[pitboss/grind] deferred session-0011 (20260517T044708Z-e058)

2026-06-15 20:05:13 +02:00 · 2026-05-17 04:00:32 -05:00 · 2026-05-17 04:00:32 -05:00 · 179c32f85f
commit 179c32f85f
parent 2deb74c18c
2 changed files with 183 additions and 0 deletions
--- a/tests/dynamic_fixtures/chain_composer/python/flask_eval/app.py
+++ b/tests/dynamic_fixtures/chain_composer/python/flask_eval/app.py
@ -0,0 +1,26 @@
+"""End-to-end chain composer fixture.
+
+A single-file Flask app where an unauthenticated POST handler reads
+`cmd` straight off the request body and passes it to `eval()`.  The
+ingredients line up for the chain composer:
+
+- SurfaceMap gains one `EntryPoint` (Flask `/run` POST, `auth_required: false`).
+- SurfaceMap gains one `DangerousLocal` (the route function itself
+  consumes `Cap::CODE_EXEC` via the `eval` call site).
+- A `taint-unsanitised-flow` finding ties `flask.request.json` to `eval`.
+
+`nyx scan --format json` against this directory should emit at least one
+entry in the top-level `chains` array.  The chain's `implied_impact` is
+`rce` (CODE_EXEC lattice fall-through) and its `severity` reaches
+`critical` via the score path.
+"""
+
+import flask
+
+app = flask.Flask(__name__)
+
+
+@app.route("/run", methods=["POST"])
+def run():
+    cmd = flask.request.json.get("cmd")
+    return {"out": eval(cmd)}