List view
Close the findings of the 2026-06-10 repo-wide academic-defensibility design review (local reviewer notes: notes/repo-design-academic-review/, gitignored). Direction per maintainer: bring artifacts up to the claims — deliver enforcement, specs, and tests rather than soften prose. Sizing: one issue = one PR. Issues carry the review finding IDs (ADR-n, FM-n, CA-n, CT-n, IMP-n, LIT-n) and cross-reference existing requirement issues where they overlap.
No due date•3/30 issues closedJoint design (#129) and per-requirement issues: API-420 (participant implementation manifest), ASR-527 (manifest/exposure conformance), EXP-733 (implementation/exposure provenance).
No due date•0/4 issues closedJoint design (#128) and per-requirement issues: RUN-316 (operational apparatus observability), API-419 (augmentation disclosure contracts), ASR-525 (plane/augmentation conformance), EXP-731 (evidence requirement refinement), EXP-732 (realized evidence sources provenance). Pairs with #127 (observability semantics).
No due date•0/6 issues closedJoint design (#127) and per-requirement issues: SEM-224 (observability plane separation), SEM-225 (realization augmentation), DSL-123 (scenario-native observability), DSL-124 (authored evidence requirements).
No due date•0/5 issues closedPer-requirement issues for assurance over trajectory + benchmark artifacts: ASR-520 (trajectory corpus conformance), ASR-521 (benchmark protocol conformance), ASR-522 (trajectory split/source/lineage integrity), ASR-524 (benchmark truth/adjudication asset integrity). Pairs with #124 and #125.
No due date•0/4 issues closedJoint design (#125) and per-requirement issues: DSL-122 (truth/adjudication refs), API-416 (contracts), EXP-726 (protocol), EXP-727 (verifier/judge/reward), EXP-729 (reference targets/hidden assets), EXP-730 (human review/adjudication).
No due date•0/7 issues closedJoint design (#124) and per-requirement issues for participant trajectories across SEM/DSL/ACT/API/EXP/AUT: SEM-221, DSL-119, ACT-621, API-415, EXP-723/724/725, AUT-814.
No due date•0/9 issues closedJoint design (#123) and per-requirement issues: API-417/418 (contracts), RUN-312 (runtime accounting), ASR-523 (conformance), EXP-728 (experiment episode records). Pairs with #122 (episode + budget model).
No due date•0/6 issues closedJoint design (#122) and per-requirement issues for participant episodes and budgets across SEM/DSL/ACT: SEM-222/223 (semantics), DSL-120/121 (surfaces), ACT-623/624 (model). Wave TBD.
No due date•0/7 issues closedJoint design (#121) and per-requirement issues: ACT-619 (tool/affordance profiles), ACT-620 (control-context artifacts), ACT-622 (action-space modes), API-414 (tool/affordance declarations). Pairs with #119 (SEM) and #120 (DSL).
No due date•0/5 issues closedJoint design (#120) and per-requirement issues for participant language surfaces: DSL-116 (behavior spec), DSL-117 (tool/affordance modeling), DSL-118 (control context/instruction), DSL-125 (decision exposure/visibility). Wave TBD. Pairs with semantics in #119.
No due date•0/5 issues closedJoint design (#119) and per-requirement issues: SEM-219 (tool/affordance), SEM-220 (decision-surface), SEM-226 (exposure/visibility-boundary). Wave TBD.
No due date•0/4 issues closedJoint design (#118) and per-requirement issues: API-421 (time-model contracts), ASR-528 (conformance), EXP-734 (realized-time-model provenance). Pairs with #117 (time semantics & surfaces).
No due date•0/4 issues closedJoint design (#117) and per-requirement implementation issues for time across SEM (semantics), DSL (language surfaces), and RUN (runtime handling): SEM-227/228/229 (clock/advancement/ordering semantics), DSL-126/127/128 (surfaces), RUN-317/318 (runtime). Wave TBD.
No due date•0/9 issues closedWave 3 joint design (#113) and per-requirement issues: GOV-908 (audience views/disclosure), GOV-909 (redaction/sanitization/sharing), GOV-911 (public/private separation), GOV-912 (marking/classification/handling).
