azcomputerguru/guru-connect
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
5ee66753371f5ccb85c4c7cc9efb14cb13698dbe
guru-connect/reports
History
Mike Swanson 9f44807230
Some checks failed
Build and Test / Build Agent (Windows) (push) Successful in 7m1s
Details
Build and Test / Build Server (Linux) (push) Successful in 10m17s
Details
Build and Test / Security Audit (push) Has started running
Details
Build and Test / Build Summary (push) Has been cancelled
Details
audit: security pass re-audit (2026-05-30) — 3 CRITICALs verified CLOSED 
Independent /gc-audit --pass=security re-derivation of the v2 secure-session-core
rebuild: all three 2026-05-29 relay CRITICALs confirmed closed with no bypass
(any-JWT-joins-session, viewer-WS blacklist, JWT-as-agent-key). Relay plane clean;
consent/code paths fail closed; abuse surface bounded; rate limiting proxy-aware.
Net-new: 1 HIGH (agent auto-update disables TLS cert verification -> MITM-RCE,
agent/src/update.rs:45,111 — outside the relay plane), 1 LOW (chat content logged),
2 INFO. Report: reports/2026-05-30-gc-audit.md.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-30 18:48:48 -07:00
..
2026-05-29-gc-audit.md
docs(audit): add inaugural gc-audit report 2026-05-29
2026-05-29 17:46:26 -07:00
2026-05-30-gc-audit.md
audit: security pass re-audit (2026-05-30) — 3 CRITICALs verified CLOSED
2026-05-30 18:48:48 -07:00