@@ -13,8 +13,8 @@ to 7B local models). The repo now covers the full loop: build portable
1313harness files, route models, replay evals, parse production traces, scope
1414role capabilities, select deterministic context bundles, audit runtime policy,
1515cache reusable artifacts, canonicalize identity keys, plan dispatches, settle
16- dispatch results, migrate consumer projects, validate artifact contracts, and
17- persist local workflow truth. The only narrower surface is ` iso-trace model-score ` , which still
16+ dispatch results, redact sensitive output, migrate consumer projects, validate
17+ artifact contracts, and persist local workflow truth. The only narrower surface is ` iso-trace model-score ` , which still
1818depends on transcripts exposing stable model metadata.
1919
2020Today, agent workflow reliability is fragmented on three axes:
@@ -29,11 +29,11 @@ Today, agent workflow reliability is fragmented on three axes:
2929 unstructured rationale all drop silently at 7B. You don't find out
3030 until the agent misbehaves in production.
31313 . ** Runtime fragmentation.** Workflows rely on fragile prompt prose for
32- fan-out limits, context loading, artifact reuse, identity keys, project upgrades, role permissions, output shape, duplicate checks, post-dispatch settlement, and
32+ fan-out limits, context loading, artifact reuse, identity keys, project upgrades, role permissions, output shape, duplicate checks, post-dispatch settlement, redaction, and
3333 "what already happened." Those invariants belong in deterministic local packages,
3434 not in repeatedly re-tokenized instructions.
3535
36- Eighteen packages solve that in one pipeline with runtime control and a
36+ Nineteen packages solve that in one pipeline with runtime control and a
3737feedback loop:
3838
3939- ** Four build-time tools** turn your authored source into every harness's file layout:
@@ -43,7 +43,7 @@ feedback loop:
4343 [ ` @razroo/iso-route ` ] ( ./packages/iso-route ) compiles * one model policy* into each harness's config.
4444- ** One wrapper** runs the whole build chain:
4545 [ ` @razroo/iso ` ] ( ./packages/iso ) chains the above into a single ` iso build ` .
46- - ** Eleven runtime-control libraries** handle durable execution, context selection, artifact caching, artifact lookup, identity canonicalization, preflight dispatch planning, postflight settlement, project migration, role capabilities, artifact shape, and operational truth:
46+ - ** Twelve runtime-control libraries** handle durable execution, context selection, artifact caching, artifact lookup, identity canonicalization, preflight dispatch planning, postflight settlement, redaction , project migration, role capabilities, artifact shape, and operational truth:
4747 [ ` @razroo/iso-orchestrator ` ] ( ./packages/iso-orchestrator ) provides resumable
4848 steps, keyed mutexes, and bounded fan-out for side-effectful agent workflows,
4949 [ ` @razroo/iso-context ` ] ( ./packages/iso-context ) resolves context bundles,
@@ -60,6 +60,8 @@ feedback loop:
6060 [ ` @razroo/iso-postflight ` ] ( ./packages/iso-postflight ) reconciles
6161 dispatch plans with observed outcomes, required artifacts, and post-run
6262 steps before the workflow advances or closes,
63+ [ ` @razroo/iso-redact ` ] ( ./packages/iso-redact ) scans, applies, verifies,
64+ and explains local sensitive-data redaction policies,
6365 [ ` @razroo/iso-migrate ` ] ( ./packages/iso-migrate ) plans and applies
6466 idempotent consumer-project file migrations,
6567 [ ` @razroo/iso-capabilities ` ] ( ./packages/iso-capabilities ) resolves,
@@ -88,6 +90,7 @@ feedback loop:
8890 │ │ iso-canon ─▶ identity keys
8991 │ │ iso-preflight ─▶ dispatch plan
9092 │ │ iso-postflight ─▶ settlement gate
93+ │ │ iso-redact ─▶ safe exports
9194 │ │ iso-migrate ─▶ project upgrades
9295 │ │ iso-capabilities ─▶ role permission policy
9396 ┌────────────────────┐ │ .codex/config.toml │
@@ -148,6 +151,9 @@ the repo now supports a tighter loop:
148151 instead of relying on prompt prose for source-backed facts and fan-out rules.
149152- ` iso-postflight status/check ` keeps dispatch settlement local instead of
150153 asking an agent to infer whether outcomes, artifacts, and post-steps are done.
154+ - ` iso-redact scan/apply/verify ` keeps secret and PII scrubbing local
155+ instead of trusting every agent summary, trace export, or fixture writer
156+ to remember sensitive-data handling rules.
151157- ` iso-migrate plan/apply/check ` keeps consumer project upgrades local
152158 instead of hand-editing package scripts, dependency ranges, and ignores.
153159- ` iso-capabilities check/render ` keeps role permission matrices local
@@ -189,6 +195,9 @@ of the prompt:
189195- ` iso-postflight ` makes dispatch settlement executable: reconcile planned
190196 rounds with observed outcomes, required artifacts, and post-run steps before
191197 continuing, replacing candidates, waiting, collecting output, or closing.
