gomcp/docs/security/dip_pipeline.md

DIP Pipeline (Declarative Intent Parsing)

The DIP Pipeline is the first line of defense in the GoMCP architecture, designed to thwart malicious prompts and adversarial intent before they ever reach the underlying LLM.

How it Works

Traditional security proxies rely heavily on blacklists, regex, or second-model classifiers to detect a "jailbreak." The DIP pipeline flips this paradigm:

1. Deny-First Oracle: Instead of allowing all inputs except identified threats, the system denies all inputs except identified benign operations.
2. Intent Distillation: It parses the text, extracts the fundamental "intent vector," and compares it to a rigid list of allowed capabilities.
3. Entropy Gate: Analyzes Shannon entropy of text to detect adversarial/chaotic signals and encoded payloads.

Lattice Integration

DIP feeds directly into the larger Sentinel Lattice architecture by creating early Provenance Certificates. This guarantees that even if a prompt "tricks" the semantic layers, the root source (the external untrusted user) is forever linked mathematically to the parsed intent.