docs(05): create phase 5 verification engine plans
This commit is contained in:
salvacybersec
@@ -120,7 +120,14 @@ Plans:
|
||||
3. `keyhunter scan --verify` extracts and displays org name, rate limit tier, and available permissions when the provider API returns them
|
||||
4. `--verify-timeout=30s` changes the per-key verification timeout from the default 10s
|
||||
5. A `LEGAL.md` file shipping with the binary documents the legal implications of using `--verify`
|
||||
**Plans**: TBD
|
||||
**Plans**: 5 plans
|
||||
|
||||
Plans:
|
||||
- [ ] 05-01-PLAN.md — Wave 0: extend VerifySpec schema, Finding struct, storage schema; add gjson dep
|
||||
- [ ] 05-02-PLAN.md — LEGAL.md + pkg/legal embed + consent prompt + keyhunter legal command
|
||||
- [ ] 05-03-PLAN.md — pkg/verify HTTPVerifier: template sub, gjson metadata extraction, ants pool
|
||||
- [ ] 05-04-PLAN.md — Update 12 Tier 1 provider YAMLs with extended verify specs + guardrail test
|
||||
- [ ] 05-05-PLAN.md — cmd/scan.go --verify wiring + --verify-timeout/workers flags + output verify column
|
||||
|
||||
### Phase 6: Output, Reporting & Key Management
|
||||
**Goal**: Users can consume scan results in any format they need and perform full lifecycle management of stored keys — listing, inspecting, exporting, copying, and deleting
|
||||
|
||||
Reference in New Issue
Block a user