198+ - ` iso-redact ` makes sensitive-data handling executable: scan, apply,
199+ verify, and explain local redaction policies for trace exports, logs,
200+ telemetry, eval fixtures, and domain artifacts without a model call.
192201- ` iso-migrate ` makes project upgrades executable: JSON pointer edits, line
193202 insertion, exact replacement, and guarded file writes run as idempotent
194203 migrations instead of one-off shell patches.
@@ -315,6 +324,13 @@ of the prompt:
315324 wait, collect missing output, replace failed candidates, run post-steps,
316325 stop, or close.
317326
327+ - ** [ ` packages/iso-redact ` ] ( ./packages/iso-redact ) ** — [ ` @razroo/iso-redact ` ] ( https://www.npmjs.com/package/@razroo/iso-redact )
328+ Deterministic sensitive-data redaction for agent workflows. Loads local
329+ redaction policies, scans text for builtin/pattern/field matches, applies
330+ replacements without leaking matched values in findings, and verifies
331+ exported traces, fixtures, telemetry, logs, or domain artifacts before
332+ they are shared.
333+
318334- ** [ ` packages/iso-migrate ` ] ( ./packages/iso-migrate ) ** — [ ` @razroo/iso-migrate ` ] ( https://www.npmjs.com/package/@razroo/iso-migrate )
319335 Deterministic project migrations for agent workflow packages. Plans,
320336 applies, checks, and explains idempotent JSON/text file upgrades so
@@ -512,6 +528,15 @@ iso-postflight check --config postflight.json --plan plan.json --outcomes outcom
512528iso-postflight explain --config postflight.json
513529```
514530
531+ ### ` @razroo/iso-redact ` — is this output safe to export?
532+
533+ ``` bash
534+ iso-redact scan --config redact.json --input session.jsonl
535+ iso-redact verify --config redact.json --input fixture/task.md
536+ iso-redact apply --config redact.json --input raw.txt --output safe.txt
537+ iso-redact explain --config redact.json
538+ ```
539+
515540### ` @razroo/iso-migrate ` — what project-owned files need upgrading?
516541
517542``` bash
563588 ├── iso-canon/ # deterministic identity canonicalization
564589 ├── iso-preflight/ # deterministic preflight dispatch planning
565590 ├── iso-postflight/ # deterministic postflight settlement
591+ ├── iso-redact/ # deterministic sensitive-data redaction
566592 ├── iso-migrate/ # deterministic consumer project migrations
567593 ├── iso-contract/ # deterministic artifact contracts
568594 └── iso-capabilities/ # deterministic role capability policy
@@ -588,6 +614,7 @@ npm --workspace @razroo/iso-index run test # iso-index artifact lookup test
588614npm --workspace @razroo/iso-canon run test # iso-canon identity key tests
589615npm --workspace @razroo/iso-preflight run test # iso-preflight dispatch planning tests
590616npm --workspace @razroo/iso-postflight run test # iso-postflight settlement tests
617+ npm --workspace @razroo/iso-redact run test # iso-redact policy/redaction tests
591618npm --workspace @razroo/iso-migrate run test # iso-migrate project migration tests
592619npm --workspace @razroo/iso-contract run test # iso-contract artifact contract tests
593620npm --workspace @razroo/iso-capabilities run test # iso-capabilities policy tests
@@ -626,7 +653,7 @@ build, and `npm publish --provenance`.
626653## End-to-end example
627654
628655[ ` examples/pipeline/ ` ] ( ./examples/pipeline ) is an executable demonstration
629- that exercises ** seven of the eighteen packages end-to-end** in one `npm run
656+ that exercises ** seven of the nineteen packages end-to-end** in one `npm run
630657test: pipeline ` invocation: ` agentmd lint` + ` render` → ` isolint lint` →
631658` iso-route build ` (from a bundled ` models.yaml ` that extends the
632659` standard ` preset) → ` iso-harness build ` (which consumes iso-route's
@@ -645,7 +672,7 @@ downstream repo would use.
645672
646673` npm run test:pack ` goes one level further: it packs the local workspaces into
647674tarballs, installs them into fresh temp projects, and smoke-tests the packaged
648- ` iso-harness ` , ` iso ` , ` iso-eval ` , ` iso-trace ` , ` iso-route ` , ` iso-guard ` , ` iso-ledger ` , ` iso-context ` , ` iso-cache ` , ` iso-index ` , ` iso-canon ` , ` iso-preflight ` , ` iso-postflight ` , ` iso-migrate ` , ` iso-contract ` , and ` iso-capabilities `
675+ ` iso-harness ` , ` iso ` , ` iso-eval ` , ` iso-trace ` , ` iso-route ` , ` iso-guard ` , ` iso-ledger ` , ` iso-context ` , ` iso-cache ` , ` iso-index ` , ` iso-canon ` , ` iso-preflight ` , ` iso-postflight ` , ` iso-redact ` , ` iso- migrate` , ` iso-contract ` , and ` iso-capabilities `
649676CLIs. This guards against packaging regressions that workspace-only tests can
650677miss.
651678
0 commit comments