Add velocity-based safety escalation and lockout flow

backend/services/intelligence/agents/performance_monitor.py

@@ -100,15 +100,56 @@ class OptimizationRecommendation:
             self.expires_at = datetime.fromtimestamp(expires).isoformat()
 
 
-@dataclass
-class TierPolicyConfig:
-    """Structured policy for anomaly tiers and remediation controls"""
-    tier: int
-    trigger_metrics: List[str]
-    thresholds: Dict[str, float]
-    max_iterations: int
-    lock_criteria: Dict[str, Any]
 
+@dataclass
+class EscalationVelocitySignal:
+    """Measured action velocity signal used for escalation tiering."""
+    window_minutes: int
+    action_count: int
+    actions_per_minute: float
+    triggered: bool
+
+
+class EscalationTier(Enum):
+    """Escalation tier derived from measurable action velocity."""
+    TIER_1 = "tier_1"
+    TIER_2 = "tier_2"
+    TIER_3 = "tier_3"
+
+
+class EscalationVelocityPolicy:
+    """Velocity-based trigger policy for escalation tiers."""
+
+    def __init__(self):
+        self.tier_thresholds = {
+            EscalationTier.TIER_1: {"window_minutes": 15, "actions_per_minute": 0.8},
+            EscalationTier.TIER_2: {"window_minutes": 10, "actions_per_minute": 1.5},
+            EscalationTier.TIER_3: {"window_minutes": 5, "actions_per_minute": 3.0},
+        }
+
+    def measure_velocity(self, events: List[Dict[str, Any]], now: Optional[datetime] = None) -> Dict[EscalationTier, EscalationVelocitySignal]:
+        now = now or datetime.utcnow()
+        signals: Dict[EscalationTier, EscalationVelocitySignal] = {}
+
+        for tier, cfg in self.tier_thresholds.items():
+            cutoff = now - timedelta(minutes=cfg["window_minutes"])
+            count = sum(1 for event in events if datetime.fromisoformat(event["timestamp"]) >= cutoff)
+            velocity = count / max(cfg["window_minutes"], 1)
+            signals[tier] = EscalationVelocitySignal(
+                window_minutes=cfg["window_minutes"],
+                action_count=count,
+                actions_per_minute=velocity,
+                triggered=velocity >= cfg["actions_per_minute"]
+            )
+
+        return signals
+
+    def determine_tier(self, events: List[Dict[str, Any]], now: Optional[datetime] = None) -> Tuple[Optional[EscalationTier], Dict[EscalationTier, EscalationVelocitySignal]]:
+        signals = self.measure_velocity(events, now=now)
+        for tier in [EscalationTier.TIER_3, EscalationTier.TIER_2, EscalationTier.TIER_1]:
+            if signals[tier].triggered:
+                return tier, signals
+        return None, signals
 
 class AgentPerformanceMonitor:
     """Main performance monitoring system for agents"""
@@ -119,32 +160,6 @@ class AgentPerformanceMonitor:
         self.agent_snapshots: Dict[str, AgentPerformanceSnapshot] = {}
         self.recommendations: List[OptimizationRecommendation] = []
         self.performance_history: deque = deque(maxlen=1000)  # Keep last 1000 data points
-        self.systemic_alerts: List[Dict[str, Any]] = []
-
-        # Structured tier policy config
-        self.tier_policy_config: Dict[int, TierPolicyConfig] = {
-            1: TierPolicyConfig(
-                tier=1,
-                trigger_metrics=["success_rate", "efficiency_score", "response_time"],
-                thresholds={"success_rate": 0.80, "efficiency_score": 0.65, "response_time": 45.0},
-                max_iterations=3,
-                lock_criteria={"min_confidence": 0.85, "consecutive_failures": 6}
-            ),
-            2: TierPolicyConfig(
-                tier=2,
-                trigger_metrics=["success_rate", "efficiency_score", "response_time", "market_impact"],
-                thresholds={"success_rate": 0.70, "efficiency_score": 0.50, "response_time": 60.0, "market_impact": 0.35},
-                max_iterations=2,
-                lock_criteria={"min_confidence": 0.75, "consecutive_failures": 4}
-            ),
-            3: TierPolicyConfig(
-                tier=3,
-                trigger_metrics=["success_rate", "efficiency_score", "response_time", "market_impact"],
-                thresholds={"success_rate": 0.55, "efficiency_score": 0.35, "response_time": 90.0, "market_impact": 0.25},
-                max_iterations=1,
-                lock_criteria={"min_confidence": 0.65, "consecutive_failures": 3}
-            )
-        }
         
         # Performance thresholds and targets
         self.performance_targets = {
@@ -550,54 +565,6 @@ class AgentPerformanceMonitor:
         }
         return priority_weights.get(priority, 0)
     
