{
  "id": "CG-FIXTURE-GITHUB-ACTIONS-AGENT-GATE-0.1.0",
  "version": "0.1.0",
  "authorization": "Publisher-created inert workflows for defensive testing only.",
  "reconstructable": true,
  "inertValuesOnly": true,
  "fixtures": [
    {
      "id": "CG-GHA-BENCH-001",
      "title": "Pinned read-only pull request gate",
      "expectedStatus": "pass",
      "expectedFailedControlIds": [],
      "context": {
        "authorizationConfirmed": true,
        "triggerRepository": "capitalguard/synthetic-fixture",
        "authorizedRepositories": [
          "capitalguard/synthetic-fixture"
        ],
        "oidcAudienceBound": true,
        "oidcRepositoryBound": true,
        "protectedEnvironmentConfirmed": true
      },
      "workflow": "name: CapitalGuard AI-agent gate\n\non:\n  pull_request:\n  push:\n    branches: [main]\n\npermissions:\n  contents: read\n  id-token: write # Remove if signed-preview is false.\n\njobs:\n  capitalguard:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Check out the triggering repository\n        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6\n        with:\n          persist-credentials: false\n\n      - name: Check AI-agent exposure\n        uses: CapitalGuard-Security/capitalguard-action@33d6a70d997c67a53f74247f1bdc83dbeb7d9079 # v1\n        with:\n          authorization-confirmed: true\n          manual-controls-confirmed: true\n          fail-on: high\n          signed-preview: true\n          annotations: false\n",
      "workflowSha256": "945e7648ef35d4881e15f98139f1d3ee4829ae4983e63de8c5a76bbbda70e229"
    },
    {
      "id": "CG-GHA-BENCH-002",
      "title": "Repository write permission",
      "expectedStatus": "block",
      "expectedFailedControlIds": [
        "CG-GHA-003"
      ],
      "context": {
        "authorizationConfirmed": true,
        "triggerRepository": "capitalguard/synthetic-fixture",
        "authorizedRepositories": [
          "capitalguard/synthetic-fixture"
        ],
        "oidcAudienceBound": true,
        "oidcRepositoryBound": true,
        "protectedEnvironmentConfirmed": true
      },
      "workflow": "name: CapitalGuard AI-agent gate\n\non:\n  pull_request:\n  push:\n    branches: [main]\n\npermissions:\n  contents: write\n  id-token: write # Remove if signed-preview is false.\n\njobs:\n  capitalguard:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Check out the triggering repository\n        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6\n        with:\n          persist-credentials: false\n\n      - name: Check AI-agent exposure\n        uses: CapitalGuard-Security/capitalguard-action@33d6a70d997c67a53f74247f1bdc83dbeb7d9079 # v1\n        with:\n          authorization-confirmed: true\n          manual-controls-confirmed: true\n          fail-on: high\n          signed-preview: true\n          annotations: false\n",
      "workflowSha256": "e9332fa1f027f7aacfb805693b0e38914e571094a3fa273ad24f24fd6a28631f"
    },
    {
      "id": "CG-GHA-BENCH-003",
      "title": "Mutable third-party action references",
      "expectedStatus": "block",
      "expectedFailedControlIds": [
        "CG-GHA-004"
      ],
      "context": {
        "authorizationConfirmed": true,
        "triggerRepository": "capitalguard/synthetic-fixture",
        "authorizedRepositories": [
          "capitalguard/synthetic-fixture"
        ],
        "oidcAudienceBound": true,
        "oidcRepositoryBound": true,
        "protectedEnvironmentConfirmed": true
      },
      "workflow": "name: CapitalGuard AI-agent gate\n\non:\n  pull_request:\n  push:\n    branches: [main]\n\npermissions:\n  contents: read\n  id-token: write # Remove if signed-preview is false.\n\njobs:\n  capitalguard:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Check out the triggering repository\n        uses: actions/checkout@v6 # v6\n        with:\n          persist-credentials: false\n\n      - name: Check AI-agent exposure\n        uses: CapitalGuard-Security/capitalguard-action@v1 # v1\n        with:\n          authorization-confirmed: true\n          manual-controls-confirmed: true\n          fail-on: high\n          signed-preview: true\n          annotations: false\n",
      "workflowSha256": "d186d2cda1c6c8bfafa227b516c632eb2a950737047b72a347845269714c3cd0"
    },
    {
      "id": "CG-GHA-BENCH-004",
      "title": "Persisted checkout credential",
      "expectedStatus": "block",
      "expectedFailedControlIds": [
        "CG-GHA-005"
      ],
      "context": {
        "authorizationConfirmed": true,
        "triggerRepository": "capitalguard/synthetic-fixture",
        "authorizedRepositories": [
          "capitalguard/synthetic-fixture"
        ],
        "oidcAudienceBound": true,
        "oidcRepositoryBound": true,
