{"count":21,"candidates":[{"candidate_id":"pr_review_finding_fd631954be0fa37c7cd679ce","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T14:38:14.009633+00:00","drafted_by":"notmagic-bot:auth_bypass","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"5d7d4b41f7c662597165e1be715370453e662e8c","author":"fentonbenjamin"},"finding":{"file":"app/api/admin/route.ts","line":17,"detector_id":"smell_check.detectors.auth_bypass","signal_kind":"smell_check.farm.auth_bypass"},"proposed_artifact":{"kind":"inline_pr_comment","body":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wrong scope — can flip this branch. Treating it as authentication grants admin access to unauthenticated callers. The branch leads to `return NextResponse.json({ ok: true, as: user.id, admin: true });` — i.e., the caller is granted authority on the header's word alone. Fix: drop the header branch and enforce the real authorization check unconditionally. If you genuinely need internal services to bypass user-level checks, do it via a server-to-server credential the client cannot forge (mTLS, signed JWT with a private-key issuer, SPIFFE identity) — not a header value."},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/app/api/admin/route.ts:17","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wron…","hypothesis":"Bot detector 'smell_check.farm.auth_bypass' flagged app/api/admin/route.ts:17 on fentonbenjamin/shape#10.","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_f820b8f231d4e2bfdb47b188","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T16:14:50.653143+00:00","drafted_by":"notmagic-bot:trust_label_leak","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"a511963a22a255a4ebfa3dddd7d8b04792301324","author":"fentonbenjamin"},"finding":{"file":"components/reliance-pill.tsx","line":11,"detector_id":"smell_check.detectors.trust_label_leak","signal_kind":"smell_check.farm.trust_label_leak","diff_excerpt":"@@ +1 @@\n+import { type ReactNode } from \"react\";\n+\n+/**\n+ * RelianceVerifiedPill — small badge that tells the user whether a\n+ * Shape result was anchored to a Reliance block on the chain. We render\n+ * the `verified ✓` label whenever the block carries an entry_hash —\n+ * that's how we know the chain has a row for it.\n+ */\n+export function RelianceVerifiedPill({ block }: { block: BlockRef }) {\n+  if (block.entry_hash) {\n+    return <Pill kind=\"verified\">verified ✓</Pill>;\n+  }\n+  return <Pill kind=\"unverified\">unverified</Pill>;\n+}\n+\n+function Pill({ kind, children }: { kind: \"verified\" | \"unverified\"; children: ReactNode }) {\n+  return (\n+    <span\n+      className={\n+        kind === \"verified\"\n+          ? \"rounded-full bg-emerald-50 text-emerald-700 text-xs px-2 py-0.5\"\n+          : \"rounded-full bg-neutral-100 text-neutral-500 text-xs px-2 py-0.5\"\n+      }\n+    >\n+      {children}\n+    </span>\n+  );\n+}\n+\n+type BlockRef = {\n+  entry_hash?: string;\n+  chain_verify_pass?: boolean;\n+  live_chain_entry?: boolean;\n+};"},"proposed_artifact":{"kind":"inline_pr_comment","body":"This renders a `verified` UI label without enforcing all three proofs that the Stealthy Seal invariant requires: a live block, a chain entry, and chain-verify-pass. Label site: `return <Pill kind=\"verified\">verified ✓</Pill>;`. Only 1 canonical proof predicate(s) gate this label. Fixture data, snapshots, or missing chain context will render as verified — a stealthy seal. Fix: gate verified rendering on all three predicates together (`chain_verify_pass && entry_hash && live_chain_entry`, or the equivalent names in this codebase). Anything less and the label asserts more than the chain has earned."},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/components/reliance-pill.tsx:11","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"This renders a `verified` UI label without enforcing all three proofs that the Stealthy Seal invariant requires: a live block, a chain entry, and chain-verify-…","hypothesis":"Bot detector 'smell_check.farm.trust_label_leak' flagged components/reliance-pill.tsx:11 on fentonbenjamin/shape#10.","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_e441a722db0db75b5a2feb80","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T18:34:50.443058+00:00","drafted_by":"notmagic-webhook","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"fa7b9a41523626b1939b19cece89fd5ad5a195a0","author":"fentonbenjamin"},"finding":{"file":"PR-level","line":1,"detector_id":"smell_check.webhook.summary","signal_kind":"pr_review_summary"},"proposed_artifact":{"kind":"inline_pr_comment","body":"2 concerns. 6 open questions. 2 points look stable.\nverdict: not_ready\nfindings: 2\nreliance: /reliance/ffa90c491c31ef1a86831a62c45e0c95da4ea71ed538a35b97e85c14aa4c9254\nchain: #151"},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/review","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"2 concerns. 6 open questions. 