Concepts Glossary
One sentence. One link.
A fixed-tile KV-cache reduction strategy that produces bit-identical outputs regardless of batch size, eliminating the floating-point drift that causes safety drift under load. Architecture > Batch-Invariant Determinism.
A pre-exec evaluator for shell commands issued by coding agents — same Passed / Corrected / Blocked verdict shape as Guardian-mode chat. CLI Firewall.
The flow that feeds production correction vectors back into the next Guardian — clustered, exported, retrained. The Safety Ratchet ratchets in production, not just in the lab. Guardian Training.
An immutable Glass Box Ledger entry written every time a configuration changes — MCP server registration, alert rule, breaker state, NHI suspension, retention setting. Governance Controls.
The numerical representation of a JSON Patch applied by a Guardian. The basis for closed-loop training. Guardian Training.
The smallest semantic-space delta required to move an unsafe output to the nearest Safe Centroid. The basis for Semantic Rectification. Architecture.
Fleet-wide immunity — when one tenant's Guardian blocks a novel attack, the corrected vector contributes to a baseline update every tenant can opt into. Architecture.
The append-only, Merkle-chained State-Tuple Ledger that records every Guardian decision (input hash, policy hash, outcome, corrections, governance hash). Daubert-admissible. Glass Box Ledger.
A fine-tuned LoRA adapter that evaluates AI outputs against a defined Policy Manifold and returns Passed / Corrected / Blocked. Architecture.
A signed hash emitted by a successful Guardian simulation — required for tier escalations on a Non-Human Identity. NHI Governance.
L6 control that blocks AI tool calls and code-completion outputs from reaching cloud Instance Metadata Service endpoints. Governance Controls.
The wire format for Guardian corrections — typed operations (add / remove / replace / move / copy / test) applied to the offending output. Verdict Playground.
A single Glass Box Ledger entry — the canonical artifact every governed call produces. Includes verdict, hashes, latency, policy version. Glass Box Ledger.
Low-Rank Adaptation — the lightweight tensor format Trinitite uses to represent each Guardian. Megabytes per Guardian; sub-millisecond hot-swap. Architecture.
The protocol for AI agents to invoke tools. Trinitite governs every MCP tool call before transport with a per-tool specialist Guardian. MCP Gateway.
A first-class identity for AI agents, services, and other non-human principals — with its own tier ladder, scopes, and Guardian binding. NHI Governance.
A versioned rubric (PDF, MD, structured clauses) that defines the Permitted / Forbidden geometry of a Guardian. Policy Intelligence.
The geometric representation of a policy in semantic space — Permitted regions, Forbidden subspaces, and Pre-Validated Safe Centroids. Policy Intelligence.
The policy_retrieval_* metric family — proves that the active policy was actually retrieved and injected into the Guardian context for any given decision. Observability.
The classification every replayed event receives: bit_exact, semantic_only, divergent, original_missing. Glass Box Ledger.
A semantic-space coordinate that has passed the Test-Driven Governance suite. Guardian corrections snap to these — never to invented coordinates. Architecture.
The TDG property that the known-failure surface only ever shrinks — every blocked attack becomes a permanent constraint. Policy Intelligence.
The mechanism by which the Guardian converts an unsafe output into a safe one via JSON Patch — projection along the Difference Vector to the nearest Safe Centroid. Architecture.
The signed-and-scanned tool repository for Guardian-permissioned actions — provenance, SBOM, quarantine lifecycle. Skill Vault.
The schema underlying the Glass Box Ledger — the canonical 6-tuple recorded for every decision. Glass Box Ledger.
The methodology that turns every identified failure mode into a permanent constraint via Red / Green / Lock — the basis of the Safety Ratchet. Testing & Simulation.
The split of observability into ops, security, and audit — each with its own schema and retention. Observability.