{
  "id": "default-profile",
  "version": "1.0.0",
  "description": "Default risk profile for vulnerability prioritization",
  "extends": "base-profile",
  "signals": [
    { "name": "cvss", "source": "nvd", "type": "numeric", "path": "/cvss/base_score", "transform": "normalize_10", "unit": "score" },
    { "name": "kev", "source": "cisa", "type": "boolean", "path": "/kev/in_catalog" },
    { "name": "reachability", "source": "scanner", "type": "numeric", "path": "/reachability/score", "unit": "score" }
  ],
  "weights": { "cvss": 0.4, "kev": 0.3, "reachability": 0.3 },
  "overrides": {
    "severity": [ { "when": { "kev": true }, "set": "critical" } ],
    "decisions": [ { "when": { "kev": true, "reachability": { "$gt": 0.8 } }, "action": "deny", "reason": "KEV with high reachability" } ]
  },
  "metadata": { "author": "docs-guild", "created_at": "2025-12-05T00:00:00Z" },
  "provenance": { "hash": "sha256:placeholder", "signed": false }
}