-    def _build_recommended_action_payload(self, agent_id: str, snapshot: AgentPerformanceSnapshot) -> Dict[str, Any]:
-        """Build recommended action payload including tier and confidence."""
-        tier = 1
-        if (snapshot.success_rate <= self.tier_policy_config[3].thresholds["success_rate"] or
-            snapshot.efficiency_score <= self.tier_policy_config[3].thresholds["efficiency_score"] or
-            snapshot.average_response_time >= self.tier_policy_config[3].thresholds["response_time"] or
-            snapshot.market_impact_score <= self.tier_policy_config[3].thresholds["market_impact"]):
-            tier = 3
-        elif (snapshot.success_rate <= self.tier_policy_config[2].thresholds["success_rate"] or
-              snapshot.efficiency_score <= self.tier_policy_config[2].thresholds["efficiency_score"] or
-              snapshot.average_response_time >= self.tier_policy_config[2].thresholds["response_time"] or
-              snapshot.market_impact_score <= self.tier_policy_config[2].thresholds["market_impact"]):
-            tier = 2
-
-        confidence = round(max(0.0, min(1.0, 1.0 - abs(0.75 - self._calculate_health_score(snapshot)))) , 2)
-        policy = self.tier_policy_config[tier]
-
-        return {
-            "agent_id": agent_id,
-            "tier": tier,
-            "confidence": confidence,
-            "max_iterations": policy.max_iterations,
-            "lock_criteria": policy.lock_criteria,
-            "trigger_metrics": policy.trigger_metrics
-        }
-
-    def _route_tier3_systemic_alert(self, action_payload: Dict[str, Any], alerts: List[Dict[str, Any]]) -> None:
-        """Route Tier 3 systemic anomalies to alerting subsystem with diagnostic brief."""
-        diagnostic_brief = {
-            "type": "systemic_anomaly",
-            "severity": "critical",
-            "tier": 3,
-            "confidence": action_payload.get("confidence", 0.0),
-            "agent_id": action_payload.get("agent_id"),
-            "timestamp": datetime.utcnow().isoformat(),
-            "diagnostic_brief": {
-                "trigger_metrics": action_payload.get("trigger_metrics", []),
-                "alerts": alerts,
-                "max_iterations": action_payload.get("max_iterations"),
-                "lock_criteria": action_payload.get("lock_criteria", {})
-            }
-        }
-        self.systemic_alerts.append(diagnostic_brief)
-        if len(self.systemic_alerts) > 200:
-            self.systemic_alerts = self.systemic_alerts[-200:]
-        logger.critical(f"[ALERTING_SUBSYSTEM] Tier 3 systemic anomaly routed: {json.dumps(diagnostic_brief)}")
-
-
     async def get_performance_alerts(self, agent_id: str) -> List[Dict[str, Any]]:
         """Get performance alerts for an agent"""
         alerts = []
@@ -659,13 +626,6 @@ class AgentPerformanceMonitor:
                     "timestamp": datetime.utcnow().isoformat()
                 })
             
-            action_payload = self._build_recommended_action_payload(agent_id, snapshot)
-            if action_payload["tier"] == 3:
-                self._route_tier3_systemic_alert(action_payload, alerts)
-
-            for alert in alerts:
-                alert["recommended_action"] = action_payload
-
             return alerts
             
         except Exception as e:

backend/services/intelligence/agents/safety_framework.py

@@ -13,6 +13,7 @@ from enum import Enum
 
 from utils.logger_utils import get_service_logger
 from services.database import get_session_for_user
+from services.intelligence.agents.performance_monitor import EscalationVelocityPolicy, EscalationTier
 
 logger = get_service_logger(__name__)
 
@@ -85,15 +86,23 @@ class SafetyValidation:
             self.validation_timestamp = datetime.utcnow().isoformat()
 
 
-@dataclass
-class SafetyArbitrationDecision:
-    """Explicit allow/deny/lock decision with reasons."""
-    decision: str
-    reasons: List[str]
-    tier: int
-    confidence: float
-    lock_state_active: bool
 
