{
  "entrypoint_kind": "endpoint",
  "entrypoint_detail": "Unauthenticated HTTP POST candidates under /api/tunnel and /api/cli-tools",
  "service_started": true,
  "healthcheck_passed": true,
  "target_path_reached": true,
  "runtime_stack": [
    "9router npm package",
    "Next.js standalone server",
    "curl HTTP client",
    "PATH-local no-prompt sudo precondition shim"
  ],
  "tested_versions": {
    "vulnerable": "0.4.39",
    "fixed_or_latest": "0.5.20"
  },
  "verdict": "no_variant_confirmed",
  "proof_artifacts": [
    "logs/vuln_variant/fixed_c0_parent_install_baseline_http_code.txt",
    "logs/vuln_variant/fixed_c0_parent_install_baseline_marker.txt",
    "logs/vuln_variant/fixed_c0_parent_install_baseline_response.txt",
    "logs/vuln_variant/fixed_c1_install_trailing_slash_http_code.txt",
    "logs/vuln_variant/fixed_c1_install_trailing_slash_marker.txt",
    "logs/vuln_variant/fixed_c1_install_trailing_slash_response.txt",
    "logs/vuln_variant/fixed_c2_start_daemon_http_code.txt",
    "logs/vuln_variant/fixed_c2_start_daemon_marker.txt",
    "logs/vuln_variant/fixed_c2_start_daemon_response.txt",
    "logs/vuln_variant/fixed_c3_cli_tools_mitm_http_code.txt",
    "logs/vuln_variant/fixed_c3_cli_tools_mitm_marker.txt",
    "logs/vuln_variant/fixed_c3_cli_tools_mitm_response.txt",
    "logs/vuln_variant/fixed_server.log",
    "logs/vuln_variant/fixed_version.txt",
    "logs/vuln_variant/latest_version.txt",
    "logs/vuln_variant/reproduction_steps.log",
    "logs/vuln_variant/route_files.log",
    "logs/vuln_variant/shell_sink_scan.log",
    "logs/vuln_variant/source_scan_initial.log",
    "logs/vuln_variant/vuln_c0_parent_install_baseline_http_code.txt",
    "logs/vuln_variant/vuln_c0_parent_install_baseline_marker.txt",
    "logs/vuln_variant/vuln_c0_parent_install_baseline_response.txt",
    "logs/vuln_variant/vuln_c1_install_trailing_slash_http_code.txt",
    "logs/vuln_variant/vuln_c1_install_trailing_slash_marker.txt",
    "logs/vuln_variant/vuln_c1_install_trailing_slash_response.txt",
    "logs/vuln_variant/vuln_c2_start_daemon_http_code.txt",
    "logs/vuln_variant/vuln_c2_start_daemon_marker.txt",
    "logs/vuln_variant/vuln_c2_start_daemon_response.txt",
    "logs/vuln_variant/vuln_c3_cli_tools_mitm_http_code.txt",
    "logs/vuln_variant/vuln_c3_cli_tools_mitm_marker.txt",
    "logs/vuln_variant/vuln_c3_cli_tools_mitm_response.txt",
    "logs/vuln_variant/vuln_server.log",
    "logs/vuln_variant/vuln_sudo_shim.log"
  ]
}