems by integrating:\n\n* defensive agent ranks\n* a Seventeen-Article Cyber Defense Charter\n* traceability\n* emergency containment\n* governance review\n* semantic alignment checks\n* human oversight\n\nThe goal is not to create a status hierarchy among AI agents.\n\nThe goal is to define **responsibility, authority, traceability, review, safe defensive coordination, and institutional consistency**.\n\n---\n\n## Overview\n\nModern cyber defense increasingly faces high-speed, automated, and AI-assisted threats.\n\nTraditional IT operations often emphasize continuity and availability:\n\n```text\nKeep systems running.\nAvoid shutdown.\nWait for human approval.\nEscalate through slow review paths.\n```\n\nHowever, fast-moving cyber incidents require a different operating model.\n\nThe Defense Court Protocol introduces the principle of:\n\n```text\nThe courage to stop.\n```\n\nUnder clearly defined emergency conditions, AI defense agents may perform limited, scoped, reversible, and traceable containment actions before full human review.\n\nHuman review still preserves final legitimacy.\n\nIn short:\n\n```text\nAI may contain.\nVerification must review.\nGovernance may pause.\nHumans finalize legitimacy.\n```\n\n---\n\n## Core Concept\n\nThe Defense Court Protocol is built on five layers:\n\n```text\nRank Layer\n  Defines defensive agent roles, authority scopes, and responsibility boundaries.\n\nArticle Layer\n  Defines behavioral, procedural, ethical, traceability, and safety rules.\n\nDefense Kernel\n  Defines emergency detection, containment, isolation, and recovery rules.\n\nTrace Layer\n  Records actions, decisions, evidence, safeguards, review status, and responsibility.\n\nHuman Review Layer\n  Preserves final human responsibility, legitimacy, and governance oversight.\n```\n\nThe core structure can be summarized as:\n\n```text\nRank defines responsibility.\nArticles define behavior.\nTrace defines accountability.\nGovernance defines safety.\nHuman Review defines legitimacy.\n```\n\n---\n\n## Core Principles\n\nThe Defense Court Protocol follows these principles:\n\n```text\nNo untraceable command.\nNo irreversible action without review.\nNo autonomous escalation without scope.\nNo defense action without logging.\nNo recovery without verification.\nNo public-risk incident without disclosure path.\n```\n\nThese principles ensure that AI cyber defense can be fast without becoming lawless.\n\n---\n\n## Key Documents\n\n* [Defense Court Protocol](docs/defense-court-protocol.md)\n  Defines the overall cyber defense governance kernel for multi-agent AI systems.\n\n* [Defense Trace Protocol](docs/defense-trace-protocol.md)\n  Defines the traceability, accountability, verification, recovery, governance, and human review model for defensive AI actions.\n\n* [Defense Agent Rank Architecture](docs/defense-agent-rank-architecture.md)\n  Defines the defensive AI agent rank system, including roles, authority scopes, responsibility boundaries, trace requirements, and human review triggers.\n\n* [Cyber Defense Seventeen Articles](docs/cyber-defense-seventeen-articles.md)\n  Defines the Seventeen-Article Cyber Defense Charter as the behavioral, procedural, ethical, traceability, and safety constitution of the Defense Court Protocol.\n\n* [Constitution Alignment Model](docs/constitution-alignment-model.md)\n  Defines the semantic validation layer of the Defense Court Protocol, checking institutional consistency among Trace Records, Agent Ranks, and the Cyber Defense Constitution.\n\n---\n\n## Core Pillars\n\nThe protocol currently has three validated pillars.\n\n### 1. Defense Trace Record\n\nThe Defense Trace Record defines how defensive actions are recorded.\n\nIt answers:\n\n```text\nWhat happened?\nWho acted?\nWhy was action taken?\nWhich authority was used?\nWhich articles applied?\nWas the action reversible?\nWere safeguards applied?\nWas human review required?\nWhat must happen next?