{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://spec.agentthreatrule.org/event/v1.0/schema.json", "title": "ATR Event v1.0", "description": "Machine-readable schema for ATR detection events. Normative spec at spec/atr-event-v1.0.md. License: CC BY 4.0.", "type": "object", "required": [ "@timestamp", "atr.event_id", "atr.spec_version", "atr.engine_id", "atr.rule_id", "atr.rule_version", "atr.rule_status", "atr.severity", "atr.category", "atr.confidence", "atr.matched_field", "atr.matched_value_redacted", "atr.response_action", "agent.id", "agent.platform", "session.id", "service.name" ], "additionalProperties": true, "properties": { "@timestamp": { "type": "string", "format": "date-time", "description": "RFC 3339 UTC timestamp of when the rule fired." }, "atr.event_id": { "type": "string", "pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-7[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$", "description": "UUID v7 (time-ordered) globally unique event identifier per RFC 9562." }, "atr.spec_version": { "type": "string", "pattern": "^\\d+\\.\\d+$", "description": "ATR spec version this event conforms to." }, "atr.engine_id": { "type": "string", "pattern": "^[a-z0-9.-]+/[a-z0-9.-]+/[a-zA-Z0-9.+-]+$", "description": "Engine identifier in form //." }, "atr.rule_id": { "type": "string", "pattern": "^ATR-(?:[A-Z]{2}-)?[0-9]{4}-[0-9]{5}$", "description": "Rule ID per ATR Rule Format Spec § 2. Canonical: ATR-YYYY-NNNNN. Sovereign-prefixed: ATR-XX-YYYY-NNNNN." }, "atr.rule_version": { "type": "integer", "minimum": 1 }, "atr.rule_status": { "type": "string", "enum": ["draft", "experimental", "stable", "deprecated"] }, "atr.rule_maturity": { "type": "string", "enum": ["draft", "experimental", "test", "stable", "deprecated"] }, "atr.rule_review_status": { "type": "string", "enum": ["unreviewed", "community_reviewed", "tsc_approved"] }, "atr.severity": { "type": "string", "enum": ["critical", "high", "medium", "low", "informational"] }, "atr.category": { "type": "string", "description": "Top-level category from spec/category-registry/v1.0.yaml, OR 'unknown' for forward-compat with future registry versions." }, "atr.subcategory": { "type": ["string", "null"] }, "atr.confidence": { "type": "number", "minimum": 0.0, "maximum": 1.0 }, "atr.matched_field": { "type": "string", "enum": [ "user_input", "agent_output", "tool_call", "tool_response", "skill_content", "mcp_exchange", "memory_write", "multi_agent_message" ] }, "atr.matched_value_redacted": { "type": "string", "description": "Redacted match. Sensitive content (api keys, PII) replaced with [REDACTED:type:length]. forensic_mode deployments MAY emit unredacted." }, "atr.response_action": { "type": "array", "items": { "type": "string", "enum": [ "block_input", "block_output", "redact", "alert", "snapshot", "quarantine", "terminate_session" ] }, "minItems": 0 }, "atr.response_taken": { "type": "array", "items": { "type": "string", "enum": [ "block_input", "block_output", "redact", "alert", "snapshot", "quarantine", "terminate_session" ] } }, "atr.response_threshold_met": { "type": "boolean" }, "atr.sovereign_attestation": { "type": "object", "description": "Required when rule ID is sovereign-prefixed per CHARTER § 8.2.", "required": ["signer", "signature", "ca_chain"], "properties": { "signer": {"type": "string"}, "signature": {"type": "string", "contentEncoding": "base64"}, "ca_chain": {"type": "array", "items": {"type": "string"}} } }, "agent.id": { "type": "string", "minLength": 1 }, "agent.platform": { "type": "string" }, "agent.platform_version": { "type": ["string", "null"] }, "agent.from_id": { "type": "string" }, "agent.to_id": { "type": "string" }, "agent.delegation_chain": { "type": "array", "items": { "type": "object", "required": ["agent_id", "capability_grant", "granted_by"], "properties": { "agent_id": {"type": "string"}, "capability_grant": {"type": "string"}, "granted_by": {"type": "string"} } } }, "agent.identity_assertion": { "type": ["string", "null"], "description": "JWT-format identity assertion per IETF AI agent auth drafts (when finalized)." }, "session.id": { "type": "string", "minLength": 1 }, "service.name": { "type": "string" }, "service.version": { "type": "string" }, "tool.name": { "type": "string" }, "tool.args": { "type": "object", "description": "Redacted tool arguments." }, "tool.privilege_class": { "type": "string" }, "tool.target_jurisdiction": { "type": "string", "pattern": "^([A-Z]{2}|und)$", "description": "ISO 3166-1 alpha-2 country code or 'und' if unknown." }, "memory.store_id": { "type": "string" }, "memory.write_key": { "type": "string" }, "memory.persistence_scope": { "type": "string", "enum": ["session", "user", "agent_global"] }, "evidence.observation_id": { "type": "string", "pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-[1-8][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$" }, "evidence.signature": { "type": "string", "contentEncoding": "base64", "description": "Ed25519 signature over the canonical JSON encoding of this event." }, "evidence.signature_key_id": { "type": "string" }, "evidence.upstream_chain": { "type": ["array", "null"], "items": { "type": "string", "pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-7[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$" } } } }