W
Wrkr

wrkr report

wrkr report

Synopsis

 wrkr report [--json] [--explain] [--md] [--md-path <path>] [--pdf] [--pdf-path <path>] [--evidence-json] [--evidence-json-path <path>] [--csv-backlog] [--csv-backlog-path <path>] [--template exec|operator|audit|public|ciso|appsec|platform|customer-draft|agent-action-bom|design-partner-summary] [--share-profile internal|public|customer-redacted|design-partner|external-redacted|investor-safe] [--paired-share-profile customer-redacted|design-partner|external-redacted|investor-safe] [--redact <fields>] [--baseline <path>] [--previous-state <path>] [--top <n>] [--focus bom|release|write-deploy|approval-evidence-unknown|owner-evidence-unknown|evidence-gaps|contradictions|drift-review|recommendations] [--focus-path <path_id>] [--recent-pr-review] [--review-ids <ids>] [--review-since <date>] [--review-until <date>] [--review-limit <n>] [--state <path>]

Flags

  • --json
  • --explain
  • --md
  • --md-path
  • --pdf
  • --pdf-path
  • --evidence-json
  • --evidence-json-path
  • --csv-backlog
  • --csv-backlog-path
  • --template
  • --share-profile
  • --paired-share-profile
  • --redact
  • --baseline
  • --previous-state
  • --top
  • --focus
  • --focus-path
  • --recent-pr-review
  • --review-ids
  • --review-since
  • --review-until
  • --review-limit
  • --state

Example

wrkr report --md --md-path ./.tmp/wrkr-summary.md --template operator --share-profile internal --json
wrkr report --pdf --pdf-path ./.tmp/wrkr-summary.pdf --template exec --json
wrkr report --md --md-path ./.tmp/wrkr-summary-public.md --template public --share-profile public --json
wrkr report --template agent-action-bom --share-profile customer-redacted --md --md-path ./.tmp/customer-bom.md --evidence-json --evidence-json-path ./.tmp/customer-bom.json --json
wrkr report --template design-partner-summary --share-profile design-partner --md --md-path ./.tmp/design-partner.md --evidence-json --evidence-json-path ./.tmp/design-partner-evidence.json --json
wrkr report --template agent-action-bom --share-profile internal --redact owners,repos,paths --json
wrkr report --template agent-action-bom --share-profile internal --paired-share-profile customer-redacted --md --md-path ./.tmp/paired-bom.md --evidence-json --evidence-json-path ./.tmp/paired-bom.json --json
wrkr report --template ciso --md --md-path ./.tmp/ciso.md --pdf --pdf-path ./.tmp/ciso.pdf --evidence-json --evidence-json-path ./.tmp/evidence.json --csv-backlog --csv-backlog-path ./.tmp/backlog.csv --json
wrkr report --template agent-action-bom --json --evidence-json --evidence-json-path ./.tmp/agent-action-bom-evidence.json
wrkr report --template platform --focus release --json
wrkr report --template agent-action-bom --focus-path apc-12345678 --md --md-path ./.tmp/focused-agent-action-bom.md --json
wrkr report --template agent-action-bom --focus write-deploy --focus-path apc-12345678 --json
wrkr report --template agent-action-bom --recent-pr-review --review-limit 10 --review-since 2026-05-01 --json
wrkr report --template agent-action-bom --recent-pr-review --review-ids pr/42,mr/17 --json

Behavior contract

wrkr report renders deterministic summaries from saved scan state without changing JSON or exit-code contracts. wrkr report --pdf writes a deterministic PDF artifact with wrapped, paginated executive-summary output; the board-ready claim is acceptance-backed by explicit executive report fixtures.

