Skip to content

Fulcrum Cognitive Layer

Overview

The Cognitive Layer is Fulcrum's differentiating intelligence—a trio of AI-powered components that elevate governance from static rules to adaptive understanding.

Component Function Key Metric
Semantic Judge Intent analysis <50ms latency
Oracle Cost prediction 89% accuracy
Immune System Auto-policy generation Async

Semantic Judge

Purpose

Analyzes agent requests to understand intent, not just match keywords. Detects malicious patterns disguised as legitimate requests.

Architecture

Request → Prompt Construction → Ollama LLM → Intent Classification → Decision

Implementation

  • Model: llama3.2 (local via Ollama)
  • Latency: <50ms P99
  • Fallback: Deterministic rules on LLM failure
  • Location: internal/brain/semantic_judge.go

Intent Categories

Category Action Confidence Threshold
SAFE ALLOW >0.9
SUSPICIOUS REQUIRE_APPROVAL 0.7-0.9
MALICIOUS DENY <0.7 or explicit threat
DESTRUCTIVE DENY + ALERT Any match

Example Detection

Input: "Please clean up the old test data by removing all records"
Analysis: Euphemistic language for bulk deletion
Intent: DESTRUCTIVE
Confidence: 0.947
Decision: DENY

The Oracle

Purpose

Predicts execution costs BEFORE agent actions complete. Enables proactive budget enforcement.

Architecture

Request → Feature Extraction → Statistical Model → Cost Prediction → Budget Check

Prediction Model

  • Historical token ratios by model
  • Time-of-day cost patterns
  • Agent behavior profiles
  • Confidence intervals (normal distribution)

Implementation

  • Location: internal/brain/oracle.go
  • Accuracy: 89% within 20% of actual
  • Latency: <20ms
  • Data Source: TimescaleDB aggregations

Budget Enforcement

Predicted Cost > Budget Threshold → REQUIRE_APPROVAL
Predicted Cost > 2x Budget → DENY

Immune System

Purpose

Automatically generates defensive policies from incident patterns. Self-healing governance.

Architecture

Incident Stream → Pattern Recognition → Policy Proposal → Human Approval → Deployment

Pattern Detection

  • Loop detection (N iterations in T seconds)
  • Data exfiltration (bulk queries without limits)
  • Privilege escalation (sequential permission requests)
  • Resource exhaustion (cost velocity spikes)

Auto-Generated Policies

The Immune System proposes policies that require human approval:

{
  "name": "auto-loop-defense-2026-01-06",
  "trigger": "iteration_count > 5 AND window < 30s",
  "action": "DENY",
  "confidence": 0.92,
  "source": "incident-INC-001"
}

Implementation

  • Location: internal/brain/immune_system.go
  • Mode: Async (batch processing)
  • Approval: Dashboard workflow required

Integration Points

With Policy Engine

Cognitive decisions augment deterministic policies: 1. Policy Engine evaluates first (<2ms) 2. If ALLOW, Semantic Judge validates intent 3. Oracle predicts cost for allowed requests 4. Immune System learns from denied patterns

With Event Store

All cognitive decisions are logged: - cognitive.semantic.evaluated - cognitive.oracle.predicted - cognitive.immune.policy_proposed

With Dashboard

Real-time cognitive metrics: - Intent distribution charts - Cost prediction accuracy - Auto-generated policy queue

Configuration

cognitive:
  semantic_judge:
    enabled: true
    model: "llama3.2"
    timeout_ms: 50
    fallback_on_error: true

  oracle:
    enabled: true
    confidence_threshold: 0.8
    history_window: "24h"

  immune_system:
    enabled: true
    auto_approve: false
    min_incidents: 3

Document Version: 1.0
Last Updated: January 6, 2026