{
  "entrypoint_kind": "source_and_cli_negative_probe",
  "entrypoint_detail": "Static side-by-side inspection of Nuclio Kubernetes cron-trigger CronJob generation in the vulnerable parent and fixed commit, plus local curl argv semantics probe for a header value beginning with @.",
  "service_started": false,
  "healthcheck_passed": true,
  "target_path_reached": true,
  "runtime_stack": [
    "git source checkout",
    "curl CLI semantics probe",
    "Nuclio pkg/platform/kube/functionres/lazy.go"
  ],
  "tested_versions": {
    "vulnerable_parent_checked": true,
    "fixed_commit_checked": true
  },
  "proof_artifacts": [
    "logs/vuln_variant/reproduction_steps.log",
    "logs/vuln_variant/source_identity.txt",
    "logs/vuln_variant/patch_diff.stat",
    "logs/vuln_variant/lazy_vulnerable_excerpt.txt",
    "logs/vuln_variant/lazy_fixed_excerpt.txt",
    "logs/vuln_variant/security_policy_scan.txt",
    "logs/vuln_variant/candidate_matrix.log",
    "logs/vuln_variant/curl_header_at_probe.log"
  ],
  "verdict": "no_variant_confirmed",
  "notes": "No bypass is confirmed. The fixed commit invokes curl directly with discrete argv entries and uses --data-raw for the body; no shell consumes header keys, header values, or body. The tested @-header candidate is curl option-level behavior, not OS command execution, and does not execute on the fixed target."
}
