{
  "entrypoint_kind": "endpoint",
  "entrypoint_detail": "GET /model/info authenticated with alternate API-Key and x-litellm-api-key headers instead of Authorization Bearer",
  "service_started": true,
  "healthcheck_passed": true,
  "target_path_reached": true,
  "runtime_stack": [
    "postgresql",
    "litellm-proxy"
  ],
  "variant_stage_result": "alternate_trigger_blocked_by_fix",
  "proof_artifacts": [
    "logs/vuln_variant/reproduction_steps.log",
    "logs/vuln_variant/fixed_version.txt",
    "logs/vuln_variant/source_delta_variant.txt",
    "logs/vuln_variant/postgres_variant.log",
    "logs/vuln_variant/vulnerable_api_key_header.txt",
    "logs/vuln_variant/fixed_api_key_header.txt",
    "logs/vuln_variant/vulnerable_x_litellm_header.txt",
    "logs/vuln_variant/fixed_x_litellm_header.txt",
    "vuln_variant/result.json"
  ],
  "notes": "The alternate header sources reach the same combined_view token lookup in the vulnerable package, but the fixed package parameterizes that sink, so no fixed-version bypass is confirmed."
}