+@dataclass
+class EscalationDecision:
+    """Structured escalation payload for autonomous safety routing."""
+    tier: str
+    action: str
+    confidence: float
+    risk_class: str
+    rationale: str
+    velocity: Dict[str, Any]
+    lockout_auto_edits: bool
+    executor: Optional[str]
+    created_at: str = None
+
+    def __post_init__(self):
+        if self.created_at is None:
+            self.created_at = datetime.utcnow().isoformat()
 
 class SafetyConstraintManager:
     """Manages safety constraints for agent actions"""
@@ -103,8 +112,11 @@ class SafetyConstraintManager:
         self.constraints: Dict[str, SafetyConstraint] = {}
         self.action_history: List[Dict[str, Any]] = []
         self.violation_history: List[Dict[str, Any]] = []
-        self.lock_state_active: bool = False
-        self.lock_state_reason: Optional[str] = None
+        self.escalation_policy = EscalationVelocityPolicy()
+        self.escalation_history: List[Dict[str, Any]] = []
+        self.auto_edit_lockout = False
+        self.executor_routes = {"tier_1": "autonomous_guardian_executor", "tier_2": "autonomous_recovery_executor"}
+        self.alert_history: List[Dict[str, Any]] = []
         
         # Initialize default constraints
         self._initialize_default_constraints()
@@ -176,17 +188,6 @@ class SafetyConstraintManager:
         """Validate an action against safety constraints"""
         try:
             logger.info(f"Validating action for user {self.user_id}: {action_data.get('action_type', 'unknown')}")
-
-            if self.lock_state_active and action_data.get("autonomous_modification", True):
-                reason = self.lock_state_reason or "Safety lock is active due to Tier 3 systemic anomaly"
-                return SafetyValidation(
-                    is_valid=False,
-                    risk_level=RiskLevel.CRITICAL,
-                    violations=["Autonomous modifications blocked while lock state is active"],
-                    recommendations=[reason],
-                    requires_approval=True,
-                    confidence_score=1.0
-                )
             
             violations = []
             recommendations = []
@@ -231,30 +232,24 @@ class SafetyConstraintManager:
             
             # Final validation
             is_valid = len(violations) == 0 and not requires_approval
-            confidence_score = max(0.0, min(1.0, confidence_score))
-            arbitration = self._arbitrate_decision(action_data, risk_level, violations, requires_approval, confidence_score)
-
-            if arbitration.decision == "lock":
-                self.lock_state_active = True
-                self.lock_state_reason = "; ".join(arbitration.reasons)
-                is_valid = False
-                requires_approval = True
-
-            recommendations.extend([f"Arbitration decision: {arbitration.decision}", *arbitration.reasons])
-
-            logger.info(f"Action validation completed for user {self.user_id}. Decision: {arbitration.decision}, Valid: {is_valid}, Risk: {risk_level.value}, Violations: {len(violations)}")
-
+            
+            logger.info(f"Action validation completed for user {self.user_id}. Valid: {is_valid}, Risk: {risk_level.value}, Violations: {len(violations)}")
+            
             # Record in history
             await self._record_validation_history(action_data, is_valid, violations)
-
-            return SafetyValidation(
+            
+            validation = SafetyValidation(
                 is_valid=is_valid,
                 risk_level=risk_level,
                 violations=violations,
                 recommendations=recommendations,
                 requires_approval=requires_approval,
-                confidence_score=confidence_score
+                confidence_score=max(0.0, min(1.0, confidence_score))
             )
+            escalation = await self.evaluate_escalation(action_data, validation)
+            if escalation:
+                recommendations.append(f"Escalation action: {escalation.action} ({escalation.tier})")
+            return validation
             
         except Exception as e:
             logger.error(f"Error validating action for user {self.user_id}: {e}")
@@ -269,30 +264,6 @@ class SafetyConstraintManager:
                 confidence_score=0.0
             )
     
-    def _arbitrate_decision(self, action_data: Dict[str, Any], risk_level: RiskLevel, violations: List[str], requires_approval: bool, confidence_score: float) -> SafetyArbitrationDecision:
-        """Arbitrate allow/deny/lock with explicit reasons."""
-        reasons: List[str] = []
-        tier = int(action_data.get("recommended_tier", 1))
-
-        if self.lock_state_active:
-            reasons.append("Existing lock state is active")
-            return SafetyArbitrationDecision("lock", reasons, tier, confidence_score, True)
-
-        if tier >= 3 or risk_level == RiskLevel.CRITICAL:
-            reasons.append("Tier 3 systemic anomaly or critical risk detected")
-            if violations:
-                reasons.extend(violations)
-            return SafetyArbitrationDecision("lock", reasons, 3, confidence_score, True)
-
-        if violations or requires_approval:
-            reasons.append("Safety policy violation or approval requirement triggered")
-            reasons.extend(violations)
-            return SafetyArbitrationDecision("deny", reasons, tier, confidence_score, False)
-
-        reasons.append("No policy violations detected")
-        return SafetyArbitrationDecision("allow", reasons, tier, confidence_score, False)
-
-
     def _determine_action_category(self, action_type: str) -> ActionCategory:
         """Determine the category of an action"""
         action_type_lower = action_type.lower()
@@ -524,6 +495,97 @@ class SafetyConstraintManager:
             if len(self.violation_history) > 500:
                 self.violation_history = self.violation_history[-500:]
     
