{
  "entrypoint_kind": "api_remote",
  "entrypoint_detail": "jenkins-cli-over-http (connect-node @/etc/passwd)",
  "service_started": true,
  "healthcheck_passed": true,
  "target_path_reached": true,
  "runtime_stack": [
    "docker",
    "jenkins-controller",
    "jenkins-cli-http"
  ],
  "proof_artifacts": [
    "logs/vuln_attempt1.log",
    "logs/vuln_attempt2.log",
    "logs/fixed_attempt1.log",
    "logs/fixed_attempt2.log",
    "logs/cli_vuln.out",
    "logs/cli_fixed.out",
    "logs/docker_vuln.log",
    "logs/docker_fixed.log",
    "logs/cli_vuln_help.out",
    "logs/whoami_vuln.out",
    "logs/whoami_fixed.out",
    "logs/reproduction_steps.log",
    "logs/vuln_passwd_ground_truth.txt",
    "logs/fixed_passwd_ground_truth.txt"
  ],
  "notes": "CONFIRMED: vulnerable 2.441 leaked /etc/passwd via CLI @-file expansion over HTTP (19 lines matched ground truth); fixed 2.442 blocked it."
}