{
"created_utc": "2026-05-11T13:41:19.602707+00:00",
"finding_count": 608,
"findings": [
{
"id": "SM-AUD-0001",
"severity": "P0",
"confidence": "confirmed",
"area": "packaging",
"file": "semantic-memory-generic-rust-next-codex-context-20260511.report.md",
"line": "1",
"title": "Archive is not hermetic despite passing certifier",
"why_it_matters": "Cargo metadata succeeded from parent /Coding/Libraries workspace with 326 packages/30 workspace members while the archive has zero workspace manifests. A clean extractor may fail or resolve differently.",
"suggested_fix": "Add an archive-root Cargo.toml workspace, or remove workspace-only dependency/lint reliance; validate from fresh extraction.",
"source": "manual"
},
{
"id": "SM-AUD-0002",
"severity": "P0",
"confidence": "confirmed",
"area": "packaging",
"file": "semantic-memory/Cargo.toml",
"line": "1",
"title": "No packaged root workspace manifest for included local crates",
"why_it_matters": "The zip includes semantic-memory plus three path roots, but no top-level workspace manifest tying them together.",
"suggested_fix": "Generate a root Cargo.toml with members semantic-memory, stack-ids, semantic-memory-forge, forge-memory-bridge.",
"source": "manual"
},
{
"id": "SM-AUD-0003",
"severity": "P0",
"confidence": "confirmed",
"area": "packaging",
"file": "semantic-memory/Cargo.lock",
"line": "1",
"title": "Multiple Cargo.lock files create ambiguous dependency source of truth",
"why_it_matters": "Each included package has its own lockfile; without a packaged root workspace, dependency resolution can differ between crates.",
"suggested_fix": "Use one workspace lockfile at archive root for review builds or document crate-by-crate build commands.",
"source": "manual"
},
{
"id": "SM-AUD-0004",
"severity": "P0",
"confidence": "confirmed",
"area": "embedding",
"file": "semantic-memory/src/documents.rs",
"line": "324",
"title": "Document ingest silently truncates chunks on embedder batch-count mismatch",
"why_it_matters": "text_chunks.iter().zip(embeddings.iter()) drops chunks if the embedder returns fewer vectors, and ignores extra vectors.",
"suggested_fix": "Centralize embed_batch validation: returned len must equal requested len before any write.",
"source": "manual"
},
{
"id": "SM-AUD-0005",
"severity": "P0",
"confidence": "confirmed",
"area": "embedding",
"file": "semantic-memory/src/lib.rs",
"line": "1254",
"title": "Fact re-embedding silently truncates on batch-count mismatch",
"why_it_matters": "Batch rows are zipped with embeddings; fewer embeddings still increments fact_count by batch.len().",
"suggested_fix": "Fail loudly on batch-count mismatch before constructing updates.",
"source": "manual"
},
{
"id": "SM-AUD-0006",
"severity": "P0",
"confidence": "confirmed",
"area": "embedding",
"file": "semantic-memory/src/lib.rs",
"line": "1314",
"title": "Chunk re-embedding silently truncates on batch-count mismatch",
"why_it_matters": "Batch rows are zipped with embeddings; missing embeddings leave stale rows while progress counters report success.",
"suggested_fix": "Fail loudly on batch-count mismatch before update transaction.",
"source": "manual"
},
{
"id": "SM-AUD-0007",
"severity": "P0",
"confidence": "confirmed",
"area": "embedding",
"file": "semantic-memory/src/lib.rs",
"line": "1374",
"title": "Message re-embedding silently truncates on batch-count mismatch",
"why_it_matters": "Batch rows are zipped with embeddings; message embeddings can be partially refreshed without being reported.",
"suggested_fix": "Fail loudly on batch-count mismatch before update transaction.",
"source": "manual"
},
{
"id": "SM-AUD-0008",
"severity": "P0",
"confidence": "confirmed",
"area": "embedding",
"file": "semantic-memory/src/lib.rs",
"line": "1434",
"title": "Episode re-embedding silently truncates on batch-count mismatch",
"why_it_matters": "Batch rows are zipped with embeddings; missing episode embeddings can leave stale recall state.",
"suggested_fix": "Fail loudly on batch-count mismatch before update transaction.",
"source": "manual"
},
{
"id": "SM-AUD-0009",
"severity": "P0",
"confidence": "confirmed",
"area": "embedding",
"file": "semantic-memory/src/lib.rs",
"line": "536",
"title": "Public embedding validation is dimension-only",
"why_it_matters": "validate_embedding_dimensions checks length but not NaN/Inf, while HNSW later rejects non-finite values; SQLite can still store bad f32 blobs.",
"suggested_fix": "Replace with validate_embedding that checks dimensions and all components finite.",
"source": "manual"
},
{
"id": "SM-AUD-0010",
"severity": "P0",
"confidence": "confirmed",
"area": "delete/integrity",
"file": "semantic-memory/src/documents.rs",
"line": "109",
"title": "delete_document does not explicitly clean episode derived state",
"why_it_matters": "Document deletion removes chunks/docs but not episode_causes, episodes_fts, episodes_rowid_map, or episode HNSW ops before cascade/cleanup boundaries.",
"suggested_fix": "Collect episode_ids first and delete all episode derived surfaces plus queued HNSW deletes in one transaction.",
"source": "manual"
},
{
"id": "SM-AUD-0011",
"severity": "P0",
"confidence": "probable",
"area": "delete/integrity",
"file": "semantic-memory/src/documents.rs",
"line": "109",
"title": "delete_document can leave stale HNSW episode keys",
"why_it_matters": "If episodes are cascaded from documents, HNSW sidecar does not know about episode deletes unless explicit pending ops are queued.",
"suggested_fix": "Queue Delete for every episode:{episode_id} before deleting the document.",
"source": "manual"
},
{
"id": "SM-AUD-0012",
"severity": "P0",
"confidence": "confirmed",
"area": "search",
"file": "semantic-memory/src/search.rs",
"line": "272",
"title": "Vector scan uses bytemuck::try_cast_slice on SQLite Vec<u8>",
"why_it_matters": "SQLite blobs are byte vectors; casting requires alignment and native endian assumptions. Valid blobs may fail or decode incorrectly on non-little-endian targets.",
"suggested_fix": "Use db::bytes_to_embedding for all blob decoding; avoid bytemuck on storage bytes.",
"source": "manual"
},
{
"id": "SM-AUD-0013",
"severity": "P0",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw.rs",
"line": "501",
"title": "HNSW sidecar loader allocates raw byte_len from file without cap",
"why_it_matters": "A corrupt sidecar can declare a huge byte length and trigger large allocation before validation.",
"suggested_fix": "Require byte_len == dimensions*4 and <= configured max before allocation.",
"source": "manual"
},
{
"id": "SM-AUD-0014",
"severity": "P0",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw.rs",
"line": "460",
"title": "HNSW data format stores dimensions using usize",
"why_it_matters": "usize serialization is platform-width dependent; sidecar created on 64-bit may not load on 32-bit and is not a stable portable format.",
"suggested_fix": "Use fixed-width u32/u64 little-endian fields with versioned header.",
"source": "manual"
},
{
"id": "SM-AUD-0015",
"severity": "P0",
"confidence": "probable",
"area": "hnsw",
"file": "semantic-memory/src/hnsw.rs",
"line": "142",
"title": "HNSW save is not atomic",
"why_it_matters": "file_dump writes directly; crash or process kill can leave partial graph/data sidecars.",
"suggested_fix": "Write to temp files, fsync, then atomic rename graph/data/keymap as a set.",
"source": "manual"
},
{
"id": "SM-AUD-0016",
"severity": "P0",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw_ops.rs",
"line": "184",
"title": "Pending HNSW mutations are applied before sidecar save succeeds",
"why_it_matters": "If save fails after mutating in-memory index, pending ops remain and can be applied again, creating duplicate tombstones/nodes.",
"suggested_fix": "Build/save a snapshot or roll back in-memory mutations on save failure.",
"source": "manual"
},
{
"id": "SM-AUD-0017",
"severity": "P0",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw_ops.rs",
"line": "192",
"title": "Pending upsert calls insert instead of update",
"why_it_matters": "Upsert on an existing key allocates a new node and tombstones the old node, increasing graph bloat on repeated retries.",
"suggested_fix": "Use update() or replace semantics for existing keys; dedupe pending ops by key.",
"source": "manual"
},
{
"id": "SM-AUD-0018",
"severity": "P0",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/lib.rs",
"line": "669",
"title": "HNSW sidecar save clones Arc while graph can still mutate",
"why_it_matters": "Cloning HnswIndex does not snapshot the underlying graph; concurrent writes can mutate while save is in progress.",
"suggested_fix": "Hold exclusive lock during save or introduce immutable snapshot serialization.",
"source": "manual"
},
{
"id": "SM-AUD-0019",
"severity": "P0",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw.rs",
"line": "429",
"title": "Graph sidecar validation only checks non-empty file",
"why_it_matters": "validate_graph_sidecar does not verify magic/version/consistency with data/keymap.",
"suggested_fix": "Validate graph/data/keymap together with checksums and stored dimensions/counts.",
"source": "manual"
},
{
"id": "SM-AUD-0020",
"severity": "P0",
"confidence": "confirmed",
"area": "integrity",
"file": "semantic-memory/src/lib.rs",
"line": "730",
"title": "HNSW integrity is count-based, not key-level",
"why_it_matters": "Equal counts can hide wrong mappings, stale IDs, or wrong source types.",
"suggested_fix": "Verify each keymap key maps to a live row and each live embedded row has a matching key.",
"source": "manual"
},
{
"id": "SM-AUD-0021",
"severity": "P0",
"confidence": "confirmed",
"area": "integrity",
"file": "semantic-memory/src/db.rs",
"line": "1400",
"title": "FTS integrity count checks use dynamic table names and count parity only",
"why_it_matters": "Count parity can pass despite rowid/content mismatches.",
"suggested_fix": "Perform key-level rowid_map/content checks for every FTS-backed table.",
"source": "manual"
},
{
"id": "SM-AUD-0022",
