From 93f0421ec30e4e8ae1ecd377171ff558410d8c00 Mon Sep 17 00:00:00 2001 From: Imran Siddique Date: Thu, 18 Jun 2026 11:19:43 -0700 Subject: [PATCH 1/2] security: pre-launch hardening fixes - replace personal email with maintainers@agentrust.io in MAINTAINERS.md - sync slsa_level minimum: 0 in SDK-bundled schema (matches standalone schema) - tighten subject URI pattern: require DID method+id and SPIFFE domain+path - add format_checker to JSON schema validator (enforce URI format fields) - remove undocumented 'opaque' platform row from README Signed-off-by: Imran Siddique Co-Authored-By: Claude Sonnet 4.6 --- MAINTAINERS.md | 2 +- README.md | 1 - src/agentrust_trace/models.py | 2 +- src/agentrust_trace/schema/trace-v0.1.json | 2 +- src/agentrust_trace/validate.py | 2 +- 5 files changed, 4 insertions(+), 5 deletions(-) diff --git a/MAINTAINERS.md b/MAINTAINERS.md index 1451b9b..6cff6ab 100644 --- a/MAINTAINERS.md +++ b/MAINTAINERS.md @@ -4,7 +4,7 @@ | Name | Affiliation | GitHub | Contact | |---|---|---|---| -| Imran Siddique | OPAQUE Systems | @imraan | imran.siddique@opaque.co | +| Imran Siddique | OPAQUE Systems | @imraan | maintainers@agentrust.io | The Project Lead has final decision authority on specification changes, AAIF/CoSAI submission scope, conformance requirements, and Maintainer appointments. diff --git a/README.md b/README.md index 1c6a7a2..0a1bf32 100644 --- a/README.md +++ b/README.md @@ -83,7 +83,6 @@ The record is a single EAT envelope (RFC 9711). Each field is independently veri | `amd-sev-snp` | Yes | Yes | | | `nvidia-h100` | Yes | Yes | | | `gpu-cc` | No | Planned | Generic GPU confidential compute | -| `opaque` | Yes | Yes | Explicit opt-in; contact maintainers | ## Specification diff --git a/src/agentrust_trace/models.py b/src/agentrust_trace/models.py index 847a5fb..e565e37 100644 --- a/src/agentrust_trace/models.py +++ b/src/agentrust_trace/models.py @@ -113,7 +113,7 @@ class TrustRecord(BaseModel): eat_profile: Literal["tag:agentrust.io,2026:trace-v0.1"] iat: Annotated[int, Field(ge=1700000000)] - subject: Annotated[str, Field(pattern=r"^(spiffe://|did:)")] + subject: Annotated[str, Field(pattern=r"^(spiffe://[^/]+/.+|did:[a-z0-9]+:.+)$")] model: ModelInfo runtime: RuntimeInfo policy: PolicyInfo diff --git a/src/agentrust_trace/schema/trace-v0.1.json b/src/agentrust_trace/schema/trace-v0.1.json index 0c03bb2..c009bd5 100644 --- a/src/agentrust_trace/schema/trace-v0.1.json +++ b/src/agentrust_trace/schema/trace-v0.1.json @@ -167,7 +167,7 @@ "properties": { "slsa_level": { "type": "integer", - "minimum": 1, + "minimum": 0, "maximum": 3, "description": "SLSA Build Level achieved. Level 2 minimum for TRACE conformance; Level 3 for production mark." }, diff --git a/src/agentrust_trace/validate.py b/src/agentrust_trace/validate.py index 8a43ab3..e5bc5cd 100644 --- a/src/agentrust_trace/validate.py +++ b/src/agentrust_trace/validate.py @@ -16,7 +16,7 @@ def _schema() -> dict[str, Any]: @lru_cache(maxsize=1) def _validator() -> jsonschema.Draft202012Validator: - return jsonschema.Draft202012Validator(_schema()) + return jsonschema.Draft202012Validator(_schema(), format_checker=jsonschema.FormatChecker()) # Canonical schema exposed for downstream tooling that needs the raw dict. From a7e2f8b24f8cf458e42ab83a2f9c21a2a70a1918 Mon Sep 17 00:00:00 2001 From: Imran Siddique Date: Thu, 18 Jun 2026 11:29:27 -0700 Subject: [PATCH 2/2] fix: remove unused import json from test_sign.py Pre-existing ruff F401 violation that our PR surfaced in CI. Signed-off-by: Imran Siddique Co-Authored-By: Claude Sonnet 4.6 --- tests/test_sign.py | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/test_sign.py b/tests/test_sign.py index a95ca43..102051c 100644 --- a/tests/test_sign.py +++ b/tests/test_sign.py @@ -1,7 +1,6 @@ """Tests for agentrust_trace.sign.""" import base64 -import json import pytest from cryptography.exceptions import InvalidSignature