timmy-academy/docs/npc-permissions-audit.md

NPC Permissions Audit — timmy-academy #11

Summary

Audit of Hermes bridge NPC agent permissions. NPCs may have excessive access that violates least-privilege principles.

Findings

Current State

NPCs (Non-Player Characters) in the academy bridge system have the following permissions:

Permission	Current	Recommended	Risk
read_rooms	✅	✅	Low
write_rooms	✅	❌	HIGH
modify_players	✅	❌	HIGH
access_inventory	✅	✅	Low
teleport_players	✅	❌	HIGH
send_global_messages	✅	✅	Medium
modify_world_state	✅	❌	CRITICAL
access_credentials	✅	❌	CRITICAL

Issues Found

1. write_rooms — NPCs can modify room descriptions and exits

   • Risk: Content injection, navigation traps
   • Fix: Remove write access, NPCs should only read

2. modify_players — NPCs can change player stats/inventory

   • Risk: Game economy manipulation
   • Fix: Remove, NPCs should not touch player state

3. teleport_players — NPCs can move players arbitrarily

   • Risk: Trap players in unreachable locations
   • Fix: Remove or restrict to specific zones

4. modify_world_state — NPCs can change global game state

   • Risk: Denial of service, game-breaking changes
   • Fix: Remove entirely

5. access_credentials — NPCs can access authentication tokens

   • Risk: Credential theft, privilege escalation
   • Fix: Remove immediately

Recommended Permission Model

NPC_PERMISSIONS = {
    "read_rooms": True,           # Read room descriptions
    "access_inventory": True,     # Check inventory (read-only)
    "send_global_messages": True, # Broadcast messages
    "interact_players": True,     # Basic interaction
    
    # DENIED
    "write_rooms": False,
    "modify_players": False,
    "teleport_players": False,
    "modify_world_state": False,
    "access_credentials": False,
}

Implementation

1. Audit all NPC definitions
2. Update permission locks
3. Add permission checks to bridge code
4. Test NPC functionality with restricted permissions

Related

• Issue #11: NPC permissions need review
• Source: Genome #678