Metadata-Version: 2.4
Name: tibet-triage
Version: 0.4.1
Summary: Human-in-the-Loop as a discipline. UPIP (Universal Process Integrity Protocol), airlock sandbox, dependency triage, cross-machine replay, Zenodo reproducibility bundles with TIBET provenance.
Project-URL: Homepage, https://humotica.com
Project-URL: Repository, https://github.com/humotica/tibet-triage
Project-URL: Design Document, https://github.com/humotica/tibet-triage/blob/main/DESIGN.md
Project-URL: TIBET Protocol, https://pypi.org/project/tibet-core/
Project-URL: Certified Projects, https://brein.jaspervandemeent.nl/directory
Author-email: "J. van de Meent" <jasper@humotica.com>, "R. AI" <root_idd@humotica.nl>
Maintainer-email: Humotica AI Lab <ai@humotica.nl>
License: MIT
Keywords: airlock,audit,compliance,dependency-triage,dora,hipaa,hitl,human-in-the-loop,iso27001,nis2,pci-dss,process-integrity,provenance,reproducibility,risk-management,sandbox,soc2,supply-chain,tibet,triage,upip,zenodo
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: System Administrators
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Scientific/Engineering
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Quality Assurance
Classifier: Topic :: System :: Systems Administration
Requires-Python: >=3.10
Requires-Dist: rich>=13.0.0
Requires-Dist: tibet-core>=0.2.0
Provides-Extra: dev
Requires-Dist: pytest>=7.0; extra == 'dev'
Requires-Dist: ruff>=0.1.0; extra == 'dev'
Provides-Extra: full
Requires-Dist: textual>=1.0.0; extra == 'full'
Provides-Extra: tui
Requires-Dist: textual>=1.0.0; extra == 'tui'
Description-Content-Type: text/markdown

# tibet-triage

**Human-in-the-Loop as a discipline. Not a rubber stamp.**

Airlock sandbox execution, isomorphic mirror, risk-gated triage levels with full TIBET provenance. Every action is pre-computed, every change is diffed, every decision is signed.

## The Problem

Compliance frameworks (SOC 2, ISO 27001, NIS2, DORA, PCI DSS, HIPAA) require human oversight. But nobody defines *when*, *how*, or *with what evidence*. The result: operators rubber-stamp everything because stopping the pipeline is worse than the risk.

**Triage is not approval. Triage is assessment by someone who sees the difference.**

## How It Works

```
Process Request → AIRLOCK (sandbox) → RISK GATE → TRIAGE LEVEL → APPLY
```

1. **Airlock**: Run any process in an isolated sandbox. Capture all file changes, side effects, and TIBET tokens.
2. **Risk Gate**: Evaluate trigger rules against the airlock result. Automatically determine what level of oversight is needed.
3. **Triage**: Present evidence to the right level of human reviewer.
4. **Apply**: On approval, apply the pre-computed diff. Deterministic. No drift.

## Triage Levels

| Level | Who | When |
|-------|-----|------|
| L0 AUTO | No human | Trust score high, no triggers fired |
| L1 OPERATOR | One operator, async | Moderate risk, standard review |
| L2 SENIOR | Senior + co-signer | System-critical, intent mismatch |
| L3 CEREMONY | Physical presence | Catastrophic risk, out-of-band |

## Quick Start

```bash
pip install tibet-triage

# Run a command in the airlock
tibet-triage run python deploy.py --source ./app --intent "Deploy API v2.3"

# If triage is needed, review the evidence
tibet-triage pending
tibet-triage review triage-abc123

# Approve or reject
tibet-triage approve triage-abc123 --operator jasper@humotica.com
tibet-triage reject triage-abc123 --reason "Diff too large"
```

## Not Just for AI

tibet-triage is a **universal process integrity engine**. The same airlock + mirror + risk gate pattern works for:

- **CI/CD pipelines** — pre-compute deployments, review before apply
- **Scientific computing** — reproducible experiments with evidence chains
- **Supply chain** — package build verification before publish
- **Financial transactions** — pre-compute + compliance check + execute
- **Infrastructure** — terraform plan is a primitive airlock; this is the full version
- **Medical data** — HIPAA minimum necessary, proven by diff

## Part of the TIBET Ecosystem

- [tibet-core](https://pypi.org/project/tibet-core/) — Token provenance
- [tibet-pol](https://pypi.org/project/tibet-pol/) — Process integrity checker
- [tibet-forge](https://pypi.org/project/tibet-forge/) — Code certification
- [tibet-audit](https://pypi.org/project/tibet-audit/) — Compliance reporting
- [tibet-trail](https://pypi.org/project/tibet-trail/) — Chain tracing

## License

MIT — Humotica AI Lab