        "protectedEnvironmentConfirmed": true
      },
      "workflow": "name: CapitalGuard AI-agent gate\n\non:\n  pull_request:\n  push:\n    branches: [main]\n\npermissions:\n  contents: read\n  id-token: write # Remove if signed-preview is false.\n\njobs:\n  capitalguard:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Check out the triggering repository\n        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6\n        with:\n          persist-credentials: true\n\n      - name: Check AI-agent exposure\n        uses: CapitalGuard-Security/capitalguard-action@33d6a70d997c67a53f74247f1bdc83dbeb7d9079 # v1\n        with:\n          authorization-confirmed: true\n          manual-controls-confirmed: true\n          fail-on: high\n          signed-preview: true\n          annotations: false\n",
      "workflowSha256": "236329fdd043070f5cd984bec6e1bd5cb5095994b1fef3dc9cd1a09265039b24"
    },
    {
      "id": "CG-GHA-BENCH-005",
      "title": "Pull request title expanded in shell",
      "expectedStatus": "block",
      "expectedFailedControlIds": [
        "CG-GHA-006"
      ],
      "context": {
        "authorizationConfirmed": true,
        "triggerRepository": "capitalguard/synthetic-fixture",
        "authorizedRepositories": [
          "capitalguard/synthetic-fixture"
        ],
        "oidcAudienceBound": true,
        "oidcRepositoryBound": true,
        "protectedEnvironmentConfirmed": true
      },
      "workflow": "name: CapitalGuard AI-agent gate\n\non:\n  pull_request:\n  push:\n    branches: [main]\n\npermissions:\n  contents: read\n  id-token: write # Remove if signed-preview is false.\n\njobs:\n  capitalguard:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Check out the triggering repository\n        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6\n        with:\n          persist-credentials: false\n\n      - name: Check AI-agent exposure\n        uses: CapitalGuard-Security/capitalguard-action@33d6a70d997c67a53f74247f1bdc83dbeb7d9079 # v1\n        with:\n          authorization-confirmed: true\n          manual-controls-confirmed: true\n          fail-on: high\n          signed-preview: true\n          annotations: false\n      - name: Unsafe title check\n        run: |\n          echo \"${{ github.event.pull_request.title }}\"\n",
      "workflowSha256": "5faf6f03c4404ab9c689a2dfade03b7bf543d55470210ddde443b7f045ba33be"
    },
    {
      "id": "CG-GHA-BENCH-006",
      "title": "Privileged trigger checks out untrusted head",
      "expectedStatus": "block",
      "expectedFailedControlIds": [
        "CG-GHA-002"
      ],
      "context": {
        "authorizationConfirmed": true,
        "triggerRepository": "capitalguard/synthetic-fixture",
        "authorizedRepositories": [
          "capitalguard/synthetic-fixture"
        ],
        "oidcAudienceBound": true,
        "oidcRepositoryBound": true,
        "protectedEnvironmentConfirmed": true
      },
      "workflow": "name: CapitalGuard AI-agent gate\n\non:\n  pull_request_target:\n  push:\n    branches: [main]\n\npermissions:\n  contents: read\n  id-token: write # Remove if signed-preview is false.\n\njobs:\n  capitalguard:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Check out the triggering repository\n        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6\n        with:\n          persist-credentials: false\n          ref: ${{ github.event.pull_request.head.sha }}\n\n      - name: Check AI-agent exposure\n        uses: CapitalGuard-Security/capitalguard-action@33d6a70d997c67a53f74247f1bdc83dbeb7d9079 # v1\n        with:\n          authorization-confirmed: true\n          manual-controls-confirmed: true\n          fail-on: high\n          signed-preview: true\n          annotations: false\n",
      "workflowSha256": "c2c7800b15a15dd7f8f9d10e5d78a92396ba4694f2db1a9344a61fc81bfe59e2"
    },
    {
      "id": "CG-GHA-BENCH-007",
      "title": "OIDC enabled without bound receiver policy",
      "expectedStatus": "block",
      "expectedFailedControlIds": [
        "CG-GHA-007"
      ],
      "context": {
        "authorizationConfirmed": true,
        "triggerRepository": "capitalguard/synthetic-fixture",
        "authorizedRepositories": [
          "capitalguard/synthetic-fixture"
        ],
        "oidcAudienceBound": false,
        "oidcRepositoryBound": false,
        "protectedEnvironmentConfirmed": true
      },