Expected JSON keys: status, generated_at, additive deployment_mode, additive next_steps, top_findings, attack_paths, top_attack_paths, additive action_paths, additive agent_action_bom, additive focus_view, additive action_path_to_control_first, additive action_surface_registry, additive control_path_graph, additive workflow_chains, additive runtime_sessions, additive runtime_evidence, additive evidence_packets, additive recent_pr_review, additive assessment_summary, additive public_surface_assessment, additive exposure_groups, total_tools, tool_type_breakdown, compliance_gap_count, compliance_summary, summary, md_path, pdf_path, additive evidence_json_path, additive backlog_csv_path, and additive artifact_paths. Top-level deployment_mode mirrors summary.deployment_mode so report consumers can read the declared data posture without reopening source_privacy. summary.deployment_mode is the additive report-summary contract for customer data posture. It uses the same canonical values as scan and evidence output: local_only, customer_controlled_storage, connected_saas_metadata, and managed_platform. summary.public_surface_assessment and additive top-level public_surface_assessment are the opt-in public-evidence summary contract. They count and list public_observed, public_inferred, unsupported_public_claim, and private_evidence_absent entries from a saved public-surface scan without upgrading any of them into verified private runtime, approval, credential, or control evidence. summary.share_profile_metadata is additive metadata describing whether deterministic redaction was applied, which redaction version produced the artifact, the high-level policy summary for that share profile, and the selected/profile-default redaction fields that shaped the artifact. summary.artifact_metadata is additive artifact-pair metadata describing the deterministic artifact id, pair id, variant kind, share profile, redaction version, local private join-map path, and shareability status. summary.scan_scope is additive buyer-facing scope metadata for the saved target mode, scope label, source boundary, repo count, and target count. summary.operational_exposure and summary.governance_readiness are additive split readiness axes. They separate what a path can operationally do from how complete its ownership/approval/policy/proof posture is. summary.executive_rollup is an additive large-org compression surface for reports, markdown, evidence JSON, and control-backlog exports. Each group carries a stable group_id, deterministic dimension labels (action_class, target_class, risk_zone, credential_authority, production_target, evidence_state, owner_state, repo_cluster, detector_confidence, contradiction_state, closure_action), grouped count, additive top_example_refs, additive evidence_state_summary, and a deterministic closure recommendation without exposing raw repo or owner names. summary.governed_usage_metrics is an additive non-sensitive packaging/value surface for monitored paths, governed paths, evidence packs, audit export families, approval decisions, connected runtimes, governed agents/workflows, verified controls, unknown controls, and contradictions. These counters are value indicators only; they are not billing enforcement and they do not serialize raw source, private URLs, prompt text, proof payloads, or customer names. assessment_summary is additive at the top level and under summary when govern-first action paths are present; it leads with governable-path counts, the top path to control first, the strongest identity-backed path, additive ownerless_exposure counts, additive identity_exposure_summary, additive identity_to_review_first / identity_to_revoke_first, and the saved proof-chain path. summary.attack_paths provides deterministic attack-path section metadata (total, top_path_ids) used in report templates and external appendix joins. compliance_summary.frameworks[*].controls[*] exposes additive framework/control/article rollups with deterministic finding_count, mapped_rule_ids, and coverage status. summary.compliance_summary mirrors the same machine-readable contract used by report markdown/PDF generation. When the saved scan target is my_setup, summary.activation exposes the same additive concrete-first activation view used by the local-machine scan flow. When the saved scan target is org or path, summary.activation exposes the additive govern-first candidate path view used by the scan flow. summary.action_paths and top-level action_paths expose the ranked govern-first path objects, including additive delivery-chain fields such as pull_request_write, merge_execute, deploy_write, delivery_chain_status, and production_target_status, ownership/governance fields such as operational_owner, owner_source, ownership_status, and approval_gap_reasons, additive canonical evidence-state fields control_resolution_state, control_resolution_reasons, control_evidence_refs, approval_evidence_state, owner_evidence_state, proof_evidence_state, runtime_evidence_state, target_evidence_state, and credential_evidence_state, additive classification fields target_class, target_class_reasons, target_class_evidence_refs, action_path_type, action_path_type_reasons, and action_path_type_evidence_refs, additive execution-identity fields such as execution_identity, execution_identity_type, execution_identity_source, execution_identity_status, and execution_identity_rationale, additive path-semantics fields such as business_state_surface, shared_execution_identity, path_context, standing_privilege, standing_privilege_reasons, action_classes, action_reasons, and additive mutable_endpoint_semantics[], additive buyer-facing fields control_state, control_state_reasons, risk_zone, risk_zone_reasons, review_burden, review_burden_reasons, and additive confidence_lane / confidence_lane_reasons, additive tool identity fields tool_family_id and tool_instance_id, additive normalized credential_authority, additive purpose/version/config metadata (purpose, purpose_source, purpose_confidence, version, version_source, config_fingerprint, config_source), additive action_lineage.segments[], additive join refs attack_path_refs and source_finding_keys, additive gait_coverage per path, and additive credential_provenance compatibility rollup plus credentials[] entries (type, subject, scope, confidence, evidence_basis, credential_kind, access_type, standing_access, likely_jit, evidence_location, classification_reasons, risk_multiplier). Purpose metadata uses explicit wrkr:purpose annotations as the highest-confidence source when available, then falls back to deterministic workflow, MCP, script, symbol, and location evidence. attack_path_score is now path-linked: high attack-path scores attach only to matching govern-first paths instead of being smeared across every path in the same repo. summary.action_path_to_control_first / top-level action_path_to_control_first expose one prioritized path plus additive summary counters for credential-bearing, standing-privilege, control-first, lane, and evidence-state counts, along with additive empty_state_status / empty_state_reasons metadata. Legacy counters such as missing_approval_paths, missing_policy_paths, and missing_proof_paths remain compatibility aliases derived from the canonical evidence-state projection. summary.scan_quality carries the saved scan-quality contract into report output so buyers can distinguish clean negative results from partial, reduced, or blocked detector coverage without opening raw scan state. summary.scan_quality.compact_summary leads with buyer-safe coverage_confidence, reduced-detector, parse-failure, suppressed-generated-file, blocked-detector, and unsupported-declaration counts plus a short impact statement, while summary.scan_quality.detectors[*] remains the appendix/evidence-JSON detail surface with attempted/parsed/partial/suppressed/failure counts and deterministic coverage_reasons. summary.agent_action_bom and top-level agent_action_bom expose the canonical Agent Action BOM artifact for operator and demo workflows. Use wrkr report --template agent-action-bom --json when you want one joined artifact that now defaults to one selected workflow/action path first, then moves the broader BOM item list and detector/proof/graph detail into appendix sections. Raw scan JSON remains the discovery surface; graph-shaped BOM output is canonical in report. agent_action_bom.summary.executive_rollup and agent_action_bom.summary.governed_usage_metrics mirror the same additive enterprise-summary contracts inside the BOM view so operator-first and buyer-first workflows stay aligned on grouping and value counters. summary.workflow_highlights is additive workflow-first buyer output. It projects the highest-signal workflow/action paths into stable highlight rows with authority, blast radius, approval/proof/runtime status, boundary labels, recommendations, and plain-language explanations before raw appendix details. summary.focus_view and top-level focus_view are additive low-click review contracts driven by --focus. Presets such as release, write-deploy, approval-evidence-unknown, owner-evidence-unknown, evidence-gaps, contradictions, drift-review, and recommendations filter existing projected report fields without removing appendix traceability. summary.regress_drift now also carries additive comparison_status, comparison_issues[], drift_category_count, and drift_categories[] when --baseline is supplied. --focus drift-review prefers the current-path refs named by those drift categories; if baseline comparison was unavailable or incomplete, the focus view returns an explicit drift-review empty-state status instead of pretending the report is clean. agent_action_bom.summary.primary_view is the focused path contract. It identifies the selected path_id, whether it came from the default top path or an explicit --focus-path, the deterministic path map (tool -> repo/pr -> workflow -> credential -> action -> target), control/evidence posture, governed-path before/after view, and appendix refs that point to the deeper audit surfaces still carried in JSON and evidence bundles. --focus-path is additive and currently requires --template agent-action-bom. It validates the exact path_id from action_paths[*].path_id or agent_action_bom.items[*].path_id, fails closed with invalid_input for unknown or context-only paths, and leaves the full machine-readable BOM item list intact for existing consumers. --focus is additive and works with existing templates plus --focus-path. It returns deterministic preset counts, empty states, recommended next actions, and filtered workflow highlights while keeping raw findings, detector diagnostics, graph refs, and proof detail available in appendix or evidence JSON output. Agent Action BOM proof_coverage, canonical evidence-state fields, and compatibility aliases such as summary.missing_proof_items reflect path-linked proof sufficiency from control-backlog requirements. A valid proof chain or visible top-level proof_refs does not by itself mean every risky path has satisfied approval, review, least-privilege, or attached-evidence proof. agent_action_bom.proof_refs remains the global chain/finding reference set; each item’s proof_refs is path-specific and may include path:*, finding:*, and linked proof-record refs only for that exact path context. Agent Action BOM items and additive action_paths now carry deterministic policy-coverage context (none, declared, matched, runtime_proven, stale, conflict), canonical evidence-state fields, additive constraint_evidence_classes / constraint_evidence_refs, target classification (production_impacting, release_adjacent, customer_data_adjacent, internal_tooling, developer_productivity, test_demo_sandbox, unknown), action path type classification (ai_assisted_workflow, agent_framework, automation_bot, ci_cd_workflow, legacy_script, plain_source_code, unknown_executable_path), buyer-facing control_state (safe_by_default, approval_required, block_recommended, evidence_required, inventory_only), explicit risk_zone, explicit review_burden, additive confidence lanes (confirmed_action_path, likely_action_path, semantic_review_candidate, context_only), additive