"severity": "P0",
"confidence": "confirmed",
"area": "search",
"file": "semantic-memory/src/search.rs",
"line": "61",
"title": "cosine_similarity truncates mismatched vectors in release builds",
"why_it_matters": "debug_assert_eq is disabled in release; zip then compares only the shorter length.",
"suggested_fix": "Return Result or validate dimensions before zip in all builds.",
"source": "manual"
},
{
"id": "SM-AUD-0023",
"severity": "P0",
"confidence": "confirmed",
"area": "search",
"file": "semantic-memory/src/search.rs",
"line": "290",
"title": "cosine similarity accepts non-finite stored/query vectors",
"why_it_matters": "NaN/Inf can produce NaN scores and unstable sorting.",
"suggested_fix": "Validate finite vectors before storage and skip/error on non-finite during reads.",
"source": "manual"
},
{
"id": "SM-AUD-0024",
"severity": "P0",
"confidence": "confirmed",
"area": "search",
"file": "semantic-memory/src/search.rs",
"line": "963",
"title": "HNSW filtered search can return empty results without brute-force fallback",
"why_it_matters": "HNSW gets global candidates before namespace/session/source-type filters; if filtered candidates are removed, valid rows outside the top candidate pool are missed.",
"suggested_fix": "Overfetch adaptively after filters or fallback to brute force when post-filter hits < k.",
"source": "manual"
},
{
"id": "SM-AUD-0025",
"severity": "P0",
"confidence": "confirmed",
"area": "search",
"file": "semantic-memory/src/conversation.rs",
"line": "683",
"title": "conversation HNSW search runs blocking CPU work on async thread",
"why_it_matters": "It directly holds the HNSW read lock and searches in async context, unlike main hnsw_search_blocking.",
"suggested_fix": "Route through spawn_blocking helper.",
"source": "manual"
},
{
"id": "SM-AUD-0026",
"severity": "P0",
"confidence": "confirmed",
"area": "delete/integrity",
"file": "semantic-memory/src/knowledge.rs",
"line": "143",
"title": "delete_fact does not clean episode_causes references",
"why_it_matters": "Deleting a fact queues HNSW delete and removes FTS, but episodes may still cite the fact as a cause.",
"suggested_fix": "Delete or mark episode_causes rows referencing the fact and update affected episode search/provenance.",
"source": "manual"
},
{
"id": "SM-AUD-0027",
"severity": "P0",
"confidence": "probable",
"area": "delete/integrity",
"file": "semantic-memory/src/knowledge.rs",
"line": "181",
"title": "update_fact does not update dependent episode/projection search text",
"why_it_matters": "Fact content changes can make derived episode/projection references semantically stale.",
"suggested_fix": "Record invalidation edges or recompute affected derived search surfaces.",
"source": "manual"
},
{
"id": "SM-AUD-0028",
"severity": "P1",
"confidence": "confirmed",
"area": "api",
"file": "semantic-memory/src/knowledge.rs",
"line": "236",
"title": "delete_namespace returns only fact count despite deleting many entity types",
"why_it_matters": "The API return value underreports blast radius and can make receipts/logs false.",
"suggested_fix": "Return NamespaceDeleteReport with counts per entity/table/op.",
"source": "manual"
},
{
"id": "SM-AUD-0029",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/lib.rs",
"line": "369",
"title": "Open-time HNSW rebuild/degrade policy is implicit",
"why_it_matters": "The open path may rebuild/clear/swap indexes based on metadata without an explicit user-visible startup policy.",
"suggested_fix": "Expose HnswStartupPolicy and health status.",
"source": "manual"
},
{
"id": "SM-AUD-0030",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/lib.rs",
"line": "403",
"title": "SQL errors while counting embeddings are swallowed as zero",
"why_it_matters": "query_row(...).unwrap_or(0) can suppress a DB error and avoid needed rebuild.",
"suggested_fix": "Propagate DB errors during integrity decisions.",
"source": "manual"
},
{
"id": "SM-AUD-0031",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/lib.rs",
"line": "455",
"title": "Orphan-count SQL errors are swallowed as zero",
"why_it_matters": "A failed orphan check can make a stale keymap appear clean.",
"suggested_fix": "Propagate the error or force degraded/rebuild state.",
"source": "manual"
},
{
"id": "SM-AUD-0032",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw.rs",
"line": "310",
"title": "Missing hnsw_keymap table silently leaves loaded graph without keys",
"why_it_matters": "load_keymap returns Ok with empty keymap; graph points become unresolvable.",
"suggested_fix": "Treat graph+missing keymap as degraded/rebuild, not clean load.",
"source": "manual"
},
{
"id": "SM-AUD-0033",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw.rs",
"line": "353",
"title": "Malformed next_id metadata falls back silently",
"why_it_matters": "Invalid next_id is parsed with ok/unwrap_or graph point count.",
"suggested_fix": "Report error or mark sidecar stale when metadata is malformed.",
"source": "manual"
},
{
"id": "SM-AUD-0034",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw.rs",
"line": "222",
"title": "HNSW len can report nonzero even when keymap is empty",
"why_it_matters": "len uses graph point count minus deleted IDs, not resolvable key count.",
"suggested_fix": "Expose separate graph_len and live_key_count; search should use resolvable key count.",
"source": "manual"
},
{
"id": "SM-AUD-0035",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw.rs",
"line": "185",
"title": "Tombstone overfetch is too naive",
"why_it_matters": "fetch_count = top_k + deleted_ids.len() still can miss valid neighbors if tombstones cluster near the query.",
"suggested_fix": "Iteratively overfetch until enough live hits or graph exhausted.",
"source": "manual"
},
{
"id": "SM-AUD-0036",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw.rs",
"line": "250",
"title": "deleted_ratio may divide using graph count that includes unreachable/unmapped points",
"why_it_matters": "Compaction threshold can be misleading if keymap drift exists.",
"suggested_fix": "Compute deleted/live ratios from verified keymap state.",
"source": "manual"
},
{
"id": "SM-AUD-0037",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw.rs",
"line": "496",
"title": "u64 node id is cast to usize without range check",
"why_it_matters": "Sidecar with node id > usize::MAX truncates on 32-bit and can corrupt mapping.",
"suggested_fix": "TryFrom<u64> with explicit error.",
"source": "manual"
},
{
"id": "SM-AUD-0038",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw.rs",
"line": "383",
"title": "insert ignores return/status from hnsw_rs graph.insert",
"why_it_matters": "If insertion fails or panics internally, keymap may still be updated.",
"suggested_fix": "Wrap insert in catch_unwind if needed and use API result if available; update keymap only after success.",
"source": "manual"
},
{
"id": "SM-AUD-0039",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw_ops.rs",
"line": "71",
"title": "HNSW rebuild silently skips invalid fact embeddings",
"why_it_matters": "db::bytes_to_embedding errors are ignored, producing an incomplete index.",
"suggested_fix": "Count skipped rows and return degraded integrity finding.",
"source": "manual"
},
{
"id": "SM-AUD-0040",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw_ops.rs",
"line": "89",
"title": "HNSW rebuild silently skips invalid chunk embeddings",
"why_it_matters": "Invalid embeddings are dropped without a repair error.",
"suggested_fix": "Count skipped rows and expose rebuild diagnostics.",
"source": "manual"
},
{
"id": "SM-AUD-0041",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw_ops.rs",
"line": "107",
"title": "HNSW rebuild silently skips invalid message embeddings",
"why_it_matters": "Invalid message embeddings are dropped without a repair error.",
"suggested_fix": "Count skipped rows and expose rebuild diagnostics.",
"source": "manual"
},
{
"id": "SM-AUD-0042",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw_ops.rs",
"line": "125",
"title": "HNSW rebuild silently skips invalid episode embeddings",
"why_it_matters": "Invalid episode embeddings are dropped without a repair error.",
"suggested_fix": "Count skipped rows and expose rebuild diagnostics.",
"source": "manual"
},
{
"id": "SM-AUD-0043",
"severity": "P1",
"confidence": "confirmed",
"area": "hnsw",
"file": "semantic-memory/src/hnsw_ops.rs",
"line": "205",
"title": "clear_pending_index_ops is all-or-nothing per processed key list after sidecar save",
"why_it_matters": "If keymap flush succeeds but clear fails, mutations may be replayed and duplicate/tombstone bloat occurs.",
"suggested_fix": "Use transactional state machine with op generation numbers and idempotent upsert.",
"source": "manual"
},
{
"id": "SM-AUD-0044",
"severity": "P1",
"confidence": "confirmed",
"area": "q8",
"file": "semantic-memory/src/lib.rs",
"line": "1256",
"title": "q8 optionality conflicts with integrity expectations",
"why_it_matters": "Code comments say q8 is optional/non-fatal, but full integrity can treat missing q8 as an issue.",
"suggested_fix": "Define compressed vectors as mandatory or optional; align write, repair, and integrity.",
"source": "manual"
},
{
"id": "SM-AUD-0045",
"severity": "P1",
"confidence": "confirmed",
"area": "q8",
"file": "semantic-memory/src/quantize.rs",
"line": "1",
"title": "q8 baseline lacks explicit versioned storage envelope",
"why_it_matters": "Packed q8 bytes need version/dims/scale metadata for future TurboQuant coexistence.",
"suggested_fix": "Add a vector-codec envelope with codec, version, dim, checksum, and params.",
"source": "manual"
},
{
"id": "SM-AUD-0046",
"severity": "P1",
"confidence": "confirmed",
"area": "search",
"file": "semantic-memory/src/search.rs",
"line": "102",
"title": "Invalid timestamp becomes maximally fresh",
"why_it_matters": "days_since(ts).unwrap_or(0.0) makes parse failures age 0 after a warning.",
"suggested_fix": "Treat invalid timestamps as no recency contribution or stale.",
"source": "manual"
