Skip to content

Close out escalation and privesc contract cleanup#101

Merged
TacoRocket merged 3 commits into
mainfrom
closeout-escalation-privesc-contract
Apr 13, 2026
Merged

Close out escalation and privesc contract cleanup#101
TacoRocket merged 3 commits into
mainfrom
closeout-escalation-privesc-contract

Conversation

@TacoRocket
Copy link
Copy Markdown
Owner

@TacoRocket TacoRocket commented Apr 13, 2026

Summary

  • finish the current escalation-path rehab wave, including app-permission reach, service-surface review follow-through, and stronger-control-first ranking
  • close out the carried-forward privesc and escalation-path contract cleanup, including clearer privesc path taxonomy, operator-facing table cleanup, and escalation-path note/contract alignment
  • replace the README Operator Workflow code block with the shipped demo GIF and update tests/fixtures for the new behavior

Validation

  • python3 -m pytest tests/test_chain_semantics.py -q
  • python3 -m pytest tests/test_cli_smoke.py -q
  • python3 -m pytest tests/test_collectors.py -q -k privesc
  • python3 -m pytest tests/test_models.py -q -k privesc
  • python3 -m pytest tests/test_terminal_ux.py -q -k privesc
  • repo pre-push guardrails: lint + test suite (401 passed, 2 deselected)

Notes

  • clean-context review rerun: No implementation-vs-plan drift found.
  • User Access Administrator remains intentionally out of the defended escalation model for this slice.

@TacoRocket TacoRocket merged commit b2369ea into main Apr 13, 2026
7 checks passed
@TacoRocket TacoRocket deleted the closeout-escalation-privesc-contract branch April 13, 2026 22:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@TacoRocket