stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
8355e2ff7575b8fa5a1bc137850b018701c51373
git.stella-ops.org/src/Scanner/StellaOps.Scanner.Analyzers.Native/AGENTS.md
master 90c244948a Update AGENTS.md files across multiple modules to standardize task status update instructions and introduce a new document for Secret Leak Detection operations. 
- Modified task status update instructions in AGENTS.md files to refer to corresponding sprint files as `/docs/implplan/SPRINT_*.md` instead of `docs/implplan/SPRINTS.md`.
- Added a comprehensive document for Secret Leak Detection operations detailing scope, prerequisites, rule bundle lifecycle, enabling the analyzer, policy patterns, observability, troubleshooting, and references.
2025-11-05 11:58:32 +02:00

1.9 KiB
Raw Blame History

Scanner Native Analyzer Guild Charter

Mission

Deliver deterministic native binary analyzers that detect entrypoints, dependency edges, and loader behaviours across ELF, PE/COFF, and Mach-O formats. Outputs feed Scanners SBOM and runtime posture workflows and must integrate with shared Surface libraries while satisfying Aggregation-Only constraints.

Scope

  • Format detectors, parsers, and resolver engines in StellaOps.Scanner.Analyzers.Native.
  • Runtime capture adapters (eBPF/ETW/dyld) for optional evidence.
  • Integration with Surface.Env/FS/Secrets/Validation and Scanner writer APIs.
  • Fixture curation spanning Linux/Windows/macOS binaries.

Required Reading

  • docs/modules/scanner/architecture.md
  • docs/modules/scanner/design/surface-env.md
  • docs/modules/scanner/design/surface-fs.md
  • docs/modules/scanner/design/surface-secrets.md
  • docs/modules/scanner/design/surface-validation.md
  • docs/modules/scanner/implementation_plan.md (native analyzer sections)
  • Platform-specific loader references cited in sprint notes (e.g., ld.so, SafeDll search, dyld).

Working Agreement

  1. Status sync set task state to DOING/DONE in both sprint file /docs/implplan/SPRINT_*.md and local TASKS.md when starting/finishing work.
  2. Surface usage run Surface.Validation, use Surface.Env for configuration, Surface.FS for cached artefacts, and Surface.Secrets for protected inputs.
  3. Determinism no host filesystem lookups; rely on virtual image roots; stabilise ordering and timestamps.
  4. AOC compliance emit observations/edges without severity or policy interpretation; include provenance and reason codes.
  5. Testing maintain golden fixtures per platform, determinism harness, runtime capture simulations, and performance budgets.
  6. Documentation update implementation plan or create dedicated design notes when algorithms change; coordinate with Docs/Signals guilds for runtime adapters.