normalized credential_authority, additive purpose/version/config metadata, additive mutable_endpoint_semantics[], additive action_lineage.segments[] from repo/workflow through credential/target/approval/proof joins, path-level gait_coverage for policy_decision, approval, jit_credential, freeze_window, kill_switch, action_outcome, and proof_verification, and optional introduced_by provenance metadata. introduced_by.provenance is additive provider-neutral PR/MR context for reviewers, approvals, checks, deployments, branch protections, environment gates, AI/automation flags, and explicit missing/conflicting evidence states when those sidecars are supplied locally. Agent Action BOM items additionally carry runtime_evidence_absence_status (not_collected, not_applicable, missing_required, missing_for_control_claim) plus additive evidence_packet_status, evidence_packet_result, evidence_packet_missing_evidence_state, and evidence_packet_refs so buyer-safe output can show consequential change packets next to runtime evidence and proof. When local provenance sidecars such as .wrkr/provenance/pr-mr-provenance.json, .wrkr/provenance/source-metadata.json, .wrkr/provenance/github-event.json, .wrkr/provenance/gitlab-event.json, .wrkr/provenance/control-metadata.json, or .wrkr/provenance/external-control-evidence.json are present, Wrkr prefers those deterministic repo-local records before falling back to local git attribution for metadata that came from provided sidecars. Buyer-facing markdown uses evidence-scoped runtime language such as runtime evidence not collected, runtime evidence required but not linked, and runtime evidence missing for a control claim instead of treating static-only scans as missing runtime proof, and it only uses agent-specific wording when action_path_type is actually agentic. Wrkr reports coverage and evidence only; Gait remains the enforcement layer. Enterprise-evidence report surfaces are additive and explicit: evidence_decisions[] preserves source precedence and freshness, contradictions[] preserves conflict detail, accepted_risk remains visible through governance disposition and appendix behavior, and closure_requirements, lifecycle_queue, and evidence_completeness explain what evidence is still needed and how complete the current posture is. agent_action_bom.summary.empty_state_status and empty_state_reasons are additive buyer-facing guardrails. They replace the old “no control-first items means positive empty state” shortcut with explicit reason-coded eligibility that also considers standing credentials, proof/policy gaps, unresolved ownership, confidence lanes, and reduced scan coverage. Workflow-backed credential rollups now distinguish built-in github_workflow_token posture from durable PAT-style references when deterministic workflow metadata is available. When deterministic MCP/A2A joins exist, BOM items expose both compatibility reachability[] entries and buyer-facing reachable_servers[], reachable_tools[], additive reachable_endpoints[], additive reachable_targets[], reachable_apis[], and reachable_agents[] projections with trust-depth metadata and evidence refs. These fields describe static declaration reachability, not live endpoint observation. Buyer-facing BOM items now also carry additive confidence and evidence_strength labels so dependency-only, constructor-only, tool-binding, credential-bearing, and workflow-backed paths read differently in customer handoff output. Agent Action BOM items also carry buyer-facing queue, finding_visibility, and remediation fields, plus additive inventory_risk, risk_tier, credentials[], path_context, tool_family_id, tool_instance_id, attack_path_refs, source_finding_keys, and optional exclusion_reason. When a top attack path does not map to any govern-first action path, Wrkr emits a deterministic exclusion item instead of silently dropping the path from the BOM. agent_action_bom.scan_quality mirrors the same detector-health summary when the BOM artifact is present, which keeps MCP/WebMCP “nothing found” claims auditable in customer-ready exports. summary.action_paths[*].path_id and summary.action_path_to_control_first.path.path_id remain opaque deterministic identifiers currently emitted in apc-<hex> form. Use them as stable join keys only; consumers must not parse business meaning from the string. summary.action_surface_registry and top-level action_surface_registry group ranked paths by workflow, MCP server, agent config, API schema, or route surface. Each entry carries stable registry_id, grouped path_ids, owner, purpose, version/config metadata, merged credential authority, reachable actions, additive mutable_endpoint_semantics[], proof status, confidence lane, remediation, and graph refs for buyer-ready drill-down without re-running detectors. summary.control_path_graph and top-level control_path_graph expose the versioned governance graph Wrkr derives from action-path identity, credential, tool, workflow, repo, governance-control, target, and action-capability facts. Nodes and edges now also carry additive attack_path_refs, source_finding_keys, node-level lineage_segment, additive purpose/version/config metadata, additive credential_authority on credential nodes when Wrkr can deterministically join them, and additive mutable_endpoint_semantics[] on path-linked nodes when static endpoint classification is available. Use nodes[*].path_id / edges[*].path_id plus action_paths[*].path_id, attack_path_refs, and source_finding_keys as stable join keys only; consumers must not parse business meaning from node or edge identifiers. When wrkr ingest has written a managed runtime evidence sidecar next to the selected state file, summary.runtime_evidence and top-level runtime_evidence expose deterministic path/agent/runtime correlation metadata without mutating saved scan findings. Both fields are omitted when runtime evidence is unavailable. Correlations can join by path_id, agent_id, repo/workflow location, repo/environment, service, policy ref, and graph refs, and normalized evidence classes