# Security Evidence Reviewer Pack

Generated from latest evidence run. Safe to share (no secrets, no hostnames).

## Run summary

- **Run date (UTC):** 2026-02-22T10:23:54Z
- **Git commit:** d86b61264efb
- **Run context:** not set
- **Completeness:** incomplete
- **Overall OK:** false

## Inputs present

| Input | Present |
|-------|--------|
| store_db (STORE_DATABASE_URL) | no |
| base_url (SECURITY_BASE_URL) | no |
| log_paths (SECURITY_LOG_PATHS) | no |

## Artifacts (paths under artifacts/security/latest/)

- fragment_leak_check.json
- db_sensitive_fields_scan.json
- log_redaction_audit.json
- envelope_size_check.json
- routing_mode_smoke.json

- summary.json
- summary.md

## Claim coverage

Claims C01–C14 are mapped to artifacts and tests in docs/security/TRANSPARENCY_REPORT.md (§ Claims vs Evidence Artifacts).
Key evidence artifacts: fragment_leak_check.json (C02), db_sensitive_fields_scan.json (C01,C03,C04,C10), log_redaction_audit.json (C09,C14), envelope_size_check.json (C05), routing_mode_smoke.json (C07,C11).

## Script status

| Script | Status | OK |
|--------|--------|-----|
| fragment_leak_check | no_logs_configured | true |
| db_sensitive_fields_scan | skipped | true |
| log_redaction_audit | skipped_missing_logs | true |
| envelope_size_check | pass | true |
| routing_mode_smoke | no_server | true |