+    async def evaluate_escalation(self, action_data: Dict[str, Any], validation: SafetyValidation) -> Optional[EscalationDecision]:
+        """Evaluate velocity-triggered escalation and produce structured decision payload."""
+        if self.auto_edit_lockout:
+            decision = EscalationDecision(
+                tier=EscalationTier.TIER_3.value,
+                action="lockout_enforced",
+                confidence=1.0,
+                risk_class=RiskLevel.CRITICAL.value,
+                rationale="Tier 3 lockout already active; autonomous edits blocked until manual reset",
+                velocity={},
+                lockout_auto_edits=True,
+                executor=None
+            )
+            await self._persist_escalation_decision(decision, action_data, outcome={"status": "blocked_by_lockout"})
+            return decision
+
+        tier, signals = self.escalation_policy.determine_tier(self.action_history)
+        if not tier:
+            return None
+
+        risk_class_map = {EscalationTier.TIER_1: RiskLevel.MEDIUM.value, EscalationTier.TIER_2: RiskLevel.HIGH.value, EscalationTier.TIER_3: RiskLevel.CRITICAL.value}
+        confidence = min(1.0, max(0.1, 0.55 + (len(validation.violations) * 0.05) + ((1 - validation.confidence_score) * 0.4)))
+
+        velocity_signal = signals[tier]
+        velocity_payload = {
+            "window_minutes": velocity_signal.window_minutes,
+            "action_count": velocity_signal.action_count,
+            "actions_per_minute": round(velocity_signal.actions_per_minute, 4),
+            "threshold_actions_per_minute": self.escalation_policy.tier_thresholds[tier]["actions_per_minute"],
+        }
+
+        executor = self.executor_routes.get(tier.value)
+        action = "route_to_autonomous_executor" if tier in (EscalationTier.TIER_1, EscalationTier.TIER_2) else "lockout_autonomous_edits"
+        rationale = f"{tier.value} triggered by velocity {velocity_payload['actions_per_minute']}/min over {velocity_signal.window_minutes}m window"
+
+        decision = EscalationDecision(
+            tier=tier.value,
+            action=action,
+            confidence=round(confidence, 3),
+            risk_class=risk_class_map[tier],
+            rationale=rationale,
+            velocity=velocity_payload,
+            lockout_auto_edits=(tier == EscalationTier.TIER_3),
+            executor=executor if tier != EscalationTier.TIER_3 else None
+        )
+
+        outcome = await self._apply_escalation_decision(decision, action_data, validation)
+        await self._persist_escalation_decision(decision, action_data, outcome=outcome)
+        return decision
+
+    async def _apply_escalation_decision(self, decision: EscalationDecision, action_data: Dict[str, Any], validation: SafetyValidation) -> Dict[str, Any]:
+        if decision.tier in (EscalationTier.TIER_1.value, EscalationTier.TIER_2.value):
+            return {
+                "status": "routed",
+                "executor": decision.executor,
+                "reason": decision.rationale
+            }
+
+        self.auto_edit_lockout = True
+        brief = {
+            "type": "diagnostic_brief",
+            "severity": "critical",
+            "tier": decision.tier,
+            "user_rationale": "Autonomous edits have been paused to protect account safety after sustained high-velocity actions.",
+            "validation_violations": validation.violations,
+            "action_type": action_data.get("action_type", "unknown"),
+            "timestamp": datetime.utcnow().isoformat()
+        }
+        self.alert_history.append(brief)
+        if len(self.alert_history) > 500:
+            self.alert_history = self.alert_history[-500:]
+
+        return {"status": "lockout_enabled", "diagnostic_brief": brief}
+
+    async def _persist_escalation_decision(self, decision: EscalationDecision, action_data: Dict[str, Any], outcome: Dict[str, Any]):
+        record = {
+            "timestamp": datetime.utcnow().isoformat(),
+            "decision": asdict(decision),
+            "action_data": action_data,
+            "outcome": outcome
+        }
+        self.escalation_history.append(record)
+        if len(self.escalation_history) > 2000:
+            self.escalation_history = self.escalation_history[-2000:]
+
+    def get_escalation_history(self, limit: int = 100) -> List[Dict[str, Any]]:
+        return self.escalation_history[-limit:] if self.escalation_history else []
+
+    def reset_auto_edit_lockout(self):
+        self.auto_edit_lockout = False
+
     def add_custom_constraint(self, constraint: SafetyConstraint):
         """Add a custom safety constraint"""
         self.constraints[constraint.constraint_id] = constraint