{
  "scope": {
    "tenantId": "tenant-default",
    "projectId": "sre-prod"
  },
  "sources": [
    { "type": "advisory", "ids": ["CVE-2024-12345", "CVE-2024-23456"] },
    { "type": "vex", "ids": ["vex:tenant-default:jwt-auth:5d1a"] },
    { "type": "policy", "ids": ["policy://tenant-default/runtime-hardening"] },
    { "type": "scan", "ids": ["scan::tenant-default::auth-api::2025-11-07"] }
  ],
  "formats": ["json", "ndjson", "csv"],
  "attestations": { "include": true, "sigstoreBundle": true },
  "notify": { "webhooks": ["https://hooks.local/export"], "email": ["secops@example.com"] },
  "priority": "normal"
}