apunkt/gomcp
1
0
Fork 0
mirror of https://github.com/syntrex-lab/gomcp.git synced 2026-04-28 22:06:22 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

docs: Change architecture to Mermaid and add missing documentation files

Browse source
This commit is contained in:
DmitrL-dev 2026-04-01 09:51:35 +10:00
parent f94c527eb0
commit c3ca6a322b
5 changed files with 125 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

15
docs/security/dip_pipeline.md Normal file
View file

@ -0,0 +1,15 @@
# DIP Pipeline (Declarative Intent Parsing)
The **DIP Pipeline** is the first line of defense in the GoMCP architecture, designed to thwart malicious prompts and adversarial intent before they ever reach the underlying LLM.
## How it Works
Traditional security proxies rely heavily on blacklists, regex, or second-model classifiers to detect a "jailbreak." The DIP pipeline flips this paradigm:
1. **Deny-First Oracle**: Instead of allowing all inputs except identified threats, the system denies all inputs except identified benign operations.
2. **Intent Distillation**: It parses the text, extracts the fundamental "intent vector," and compares it to a rigid list of allowed capabilities.
3. **Entropy Gate**: Analyzes Shannon entropy of text to detect adversarial/chaotic signals and encoded payloads.
## Lattice Integration
DIP feeds directly into the larger [Sentinel Lattice](https://github.com/syntrex-lab/sentinel-community/blob/main/docs/rnd/2026-02-25-sentinel-lattice-architecture.md) architecture by creating early *Provenance Certificates*. This guarantees that even if a prompt "tricks" the semantic layers, the root source (the external untrusted user) is forever linked mathematically to the parsed intent.