diff --git a/README.md b/README.md index 8d5915c..509674f 100644 --- a/README.md +++ b/README.md @@ -128,14 +128,15 @@ that a green scan means safe content: inbox showcase (`tests/test_okf_inbox_uploads.py` + `tests/inbox_frontend.py`, a dev-scoped demonstration whose `python-docx`/`python-pptx` parsers live in the `[dev]` extra, never core `dependencies`) reads `.txt`/`.md`/`.csv`/`.docx`/ - `.pptx`, folders and `.zip`, materializes them into an OKF bundle, then guards - it. What survives text extraction is **out of scope**: VBA/macros + `.pptx`/`.xlsx`, folders and `.zip`, materializes them into an OKF bundle, then + guards it. What survives text extraction is **out of scope**: VBA/macros (`.docm`/`.xlsm`/`.pptm`), OLE / embedded objects, image-embedded instructions needing OCR, font/render steganography, and encrypted / password-protected files — the binary layer needs a separate scanner. The front-end owns the container threats it *can* see (zip-slip → path gate, zip-bomb → size cap, symlink - refusal, CSV formula-lead cells). Known gaps: `.xlsx` (openpyxl) and `.pdf` - extraction, and the numeric `-`/`+` CSV false positive. + refusal, CSV/XLSX formula-lead cells). Known gaps: `.pdf` extraction, and the + numeric `-`/`+` CSV false positive (an XLSX numeric cell is typed, so it does not + trip the gate). - **Lexicon findings are deduplicated by pattern id** — `count=1` and the first offset are reported, so the same class matched across several channels/variants collapses to one finding at its first location. This keeps reports readable, but