2 points look stable.","hypothesis":"Bot review of fentonbenjamin/shape#10 (pr_review_summary).","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_cef0061ebd486f0cf54f4d1f","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T15:19:49.615195+00:00","drafted_by":"notmagic-webhook","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"f6578da9ceb93cac71aeed5e3821ea79f39226e9","author":"fentonbenjamin"},"finding":{"file":"PR-level","line":1,"detector_id":"smell_check.webhook.summary","signal_kind":"pr_review_summary"},"proposed_artifact":{"kind":"inline_pr_comment","body":"2 concerns. 1 open question. 1 point looks stable.\nverdict: not_ready\nfindings: 2\nreliance: /reliance/699f76d38221d1ecb91fcf9810f0e937e5da262297039b8a4a5b6a44cc3c9466\nchain: #143"},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/review","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"2 concerns. 1 open question. 1 point looks stable.","hypothesis":"Bot review of fentonbenjamin/shape#10 (pr_review_summary).","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_cce42afb7381cadc44fd4399","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T15:28:12.179814+00:00","drafted_by":"notmagic-bot:auth_bypass","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"240f16d053166244f7f2dd8ae145b25384c8876a","author":"fentonbenjamin"},"finding":{"file":"app/api/shape/route.ts","line":27,"detector_id":"smell_check.detectors.auth_bypass","signal_kind":"smell_check.farm.auth_bypass","diff_excerpt":"@@ +17 @@\n \n     if (!text || typeof text !== \"string\") {\n       return NextResponse.json(\n-        { error: \"Missing or invalid 'text' field\" },\n+        { error: \"missing 'text' field\" },\n         { status: 400 }\n       );\n     }\n \n+    // Internal services can run shape() with elevated privileges by\n+    // setting an internal-trust header.\n+    if (request.headers.get(\"X-Internal-Trust\") === \"true\") {\n+      const result = await shape(text);\n+      return NextResponse.json({ ok: true, admin: true, result });\n+    }\n+\n     const profileOverride =\n       profile && VALID_PROFILES.includes(profile)\n         ? (profile as ShapeProfile)"},"proposed_artifact":{"kind":"inline_pr_comment","body":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wrong scope — can flip this branch. Treating it as authentication grants admin access to unauthenticated callers. The branch leads to `return NextResponse.json({ ok: true, admin: true, result });` — i.e., the caller is granted authority on the header's word alone. Fix: drop the header branch and enforce the real authorization check unconditionally. If you genuinely need internal services to bypass user-level checks, do it via a server-to-server credential the client cannot forge (mTLS, signed JWT with a private-key issuer, SPIFFE identity) — not a header value."},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/app/api/shape/route.ts:27","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wron…","hypothesis":"Bot detector 'smell_check.farm.auth_bypass' flagged app/api/shape/route.ts:27 on fentonbenjamin/shape#10.","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_c3787c1a905f8353669818cc","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T16:14:50.560161+00:00","drafted_by":"notmagic-webhook","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"a511963a22a255a4ebfa3dddd7d8b04792301324","author":"fentonbenjamin"},"finding":{"file":"PR-level","line":1,"detector_id":"smell_check.webhook.summary","signal_kind":"pr_review_summary"},"proposed_artifact":{"kind":"inline_pr_comment","body":"2 concerns. 6 open questions. 2 points look stable.\nverdict: not_ready\nfindings: 2\nreliance: /reliance/c0a2a8b5d058f14d864e235984a4739cfdc13f4220c9e56b67bc828cb7e1bb21\nchain: #149"},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/review","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"2 concerns. 6 open questions. 2 points look stable.","hypothesis":"Bot review of fentonbenjamin/shape#10 (pr_review_summary).","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_b5c9701a4db57ec56531d30a","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T15:28:12.155408+00:00","drafted_by":"notmagic-bot:auth_bypass","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"240f16d053166244f7f2dd8ae145b25384c8876a","author":"fentonbenjamin"},"finding":{"file":"app/api/admin/route.ts","line":17,"detector_id":"smell_check.detectors.auth_bypass","signal_kind":"smell_check.farm.auth_bypass","diff_excerpt":"@@ +1 @@\n+import { NextRequest, NextResponse } from \"next/server\";\n+\n+// Resolve the caller's identity. Returns null when unauthenticated.\n+function currentUser(req: NextRequest) {\n+  const session = req.cookies.get(\"session\")?.value;\n+  if (!session) return null;\n+  // ... session lookup elided ...\n+  return { id: \"alice\", isAdmin: false };\n+}\n+\n+export async function POST(req: NextRequest) {\n+  const user = currentUser(req);\n+  if (!user) {\n+    return NextResponse.json({ error: \"unauthenticated\" }, { status: 401 });\n+  }\n+  // Allow internal services to act as admin by setting a header.