Skip to content

audit: classify 10 FFI unsafe findings as legitimate (PA001/PA007)#11

Merged
hyperpolymath merged 1 commit into
mainfrom
panic-fix/PA001-PA007-ffi-legitimate
May 26, 2026
Merged

audit: classify 10 FFI unsafe findings as legitimate (PA001/PA007)#11
hyperpolymath merged 1 commit into
mainfrom
panic-fix/PA001-PA007-ffi-legitimate

Conversation

@hyperpolymath
Copy link
Copy Markdown
Owner

@hyperpolymath hyperpolymath commented May 26, 2026

Summary

panic-attack assail reports 10 UnsafeCode (PA001) + UnsafeFFI (PA007) Critical/High findings under bindings/rust/src/ (ffi_smtp, ffi_ftp, ffi_grpc, etc.) — all at the C ABI boundary. Underlying logic is formally-verified Idris2.

What changes

  • audits/assail-classifications.a2ml (10 entries, classification=legitimate-ffi)
  • audits/audit-ffi-2026-05-26.md

Same pattern as svalinn#11, proven#67, gossamer#54, docudactyl#20.

Refs hyperpolymath/panic-attack#32.

🤖 Generated with Claude Code

@hyperpolymath @claude
audit: classify 10 FFI unsafe findings as legitimate (PA001/PA007)
bce0c66 
panic-attack assail flags 10 UnsafeCode/UnsafeFFI Critical/High findings
under bindings/rust/src/ (ffi_smtp/ftp/grpc/etc.) — all at the C ABI boundary.

Adds:
- audits/assail-classifications.a2ml (10 entries, classification=legitimate-ffi)
- audits/audit-ffi-2026-05-26.md

Refs hyperpolymath/panic-attack#32.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 26, 2026

🔍 Hypatia Security Scan

Findings: 246 issues detected

Severity Count
🔴 Critical 214
🟠 High 12
🟡 Medium 20

⚠️ Action Required: Critical security issues found!

View findings 
[
  {
    "reason": "Action hyperpolymath/standards/.github/workflows/governance-reusable.yml@main needs attention",
    "type": "unpinned_action",
    "file": "governance.yml",
    "action": "pin_sha",
    "rule_module": "workflow_audit",
    "severity": "high"
  },
  {
    "reason": "Python file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/proven-servers/proven-servers/bindings/python/proven_servers/mqtt.py",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "Python file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/proven-servers/proven-servers/bindings/python/proven_servers/snmp.py",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "Python file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/proven-servers/proven-servers/bindings/python/proven_servers/airgap.py",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "Python file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/proven-servers/proven-servers/bindings/python/proven_servers/semweb.py",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "Python file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/proven-servers/proven-servers/bindings/python/proven_servers/ptp.py",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "Python file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/proven-servers/proven-servers/bindings/python/proven_servers/proxy.py",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "Python file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/proven-servers/proven-servers/bindings/python/proven_servers/wasm.py",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "Python file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/proven-servers/proven-servers/bindings/python/proven_servers/ldap.py",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  },
  {
    "reason": "Python file detected -- banned language",
    "type": "banned_language_file",
    "file": "/home/runner/work/proven-servers/proven-servers/bindings/python/proven_servers/tls.py",
    "action": "flag",
    "rule_module": "cicd_rules",
    "severity": "critical"
  }
]

Powered by Hypatia Neurosymbolic CI/CD Intelligence

This was referenced May 26, 2026
Closed
Open
@hyperpolymath hyperpolymath merged commit 3435ef8 into main May 26, 2026
15 of 17 checks passed
@hyperpolymath hyperpolymath deleted the panic-fix/PA001-PA007-ffi-legitimate branch May 26, 2026 11:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hyperpolymath