{
  "entrypoint_kind": "cli_local",
  "entrypoint_detail": "runc run and runc create+runc start with malicious /dev or /dev/pts symlinks in the bundle rootfs",
  "service_started": false,
  "healthcheck_passed": false,
  "target_path_reached": true,
  "runtime_stack": [
    "docker",
    "runc"
  ],
  "proof_artifacts": [
    "logs/vuln_variant/relative_dev_symlink_vuln.log",
    "logs/vuln_variant/relative_dev_symlink_fixed.log",
    "logs/vuln_variant/pts_symlink_vuln.log",
    "logs/vuln_variant/pts_symlink_fixed.log",
    "logs/vuln_variant/create_start_entrypoint_vuln.log",
    "logs/vuln_variant/create_start_entrypoint_fixed.log"
  ],
  "notes": "Tested three distinct variant candidates against runc 1.3.5 and 1.3.6. Bypass on fixed=False, distinct alternate trigger=True."
}