now cover both runtime evidence (policy_decision, approval, jit_credential, freeze_window, kill_switch, action_outcome, proof_verification) and imported control evidence (owner_assignment, policy_record, branch_protection, protected_environment, deployment_approval, required_check, security_gate). Raw correlation status remains the ingest-level matched / unmatched / stale / conflict surface; unmatched imported control evidence is kept auditable without being promoted into verified control posture. When wrkr ingest has written a managed Agentic SDLC evidence-packet sidecar, summary.evidence_packets and top-level evidence_packets expose deterministic path/PR/proof/graph correlation plus packet result and missing-evidence state without serializing raw diffs or secret values. wrkr report --recent-pr-review is an additive local workflow that ranks a bounded set of recent AI-assisted or automation-assisted PR/MR delivery paths from already-provided local provenance sidecars only. Use --review-ids pr/42,mr/17 to bind the review to explicit local IDs, or --review-since / --review-until with --review-limit to bound a recent window. Pair the returned recent_pr_review.ranked[*].focus_bom_path_id with --focus-path when you want the one-page workflow BOM for a ranked review candidate. Invalid IDs, invalid dates, reversed ranges, limits outside 1-50, unknown focus paths, and context-only focus paths return invalid_input with exit 6. summary.exposure_groups and top-level exposure_groups provide additive grouped exposure clusters on top of raw action_paths; they preserve path_ids for drill-down while summarizing repeated paths by repo, tool, execution identity, delivery-chain status, and business-state surface. summary.top_risks becomes path-first when govern-first action_paths exist, but the raw top_findings payload remains unchanged for operators and automation. When the saved scan target is public-surface, markdown and JSON preserve a dedicated public-surface assessment section instead of pretending that public webpages or public workflows prove private deployment reach, runtime observation, approval state, or verified controls. Customer-ready templates ciso, appsec, platform, audit, and customer-draft lead with summary.control_backlog and render the control backlog before raw risk/finding sections in Markdown/PDF. agent-action-bom now leads with one primary workflow BOM path on the first page, then keeps scan scope, source privacy, split readiness axes, coverage confidence, recent-review ranking, graph refs, proof refs, detector diagnostics, and the broader BOM item list in appendix sections. design-partner-summary renders a concise top-validated-path narrative with plain-language problem, explanation, threat, remediation, confidence, proof-gap, credential-authority, mutable-endpoint, owner, purpose, and lineage fields while explicitly preserving Wrkr's static-only boundary language. customer-draft remains compatible with the public share profile, and operators can now opt into --share-profile customer-redacted, design-partner, external-redacted, or investor-safe when they need stable pseudonyms while preserving joins inside one artifact set. --paired-share-profile writes a second redacted artifact set from the same saved state and timestamp, with deterministic sibling file names plus a local-only private join map outside the shareable artifact paths. --redact owners,repos,paths,... adds deterministic pseudonymization on top of the selected share profile. --csv-backlog writes a deterministic CSV with owner, evidence, recommended action, SLA, and closure criteria columns. --evidence-json writes a deterministic JSON evidence bundle led by the control backlog, additive action_surface_registry, additive agent_action_bom, and additive control_path_graph. Large-org markdown outputs now render the executive rollup before verbose backlog and appendix detail so grouped action classes and closure decisions lead the first screen instead of a raw item list. summary.action_paths[*].boundary_label, summary.control_path_graph.nodes[*].boundary_label, summary.control_path_graph.edges[*].boundary_label, summary.runtime_sessions.boundary_label, summary.runtime_evidence.boundary_label, summary.evidence_packets.boundary_label, and summary.agent_action_bom.items[*].boundary_label are additive claim-discipline fields. They use discovery_only, report_only, approval_capable, or enforcement_capable so report output does not imply approval or enforcement when only static discovery or report-layer joins are available. summary.control_backlog.items[*] now carry queue and visibility semantics intended for buyer-facing triage: queue is one of control_first, review_queue, inventory_hygiene, or debug_only; finding_visibility is one of primary, appendix, or debug; and remediation names the concrete next action Wrkr expects for that path. summary.control_backlog.items[*].security_test_recipes provides deterministic validation recipes for risky control paths, including prompt injection, MCP endpoint swap, egress attempt, destructive action dry-run, untrusted repo content, and secret-scope validation classes where applicable. summary.security_visibility exposes additive reference-basis and unknown_to_security counts sourced from the saved scan state. When the saved scan state does not carry a usable reference_basis, report output suppresses unknown_to_security claims and surfaces reference_basis unavailable wording instead. wrkr report renders from saved scan state only. It summarizes static posture, risky write paths, and proof artifacts; it does not claim live runtime observation or control-layer enforcement. Manual identity and inventory approvals refresh the saved backlog, action-path posture, and posture score in place, so wrkr report --state <path> --json reflects those decisions without a rescanning step. next_steps[] is additive machine-readable handoff guidance for the operator-to-auditor path. It points to current report artifact fields, the follow-on wrkr evidence --json flow, and the explicit proof-verification step.

