master
7b5bdcf4d3
- Introduced AGENTS.md, README.md, TASKS.md, and implementation_plan.md for Vexer, detailing mission, responsibilities, key components, and operational notes. - Established similar documentation structure for Vulnerability Explorer and Zastava modules, including their respective workflows, integrations, and observability notes. - Created risk scoring profiles documentation outlining the core workflow, factor model, governance, and deliverables. - Ensured all modules adhere to the Aggregation-Only Contract and maintain determinism and provenance in outputs.
22 lines
1.1 KiB
Markdown
22 lines
1.1 KiB
Markdown
# Export Center agent guide
|
|
|
|
## Mission
|
|
Export Center packages reproducible evidence bundles (JSON, Trivy DB, mirror) with provenance metadata and optional signing for offline or mirrored deployments.
|
|
|
|
## Key docs
|
|
- [Module README](./README.md)
|
|
- [Architecture](./architecture.md)
|
|
- [Implementation plan](./implementation_plan.md)
|
|
- [Task board](./TASKS.md)
|
|
|
|
## How to get started
|
|
1. Open ../../implplan/SPRINTS.md and locate the stories referencing this module.
|
|
2. Review ./TASKS.md for local follow-ups and confirm status transitions (TODO → DOING → DONE/BLOCKED).
|
|
3. Read the architecture and README for domain context before editing code or docs.
|
|
4. Coordinate cross-module changes in the main /AGENTS.md description and through the sprint plan.
|
|
|
|
## Guardrails
|
|
- Honour the Aggregation-Only Contract where applicable (see ../../ingestion/aggregation-only-contract.md).
|
|
- Preserve determinism: sort outputs, normalise timestamps (UTC ISO-8601), and avoid machine-specific artefacts.
|
|
- Keep Offline Kit parity in mind—document air-gapped workflows for any new feature.
|
|
- Update runbooks/observability assets when operational characteristics change. |