Bayesilisk

Bayesilisk is a deterministic local layer for permission, entitlement, route, and data-boundary sitting over Playwright, with Grassmann attention, and LLM-generated scenario-proposal workflows gated by a finite-state verifier.

Beyond E2E Scripts: Using LLM-Proposed Scenarios Without Letting the LLM Be the Oracle.

It is built for testers and agents that need reproducible findings, stable fingerprints, and issue-ready output without granting a model authority over the final verdict.

Playwright is the sensor.
Grassmann attention is the router.
The scenario proposer model is the proposer.
Bayesilisk is the judge.

The rule engine remains deterministic:

scenario facts -> invariant checks -> pass/fail -> Bayesian ranking

Contents

• Quick Start
  • Install
  • Run the Verifier
  • Run The MCP Server
  • Run With Context
  • Run the Playwright Demo
  • Enable Optional Ollama Layers
  • Test
  • Build Documentation
• Architecture
  • Core Verifier
  • Playwright Sensor
  • Grassmann Attention
  • Scenario Proposer Model
  • Feedback Loop
  • Ledgers
• Reports
  • Main Fields
  • Finding Status
  • Scores
  • Fingerprints
  • Issue Payloads
  • Proof Artifacts
• Integrations
  • Microsoft Playwright
  • Ollama Embeddings
  • Scenario Proposer Model
  • MCP Server
  • Coding Agent Loop
  • GitHub Issues
• Codex MCP
  • Install From GitHub
  • Configure Codex
  • Start A Connector Session
  • MCP Tools
  • Trust Rules
  • Minimal Connector Loop
• Connector Authoring
  • What Goes In A Connector
  • Minimal Output Contract
  • Connector Workflow
  • Action Mapping
  • LLM Team Rules
  • Coding Agent Contract
  • Human Review Checklist
  • Good Connector Boundaries
  • Worked Example
• Examples
  • ABAG Connector Context
  • Cal.com Connector Evidence
• Development
  • Repository Layout
  • Test Policy
  • Docs Policy
  • Public Language
  • Boundaries
• Bayesilisk
  • Layers
  • Generated composites
  • Report Contract
  • CLI
  • MCP tool server
  • Microsoft Playwright bridge
  • Grassmann attention
  • Hardening workflow
  • Boundaries

Why It Exists

Complex application suites often have permission and data-boundary bugs that cross feature lines: HR documents plus support takeover, expenses plus DMS receipts, travel funding plus approval routes, or billing exports plus customer module entitlements. Bayesilisk provides a local way to compose those cases, evaluate explicit invariants, and rank findings for follow-up work.

What It Does Not Do

Bayesilisk does not:

• connect to production systems;

• inspect live customer data;

• mutate issue trackers, databases, or application state;

• let embeddings or model output declare a bug;

• replace application-level authorization checks.

It is a verifier and prioritizer, not an authorization engine.