Initial commit of SentinelML project files

.env.example

@@ -0,0 +1,9 @@
+# GEMINI_API_KEY: Required for Gemini AI API calls.
+# AI Studio automatically injects this at runtime from user secrets.
+# Users configure this via the Secrets panel in the AI Studio UI.
+GEMINI_API_KEY="MY_GEMINI_API_KEY"
+
+# APP_URL: The URL where this applet is hosted.
+# AI Studio automatically injects this at runtime with the Cloud Run service URL.
+# Used for self-referential links, OAuth callbacks, and API endpoints.
+APP_URL="MY_APP_URL"

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,65 @@
+---
+name: "🐛 Bug Report"
+about: Report a bug, trace leak, or compile failure in SentinelML
+title: "[BUG] <Short, descriptive title>"
+labels: ["bug", "triage"]
+assignees: []
+---
+
+## 🐛 Bug Report
+
+### Description
+A clear and concise description of what the bug is, including any error messages, crashes, or unintended behaviors on the kernel or userspace side.
+
+---
+
+### 💻 Environment Details
+Please provide the exact runtime details of the machine running SentinelML:
+- **SentinelML Component(s)**: [eBPF Probes, Userspace Rust Daemon, React Dashboard, Helm Chart]
+- **Linux Kernel Version**: `uname -r`
+- **CPU Architecture**: [x86_64, aarch64]
+- **Linux Distribution**: [Ubuntu 22.04 LTS, Debian 12, Rocky Linux 9, etc.]
+- **Rust Toolchain Version**: `rustc --version`
+- **Node/NPM Version** (if dashboard bug): `node --version && npm --version`
+- **Kubernetes Version** (if running in K8s): `kubectl version`
+- **NVIDIA GPU Driver & CUDA Version** (if GPU tracing issue): `nvidia-smi`
+
+---
+
+### 🕹️ Steps to Reproduce
+Steps to reproduce the behavior:
+1. Clone / compile SentinelML using `...`
+2. Run daemon or deploy Helm charts with commands: `...`
+3. Trigger target threat behavior or action: `...`
+4. Observe the bug / program state crash.
+
+---
+
+### 🎯 Expected vs. Actual Behavior
+- **Expected Behavior**: What you expected to happen of the program.
+- **Actual Behavior**: What actually happened instead (include raw stack traces, panic outputs, or console outputs).
+
+---
+
+### 📜 Diagnostics & Log Outputs
+Provide raw trace outputs, cargo compilation warnings, or console logs.
+
+#### Kernel Tracing Logs (`bpftool` or `/sys/kernel/debug/tracing/trace_pipe`):
+```text
+<Paste raw kernel pipe log here>
+```
+
+#### Userspace Rust Daemon Logs:
+```text
+<Paste cargo run or daemon execution log here>
+```
+
+#### Dashboard UI Browser Console Logs (if applicable):
+```text
+<Paste browser inspector errors here>
+```
+
+---
+
+### 🔍 Additional Context
+Any other context, screenshots, or sample code snippets representing the issue. Did you verify bounds checking against the verifier locally?

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+  - name: 💬 Community Discussions
+    url: https://github.com/Jean-Regis-M/SentinelML/discussions
+    about: Ask questions, share ideas, and showcase integrations with the community.
+  - name: 🔒 Coordinated Vulnerability Report
+    url: mailto:security@sentinelml.io
+    about: Submit a security vulnerability report privately to our response group.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,47 @@
+---
+name: "🚀 Feature Request"
+about: Propose a new eBPF probe, Rust daemon module, or dashboard view for SentinelML
+title: "[FEAT] <Short, descriptive title of feature>"
+labels: ["enhancement", "proposal"]
+assignees: []
+---
+
+## 🚀 Feature Request
+
+### 🎯 Problem Statement
+Are you experiencing limitations or proposing an advancement to cloud-native ML security? Please describe the issue clearly. (e.g. *"I am attempting to trace illegal system calls on custom PyTorch Triton runtimes, but our kprobes do not capture..."*)
+
+---
+
+### 💡 Proposed Solution
+Describe the solution or feature you would like to see implemented. Specify which subsystem it impacts:
+- [ ] **Kernel eBPF Space** (New C probes, helper routines, or syscall interceptions)
+- [ ] **Userspace Rust Daemon** (New cgroup decoders, anomaly scoring metrics, or telemetry exporters)
+- [ ] **Operator Web UI** (New React visualizations, Heatmap grids, filter options, or Gemini prompt workflows)
+- [ ] **Helm & Kubernetes Deployments** (New daemon config overrides or security constraints)
+
+Identify potential implementation coordinates. (e.g., *"We can attach a new fentry probe to GPU scheduling interfaces inside sentinel_bpf.c..."*)
+
+---
+
+### 🔄 Target Environment Use Cases
+Describe how users would benefit or utilize this feature under heavy training pipeline environments:
+- What workload scale is targeted? (e.g. 500+ H100 Node Cluster, Single Workstation)
+- What model formats are protected? (e.g., safetensors, GGUF, pytorch binaries)
+
+---
+
+### 🚀 Performance & Memory Impact Analysis
+Since SentinelML strives for near-zero runtime latency (+0.12% lag baseline), please estimate the potential overhead:
+- **Estimated Agent Footprint**: (e.g. additional memory byte count, CPU wait cycles)
+- **Shared Memory Overhead**: Will this require extending the `sentinel_events` ringbuffer sizing?
+
+---
+
+### 📋 Alternative Designs / Temporary Workarounds
+List any workarounds, alternative solutions, or third-party tracking software (e.g., Falco, Auditd) you've tried or considered.
+
+---
+
+### 🔍 Additional Technical Context
+Add any architectural draft illustrations, links to Linux kernel mailing lists, or specifications of hardware APIs (NVIDIA Driver metrics, etc.) that can aid in building the features.