No due date•0/5 issues closedWave 3 joint design (#111) and per-requirement issues: GOV-905 (interoperable exchange), GOV-906 (translation loss/ambiguity disclosure), GOV-926 (federation-level VV&A). Pairs with #91 (federation engineering).
No due date•0/4 issues closedWave 3 per-requirement issues: EXP-718 (controlled randomness/seed preservation), EXP-719 (treatment/controlled-variation design).
No due date•0/2 issues closedWave 3 per-requirement issues: EXP-714 (archive/preservation), EXP-716 (metadata/annotation), EXP-717 (evidence integrity/chain-of-custody).
No due date•0/3 issues closedWave 3 joint design (#106) and per-requirement issues: EXP-711 (cross-run comparability semantics), EXP-713 (analysis/comparison outputs).
No due date•0/3 issues closedWave 3 joint design (#105) and per-requirement issues: EXP-706 (trial/replication model), EXP-712 (reproducibility/replay claims).
No due date•0/3 issues closedWave 3 per-requirement issues: AUT-810 (safe refactoring/transformation), AUT-812 (catalog/search/discovery).
No due date•0/2 issues closedWave 3 per-requirement issues: AUT-803 (human-facing graphical surface), AUT-808 (visual inspection and navigation surfaces).
No due date•0/2 issues closedWave 3 per-requirement issues: ASR-512 (executable behavioral validation), ASR-513 (counterfactual/necessity validation), ASR-514 (determinism/stability verification). Three independent validation techniques under the layered-validation framework from #97.
No due date•0/3 issues closedWave 3 joint design (#97) and per-requirement issues: ASR-511 (layered validation/admission profiles), ASR-515 (validation strength disclosure).
No due date•0/3 issues closedWave 3 per-requirement issues: ASR-509 (replay/causality/history verification), ASR-510 (multi-role assurance coverage).
No due date•0/2 issues closedWave 3 per-requirement issues: RUN-309 (reproducible participant execution context), RUN-310 (intervention/handoff/supervisory lifecycle). Independent runtime concerns.
No due date•0/2 issues closedWave 3 per-requirement issues: API-409 (external input/intervention contracts), API-410 (shared operational state and derived context contracts). Independent contracts pairing with #93 (participant derived context & mixed control).
No due date•0/2 issues closedWave 3 per-requirement issues: ACT-616 (participant-consumable derived context views), ACT-617 (mixed-control participant operation). Two independent extensions to the participant model.
No due date•0/2 issues closedWave 3 per-requirement issues: SEM-214 (derived context view semantics), SEM-216 (evidence/evaluation/view boundary semantics), SEM-217 (external knowledge binding semantics). Three loosely-coupled semantic surfaces.
No due date•1/4 issues closedWave 2 joint design (#91) and per-requirement issues: GOV-916 (engineering discipline), GOV-923 (gateway/bridge contracts), GOV-924 (translation-path provenance), GOV-925 (standards profiles).
No due date•0/5 issues closedWave 2 joint design (#90) and per-requirement issues: GOV-901 (versioning/compatibility), GOV-902 (deprecation/lifecycle), GOV-903 (migration/upgrade).
No due date•0/4 issues closedWave 2 joint design (#89) and per-requirement issues for experiment provenance: EXP-710 (traceability), EXP-720 (canonical run record), EXP-722 (realized form disclosure). Depends on #87 (core model) and #88 (evidence model).
No due date•0/4 issues closedWave 2 joint design (#88) and per-requirement issues for experiment evidence & measures: EXP-707 (capture spec), EXP-708 (artifact/observation model), EXP-709 (derived measures/evaluations), EXP-715 (backend observation capability declaration). Depends on #87 (experiment core model).
No due date•0/5 issues closedWave 2 joint design (#87) and per-requirement implementation issues for the experiment core data model: EXP-701 (task model), EXP-702 (task/scenario separation), EXP-703 (run model), EXP-704 (execution apparatus context), EXP-705 (study/collection model).
