Rename Vexer to Excititor
This commit is contained in:
23
src/StellaOps.Excititor.Connectors.MSRC.CSAF/AGENTS.md
Normal file
23
src/StellaOps.Excititor.Connectors.MSRC.CSAF/AGENTS.md
Normal file
@@ -0,0 +1,23 @@
|
||||
# AGENTS
|
||||
## Role
|
||||
Connector for Microsoft Security Response Center (MSRC) CSAF advisories, handling authenticated downloads, throttling, and raw document persistence.
|
||||
## Scope
|
||||
- MSRC API onboarding (AAD client credentials), metadata discovery, and CSAF listing retrieval.
|
||||
- Download pipeline with retry/backoff, checksum validation, and document deduplication.
|
||||
- Mapping MSRC-specific identifiers (CVE, ADV, KB) and remediation guidance into connector metadata.
|
||||
- Emitting trust metadata (AAD issuer, signing certificates) for policy weighting.
|
||||
## Participants
|
||||
- Worker schedules MSRC pulls honoring rate limits; WebService may trigger manual runs for urgent updates.
|
||||
- CSAF normalizer processes retrieved documents into claims.
|
||||
- Policy subsystem references connector trust hints for consensus scoring.
|
||||
## Interfaces & contracts
|
||||
- Implements `IVexConnector`, requires configuration options for tenant/client/secret or managed identity.
|
||||
- Uses shared HTTP helpers, resume markers, and telemetry from Abstractions module.
|
||||
## In/Out of scope
|
||||
In: authenticated fetching, raw document storage, metadata mapping, retry logic.
|
||||
Out: normalization/export, attestation, storage implementations (handled elsewhere).
|
||||
## Observability & security expectations
|
||||
- Log request batches, rate-limit responses, and token refresh events without leaking secrets.
|
||||
- Track metrics for documents fetched, retries, and failure categories.
|
||||
## Tests
|
||||
- Connector tests with mocked MSRC endpoints and AAD token flow will live in `../StellaOps.Excititor.Connectors.MSRC.CSAF.Tests`.
|
||||
Reference in New Issue
Block a user