{
  "entrypoint_kind": "operator",
  "entrypoint_detail": "Airflow DAG/operator execution of GCSToSFTPOperator using GCS wildcard listing and SFTP store_file against a server whose destination directory contains an attacker-influenceable symlink",
  "service_started": true,
  "healthcheck_passed": true,
  "target_path_reached": true,
  "runtime_stack": [
    "python3",
    "apache-airflow",
    "apache-airflow-providers-google",
    "apache-airflow-providers-sftp",
    "google-cloud-storage",
    "fake-gcs-server",
    "paramiko"
  ],
  "proof_artifacts": [
    "logs/vuln_variant_reproduction_steps.log",
    "logs/vuln_variant_attempt_22.1.0_1.json",
    "logs/vuln_variant_attempt_22.2.1_1.json"
  ],
  "notes": "Symlink traversal candidate tested on vulnerable and fixed provider versions. bypass_confirmed=true"
}