demo with cloud tracing, more steps for post-execution verification

Author: rcholic

demo/CHANGELOG.md

@@ -0,0 +1,87 @@
+# Changelog - Predicate Secure Demo
+
+## [2024-02-25] - Interactive Click Functionality
+
+### Added
+- **Interactive clicking**: Demo now finds and clicks the "Learn more" link on example.com using semantic element query
+- **Semantic element finding**: Uses `find()` function from predicate SDK with DSL query `"role=link text~'Learn more'"`
+- **Post-click verification**: Automatically verifies URL contains "example-domains" after clicking via LLM-generated verifications
+
+### Implementation Details
+
+#### New Methods
+1. **`_find_and_click_link(snapshot, link_text)`**
+   - Uses semantic query to find links by text
+   - Falls back gracefully if link not found
+   - Wraps click in authorized action pattern with verification
+
+2. **`_click_element(element)`**
+   - Clicks element using Playwright selector
+   - Falls back to coordinate-based clicking if selector fails
+
+#### Enhanced Methods
+3. **`_authorized_action()` now returns result**
+   - Returns the executor result for use in subsequent actions
+   - Enables capturing snapshot for element finding
+
+4. **`_run_browser_task()` updated**
+   - Step 1: Navigate to example.com
+   - Step 2: Take snapshot (with overlay)
+   - Step 3: Find and click "Learn more" link
+   - Post-verification checks URL contains "example-domains"
+
+### Policy Changes
+- Added `click` action to authorization policy
+- Added `element#*` resource pattern for element ID-based clicks
+- Updated `allow-browser-click-safe-elements` rule
+
+### Verification Flow
+When clicking the link, the demo:
+1. **Pre-execution authorization**: Checks click action is allowed by policy
+2. **Execute click**: Uses Playwright to click the element
+3. **Post-execution verification**: LLM generates verifications including:
+   - URL changed from example.com
+   - URL contains "example-domains"
+   - Page content updated
+   - Element interaction successful
+
+### Visual Features
+- Snapshot overlay enabled (`show_overlay=True`)
+- Elements highlighted in browser during snapshot capture
+- Console shows element details (ID, role, clickability)
+
+## [2024-02-25] - Cloud Tracing Integration
+
+### Added
+- **Cloud tracing**: Upload authorization and verification events to Predicate Studio
+- **Run tracking**: Each demo run gets unique UUID and timestamp label
+- **Event emission**:
+  - Authorization events (action, target, decision)
+  - Verification events (predicates, reasoning, pass/fail)
+- **Studio integration**: View execution timeline at `https://studio.predicatesystems.dev/runs/{run_id}`
+
+### Configuration
+- Automatic when `PREDICATE_API_KEY` is set in `.env`
+- Uses `create_tracer()` from predicate SDK
+- Blocking upload on cleanup to ensure events are sent
+
+## [2024-02-24] - Initial Release
+
+### Core Features
+- Pre-execution authorization via policy file
+- Post-execution verification via local LLM (Qwen 2.5 7B)
+- Apple Silicon MPS support via `device_map="auto"`
+- AsyncPredicateBrowser integration
+- Visual element overlay during snapshot capture
+
+### Dependencies
+- `predicate-runtime==1.1.2` (browser automation)
+- `predicate-authority>=0.1.0` (authorization)
+- Qwen 2.5 7B Instruct (local LLM)
+- Rich console output
+
+### Documentation
+- Quick start guide (5 minutes)
+- Full setup instructions
+- Sidecar setup guide (optional)
+- Architecture diagrams

demo/QUICKSTART.md

@@ -179,6 +179,8 @@ The demo executed a complete **pre-execution authorization + post-execution veri
    - `snapshot_changed()` - Check page loaded ✓
 4. **Snapshot**: Captured page elements with **visual overlay highlights** ✓
    - Watch the browser window - you'll see colored boxes around detected DOM elements!
+5. **Cloud Tracing** (if API key set): Events uploaded to Predicate Studio ✓
+   - View the execution timeline at: `https://studio.predicatesystems.dev/runs/{run_id}`
 
 All checks passed → Action successful!
 

demo/README.md

@@ -60,8 +60,9 @@ This demo showcases the complete **pre-execution authorization + post-execution
 - **Fail-Closed by Default**: All actions denied unless explicitly allowed by policy
 - **Dynamic Verification**: Local LLM generates verification assertions based on action context and page state
 - **Visual Element Overlay**: Watch the browser highlight detected DOM elements with colored boxes during snapshot
+- **Cloud Tracing**: When API key is provided, authorization and verification events are automatically traced to Predicate Studio
 - **Rich Console Output**: Beautiful terminal output with real-time progress indicators
-- **Audit Trail**: All authorization decisions and verification results logged
+- **Audit Trail**: All authorization decisions and verification results logged locally and to cloud (if API key provided)
 
 ## Prerequisites
 
@@ -76,13 +77,23 @@ This demo showcases the complete **pre-execution authorization + post-execution
 
 The demo works with **FREE TIER** (local browser extension only) by default. No API key needed!
 