\n```\n\nFiles:\n\n```text\nschemas/defense-trace-record.schema.json\nexamples/defense-trace-record.example.yaml\n```\n\n---\n\n### 2. Defense Agent Rank\n\nThe Defense Agent Rank model defines defensive AI roles and authority scopes.\n\nIt adapts a twelve-rank structure into a cyber defense context.\n\nThe ranks include:\n\n```text\nDaitoku  = Defense Grand Orchestrator\nShotoku  = Incident Coordinator\nDaijin   = Human Impact Agent\nShojin   = User Context Agent\nDairei   = Defense Protocol Agent\nShorei   = Procedure Agent\nDaishin  = Forensic Verification Agent\nShoshin  = Detection Test Agent\nDaigi    = Cyber Governance Agent\nShogi    = Risk Filter Agent\nDaichi   = Threat Strategy Agent\nShochi   = Threat Research Agent\n```\n\nFiles:\n\n```text\nschemas/defense-agent-rank.schema.json\nexamples/defense-agent-rank.example.yaml\n```\n\n---\n\n### 3. Cyber Defense Constitution\n\nThe Cyber Defense Constitution defines the Seventeen-Article Cyber Defense Charter.\n\nIt provides behavioral and procedural discipline for defensive AI agents.\n\nThe Articles are grouped into five modules:\n\n```text\nSynchronization Module\nAuthority Module\nProtocol Module\nTrace and Trust Module\nSafety and Containment Module\n```\n\nFiles:\n\n```text\nschemas/cyber-defense-constitution.schema.json\nexamples/cyber-defense-constitution.example.yaml\n```\n\n---\n\n## Architecture\n\nThe Defense Court Protocol can be understood as an AI cyber defense institution.\n\n```text\nHuman / Orchestrator\n        ↓\nDefense Grand Orchestrator\n        ↓\nDefense Agent Ranks\n        ↓\nCyber Defense Seventeen Articles\n        ↓\nDefense Kernel\n        ↓\nDefense Trace Log\n        ↓\nVerification / Governance Review\n        ↓\nHuman Review\n        ↓\nRecovery / Disclosure / Improvement\n```\n\nThis structure allows AI agents to act quickly while remaining reviewable, bounded, and human-legitimate.\n\n---\n\n## Inner Loop and Outer Loop\n\nThe protocol separates emergency response into two loops.\n\n### Inner Loop\n\nThe Inner Loop is the AI immediate response layer.\n\nTypical actions include:\n\n```text\nobserve\nwarn\ncontain\nquarantine\nsuspend\npreserve evidence\nnotify governance\nnotify human reviewers\n```\n\nInner Loop actions must be:\n\n* scoped\n* logged\n* justified\n* reversible when possible\n* automatically reported\n* subject to later human review\n\n### Outer Loop\n\nThe Outer Loop is the human review and governance layer.\n\nTypical actions include:\n\n```text\nreview incident evidence\nconfirm or reject containment\napprove recovery\nassess legal obligations\nnotify users or stakeholders if needed\nupdate protocols and detection rules\nrecord contribution and correction events\n```\n\nThe separation is simple:\n\n```text\nAI may perform emergency containment.\nAI must not finalize legitimacy.\nHuman review determines legitimacy.\nVerification determines recovery readiness.\nGovernance determines boundary compliance.\n```\n\n---\n\n## Repository Structure\n\n```text\ndocs/\n  defense-court-protocol.md\n  defense-trace-protocol.md\n  defense-agent-rank-architecture.md\n  cyber-defense-seventeen-articles.md\n  constitution-alignment-model.md\n\nschemas/\n  defense-trace-record.schema.json\n  defense-agent-rank.schema.json\n  cyber-defense-constitution.schema.json\n\nexamples/\n  defense-trace-record.example.yaml\n  defense-agent-rank.example.yaml\n  cyber-defense-constitution.example.yaml\n\nscripts/\n  validate_examples.py\n  check_constitution_alignment.py\n\n.github/\n  workflows/\n    validate-examples.yml\n```\n\n---\n\n## Validation\n\nThis repository performs two layers of validation:\n\n```text\nSchema Validation\n  Checks whether YAML examples conform to JSON Schemas.\n\nSemantic Validation\n  Checks whether the Trace, Rank, and Constitution examples are institutionally aligned.\n```\n\nTogether, these validations ensure both structural correctness and governance consistency.