Review scope
Trace one committed config-change investigation summary item to the schema contract named in docs/evidence-pipeline-contract.md.
Sample input
Use the CCI-003 object in demos/config-change-investigation-demo/artifacts/investigation_summary.json.
Key fields:
{
"investigation_id": "CCI-003",
"severity": "high",
"target_system": "vault-gateway",
"triggering_change_id": "cfg-004",
"evidence_counts": {
"policy_denials": 0,
"follow_on_events": 0
}
}
Expected output
schemas/investigation_summary.schema.json should make the object reviewable without adding production meaning:
investigation_id matches ^CCI-[0-9]{3}$
severity is one of the documented enum values
evidence_counts.policy_denials and evidence_counts.follow_on_events are non-negative integers
- the artifact remains a bounded evidence summary, not an incident verdict
Acceptance criteria
- Name the artifact path and schema path.
- Confirm whether
CCI-003 satisfies the schema fields above.
- Note any unclear field meaning or documentation route with a small correction.
- Do not expand the five-demo matrix or add live telemetry behavior.
Boundaries
Use committed synthetic artifacts only. This is a schema/documentation review, not a request for production integrations, live telemetry, or final incident conclusions.
Review scope
Trace one committed config-change investigation summary item to the schema contract named in
docs/evidence-pipeline-contract.md.Sample input
Use the
CCI-003object indemos/config-change-investigation-demo/artifacts/investigation_summary.json.Key fields:
{ "investigation_id": "CCI-003", "severity": "high", "target_system": "vault-gateway", "triggering_change_id": "cfg-004", "evidence_counts": { "policy_denials": 0, "follow_on_events": 0 } }Expected output
schemas/investigation_summary.schema.jsonshould make the object reviewable without adding production meaning:investigation_idmatches^CCI-[0-9]{3}$severityis one of the documented enum valuesevidence_counts.policy_denialsandevidence_counts.follow_on_eventsare non-negative integersAcceptance criteria
CCI-003satisfies the schema fields above.Boundaries
Use committed synthetic artifacts only. This is a schema/documentation review, not a request for production integrations, live telemetry, or final incident conclusions.