mirror of
https://github.com/KeygraphHQ/shannon.git
synced 2026-05-27 19:02:38 +02:00
ezl-keygraph
181f24cfcc
Restructure into apps/worker, apps/cli, packages/mcp-server with Turborepo task orchestration, pnpm workspaces, Biome linting/formatting, and tsdown CLI bundling. Key changes: - src/ -> apps/worker/src/, cli/ -> apps/cli/, mcp-server/ -> packages/mcp-server/ - prompts/ and configs/ moved into apps/worker/ - npm replaced with pnpm, package-lock.json replaced with pnpm-lock.yaml - Dockerfile updated for pnpm-based builds - CLI logs command rewritten with chokidar for cross-platform reliability - Router health checking added for auto-detected router mode - Centralized path resolution via apps/worker/src/paths.ts
14 lines
637 B
Plaintext
14 lines
637 B
Plaintext
**MANDATORY EXPLOITATION CONSTRAINTS:**
|
|
- ALL exploitation attempts MUST be performed against {{WEB_URL}} from external network
|
|
- DO NOT attempt to exploit vulnerabilities that require:
|
|
- Internal network access (Tailscale, VPN, etc.)
|
|
- Direct server access
|
|
- Database console access
|
|
|
|
**VERDICT CLASSIFICATIONS:**
|
|
- EXPLOITED: Successfully demonstrated impact via public interface
|
|
- BLOCKED_BY_SECURITY: Valid vulnerability but blocked by WAF/controls
|
|
- OUT_OF_SCOPE_INTERNAL: Requires internal access - DO NOT PURSUE
|
|
- FALSE_POSITIVE: Not actually vulnerable
|
|
|
|
Only EXPLOITED and BLOCKED_BY_SECURITY should be reported as findings. |