      "workflow": "name: CapitalGuard AI-agent gate\n\non:\n  pull_request:\n  push:\n    branches: [main]\n\npermissions:\n  contents: read\n  id-token: write # Remove if signed-preview is false.\n\njobs:\n  capitalguard:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Check out the triggering repository\n        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6\n        with:\n          persist-credentials: false\n\n      - name: Check AI-agent exposure\n        uses: CapitalGuard-Security/capitalguard-action@33d6a70d997c67a53f74247f1bdc83dbeb7d9079 # v1\n        with:\n          authorization-confirmed: true\n          manual-controls-confirmed: true\n          fail-on: high\n          signed-preview: false\n          annotations: false\n",
      "workflowSha256": "a12400fed9539aeb8fb0772f812f1d9b1bb269a0c15d6e7cdac721ae979ccc01"
    },
    {
      "id": "CG-GHA-BENCH-008",
      "title": "Deployment command without protected environment",
      "expectedStatus": "block",
      "expectedFailedControlIds": [
        "CG-GHA-008"
      ],
      "context": {
        "authorizationConfirmed": true,
        "triggerRepository": "capitalguard/synthetic-fixture",
        "authorizedRepositories": [
          "capitalguard/synthetic-fixture"
        ],
        "oidcAudienceBound": true,
        "oidcRepositoryBound": true,
        "protectedEnvironmentConfirmed": false
      },
      "workflow": "name: CapitalGuard AI-agent gate\n\non:\n  pull_request:\n  push:\n    branches: [main]\n\npermissions:\n  contents: read\n  id-token: write # Remove if signed-preview is false.\n\njobs:\n  capitalguard:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Check out the triggering repository\n        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6\n        with:\n          persist-credentials: false\n\n      - name: Check AI-agent exposure\n        uses: CapitalGuard-Security/capitalguard-action@33d6a70d997c67a53f74247f1bdc83dbeb7d9079 # v1\n        with:\n          authorization-confirmed: true\n          manual-controls-confirmed: true\n          fail-on: high\n          signed-preview: true\n          annotations: false\n      - name: Deploy without an environment gate\n        run: kubectl apply -f deployment.yaml\n",
      "workflowSha256": "a139a2deba8357f3b9a333f2d898be73f94a467e892750c5d22e68b0c98851e1"
    },
    {
      "id": "CG-GHA-BENCH-009",
      "title": "Unauthorized cross-repository checkout",
      "expectedStatus": "block",
      "expectedFailedControlIds": [
        "CG-GHA-001"
      ],
      "context": {
        "authorizationConfirmed": true,
        "triggerRepository": "capitalguard/synthetic-fixture",
        "authorizedRepositories": [
          "capitalguard/synthetic-fixture"
        ],
        "oidcAudienceBound": true,
        "oidcRepositoryBound": true,
        "protectedEnvironmentConfirmed": true
      },
      "workflow": "name: CapitalGuard AI-agent gate\n\non:\n  pull_request:\n  push:\n    branches: [main]\n\npermissions:\n  contents: read\n  id-token: write # Remove if signed-preview is false.\n\njobs:\n  capitalguard:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Check out the triggering repository\n        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6\n        with:\n          persist-credentials: false\n          repository: outside/private-repository\n\n      - name: Check AI-agent exposure\n        uses: CapitalGuard-Security/capitalguard-action@33d6a70d997c67a53f74247f1bdc83dbeb7d9079 # v1\n        with:\n          authorization-confirmed: true\n          manual-controls-confirmed: true\n          fail-on: high\n          signed-preview: true\n          annotations: false\n",
      "workflowSha256": "5693d8aa2246cfba94195e1b25780f9942a256d2e2699a7f402ec499870f8186"
    },
    {
      "id": "CG-GHA-BENCH-010",
      "title": "Read-only gate without OIDC",
      "expectedStatus": "pass",
      "expectedFailedControlIds": [],
      "context": {
        "authorizationConfirmed": true,
        "triggerRepository": "capitalguard/synthetic-fixture",
        "authorizedRepositories": [
          "capitalguard/synthetic-fixture"
        ],
        "oidcAudienceBound": false,
        "oidcRepositoryBound": false,
        "protectedEnvironmentConfirmed": true
      },
      "workflow": "name: CapitalGuard AI-agent gate\n\non:\n  pull_request:\n  push:\n    branches: [main]\n\npermissions:\n  contents: read\n\njobs:\n  capitalguard:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Check out the triggering repository\n        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6\n        with:\n          persist-credentials: false\n\n      - name: Check AI-agent exposure\n        uses: CapitalGuard-Security/capitalguard-action@33d6a70d997c67a53f74247f1bdc83dbeb7d9079 # v1\n        with:\n          authorization-confirmed: true\n          manual-controls-confirmed: true\n          fail-on: high\n          signed-preview: false\n          annotations: false\n",
      "workflowSha256": "975ba99f03bef574dee5b48d756488f15126ef1cee935d80fc96af30dcbbbfcf"
    }
  ]
}
