SPARTAN Evidence Capsule — Reviewer Report
- Capsule path
dist/spartan-sample-capsule-v0.1/evidence.tar.gz- Schema
spartan.evidence_capsule.v0.1- Source run
run_2026-05-04T04-36-01.158Z_60156b4c- Capsule ID
6409463f0c788d8c5602b280bd7405fd1ee0080a8233c26caa72bfa6e7dbd4e7- Created
2026-05-04T04:36:17.868Z- SPARTAN version
1.2.0-higgs- Redaction policy
v1
Verification summary
Outcomes reported by spartan capsule verify against this capsule. SIGNATURE and REPLAY are reserved vocabulary and always report NOT_PRESENT in v0.1.
| Level | Outcome | Details |
|---|
STRUCTURE |
PASS |
— |
REDACTION |
PASS |
— |
AUDIT_DIGEST |
PASS |
expected_root_hash=5f7de1c5fba1e6f9db0a66169f9d574d8b2eca815f98288b75e4587a2d9eec28
|
SIGNATURE |
NOT_PRESENT |
— |
REPLAY |
NOT_PRESENT |
— |
What was scanned
Distilled from the capsule's summary.json. All values have already passed through SPARTAN's redaction engine and the post-build residue scan.
| Field | Value |
|---|
| Repo identifier (redacted) | examples/demo-repo |
| Commit ref | snapshot:demo-repo-v1 |
| Commit sha | b42163c792cb51a8cc6ea778fad6bc267269ed6c |
| Mode | VALIDATE_SAFE |
| Working tree status | DIRTY |
| Working tree dirty | true |
| Pinned snapshot id | 52b79eb432526addceb45330a6be6ffb8a2c445fd71b67c69cae236452c11d6b |
| Input corpus hash | 725fd587d4039b4318f8850e4c2719f6f2833ec705344c60e4400cfb7741406e |
| Intake policy hash | a541d4a294d4abfd7a33b3fdb50e7c48d087164de0a3d8a2a18d69168b1a7d00 |
| Validator bundle hash | 2f968ff52f5743f30815a7dbd4c11bcc168a878d7208090f23793f871e795c95 |
| Timestamp | 2026-05-04T04:36:01.158Z |
| v2 run id | 019df145-9006-747c-846b-db1148bfe52a |
| CI parity kind | UNKNOWN |
| Validate audit event ref | audit_d4ccb5b6e0f0 |
Findings
11 finding(s). By evidence tier: ANALYST_HYPOTHESIS=9, EVIDENCE_BACKED=2. By risk class: CRITICAL=1, HIGH=10.
| Finding ID | Type | Evidence tier | Risk class | File paths | Reasoning |
|---|
finding_6f836709847f |
hardcoded_secrets |
EVIDENCE_BACKED |
CRITICAL |
src/app.ts |
Deterministic secret detector confirmed a redacted secret marker in executable code at src/app.ts:6. |
finding_5d970445aef7 |
vulnerable_dependencies |
EVIDENCE_BACKED |
HIGH |
package.json |
Dependency manifest entry lodash@4.17.20 falls inside the local demonstration vulnerable range < 4.17.21. |
finding_626ec6aa0ed5 |
unsafe_deserialization_patterns |
ANALYST_HYPOTHESIS |
HIGH |
src/server.py |
Static rule hit found yaml.load at src/server.py:12, and the corresponding module import confirms an unsafe deserialization pattern in pinned source. |
finding_8da1796b4962 |
missing_auth_on_declared_routes |
ANALYST_HYPOTHESIS |
HIGH |
src/app.ts |
Declared route <REDACTED:ABSOLUTE_PATH>:id is unprotected and the file contains no auth signals, so SPARTAN cannot find any route-level protection cues in the same module. |
finding_1d0c68f0ec53 |
missing_auth_on_declared_routes |
ANALYST_HYPOTHESIS |
HIGH |
src/app.ts |
Declared route <REDACTED:ABSOLUTE_PATH>:name is unprotected and the file contains no auth signals, so SPARTAN cannot find any route-level protection cues in the same module. |
finding_17fe99ca832e |
missing_auth_on_declared_routes |
ANALYST_HYPOTHESIS |
HIGH |
src/server.py |
Declared route <REDACTED:ABSOLUTE_PATH> is unprotected and the file contains no auth signals, so SPARTAN cannot find any route-level protection cues in the same module. |
finding_781289d0a1ae |
missing_auth_on_declared_routes |
ANALYST_HYPOTHESIS |
HIGH |
src/server.py |
Declared route <REDACTED:ABSOLUTE_PATH><report_id> is unprotected and the file contains no auth signals, so SPARTAN cannot find any route-level protection cues in the same module. |
finding_f81e4795845f |
missing_auth_on_declared_routes |
ANALYST_HYPOTHESIS |
HIGH |
src/server.py |
Declared route <REDACTED:ABSOLUTE_PATH><filename> is unprotected and the file contains no auth signals, so SPARTAN cannot find any route-level protection cues in the same module. |
finding_4ea7beb87904 |
sql_string_interpolation |
ANALYST_HYPOTHESIS |
HIGH |
src/server.py |
Deterministic AST scan found interpolated SQL flowing into cursor.execute at src/server.py:21. |
finding_44a9d33b1c31 |
path_traversal_patterns |
ANALYST_HYPOTHESIS |
HIGH |
src/server.py |
Static source-to-sink scan found filename flowing into os.path.join -> open at src/server.py:33 without an allowlisted sanitization step. |
finding_86b3f17afeae |
path_traversal_patterns |
ANALYST_HYPOTHESIS |
HIGH |
src/server.py |
Static source-to-sink scan found filename flowing into os.path.join at src/server.py:33 without an allowlisted sanitization step. |
Redaction report
Redaction policy version: v1. Patterns applied: HOME_PATH, TEMP_PATH, ABSOLUTE_PATH, USERNAME, HOSTNAME, GIT_REMOTE.
