Initial release
LatestOperatorBoard is a human-governed control plane for AI agents. This first release establishes the core governance model, database governance layer, and security posture.
Core governance
- +Four-level execution ladder: observe → propose → approval_required → scoped_autonomy
- +Approval queue with multi-action support and task-level gating
- +Earned trust — promotion suggestions at ≥90% approval rate, ≥5 tasks, zero violations
- +Kill switch — suspend/resume per agent, pauses associated tasks
- +Task pipelines, scheduled tasks, org chart, cost analytics
- +Webhook notifications, agent health checks, full audit trail
Database governance
- +Four-tier DB access model: none / read_only / write_safe / write_destructive
- +Structured db.* action namespace
- +Shell-bypass detection — psql, mysql, sqlite3 auto-classified as write_destructive
- +Backup attestation requirement for destructive DB actions
- +Stale attestation enforcement with configurable maxBackupAgeMinutes
- +Signed integration ingest with HMAC-SHA256, provider binding, replay protection
Security hardening
- +Webhook SSRF prevention — isSafeWebhookUrl() at registration and fire-time
- +Action-type normalization — lowercased, startsWith() prefix matching
- +allowNetwork enforced server-side; network and file read off by default
- +Approval-state guards — no silent approval queue wipes
- +Integration replay protection with 5-minute TTL and forward-skew limit
- +Attestation provenance — manual path always sets source: manual
- +Timing-safe auth, honeypot routes, Caddy config included
Developer experience
- +buildApp() factory with injectable fetchImpl and scheduler for testing
- +21 tests across 8 suites
- +pnpm monorepo with shared Zod schemas
- +Docker multi-stage builds, GitHub Actions CI
- +Demo seed data, mock agent reference implementation