{
  "schema_version": 1,
  "updated_at": "2026-07-05T05:58:38.995069795Z",
  "entries": [
    {
      "logical_path": "repro/reproduction_steps.sh",
      "stage": "repro",
      "role": "primary_reproducer",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after repro stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "repro/runtime_manifest.json",
      "stage": "repro",
      "role": "runtime_manifest",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared supplemental repro stage artifact",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "repro/validation_verdict.json",
      "stage": "repro",
      "role": "validation_verdict",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after repro stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "repro/rca_report.md",
      "stage": "repro",
      "role": "root_cause_analysis",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after repro stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "logs/results_summary.txt",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/vuln_marker.txt",
      "stage": "repro",
      "role": "crash_trace",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Marker file written by the attacker-controlled shell command inside the Kestra worker, owned by kestra:kestra, containing the run-unique PWNED_KESTRA_RCE token — direct RCE evidence.",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "logs/vuln_create_flow_resp.txt",
      "stage": "repro",
      "role": "request_response",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "HTTP 200 response body for the unauthenticated POST /api/v1/main/flows/configs request, returning the created flow with the attacker shell task.",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "logs/vuln_trigger_resp.txt",
      "stage": "repro",
      "role": "request_response",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "HTTP 200 response body for the unauthenticated POST /api/v1/main/executions/trigger/configs/configs request, returning the execution whose task run reached SUCCESS.",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "repro/malicious_flow.yaml",
      "stage": "repro",
      "role": "marker_output",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "The exact malicious flow source submitted unauthenticated to create the shell-task flow (id=configs, namespace=configs, Process runner, marker command).",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "logs/vuln_create_flow_resp.txt",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/vuln_trigger_resp.txt",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/vuln_marker.txt",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/vuln_container.log",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/fixed_bypass_resp.txt",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/fixed_create_flow_resp.txt",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/fixed_trigger_resp.txt",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/fixed_marker.txt",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "logs/fixed_container.log",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "repro/malicious_flow.yaml",
      "stage": "repro",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Referenced by runtime_manifest.proof_artifacts",
      "declared_by": "runtime_manifest"
    },
    {
      "logical_path": "vuln_variant/reproduction_steps.sh",
      "stage": "vuln_variant",
      "role": "primary_reproducer",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after vuln_variant stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "logs/variant_results_summary.txt",
      "stage": "vuln_variant",
      "role": "proof_log",
      "destination": "public_evidence",
      "required_for_verdict": false,
      "publishable": true,
      "reason": "Annotated HTTP status codes for every variant request on both versions plus the verdict flags (ALTERNATE_TRIGGER_ON_VULNERABLE=yes, BYPASS_RCE_ON_FIXED=no).",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "logs/variant_vuln_marker.txt",
      "stage": "vuln_variant",
      "role": "marker_output",
      "destination": "public_evidence",
      "required_for_verdict": false,
      "publishable": true,
      "reason": "Marker file written by the attacker shell command via the open-webhook alternate trigger on v1.0.44 (owned by kestra:kestra) -- proves RCE.",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "logs/variant_vuln_trigger_resp.txt",
      "stage": "vuln_variant",
      "role": "request_response",
      "destination": "public_evidence",
      "required_for_verdict": false,
      "publishable": true,
      "reason": "200 webhook trigger response on v1.0.44: execution with flowId=configs, trigger=Webhook, state=SUCCESS -- proves the alternate-trigger path reached execution.",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "logs/variant_fixed_webhook_resp.txt",
      "stage": "vuln_variant",
      "role": "request_response",
      "destination": "public_evidence",
      "required_for_verdict": false,
      "publishable": true,
      "reason": "404 \"Flow not found\" (NOT 401) on fixed v1.0.45 -- proves the isOpenUrl webhook branch bypassed auth on the fixed version (latent unauthenticated trigger surface; flow not found so no RCE).",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "vuln_variant/validation_verdict.json",
      "stage": "vuln_variant",
      "role": "validation_verdict",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after vuln_variant stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "vuln_variant/variant_manifest.json",
      "stage": "vuln_variant",
      "role": "variant_manifest",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after vuln_variant stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "vuln_variant/source_identity.json",
      "stage": "vuln_variant",
      "role": "source_identity",
      "destination": "variant_candidate",
      "required_for_verdict": false,
      "publishable": true,
      "reason": "Auto-declared supplemental vuln_variant stage artifact",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "vuln_variant/patch_analysis.md",
      "stage": "vuln_variant",
      "role": "patch_analysis",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after vuln_variant stage deliverable validation",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "vuln_variant/rca_report.md",
      "stage": "vuln_variant",
      "role": "summary_report",
      "destination": "public_evidence",
      "required_for_verdict": false,
      "publishable": true,
      "reason": "Variant RCA report following the variant template: summary, fix coverage, alternate trigger, impact parity, root cause, reproduction, evidence, recommendations.",
      "declared_by": "agent_tool"
    },
    {
      "logical_path": "vuln_variant/runtime_manifest.json",
      "stage": "vuln_variant",
      "role": "runtime_manifest",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared supplemental vuln_variant stage artifact",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "vuln_variant/root_cause_equivalence.json",
      "stage": "vuln_variant",
      "role": "root_cause_analysis",
      "destination": "variant_candidate",
      "required_for_verdict": false,
      "publishable": true,
      "reason": "Auto-declared supplemental vuln_variant stage artifact",
      "declared_by": "stage_validator"
    },
    {
      "logical_path": "vuln_variant/rca_report.md",
      "stage": "vuln_variant",
      "role": "root_cause_analysis",
      "destination": "variant_candidate",
      "required_for_verdict": true,
      "publishable": true,
      "reason": "Auto-declared after vuln_variant stage deliverable validation",
      "declared_by": "stage_validator"
    }
  ]
}
