{
  "entrypoint_kind": "api_remote",
  "entrypoint_detail": "CRI gRPC CreateContainer checkpoint import with config.dump rootfsImageRef using NAME@DIGEST instead of a tag; followed by normal victim CreateContainer/StartContainer for the poisoned local tag",
  "service_started": true,
  "healthcheck_passed": true,
  "target_path_reached": true,
  "runtime_stack": [
    "docker privileged runner",
    "containerd v2.2.2",
    "containerd v2.2.5 fixed control",
    "runc",
    "CNI ptp",
    "local registry:2"
  ],
  "variant_candidate": "digest_rootfsImageRef_tag_poisoning",
  "final_verdict": "no bypass: digest-form alternate trigger works only on vulnerable version and is covered by v2.2.5 fix",
  "proof_artifacts": [
    "logs/vuln_variant/digest_variant_summary.txt",
    "logs/vuln_variant/vulnerable_v222_digest_variant_evidence.txt",
    "logs/vuln_variant/fixed_v225_digest_variant_evidence.txt",
    "logs/vuln_variant/reproduction_steps.log"
  ]
}
