# VulnExplorer Module Charter

## Mission
- Provide deterministic, auditable triage workflows and APIs for vulnerability findings.

## Responsibilities
- Maintain ledger models and append-only history.
- Expose APIs for findings, actions, and exports.
- Enforce RBAC and ABAC scopes and Authority integration.
- Produce offline bundles with signed manifests.

## Required Reading
- docs/README.md
- docs/07_HIGH_LEVEL_ARCHITECTURE.md
- docs/modules/platform/architecture-overview.md
- docs/modules/vuln-explorer/architecture.md
- docs/modules/findings-ledger/schema.md

## Working Agreement
- Append-only ledger updates; never mutate past entries.
- Deterministic ordering for exports and manifests.
- Use TimeProvider and IGuidGenerator; UTC timestamps.
- Use InvariantCulture for parsing and formatting.
- Propagate CancellationToken in async flows.

## Testing Strategy
- Unit tests for ledger projections and validation.
- Integration tests for API endpoints and authorization.
- Determinism tests for export bundles.