Skip to main content

Risk Cluster / Authority Exposure Brief — Engineering Feedback 2026-03-10

Section A — What Happened

Current narrative needs improvement. It is OK to use an LLM to generate this text, but only from deterministic inputs:

  • observed authority exercised
  • domains touched
  • endpoint type invoked
  • execution count
  • governance conditions present

The model should only render the summary, not infer beyond the facts. Keep it short, execution-driven, and non-hypothetical.

Section C — Governance Condition

  • Let’s use the exact governance condition categories from the spec:
  • orphaned identities
  • scope drift
  • long-lived tokens
  • identity reuse across multiple paths
  • lack of runtime telemetry (if applicable)
  • Do not show healthy confirmations or baseline-stable checks.
  • Do not add drift explanations or evidence at cluster level. Only show the presence of the governance driver.

Section D — How Do I Fix It?

  • Reducers must be deduplicated. Merge variants of the same remediation family.

Atomic actions requirement

  • A reducer must represent one operator action. Do not bundle multiple fixes into one reducer.
  • Example:
  • bad: Assign owner and revalidate expanded scope
  • good:
    • Assign valid owner
    • Reduce scope to exercised authority
  • Same for ownership + LLM egress, ownership + scope, etc. These must be separate reducers.

Cluster-level targeting

  • Cluster reducers should not be fully vague, but also should not dump path-level detail.
  • Right approach:
  • keep the action generalized at remediation-family level
  • show a deduplicated target list underneath, capped and expandable
  • Example:
  • Assign valid owner to 2 runtime identities
    • svc-foundry-ascribe-prod
    • svc-billing-sync-prod
  • Cluster view should be a working remediation list, not just a teaser that forces path-by-path inspection.

Scoring / ranking

  • Do not use undefined numeric impact scores.
  • Rank reducers deterministically by exposure reduction impact.
  • Reasonable order for now:
  1. remove external egress
  2. remove sensitive data access
  3. reduce privilege scope
  4. restore governance ownership