{
  "schema_version": 1,
  "updated_at": "2026-07-05T06:48:05.658048555Z",
  "entries": [
    {
      "logical_path": "repro/reproduction_steps.sh",
      "stage": "repro",
      "role": "primary_reproducer",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after repro stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "repro/exploit.py",
      "stage": "repro",
      "role": "primary_reproducer",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Exploit helper (stdlib Python only) that submits the unauthenticated malicious INLINE workflow and returns the executed command stdout via the Conductor API.",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "artifacts/vuln_exploit.json",
      "stage": "repro",
      "role": "request_response",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Structured proof that the vulnerable 3.22.3 build executed the attacker command (task COMPLETED, rce_confirmed=true, stdout shows uid=0(root) + unique marker + hostname).",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "artifacts/vuln_marker_check.txt",
      "stage": "repro",
      "role": "crash_trace",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Independent docker exec proof that the RCE marker file was written inside the vulnerable container (root-owned), corroborating the API-returned command output.",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "artifacts/fixed_exploit.json",
      "stage": "repro",
      "role": "validation_verdict",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Negative control: the fixed 3.30.2 build blocks the identical payload (task FAILED_WITH_TERMINAL_ERROR, rce_confirmed=false, no command output).",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "logs/reproduction_steps.log",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "repro/runtime_manifest.json",
      "stage": "repro",
      "role": "runtime_manifest",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared supplemental repro stage artifact",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "repro/rca_report.md",
      "stage": "repro",
      "role": "root_cause_analysis",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after repro stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "repro/validation_verdict.json",
      "stage": "repro",
      "role": "validation_verdict",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after repro stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "logs/vuln_container.log",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/vuln_exploit.log",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/vuln_metadata_http.txt",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/vuln_exploit.json",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/vuln_marker_check.txt",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/fixed_container.log",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/fixed_exploit.log",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/fixed_exploit.json",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/fixed_marker_check.txt",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/variant_summary.json",
      "stage": "vuln_variant",
      "role": "validation_verdict",
      "destination": "session_replay",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Structured summary of all variant test results: 3/3 reproduced on vulnerable, 0/4 on fixed, no bypass found",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "artifacts/vuln_variant_A.json",
      "stage": "vuln_variant",
      "role": "request_response",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Proof that Python evaluator variant (INLINE+python) achieves unauthenticated RCE on vulnerable 3.22.3 — separate GraalVM context builder from the JS path",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "artifacts/vuln_variant_B.json",
      "stage": "vuln_variant",
      "role": "request_response",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Proof that LAMBDA task variant achieves unauthenticated RCE on vulnerable 3.22.3 — different task type reaching same ScriptEvaluator sink",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "artifacts/fixed_variant_A.json",
      "stage": "vuln_variant",
      "role": "validation_verdict",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Proof that Python evaluator variant is BLOCKED on fixed 3.30.2 (FAILED_WITH_TERMINAL_ERROR) — fix covers the PythonEvaluator sink",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "artifacts/fixed_variant_D.json",
      "stage": "vuln_variant",
      "role": "validation_verdict",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Proof that Java.type() bypass attempt is BLOCKED on fixed 3.30.2 (FAILED_WITH_TERMINAL_ERROR) — allowHostClassLoading(false) blocks host-class-lookup RCE",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "artifacts/vuln_variant_marker_check.txt",
      "stage": "vuln_variant",
      "role": "marker_output",
      "destination": "warm_safe_cache",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Independent confirmation via docker exec that the RCE marker file was written inside the vulnerable container filesystem",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "logs/vuln_variant_steps.log",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/vuln_variant/fixed_version.txt",
      "stage": "vuln_variant",
      "role": "runtime_manifest",
      "destination": "warm_safe_cache",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Records the exact fixed version commit SHA (2bea5078...) and fix commit SHAs for source identity verification",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "vuln_variant/reproduction_steps.sh",
      "stage": "vuln_variant",
      "role": "primary_reproducer",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after vuln_variant stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "vuln_variant/rca_report.md",
      "stage": "vuln_variant",
      "role": "root_cause_analysis",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after vuln_variant stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "vuln_variant/patch_analysis.md",
      "stage": "vuln_variant",
      "role": "patch_analysis",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after vuln_variant stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "vuln_variant/variant_manifest.json",
      "stage": "vuln_variant",
      "role": "variant_manifest",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after vuln_variant stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "vuln_variant/validation_verdict.json",
      "stage": "vuln_variant",
      "role": "validation_verdict",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after vuln_variant stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "vuln_variant/source_identity.json",
      "stage": "vuln_variant",
      "role": "source_identity",
      "destination": "variant_candidate",
      "required_for_verdict": false,
      "publishable": true,
      "reason": "Auto-declared supplemental vuln_variant stage artifact",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "vuln_variant/runtime_manifest.json",
      "stage": "vuln_variant",
      "role": "runtime_manifest",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared supplemental vuln_variant stage artifact",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "vuln_variant/root_cause_equivalence.json",
      "stage": "vuln_variant",
      "role": "root_cause_analysis",
      "destination": "variant_candidate",
      "required_for_verdict": false,
      "publishable": true,
      "reason": "Auto-declared supplemental vuln_variant stage artifact",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "logs/vuln_variant_A.log",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/vuln_variant_B.log",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/vuln_variant_C.log",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/variant_vuln_container.log",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/variant_fixed_container.log",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/vuln_variant_A.json",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/vuln_variant_B.json",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/vuln_variant_C.json",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/vuln_variant_marker_check.txt",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/fixed_variant_A.json",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/fixed_variant_B.json",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/fixed_variant_C.json",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/fixed_variant_D.json",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/fixed_variant_marker_check.txt",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "artifacts/variant_summary.json",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/vuln_variant/fixed_version.txt",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/vuln_variant/vuln_version.txt",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    }
  ]
}
