Skip to content

computeaholic/threadforge-containment-surface

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
deploy/base/policy
deploy/base/policy
 
 
gitops/infra/policy
gitops/infra/policy
 
 
scripts/redteam
scripts/redteam
 
 
tools
tools
 
 
.gitignore
.gitignore
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

threadforge-containment-surface

Minimal containment slice extracted from ThreadForge for deterministic validation of the current containment surface.

Included scope

  • scripts/redteam/ (manual redteam harness)
  • tools/containment_audit.py
  • Digest/governance policy subset under deploy/base/policy/
  • Optional policy mirrors under gitops/infra/policy/
  • Canonical docs copy under CANONICAL/

Verification commands

make containment-audit
bash scripts/redteam/00_preflight.sh
bash scripts/redteam/05_supplychain_guard.sh

Expected success indicators:

  • containment_claim=true
  • [PASS] Preflight complete
  • [PASS] Supply-chain guard checks complete

Notes

  • No cluster manifests are changed by this repo setup step.
  • This repository claims only what the commands above can verify in the current environment.

About

Admission and supply-chain validation harness demonstrating bounded capabilities.

Topics

kubernetes supply-chain security-testing admission-control policy-validation

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages