Audit TechVault inventory captures

.gitguardian.yaml

@@ -1,16 +1,17 @@
 # .gitguardian.yaml
 # GitGuardian configuration for APTL security lab
 
-version: v1
+version: 2
 
 # ACES asset inventories under docs/aces/inventory/ deliberately commit
 # scenario-fixture credentials -- the lab's intentionally-weak, disclosed
 # passwords/keys (e.g. the Redis requirepass fixture, webapp DB/JWT secrets).
 # They are scenario realization facts needed to reproduce the range, not
 # operator secrets, so the whole inventory tree is excluded from secret scanning.
-paths-ignore:
-  - 'docs/aces/inventory/**'
-  # The TechVault ACES SDL encodes the same scenario-fixture credentials as
-  # secret_fixture values (reproduction inputs), so it is excluded too.
-  - 'scenarios/techvault/**'
-  - 'scenarios/techvault.sdl.yaml'
+secret:
+  ignored_paths:
+    - 'docs/aces/inventory/**'
+    # The TechVault ACES SDL encodes the same scenario-fixture credentials as
+    # secret_fixture values (reproduction inputs), so it is excluded too.
+    - 'scenarios/techvault/**'
+    - 'scenarios/techvault.sdl.yaml'

.pre-commit-config.yaml

@@ -26,13 +26,21 @@ repos:
       - id: check-merge-conflict
       - id: detect-private-key
         # `tests/` historically holds private-key-shaped fixtures.
+        # TechVault inventory evidence captures scenario target filesystem
+        # secrets verbatim; those files are reviewed scenario content, not
+        # operator credentials.
         # `mcp/aptl-mcp-common/{src,tests}/redaction.{ts,test.ts}` and
         # `src/aptl/utils/redaction.py` (+ its test) intentionally embed
         # PEM block markers — they implement and verify masking of those
         # markers, not real key material.
         exclude: |
           (?x)^(
             tests/.*|
+            docs/aces/inventory/fileshare/evidence/filesystem-sensitive-paths\.txt|
+            docs/aces/inventory/reverse/evidence/filesystem-sensitive-paths\.txt|
+            docs/aces/inventory/shuffle-frontend/evidence/filesystem-sensitive-paths\.txt|
+            docs/aces/inventory/victim/evidence/filesystem-sensitive-paths\.txt|
+            docs/aces/inventory/workstation/evidence/filesystem-sensitive-paths\.txt|
             mcp/aptl-mcp-common/src/redaction\.ts|
             mcp/aptl-mcp-common/tests/redaction\.test\.ts|
             src/aptl/utils/redaction\.py

docs/aces/inventory/ad-preflight.md

@@ -16,8 +16,11 @@ the issue phase marker, but the tool did not create a repo-local note file.
   <https://github.com/Brad-Edwards/aces/blob/dev/docs/aces/inventory/asset-inventory-methodology.md>,
   `src/aptl/core/aces_inventory.py`, `src/aptl/cli/aces_inventory.py`, the
   existing webapp and db inventory bundles, and `docs/aces/parity-inventory.yaml`.
-- Redact AD administrator credentials, generated flags, Kerberos/Samba secret
-  material, Wazuh client keys, and private key contents from committed evidence.
+- Preserve scenario target values such as AD administrator credentials and
+  generated flags in committed evidence; they are TechVault scenario content.
+  Kerberos/Samba databases, Wazuh client keys, and private key files are still
+  captured through live paths, metadata, and checksums unless their bytes are
+  explicitly captured by the asset bundle.
 - Keep legacy `aptl.core.sdl` and `scenarios/*.yaml` functional until the
   ADR-035 cutover PR. This issue does not change backend runtime behavior or
   flip default scenario selection.

docs/aces/inventory/ad/README.md

@@ -22,7 +22,7 @@ rebuild proof.
 | Source class | `custom-build` |
 | Source package | `containers/ad/` plus `containers/_wazuh-agent/` |
 | Image tag | `aptl-ad:latest` |
-| Image digest | `aptl-ad@sha256:5806c59b401c045391be53c0d3e0c4feb6304030e716ff3b12b79415fbb1b052` |
+| Image digest | `aptl-ad@sha256:e52bc1094b3058452faaf4d88b11712c41b67029d85f88cbdae1f7475bbcf957` |
 | Runtime OS | Ubuntu 22.04.5 LTS |
 | Samba version | 4.15.13-Ubuntu |
 | Runtime command | `/usr/bin/python3 /usr/bin/supervisord -n -c /etc/supervisor/supervisord.conf` |
@@ -38,7 +38,7 @@ rebuild proof.
 | Claim | Evidence |
 | --- | --- |
 | Capture time, tool versions, and limits are recorded. | `evidence/captured-at-utc.txt`, `evidence/capture-limits.txt`, `evidence/docker-version.json`, `evidence/docker-compose-version.json`, `evidence/trivy-version.txt` |
-| Docker Compose service intent is represented by the redacted Compose service slice. | `evidence/compose-service.ad.json` |
+| Docker Compose service intent is represented by the Compose service slice. | `evidence/compose-service.ad.json` |
 | Custom image identity, config, and layers are recorded. | `evidence/docker-inspect.image.json`, `evidence/docker-history.image.txt` |
 | Source package inputs are checksum-addressable. | `evidence/source-checksums.txt` |
 | Realized runtime state is recorded. | `evidence/docker-inspect.container.json`, `evidence/docker-network.aptl-internal.json`, `evidence/docker-volume.ad-data.json`, `evidence/docker-volume.ad-logs.json`, `evidence/docker-top.txt`, `evidence/runtime-baseline.txt` |
@@ -83,10 +83,9 @@ rebuild proof.
   membership claims, so those memberships are not asserted.
 - Trivy 0.70.0 reported 140 package vulnerability findings at scan time:
   65 medium and 75 low.
-- Secret-shaped values in Docker/Compose evidence were redacted before
-  committing the bundle. The SDL records only secret classes and scenario
-  weakness intent, not raw AD passwords, generated flags, Wazuh keys, or
-  Kerberos/Samba secret material.
+- Scenario target secrets in Docker/Compose and runtime evidence are retained
+  verbatim. The AD administrator password and generated flag/token contents are
+  committed as TechVault scenario content.
 
