Classifies a GitHub user and their content into a trust tier.
The trust tier is determined by:
Allowlist membership (always Tier 1)
GitHub author_association → role → default tier
Content injection analysis (can only downgrade, never upgrade)
⚠ Use HostileInputFirewall.process() in agent code paths. Calling
classifyTrust() directly skips the Rule-of-Two check in policy-gate
and does not emit audit-trail events. The firewall is the canonical
entry point for agent decisions; direct use is for unit tests and
non-decision analysis only.
Classifies a GitHub user and their content into a trust tier.
The trust tier is determined by:
⚠ Use HostileInputFirewall.process() in agent code paths. Calling classifyTrust() directly skips the Rule-of-Two check in policy-gate and does not emit audit-trail events. The firewall is the canonical entry point for agent decisions; direct use is for unit tests and non-decision analysis only.