Testing and Validation

Testing and Validation

KelvinClaw’s validation strategy is deliberately broad: formatting, linting, supply-chain checks, protocol tests, workspace tests, SDK certification, E2E flows, and clean Docker validation.

Core Validation Commands

Formatting:

cargo fmt --all -- --check

Linting:

cargo clippy --all -- -D warnings

Security and dependency posture:

cargo audit
cargo outdated

Workspace tests:

cargo test --workspace --tests

SDK lane:

scripts/test-sdk.sh

End-to-end:

scripts/test-e2e.sh

Final clean Docker validation:

scripts/test-docker.sh --final

Targeted Validation Lanes

Gateway:

cargo test -p kelvin-gateway

Registry:

cargo test -p kelvin-registry

Plugin lifecycle:

scripts/test-plugin-install.sh
scripts/test-plugin-author-kit.sh
scripts/test-plugin-trust.sh
scripts/test-plugin-abi-compat.sh

Contracts:

scripts/test-contracts.sh

What the Suites Cover

• SDK admission, projection, determinism, and concurrency behavior
• model-provider routing and failover
• tool sandbox approval and scope enforcement
• gateway handshake, auth, ingress, malformed-frame, replay, and restart persistence behavior
• plugin install, discovery, trust, and compatibility
• memory control/data plane contract and transport behavior

Security and Governance Mapping

KelvinClaw maintains explicit test mapping for:

• OWASP Top 10 AI
• NIST AI RMF

These mappings live in the repository docs and are intended to be used during security review and release validation, not only during development.

Recommended Release Gate

For a high-confidence release candidate:

1. cargo fmt --all -- --check
2. cargo clippy --all -- -D warnings
3. cargo audit
4. cargo outdated
5. cargo test --workspace --tests
6. scripts/test-sdk.sh
7. scripts/test-e2e.sh
8. scripts/test-docker.sh --final

Reference

• SDK test matrix
• SDK OWASP Top 10 AI coverage
• SDK NIST AI RMF coverage