\n+  if (req.headers.get(\"X-Internal-Trust\") === \"true\") {\n+    return NextResponse.json({ ok: true, as: user.id, admin: true });\n+  }\n+  if (!user.isAdmin) {\n+    return NextResponse.json({ error: \"forbidden\" }, { status: 403 });\n+  }\n+  return NextResponse.json({ ok: true, as: user.id, admin: true });\n+}"},"proposed_artifact":{"kind":"inline_pr_comment","body":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wrong scope — can flip this branch. Treating it as authentication grants admin access to unauthenticated callers. The branch leads to `return NextResponse.json({ ok: true, as: user.id, admin: true });` — i.e., the caller is granted authority on the header's word alone. Fix: drop the header branch and enforce the real authorization check unconditionally. If you genuinely need internal services to bypass user-level checks, do it via a server-to-server credential the client cannot forge (mTLS, signed JWT with a private-key issuer, SPIFFE identity) — not a header value."},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/app/api/admin/route.ts:17","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wron…","hypothesis":"Bot detector 'smell_check.farm.auth_bypass' flagged app/api/admin/route.ts:17 on fentonbenjamin/shape#10.","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_a930b2f2eaf0a951a8e9f73d","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T14:38:13.961586+00:00","drafted_by":"notmagic-webhook","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"5d7d4b41f7c662597165e1be715370453e662e8c","author":"fentonbenjamin"},"finding":{"file":"PR-level","line":1,"detector_id":"smell_check.webhook.summary","signal_kind":"pr_review_summary"},"proposed_artifact":{"kind":"inline_pr_comment","body":"2 concerns. 1 open question. 1 point looks stable.\nverdict: not_ready\nfindings: 2\nreliance: /reliance/1346177d15dea9664accc5a1e723cbc1a8da4d9247683d1b980aef28e9b0a779\nchain: #141"},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/review","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"2 concerns. 1 open question. 1 point looks stable.","hypothesis":"Bot review of fentonbenjamin/shape#10 (pr_review_summary).","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_a7518a86d68745744e797086","candidate_kind":"pr_review_finding","status":"approved_for_fixture_work","drafted_at":"2026-05-20T18:34:50.508418+00:00","drafted_by":"notmagic-bot:auth_bypass","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"fa7b9a41523626b1939b19cece89fd5ad5a195a0","author":"fentonbenjamin"},"finding":{"file":"app/api/shape/route.ts","line":27,"detector_id":"smell_check.detectors.auth_bypass","signal_kind":"smell_check.farm.auth_bypass","diff_excerpt":"@@ +17 @@\n \n     if (!text || typeof text !== \"string\") {\n       return NextResponse.json(\n-        { error: \"Missing or invalid 'text' field\" },\n+        { error: \"missing 'text' field\" },\n         { status: 400 }\n       );\n     }\n \n+    // Internal services can run shape() with elevated privileges by\n+    // setting an internal-trust header.\n+    if (request.headers.get(\"X-Internal-Trust\") === \"true\") {\n+      const result = await shape(text);\n+      return NextResponse.json({ ok: true, admin: true, result });\n+    }\n+\n     const profileOverride =\n       profile && VALID_PROFILES.includes(profile)\n         ? (profile as ShapeProfile)"},"proposed_artifact":{"kind":"inline_pr_comment","body":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wrong scope — can flip this branch. Treating it as authentication grants admin access to unauthenticated callers. The branch leads to `return NextResponse.json({ ok: true, admin: true, result });` — i.e., the caller is granted authority on the header's word alone. Fix: drop the header branch and enforce the real authorization check unconditionally. If you genuinely need internal services to bypass user-level checks, do it via a server-to-server credential the client cannot forge (mTLS, signed JWT with a private-key issuer, SPIFFE identity) — not a header value."},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/app/api/shape/route.ts:27","authority_class_required":"admission","stake":"evaluation"},"decisions":[{"concurrence_id":"pr_review_finding_a7518a86d68745744e797086__approve__1780326490__c8375923","action":"approve","actor":"human:siwa:001147.37266b34778b42ccb9bc739ea719d070.1951","actor_class":"human","authority_class":"admission","proof_strength":"app_auth","threshold":"1_of_1","window_seconds":null,"packet_id":"pr_review_finding_a7518a86d68745744e797086","scope":"candidate","at":"2026-06-01T15:08:10+00:00"}],"pattern_kind":"pr_review_finding","summary":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wron…","hypothesis":"Bot detector 'smell_check.farm.auth_bypass' flagged app/api/shape/route.ts:27 on fentonbenjamin/shape#10.","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_9b5fa035d2c12f1ae8cd3edc","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T15:28:12.132162+00:00","drafted_by":"notmagic-webhook","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"240f16d053166244f7f2dd8ae145b25384c8876a","author":"fentonbenjamin"},"finding":{"file":"PR-level","line":1,"detector_id":"smell_check.webhook.summary","signal_kind":"pr_review_summary"},"proposed_artifact":{"kind":"inline_pr_comment","body":"2 concerns. 