{
  "benchmarkId": "CG-BENCHMARK-GITHUB-ACTIONS-AGENT-GATE-0.1.0",
  "version": "0.1.0",
  "testedAt": "2026-07-18T00:00:00.000Z",
  "controlProfileUrl": "https://capitalguard.io/profiles/github-actions-ai-agent-security-gate/v0.1.0/profile.json",
  "workflowProfileUrl": "https://capitalguard.io/profiles/github-actions-ai-agent-security-gate/v0.1.0/workflow.yml",
  "executionOrder": [
    "load inert workflow and declared external context",
    "evaluate eight static control predicates",
    "compare observed status and failed controls with the fixture expectation",
    "digest case results and release artifacts"
  ],
  "passRule": "A case passes only when its pass or block status and exact ordered failed-control list match the declared expectation.",
  "controlIds": [
    "CG-GHA-001",
    "CG-GHA-002",
    "CG-GHA-003",
    "CG-GHA-004",
    "CG-GHA-005",
    "CG-GHA-006",
    "CG-GHA-007",
    "CG-GHA-008"
  ],
  "sourceCheckedAt": "2026-07-18",
  "sourceUrls": [
    "https://docs.github.com/en/actions/reference/security/secure-use",
    "https://docs.github.com/en/actions/concepts/security/script-injections",
    "https://docs.github.com/en/actions/concepts/security/openid-connect",
    "https://docs.github.com/en/actions/reference/workflows-and-actions/deployments-and-environments",
    "https://docs.github.com/en/organizations/managing-organization-settings/actions-policies/workflow-execution-protections"
  ],
  "reproducibility": {
    "command": "node --no-warnings --experimental-strip-types scripts/run-github-actions-profile-benchmark.mjs",
    "fixturePack": "/observatory/benchmarks/github-actions-agent-gate/v0.1.0/fixture-pack.json",
    "results": "/observatory/benchmarks/github-actions-agent-gate/v0.1.0/results.json"
  },
  "claimBoundary": "This publisher-operated benchmark applies eight narrow static checks to ten inert synthetic workflow fixtures. It does not execute GitHub Actions, inspect a live repository, test GitHub infrastructure, or prove that a workflow is secure.",
  "limitations": [
    "The evaluator recognizes the declared fixture patterns; it is not a general YAML parser or a replacement for CodeQL, review, or GitHub policy enforcement.",
    "Repository, environment, OIDC receiver, and authorization settings outside workflow YAML are represented by explicit synthetic context declarations.",
    "A passing fixture means the expected rule outcome was reproduced for that fixture only.",
    "GitHub features, plan availability, and public-preview behavior can change after the source-check date."
  ]
}