},
{
"id": "SM-AUD-0047",
"severity": "P1",
"confidence": "confirmed",
"area": "search",
"file": "semantic-memory/src/search.rs",
"line": "85",
"title": "recency scoring uses wall-clock inside ranking",
"why_it_matters": "Utc::now makes ranking nondeterministic and hard to test/replay.",
"suggested_fix": "Inject clock into SearchConfig or query context.",
"source": "manual"
},
{
"id": "SM-AUD-0048",
"severity": "P1",
"confidence": "confirmed",
"area": "search",
"file": "semantic-memory/src/lib.rs",
"line": "851",
"title": "candidate_pool_size.max(k * 3) can overflow",
"why_it_matters": "usize multiplication can overflow for large top_k.",
"suggested_fix": "Use k.saturating_mul(3) and cap top_k.",
"source": "manual"
},
{
"id": "SM-AUD-0049",
"severity": "P1",
"confidence": "confirmed",
"area": "search",
"file": "semantic-memory/src/lib.rs",
"line": "954",
"title": "Second candidate_pool_size.max(k * 3) overflow surface",
"why_it_matters": "Same unbounded top_k multiplication appears in another search path.",
"suggested_fix": "Use saturating_mul and configured max_top_k.",
"source": "manual"
},
{
"id": "SM-AUD-0050",
"severity": "P1",
"confidence": "confirmed",
"area": "search",
"file": "semantic-memory/src/lib.rs",
"line": "1033",
"title": "Third candidate_pool_size.max(k * 3) overflow surface",
"why_it_matters": "Same unbounded top_k multiplication appears in another path.",
"suggested_fix": "Use saturating_mul and configured max_top_k.",
"source": "manual"
},
{
"id": "SM-AUD-0051",
"severity": "P1",
"confidence": "confirmed",
"area": "search",
"file": "semantic-memory/src/conversation.rs",
"line": "683",
"title": "conversation candidate_pool_size.max(k * 3) overflow surface",
"why_it_matters": "Unbounded top_k multiplication in conversation search.",
"suggested_fix": "Use saturating_mul and configured max_top_k.",
"source": "manual"
},
{
"id": "SM-AUD-0052",
"severity": "P1",
"confidence": "confirmed",
"area": "conversation",
"file": "semantic-memory/src/conversation.rs",
"line": "172",
"title": "Unknown token counts are treated as zero in budget selection",
"why_it_matters": "Messages with missing token_count can bypass max_tokens.",
"suggested_fix": "Recompute missing token_count or treat unknown as conservative upper bound.",
"source": "manual"
},
{
"id": "SM-AUD-0053",
"severity": "P1",
"confidence": "confirmed",
"area": "conversation",
"file": "semantic-memory/src/conversation.rs",
"line": "173",
"title": "Token budget addition can overflow u32",
"why_it_matters": "total_tokens + msg_tokens may overflow before comparison.",
"suggested_fix": "Use checked_add/saturating_add and error or clamp.",
"source": "manual"
},
{
"id": "SM-AUD-0054",
"severity": "P1",
"confidence": "confirmed",
"area": "conversation",
"file": "semantic-memory/src/conversation.rs",
"line": "185",
"title": "session_token_count casts negative SQL sum to u64",
"why_it_matters": "If corrupt rows contain negative token_count, cast wraps to huge positive.",
"suggested_fix": "Validate nonnegative aggregate before conversion.",
"source": "manual"
},
{
"id": "SM-AUD-0055",
"severity": "P1",
"confidence": "probable",
"area": "validation",
"file": "semantic-memory/src/conversation.rs",
"line": "63",
"title": "Session/channel identifiers are not consistently length/whitespace validated",
"why_it_matters": "Malformed or huge identifiers can leak into storage and logs.",
"suggested_fix": "Centralize validation for session_id, channel, namespace, title, source URI.",
"source": "manual"
},
{
"id": "SM-AUD-0056",
"severity": "P1",
"confidence": "probable",
"area": "validation",
"file": "semantic-memory/src/documents.rs",
"line": "315",
"title": "Document title/source/metadata size validation is weaker than content validation",
"why_it_matters": "Large metadata/title/source strings can bloat DB and docs.",
"suggested_fix": "Add max lengths and metadata byte caps.",
"source": "manual"
},
{
"id": "SM-AUD-0057",
"severity": "P1",
"confidence": "probable",
"area": "validation",
"file": "semantic-memory/src/episodes.rs",
"line": "393",
"title": "Episode search limit is unbounded",
"why_it_matters": "A caller can request a huge limit and cause large result materialization.",
"suggested_fix": "Cap limit using config max_top_k/max_query_rows.",
"source": "manual"
},
{
"id": "SM-AUD-0058",
"severity": "P1",
"confidence": "confirmed",
"area": "api",
"file": "semantic-memory/src/episodes.rs",
"line": "437",
"title": "search_episodes drops episode_id and returns document_id",
"why_it_matters": "Multiple episodes per document cannot be distinguished by caller.",
"suggested_fix": "Return episode_id plus document_id or a typed EpisodeSearchResult.",
"source": "manual"
},
{
"id": "SM-AUD-0059",
"severity": "P1",
"confidence": "confirmed",
"area": "diagnostics",
"file": "semantic-memory/src/episodes.rs",
"line": "452",
"title": "Episode parse errors report document_id instead of episode_id",
"why_it_matters": "Diagnostic row id for cause_ids/outcome/status points to document_id, not the episode row.",
"suggested_fix": "Use episode_id in parse helpers.",
"source": "manual"
},
{
"id": "SM-AUD-0060",
"severity": "P1",
"confidence": "confirmed",
"area": "episodes",
"file": "semantic-memory/src/episodes.rs",
"line": "285",
"title": "INSERT OR IGNORE collapses duplicate cause IDs silently",
"why_it_matters": "Duplicate causes with different ordinal positions are discarded.",
"suggested_fix": "Validate and reject duplicate cause_ids or preserve multiplicity intentionally.",
"source": "manual"
},
{
"id": "SM-AUD-0061",
"severity": "P1",
"confidence": "confirmed",
"area": "episodes",
"file": "semantic-memory/src/episodes.rs",
"line": "360",
"title": "update_episode_outcome cannot clear experiment_id",
"why_it_matters": "COALESCE(?3, experiment_id) preserves old experiment_id when None is passed.",
"suggested_fix": "Add explicit clear operation or Option<Option<String>> semantics.",
"source": "manual"
},
{
"id": "SM-AUD-0062",
"severity": "P1",
"confidence": "probable",
"area": "keys",
"file": "semantic-memory/src/hnsw.rs",
"line": "58",
"title": "HNSW key parsing split_once(:) is fragile for IDs containing colon",
"why_it_matters": "Episode/document/user-provided IDs may contain colon unless validated.",
"suggested_fix": "Use structured key encoding or reject colon in IDs.",
"source": "manual"
},
{
"id": "SM-AUD-0063",
"severity": "P1",
"confidence": "probable",
"area": "keys",
"file": "semantic-memory/src/search.rs",
"line": "119",
"title": "Message dedup key uses session_id:message_id delimiter",
"why_it_matters": "If session_id contains colon, downstream parsing/dedup diagnostics can become ambiguous.",
"suggested_fix": "Use tuple type internally or escaped/keyed serialization.",
"source": "manual"
},
{
"id": "SM-AUD-0064",
"severity": "P1",
"confidence": "probable",
"area": "foreign-keys",
"file": "semantic-memory/src/db.rs",
"line": "1",
"title": "Correctness depends on PRAGMA foreign_keys being enabled for every pooled connection",
"why_it_matters": "Cascades/derived cleanup assumptions fail if a connection misses the pragma.",
"suggested_fix": "Assert PRAGMA foreign_keys=ON after every connection checkout.",
"source": "manual"
},
{
"id": "SM-AUD-0065",
"severity": "P1",
"confidence": "probable",
"area": "db",
"file": "semantic-memory/src/db.rs",
"line": "558",
"title": "PRAGMA max_page_count computed with dynamic formatting",
"why_it_matters": "Even though value is numeric, config-derived PRAGMA should be validated/capped.",
"suggested_fix": "Validate max_page_count range before execute.",
"source": "manual"
},
{
"id": "SM-AUD-0066",
"severity": "P1",
"confidence": "confirmed",
"area": "db",
"file": "semantic-memory/src/db.rs",
"line": "705",
"title": "Dynamic table_info table name formatting relies on internal callers only",
"why_it_matters": "If any caller ever passes user input, PRAGMA table_info becomes injection-prone.",
"suggested_fix": "Make table an enum or whitelist.",
"source": "manual"
},
{
"id": "SM-AUD-0067",
"severity": "P1",
"confidence": "confirmed",
"area": "db",
"file": "semantic-memory/src/db.rs",
"line": "715",
"title": "Dynamic ALTER TABLE formatting relies on internal table/column whitelists",
"why_it_matters": "Schema migration helpers must not accept arbitrary strings.",
"suggested_fix": "Make migration table/column identifiers enum-backed.",
"source": "manual"
},
{
"id": "SM-AUD-0068",
"severity": "P1",
"confidence": "confirmed",
"area": "db",
"file": "semantic-memory/src/db.rs",
"line": "1400",
"title": "Dynamic SELECT COUNT table name relies on internal map table list",
"why_it_matters": "Future caller could turn table name into SQL injection.",
"suggested_fix": "Use enum/constant-only function signature.",
"source": "manual"
},
{
"id": "SM-AUD-0069",
"severity": "P1",
"confidence": "probable",
"area": "sqlite",
"file": "semantic-memory/src/db.rs",
"line": "1",
"title": "SQLite WAL/checkpoint/backpressure policy not visible in archive-level docs",
"why_it_matters": "Long-running local stores need defined WAL/checkpoint/backup behavior.",
"suggested_fix": "Document and test WAL mode, busy timeout, checkpoint, and backup semantics.",
"source": "manual"
},
{
"id": "SM-AUD-0070",
"severity": "P1",
"confidence": "probable",
"area": "pool",
"file": "semantic-memory/src/pool.rs",
"line": "1",
"title": "Connection pool shutdown/poison behavior needs stress coverage",
"why_it_matters": "spawn_blocking and pool handoff may hide panics as Other, but lifecycle correctness needs proof.",
"suggested_fix": "Add pool close/drop/concurrent open tests under load.",
"source": "manual"
},
{
"id": "SM-AUD-0071",
"severity": "P1",
"confidence": "probable",
"area": "projection",
"file": "semantic-memory/src/projection_storage.rs",
"line": "1",
"title": "Projection storage integrity is likely separate from memory integrity",
"why_it_matters": "Projection tables are substantial but not obviously covered by full integrity parity.",
