CI/CD authority graph analyzer: how credentials, tokens, and artifacts propagate across pipelines—implicit trust-boundary breaks and non-obvious privilege escalation. Graph-first; not a YAML linter, generic scanner, or policy engine.
Deterministic authority graph and propagation engine for CI/CD: typed nodes, trust zones, and edges for how credentials and identities flow—used by graph analysis, not standalone linting.
Stable wire types for taudit JSON / SARIF / CloudEvents output. Public contract for downstream consumers (tsign, axiom, custom integrations). 0.x: contract is not frozen — review on every minor bump until 1.0.
Parses Bitbucket Pipelines YAML into taudit typed authority graphs for CI/CD propagation and trust-boundary analysis.
CloudEvents JSONL sink: one event per graph-derived finding from taudit CI/CD authority analysis.
SARIF 2.1.0 adapter for graph-backed pipeline findings from taudit (downstream of authority analysis).
Parses Azure DevOps YAML into taudit typed authority graphs for CI/CD propagation and trust-boundary analysis.
Parses GitHub Actions YAML into taudit typed authority graphs for CI/CD propagation and trust-boundary analysis.
Parses GitLab CI YAML into taudit typed authority graphs for CI/CD propagation and trust-boundary analysis.
JSON report: typed authority graph and propagation-backed findings for taudit.
Terminal rendering of authority propagation paths and graph-backed findings for taudit.
CLI for the Cortex supervisory memory substrate.