mirror of
https://github.com/garrytan/gstack.git
synced 2026-05-02 03:35:09 +02:00
Garry Tan
b12a28654f
Banner previously always rendered "Session terminated" — one-way. Now
when security_event.reviewable=true:
- Title switches to "Review suspected injection"
- Subtitle explains the decision ("allow to continue, block to end")
- Expandable details auto-open so the user sees context immediately
- Suspected text excerpt rendered in a mono pre block, scrollable,
capped at 500 chars server-side
- Per-layer confidence scores (which layer fired, how confident)
- Action row with red [Block session] + neutral [Allow and continue]
- Click posts to /security-decision, banner hides, sidebar-agent
sees the file and resumes or kills within one poll cycle
Existing hard-block banner (terminated session, canary leaks) unchanged.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>