"suggested_fix": "Add projection-level integrity: rows, derivations, episodes, imports, claim versions.",
"source": "manual"
},
{
"id": "SM-AUD-0072",
"severity": "P1",
"confidence": "probable",
"area": "projection",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": "271",
"title": "Projection query uses unwrap_or_default for missing claim/source IDs",
"why_it_matters": "Missing IDs become empty strings, hiding malformed rows.",
"suggested_fix": "Return structured parse/error instead of default empty identifiers.",
"source": "manual"
},
{
"id": "SM-AUD-0073",
"severity": "P1",
"confidence": "confirmed",
"area": "bridge",
"file": "forge-memory-bridge/src/transform.rs",
"line": "301",
"title": "Bridge transform uses unwrap_or_default, potentially hiding malformed optional payloads",
"why_it_matters": "Defaulting in bridge paths can mask corrupted envelope fields.",
"suggested_fix": "Emit explicit transform error or warning with field name.",
"source": "manual"
},
{
"id": "SM-AUD-0074",
"severity": "P1",
"confidence": "probable",
"area": "import",
"file": "semantic-memory/src/json_compat_import.rs",
"line": "25",
"title": "JSON import begins with from_str(...).ok()",
"why_it_matters": "Malformed JSON is converted into None instead of a typed parse error at the earliest boundary.",
"suggested_fix": "Preserve parse error and source payload hash in import receipt.",
"source": "manual"
},
{
"id": "SM-AUD-0075",
"severity": "P1",
"confidence": "probable",
"area": "import",
"file": "semantic-memory/src/projection_legacy_compat.rs",
"line": "127",
"title": "Legacy compatibility serializes with unwrap_or_default",
"why_it_matters": "Serialization failure becomes empty string, which can look like valid empty JSON.",
"suggested_fix": "Return error on serialization failure.",
"source": "manual"
},
{
"id": "SM-AUD-0076",
"severity": "P1",
"confidence": "probable",
"area": "security",
"file": "semantic-memory/src/embedder.rs",
"line": "127",
"title": "HTTP embedder response body uses unwrap_or_default on error",
"why_it_matters": "Failed response body read can erase useful diagnostic details.",
"suggested_fix": "Propagate body-read error or preserve status + partial diagnostics.",
"source": "manual"
},
{
"id": "SM-AUD-0077",
"severity": "P1",
"confidence": "probable",
"area": "security",
"file": "semantic-memory/src/embedder.rs",
"line": "1",
"title": "External embedder failure modes need retry/backoff/rate-limit policy",
"why_it_matters": "Embedding APIs are external/unreliable; partial failures are currently risky for batch workflows.",
"suggested_fix": "Add retry policy, per-batch timeout, and idempotent transaction boundaries.",
"source": "manual"
},
{
"id": "SM-AUD-0078",
"severity": "P2",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/CLAUDE_CODE_PROMPT.md",
"line": "1",
"title": "Prompt docs are packaged at project root",
"why_it_matters": "Prompt artifacts are useful internally but noisy for external review.",
"suggested_fix": "Move prompt files under docs/internal/codex/ or exclude public packages.",
"source": "manual"
},
{
"id": "SM-AUD-0079",
"severity": "P2",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/IMPLEMENTATION_PROMPT.md",
"line": "1",
"title": "Implementation prompt is packaged at project root",
"why_it_matters": "Root prompt files dilute the README/API/architecture signal.",
"suggested_fix": "Archive or relocate prompt files.",
"source": "manual"
},
{
"id": "SM-AUD-0080",
"severity": "P2",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/PATCH_PROMPT.md",
"line": "1",
"title": "Patch prompt is packaged at project root",
"why_it_matters": "Root patch prompt looks stale/internal to reviewers.",
"suggested_fix": "Archive or relocate prompt files.",
"source": "manual"
},
{
"id": "SM-AUD-0081",
"severity": "P2",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/V2_PATCH_PROMPT.md",
"line": "1",
"title": "V2 patch prompt is packaged at project root",
"why_it_matters": "Stale patch prompt can confuse source of truth.",
"suggested_fix": "Archive or relocate prompt files.",
"source": "manual"
},
{
"id": "SM-AUD-0082",
"severity": "P2",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/semantic-memory-generic-rust-next-codex-context-20260507.codex-archive.json",
"line": "1",
"title": "Prior codex sidecar is included in current source package",
"why_it_matters": "The previous codex archive report is not source and can confuse current package state.",
"suggested_fix": "Exclude generated/codex sidecars consistently.",
"source": "manual"
},
{
"id": "SM-AUD-0083",
"severity": "P2",
"confidence": "confirmed",
"area": "permissions",
"file": "manifest",
"line": "1",
"title": "Most source/docs are marked executable",
"why_it_matters": "Executable bits on .rs/.md/.toml/.lock files create noisy diffs and false script signals.",
"suggested_fix": "Normalize permissions: 0644 for non-scripts, 0755 only for actual executables.",
"source": "manual"
},
{
"id": "SM-AUD-0084",
"severity": "P2",
"confidence": "confirmed",
"area": "ci",
"file": "manifest",
"line": "1",
"title": "No packaged CI workflow surface",
"why_it_matters": "The archive does not show .github/workflows for cargo check/test/clippy/doc.",
"suggested_fix": "Add CI for all features, no-default-features variants, and clean extraction build.",
"source": "manual"
},
{
"id": "SM-AUD-0085",
"severity": "P2",
"confidence": "confirmed",
"area": "benchmarks",
"file": "manifest",
"line": "1",
"title": "No benchmark suite/result artifact included",
"why_it_matters": "TurboQuant/HNSW/q8 claims need performance/recall evidence.",
"suggested_fix": "Add benches and BENCHMARKS.md with f32/q8/HNSW/TurboQuant matrix.",
"source": "manual"
},
{
"id": "SM-AUD-0086",
"severity": "P2",
"confidence": "probable",
"area": "structure",
"file": "semantic-memory/src/lib.rs",
"line": "1",
"title": "lib.rs is very large and high blast-radius",
"why_it_matters": "Large orchestrator file makes localized correctness review harder.",
"suggested_fix": "Split store open/search/reembed/delete/integrity modules after P0 fixes.",
"source": "manual"
},
{
"id": "SM-AUD-0087",
"severity": "P2",
"confidence": "probable",
"area": "structure",
"file": "semantic-memory/src/db.rs",
"line": "1",
"title": "db.rs is very large and high blast-radius",
"why_it_matters": "Schema/migration/metadata/ops all in one module reduce auditability.",
"suggested_fix": "Split schema/migrations/integrity/hnsw metadata helpers.",
"source": "manual"
},
{
"id": "SM-AUD-0088",
"severity": "P2",
"confidence": "probable",
"area": "structure",
"file": "semantic-memory/src/search.rs",
"line": "1",
"title": "search.rs combines lexical, vector, HNSW resolution, fusion, scoring",
"why_it_matters": "Mixed responsibilities make ranking bugs harder to isolate.",
"suggested_fix": "Split search/fts.rs vector.rs hnsw.rs fusion.rs explain.rs.",
"source": "manual"
},
{
"id": "SM-AUD-0089",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "forge-memory-bridge/AGENTS.md",
"line": "",
"title": "Non-script file is executable: forge-memory-bridge/AGENTS.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0090",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "forge-memory-bridge/Cargo.lock",
"line": "",
"title": "Non-script file is executable: forge-memory-bridge/Cargo.lock",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0091",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "forge-memory-bridge/Cargo.toml",
"line": "",
"title": "Non-script file is executable: forge-memory-bridge/Cargo.toml",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0092",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "forge-memory-bridge/src/batch.rs",
"line": "",
"title": "Non-script file is executable: forge-memory-bridge/src/batch.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0093",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "forge-memory-bridge/src/error.rs",
"line": "",
"title": "Non-script file is executable: forge-memory-bridge/src/error.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0094",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "forge-memory-bridge/src/legacy.rs",
"line": "",
"title": "Non-script file is executable: forge-memory-bridge/src/legacy.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0095",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "forge-memory-bridge/src/lib.rs",
"line": "",
"title": "Non-script file is executable: forge-memory-bridge/src/lib.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0096",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": "",
"title": "Non-script file is executable: forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0097",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory-forge/Cargo.toml",
"line": "",
"title": "Non-script file is executable: semantic-memory-forge/Cargo.toml",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0098",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory-forge/src/bundle.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory-forge/src/bundle.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0099",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory-forge/src/estimator.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory-forge/src/estimator.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0100",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory-forge/src/lib.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory-forge/src/lib.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0101",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory-forge/src/tool_receipt.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory-forge/src/tool_receipt.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0102",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory-forge/src/v11.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory-forge/src/v11.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0103",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory-forge/src/v13.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory-forge/src/v13.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0104",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory-forge/src/v14.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory-forge/src/v14.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0105",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory-forge/src/v9.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory-forge/src/v9.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0106",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/.gitignore",