Redaction counts
| Pattern | Count |
|---|
HOME_PATH | 11 |
TEMP_PATH | 0 |
ABSOLUTE_PATH | 15 |
USERNAME | 0 |
HOSTNAME | 0 |
GIT_REMOTE | 0 |
Fields excluded from the capsule
working_tree_unstaged.patchworking_tree_staged.patchworking_tree_untracked_manifest.jsonworking_tree_status.txtscanned_file_manifest.jsonraw_memory_journalrepo_identifier_rawexecution_context_ref.execution_identity
Residue scan
Status: OK. Files checked: manifest.json, summary.json, findings.json, redaction_report.json, audit_digest.json.
Audit digest
- Algorithm
sha256- Source run
run_2026-05-04T04-36-01.158Z_60156b4c- Event count
- 1
- Digest root hash
5f7de1c5fba1e6f9db0a66169f9d574d8b2eca815f98288b75e4587a2d9eec28
| Event ID | Timestamp | Tool | Mode |
|---|
audit_d4ccb5b6e0f0 | 2026-05-04T04:36:01.173Z | validate | VALIDATE_SAFE |
The audit digest covers only events referenced by this run. It is not a global ledger replay; it is a local consistency proof against the events the capsule carries.
Explicit non-claims
- Not signed. Capsule v0.1 has no operator signature.
SIGNATURE is reserved as a verification level and is always reported NOT_PRESENT.
- Not replay-verified. The capsule does not contain runtime artifacts.
REPLAY is reserved and always reported NOT_PRESENT.
- Not hermetic. SPARTAN's hermetic execution and replay specifications are
DESIGN_ONLY / NON_AUTHORIZING. The capsule does not assert hermetic execution.
- No live-system authority. Building or verifying a capsule does not block, gate, or alter any deploy, promotion, PR, or trade in any client system.
Reviewer next steps
- Re-verify locally:
spartan capsule verify dist/spartan-sample-capsule-v0.1/evidence.tar.gz
- Read the full reviewer brief:
docs/spartan/SPARTAN_CAPSULE_V0_1_REVIEWER_BRIEF.md
- Read the product boundary:
docs/spartan/PRODUCT_BOUNDARY.md
Known limitations (from docs/spartan/SPARTAN_CAPSULE_V0_1_REVIEWER_BRIEF.md)
- Capsule v0.1 is unsigned and does not carry replay or runtime artifacts.
- Hermetic execution specs are design-only.
- Validator breadth is intentionally bounded.
- Calibration does not yet learn from overrides; overrides survive reruns but do not adjust future tier inference.
- Suspected-secret detection is a denylist of known patterns; AWS secret keys are detected only when adjacent to a known label (
aws_secret_access_key, secretAccessKey, or aws_secret).
- Username scrub requires
length ≥ 3 and skips literal root / user / admin / test case-insensitively.
- Hostname scrub requires
length ≥ 3.
- Generic absolute-path redaction (POSIX) requires a delimiter before the leading slash.
- Archive verification rejects archives over 25 MiB uncompressed or with 33 or more entries.
content_root_hash commits to the manifest inventory; per-file integrity comes from the per-entry sha256.AUDIT_DIGEST and REDACTION can pass trivially when their checked inputs are empty (zero audit events or zero findings).