Public template behavior (--template public --share-profile public):

  • summary.section_order starts with headline then methodology.
  • summary.methodology includes machine-readable reproducibility metadata (wrkr_version, scan window, repo/file counts, command set, and exclusion criteria).
  • built-in production-target packs classify common deploy, Terraform/IaC, Kubernetes, package publishing, release automation, database migration, and customer-impacting workflows by default; custom scan-time production-target policy files remain authoritative when supplied.
  • when saved-state security visibility lacks a usable reference basis, public/report wording suppresses unknown_to_security counts instead of fabricating them.
  • share-profile redaction is applied to public-facing risk/proof fields.

--explain emits short deterministic compliance mapping lines sourced from the same compliance_summary payload. When current findings do not yet map to bundled controls, the explain/report summary says bundled framework mappings are available and that current coverage still reflects only evidence present in the saved scan state.

Coverage semantics

Report compliance/posture values are derived from evidence present in the current scan state.

  • Low compliance/coverage in report output indicates control evidence gaps in the scanned snapshot.
  • Low compliance/coverage does not imply Wrkr lacks framework support.
  • Use report findings as remediation priorities, then remediate gaps, rerun deterministic scan/evidence/report commands, and confirm improvement from the updated evidence state.

Buyer-safe evidence language

Report markdown, JSON summaries, backlog rows, and redacted share artifacts lead with evidence-scoped language.

  • control_resolution_state distinguishes detected_control, declared_control, external_control_reference, no_visible_control, not_applicable, and contradictory_control.
  • Canonical *_evidence_state fields distinguish verified, declared, inferred, unknown, and contradictory evidence for approval, owner, proof, runtime, target, and credential posture.
  • runtime_evidence_absence_status keeps static-only scans framed as not_collected or not_applicable unless runtime proof was actually required for the specific control claim.
  • target_class and action_path_type keep production-adjacent, internal-tooling, CI/CD, AI-assisted, plain-source, and agent-framework paths separate so report language only uses agent-specific wording when the path evidence is actually agentic.
  • closure_requirements, lifecycle_queue, governance disposition, and evidence_completeness keep accepted-risk handling, lifecycle ownership gaps, path-specific closure guidance, and insufficiency scoring visible without overstating safety.
  • report QA tests block unsupported missing-control wording and reject agent-framework wording unless action_path_type=agent_framework supports it.