ALGOL
Pipeline Authority Intelligence · London · algol.cc
ALGOL
Pipeline Authority Intelligence · London · algol.cc
Every step is a permission grant. Every action is a trust decision.
Algol proves what authority your pipeline actually received — and denies the rest.
Most security tools tell you what might be wrong.
Algol shows you what actually happened — what was injected, what was denied, and what evidence was written.
Before Algol: the process inherited undeclared secrets.
After Algol: the process received only contract-declared authority.
Evidence: audit artefact written to algol-run.json.
Real output. Real repo. Real numbers.
The terminals below are actual Algol output from a messy Node.js repo with .env files, GitHub Actions secrets, and ambient AWS credentials in the shell. Algol scanned, planned, enforced, and audited — in under 200ms.
Algol scan complete Repo: examples/messy-node-repo Commit: bbefe2e Findings: HIGH .env:1 DATABASE_URL in .env file HIGH .env:2 STRIPE_SECRET_KEY in .env file HIGH ci.yml:6 PROD_DEPLOY_KEY in GitHub Actions HIGH ci.yml:14 API_TOKEN in GitHub Actions MEDIUM dev.sh:1 STRIPE_SECRET_KEY exported to env MEDIUM config.js:4 AWS_SECRET_ACCESS_KEY runtime read Risk score: 100/100
Algol contract drafted Command: npm test Policy: default_env: deny Allowed by draft: API_TOKEN DATABASE_URL Denied by draft: AWS_SECRET_ACCESS_KEY GH_TOKEN PROD_DEPLOY_KEY STRIPE_SECRET_KEY Note: MVP enforces environment authority. File-backed credentials out of scope.
Algol enforcement active Command: npm test Environment: Parent env: 65 vars Child env: 7 vars Removed: 58 vars Sensitive ambient vars inherited: 0 Injected: API_TOKEN sha256:101aa6b3... DATABASE_URL sha256:29cffa77... Denied: AWS_SECRET_ACCESS_KEY GH_TOKEN AWS_SECRET_ACCESS_KEY present: false DATABASE_URL present: true Process exited: 0 Evidence written: algol-run.json
# Algol Enforcement Audit Command: npm test Commit: bbefe2e Result: Passed Contract enforced: yes Parent env vars: 65 Child env vars: 7 Ambient secrets denied: 2 Ambient vars inherited: 0 Repo risk before: 100 Repo risk after: 65 Duration: 198ms Evidence written: algol-run.json
Finds authority risks across your repo — .env files, CI secrets, ambient environment reads. Produces a risk score.
Drafts an authority contract for your command. Declares exactly which secrets are allowed. Everything else: denied by default.
Runs your command with the ambient environment stripped. Only contract-declared secrets are injected. No surprises.
Produces an immutable audit record showing what was injected, what was denied, and what the process received. Evidence, not logs.
Together, they turn pipeline security from assumption into proof.
Runtime authority enforcement for secrets. Inject only what is declared in the contract. No plaintext. No ambient leaks. Works locally and in CI. Available now on crates.io.
Authority graph and audit trail for every secret access. Maps identities, steps, and trust boundaries across your CI/CD pipeline. Evidence you can show an auditor.
Execution substrate for deterministic pipelines. Governs execution boundaries and supply-chain integrity. Rapidly evolving — not yet pen tested at production scale.
SLSA-aligned build provenance and signing layer. Early stage — not yet tested in anger. Included here for visibility, not as a production commitment.
Algol MVP enforces environment authority only. It does not yet claim full secret isolation across files, sockets, cloud metadata endpoints, SSH agents, Docker daemon sockets, or OS keychains.
That boundary is intentional: narrow, testable, and provable. Security buyers will want receipts — we only claim what we can demonstrate.
A compromised GitHub Action printed all runner environment variables to the workflow log — exposing every ambient secret in scope. Algol's enforcement model removes ambient secrets before the child process runs. Nothing to print.
Actions pinned by tag rather than SHA can be silently replaced. taudit flags every mutable action reference and maps the blast radius — branch push scope, package publish access, downstream trust chain.
GITHUB_TOKEN with write permissions inherited across unrelated pipeline steps creates unintended reach. taudit surfaces the authority graph — showing exactly which steps received which token scopes and why that's a risk.
| STRIDE Category | Pipeline Pattern | Algol Response |
|---|---|---|
| Spoofing | Unverified action identity, mutable tags | taudit maps SHA pins and identity provenance |
| Tampering | Mutable action references, unpinned deps | taudit flags all non-SHA-pinned references |
| Repudiation | No audit trail for secret access | algol audit writes immutable evidence artefact |
| Information Disclosure | Ambient secrets in child process environment | tsafe strips ambient env before execution |
| Elevation of Privilege | GITHUB_TOKEN scope bleeding across steps | taudit surfaces authority graph and blast radius |
We are exploring early pipeline authority reviews for teams dealing with secret sprawl, CI/CD risk, or audit pressure.
tsafe and taudit are production ready. Get in touch and we'll help you run your first scan.
No spam. We'll reply within 48 hours.
