# Explainable triage UX with evidence-linked findings

## Module
Scanner

## Status
VERIFIED

## Description
Tabbed evidence panel with policy, binary diff, confidence meter, and SBOM evidence tabs provides expandable evidence views per finding.

## Implementation Details
- **Explainability Library**:
  - `src/Scanner/__Libraries/StellaOps.Scanner.Explainability/` - Explainability services for evidence-linked findings
  - `src/Scanner/__Libraries/StellaOps.Scanner.Explainability/Dsse/ExplainabilityPredicateSerializer.cs` - Serializes explainability predicates
  - `src/Scanner/__Libraries/StellaOps.Scanner.Explainability/Falsifiability/FalsifiabilityGenerator.cs` - Generates falsification criteria
  - `src/Scanner/__Libraries/StellaOps.Scanner.Explainability/Falsifiability/FalsifiabilityCriteria.cs` - Criteria model
- **Triage Services**:
  - `src/Scanner/__Libraries/StellaOps.Scanner.Triage/` - Triage domain services
  - `src/Scanner/__Libraries/StellaOps.Scanner.Triage/Models/ExploitPath.cs` - Exploit path model for evidence linking
- **Evidence Composition**:
  - `src/Scanner/StellaOps.Scanner.WebService/Services/EvidenceCompositionService.cs` - Composes multi-source evidence per finding
  - `src/Scanner/StellaOps.Scanner.WebService/Services/IEvidenceCompositionService.cs` - Interface
- **Finding Rationale**:
  - `src/Scanner/StellaOps.Scanner.WebService/Services/FindingRationaleService.cs` - Provides rationale explanations per finding
  - `src/Scanner/StellaOps.Scanner.WebService/Services/IFindingRationaleService.cs` - Interface
- **API**:
  - `src/Scanner/StellaOps.Scanner.WebService/Controllers/FindingsEvidenceController.cs` - Evidence controller
  - `src/Scanner/StellaOps.Scanner.WebService/Contracts/FindingEvidenceContracts.cs` - Evidence API contracts
  - `src/Scanner/StellaOps.Scanner.WebService/Contracts/RationaleContracts.cs` - Rationale contracts

## E2E Test Plan
- [ ] Query finding evidence via the FindingsEvidenceController and verify tabbed evidence is returned
- [ ] Verify policy evidence tab includes applicable policy rules and evaluation results
- [ ] Verify binary diff evidence tab includes delta analysis when available
- [ ] Verify confidence meter shows score breakdown with contributing factors
- [ ] Verify SBOM evidence tab includes component provenance and version data
- [ ] Verify finding rationale service provides human-readable explanations

---

## Verification

| Check | Result |
|-------|--------|
| Tier 0 - Source files exist | PASS |
| Tier 1 - Build + code review | PASS |
| Tier 2 - Integration tests | PASS |
| Verified | 2026-02-13T18:10:00Z |