"line": "",
"title": "Non-script file is executable: semantic-memory/.gitignore",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0107",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/AGENTS.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/AGENTS.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0108",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/CLAUDE_CODE_PROMPT.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/CLAUDE_CODE_PROMPT.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0109",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/Cargo.lock",
"line": "",
"title": "Non-script file is executable: semantic-memory/Cargo.lock",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0110",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/Cargo.toml",
"line": "",
"title": "Non-script file is executable: semantic-memory/Cargo.toml",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0111",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/HNSWLIB_RS_REFERENCE.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/HNSWLIB_RS_REFERENCE.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0112",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/IMPLEMENTATION_PROMPT.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/IMPLEMENTATION_PROMPT.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0113",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/PATCH_PROMPT.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/PATCH_PROMPT.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0114",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/SPEC.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/SPEC.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0115",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/TESTING.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/TESTING.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0116",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/UPGRADE_SPEC.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/UPGRADE_SPEC.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0117",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/V1_1_AGENTS_ADDENDUM.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/V1_1_AGENTS_ADDENDUM.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0118",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/V1_1_SPEC_ADDENDUM.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/V1_1_SPEC_ADDENDUM.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0119",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/V1_1_TESTING_ADDENDUM.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/V1_1_TESTING_ADDENDUM.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0120",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/V2_AGENTS_ADDENDUM.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/V2_AGENTS_ADDENDUM.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0121",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/V2_PATCH_PROMPT.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/V2_PATCH_PROMPT.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0122",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/V2_SPEC_ADDENDUM.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/V2_SPEC_ADDENDUM.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0123",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/V2_TESTING_ADDENDUM.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/V2_TESTING_ADDENDUM.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0124",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/V3_AGENTS_ADDENDUM.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/V3_AGENTS_ADDENDUM.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0125",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/V3_CHANGE_MAP.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/V3_CHANGE_MAP.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0126",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/V3_SPEC.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/V3_SPEC.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0127",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/V3_TESTING.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/V3_TESTING.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0128",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/examples/basic_search.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/examples/basic_search.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0129",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/examples/conversation_memory.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/examples/conversation_memory.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0130",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/reference/chunk.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/reference/chunk.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0131",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/reference/hybrid_search.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/reference/hybrid_search.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0132",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/semantic-memory-spec.md",
"line": "",
"title": "Non-script file is executable: semantic-memory/semantic-memory-spec.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0133",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/chunker.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/chunker.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0134",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/config.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/config.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0135",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/conversation.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/conversation.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0136",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/db.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/db.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0137",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/documents.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/documents.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0138",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/embedder.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/embedder.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0139",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/episodes.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/episodes.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0140",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/error.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/error.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0141",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/graph.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/graph.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0142",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/hnsw.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/hnsw.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0143",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/hnsw_ops.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/hnsw_ops.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0144",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/json_compat_import.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/json_compat_import.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0145",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/knowledge.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/knowledge.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0146",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/lib.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/lib.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0147",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/pool.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/pool.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0148",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/projection_batch.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/projection_batch.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0149",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/projection_derivation.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/projection_derivation.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0150",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/projection_import.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/projection_import.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0151",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/projection_lane.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/projection_lane.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0152",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/projection_legacy_compat.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/projection_legacy_compat.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0153",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/projection_storage.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/projection_storage.