audit: classify 2 FFI unsafe findings as legitimate (PA001/PA007)#153
Closed
hyperpolymath wants to merge 1 commit into
Closed
audit: classify 2 FFI unsafe findings as legitimate (PA001/PA007)#153hyperpolymath wants to merge 1 commit into
hyperpolymath wants to merge 1 commit into
Conversation
panic-attack assail flags 2 UnsafeCode/UnsafeFFI Critical/High findings under ffi/zig/src/ — all at the Zig→C ABI boundary for the Idris2 backend (cartridge runtime, federation, etc.). This classification is separate from the class-J primitive axioms tracked in the backend-assurance harness; that concerns the Idris2 trusted base, not the Zig FFI layer. Adds: - audits/assail-classifications.a2ml (2 entries, classification=legitimate-ffi) - audits/audit-ffi-2026-05-26.md Refs hyperpolymath/panic-attack#32. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
🔍 Hypatia Security ScanFindings: 151 issues detected
View findings[
{
"reason": "Stale AI session file -- delete",
"type": "stale",
"file": "GEMINI.md",
"action": "delete",
"rule_module": "root_hygiene",
"severity": "medium"
},
{
"reason": "Action hyperpolymath/standards/.github/workflows/governance-reusable.yml@main needs attention",
"type": "unpinned_action",
"file": "governance.yml",
"action": "pin_sha",
"rule_module": "workflow_audit",
"severity": "high"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/sanctify-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/academic-workflow-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/fireflag-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/ephapax-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/bofig-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/cartridges/hesiod-mcp/adapter/mod.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "TypeScript file detected -- banned language",
"type": "banned_language_file",
"file": "/home/runner/work/boj-server/boj-server/mcp-bridge/main.d.ts",
"action": "flag",
"rule_module": "cicd_rules",
"severity": "critical"
},
{
"reason": "believe_me undermines formal verification (1 occurrences, CWE-704)",
"type": "believe_me",
"file": "/home/runner/work/boj-server/boj-server/src/abi/Boj/SafeHTTP.idr",
"action": "flag",
"rule_module": "code_safety",
"severity": "critical"
}
]Powered by Hypatia Neurosymbolic CI/CD Intelligence |
hyperpolymath
added a commit
that referenced
this pull request
May 26, 2026
Adds the 2 ffi/zig/src/{federation,cartridge_shim}.zig entries from PR #153
to this PR so a single audits/assail-classifications.a2ml lands without a
merge conflict between the two PRs.
Total entries: 119 (117 cartridge + 2 backend FFI).
Refs hyperpolymath/panic-attack#32. Supersedes #153.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Owner
Author
|
Superseded by #154, which bundles these 2 backend FFI entries with the 117 cartridge-shim entries into a single |
hyperpolymath
added a commit
that referenced
this pull request
May 26, 2026
…154) ## Summary `panic-attack assail` reports **119** `UnsafeCode` (PA001) + `UnsafeFFI` (PA007) Critical/High findings under `cartridges/*/ffi/cartridge_shim.zig` (117) and `ffi/zig/src/{federation,cartridge_shim}.zig` (2). All sit at the Zig↔C ABI boundary. **This PR supersedes #153** (which covered only the 2 backend FFI entries). Bundled into one PR to avoid an `audits/assail-classifications.a2ml` merge conflict. ## What changes - `audits/assail-classifications.a2ml` — 119 entries, `classification=legitimate-ffi`. - `audits/audit-ffi-2026-05-26.md` — auditor record + anti-gameability note. ## Scope Classification is **scoped to** `cartridges/` and the two named files in `ffi/zig/src/`. Any unsafe block outside those roots (incl. anywhere else in `ffi/zig/src/`) remains visible. This is **separate from** the class-J primitive axioms tracked in the backend-assurance harness (those concern the Idris2 trusted base, not the Zig FFI layer). ## Anti-gameability Same pattern as the rest of the estate sweep — registry is a separate file from source under scan; new unsafe in a classified root requires a companion classification entry + audit-doc update, both visible. ## Verification Locally: `panic-attack assail . --headless` reports the 119 findings as `suppressed: true` on this branch. Refs hyperpolymath/panic-attack#32. 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
panic-attack assail reports 2 UnsafeCode (PA001) + UnsafeFFI (PA007) Critical/High findings under
ffi/zig/src/(cartridge runtime, federation, etc.) — all at the Zig→C ABI boundary for the Idris2 backend.What changes
Scope distinction
This is separate from the class-J primitive axioms tracked in the backend-assurance harness (those concern the Idris2 trusted base, not the Zig FFI layer).
Same pattern as svalinn#11, proven#67, gossamer#54, docudactyl#20, proven-servers#11, aerie#35.
Refs hyperpolymath/panic-attack#32.
🤖 Generated with Claude Code