llm-security/tests/fixtures
Kjell Tore Guttormsen b224e18b42 fix(llm-security): YAML/workflow parser divergence — block scalars + bare if: (#32,#33,#43)
#33 the frontmatter parser collected a block-scalar body (description: |) but did not skip it, so an indented name:/allowed_tools: inside the body re-matched as a top-level key and overrode the real values TRG-shadow and permission checks depend on; the parser now consumes block-scalar bodies as opaque content. #32 block-scalar headers carrying indentation/chomping indicators (|2, >-, |-2) were not recognized, so their bodies never reached the run: injection sink; now matched via a proper indicator/chomping regex.

#43 the B4 actor auth-bypass detector inspected only braced ${{ }} expressions, missing the canonical bare 'if: github.actor == ...' form (Synacktiv Dependabot-spoof false negative); bare if: expressions now emit a synthetic event the detector reads. Suite 2004/0.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

Claude-Session: https://claude.ai/code/session_01TcQyMTQfyrsAapaCMPxTtQ
2026-07-18 10:35:56 +02:00
..
ast-scan fix(llm-security): AST-taint clears taint on reassignment (#29) + sink test coverage (#28) 2026-07-18 10:14:51 +02:00
dep-test feat(ultraplan-local): v1.6.0 — /ultraresearch-local deep research command 2026-04-08 08:58:35 +02:00
entropy refactor(entropy): B5 — two-stage context-classified suppression pipeline 2026-04-29 15:13:13 +02:00
ide-extensions test(llm-security): add JetBrains fixture tree + build helper 2026-04-18 10:49:49 +02:00
memory-scan fix(memory-poisoning): E15 — add .claude/agents/*.md to target glob 2026-04-29 14:13:01 +02:00
posture-scan feat(ultraplan-local): v1.6.0 — /ultraresearch-local deep research command 2026-04-08 08:58:35 +02:00
signature-scan feat(llm-security): add SIG signature scanner with decode-pipeline matching 2026-06-20 09:28:52 +02:00
skill-scan/hyperframes-like test(llm-security): hyperframes-like fixture for narrative coherence 2026-04-29 12:49:19 +02:00
supply-chain feat(ultraplan-local): v1.6.0 — /ultraresearch-local deep research command 2026-04-08 08:58:35 +02:00
transcripts test(hooks): cover pre-compact-scan happy-path, modes, size-cap 2026-04-17 14:44:52 +02:00
trigger-scan feat(llm-security): add TRG trigger-abuse scanner 2026-06-20 09:19:54 +02:00
workflows fix(llm-security): YAML/workflow parser divergence — block scalars + bare if: (#32,#33,#43) 2026-07-18 10:35:56 +02:00