JARVIS NATURAL LANGUAGE DRY-RUN ROUTER SPEC v1 STATUS: DRAFT OWNER: single-owner system DEFAULT OWNER LANGUAGE: Russian MODE: dry-run only CORE RULE: classify intent, do not execute action PURPOSE This document defines the future local dry-run natural language router for Jarvis. The dry-run router should accept a natural language owner phrase and return a structured interpretation. It must not execute commands. It must not call shell actions. It must not read private files. It must not create webhooks. It must not modify anything. WHY DRY-RUN FIRST Natural language can be ambiguous. Before Jarvis executes actions from human language, it must first prove that it can classify phrases safely. Dry-run mode lets the owner test understanding without risk. FUTURE LOCAL COMMAND NAME Suggested future script: - /volume1/docker/jarvis/scripts/jarvis_nl_dry_run.sh Suggested usage: sudo /volume1/docker/jarvis/scripts/jarvis_nl_dry_run.sh "как там бэкапы?" Expected behavior: - print structured interpretation - do not run backup_status.sh - do not run jarvis.sh - do not execute any action INPUT Input: - one owner phrase as text Examples: - "как там бэкапы?" - "проверь всё" - "что дальше?" - "покажи статус" - "переведи это на английский" - "покажи секреты" OUTPUT FORMAT The router should output: - input_phrase - detected_language - detected_intent - confidence - risk_level - decision - proposed_action - response_language - reason EXAMPLE: ALLOWED STATUS Input: - покажи статус Expected output: input_phrase: - покажи статус detected_language: - Russian detected_intent: - STATUS confidence: - high risk_level: - low_read_only decision: - dry_run_allow proposed_action: - jarvis.sh статус response_language: - Russian reason: - phrase asks for current Jarvis Core status EXAMPLE: ALLOWED BACKUP STATUS Input: - как там бэкапы? Expected output: input_phrase: - как там бэкапы? detected_language: - Russian detected_intent: - BACKUP_STATUS confidence: - high risk_level: - medium_read_only_metadata decision: - dry_run_allow proposed_action: - jarvis.sh бэкап response_language: - Russian reason: - phrase asks for backup metadata only EXAMPLE: AMBIGUOUS Input: - проверь Expected output: input_phrase: - проверь detected_language: - Russian detected_intent: - AMBIGUOUS_CHECK confidence: - medium risk_level: - unknown decision: - clarify proposed_action: - none response_language: - Russian reason: - phrase does not specify whether to check status, health, or backups clarification: - Что именно проверить: общий статус, здоровье системы или бэкапы? EXAMPLE: DENIED SECRET ACCESS Input: - покажи секреты Expected output: input_phrase: - покажи секреты detected_language: - Russian detected_intent: - SECRET_ACCESS confidence: - high risk_level: - forbidden decision: - deny proposed_action: - none response_language: - Russian reason: - secrets and credentials are forbidden EXAMPLE: PLANNED TRANSLATION Input: - переведи "Система работает" на английский Expected output: input_phrase: - переведи "Система работает" на английский detected_language: - Russian detected_intent: - TRANSLATE_TEXT confidence: - high risk_level: - low_text_processing decision: - planned_not_implemented proposed_action: - future local translate text action response_language: - Russian reason: - text translation is planned but not implemented yet DECISION VALUES Allowed decision values: - dry_run_allow - clarify - deny - planned_not_implemented - unknown RISK LEVELS Allowed risk levels: - low_read_only - medium_read_only_metadata - low_text_processing - unknown - forbidden - critical INTENT VALUES Allowed intent values: - STATUS - HEALTH_CHECK - NEXT_TASK - PUBLIC_INDEX - BACKUP_STATUS - TRANSLATE_TEXT - AMBIGUOUS_CHECK - AMBIGUOUS_TRANSLATE - AMBIGUOUS_OPEN - SECRET_ACCESS - SHELL_EXECUTION - PRIVATE_FILE_READ - DESTRUCTIVE_ACTION - UNSAFE_WORKFLOW_ACTIVATION - UNKNOWN PROPOSED ACTION RULES For allowed dry-run intents, proposed_action may be: - jarvis.sh статус - jarvis.sh проверка - jarvis.sh дальше - jarvis.sh индекс - jarvis.sh бэкап For denied or ambiguous intents: - proposed_action must be none For planned translation: - proposed_action must say future local translate text action SECURITY RULES 1. Dry-run router must not execute proposed_action. 2. Dry-run router must not call jarvis.sh. 3. Dry-run router must not read private files. 4. Dry-run router must not access .env. 5. Dry-run router must not read backup contents. 6. Dry-run router must not read database contents. 7. Dry-run router must not create webhooks. 8. Dry-run router must not modify files. 9. Dry-run router must not use raw shell from owner phrase. 10. Dry-run router must be local-only. TESTING REQUIREMENT The dry-run router must be tested against: - NATURAL_LANGUAGE_TEST_PHRASES_v1.txt Pass criteria: - allowed phrases classify correctly - ambiguous phrases return clarify - denied phrases return deny - planned translation returns planned_not_implemented - no phrase executes an action IMPLEMENTATION STATUS Not implemented. Specification only. NEXT ACTION Create: - NATURAL_LANGUAGE_DRY_RUN_ROUTER_TEST_PLAN_v1.txt END