Type Alias: RetrievableTrustTier

type RetrievableTrustTier =
  | "first-party"
  | "third-party-public"
  | "third-party-private";

Trust-tier discriminator declared by the retrieval middleware at construction time. Drives which envelope the LLM battery wraps the record in.

Remarks

Vocabulary deliberately mirrors the published security-research taxonomy ("first-party / third-party" per Hidden-in-Plain-Text WWW '26 and When AI Meets the Web IEEE S&P 2026) and explicitly avoids the words "user" or "system" so the names cannot leak into the model's OpenAI-Model-Spec role-tier authority resolution.

'first-party' — deployer-vetted corpora (signed internal docs, policy KBs, curated reference material). Rendered as a <retrieved_corpus> parent with per-record nonce-keyed <retrieved> children. The label "first-party" never appears in the envelope itself.
'third-party-public' — open-web scrapes, search results, public APIs. Rendered through the untrusted-content envelope with kind: 'retrieved-third-party-public'.
'third-party-private' — user uploads, pasted attachments, partner APIs. Rendered through the untrusted-content envelope with kind: 'retrieved-third-party-private'.

What each pipeline owns

Envelopes

Persistence

Identity and Reasoning

Media

Type Alias: RetrievableTrustTier

Remarks

What each pipeline owns

Envelopes

Persistence

Identity and Reasoning

Media

Type Alias: RetrievableTrustTier ​

Remarks ​

Type Alias: RetrievableTrustTier

Remarks