cg-risk-1.0.0CapitalGuard Risk Score
A versioned 0-100 signal keeps every score comparable to the exact model that produced it.
CapitalGuard Exposure Intelligence
CapitalGuard combines a versioned score, privacy-safe exposure patterns, fingerprinted policies, and a verified history chain. The result gets more useful with each authorized review without creating a shared repository-code database.
Layer 01
Risk Score
Layer 02
AccessGraph
Layer 03
Policy Hash
Layer 04
Verified History
Four compounding layers
The defensible layer is the structured record produced around the scan, not a promise that one scanner finds everything.
cg-risk-1.0.0A versioned 0-100 signal keeps every score comparable to the exact model that produced it.
cg-accessgraph-1.0.0Agent actions, exposed asset classes, controls, and one-way state fingerprints form a map without pooling source code or secret values.
cg-policy-1.0.0Every generated policy can carry a SHA-256 fingerprint so teams can prove which guardrail artifact was reviewed.
scan + policy + badgeScore history, policy versions, delivery state, and approved badge records form an evidence trail that compounds over time.
Risk taxonomy
Weights are public enough to make the model understandable while the detailed evidence remains private to the authorized customer.
Secret-bearing paths and credential-shaped context reachable by agents.
Operational, customer, billing, auth, and deployment files inside agent scope.
Read, write, terminal, browser, connector, and external-transfer authority.
Untrusted instructions in docs, issues, prompts, logs, and generated files.
Absent protected paths, approval gates, redaction rules, and tool boundaries.
Lifecycle scripts, registry credentials, and agent-controlled package changes.
Customer, personal, support, and production data entering agent context.
CI, release, infrastructure, and deployment paths agents can influence.
Privacy boundary
CapitalGuard is designed to learn from categories and one-way fingerprints. Customer source, secret values, repository names, customer identities, and raw paths do not belong in shared intelligence.
Shared intelligence boundary
Patterns in. Private material out.
Start the record