-If you have a Predicate API key for enhanced features:
+If you have a Predicate API key, you get enhanced features:
 ```bash
 # In .env
 PREDICATE_API_KEY=your-api-key-here
 ```
 
-**Free tier is completely sufficient for this demo.** The demo works entirely offline after initial model download.
+**With API key, you get:**
+- ✅ **Cloud Tracing**: Authorization and verification events automatically uploaded to Predicate Studio
+- ✅ **Visual Timeline**: View execution flow, authorization decisions, and verification results in the Studio UI
+- ✅ **API-based Snapshots**: Faster and more reliable snapshot capture
+- ✅ **Run ID**: Each demo run gets a unique UUID for tracking in Studio
+
+**Without API key (FREE TIER):**
+- ✅ Full demo functionality
+- ✅ Local browser extension
+- ✅ Offline operation (after model download)
+- ✅ Console logging of all events
 
 ### Required Packages
 

demo/policies/browser_automation.yaml

@@ -60,6 +60,7 @@ rules:
     actions:
       - "browser.click"
       - "browser.element.click"
+      - "click"  # Allow simple click action
     resources:
       # Allow clicks on common safe element types
       - "element:button[*"
@@ -69,6 +70,7 @@ rules:
       - "element:role=button[*"
       - "element:role=link[*"
       - "element:role=searchbox[*"
+      - "element#*"  # Allow clicks on elements by ID (from snapshot)
     conditions:
       required_labels:
         - "element_visible"

demo/secure_browser_demo.py

@@ -13,7 +13,9 @@
 import logging
 import os
 import sys
+import uuid
 from pathlib import Path
+from datetime import datetime
 
 from dotenv import load_dotenv
 from rich.console import Console
@@ -68,6 +70,11 @@ def __init__(self):
         self.verifier = None
         self.secure_agent = None
         self.browser = None
+        self.tracer = None
+
+        # Generate run ID for cloud tracing
+        self.run_id = str(uuid.uuid4())
+        self.run_label = f"predicate-secure-demo-{datetime.now().strftime('%Y%m%d-%H%M%S')}"
 
     def _init_verifier(self):
         """Initialize local LLM verifier."""
@@ -83,6 +90,39 @@ def _init_verifier(self):
                 progress.update(task, completed=True)
             console.print("[green]✓[/green] Verifier initialized\n")
 
+    def _init_tracer(self):
+        """Initialize cloud tracer if API key is provided."""
+        api_key = os.getenv("PREDICATE_API_KEY")
+        if not api_key or self.tracer is not None:
+            return
+
+        console.print("\n[bold cyan]Initializing Cloud Tracer...[/bold cyan]")
+
+        try:
+            from predicate.tracer_factory import create_tracer
+
+            self.tracer = create_tracer(
+                api_key=api_key,
+                run_id=self.run_id,
+                upload_trace=True,
+                goal=f"[demo] {self.task_description}",
+                agent_type="predicate-secure/demo",
+                llm_model="Qwen/Qwen2.5-7B-Instruct",
+                start_url=self.start_url,
+            )
+
+            console.print("[green]✓[/green] Cloud tracer initialized")
+            console.print(f"  [dim]Run ID: {self.run_id}[/dim]")
+            console.print(f"  [dim]Run Label: {self.run_label}[/dim]")
+            console.print(
+                f"  [dim]View trace in Predicate Studio: https://studio.predicatesystems.dev/runs/{self.run_id}[/dim]\n"
+            )
+        except Exception as e:
+            logger.warning(f"Failed to initialize cloud tracer: {e}")
+            console.print(
+                f"  [yellow]⚠[/yellow] Cloud tracer initialization failed: {e}\n"
+            )
+
     def _init_secure_agent(self):
         """Initialize SecureAgent with predicate-authority integration."""
         if self.secure_agent is not None:
@@ -139,6 +179,7 @@ async def run_demo(self):
         try:
             # Step 1: Initialize components
             self._init_verifier()
+            self._init_tracer()  # Initialize cloud tracer if API key provided
             self._init_secure_agent()
 
             # Step 2: Initialize browser (with authorization)
@@ -205,13 +246,16 @@ async def _run_browser_task(self):
             executor=lambda: self.browser.goto(self.start_url),  # Returns coroutine
         )
 
-        # Action 2: Take snapshot
-        await self._authorized_action(
+        # Action 2: Take snapshot to find clickable elements
+        snapshot = await self._authorized_action(
             action="snapshot",
             target="current_page",
             executor=lambda: self._take_snapshot(),  # Returns coroutine
         )
 
