git.stella-ops.org/docs/modules/triage

Triage

Status: Design/Planning Source: N/A (cross-cutting concept) Owner: VulnExplorer Guild

Purpose

Triage defines workflows and data structures for vulnerability triage, exploit path analysis, and proof bundle generation. Provides specifications for prioritization, evidence review, and decision capture used by VulnExplorer and Policy modules.

Components

Concept Documentation:

• exploit-path-inbox.md - Exploit path inbox specification for automated triage
• proof-bundle-spec.md - Proof bundle format for evidence packaging

Triage Workflows:

• Automated triage (Signals-based prioritization)
• Manual triage (human review and decision)
• Exploit path analysis (reachability to exploitable sinks)
• Proof bundle generation (evidence packaging for decisions)

Implementation Locations

Triage functionality is implemented across multiple modules:

• VulnExplorer - Triage UI and workflow orchestration
• Signals - Automated prioritization scoring
• Policy Engine - Exploit path analysis
• EvidenceLocker - Proof bundle storage
• Notify - Triage alert distribution

Dependencies

• VulnExplorer (triage UI)
• Signals (prioritization)
• Policy Engine (exploit paths)
• EvidenceLocker (proof bundles)
• Notify (alerts)

Related Documentation

• Exploit Path Inbox: ./exploit-path-inbox.md
• Proof Bundle Spec: ./proof-bundle-spec.md
• VulnExplorer: ../vuln-explorer/
• Signals: ../signals/
• Policy: ../policy/
• EvidenceLocker: ../evidence-locker/

Current Status

Triage workflows documented in exploit-path-inbox.md and proof-bundle-spec.md. Implementation distributed across VulnExplorer (UI/workflows), Signals (scoring), Policy (analysis), and EvidenceLocker (proof storage) modules.