{
  "entrypoint_kind": "api_remote",
  "entrypoint_detail": "JeecgBoot 3.9.2 HTTP API at http://127.0.0.1:8080/jeecg-boot - /openapi/auth/* endpoints (OpenApiAuthController)",
  "service_started": true,
  "healthcheck_passed": true,
  "target_path_reached": true,
  "runtime_stack": [
    "mariadb",
    "redis",
    "jeecgboot-3.9.2-springboot3-jar"
  ],
  "proof_artifacts": [
    "logs/jeecgboot_app.log",
    "artifacts/http/login_ceshi_response.json",
    "artifacts/http/openapi_auth_list_response.json",
    "artifacts/http/openapi_auth_add_response.json",
    "artifacts/http/openapi_auth_delete_response.json",
    "artifacts/http/openapi_auth_genAKSK_response.json",
    "artifacts/http/openapi_add_negcontrol_response.json",
    "artifacts/http/login_admin_response.json",
    "artifacts/http/openapi_add_admin_response.json"
  ],
  "notes": "Low-priv user (ceshi/test role) performed full CRUD on OpenAPI credentials via /openapi/auth/* endpoints lacking Shiro @RequiresRoles annotations. Admin AK/SK read in plaintext. Negative control: /openapi/add with @RequiresRoles(admin) rejected low-priv user."
}
