From ed2d1846cdb903384a8739d6bb02b9e6e3ac2308 Mon Sep 17 00:00:00 2001 From: Claude Date: Thu, 11 Jun 2026 22:25:24 +0000 Subject: [PATCH] audit(assail): classify 11 audited-FP residuals from fresh 2.5.5 scan Extends the existing classification registry (v1.0.0 -> v1.1.0) with the audited residuals from the 2026-06-11 fresh panic-attack scan: bench/audit harnesses that eval their own embedded command tables (k9-bench, parser-bench, rsr-audit), BoF presentation demos, demo and example code, the pandoc build-time filter, audited Zig FFI boundary casts, and ReScript compiler output (*.res.js). Every entry was inspected at source this session. With these, the standards repo's unsuppressed non-heuristic Critical/High count is 0 (the stale verisimdb-data store showed 3 Criticals pointing at *-scm/src/abi/Foreign.idr files that no longer exist). --- audits/assail-classifications.a2ml | 100 +++++++++++++++++++++++++++-- 1 file changed, 96 insertions(+), 4 deletions(-) diff --git a/audits/assail-classifications.a2ml b/audits/assail-classifications.a2ml index 082b5e6d..1dd773d5 100644 --- a/audits/assail-classifications.a2ml +++ b/audits/assail-classifications.a2ml @@ -6,10 +6,10 @@ (assail-classifications (metadata - (version "1.0.0") + (version "1.1.0") (project "standards") - (last-updated "2026-05-26") - (entries 1) + (last-updated "2026-06-11") + (entries 12) (status "active")) ;; ─── PA021 ProofDrift — justified postulates (real-analysis) ───────────── @@ -23,4 +23,96 @@ (category "ProofDrift") (classification "justified-postulate-real-analysis") (audit "audits/audit-pa021-justified-postulates-2026-05-26.md") - (rationale "4 information-theory postulates (entropy-nonnegative, kl-nonnegative, js-symmetric, js-bounded). Each has a textbook proof (HoTT/Gibbs/Lin 1991) but requires real-analysis formalisation in Agda over ℝ. File-internal comment explicitly classifies these as justified postulates, not debt."))) + (rationale "4 information-theory postulates (entropy-nonnegative, kl-nonnegative, js-symmetric, js-bounded). Each has a textbook proof (HoTT/Gibbs/Lin 1991) but requires real-analysis formalisation in Agda over ℝ. File-internal comment explicitly classifies these as justified postulates, not debt.")) + + ;; ─── 2026-06-11 estate-loop session — fresh panic-attack 2.5.5 scan ────── + ;; Every entry below inspected at source. Classes: benchmark/audit + ;; harnesses evaluating their own fixed command tables, presentation + ;; demos, example code, build-time tooling, FFI boundary casts, and + ;; ReScript compiler output. + + ;; Bench/audit harnesses: eval of OWN fixed command tables. No + ;; external or user input reaches the eval — parallel to + ;; gitbot-fleet's fix-script carve-out. + (classification + (file "k9-svc/benchmarks/k9-bench.sh") + (category "CommandInjection") + (classification "bench-harness-own-command-table") + (audit "k9-bench.sh benchmark_command/benchmark_scaling — eval over the script's own command table") + (rationale "developer benchmark harness; commands are embedded constants templated by the script itself")) + + (classification + (file "a2ml/benchmarks/parser-bench.sh") + (category "CommandInjection") + (classification "bench-harness-own-command-table") + (audit "parser benchmark harness — same eval-own-table pattern as k9-bench.sh") + (rationale "developer benchmark harness; commands are embedded constants")) + + (classification + (file "rhodium-standard-repositories/rsr-audit.sh") + (category "CommandInjection") + (classification "audit-harness-own-check-table") + (audit "rsr-audit.sh:98 — eval \"$command\" over the audit's own check table") + (rationale "compliance audit harness; the evaluated commands are the script's embedded check definitions")) + + ;; Presentation demos. + (classification + (file "rhodium-standard-repositories/satellites/palimpsest-license/bof-meetings/presentations/demo-dns-discovery.sh") + (category "CommandInjection") + (classification "presentation-demo") + (audit "BoF presentation demo script") + (rationale "live-demo material, not deployed code; eval drives the scripted demo sequence")) + + (classification + (file "rhodium-standard-repositories/satellites/palimpsest-license/bof-meetings/presentations/demo-http-headers.sh") + (category "CommandInjection") + (classification "presentation-demo") + (audit "BoF presentation demo script") + (rationale "live-demo material, not deployed code; eval drives the scripted demo sequence")) + + ;; Demo / example code. + (classification + (file "avow-protocol/public/demo.js") + (category "DynamicCodeExecution") + (classification "demo-ui") + (audit "public demo page DOM rendering") + (rationale "demo UI writing its own generated markup; not an application input path")) + + (classification + (file "avow-protocol/avow-lib/examples/rust/src/main.rs") + (category "UnsafeCode") + (classification "example-code") + (audit "examples/ directory — illustrative FFI usage") + (rationale "example code demonstrating the library's FFI surface; not shipped")) + + ;; Build-time tooling. + (classification + (file "a2ml/pandoc/a2ml-filter.lua") + (category "CommandInjection") + (classification "build-time-document-filter") + (audit "pandoc Lua filter — os.execute/io.popen during document builds") + (rationale "build-time document filter invoked by pandoc on trusted repo content; no runtime exposure")) + + ;; FFI boundary casts (audited) — mirrors the 007 zig_bridge.rs + ;; reference classification. + (classification + (file "overlay-protocol/ffi/zig/src/main.zig") + (category "UnsafeCode") + (classification "ffi-boundary-cast") + (audit "Zig C-ABI bridge — single pointer cast at the exported boundary") + (rationale "the cast is the FFI contract")) + + (classification + (file "lol/ffi/zig/src/main.zig") + (category "UnsafeCode") + (classification "ffi-boundary-cast") + (audit "Zig C-ABI bridge — pointer casts at the exported boundary") + (rationale "FFI marshalling layer; casts are the C ABI contract")) + + ;; Compiler output. + (classification + (file "axel-protocol/src/Tea.res.js") + (category "DynamicCodeExecution") + (classification "compiled-output") + (audit "*.res.js — ReScript compiler output, not source") + (rationale "generated artifact (estate carve-out class: compiled output); fix belongs in the .res source if anywhere")))