Assertions
All pass → clean. Any fail → flagged.| Assertion | What it checks |
|---|---|
| Known bad egress | Contacted domain matched Garnet threat intel |
no_memory_scraping, no_credential_access, no_hidden_binary_execution
Filtering
Banner shows aggregate stats. Tabs: All, Flagged, Passed. Toggle Feed vs By Repo. Search by repo, branch, actor, or SHA.Run details — passed
- Process tree — Full chain with connections inline
- Overview / JSON — Structured or raw data
- Assertions — Green when no threats matched
- Run Context — Workflow, repo, branch, SHA, actor, agent
Run details — flagged
- Red connections — Suspicious destination highlighted in the tree
- Failed assertion — Red state with threat intel match detail
- Same context metadata as passed runs