\n\n---\n\n## Schema Validation\n\nSchema validation checks whether each YAML example matches its corresponding JSON Schema.\n\nRequired Python packages:\n\n```text\nPyYAML\njsonschema\n```\n\nInstall dependencies:\n\n```bash\npip install pyyaml jsonschema\n```\n\nRun schema validation:\n\n```bash\npython scripts/validate_examples.py\n```\n\nExpected output:\n\n```text\nValidating target: Defense Trace Record\nValidation passed.\n\nValidating target: Defense Agent Rank\nValidation passed.\n\nValidating target: Cyber Defense Constitution\nValidation passed.\n\nAll validations passed.\n```\n\nCurrent schema validation targets:\n\n```text\nDefense Trace Record\n  Schema:  schemas/defense-trace-record.schema.json\n  Example: examples/defense-trace-record.example.yaml\n\nDefense Agent Rank\n  Schema:  schemas/defense-agent-rank.schema.json\n  Example: examples/defense-agent-rank.example.yaml\n\nCyber Defense Constitution\n  Schema:  schemas/cyber-defense-constitution.schema.json\n  Example: examples/cyber-defense-constitution.example.yaml\n```\n\n---\n\n## Semantic Validation\n\nSemantic validation checks whether the validated examples are meaningfully aligned as a governance system.\n\nIt is performed by:\n\n```text\nscripts/check_constitution_alignment.py\n```\n\nThis script checks consistency across:\n\n```text\nexamples/defense-trace-record.example.yaml\nexamples/defense-agent-rank.example.yaml\nexamples/cyber-defense-constitution.example.yaml\n```\n\nIt verifies conditions such as:\n\n```text\nTrace Record applicable article IDs exist in the Cyber Defense Constitution.\nTrace Record applicable article names match the Constitution article titles.\nTrace Record acting_agent.rank exists in the Defense Agent Rank document.\nTrace Record rank_authority matches acting_agent.rank.\nEmergency containment references the required Articles 5, 6, and 9.\nCritical incidents do not bypass human review.\nRecovery actions require proper governance approval.\nConstitution module definitions match article module declarations.\n```\n\nFor the conceptual model behind semantic validation, see:\n\n* [Constitution Alignment Model](docs/constitution-alignment-model.md)\n\nRun semantic validation:\n\n```bash\npython scripts/check_constitution_alignment.py\n```\n\nExpected output:\n\n```text\nChecking Defense Court Protocol constitution alignment...\n\nConstitution alignment passed.\n\nErrors: 0\nWarnings: 0\n\nAll constitution alignment checks passed.\n```\n\nWarnings can be treated as errors by running:\n\n```bash\npython scripts/check_constitution_alignment.py --strict-warnings\n```\n\nSemantic validation is important because JSON Schema can verify document shape, but it cannot fully verify institutional meaning.\n\nIn short:\n\n```text\nSchema Validation\n  = checks whether the documents are structurally valid.\n\nSemantic Validation\n  = checks whether the documents agree with each other as a governance system.\n```\n\nThis gives the Defense Court Protocol both a gatekeeper and a magistrate.\n\n---\n\n## GitHub Actions\n\nThe repository includes a GitHub Actions workflow:\n\n```text\n.github/workflows/validate-examples.yml\n```\n\nThe workflow runs on:\n\n```text\npush\npull_request\nworkflow_dispatch\n```\n\nIt performs:\n\n```text\n1. Schema validation\n2. Constitution alignment validation\n```\n\nWorkflow checks:\n\n```bash\npython scripts/validate_examples.py\npython scripts/check_constitution_alignment.py\n```\n\nThis ensures that changes to schemas, examples, ranks, articles, or trace records remain both structurally valid and institutionally aligned.