{
  "type": "gitcaster.external-audit-intake.public-alpha.v1",
  "status": "passed",
  "publicAlphaOnly": true,
  "externalAuditCompleted": false,
  "externalAuditClaimAllowed": false,
  "independentArtifactIntakeStatus": "blocked_external",
  "externalAuditArtifactIntakeStatus": "blocked_external",
  "missingIndependentProofCount": 3,
  "productionSecurityReadinessClaimed": false,
  "includedScope": [
    "Public open-core repository source and website claim surfaces",
    "Security package, redteam scripts, beta safety gate, and local proof tooling",
    "Protocol, identity, capabilities, SDK, CLI, MCP, local node, docs, fixtures, and examples",
    "Public status table, proof panel, release rules, and external blocker copy"
  ],
  "excludedScope": [
    "Managed orchestration",
    "Billing",
    "Custody",
    "Enterprise controls",
    "Production operations",
    "Private credentials",
    ".env files",
    "Operator secrets",
    "Signer material",
    "Wallet keys",
    "Closed managed runtime internals",
    "High-scale infrastructure",
    "Proprietary optimizations"
  ],
  "requiredIndependentProof": [
    ".quilibrium/operator-secrets/gitcaster-external-security-audit/external-security-audit-report.json",
    ".quilibrium/operator-secrets/gitcaster-external-security-audit/auditor-attestation.json",
    ".quilibrium/operator-secrets/gitcaster-external-security-audit/findings-remediation-matrix.json"
  ],
  "verificationCommand": "pnpm run external-audit-intake:check",
  "artifactIntakeBoundary": "Independent external audit artifact intake remains blocked_external until all three redacted proof files pass strict validation.",
  "claimBoundary": "This intake packet is not an external audit and must remain blocked_external until independent proof files pass strict gates."
}