# Run Log — 2026-02-12

## Results
- Targets scanned: 6/12 (MLflow, Dify, LibreChat, FastChat, RAGFlow, BentoML)
- Findings total: 19 raw → 6 reports drafted
- Skipped: 13 (1 duplicate, 12 triaged-skip)
- Spend: $2.70 / $20 daily budget

## Reports Drafted
| # | Report | Target | Type | CVSS |
|---|--------|--------|------|------|
| 1 | Arbitrary file read via prompt tag | MLflow | Path Traversal | 9.1 |
| 2 | SSRF via worker registration | FastChat | SSRF + No Auth | 8.6 |
| 3 | SSRF race condition bypass | BentoML | SSRF + Race | ~8.2 |
| 4 | Path traversal via Content-Disposition | RAGFlow | Path Traversal | 7.7 |
| 5 | IDOR userId override | LibreChat | IDOR | 7.1 |
| 6 | Inverted auth check → cross-tenant write | RAGFlow | Auth Bypass | 7.1 |

## What worked
- Parallel scanning (3 repos at once) maximized throughput within budget
- Scanner → investigator → reporter pipeline produced 6 solid reports from 6 repos
- Decision matrix correctly filtered noise: 19 raw findings → 6 reports, 0 weak submissions
- Manual code triage by scanners caught false positives that semgrep alone would miss
- Investigators correctly killed the Dify SSRF (near-certain dup) — saved platform reputation

## Issues & fixes applied
1. Scout/CVE-monitor failed without web access → orchestrator now handles web-dependent discovery directly
2. Scanners couldn't run semgrep/trufflehog (sandbox) → orchestrator pre-runs tools, passes results to scanner
3. Stray `mlflow.db` created in project root → added `*.db` to .gitignore, scanner working dir rule added
4. Reports handed off one-by-one → orchestrator now batches SUBMIT at cycle end
5. Dify SSRF wasted $0.40 before dup-kill → orchestrator now pre-checks platform for existing reports
6. No outcome tracking → added OUTCOME handoff trigger
7. Scanner created files outside repo dir → scanner prompt now mandates clone_path as working dir
8. CVE monitor spawned with empty targets → decide phase now gates on targets existing