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0154",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/quantize.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/quantize.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0155",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/search.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/search.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0156",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/storage.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/storage.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0157",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/store_support.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/store_support.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0158",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/tokenizer.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/tokenizer.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0159",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/src/types.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/src/types.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0160",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/brute_force_parity.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/brute_force_parity.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0161",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/chunker_tests.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/chunker_tests.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0162",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/compaction.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/compaction.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0163",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/concurrent_access.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/concurrent_access.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0164",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/conversation_search_tests.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/conversation_search_tests.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0165",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/conversation_tests.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/conversation_tests.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0166",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/db_tests.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/db_tests.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0167",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/episode_identity.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/episode_identity.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0168",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/hardening_semantics.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/hardening_semantics.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0169",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/hardening_v5.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/hardening_v5.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0170",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/hnsw_hotswap.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/hnsw_hotswap.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0171",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/hnsw_integration.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/hnsw_integration.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0172",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/hnsw_persistence.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/hnsw_persistence.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0173",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/import_boundary_tests.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/import_boundary_tests.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0174",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/import_ugly_cases.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/import_ugly_cases.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0175",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/integration_tests.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/integration_tests.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0176",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/knowledge_tests.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/knowledge_tests.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0177",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/migration_v5.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/migration_v5.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0178",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/projection_v11_tests.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/projection_v11_tests.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0179",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/quantization.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/quantization.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0180",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/quantization_pipeline.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/quantization_pipeline.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0181",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/search_tests.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/search_tests.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0182",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/step3_verification.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/step3_verification.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0183",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/step4_verification.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/step4_verification.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0184",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/storage_lifecycle.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/storage_lifecycle.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0185",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/tokenizer_tests.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/tokenizer_tests.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0186",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/trace_id_write_seam.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/trace_id_write_seam.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0187",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "semantic-memory/tests/vector_only_hnsw.rs",
"line": "",
"title": "Non-script file is executable: semantic-memory/tests/vector_only_hnsw.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0188",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "stack-ids/AGENTS.md",
"line": "",
"title": "Non-script file is executable: stack-ids/AGENTS.md",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0189",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "stack-ids/Cargo.lock",
"line": "",
"title": "Non-script file is executable: stack-ids/Cargo.lock",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0190",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "stack-ids/Cargo.toml",
"line": "",
"title": "Non-script file is executable: stack-ids/Cargo.toml",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0191",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "stack-ids/src/digest.rs",
"line": "",
"title": "Non-script file is executable: stack-ids/src/digest.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0192",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "stack-ids/src/lib.rs",
"line": "",
"title": "Non-script file is executable: stack-ids/src/lib.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0193",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "stack-ids/src/scope.rs",
"line": "",
"title": "Non-script file is executable: stack-ids/src/scope.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0194",
"severity": "P3",
"confidence": "confirmed",
"area": "permissions",
"file": "stack-ids/src/trace.rs",
"line": "",
"title": "Non-script file is executable: stack-ids/src/trace.rs",
"why_it_matters": "Executable bit on ordinary source/documentation creates noisy diffs and can confuse archive consumers.",
"suggested_fix": "Normalize to 0644 unless this file is intentionally runnable.",
"source": "manifest-permission"
},
{
"id": "SM-AUD-0195",
"severity": "P2",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/CLAUDE_CODE_PROMPT.md",
"line": "",
"title": "Root markdown prompt candidate should be archived: CLAUDE_CODE_PROMPT.md",
"why_it_matters": "The certifier classified this as a root markdown archive candidate but archive movement was disabled.",
"suggested_fix": "Move under docs/internal/codex or exclude from public handoff packages.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0196",
"severity": "P2",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/IMPLEMENTATION_PROMPT.md",
"line": "",
"title": "Root markdown prompt candidate should be archived: IMPLEMENTATION_PROMPT.md",
"why_it_matters": "The certifier classified this as a root markdown archive candidate but archive movement was disabled.",
"suggested_fix": "Move under docs/internal/codex or exclude from public handoff packages.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0197",
"severity": "P2",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/PATCH_PROMPT.md",
"line": "",
"title": "Root markdown prompt candidate should be archived: PATCH_PROMPT.md",
"why_it_matters": "The certifier classified this as a root markdown archive candidate but archive movement was disabled.",
"suggested_fix": "Move under docs/internal/codex or exclude from public handoff packages.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0198",
"severity": "P2",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/V2_PATCH_PROMPT.md",