\n\n---\n\n## Validated Files\n\nCurrent validation targets:\n\n```text\nDefense Trace Record\n  Schema:  schemas/defense-trace-record.schema.json\n  Example: examples/defense-trace-record.example.yaml\n\nDefense Agent Rank\n  Schema:  schemas/defense-agent-rank.schema.json\n  Example: examples/defense-agent-rank.example.yaml\n\nCyber Defense Constitution\n  Schema:  schemas/cyber-defense-constitution.schema.json\n  Example: examples/cyber-defense-constitution.example.yaml\n```\n\nCurrent semantic alignment inputs:\n\n```text\nTrace Example:\n  examples/defense-trace-record.example.yaml\n\nRank Example:\n  examples/defense-agent-rank.example.yaml\n\nConstitution Example:\n  examples/cyber-defense-constitution.example.yaml\n```\n\n---\n\n## Design Philosophy\n\nThe Defense Court Protocol is based on the idea that cyber defense should be:\n\n```text\nfast but bounded\nautomated but reviewable\nstructured but adaptable\ntraceable but not bureaucratic\nhuman-supervised but not paralyzed\n```\n\nIn emergency conditions, waiting too long can increase harm.\n\nBut unrestricted automation can also create new harm.\n\nThe protocol therefore balances speed and restraint.\n\n```text\nContain fast.\nRecover carefully.\nReview honestly.\nRecord everything significant.\n```\n\n---\n\n## Non-Goals\n\nThis repository does not provide:\n\n* offensive cyber techniques\n* exploit instructions\n* malware behavior\n* intrusion guidance\n* evasion methods\n* unauthorized access methods\n* fully autonomous legal judgment\n* fully autonomous public disclosure\n* fully autonomous irreversible action\n\nThe Defense Court Protocol is defensive, governance-oriented, traceable, and human-reviewed.\n\n---\n\n## Relationship to Royalty OS\n\nThe Defense Court Protocol can connect to Royalty OS by recording defensive contribution and correction events.\n\nPotential contribution events include:\n\n```text\ndetection contribution\ncontainment contribution\nforensic contribution\ngovernance contribution\nrecovery contribution\ndocumentation contribution\nresearch contribution\nrisk reduction event\n```\n\nPotential correction events include:\n\n```text\nfalse positive correction\nover-containment prevention\nmissed signal review\nprotocol correction\nrecovery improvement\ngovernance refinement\n```\n\nThis allows defense value to be recorded without rewarding only dramatic action.\n\nA mature defense system should recognize quiet prevention, careful verification, and honest correction.\n\n---\n\n## Roadmap\n\nPlanned future work:\n\n```text\nv0.2\n  - richer incident classification\n  - expanded severity model\n  - incident lifecycle status\n  - evidence reference fields\n  - expanded semantic alignment checks\n\nv0.3\n  - authority matrix between ranks and action classes\n  - escalation path validation\n  - recovery gate validation\n\nv0.4\n  - signature and provenance fields\n  - agent identity / AOC integration\n  - command authentication evidence\n\nv0.5\n  - Royalty OS contribution event integration\n  - fault and correction event model\n\nv1.0\n  - formal conformance profile\n  - operational implementation guide\n  - governance review checklist\n```\n\n---\n\n## Summary\n\nDefense Court Protocol is a governance kernel for AI cyber defense.\n\nIt defines:\n\n```text\nRank for responsibility.\nArticles for behavior.\nDefense Kernel for emergency response.\nTrace for accountability.\nGovernance for safety.\nHuman Review for legitimacy.\nSemantic Validation for institutional consistency.\n```\n\nIn this model:\n\n```text\nThe Twelve-Rank structure forms the defensive organization.\nThe Seventeen-Article Charter forms the defensive discipline.\nThe Trace Protocol forms the battle record.\nThe Governance Layer prevents overreach.\nThe Human Review Layer preserves final responsibility.\nThe Semantic Alignment Checker verifies institutional consistency.\n```\n\nThe result is an AI cyber defense system that can act quickly without becoming lawless, and remain governed without becoming too slow.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsamuraiwriter7%2Fdefense-court-protocol","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsamuraiwriter7%2Fdefense-court-protocol","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsamuraiwriter7%2Fdefense-court-protocol/lists"}