Skip to content

Add reproducible 90-sample security benchmark#2

Merged
tiltom merged 4 commits into
mainfrom
agent/reproducible-security-benchmark
Jul 13, 2026
Merged

Add reproducible 90-sample security benchmark#2
tiltom merged 4 commits into
mainfrom
agent/reproducible-security-benchmark

Conversation

@tiltom

@tiltom tiltom commented Jul 13, 2026

Copy link
Copy Markdown
Member

What changed

  • adds a pinned 90-sample benchmark corpus and deterministic runner
  • adds 25 metadata-only OpenSSF OSV malicious-package samples
  • records canonical pre-fix and post-fix results
  • adds manual review notes for every severe reference finding
  • refreshes the bundled signature snapshot to 2026.07.12.003
  • upgrades the build to published @flagrix/scanner-core@^0.3.0
  • prepares CLI release 0.1.4

Why

Flagrix needed reproducible evidence for malicious recall and false-positive launch gates. The runner never clones, installs, or executes benchmark samples.

Results

  • overall: 37/90 → 90/90 passed
  • critical fixtures: 9/10 → 10/10
  • malicious metadata: 5/25 → 25/25
  • reference High verdicts: 27/55 → 0/55
  • reference Critical findings: 16 → 0

Release readiness

  • scanner-core 0.3.0 is published to npm
  • detection rules 2026.07.12.003 are merged to main
  • bundled snapshot contains 39 malicious packages and 37 rules
  • CLI package version is 0.1.4

Validation

  • TypeScript type-check passed
  • 15 CLI tests passed
  • production build passed
  • production dependency audit reports 0 vulnerabilities
  • npm package dry run passed and includes the expected CLI, MCP bundle, docs, hooks, and signature snapshot
  • all four benchmark gates pass

@tiltom
tiltom marked this pull request as ready for review July 13, 2026 19:24
@tiltom tiltom self-assigned this Jul 13, 2026
@tiltom tiltom added the enhancement New feature or request label Jul 13, 2026
tiltom added 2 commits July 13, 2026 21:40
…cal results

Review follow-ups (blocking):
- run.mjs imports @flagrix/scanner-core from node_modules instead of the
  ../../flagrix-scanner-core sibling checkout — the benchmark now runs from
  a bare clone of this repo, and the devDependency pin actually governs the
  engine under test
- metadata records the installed package version (0.3.0) and the snapshot
  rules version; sibling git sha/dirty fields are gone, so results can no
  longer be produced from an unpublished dirty working tree without saying so
- post-fix-final regenerated against published scanner-core 0.3.0, rules
  snapshot 2026.07.12.003, CLI 0.1.4: 90/90 passed, all four gates green,
  both severe reference findings covered by reference-review.json
- extract shared sample constructors into benchmark/samples.mjs — run.mjs and
  pin-corpus.mjs previously duplicated projectSample/osvSample and corpus
  expansion, so the pinner and runner could drift apart silently (verified:
  expanded corpus reproduces the committed lock exactly, 90/90 sampleIds and
  fixture contents)
- gitignore only ad-hoc results; canonical snapshots (pre-fix-baseline.*,
  post-fix-final.*) are exempted so updating them never needs git add -f
- README: state that the known-malicious-metadata gate measures signature
  coverage of the pinned OSV samples, not generalizing recall; behavioral
  generalization is the critical fixtures' job
- comment the prefetch's mirrored scanner-core selection constants: drift is
  correctness-safe (REST fallback), re-sync on dependency bumps
@tiltom
tiltom merged commit bb03e99 into main Jul 13, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

enhancement New feature or request

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant