nettoolskit-assurance

Security, performance, benchmark, and release assurance repository for NetToolsKit.

Owns security testing, load testing, stress testing, benchmark suites, OpenAPI-driven validation, frontend assurance checks, quality gates, evidence normalization, and release risk reports.

It should provide reusable assurance workflows to nettoolskit-copilot, nettoolskit-devops, nettoolskit-control, and nettoolskit-cli through versioned contracts. It must not own deployment orchestration, machine worker runtime, product orchestration, reusable AI-agent catalogs, or code generation implementation.

Initial responsibility boundaries:

• OpenAPI security, fuzzing, schema conformance, and API regression checks.
• Frontend assurance checks, including accessibility, browser smoke tests, security headers, cookie policy, CSP, and visual evidence.
• Performance, load, stress, soak, benchmark, and capacity profile execution.
• SAST, DAST, SCA, container, dependency, and secrets scan orchestration.
• Quality gate result normalization with findings, severities, evidence, and release-blocking decisions.

Service Manifest

nettoolskit.manifest.json declares the assurance capabilities, adapter families, report artifact kinds, and discovery metadata.

River CI

This repository follows the Access local-first CI/CD strategy: GitHub remains the source of truth, while GitRiver/River runs expensive pull-request quality gates from metadata-only workflows.

River quality gates live in .gitriver/workflows/assurance-quality.yml and execute the mutable source-owned scripts under scripts/ci/river/ after cloning this repository from GitHub. The workflow also clones nettoolskit-rust as a sibling directory because this crate uses path dependencies for shared CLI and contract crates.

The current River status context is:

• river/assurance-rust-quality

GitHub-hosted checks for this repository should stay limited to lightweight governance or release/deploy handoff work. Rust formatting, tests, clippy, package checks, vulnerability audits, documentation builds, and local assurance quality gates belong in River.

Rust Crate

This repository is a single Rust crate. Keep source modules under src/<responsibility>/mod.rs and mirror those responsibilities in tests/<responsibility>/.

Cargo output is pinned by .cargo/config.toml to .build/target. Generated validation or publication artifacts belong under .deployment/artifacts and must not be committed.

The crate owns the canonical assurance scan, finding, benchmark, quality-gate, target, and visual evidence DTOs under nettoolskit_assurance::contracts. It depends on nettoolskit-contracts only for neutral shared primitives such as artifact references and metadata entries.

nettoolskit_assurance::evaluate_local_gate converts caller-supplied local check outcomes into validated QualityGateResult records. It is intentionally local-only: it does not run scanners, browsers, network probes, Docker, MCP, shell commands, or load tools.

nettoolskit_assurance::plan_assurance_ci_changed_surfaces classifies caller-supplied changed repository paths and decides whether the local Rust quality gate should run. It never runs Git, River, Cargo, shell commands, scanners, network calls, or filesystem scans.

nettoolskit_assurance::default_assurance_profiles exposes reusable local-first profile definitions for security, load, integration, frontend, benchmark, and release-readiness checks. nettoolskit_assurance::plan_assurance_profile_request converts a profile id and target into a validated AssuranceScanRequest for a later adapter or local gate. It only plans the request and never runs scanners, browsers, network probes, Docker, MCP, shell commands, or load tools.

nettoolskit_assurance::plan_mcp_readiness validates MCP endpoint readiness inputs, private-route policy, expected server discovery, and optional safe invocation boundaries into a redacted QualityGateResult. It never connects to MCP endpoints, lists tools, invokes tools, starts containers, runs shell commands, or resolves secrets.

nettoolskit_assurance::plan_security_scan validates intended security checks, target labels, public-target policy, and explicit authorization requirements into a redacted QualityGateResult. It never runs dependency scanners, secret scanners, SAST, DAST, image scans, HTTP probes, Docker, MCP, shell commands, GitHub, River, or secret resolution.

nettoolskit_assurance::plan_api_conformance validates intended API/OpenAPI checks, target labels, public-route policy, explicit authorization requirements, and local case-budget limits into a redacted QualityGateResult. It never parses OpenAPI documents, probes HTTP endpoints, runs fuzzers, starts Docker, invokes MCP, runs shell commands, calls GitHub/River, or resolves secrets.

nettoolskit_assurance::plan_frontend validates intended frontend checks, target labels, public-route policy, and explicit browser authorization requirements into a redacted QualityGateResult. It never launches browsers, performs HTTP checks, starts Docker, invokes MCP, runs shell commands, calls GitHub/River, or resolves secrets.

nettoolskit_assurance::plan_performance validates intended performance, load, stress, soak, benchmark, and capacity scenarios against route policy, explicit authorization requirements, and local budget limits into a redacted QualityGateResult. It never runs load tools, benchmarks, HTTP probes, browsers, Docker, MCP, shell commands, GitHub, River, or secret resolution.

nettoolskit_assurance::plan_post_deploy_smoke validates post-deploy smoke expectations for API, frontend, service, image-runtime, and integration surfaces into a redacted QualityGateResult. It never performs HTTP, browser, Docker, shell, scanner, load, or MCP execution.

nettoolskit_assurance::plan_release_readiness aggregates already-produced quality gate results into one release-readiness QualityGateResult. It only validates and summarizes supplied evidence; it never runs tools, publishes releases, deploys stacks, or resolves secrets.

nettoolskit_assurance::plan_evidence_bundle aggregates already-produced quality gate results and retained artifact references into one redacted handoff QualityGateResult. It validates required gate coverage, duplicate ids, artifact paths, and secret-shaped metadata without running scanners, browsers, load tools, Docker, MCP, shell commands, HTTP calls, GitHub, River, or secret resolution.

nettoolskit_assurance::plan_visual_evidence validates already-captured visual evidence and required viewport coverage into a redacted QualityGateResult. It validates screenshot artifact references, duplicate ids, repository-relative paths, and secret-shaped metadata without running browsers, screenshot capture, HTTP calls, Docker, MCP, shell commands, GitHub, River, or secret resolution.

nettoolskit_assurance::owasp defines shared OWASP category, finding, evidence, and reproduction-step contracts for future Chrome extension and CLI adapters. The contracts require authorized scope ids, redacted evidence, safe payload-class descriptions, and local retained artifacts; they reject secret-shaped metadata, raw destructive payloads, external artifact URLs, and unknown evidence references. The module does not launch browsers, run scanners, probe HTTP endpoints, execute payloads, or write report files.

nettoolskit_assurance::owasp_category_catalog exposes local OWASP Top 10:2021, OWASP API Security Top 10:2023, and OWASP Web Security Testing Guide domain mappings. find_owasp_category resolves stable ids and local aliases without network access and rejects secret-shaped lookup values.

nettoolskit_assurance::plan_owasp_authorized_execution composes OWASP Web and API checks into one local-only authorized execution handoff. It requires an authorized scope id, blocks public routes by default, requires a retained scope document for public routes when explicitly allowed, and requires per-check authorization before future runtime adapters can execute. It never launches browsers, sends HTTP requests, runs scanners, executes payloads, starts Docker, invokes MCP, calls GitHub/River, or resolves secrets.

nettoolskit_assurance::plan_owasp_safe_local_adapters converts an authorized OWASP execution handoff into a bounded safe local adapter envelope. It validates adapter kind, execution mode, private/local routes, explicit authorization, timeout and response-byte budgets, and retained local evidence artifact references. It does not launch browsers, send HTTP requests, run scanners, execute payloads, read or write files, call GitHub/River, invoke MCP, or resolve secrets.

The Chrome extension under apps/chrome-extension exposes the first metadata-only OWASP browser evidence export contract: ntk.assurance.extension.evidence.v1. It is still passive by default and does not run active checks, capture cookies/storage values, send HTTP requests, or execute payloads.

nettoolskit_assurance::build_owasp_report builds a redacted OWASP Markdown and JSON-ready report contract from precomputed OwaspFinding records. It validates finding redaction, safe reproduction steps, authorization scope ids, local artifact references, and canonical QualityGateResult output. It never reads files, writes files, launches browsers, sends HTTP requests, runs scanners, executes payloads, starts Docker, invokes MCP, calls GitHub/River, or resolves secrets.

Local CLI

ntk-assurance is the product-owned local CLI for assurance planning. It uses nettoolskit-cli only for shared terminal rendering primitives; assurance semantics stay in this repository.

List built-in assurance profiles:

cargo run --bin ntk-assurance -- profiles list

Plan a profile request for a repository target:

cargo run --bin ntk-assurance -- profiles plan --profile security.baseline --target-kind repository --target-id nettoolskit-access

Render JSON contract output:

cargo run --bin ntk-assurance -- profiles plan --profile integration.smoke --target-kind service --target-id access-control --format json

Evaluate caller-supplied local check outcomes as one quality gate:

cargo run --bin ntk-assurance -- gates evaluate --gate-id local-quality --request-id req-local-quality --title "Local quality" --check fmt=passed --check test=passed --check audit=failed

Evaluate the DET local effectiveness redaction/safety checklist:

cargo run --bin ntk-assurance -- gates evaluate --gate-id det-local-effectiveness --request-id req-det-local-effectiveness-redaction-safety --title "DET local effectiveness proof gate" --check summary-artifact=blocked --check det-readiness=blocked --check economic-proof=blocked --check first-use-proof=blocked --check harness-proof-bundle=blocked --check redaction=passed --check artifact-hygiene=passed --check safety-review=passed --check effectiveness-decision=blocked --format json

See docs/det-local-effectiveness-redaction-safety-runbook.md for the boundary and checklist fixture.

Plan whether Assurance Rust quality should run for changed paths:

cargo run --bin ntk-assurance -- ci changed-surfaces plan --path src/security/mod.rs --path tests/security/security_scan_tests.rs

Docs/planning-only changes can be planned without spending River quality time:

cargo run --bin ntk-assurance -- ci changed-surfaces plan --path README.md --path planning/completed/20260529-note.md

ci changed-surfaces plan reads only the changed path arguments supplied by the caller. It does not run Git, River, Cargo, shell commands, scanners, network calls, or filesystem scans.

Mark advisory checks as non-blocking when they should warn instead of failing the gate:

cargo run --bin ntk-assurance -- gates evaluate --gate-id local-quality --check fmt=passed --check registry-advisory=blocked --non-blocking registry-advisory

Plan MCP readiness from redacted, caller-supplied endpoint metadata:

cargo run --bin ntk-assurance -- mcp readiness --endpoint-label copilot-mcp --endpoint-url http://10.8.0.5:8811/mcp --route private-vpn --expected-server fetch --expected-server playwright --include-tool-invocation

Keep public MCP routes blocked unless explicitly allowed as warnings:

cargo run --bin ntk-assurance -- mcp readiness --endpoint-label public-mcp --endpoint-url https://mcp.example.test/mcp --route public --expected-server fetch

mcp readiness validates static readiness metadata and emits a local quality gate. Endpoint URLs are validated but not printed in text or JSON output. The command does not connect to MCP endpoints, list tools, invoke tools, start containers, run shell commands, call HTTP/TCP, read secrets, or resolve tokens. Non-blocked local plans stay not_evaluated until a future live adapter produces observed evidence; blocked plans return a non-zero exit code.

Plan security scan checks without executing scanners:

cargo run --bin ntk-assurance -- security scan plan --target access-api --check deps=dependency:repo:repository --check secret=secret:repo:repository --check headers=security_headers:control.access.nettoolskit.io:private_vpn

Public targets are blocked by default:

cargo run --bin ntk-assurance -- security scan plan --target access-api --check public-headers=security_headers:control.access.nettoolskit.io:public

Allow public targets and explicitly authorize invasive checks when a later adapter is expected to run them:

cargo run --bin ntk-assurance -- security scan plan --target staging-access-api --check dast=dast:staging.access.nettoolskit.io:public --allow-public-target --authorized-check dast --format json

security scan plan consumes check_id=kind:target[:route] declarations and emits a local quality gate. Supported check kinds are dependency, secret, sast, dast, api_schema, container_image, security_headers, authorization_smoke, and iac. Supported routes are local, repository, private_vpn, internal, public, and staged. DAST and authorization smoke checks require --authorized-check <id> by default. The command does not run scanners, HTTP checks, browsers, Docker, MCP, shell commands, GitHub, River, load tools, or secret resolution.

Plan API and OpenAPI conformance checks without executing HTTP or fuzz tools:

cargo run --bin ntk-assurance -- api conformance plan --target access-api --check schema=openapi_schema:openapi.yaml:local:1 --check contract=contract:access-api:private_vpn:8

Public routes are blocked by default:

cargo run --bin ntk-assurance -- api conformance plan --target access-api --check public-schema=openapi_schema:control.access.nettoolskit.io:public:1

Authorize invasive checks only when a later adapter is expected to run them:

cargo run --bin ntk-assurance -- api conformance plan --target staging-api --check fuzz=fuzz:staging-api:staged:20 --authorized-check fuzz --format json

api conformance plan consumes check_id=kind:target[:route[:case_budget]] declarations and emits a local quality gate. Supported check kinds are openapi_schema, contract, regression, fuzz, authorization_policy, backwards_compatibility, error_mapping, and rate_limit. Supported routes are local, private_vpn, internal, public, and staged. Fuzz, authorization policy, and rate-limit checks require --authorized-check <id> by default. Per-check case budgets are bounded by --max-case-budget. The command does not parse OpenAPI documents, probe HTTP endpoints, run fuzzers, launch browsers, start Docker, invoke MCP, run shell commands, call GitHub/River, or resolve secrets.

Plan frontend assurance checks without executing browsers:

cargo run --bin ntk-assurance -- frontend checks plan --target access-control-ui --check headers=security_headers:control.access.nettoolskit.io:private_vpn --check csp=csp:access-control-ui:internal

Public routes are blocked by default:

cargo run --bin ntk-assurance -- frontend checks plan --target access-control-ui --check public-csp=csp:control.access.nettoolskit.io:public

Authorize browser/runtime checks only when a later adapter is expected to run them:

cargo run --bin ntk-assurance -- frontend checks plan --target access-control-ui --check smoke=browser_smoke:access-control-ui:private_vpn --authorized-check smoke --format json

frontend checks plan consumes check_id=kind:target[:route] declarations and emits a local quality gate. Supported check kinds are accessibility, browser_smoke, security_headers, cookie_policy, csp, console_errors, asset_integrity, and responsive_layout. Supported routes are local, private_vpn, internal, public, and staged. Accessibility, browser smoke, console error, and responsive layout checks require --authorized-check <id> by default. The command does not run browsers, HTTP checks, scanners, Docker, MCP, shell commands, GitHub, River, load tools, or secret resolution.

Plan OWASP Web frontend checks without executing browsers:

cargo run --bin ntk-assurance -- owasp web plan --target access-control-ui --check headers=a05-2021:access-control-ui:private_vpn --check csp=csp:access-control-ui:internal

Browser/runtime OWASP checks require explicit authorization before a future adapter can run them:

cargo run --bin ntk-assurance -- owasp web plan --target access-control-ui --check route-auth=route_authorization:access-control-ui:private_vpn --authorized-check route-auth --format json

owasp web plan maps OWASP Web/WSTG-shaped check aliases onto the existing frontend planner and emits text or JSON with web_top_10_2021 and web_security_testing_guide catalog metadata. It keeps the same private-route, public-route, non-blocking, and explicit browser authorization rules as frontend checks plan. The command does not launch Chrome, load the extension, probe HTTP endpoints, execute payloads, write reports, call scanners, run shell commands, or resolve secrets.

Plan OWASP API checks without executing HTTP or fuzz tools:

cargo run --bin ntk-assurance -- owasp api plan --target access-api --check schema=api9-2023:openapi.yaml:local:1 --check authz=api1-2023:access-api:private_vpn:5

Authorize a future invasive API check while keeping this command local-only:

cargo run --bin ntk-assurance -- owasp api plan --target staging-api --check fuzz=a03-2021:staging-api:staged:20 --authorized-check fuzz --format json

owasp api plan maps OWASP API Security Top 10:2023 and OWASP Top 10 aliases onto the existing API conformance planner and emits text or JSON with api_top_10_2023 and web_top_10_2021 catalog metadata. It keeps private-route and explicit invasive-check authorization policy enabled by default. The command does not execute HTTP requests, fuzzing, scanners, adapters, shell commands, report writers, or secret resolution.

Plan an authorized OWASP Web/API execution handoff without executing browsers or HTTP:

cargo run --bin ntk-assurance -- owasp execution plan --target access-platform --authorized-scope-id scope-access-staging --check route-auth=web:route_authorization:access-control-ui:private_vpn --check authz=api:api1-2023:access-api:private_vpn:5 --authorized-check route-auth --authorized-check authz

Public routes require both explicit public-route acceptance and a retained scope document:

cargo run --bin ntk-assurance -- owasp execution plan --target staging-public --authorized-scope-id scope-public-staging --check schema=api:api9-2023:public-api:public:1 --authorized-check schema --allow-public-route --scope-document scope-public-staging=json:.deployment/artifacts/assurance/scope-public-staging.json --format json

owasp execution plan consumes check_id=surface:kind:target[:route[:case_budget]] declarations where surface is web or api. Web kinds use the same aliases as owasp web plan; API kinds use the same aliases as owasp api plan. Supported routes are local, private_vpn, internal, public, and staged. Every future runtime handoff requires --authorized-check <id> by default. API case budgets are bounded by --max-case-budget. The command emits an owasp-authorized-execution quality gate and remains local-only; it does not launch Chrome, load the extension, call HTTP, run scanners, execute payloads, write reports, call shell commands, call GitHub/River, or resolve secrets.

Plan a safe local adapter envelope for authorized OWASP Web/API checks:

cargo run --bin ntk-assurance -- owasp execution adapter plan --target access-platform --authorized-scope-id scope-access-staging --check web-smoke=web:browser_smoke:access-control-ui:local --check api-authz=api:api1-2023:access-api:private_vpn:5 --authorized-check web-smoke --authorized-check api-authz --adapter-kind mixed_metadata --mode metadata_only --timeout-ms 10000 --max-response-bytes 2097152 --evidence-artifact adapter-evidence=json:.deployment/artifacts/assurance/adapter-evidence.json

Use a browser-only adapter envelope when the checks are only Web/browser checks:

cargo run --bin ntk-assurance -- owasp execution adapter plan --target access-control-ui --authorized-scope-id scope-access-ui --check web-smoke=web:browser_smoke:access-control-ui:local --authorized-check web-smoke --adapter-kind browser_metadata --format json

owasp execution adapter plan first builds the same authorized execution plan as owasp execution plan, then validates a safe local adapter envelope over that plan. Supported adapter kinds are browser_metadata, api_metadata, and mixed_metadata. Supported modes are dry_run and metadata_only. Evidence artifacts must be retained local or repository-relative artifact references. The command emits an owasp-safe-local-adapter quality gate and does not launch Chrome, send HTTP requests, run scanners, execute payloads, read or write files, call shell commands, call GitHub/River, invoke MCP, or resolve secrets.

Build a redacted OWASP report from precomputed OwaspFinding JSON:

$finding = @'
{
  "findingId": "owasp-csp-001",
  "category": {
    "catalog": "web_top10_2021",
    "categoryId": "A05-2021",
    "title": "Security Misconfiguration"
  },
  "severity": "high",
  "confidence": "confirmed",
  "title": "CSP is not enforced",
  "targetLabel": "access-control-ui",
  "authorizedScopeId": "scope-access-staging",
  "impact": "Missing CSP enforcement increases client-side injection blast radius.",
  "mitigation": "Define an enforced CSP policy and validate it in staging before release.",
  "evidence": [
    {
      "evidenceId": "ev-csp-header",
      "kind": "header",
      "summary": "Response headers show a report-only CSP policy without enforced directives.",
      "redaction": "redacted"
    }
  ],
  "reproductionSteps": [
    {
      "stepId": "step-open-page",
      "order": 1,
      "actor": "browser",
      "action": "Open the authorized staging page and record response header metadata.",
      "expected": "The browser receives an enforced CSP policy for the protected page.",
      "observed": "Only report-only CSP metadata was observed for the protected page.",
      "payloadClass": "benign-header-observation",
      "evidenceIds": ["ev-csp-header"]
    }
  ],
  "releaseBlocking": true
}
'@
cargo run --bin ntk-assurance -- owasp report build --report-id access-owasp-report --request-id req-access-owasp --target access-platform --authorized-scope-id scope-access-staging --finding-json $finding

Render the same report as JSON:

cargo run --bin ntk-assurance -- owasp report build --report-id access-owasp-report --request-id req-access-owasp --target access-platform --authorized-scope-id scope-access-staging --finding-json $finding --format json

owasp report build accepts one or more --finding-json values containing serialized OwaspFinding records. It emits Markdown by default or an OwaspReport JSON contract with an owasp-redacted-report QualityGateResult. Release-blocking findings return a non-zero exit code. The command renders in memory only; it does not read files, write files, launch Chrome, load the extension, call HTTP, run scanners, execute payloads, call shell commands, call GitHub/River, or resolve secrets.

Plan cross-service integration contracts without executing live checks:

cargo run --bin ntk-assurance -- integration contracts plan --environment access-prod --system access-platform --contract api=api_contract:access-control:copilot-runtime:private_vpn:5 --contract events=event_contract:access-events:audit-consumer:internal:3

Public routes are blocked by default:

cargo run --bin ntk-assurance -- integration contracts plan --environment staging --system platform-poc --contract public-api=api_contract:public-provider:public-consumer:public:1

Authorize live or invasive contracts only when a later adapter is expected to run them:

cargo run --bin ntk-assurance -- integration contracts plan --environment access-prod --system access-platform --contract mcp=mcp_tool_contract:copilot-runtime:mcp-gateway:private_vpn:5 --authorized-contract mcp --format json

integration contracts plan consumes contract_id=kind:provider:consumer[:route[:sample_budget]] declarations and emits a local quality gate. Supported contract kinds are api_contract, event_contract, data_shape, auth_propagation, mcp_tool_contract, deployment_handoff, and backwards_compatibility. Supported routes are local, private_vpn, internal, public, and staged. auth_propagation, mcp_tool_contract, and deployment_handoff require --authorized-contract <id> by default. Sample budgets are enforced with --max-sample-budget. The command does not call HTTP, MCP, Docker, SSH, browsers, scanners, load tools, GitHub, River, registries, or secret stores.

Plan performance and benchmark scenarios without executing load tools:

cargo run --bin ntk-assurance -- performance benchmark plan --environment access-prod --scenario latency=latency_budget:access-api:private_vpn:60:1 --scenario load=load:access-api:private_vpn:120:20

Public routes are blocked by default:

cargo run --bin ntk-assurance -- performance benchmark plan --environment access-prod --scenario public-load=load:control.access.nettoolskit.io:public:60:10

Authorize expensive staged scenarios only when a later adapter is expected to run them:

cargo run --bin ntk-assurance -- performance benchmark plan --environment staging --scenario stress=stress:access-api:staged:180:40 --authorized-scenario stress --format json

performance benchmark plan consumes scenario_id=kind:target[:route[:duration_seconds[:virtual_users]]] declarations and emits a local quality gate. Supported scenario kinds are latency_budget, load, stress, soak, benchmark, and capacity. Supported routes are local, private_vpn, internal, public, and staged. Stress, soak, and capacity scenarios require --authorized-scenario <id> by default. Duration and virtual-user budgets are enforced with --max-duration-seconds and --max-virtual-users. The command does not run load tools, benchmarks, HTTP checks, browsers, Docker, MCP, shell commands, GitHub, River, or secret resolution.

Plan post-deploy smoke expectations without executing live checks:

cargo run --bin ntk-assurance -- smoke post-deploy plan --environment access-prod --check api-health=api:model-control-api --check frontend-load=frontend:access-control-ui

Public routes are blocked by default:

cargo run --bin ntk-assurance -- smoke post-deploy plan --environment access-prod --check public-ui=frontend:control.access.nettoolskit.io:public

Allow public routes as warnings when the caller explicitly accepts that review boundary:

cargo run --bin ntk-assurance -- smoke post-deploy plan --environment access-prod --check public-ui=frontend:control.access.nettoolskit.io:public --non-blocking public-ui --allow-public-route --format json

smoke post-deploy plan consumes explicit check_id=kind:target[:route] declarations and emits a local quality gate. Supported target kinds are api, frontend, service, image_runtime, and integration; supported routes are private_vpn, internal, localhost, and public. The command does not run HTTP checks, browsers, Docker, shell commands, scanners, load tools, MCP, GitHub, River, network probes, or secret resolution.

Aggregate already-produced quality gates into a release-readiness decision:

cargo run --bin ntk-assurance -- release readiness --release-id release-2026.05.27 --environment access-prod --gate smoke=passed --gate security=passed --gate load=not_evaluated

Allow not-evaluated gates to remain warnings during an early local phase:

cargo run --bin ntk-assurance -- release readiness --release-id release-2026.05.27 --environment access-prod --gate smoke=passed --gate load=not_evaluated --allow-not-evaluated

Aggregate precomputed gates and retained artifact references into a release evidence bundle:

cargo run --bin ntk-assurance -- evidence bundle plan --bundle-id access-release --environment access-prod --gate smoke=passed --gate mcp=warning --required-gate smoke --artifact smoke-report=json:.deployment/artifacts/assurance/smoke.json

Render the same bundle as a QualityGateResult JSON contract:

cargo run --bin ntk-assurance -- evidence bundle plan --bundle-id access-release --environment access-prod --gate smoke=passed --gate security=passed --required-gate smoke --required-gate security --artifact smoke-report=json:.deployment/artifacts/assurance/smoke.json --format json

evidence bundle plan consumes gate_id=status values and retained artifact_id=kind:path references. Artifact paths must be repository-relative or local-relative and cannot use URLs, rooted paths, traversal, or secret-shaped values. Missing required gates and failed gates block the bundle; not-evaluated gates block by default unless --allow-not-evaluated is used.

