{
  "claim_outcome": "confirmed",
  "claim_block_reason": null,
  "repro_result": "confirmed",
  "validated_surface": "cli_local",
  "evidence_scope": "production_path",
  "claimed_impact_class": "code_execution",
  "observed_impact_class": "code_execution",
  "exploitability_confidence": "high",
  "attacker_controlled_input": "Positional arguments passed to `node --run <task> -- <args>` containing a single quote followed by shell metacharacters (e.g. \"x';id > MARKER;echo INJECTION_PROVEN #\")",
  "trigger_path": "node --run -> ProcessRunner::ProcessRunner -> EscapeShell (replaces ' with \\' and wraps in single quotes) -> uv_spawn /bin/sh -c with the concatenated command string -> shell interprets broken escaping as command syntax -> injected id/echo commands execute",
  "end_to_end_target_reached": true,
  "sanitizer_used": false,
  "crash_observed": false,
  "read_write_primitive_observed": false,
  "exploit_chain_demonstrated": true,
  "blocking_mitigation": null,
  "inferred": false
}
