Refresh Pipelock integration for v2.8 receipts (#2406)

* chore(pipelock): refresh integration for v2.8 receipts

* Clarify Pipelock receipt key mounts
This commit is contained in:
Josh
2026-06-19 11:16:38 -04:00
committed by GitHub
parent 6e5f35b306
commit 60d9a70aff
13 changed files with 274 additions and 29 deletions

View File

@@ -251,6 +251,7 @@ Pipelock sits between Sure and external services, scanning AI traffic for:
- **Secret exfiltration** (DLP): catches API keys, tokens, or personal data leaking in prompts
- **Prompt injection**: detects attempts to override system instructions
- **Tool poisoning**: validates MCP tool calls against known-safe patterns
- **Signed receipts**: optional hash-chained evidence of mediated decisions when `flight_recorder.dir` and `signing_key_path` are configured
When using `compose.example.ai.yml`, Pipelock is always running. External AI agents should connect to port 8889 (MCP reverse proxy) instead of directly to Sure's `/mcp` on port 3000.