No due date•4/6 issues closedWave 2 per-requirement issues: AUT-805 (canonical documentation, glossary, reference material), AUT-806 (examples, templates, pattern libraries). Two independent deliverables.
No due date•2/2 issues closedWave 2 per-requirement issues for agent-facing & structured-editing authoring surfaces: AUT-801 (agent tool surface), AUT-804 (language service & structured editing), AUT-811 (agent-usable invariants/scope/review guidance). Three independent surfaces.
No due date•4/4 issues closedWave 2 per-requirement issues for participant assurance artifacts: ASR-506 (semantic artifacts), ASR-507 (conformance corpus), ASR-508 (validation scenarios), ASR-526 (conformance/support reporting). Four independent assurance deliverables following participant semantics (#71), behavior model (#77), and backend contracts (#76).
No due date•0/4 issues closedWave 2 per-requirement issues: ACT-614 (temporal behavior profiles), ACT-615 (operational holdings), ACT-618 (participant outcome model support). Three independent extensions to the participant behavior model in #77.
No due date•0/3 issues closedWave 2 per-requirement implementation issues: ACT-612 (multi-participant coordination/delegation), ACT-613 (targetable participants & services). Two independent extensions to the participant behavior model in #77.
No due date•0/2 issues closedWave 2 per-requirement implementation issues: ACT-604 (dynamic knowledge & environment-state semantics), ACT-605 (declarative baseline/background behavior profiles). Two independent surfaces; both follow the participant behavior model in #77.
No due date•0/2 issues closedWave 2 per-requirement implementation issues for participant behavior vocabularies: ACT-609 (offensive), ACT-610 (defensive), ACT-611 (autonomous service/agent). Three independent vocabularies sharing the participant behavior model from #77.
No due date•0/3 issues closedWave 2 joint design (#77) and per-requirement implementation issues for the participant behavior model: ACT-602 (executable model), ACT-603 (abstract interaction model), ACT-606 (first-class specs), ACT-607 (authority/scope), ACT-608 (behavior modes). Follows participant-semantics (#71).
No due date•0/6 issues closedWave 2 joint design (#76) and per-requirement implementation issues for participant backend-facing contracts: API-405 (capability), API-406 (plain-data), API-407 (feature/constraint), API-408 (observation/retrieval), API-411 (outcome reporting). Follows participant-semantics (#71) and participant-runtime (#74) designs.
No due date•2/6 issues closedReference processor and backend implementations: RUN-313 (processor), RUN-314 (emulation backend), RUN-315 (simulation backend). Three independent implementations that share upstream contracts (API-4xx) and conformance (ASR-5xx). No joint design issue — coordination lives at the contract layer.
No due date•1/4 issues closedWave 2 joint design (#74) and per-requirement implementation issues for the participant runtime: RUN-305 (state/history), RUN-306 (decision/execution lifecycle), RUN-307 (shared operational state), RUN-308 (concurrent execution). Follows the participant-semantics design in #71.
No due date•3/5 issues closedWave 2 joint design (#71) and per-requirement implementation issues for participant semantics: SEM-208 (behavior), SEM-209 (multi-participant), SEM-210 (visibility), SEM-211 (preconditions/effects/failures), SEM-212 (causality), SEM-213 (temporal), SEM-215 (outcome interpretation).
No due date•8/8 issues closedEvidence gates for a narrow paper on governed benchmark scenario corpora, versioning, repeatability, lineage, and cross-run comparability.
No due date•0/1 issues closedEvidence gates for a narrow paper on cross-ecosystem exchange, semantic mapping, attack-technique binding, and explicit translation-loss disclosure.
No due date•0/1 issues closedEvidence gates for a narrow paper on participant/agent episodes, actions, observations, resets, budgets, trajectories, rewards, and adjudication in cyber range evaluations.
No due date•0/1 issues closedEvidence gates for a narrow paper on preserving authored intent, processor output, backend realization, observations, and derived evidence as distinct audit surfaces.
No due date•3/7 issues closed