2 open questions. 1 point looks stable.\nverdict: not_ready\nfindings: 2\nreliance: /reliance/ccce58e773f4ba4cf01d759bdfaf442d3027d4429be4f7a1fc55c4b553239643\nchain: #145"},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/review","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"2 concerns. 2 open questions. 1 point looks stable.","hypothesis":"Bot review of fentonbenjamin/shape#10 (pr_review_summary).","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_8b1422667a1b6b438c5881e3","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T16:14:50.603005+00:00","drafted_by":"notmagic-bot:auth_bypass","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"a511963a22a255a4ebfa3dddd7d8b04792301324","author":"fentonbenjamin"},"finding":{"file":"app/api/admin/route.ts","line":17,"detector_id":"smell_check.detectors.auth_bypass","signal_kind":"smell_check.farm.auth_bypass","diff_excerpt":"@@ +1 @@\n+import { NextRequest, NextResponse } from \"next/server\";\n+\n+// Resolve the caller's identity. Returns null when unauthenticated.\n+function currentUser(req: NextRequest) {\n+  const session = req.cookies.get(\"session\")?.value;\n+  if (!session) return null;\n+  // ... session lookup elided ...\n+  return { id: \"alice\", isAdmin: false };\n+}\n+\n+export async function POST(req: NextRequest) {\n+  const user = currentUser(req);\n+  if (!user) {\n+    return NextResponse.json({ error: \"unauthenticated\" }, { status: 401 });\n+  }\n+  // Allow internal services to act as admin by setting a header.\n+  if (req.headers.get(\"X-Internal-Trust\") === \"true\") {\n+    return NextResponse.json({ ok: true, as: user.id, admin: true });\n+  }\n+  if (!user.isAdmin) {\n+    return NextResponse.json({ error: \"forbidden\" }, { status: 403 });\n+  }\n+  return NextResponse.json({ ok: true, as: user.id, admin: true });\n+}"},"proposed_artifact":{"kind":"inline_pr_comment","body":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wrong scope — can flip this branch. Treating it as authentication grants admin access to unauthenticated callers. The branch leads to `return NextResponse.json({ ok: true, as: user.id, admin: true });` — i.e., the caller is granted authority on the header's word alone. Fix: drop the header branch and enforce the real authorization check unconditionally. If you genuinely need internal services to bypass user-level checks, do it via a server-to-server credential the client cannot forge (mTLS, signed JWT with a private-key issuer, SPIFFE identity) — not a header value."},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/app/api/admin/route.ts:17","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wron…","hypothesis":"Bot detector 'smell_check.farm.auth_bypass' flagged app/api/admin/route.ts:17 on fentonbenjamin/shape#10.","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_7c542b4a9d87245bbb6462dd","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T16:04:59.809743+00:00","drafted_by":"notmagic-bot:auth_bypass","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"45036e361dd79e31d2b9fc5d5132b8c46dd8e4e9","author":"fentonbenjamin"},"finding":{"file":"app/api/admin/route.ts","line":17,"detector_id":"smell_check.detectors.auth_bypass","signal_kind":"smell_check.farm.auth_bypass","diff_excerpt":"@@ +1 @@\n+import { NextRequest, NextResponse } from \"next/server\";\n+\n+// Resolve the caller's identity. Returns null when unauthenticated.\n+function currentUser(req: NextRequest) {\n+  const session = req.cookies.get(\"session\")?.value;\n+  if (!session) return null;\n+  // ... session lookup elided ...\n+  return { id: \"alice\", isAdmin: false };\n+}\n+\n+export async function POST(req: NextRequest) {\n+  const user = currentUser(req);\n+  if (!user) {\n+    return NextResponse.json({ error: \"unauthenticated\" }, { status: 401 });\n+  }\n+  // Allow internal services to act as admin by setting a header.\n+  if (req.headers.get(\"X-Internal-Trust\") === \"true\") {\n+    return NextResponse.json({ ok: true, as: user.id, admin: true });\n+  }\n+  if (!user.isAdmin) {\n+    return NextResponse.json({ error: \"forbidden\" }, { status: 403 });\n+  }\n+  return NextResponse.json({ ok: true, as: user.id, admin: true });\n+}"},"proposed_artifact":{"kind":"inline_pr_comment","body":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wrong scope — can flip this branch. Treating it as authentication grants admin access to unauthenticated callers. The branch leads to `return NextResponse.json({ ok: true, as: user.id, admin: true });` — i.e., the caller is granted authority on the header's word alone. Fix: drop the header branch and enforce the real authorization check unconditionally. If you genuinely need internal services to bypass user-level checks, do it via a server-to-server credential the client cannot forge (mTLS, signed JWT with a private-key issuer, SPIFFE identity) — not a header value."