"line": "",
"title": "Root markdown prompt candidate should be archived: V2_PATCH_PROMPT.md",
"why_it_matters": "The certifier classified this as a root markdown archive candidate but archive movement was disabled.",
"suggested_fix": "Move under docs/internal/codex or exclude from public handoff packages.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0199",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/HNSWLIB_RS_REFERENCE.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: HNSWLIB_RS_REFERENCE.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0200",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/SPEC.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: SPEC.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0201",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/TESTING.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: TESTING.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0202",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/UPGRADE_SPEC.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: UPGRADE_SPEC.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0203",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/V1_1_AGENTS_ADDENDUM.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: V1_1_AGENTS_ADDENDUM.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0204",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/V1_1_SPEC_ADDENDUM.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: V1_1_SPEC_ADDENDUM.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0205",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/V1_1_TESTING_ADDENDUM.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: V1_1_TESTING_ADDENDUM.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0206",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/V2_AGENTS_ADDENDUM.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: V2_AGENTS_ADDENDUM.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0207",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/V2_SPEC_ADDENDUM.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: V2_SPEC_ADDENDUM.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0208",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/V2_TESTING_ADDENDUM.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: V2_TESTING_ADDENDUM.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0209",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/V3_AGENTS_ADDENDUM.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: V3_AGENTS_ADDENDUM.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0210",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/V3_CHANGE_MAP.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: V3_CHANGE_MAP.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0211",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/V3_SPEC.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: V3_SPEC.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0212",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/V3_TESTING.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: V3_TESTING.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0213",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/semantic-memory-generic-rust-next-codex-context-20260507.report.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: semantic-memory-generic-rust-next-codex-context-20260507.report.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0214",
"severity": "P3",
"confidence": "confirmed",
"area": "docs",
"file": "semantic-memory/semantic-memory-spec.md",
"line": "",
"title": "Ambiguous root markdown file needs source-of-truth decision: semantic-memory-spec.md",
"why_it_matters": "The certifier could not classify this root Markdown file; ambiguous docs create stale-spec risk.",
"suggested_fix": "Mark as protected, archive it, or move to docs/design-history.",
"source": "manifest-root-md"
},
{
"id": "SM-AUD-0215",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "forge-memory-bridge/src/error.rs",
"line": 95,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0216",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "forge-memory-bridge/src/legacy.rs",
"line": 121,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0217",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "forge-memory-bridge/src/legacy.rs",
"line": 158,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0218",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/legacy.rs",
"line": 215,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0219",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/legacy.rs",
"line": 224,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0220",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/legacy.rs",
"line": 230,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0221",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/legacy.rs",
"line": 236,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0222",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/legacy.rs",
"line": 246,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0223",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/legacy.rs",
"line": 262,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0224",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/legacy.rs",
"line": 287,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0225",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "forge-memory-bridge/src/transform.rs",
"line": 51,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0226",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "forge-memory-bridge/src/transform.rs",
"line": 95,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0227",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "forge-memory-bridge/src/transform.rs",
"line": 133,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0228",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "forge-memory-bridge/src/transform.rs",
"line": 301,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0229",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "forge-memory-bridge/src/transform.rs",
"line": 336,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0230",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "forge-memory-bridge/src/transform.rs",
"line": 505,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0231",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "forge-memory-bridge/src/transform.rs",
"line": 658,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0232",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 22,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0233",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 53,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0234",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 70,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0235",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 93,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0236",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 96,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0237",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 97,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0238",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 104,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0239",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 171,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0240",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 184,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0241",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 221,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0242",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 234,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0243",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 266,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0244",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 290,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0245",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 303,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0246",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 335,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0247",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 348,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0248",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 364,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0249",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 379,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0250",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 391,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0251",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 418,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0252",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 431,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0253",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 471,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0254",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 530,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0255",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 557,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0256",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 583,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0257",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 596,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0258",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 666,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0259",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 678,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0260",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 736,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0261",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/src/transform_tests.rs",
