Skip to content

[codex] Add capability honesty matrix#70

Merged
InfoSecHack merged 1 commit into
mainfrom
codex/capability-honesty-matrix
Jun 5, 2026
Merged

[codex] Add capability honesty matrix#70
InfoSecHack merged 1 commit into
mainfrom
codex/capability-honesty-matrix

Conversation

@InfoSecHack
Copy link
Copy Markdown
Owner

@InfoSecHack InfoSecHack commented Jun 5, 2026

Summary

  • Add a reviewer-facing capability honesty matrix documenting modeled IAMScope coverage, collected/exported but not fully reasoned data, explicit non-coverage, verdict meanings, and interpretation caveats.
  • Add drift-prevention tests comparing documented modeled actions against parser RELEVANT_ACTIONS and documented pattern IDs against the shipped CLI reasoner registry.

Boundaries

  • Docs/reference and tests only.
  • No live AWS, Terraform, reasoner, verdict, benchmark score, or pass/fail label changes.

Validation

  • python -m pytest -q tests/test_capability_honesty_matrix.py
  • ./scripts/check.sh
  • ./scripts/test_fast.sh
  • git diff --check
  • account/ARN hygiene scans
  • Terraform/raw artifact scan

@InfoSecHack InfoSecHack marked this pull request as ready for review June 5, 2026 22:50
@InfoSecHack InfoSecHack merged commit 237833c into main Jun 5, 2026
6 checks passed
@InfoSecHack InfoSecHack deleted the codex/capability-honesty-matrix branch June 5, 2026 22:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@InfoSecHack