Validate precomputed screenshot evidence and required viewport coverage:

cargo run --bin ntk-assurance -- visual evidence plan --target access-control-ui --evidence desktop=control-desktop:.deployment/artifacts/assurance/control-desktop.png --evidence mobile=control-mobile:.deployment/artifacts/assurance/control-mobile.png --required-viewport desktop --required-viewport mobile

Allow missing required viewports to remain warnings during an early local phase:

cargo run --bin ntk-assurance -- visual evidence plan --target access-control-ui --evidence desktop=control-desktop:.deployment/artifacts/assurance/control-desktop.png --required-viewport desktop --required-viewport mobile --allow-missing-required-viewports --format json

visual evidence plan consumes viewport=evidence_id:path values and emits a local quality gate. Evidence paths must be repository-relative or local-relative and cannot use URLs, rooted paths, traversal, or secret-shaped values. Missing required viewports block by default unless --allow-missing-required-viewports is used.

The CLI currently performs local planning, caller-supplied gate evaluation, and in-memory redacted report rendering only. It does not run scanners, browsers, load tools, Docker, MCP, shell commands, HTTP calls, GitHub calls, River calls, or secret resolution.

Validation

cargo fmt --all -- --check
cargo audit --deny warnings
cargo test --locked --all-targets
cargo clippy --locked --all-targets -- -D warnings
cargo doc --locked --no-deps
cargo build --locked
git diff --check

DET local effectiveness gate

DET local-use distribution must stay blocked until DET produces a local effectiveness summary backed by real host-reported or provider-reported metrics and the summary decision is use_det. Assurance evaluates caller-supplied gate outcomes only; it does not run DET, benchmarks, providers, Docker, shell commands, GitHub, or release publication.

Current pre-benchmark gate command:

cargo run --bin ntk-assurance -- gates evaluate --gate-id det-local-effectiveness --request-id req-det-local-effectiveness --title "DET local effectiveness" --check summary-artifact=blocked --check det-readiness=blocked --check economic-proof=blocked --check first-use-proof=blocked --check harness-proof-bundle=blocked --check redaction=passed --check artifact-hygiene=passed --check safety-review=passed --check effectiveness-decision=blocked

See docs/det-local-effectiveness-redaction-safety-runbook.md for required evidence and ownership boundaries.

DET evidence hygiene gate

evaluate_det_evidence_hygiene checks caller-supplied DET local effectiveness evidence metadata before Control and DevOps consume it for distribution readiness. It blocks when evidence keeps raw prompts, provider payloads, secrets, unredacted user content, public live route material, or fixture/unavailable metrics.

The gate accepts only host-reported or provider-reported metrics as distribution-grade. It emits det-evidence-hygiene as a QualityGateResult and does not run DET, benchmarks, providers, Docker, shell commands, CI, network probes, GitHub, or release publication.

See docs/det-evidence-hygiene-gate.md for the boundary and blocking rules.

DET local package hygiene

evaluate_det_local_package_hygiene consumes the DET local effectiveness package recommendation (use_det, hold, blocked) together with the existing evidence hygiene metadata. use_det can pass only when redaction, route, and metric-source checks also pass; hold and blocked remain distribution blockers.

See docs/det-local-package-hygiene.md.

npm and npx

This repository exposes the ntk-assurance command through the @nettoolskit/assurance npm package for local installation and npx execution.

npm install -g @nettoolskit/assurance
ntk-assurance --help
npx @nettoolskit/assurance --help

The npm wrapper executes a native ntk-assurance binary from npm/native/ when release packaging stages one. For development or private release validation, set NTK_ASSURANCE_BINARY to an already built local binary. Use npm run stage:native -- <path-to-binary> before packaging a native tarball.