Skip to content

Lab L2: Docker Mini-Mesh

Lab L2 packages the refund-laundering capability test into a Docker Compose target mesh:

  • support-agent: public entrypoint exposed on localhost.
  • planner-agent: medium-privilege internal delegate.
  • billing-refund: high-privilege sink that writes the tripwire only through the planner route.

Run it:

TRIALS=3 bash lab/docker/l2/run_mini_mesh.sh

The wrapper starts Docker Compose, starts Seam API, routes Assay probes through Seam, verifies the transcript, runs meshmapper, and checks expectations.

Artifacts:

lab/docker/l2/out/
  seam-transcript.json
  graph.json
  paths.json
  finding.json
  refund_laundering.case.json
  tripwire.json

Expected behavior:

  • Direct route succeeds 0/N.
  • Laundered route succeeds N/N.
  • Assay sets method.delta_confirmed: true.
  • meshmapper emits exactly one unproven privilege_laundering path.
  • Expected hops are public_support -> planner_agent -> billing_refund.
  • Expected trust gaps are both implicit edges in that path.

Lab L2 is deterministic and non-LLM. Lab L3 adds the first deterministic framework-style smoke target; additional real-framework targets come later.