Summary
Implement TurtleTerm alignment with the SourceOS Helper Causal Receipts v0.1 architecture contract introduced in SourceOS-Linux/sourceos-shell PR wezterm#13 .
TurtleTerm must treat terminal previews, hyperlink previews, archive listing, command-output rendering, and helper subprocesses as receipt-bearing actions. The key risk is ambient authority leakage: terminal helpers must not inherit shell secrets, environment variables, credentials, SSH keys, tokens, clipboard access, or implicit network access.
Required capabilities
Emit root_intent.created for:
terminal file preview
hyperlink preview
archive listing
command output renderer
shell helper subprocess preview
Emit helper.spawn for preview/render helper subprocesses.
Emit capability.request for sensitive attempts:
shell environment read
shell history read
SSH key read
token/secret read
network egress
DNS lookup
pasteboard read/write
account lookup
analytics/telemetry
Emit helper.exit and receipt completeness for every preview/helper lifecycle.
Normalize teardown races before surfacing them to users.
Policy profile to enforce
terminal.preview.local_only.v1
Security invariants
Terminal preview helpers never inherit shell secrets.
Hyperlink preview does not fetch remote content without explicit user or policy approval.
Archive listing does not execute archive content.
Command-output rendering does not receive ambient environment or credential authority.
Expected denials are recorded as containment evidence.
Unexpected capability requests become policy-regression candidates.
Acceptance criteria
Terminal preview actions produce a root intent and helper DAG.
Fixture tests prove helper denial of shell env, shell history, SSH keys, tokens, clipboard, network, DNS, account lookup, and analytics.
CI fails if a local terminal preview helper allows network/DNS or secret access.
TurtleTerm emits enough receipts for SourceOS Shell's “Why did this run?” inspector.
Degraded/incomplete helper receipts are visible in terminal UI or exportable to SourceOS Shell.
Validation path
Add fixture tests for:
local file preview pass
hyperlink preview blocked network pass
secret read denied pass
network allowed fail
Add CI gate equivalent to check_helper_receipts.py from the artifact packet.
Cross-link implementation to SourceOS-Linux/sourceos-shell PR invalid newlines in the presence of tabs wezterm/wezterm#13
Summary
Implement TurtleTerm alignment with the SourceOS Helper Causal Receipts v0.1 architecture contract introduced in
SourceOS-Linux/sourceos-shellPR wezterm#13.TurtleTerm must treat terminal previews, hyperlink previews, archive listing, command-output rendering, and helper subprocesses as receipt-bearing actions. The key risk is ambient authority leakage: terminal helpers must not inherit shell secrets, environment variables, credentials, SSH keys, tokens, clipboard access, or implicit network access.
Required capabilities
root_intent.createdfor:helper.spawnfor preview/render helper subprocesses.capability.requestfor sensitive attempts:helper.exitand receipt completeness for every preview/helper lifecycle.Policy profile to enforce
terminal.preview.local_only.v1Security invariants
Acceptance criteria
Validation path
check_helper_receipts.pyfrom the artifact packet.SourceOS-Linux/sourceos-shellPR invalid newlines in the presence of tabs wezterm/wezterm#13 once merged.