{
  "schemaVersion": "cg-repository-exposure-benchmark-result-1.0.0",
  "benchmarkVersion": "1.1.0",
  "testedAt": "2026-07-16T00:00:00.000Z",
  "scanner": {
    "name": "CapitalGuard local scanner",
    "version": "1.3.0"
  },
  "standardVersion": "1.0.0",
  "executionBoundary": "The CapitalGuard 1.3.0 local scanner runs inside a disposable copy of the synthetic repository. The harness executes no fixture command, exploit, vendor product, network action, or customer repository.",
  "claimBoundary": "A passing case proves CapitalGuard 1.3.0 behavior on the declared synthetic fixture only. It is not a vendor comparison, penetration test, false-negative estimate, or guarantee of security.",
  "summary": {
    "cases": 6,
    "passed": 6,
    "failed": 0,
    "emittedArtifactsChecked": 6,
    "fixtureMarkersInEmittedEvidence": 0
  },
  "runDigestAlgorithm": "sha256",
  "runDigestSha256": "9bd53d701cc080d6247c029a3d424de2ca4b72bd48ee5a07a59717f4815c4830",
  "cases": [
    {
      "id": "CGO-TV-001",
      "title": "Secret-like environment file",
      "fixture": ".env.production",
      "controlIds": [
        "CGS-SEC-001",
        "CGS-DATA-001"
      ],
      "expectedFinding": "Identify the secret-like path while keeping the synthetic value out of every emitted evidence artifact.",
      "detectedSignal": "Secret-like files in agent-readable scope",
      "fixtureSha256": "6f94dab76258292a86a152f9dd1bb8daffbb91aa21cf162174430f41c7760ab1",
      "markerPresent": true,
      "markerRedacted": true,
      "result": "pass"
    },
    {
      "id": "CGO-TV-002",
      "title": "Untrusted repository instruction",
      "fixture": "docs/untrusted-instruction.fixture.md",
      "controlIds": [
        "CGS-INJ-001"
      ],
      "expectedFinding": "Identify instruction-like repository content without treating it as authorization or executing it.",
      "detectedSignal": "Prompt-injection indicators in repo-readable text",
      "fixtureSha256": "9c764c5bacb9dcbc1e02c2b79b2b6705535ddc65de237540e3bc579099442990",
      "markerPresent": true,
      "markerRedacted": true,
      "result": "pass"
    },
    {
      "id": "CGO-TV-003",
      "title": "Broad workflow authority",
      "fixture": ".github/workflows/broad-permissions.fixture.yml",
      "controlIds": [
        "CGS-PRIV-001",
        "CGS-HUMAN-001"
      ],
      "expectedFinding": "Identify repository workflow authority that should be reduced and protected by review.",
      "detectedSignal": "Broad workflow permissions",
      "fixtureSha256": "98e3002c7e84e859b5db2dc87acd48153fb5c94381142b83b85d481391f052df",
      "markerPresent": true,
      "markerRedacted": true,
      "result": "pass"
    },
    {
      "id": "CGO-TV-004",
      "title": "Synthetic customer export",
      "fixture": "customer_exports/customer-records.synthetic.json",
      "controlIds": [
        "CGS-DATA-001"
      ],
      "expectedFinding": "Identify customer-data context from its path without copying record contents into emitted evidence.",
      "detectedSignal": "Customer export folders in agent-readable scope",
      "fixtureSha256": "dc4b93353e24abb2bfe2dbf0a135169921e129f2aef4d2d50692a196444a1a9c",
      "markerPresent": true,
      "markerRedacted": true,
      "result": "pass"
    },
    {
      "id": "CGO-TV-005",
      "title": "MCP tool bridge",
      "fixture": ".mcp.json",
      "controlIds": [
        "CGS-TOOL-001",
        "CGS-PRIV-001"
      ],
      "expectedFinding": "Identify a tool bridge that can expand agent authority without executing the configured command.",
      "detectedSignal": "MCP/tool bridge configuration requiring review",
      "fixtureSha256": "805be39ccd9d98dced4a7809945d712395a72d75618583f5f7b1d63d80d3a0c9",
      "markerPresent": true,
      "markerRedacted": true,
      "result": "pass"
    },
    {
      "id": "CGO-TV-006",
      "title": "Package lifecycle authority",
      "fixture": "package.json",
      "controlIds": [
        "CGS-HUMAN-001",
        "CGS-PRIV-001"
      ],
      "expectedFinding": "Identify an automatic package lifecycle path without running the declared script.",
      "detectedSignal": "Package lifecycle scripts requiring review",
      "fixtureSha256": "ff9b8a6e1fd62e5ae6edae2295555612f6263a30892969820346b9329a424958",
      "markerPresent": true,
      "markerRedacted": true,
      "result": "pass"
    }
  ],
  "emittedArtifactDigests": [
    {
      "path": "capitalguard-local-scan-report.md",
      "sha256": "76accba29d5824ffb9ec3fe92bbfd272dac0a044e023dd90298519eaac554b50"
    },
    {
      "path": "capitalguard-local-scan-report.html",
      "sha256": "aa5be049573c307b6218e88e0a0500fb543519dbe0418c3e00f9f5b90d98923f"
    },
    {
      "path": "capitalguard-abom.json",
      "sha256": "e395b8b8d46323e03d4586cfe74dad55ff7346d096f5e63d681a399b320aacfc"
    },
    {
      "path": "capitalguard-security-events.json",
      "sha256": "2282b460741e8ff3ca19de33db8e34db8e6251e1fe16aba9fb17c30e97357889"
    },
    {
      "path": "capitalguard-evidence-bundle.json",
      "sha256": "1dd08493f42439eac97feec21eb3de91df1314269f961255ef3403711a69738c"
    },
    {
      "path": "capitalguard-accessgraph.json",
      "sha256": "d6745cce205fd00ce6006c494f0e6e6486cd3ce7492639b925a0f7430b373852"
    }
  ],
  "primarySources": [
    "https://www.nist.gov/news-events/news/2026/01/caisi-issues-request-information-about-securing-ai-agent-systems",
    "https://cheatsheetseries.owasp.org/cheatsheets/Secure_Coding_with_AI_Cheat_Sheet.html",
    "https://cheatsheetseries.owasp.org/cheatsheets/LLM_Prompt_Injection_Prevention_Cheat_Sheet.html",
    "https://github.blog/changelog/2026-06-09-security-validation-for-third-party-coding-agents/",
    "https://www.cisa.gov/securebydesign"
  ]
}