+        # Action 3: Find and click the "Learn more" link using semantic query
+        await self._find_and_click_link(snapshot, "Learn more")
+
         console.print("\n[green]✓[/green] Task completed successfully\n")
 
     async def _authorized_action(self, action: str, target: str, executor: callable):
@@ -231,6 +275,19 @@ async def _authorized_action(self, action: str, target: str, executor: callable)
         # For this demo, we'll simulate the authorization check
         authorized = self._check_authorization(action, target)
 
+        # Emit authorization event to cloud tracer
+        if self.tracer:
+            self.tracer.emit(
+                "authorization",
+                data={
+                    "action": action,
+                    "target": target,
+                    "principal": self.principal_id,
+                    "authorized": authorized,
+                    "policy_file": str(self.policy_file),
+                },
+            )
+
         if not authorized:
             console.print("  [red]✗[/red] Action denied by policy")
             raise PermissionError(f"Action {action} denied by authorization policy")
@@ -279,12 +336,34 @@ async def _authorized_action(self, action: str, target: str, executor: callable)
         console.print("  [dim]Executing verifications...[/dim]")
         all_passed = self._execute_verifications(verification_plan)
 
+        # Emit verification event to cloud tracer
+        if self.tracer:
+            self.tracer.emit(
+                "verification",
+                data={
+                    "action": action,
+                    "target": target,
+                    "verifications": [
+                        {
+                            "predicate": v.predicate,
+                            "args": v.args,
+                            "passed": v.passed if hasattr(v, "passed") else None,
+                        }
+                        for v in verification_plan.verifications
+                    ],
+                    "reasoning": verification_plan.reasoning,
+                    "all_passed": all_passed,
+                },
+            )
+
         if all_passed:
             console.print("  [green]✓[/green] All verifications passed")
         else:
             console.print("  [red]✗[/red] Some verifications failed")
             raise AssertionError("Post-execution verification failed")
 
+        return result
+
     def _check_authorization(self, action: str, target: str) -> bool:
         """Check if action is authorized by policy.
 
@@ -315,6 +394,54 @@ def _check_authorization(self, action: str, target: str) -> bool:
             # For other actions, default to allow for demo
             return True
 
+    async def _find_and_click_link(self, snapshot, link_text: str):
+        """Find a link by text using semantic query and click it.
+
+        This demonstrates using the predicate SDK's find() function for
+        semantic element selection from snapshot.
+        """
+        from predicate import find
+
+        console.print(f"\n[yellow]→[/yellow] Finding link with text: '{link_text}'")
+
+        # Use semantic query to find the link
+        # The find() function returns the best match by importance
+        element = find(snapshot, f"role=link text~'{link_text}'")
+
+        if not element:
+            console.print(f"  [yellow]⚠[/yellow] Link '{link_text}' not found, skipping click")
+            return
+
+        console.print(f"  [green]✓[/green] Found element: {element.text} (ID: {element.id})")
+        console.print(f"    [dim]Role: {element.role}, Clickable: {element.visual_cues.is_clickable}[/dim]")
+
+        # Click the element using the authorized action pattern
+        # Post-verification will automatically check that URL contains "example-domains" after click
+        await self._authorized_action(
+            action="click",
+            target=f"element#{element.id}",
+            executor=lambda: self._click_element(element),  # Returns coroutine
+        )
+
+    async def _click_element(self, element):
+        """Click an element by its ID."""
+        # Use Playwright's selector to click the element
+        # The element.id is the unique identifier from the snapshot
+        selector = f"[data-sentience-id='{element.id}']"
+
+        try:
+            await self.browser.page.click(selector, timeout=5000)
+            console.print(f"    [dim]Clicked element with selector: {selector}[/dim]")
+        except Exception as e:
+            # Fallback: try clicking by XPath or other means
+            console.print(f"    [yellow]⚠[/yellow] Direct click failed, trying alternative: {e}")
+            # Use bounding box to click by coordinates
+            await self.browser.page.mouse.click(
+                element.bbox.x + element.bbox.width / 2,
+                element.bbox.y + element.bbox.height / 2,
+            )
+            console.print(f"    [dim]Clicked at coordinates: ({element.bbox.x}, {element.bbox.y})[/dim]")
+
     async def _get_page_summary(self) -> str:
         """Get summary of current page state."""
         if not self.browser or not self.browser.page:
@@ -428,6 +555,18 @@ async def _cleanup(self):
             except Exception as e:
                 logger.warning(f"Error closing browser: {e}")
 
+        # Close cloud tracer (blocking to ensure upload completes)
+        if self.tracer:
+            try:
+                console.print("[dim]Uploading trace to Predicate Studio...[/dim]")
+                self.tracer.close(blocking=True)
+                console.print("[green]✓[/green] Trace uploaded")
+                console.print(
+                    f"  [dim]View in Studio: https://studio.predicatesystems.dev/runs/{self.run_id}[/dim]"
+                )
+            except Exception as e:
+                logger.warning(f"Error closing tracer: {e}")
+
 
 async def main():
     """Main entry point."""