Skip to content

audit: classify 119 FFI unsafe findings as legitimate (PA001/PA007)#154

Merged
hyperpolymath merged 2 commits into
mainfrom
panic-fix/PA001-cartridges-ffi-legitimate
May 26, 2026
Merged

audit: classify 119 FFI unsafe findings as legitimate (PA001/PA007)#154
hyperpolymath merged 2 commits into
mainfrom
panic-fix/PA001-cartridges-ffi-legitimate

Conversation

@hyperpolymath
Copy link
Copy Markdown
Owner

@hyperpolymath hyperpolymath commented May 26, 2026
edited
Loading

Summary

panic-attack assail reports 119 UnsafeCode (PA001) + UnsafeFFI (PA007) Critical/High findings under cartridges/*/ffi/cartridge_shim.zig (117) and ffi/zig/src/{federation,cartridge_shim}.zig (2). All sit at the Zig↔C ABI boundary.

This PR supersedes #153 (which covered only the 2 backend FFI entries). Bundled into one PR to avoid an audits/assail-classifications.a2ml merge conflict.

What changes

  • audits/assail-classifications.a2ml — 119 entries, classification=legitimate-ffi.
  • audits/audit-ffi-2026-05-26.md — auditor record + anti-gameability note.

Scope

Classification is scoped to cartridges/ and the two named files in ffi/zig/src/. Any unsafe block outside those roots (incl. anywhere else in ffi/zig/src/) remains visible.

This is separate from the class-J primitive axioms tracked in the backend-assurance harness (those concern the Idris2 trusted base, not the Zig FFI layer).

Anti-gameability

Same pattern as the rest of the estate sweep — registry is a separate file from source under scan; new unsafe in a classified root requires a companion classification entry + audit-doc update, both visible.

Verification

Locally: panic-attack assail . --headless reports the 119 findings as suppressed: true on this branch.

Refs hyperpolymath/panic-attack#32.

🤖 Generated with Claude Code

hyperpolymath and others added 2 commits May 26, 2026 09:29
@hyperpolymath @claude
audit: classify 117 FFI/systems unsafe findings as legitimate (PA001/…
16ba8af 
…PA007)

panic-attack assail flags 117 UnsafeCode/UnsafeFFI Critical/High findings
under cartridges/ — all at the C-ABI / syscall / kernel boundary.

Rationale: boj-server's cartridges/ tree contains ~114 MCP (Model Context Protocol) cartridges, each with an identical ffi/cartridge_shim.zig that wraps the cartridge's host-side C ABI. Every cartridge_shim.zig has the same pattern: extern C declarations + an unsafe pointer cast for the cartridge handle. These are all at the C-ABI boundary and required by Zig to call across.

Adds:
- audits/assail-classifications.a2ml (entries=117, classification=legitimate-ffi)
- audits/audit-ffi-2026-05-26.md

Anti-gameability: registry is separate from source under scan; new unsafe
inside a classified root requires a companion classification entry.

Refs hyperpolymath/panic-attack#32 (estate sweep tracker).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@hyperpolymath @claude
audit: extend cartridge bundle to subsume backend FFI (#153)
90af892 
Adds the 2 ffi/zig/src/{federation,cartridge_shim}.zig entries from PR #153
to this PR so a single audits/assail-classifications.a2ml lands without a
merge conflict between the two PRs.

Total entries: 119 (117 cartridge + 2 backend FFI).

Refs hyperpolymath/panic-attack#32. Supersedes #153.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 26, 2026

🔍 Hypatia Security Scan

Findings: 151 issues detected

Severity Count
🔴 Critical 18
🟠 High 124
🟡 Medium 9

⚠️ Action Required: Critical security issues found!

View findings 
[
  {
    "reason": "Stale AI session file -- delete",
    "type": "stale",
    "file": "GEMINI.md",
    "action": "delete",
    "rule_module": "root_hygiene",
    "severity": "medium"
  },
  {
    "reason": "Action hyperpolymath/standards/.github/workflows/governance-reusable.yml@main needs attention",
    "type": "unpinned_action",
    "file": "governance.yml",
    "action": "pin_sha",
    "rule_module": "workflow_audit",
    "severity": "high"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/boj-server/boj-server/cartridges/sanctify-mcp/adapter/mod.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/boj-server/boj-server/cartridges/academic-workflow-mcp/adapter/mod.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/boj-server/boj-server/cartridges/fireflag-mcp/adapter/mod.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/boj-server/boj-server/cartridges/ephapax-mcp/adapter/mod.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/boj-server/boj-server/cartridges/bofig-mcp/adapter/mod.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/boj-server/boj-server/cartridges/hesiod-mcp/adapter/mod.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/boj-server/boj-server/mcp-bridge/main.d.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "believe_me undermines formal verification (1 occurrences, CWE-704)",
    "type": "believe_me",
    "file": "/home/runner/work/boj-server/boj-server/src/abi/Boj/SafeHTTP.idr",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "critical"
  }
]

Powered by Hypatia Neurosymbolic CI/CD Intelligence

@hyperpolymath hyperpolymath changed the title audit: classify 117 FFI/systems unsafe findings as legitimate (PA001/PA007) audit: classify 119 FFI unsafe findings as legitimate (PA001/PA007) May 26, 2026
@hyperpolymath hyperpolymath mentioned this pull request May 26, 2026
Closed
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 26, 2026

🔍 Hypatia Security Scan

Findings: 151 issues detected

Severity Count
🔴 Critical 18
🟠 High 124
🟡 Medium 9

⚠️ Action Required: Critical security issues found!

View findings 
[
  {
    "reason": "Stale AI session file -- delete",
    "type": "stale",
    "file": "GEMINI.md",
    "action": "delete",
    "rule_module": "root_hygiene",
    "severity": "medium"
  },
  {
    "reason": "Action hyperpolymath/standards/.github/workflows/governance-reusable.yml@main needs attention",
    "type": "unpinned_action",
    "file": "governance.yml",
    "action": "pin_sha",
    "rule_module": "workflow_audit",
    "severity": "high"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/boj-server/boj-server/cartridges/sanctify-mcp/adapter/mod.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/boj-server/boj-server/cartridges/academic-workflow-mcp/adapter/mod.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/boj-server/boj-server/cartridges/fireflag-mcp/adapter/mod.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/boj-server/boj-server/cartridges/ephapax-mcp/adapter/mod.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/boj-server/boj-server/cartridges/bofig-mcp/adapter/mod.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/boj-server/boj-server/cartridges/hesiod-mcp/adapter/mod.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "TypeScript file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/boj-server/boj-server/mcp-bridge/main.d.ts",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "believe_me undermines formal verification (1 occurrences, CWE-704)",
    "type": "believe_me",
    "file": "/home/runner/work/boj-server/boj-server/src/abi/Boj/SafeHTTP.idr",
    "action": "flag",
    "rule_module": "code_safety",
    "severity": "critical"
  }
]

Powered by Hypatia Neurosymbolic CI/CD Intelligence

This was referenced May 26, 2026
Open
Closed
@hyperpolymath hyperpolymath merged commit 56d3ed5 into main May 26, 2026
19 of 20 checks passed
@hyperpolymath hyperpolymath deleted the panic-fix/PA001-cartridges-ffi-legitimate branch May 26, 2026 11:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hyperpolymath