{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "id": "CGS-1.0.0",
  "name": "CapitalGuard Standard",
  "version": "1.0.0",
  "status": "published",
  "publishedAt": "2026-07-11",
  "canonicalUrl": "https://capitalguard.io/standard/1.0",
  "machineReadableBaseUrl": "https://capitalguard.io/standard/v1.0.0/",
  "scope": "AI-agent security controls for software repositories",
  "resultStates": ["conformant", "non-conformant", "incomplete"],
  "officialVerificationStates": ["recorded", "verified", "expired", "revoked"],
  "signatureAlgorithm": "Ed25519",
  "guardprintAlgorithm": "SHA-256",
  "controlsUrl": "https://capitalguard.io/standard/v1.0.0/controls.json",
  "guardprintSchemaUrl": "https://capitalguard.io/standard/v1.0.0/guardprint.schema.json",
  "attestationSchemaUrl": "https://capitalguard.io/standard/v1.0.0/attestation.schema.json",
  "testVectorsUrl": "https://capitalguard.io/standard/v1.0.0/test-vectors.json",
  "releaseManifestUrl": "https://capitalguard.io/standard/v1.0.0/release-manifest.json",
  "verificationKeysUrl": "https://capitalguard.io/.well-known/capitalguard-verification-keys.json",
  "specificationLicense": "CC-BY-4.0",
  "proprietaryBoundary": [
    "risk-score weights and calibration",
    "threat-intelligence sources and detection tuning",
    "benchmark distributions",
    "reviewer playbooks and escalation thresholds",
    "anti-fraud controls",
    "private signing keys",
    "customer evidence and private findings"
  ],
  "claimBoundary": "Open conformance does not grant CapitalGuard Verified. CapitalGuard Verified requires an active CapitalGuard-issued signed attestation."
}
