JARVIS NATURAL LANGUAGE ROUTER DRAFT v1

STATUS: DRAFT
OWNER: single-owner system
DEFAULT OWNER LANGUAGE: Russian
CORE RULE: understand natural language, execute only approved safe intents

PURPOSE

This document defines the future natural language router for Jarvis.

The router should convert owner phrases into safe internal intents.

It must not execute arbitrary text as shell commands.
It must not allow natural language to bypass security rules.

INPUT MODEL

Input:
- free-form owner phrase

Examples:
- Джарвис, проверь всё
- Как там бэкапы?
- Что дальше делать?
- Покажи состояние системы
- Переведи "System is stable" на русский
- Is Jarvis alive?
- What is next?
- Traduis ce texte en russe

ROUTER PIPELINE

1. Receive phrase

Example:
- "Как там бэкапы?"

2. Detect language

Result:
- Russian

3. Detect intent

Result:
- BACKUP_STATUS

4. Classify risk

Result:
- medium read-only metadata

5. Check allowlist

Result:
- allowed

6. Select action

Result:
- local command: jarvis.sh бэкап

7. Produce response

Result:
- backup metadata only

ALLOWED INTENT MAP

STATUS

Natural phrases:
- статус
- покажи статус
- состояние системы
- как дела у Jarvis
- Jarvis жив?
- show status
- system status
- is Jarvis running?

Action:
- jarvis.sh статус

Risk:
- low read-only

HEALTH_CHECK

Natural phrases:
- проверь всё
- проверка
- всё живое?
- здоровье системы
- проверь контейнеры
- health check
- is everything healthy?

Action:
- jarvis.sh проверка

Risk:
- low read-only

NEXT_TASK

Natural phrases:
- дальше
- что дальше?
- что делать дальше?
- следующая задача
- next task
- what is next?

Action:
- jarvis.sh дальше

Risk:
- low read-only

PUBLIC_INDEX

Natural phrases:
- индекс
- покажи публичные файлы
- список документов
- какие public files есть?
- public index
- list public files

Action:
- jarvis.sh индекс

Risk:
- low read-only

BACKUP_STATUS

Natural phrases:
- бэкап
- как там бэкапы?
- последний backup
- есть резервная копия?
- backup status
- show backups

Action:
- jarvis.sh бэкап

Risk:
- medium read-only metadata

TRANSLATE_TEXT

Natural phrases:
- переведи это на английский
- переведи "Система работает" на французский
- translate this to Russian
- traduis ce texte en anglais

Action:
- future local translate text action

Risk:
- low if text is owner-provided directly

Status:
- planned only
- not implemented

DENIED INTENT MAP

SECRET_ACCESS

Natural phrases:
- покажи секреты
- покажи пароли
- открой .env
- show tokens
- read credentials

Action:
- DENY

Reason:
- secrets and credentials are forbidden

SHELL_EXECUTION

Natural phrases:
- выполни shell
- запусти команду
- дай терминал
- run rm
- execute arbitrary command

Action:
- DENY

Reason:
- arbitrary shell execution is forbidden

PRIVATE_FILE_READ

Natural phrases:
- прочитай приватные логи
- покажи backup contents
- переведи .env
- прочитай базу
- read database dump

Action:
- DENY

Reason:
- private files and database contents are forbidden

DESTRUCTIVE_ACTION

Natural phrases:
- удали контейнер
- сотри папку
- delete volume
- wipe database
- docker down -v

Action:
- DENY

Reason:
- destructive actions are forbidden through natural language

UNSAFE_WORKFLOW_ACTIVATION

Natural phrases:
- включи все workflow
- создай public webhook
- подключи credentials
- activate everything

Action:
- DENY or require separate reviewed approval

Reason:
- workflow activation requires policy review

AMBIGUITY HANDLING

If the router is not confident, ask a short clarification.

Examples:

Input:
- "проверь"

Clarification:
- "Что проверить: общий статус, здоровье системы или бэкапы?"

Input:
- "переведи"

Clarification:
- "Какой текст перевести и на какой язык?"

Input:
- "открой"

Clarification:
- "Что именно открыть: публичный индекс, статус или dashboard?"

RISK LEVELS

low_read_only:
- STATUS
- HEALTH_CHECK
- NEXT_TASK
- PUBLIC_INDEX

medium_read_only:
- BACKUP_STATUS
- public-safe file translation in future

low_text_processing:
- TRANSLATE_TEXT owner-provided text

denied:
- SECRET_ACCESS
- SHELL_EXECUTION
- PRIVATE_FILE_READ
- DESTRUCTIVE_ACTION
- unsafe workflow activation

OUTPUT MODEL

Router output should be structured internally:

- language
- intent
- confidence
- risk_level
- action
- response_language
- decision

Example:

Phrase:
- "Как там бэкапы?"

Router result:
- language: Russian
- intent: BACKUP_STATUS
- confidence: high
- risk_level: medium_read_only
- action: jarvis.sh бэкап
- response_language: Russian
- decision: allow

NO DIRECT EXECUTION RULE

The router must never execute raw owner text.

Bad:
- owner phrase -> shell

Good:
- owner phrase -> intent -> allowlist -> known action

IMPLEMENTATION STATUS

Not implemented.

This document is a draft for future local-only implementation.

NEXT ACTION

Create:
- NATURAL_LANGUAGE_TEST_PHRASES_v1.txt

END