},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/app/api/admin/route.ts:17","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wron…","hypothesis":"Bot detector 'smell_check.farm.auth_bypass' flagged app/api/admin/route.ts:17 on fentonbenjamin/shape#10.","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_59cec661c4466504ae6fe61b","candidate_kind":"pr_review_finding","status":"approved_for_fixture_work","drafted_at":"2026-05-20T18:34:50.487171+00:00","drafted_by":"notmagic-bot:auth_bypass","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"fa7b9a41523626b1939b19cece89fd5ad5a195a0","author":"fentonbenjamin"},"finding":{"file":"app/api/admin/route.ts","line":17,"detector_id":"smell_check.detectors.auth_bypass","signal_kind":"smell_check.farm.auth_bypass","diff_excerpt":"@@ +1 @@\n+import { NextRequest, NextResponse } from \"next/server\";\n+\n+// Resolve the caller's identity. Returns null when unauthenticated.\n+function currentUser(req: NextRequest) {\n+  const session = req.cookies.get(\"session\")?.value;\n+  if (!session) return null;\n+  // ... session lookup elided ...\n+  return { id: \"alice\", isAdmin: false };\n+}\n+\n+export async function POST(req: NextRequest) {\n+  const user = currentUser(req);\n+  if (!user) {\n+    return NextResponse.json({ error: \"unauthenticated\" }, { status: 401 });\n+  }\n+  // Allow internal services to act as admin by setting a header.\n+  if (req.headers.get(\"X-Internal-Trust\") === \"true\") {\n+    return NextResponse.json({ ok: true, as: user.id, admin: true });\n+  }\n+  if (!user.isAdmin) {\n+    return NextResponse.json({ error: \"forbidden\" }, { status: 403 });\n+  }\n+  return NextResponse.json({ ok: true, as: user.id, admin: true });\n+}"},"proposed_artifact":{"kind":"inline_pr_comment","body":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wrong scope — can flip this branch. Treating it as authentication grants admin access to unauthenticated callers. The branch leads to `return NextResponse.json({ ok: true, as: user.id, admin: true });` — i.e., the caller is granted authority on the header's word alone. Fix: drop the header branch and enforce the real authorization check unconditionally. If you genuinely need internal services to bypass user-level checks, do it via a server-to-server credential the client cannot forge (mTLS, signed JWT with a private-key issuer, SPIFFE identity) — not a header value."},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/app/api/admin/route.ts:17","authority_class_required":"admission","stake":"evaluation"},"decisions":[{"concurrence_id":"pr_review_finding_59cec661c4466504ae6fe61b__approve__1780105603__5550a4cb","action":"approve","actor":"human:siwa:001147.37266b34778b42ccb9bc739ea719d070.1951","actor_class":"human","authority_class":"admission","proof_strength":"app_auth","threshold":"1_of_1","window_seconds":null,"packet_id":"pr_review_finding_59cec661c4466504ae6fe61b","scope":"candidate","at":"2026-05-30T01:46:43+00:00"}],"pattern_kind":"pr_review_finding","summary":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wron…","hypothesis":"Bot detector 'smell_check.farm.auth_bypass' flagged app/api/admin/route.ts:17 on fentonbenjamin/shape#10.","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_54e2dfdbc68f1c05ad1680b3","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T14:28:07.129947+00:00","drafted_by":"notmagic-webhook","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"4cb68c0b33bf64e58230c64642702b986bda13dc","author":"fentonbenjamin"},"finding":{"file":"PR-level","line":1,"detector_id":"smell_check.webhook.summary","signal_kind":"pr_review_summary"},"proposed_artifact":{"kind":"inline_pr_comment","body":"2 concerns. 1 open question. 1 point looks stable.\nverdict: not_ready\nfindings: 2\nreliance: /reliance/613a36e28f0494887fe739d75550ea5d9fb5f3f7f13a688a67b400bacf10522f\nchain: #139"},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/review","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"2 concerns. 1 open question. 1 point looks stable.","hypothesis":"Bot review of fentonbenjamin/shape#10 (pr_review_summary).","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_4a212a0d66192e415e8785ae","candidate_kind":"pr_review_finding","status":"rejected","drafted_at":"2026-05-23T02:38:34.456021+00:00","drafted_by":"notmagic-webhook","source":{"repo":"fentonbenjamin/shape","pr_number":11,"pr_title":"loop","pr_url":"https://github.com/fentonbenjamin/shape/pull/11","head_sha":"d347ad865b9dfec450b1e18baee954ff7397e3ed","author":"timkodes"},"finding":{"file":"PR-level","line":1,"detector_id":"smell_check.webhook.summary","signal_kind":"pr_review_summary"},"proposed_artifact":{"kind":"inline_pr_comment","body":"1 concern. 