.github/ISSUE_TEMPLATE/security_vulnerability.md

@@ -0,0 +1,47 @@
+---
+name: "🔒 Security Vulnerability"
+about: Guidance on how to report a potential safety, escalation, or bypass bug in SentinelML safely
+title: "[SECURITY DISCLOSURE] Please read instructions"
+labels: ["security"]
+assignees: []
+---
+
+## 🔒 Security Vulnerability
+
+> [!CAUTION]
+> **PLEASE DO NOT FILE PUBLIC GITHUB ISSUES FOR UNDERLYING SECURITY BUG DISCLOSURES.**
+> Publicly exposing host compromises, kernel-space panics, sandboxing escapes, or privilege escalations places hundreds of production clusters and massive ML workloads under immediate active threat.
+
+---
+
+### How to Report a Vulnerability Safely
+
+To ensure the safety of our systems, maintainers, and community deployments, SentinelML operates on **Coordinated Vulnerability Disclosure (CVD)**. 
+
+Please follow these steps:
+
+1.  **Draft Your Security Analysis**:
+    Gather as much concrete evidence as possible:
+    - **Vulnerability Type**: (eBPF verifier bypass, privilege escalation, memory boundary leakage, API authentication bypass, etc.)
+    - **Impact/Reach**: Local node host, cluster container group, daemon crashes, unprivileged memory reading.
+    - **Proof of Concept (PoC)**: Precise code segments, payload commands, or script files to reproduce.
+
+2.  **Contact Our Response Group Privately**:
+    Email your analysis draft encrypted using PGP keys directly to:
+    📧 **security@sentinelml.io**
+
+3.  **PGP Encryption Coordination**:
+    Use our primary public PGP Fingerprint to encrypt all payloads and logs:
+    - **Fingerprint**: `F50A 1B89 92C0 EE45`
+    - Make sure your response email includes your own public key coordinates, so we can establish secure bidirectional communications.
+
+---
+
+### What to Expect Next
+- **Acknowledgement**: A member of our security task force will acknowledge receipt within **24 hours**.
+- **Auditing & Remediation**: We will evaluate the PoC and formulate an official patch within **7-14 days**.
+- **Coordinated Release**: We will coordinate with you to publish an advisory (CVE designation) alongside patch propagation updates in upcoming releases.
+
+---
+
+Thank you for acting responsibly and helping keep cloud-native AI infrastructures secure!

.github/workflows/ci.yml

@@ -0,0 +1,47 @@
+name: SentinelML Integration CI
+
+on:
+  push:
+    branches: [ "main", "dev" ]
+  pull_request:
+    branches: [ "main" ]
+
+jobs:
+  build-and-test:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+
+    # Install Clang and Kernel Headers for eBPF probes compilation check
+    - name: Install Tracing Dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y clang llvm libbpf-dev linux-headers-generic
+
+    # Let's verify that the eBPF bytecode compiles cleanly
+    - name: Compile core eBPF programs
+      run: |
+        cd sentinelml/ebpf || cd ebpf
+        make all
+
+    # Rust checks
+    - name: Install Rust Toolchain
+      uses: dtolnay/rust-toolchain@stable
+      with:
+        components: rustfmt, clippy
+
+    - name: Check Rust Formatting code style
+      run: |
+        cd sentinelml/daemon || cd daemon || true
+        cargo fmt --all -- --check
+
+    - name: Run Cargo Linting & Clippy audits
+      run: |
+        cd sentinelml/daemon || cd daemon || true
+        cargo clippy -- -D warnings
+
+    # Execute unit tests of the telemetry pipeline normalizer engine
+    - name: Run userspace tests pool
+      run: |
+        cd sentinelml/daemon || cd daemon || true
+        cargo test --verbose

.gitignore

@@ -0,0 +1,8 @@
+node_modules/
+build/
+dist/
+coverage/
+.DS_Store
+*.log
+.env*
+!.env.example

CODE_OF_CONDUCT.md

@@ -0,0 +1,29 @@
+# Contributor Covenant Code of Conduct
+
+## 1. Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to make participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+---
+
+## 2. Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+*   Using welcoming and inclusive language.
+*   Being respectful of differing viewpoints and experiences.
+*   Gracefully accepting constructive criticism.
+*   Focusing on what is best for the community.
+*   Showing empathy towards other community members.
+
+Examples of unacceptable behavior by participants include:
+*   The use of sexualized language or imagery and unwelcome sexual attention or advances.
+*   Trolling, insulting/derogatory comments, and personal or political attacks.
+*   Public or private harassment.
+*   Publishing others' private information, such as a physical or electronic address, without explicit permission.
+*   Other conduct which could reasonably be considered inappropriate in a professional setting.
+
+---
+
+## 3. Scope and Enforcement
+
+We are committed to enforcing this Code of Conduct fairly and consistently across all community spaces. Suspected violations can be reported directly to our project maintainers at **conduct@sentinelml.io**.