Add Red Team adversarial review system for contract monitoring (#35)

Implements a parallel "red team" task that monitors work task outputs in
real-time, verifying implementations stick to contract requirements,
repository standards, and the execution plan.

Key features:
- New `red_team_enabled` and `red_team_prompt` contract configuration
- Red team tasks auto-spawn when first work task is created
- `makima red-team notify` CLI command for alerting supervisors
- POST /api/v1/mesh/red-team/notify and /status endpoints
- Alert delivery to supervisor via SendMessage daemon command
- Notification audit trail via history_events table

Database changes:
- Add red_team_enabled/red_team_prompt columns to contracts
- Add is_red_team flag to tasks with partial index
- Create red_team_notifications table for audit logging

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

1 files changed, 91 insertions, 0 deletions

diff --git a/makima/src/db/models.rs b/makima/src/db/models.rs
index 9c2d072..d5f2814 100644
--- a/makima/src/db/models.rs
+++ b/makima/src/db/models.rs
@@ -440,6 +440,11 @@ pub struct Task {
     /// True for contract supervisor tasks. Only supervisors can spawn new tasks.
     #[serde(default)]
     pub is_supervisor: bool,
+    /// Whether this is a red team monitoring task.
+    /// Red team tasks monitor work task outputs and can notify
+    /// the supervisor about potential issues.
+    #[serde(default)]
+    pub is_red_team: bool,
 
     // Daemon/container info
     pub daemon_id: Option<Uuid>,
@@ -570,6 +575,9 @@ pub struct TaskSummary {
     /// True for contract supervisor tasks
     #[serde(default)]
     pub is_supervisor: bool,
+    /// True for red team tasks that monitor and review other tasks' work
+    #[serde(default)]
+    pub is_red_team: bool,
     /// Whether this task is hidden from the UI (user dismissed it)
     #[serde(default)]
     pub hidden: bool,
@@ -595,6 +603,7 @@ impl From<Task> for TaskSummary {
             subtask_count: 0, // Would need separate query
             version: task.version,
             is_supervisor: task.is_supervisor,
+            is_red_team: task.is_red_team,
             hidden: task.hidden,
             created_at: task.created_at,
             updated_at: task.updated_at,
@@ -627,6 +636,9 @@ pub struct CreateTaskRequest {
     /// True for contract supervisor tasks. Only supervisors can spawn new tasks.
     #[serde(default)]
     pub is_supervisor: bool,
+    /// True for red team tasks that monitor and review other tasks' work.
+    #[serde(default)]
+    pub is_red_team: bool,
     /// Priority (higher = more urgent)
     #[serde(default)]
     pub priority: i32,
@@ -1331,6 +1343,15 @@ pub struct Contract {
     /// allowing users to manually handle code changes via patch files or other means.
     #[serde(default)]
     pub local_only: bool,
+    /// Whether to spawn a red team task to monitor work tasks.
+    /// When enabled, a parallel task monitors outputs and can alert
+    /// the supervisor about potential issues.
+    #[serde(default)]
+    pub red_team_enabled: bool,
+    /// Optional custom prompt/criteria for the red team to use
+    /// when evaluating task outputs.
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub red_team_prompt: Option<String>,
     pub version: i32,
     pub created_at: DateTime<Utc>,
     pub updated_at: DateTime<Utc>,
@@ -1508,6 +1529,15 @@ pub struct CreateContractRequest {
     /// allowing users to manually handle code changes via patch files or other means.
     #[serde(default)]
     pub local_only: Option<bool>,
+    /// Enable red team monitoring for this contract.
+    /// When enabled, a parallel task monitors work task outputs
+    /// and can alert the supervisor about potential issues.
+    #[serde(default)]
+    pub red_team_enabled: Option<bool>,
+    /// Optional custom criteria for the red team to evaluate.
+    /// Examples: "Focus on security vulnerabilities",
+    /// "Ensure all functions have tests", etc.
+    pub red_team_prompt: Option<String>,
 }
 
 /// Request payload for updating a contract
@@ -2074,3 +2104,64 @@ pub struct CheckpointPatchInfo {
     pub created_at: DateTime<Utc>,
     pub expires_at: DateTime<Utc>,
 }
+
+// ============================================================================
+// Red Team Types
+// ============================================================================
+
+/// Red Team notification record
+#[derive(Debug, Clone, FromRow, Serialize, ToSchema)]
+#[serde(rename_all = "camelCase")]
+pub struct RedTeamNotification {
+    pub id: Uuid,
+    pub contract_id: Uuid,
+    pub red_team_task_id: Uuid,
+    pub related_task_id: Option<Uuid>,
+
+    pub message: String,
+    pub severity: String,
+    pub file_path: Option<String>,
+    pub context: Option<String>,
+
+    pub delivered: bool,
+    pub delivered_at: Option<DateTime<Utc>>,
+    pub acknowledged: bool,
+    pub acknowledged_at: Option<DateTime<Utc>>,
+
+    pub created_at: DateTime<Utc>,
+}
+
+/// Severity levels for red team notifications
+#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "lowercase")]
+pub enum NotificationSeverity {
+    Low,
+    Medium,
+    High,
+    Critical,
+}
+
+impl std::fmt::Display for NotificationSeverity {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self {
+            Self::Low => write!(f, "low"),
+            Self::Medium => write!(f, "medium"),
+            Self::High => write!(f, "high"),
+            Self::Critical => write!(f, "critical"),
+        }
+    }
+}
+
+impl std::str::FromStr for NotificationSeverity {
+    type Err = String;
+
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        match s.to_lowercase().as_str() {
+            "low" => Ok(Self::Low),
+            "medium" => Ok(Self::Medium),
+            "high" => Ok(Self::High),
+            "critical" => Ok(Self::Critical),
+            _ => Err(format!("Invalid severity: {}", s)),
+        }
+    }
+}