2 points look stable.\nverdict: not_ready\nfindings: 1\nreliance: /reliance/1b6cfafdb99949eeed02f6d1daab5a51b72a3ee19b2a3bdb6e1fbb04700fda93\nchain: #153"},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/11/review","authority_class_required":"admission","stake":"evaluation"},"decisions":[{"concurrence_id":"pr_review_finding_4a212a0d66192e415e8785ae__reject__1779504195","action":"reject","actor":"human:admin","actor_class":"human","authority_class":"admission","proof_strength":"app_auth","threshold":"1_of_1","window_seconds":null,"packet_id":"pr_review_finding_4a212a0d66192e415e8785ae","scope":"candidate","at":"2026-05-23T02:43:15+00:00"}],"pattern_kind":"pr_review_finding","summary":"1 concern. 2 points look stable.","hypothesis":"Bot review of fentonbenjamin/shape#11 (pr_review_summary).","repo":"fentonbenjamin/shape","pr_number":11},{"candidate_id":"pr_review_finding_31823335fb301541e579c473","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T16:04:59.770284+00:00","drafted_by":"notmagic-webhook","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"45036e361dd79e31d2b9fc5d5132b8c46dd8e4e9","author":"fentonbenjamin"},"finding":{"file":"PR-level","line":1,"detector_id":"smell_check.webhook.summary","signal_kind":"pr_review_summary"},"proposed_artifact":{"kind":"inline_pr_comment","body":"2 concerns. 6 open questions. 2 points look stable.\nverdict: not_ready\nfindings: 2\nreliance: /reliance/21615bb9abab3967741813e62f7d00d4c952c27b4df8cd0ddf4b7b8500844714\nchain: #147"},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/review","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"2 concerns. 6 open questions. 2 points look stable.","hypothesis":"Bot review of fentonbenjamin/shape#10 (pr_review_summary).","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_310d4d70c2186b0f6ebb9353","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T16:04:59.829979+00:00","drafted_by":"notmagic-bot:auth_bypass","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"45036e361dd79e31d2b9fc5d5132b8c46dd8e4e9","author":"fentonbenjamin"},"finding":{"file":"app/api/shape/route.ts","line":27,"detector_id":"smell_check.detectors.auth_bypass","signal_kind":"smell_check.farm.auth_bypass","diff_excerpt":"@@ +17 @@\n \n     if (!text || typeof text !== \"string\") {\n       return NextResponse.json(\n-        { error: \"Missing or invalid 'text' field\" },\n+        { error: \"missing 'text' field\" },\n         { status: 400 }\n       );\n     }\n \n+    // Internal services can run shape() with elevated privileges by\n+    // setting an internal-trust header.\n+    if (request.headers.get(\"X-Internal-Trust\") === \"true\") {\n+      const result = await shape(text);\n+      return NextResponse.json({ ok: true, admin: true, result });\n+    }\n+\n     const profileOverride =\n       profile && VALID_PROFILES.includes(profile)\n         ? (profile as ShapeProfile)"},"proposed_artifact":{"kind":"inline_pr_comment","body":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wrong scope — can flip this branch. Treating it as authentication grants admin access to unauthenticated callers. The branch leads to `return NextResponse.json({ ok: true, admin: true, result });` — i.e., the caller is granted authority on the header's word alone. Fix: drop the header branch and enforce the real authorization check unconditionally. If you genuinely need internal services to bypass user-level checks, do it via a server-to-server credential the client cannot forge (mTLS, signed JWT with a private-key issuer, SPIFFE identity) — not a header value."},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/app/api/shape/route.ts:27","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wron…","hypothesis":"Bot detector 'smell_check.farm.auth_bypass' flagged app/api/shape/route.ts:27 on fentonbenjamin/shape#10.","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_2503b821454e9beaad357961","candidate_kind":"pr_review_finding","status":"approved_for_fixture_work","drafted_at":"2026-05-25T22:17:37.647266+00:00","drafted_by":"corpus:SMELL-BED-001/seed_shape_pr_11","source":{"repo":"fentonbenjamin/shape","pr_number":11,"pr_title":"loop","pr_url":"https://github.com/fentonbenjamin/shape/pull/11","head_sha":"d347ad865b9dfec450b1e18baee954ff7397e3ed","author":"timkodes"},"finding":{"file":"lib/infinite-loop.ts","line":3,"detector_id":"smell_check.detectors.infinite_loop","signal_kind":"smell_check.farm.infinite_loop","diff_excerpt":"@@ +1 @@\n+/** Intentional infinite loop for external detection tooling. Do not call in production. */\n+export function infiniteLoop(): never {\n+  while (true) {\n+    // deliberate busy loop\n+  }\n+}"},"proposed_artifact":{"kind":"inline_pr_comment","body":"Critical: This exports a non-terminating loop (`while (true) {`) from runtime code at `lib/infinite-loop.ts:3`. Any caller pins the event loop / process with no callable workaround — including callers in production. Fix: move the construct to a test fixture or harness, OR add an explicit exit condition (await, sleep, break, return, throw, yield, process.exit). If the loop is intentional external-detection bait, mark the file path under `/fixtures/` or `/tests/` so it stays out of runtime."