Guard
Dashboard
Trust packet

Security pilot proof without changing the local-first path.

A compact packet for platform and security leads: architecture boundary, telemetry posture, release provenance, issue intake, redacted payload shape, and enterprise handoff signals.

Enterprise assistOpen docs

Source claims verified 2026-06-08.

Architecture

Verified

Local-first runtime and receipts

Guard starts with local harness discovery, launcher interception, policy evaluation, receipts, and optional sync.

Guard architecture docs

Privacy

Verified

Pull-only advisory sync boundary

Advisory sync is documented as optional and pull-only, with no local file paths, harness configs, receipt data, or workspace identifiers sent during sync.

hol-guard PyPI project description

Governance

Confirm

Public issue intake and policy link

The public package links to GitHub issues. Security policy details should be confirmed from the linked GitHub policy before an enterprise SLA is quoted.

hol-guard GitHub issues

Enterprise

Verified

SSO, SAML, and SIEM are sales-assist signals

SSO, SAML, SCIM, SIEM routing, custom retention, and custom feeds should route to Enterprise billing assistance without blocking local self-serve protection.

Guard enterprise trigger model

Stable and edge release proof

Stable

Verified

PyPI lists hol-guard 2.0.508 as the latest package release on June 7, 2026.

hol-guard on PyPI

Trusted publishing

Verified

Recent PyPI file details show Trusted Publishing and provenance for hol-guard distributions; PyPI defines this as OIDC-backed short-lived publishing credentials.

PyPI Trusted Publishers docs

Edge

Confirm

No separate public edge channel was verified during this pass. Pilots should use Stable unless release owners provide a current edge source.

Release verification checkpoint

Redacted SIEM examples

receipt.created

{
  "actor": {
    "actorHash": "actor_agent_7f3a",
    "actorType": "agent"
  },
  "eventType": "receipt.created",
  "eventVersion": "guard.siem.v1",
  "occurredAt": "2026-06-08T18:00:00.000Z",
  "receiptId": "receipt_01jz_guard_created",
  "redaction": {
    "rawCommandIncluded": false,
    "rawPromptIncluded": false,
    "secretMaterialIncluded": false
  },
  "routing": {
    "enterpriseTrigger": null,
    "suggestedSink": "siem"
  },
  "severity": "info",
  "subject": {
    "artifactId": "tool:codex-shell",
    "artifactType": "receipt",
    "ecosystem": null
  },
  "workspaceId": "workspace_9d21"
}

approval.resolved

{
  "actor": {
    "actorHash": "actor_human_42",
    "actorType": "human"
  },
  "eventType": "approval.resolved",
  "eventVersion": "guard.siem.v1",
  "occurredAt": "2026-06-08T18:02:00.000Z",
  "receiptId": "receipt_01jz_approval",
  "redaction": {
    "rawCommandIncluded": false,
    "rawPromptIncluded": false,
    "secretMaterialIncluded": false
  },
  "routing": {
    "enterpriseTrigger": null,
    "suggestedSink": "ticketing"
  },
  "severity": "medium",
  "subject": {
    "artifactId": "approval:workspace-scope",
    "artifactType": "approval",
    "ecosystem": null
  },
  "workspaceId": "workspace_9d21"
}

policy.mutation

{
  "actor": {
    "actorHash": "actor_admin_42",
    "actorType": "human"
  },
  "eventType": "policy.mutation",
  "eventVersion": "guard.siem.v1",
  "occurredAt": "2026-06-08T18:04:00.000Z",
  "receiptId": "policy_receipt_01jz",
  "redaction": {
    "rawCommandIncluded": false,
    "rawPromptIncluded": false,
    "secretMaterialIncluded": false
  },
  "routing": {
    "enterpriseTrigger": null,
    "suggestedSink": "siem"
  },
  "severity": "medium",
  "subject": {
    "artifactId": "policy:strict-release",
    "artifactType": "policy",
    "ecosystem": null
  },
  "workspaceId": "workspace_9d21"
}

incident.created

{
  "actor": {
    "actorHash": "actor_system_guard",
    "actorType": "system"
  },
  "eventType": "incident.created",
  "eventVersion": "guard.siem.v1",
  "occurredAt": "2026-06-08T18:06:00.000Z",
  "receiptId": "incident_receipt_01jz",
  "redaction": {
    "rawCommandIncluded": false,
    "rawPromptIncluded": false,
    "secretMaterialIncluded": false
  },
  "routing": {
    "enterpriseTrigger": "incident_export_use",
    "suggestedSink": "case-management"
  },
  "severity": "high",
  "subject": {
    "artifactId": "incident:package-block",
    "artifactType": "incident",
    "ecosystem": null
  },
  "workspaceId": "workspace_9d21"
}

feed.degraded

{
  "actor": {
    "actorHash": "actor_system_guard",
    "actorType": "system"
  },
  "eventType": "feed.degraded",
  "eventVersion": "guard.siem.v1",
  "occurredAt": "2026-06-08T18:08:00.000Z",
  "receiptId": "feed_receipt_01jz",
  "redaction": {
    "rawCommandIncluded": false,
    "rawPromptIncluded": false,
    "secretMaterialIncluded": false
  },
  "routing": {
    "enterpriseTrigger": "custom_notification_routing",
    "suggestedSink": "siem"
  },
  "severity": "medium",
  "subject": {
    "artifactId": "feed:osv",
    "artifactType": "feed",
    "ecosystem": null
  },
  "workspaceId": "workspace_9d21"
}

package.blocked

{
  "actor": {
    "actorHash": "actor_agent_7f3a",
    "actorType": "agent"
  },
  "eventType": "package.blocked",
  "eventVersion": "guard.siem.v1",
  "occurredAt": "2026-06-08T18:10:00.000Z",
  "receiptId": "package_receipt_01jz",
  "redaction": {
    "rawCommandIncluded": false,
    "rawPromptIncluded": false,
    "secretMaterialIncluded": false
  },
  "routing": {
    "enterpriseTrigger": "siem_export_schema_request",
    "suggestedSink": "siem"
  },
  "severity": "critical",
  "subject": {
    "artifactId": "package:npm/acme-risky-install",
    "artifactType": "package",
    "ecosystem": "npm"
  },
  "workspaceId": "workspace_9d21"
}