partly or unimplemented features - now implemented

docs/features/unchecked/riskengine/exploit-maturity-mapping.md

@@ -0,0 +1,33 @@
+# Exploit Maturity Mapping
+
+## Status
+IMPLEMENTED
+
+## Description
+No dedicated exploit maturity mapping service found. The EPSS provider in RiskEngine may partially cover this.
+
+## Module
+RiskEngine
+
+## What's Implemented
+- **EPSS provider**: `src/RiskEngine/StellaOps.RiskEngine/StellaOps.RiskEngine.Core/Providers/EpssProvider.cs` (implements `IRiskScoreProvider`)
+- **Combined CVSS+KEV+EPSS**: `CvssKevEpssProvider` in same file
+- **Scanner EPSS**: `src/Scanner/__Libraries/StellaOps.Scanner.Storage/Epss/EpssProvider.cs`
+- **EPSS API endpoints**: `src/Scanner/StellaOps.Scanner.WebService/Endpoints/EpssEndpoints.cs`
+- **Golden benchmark corpus**: `src/__Tests/__Benchmarks/golden-corpus/` (includes EPSS/KEV scoring)
+- **SBOM vulnerability assessment**: `src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Models/SbomVulnerabilityAssessmentType.cs`
+- **Policy-level exploit scoring**: `UnknownRanker` uses `EpssScore` for prioritization
+- **Tests**: `src/Scanner/__Tests/StellaOps.Scanner.Storage.Tests/EpssProviderTests.cs`
+
+## What's Missing
+- Dedicated "exploit maturity mapping" service consolidating all maturity signals (EPSS, KEV, in-the-wild reports) into a unified maturity level (e.g., POC/Active/Weaponized)
+- Exploit maturity lifecycle tracking over time
+- Integration of in-the-wild exploitation reports beyond KEV
+
+## Implementation Plan
+- Create unified exploit maturity service that combines EPSS, KEV, and in-the-wild signals
+- Define maturity level taxonomy (POC/Active/Weaponized)
+- Expose maturity level in finding detail UI
+
+## Source
+- Feature matrix scan