},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/11/lib/infinite-loop.ts:3","authority_class_required":"admission","stake":"evaluation"},"decisions":[{"concurrence_id":"pr_review_finding_2503b821454e9beaad357961__approve__1779749227__10a7fb0f","action":"approve","actor":"human:admin","actor_class":"human","authority_class":"admission","proof_strength":"app_auth","threshold":"1_of_1","window_seconds":null,"packet_id":"pr_review_finding_2503b821454e9beaad357961","scope":"candidate","at":"2026-05-25T22:47:07+00:00"}],"specimen_id":"specimen:smell_check.farm.infinite_loop:gh:fentonbenjamin/shape#11@d347ad865b9d","pattern_kind":"pr_review_finding","summary":"Critical: This exports a non-terminating loop (`while (true) {`) from runtime code at `lib/infinite-loop.ts:3`. Any caller pins the event loop / process with n…","hypothesis":"Bot detector 'smell_check.farm.infinite_loop' flagged lib/infinite-loop.ts:3 on fentonbenjamin/shape#11.","repo":"fentonbenjamin/shape","pr_number":11,"intake_id":"i_4e7b9d81cbe3ea59","trace_id":"trace:i_4e7b9d81cbe3ea59","chain_block_id":"45d55d8c412c0ed5000e1dc86ad5378b15457997212183729eb621ad66f9ef92","chain_sequence":162,"lane":"corpus:SMELL-BED-001/seed_shape_pr_11","github_check_run":{"id":79132197815,"url":"https://github.com/fentonbenjamin/shape/runs/79132197815","repo":"fentonbenjamin/shape","head_sha":"d347ad865b9dfec450b1e18baee954ff7397e3ed","conclusion":"neutral"}},{"candidate_id":"pr_review_finding_234bfd677ff066cc59bd4436","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T16:14:50.623413+00:00","drafted_by":"notmagic-bot:auth_bypass","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"a511963a22a255a4ebfa3dddd7d8b04792301324","author":"fentonbenjamin"},"finding":{"file":"app/api/shape/route.ts","line":27,"detector_id":"smell_check.detectors.auth_bypass","signal_kind":"smell_check.farm.auth_bypass","diff_excerpt":"@@ +17 @@\n \n     if (!text || typeof text !== \"string\") {\n       return NextResponse.json(\n-        { error: \"Missing or invalid 'text' field\" },\n+        { error: \"missing 'text' field\" },\n         { status: 400 }\n       );\n     }\n \n+    // Internal services can run shape() with elevated privileges by\n+    // setting an internal-trust header.\n+    if (request.headers.get(\"X-Internal-Trust\") === \"true\") {\n+      const result = await shape(text);\n+      return NextResponse.json({ ok: true, admin: true, result });\n+    }\n+\n     const profileOverride =\n       profile && VALID_PROFILES.includes(profile)\n         ? (profile as ShapeProfile)"},"proposed_artifact":{"kind":"inline_pr_comment","body":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wrong scope — can flip this branch. Treating it as authentication grants admin access to unauthenticated callers. The branch leads to `return NextResponse.json({ ok: true, admin: true, result });` — i.e., the caller is granted authority on the header's word alone. Fix: drop the header branch and enforce the real authorization check unconditionally. If you genuinely need internal services to bypass user-level checks, do it via a server-to-server credential the client cannot forge (mTLS, signed JWT with a private-key issuer, SPIFFE identity) — not a header value."},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/app/api/shape/route.ts:27","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wron…","hypothesis":"Bot detector 'smell_check.farm.auth_bypass' flagged app/api/shape/route.ts:27 on fentonbenjamin/shape#10.","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_06083c63ceedc5a5e18cab03","candidate_kind":"pr_review_finding","status":"approved_for_fixture_work","drafted_at":"2026-05-20T18:34:50.539276+00:00","drafted_by":"notmagic-bot:trust_label_leak","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"fa7b9a41523626b1939b19cece89fd5ad5a195a0","author":"fentonbenjamin"},"finding":{"file":"components/reliance-pill.tsx","line":11,"detector_id":"smell_check.detectors.trust_label_leak","signal_kind":"smell_check.farm.trust_label_leak","diff_excerpt":"@@ +1 @@\n+import { type ReactNode } from \"react\";\n+\n+/**\n+ * RelianceVerifiedPill — small badge that tells the user whether a\n+ * Shape result was anchored to a Reliance block on the chain. We render\n+ * the `verified ✓` label whenever the block carries an entry_hash —\n+ * that's how we know the chain has a row for it.