stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
7e1b10d3b27ca524c65124624a5745bb4cad5b8a
git.stella-ops.org/src/StellaOps.Excititor.Connectors.MSRC.CSAF/AGENTS.md
master 7e1b10d3b2 Rename Vexer to Excititor
2025-10-18 20:44:59 +03:00

1.5 KiB
Raw Blame History

AGENTS

Role

Connector for Microsoft Security Response Center (MSRC) CSAF advisories, handling authenticated downloads, throttling, and raw document persistence.

Scope

  • MSRC API onboarding (AAD client credentials), metadata discovery, and CSAF listing retrieval.
  • Download pipeline with retry/backoff, checksum validation, and document deduplication.
  • Mapping MSRC-specific identifiers (CVE, ADV, KB) and remediation guidance into connector metadata.
  • Emitting trust metadata (AAD issuer, signing certificates) for policy weighting.

Participants

  • Worker schedules MSRC pulls honoring rate limits; WebService may trigger manual runs for urgent updates.
  • CSAF normalizer processes retrieved documents into claims.
  • Policy subsystem references connector trust hints for consensus scoring.

Interfaces & contracts

  • Implements IVexConnector, requires configuration options for tenant/client/secret or managed identity.
  • Uses shared HTTP helpers, resume markers, and telemetry from Abstractions module.

In/Out of scope

In: authenticated fetching, raw document storage, metadata mapping, retry logic. Out: normalization/export, attestation, storage implementations (handled elsewhere).

Observability & security expectations

  • Log request batches, rate-limit responses, and token refresh events without leaking secrets.
  • Track metrics for documents fetched, retries, and failure categories.

Tests

  • Connector tests with mocked MSRC endpoints and AAD token flow will live in ../StellaOps.Excititor.Connectors.MSRC.CSAF.Tests.