mirror of
https://github.com/github/awesome-copilot.git
synced 2026-02-22 19:35:13 +00:00
4a4b9343d5
Add real-time governance audit hook that scans prompts for threat signals: - 5 threat categories: data exfiltration, privilege escalation, system destruction, prompt injection, credential exposure - 4 governance levels: open, standard, strict, locked - Append-only JSON audit trail (logs/copilot/governance/audit.log) - Session summary with threat counts at session end - Privacy-aware: logs decisions and metadata, never prompt content Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
40 lines
913 B
Bash
40 lines
913 B
Bash
#!/bin/bash
|
|
|
|
# Governance Audit: Log session end with summary statistics
|
|
|
|
set -euo pipefail
|
|
|
|
if [[ "${SKIP_GOVERNANCE_AUDIT:-}" == "true" ]]; then
|
|
exit 0
|
|
fi
|
|
|
|
INPUT=$(cat)
|
|
|
|
mkdir -p logs/copilot/governance
|
|
|
|
TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
|
|
LOG_FILE="logs/copilot/governance/audit.log"
|
|
|
|
# Count events from this session
|
|
TOTAL=0
|
|
THREATS=0
|
|
if [[ -f "$LOG_FILE" ]]; then
|
|
TOTAL=$(wc -l < "$LOG_FILE" 2>/dev/null || echo 0)
|
|
THREATS=$(grep -c '"threat_detected"' "$LOG_FILE" 2>/dev/null || echo 0)
|
|
fi
|
|
|
|
jq -Rn \
|
|
--arg timestamp "$TIMESTAMP" \
|
|
--argjson total "$TOTAL" \
|
|
--argjson threats "$THREATS" \
|
|
'{"timestamp":$timestamp,"event":"session_end","total_events":$total,"threats_detected":$threats}' \
|
|
>> "$LOG_FILE"
|
|
|
|
if [[ "$THREATS" -gt 0 ]]; then
|
|
echo "⚠️ Session ended: $THREATS threat(s) detected in $TOTAL events"
|
|
else
|
|
echo "✅ Session ended: $TOTAL events, no threats"
|
|
fi
|
|
|
|
exit 0
|