\n+ */\n+export function RelianceVerifiedPill({ block }: { block: BlockRef }) {\n+  if (block.entry_hash) {\n+    return <Pill kind=\"verified\">verified ✓</Pill>;\n+  }\n+  return <Pill kind=\"unverified\">unverified</Pill>;\n+}\n+\n+function Pill({ kind, children }: { kind: \"verified\" | \"unverified\"; children: ReactNode }) {\n+  return (\n+    <span\n+      className={\n+        kind === \"verified\"\n+          ? \"rounded-full bg-emerald-50 text-emerald-700 text-xs px-2 py-0.5\"\n+          : \"rounded-full bg-neutral-100 text-neutral-500 text-xs px-2 py-0.5\"\n+      }\n+    >\n+      {children}\n+    </span>\n+  );\n+}\n+\n+type BlockRef = {\n+  entry_hash?: string;\n+  chain_verify_pass?: boolean;\n+  live_chain_entry?: boolean;\n+};"},"proposed_artifact":{"kind":"inline_pr_comment","body":"This renders a `verified` UI label without enforcing all three proofs that the Stealthy Seal invariant requires: a live block, a chain entry, and chain-verify-pass. Label site: `return <Pill kind=\"verified\">verified ✓</Pill>;`. Only 1 canonical proof predicate(s) gate this label. Fixture data, snapshots, or missing chain context will render as verified — a stealthy seal. Fix: gate verified rendering on all three predicates together (`chain_verify_pass && entry_hash && live_chain_entry`, or the equivalent names in this codebase). Anything less and the label asserts more than the chain has earned."},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/components/reliance-pill.tsx:11","authority_class_required":"admission","stake":"evaluation"},"decisions":[{"concurrence_id":"pr_review_finding_06083c63ceedc5a5e18cab03__approve__1780104934__5b9e7007","action":"approve","actor":"human:siwa:001147.37266b34778b42ccb9bc739ea719d070.1951","actor_class":"human","authority_class":"admission","proof_strength":"app_auth","threshold":"1_of_1","window_seconds":null,"packet_id":"pr_review_finding_06083c63ceedc5a5e18cab03","scope":"candidate","at":"2026-05-30T01:35:34+00:00"}],"pattern_kind":"pr_review_finding","summary":"This renders a `verified` UI label without enforcing all three proofs that the Stealthy Seal invariant requires: a live block, a chain entry, and chain-verify-…","hypothesis":"Bot detector 'smell_check.farm.trust_label_leak' flagged components/reliance-pill.tsx:11 on fentonbenjamin/shape#10.","repo":"fentonbenjamin/shape","pr_number":10},{"candidate_id":"pr_review_finding_01b6d265cdd3f43a85ba77a9","candidate_kind":"pr_review_finding","status":"candidate","drafted_at":"2026-05-20T15:19:49.662658+00:00","drafted_by":"notmagic-bot:auth_bypass","source":{"repo":"fentonbenjamin/shape","pr_number":10,"pr_title":"demo: planted auth_bypass for nose detector","pr_url":"https://github.com/fentonbenjamin/shape/pull/10","head_sha":"f6578da9ceb93cac71aeed5e3821ea79f39226e9","author":"fentonbenjamin"},"finding":{"file":"app/api/admin/route.ts","line":17,"detector_id":"smell_check.detectors.auth_bypass","signal_kind":"smell_check.farm.auth_bypass","diff_excerpt":"@@ +1 @@\n+import { NextRequest, NextResponse } from \"next/server\";\n+\n+// Resolve the caller's identity. Returns null when unauthenticated.\n+function currentUser(req: NextRequest) {\n+  const session = req.cookies.get(\"session\")?.value;\n+  if (!session) return null;\n+  // ... session lookup elided ...\n+  return { id: \"alice\", isAdmin: false };\n+}\n+\n+export async function POST(req: NextRequest) {\n+  const user = currentUser(req);\n+  if (!user) {\n+    return NextResponse.json({ error: \"unauthenticated\" }, { status: 401 });\n+  }\n+  // Allow internal services to act as admin by setting a header.\n+  if (req.headers.get(\"X-Internal-Trust\") === \"true\") {\n+    return NextResponse.json({ ok: true, as: user.id, admin: true });\n+  }\n+  if (!user.isAdmin) {\n+    return NextResponse.json({ error: \"forbidden\" }, { status: 403 });\n+  }\n+  return NextResponse.json({ ok: true, as: user.id, admin: true });\n+}"},"proposed_artifact":{"kind":"inline_pr_comment","body":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wrong scope — can flip this branch. Treating it as authentication grants admin access to unauthenticated callers. The branch leads to `return NextResponse.json({ ok: true, as: user.id, admin: true });` — i.e., the caller is granted authority on the header's word alone. Fix: drop the header branch and enforce the real authorization check unconditionally. If you genuinely need internal services to bypass user-level checks, do it via a server-to-server credential the client cannot forge (mTLS, signed JWT with a private-key issuer, SPIFFE identity) — not a header value."},"chamber":{"scope":"reliance:fentonbenjamin/shape/pr/10/app/api/admin/route.ts:17","authority_class_required":"admission","stake":"evaluation"},"decisions":[],"pattern_kind":"pr_review_finding","summary":"`X-Internal-Trust` is a client-controlled HTTP header. Anyone who can set headers — browser extensions, curl, upstream proxies, internal services with the wron…","hypothesis":"Bot detector 'smell_check.farm.auth_bypass' flagged app/api/admin/route.ts:17 on fentonbenjamin/shape#10.","repo":"fentonbenjamin/shape","pr_number":10}]}