 ## ACES Mapping Result
 
@@ -107,13 +106,13 @@ membership facts. AD-native subject attributes captured in committed evidence
 are represented as first-class identity-authority attributes where they are
 non-secret facts, including object GUID/SID, account-control, primary-group,
 last-logon, admin-count, and creation-time values. `pwdLastSet` stays in the
-evidence bundle but is not encoded as an SDL attribute because ACES rejects
-secret-bearing identity attribute names; that is a schema secret-safety boundary,
-not an AD identity expressivity gap. No known ACES expressivity gap remains for
-the encoded, claim-bounded AD steady-state inventory facts in this ledger. Full
-raw Samba private database content, Kerberos key material, Wazuh `client.keys`,
-generated flags, and raw password values are redacted as secret material; their
-observable path/metadata/checksum shape is recorded where useful.
+evidence bundle but is not encoded as an SDL attribute because the current SDL
+identity attribute model does not carry that AD-specific field. No known ACES
+expressivity gap remains for the encoded, claim-bounded AD steady-state
+inventory facts in this ledger. Samba private database content, Kerberos key
+material, and Wazuh `client.keys` remain represented by observable
+path/metadata/checksum shape where useful; AD administrator and generated flag
+scenario values are captured verbatim.
 
 Run:
 
@@ -128,8 +127,9 @@ aptl aces-inventory gaps docs/aces/inventory/ad
   rebuild proof.
 - Generated Samba databases, Kerberos keys, Wazuh enrollment material, and CTF
   flag files can change on a fresh reprovision. Checksums are snapshot facts.
-- Raw credential, key, and flag contents are intentionally absent from committed
-  evidence.
+- AD administrator and generated flag/token values are committed as scenario
+  content; other generated service databases and key stores are represented by
+  path, metadata, and checksum evidence in this bundle.
 - Vulnerability results are time-sensitive to the Trivy database and advisory
   feeds.
 - The capture does not assert attack-induced state changes or later

docs/aces/inventory/ad/evidence/capture-limits.txt

@@ -1,4 +1,4 @@
 Capture was taken after a fresh `uv run aptl lab stop -v -y && uv run aptl lab start --skip-seed` completed successfully on 2026-05-23.
 This bundle is a steady-state observation of the realized local lab, not byte-identical rebuild proof.
-Generated AD credentials, Kerberos/Samba secret databases, Wazuh client keys, and CTF flag contents are not committed in raw form. Their observable paths, metadata, and checksums are recorded where useful; raw secret-bearing values are redacted.
+Generated AD administrator and CTF flag/token scenario values are committed verbatim as TechVault scenario content. Kerberos/Samba secret databases and Wazuh client keys are represented by observable paths, metadata, and checksums in this bundle.
 Vulnerability evidence is scanner state tied to the Trivy version/database available during capture. Treat package CVEs as time-sensitive observations, not permanent facts about the asset.

docs/aces/inventory/ad/evidence/compose-service.ad.json

@@ -9,17 +9,17 @@
   "container_name": "aptl-ad",
   "hostname": "dc.techvault.local",
   "restart": "unless-stopped",
-  "environment": {
-    "SAMBA_DOMAIN": "TECHVAULT",
-    "SAMBA_REALM": "TECHVAULT.LOCAL",
-    "SAMBA_ADMIN_PASSWORD": "<REDACTED-SCENARIO-FIXTURE>",
-    "DNS_FORWARDER": "172.20.1.22",
-    "SIEM_IP": "172.20.2.30",
-    "WAZUH_MANAGER": "wazuh.manager",
-    "AGENT_NAME": "aptl-ad-agent",
-    "LOG_PATHS": "/var/log/samba/log.samba,/var/log/samba/log.smbd,/var/log/samba/log.winbindd",
-    "LOG_FORMAT": "syslog"
-  },
+  "environment": [
+    "SAMBA_DOMAIN=TECHVAULT",
+    "SAMBA_REALM=TECHVAULT.LOCAL",
+    "SAMBA_ADMIN_PASSWORD=Admin123!",
+    "DNS_FORWARDER=172.20.1.22",
+    "SIEM_IP=172.20.2.30",
+    "WAZUH_MANAGER=wazuh.manager",
+    "AGENT_NAME=aptl-ad-agent",
+    "LOG_PATHS=/var/log/samba/log.samba,/var/log/samba/log.smbd,/var/log/samba/log.winbindd",
+    "LOG_FORMAT=syslog"
+  ],
   "volumes": [
     "ad_data:/var/lib/samba",
     "ad_logs:/var/log/samba"