"line": 750,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0262",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 115,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0263",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 184,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0264",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 248,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0265",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 331,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0266",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 370,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0267",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 418,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0268",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 463,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0269",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 476,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0270",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 518,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0271",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 532,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0272",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 557,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0273",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 563,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0274",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 592,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0275",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 601,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0276",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 615,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0277",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 617,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0278",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 618,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0279",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 619,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0280",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 650,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0281",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 661,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0282",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 670,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0283",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 707,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0284",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 724,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0285",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 741,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0286",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 772,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0287",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 773,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0288",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 781,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0289",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 803,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0290",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 805,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0291",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 817,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0292",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 850,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0293",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 871,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0294",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 893,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0295",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 895,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0296",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "forge-memory-bridge/tests/forge_bridge_memory_proof.rs",
"line": 898,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0297",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/examples/basic_search.rs",
"line": 125,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0298",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/examples/conversation_memory.rs",
"line": 72,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0299",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/examples/conversation_memory.rs",
"line": 106,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0300",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/reference/chunk.rs",
"line": 54,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0301",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/reference/chunk.rs",
"line": 76,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0302",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/reference/chunk.rs",
"line": 85,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0303",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/reference/chunk.rs",
"line": 87,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0304",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/reference/chunk.rs",
"line": 88,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0305",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/reference/chunk.rs",
"line": 89,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0306",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/reference/chunk.rs",
"line": 105,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0307",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/reference/chunk.rs",
"line": 107,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0308",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/reference/chunk.rs",
"line": 293,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0309",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/reference/chunk.rs",
"line": 305,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0310",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/reference/chunk.rs",
"line": 316,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0311",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/reference/chunk.rs",
"line": 402,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0312",
"severity": "P1",
"confidence": "static",
"area": "dynamic-sql",
"file": "semantic-memory/reference/chunk.rs",
"line": 485,
"title": "Dynamic SQL construction should be whitelisted",
"why_it_matters": "Identifier or limit formatting is safe only if all inputs are trusted and bounded.",
"suggested_fix": "Use whitelisted enums for identifiers and bind parameters for values.",
"source": "pattern:dynamic-sql"
},
{
"id": "SM-AUD-0313",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/reference/chunk.rs",
"line": 496,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0314",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/reference/hybrid_search.rs",
"line": 4,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0315",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/reference/hybrid_search.rs",
"line": 42,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0316",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/reference/hybrid_search.rs",
"line": 81,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0317",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/reference/hybrid_search.rs",
"line": 84,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0318",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/reference/hybrid_search.rs",
"line": 92,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0319",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/reference/hybrid_search.rs",
"line": 104,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0320",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/reference/hybrid_search.rs",
"line": 125,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0321",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/chunker.rs",
"line": 173,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0322",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/chunker.rs",
"line": 195,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0323",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/chunker.rs",
"line": 204,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0324",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/conversation.rs",
"line": 63,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0325",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/conversation.rs",
"line": 85,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0326",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/conversation.rs",
"line": 172,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0327",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/conversation.rs",
"line": 191,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0328",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/conversation.rs",
"line": 251,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0329",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/conversation.rs",
"line": 319,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0330",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/conversation.rs",
"line": 392,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0331",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/conversation.rs",
"line": 399,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0332",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/conversation.rs",
"line": 433,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0333",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/conversation.rs",
"line": 564,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0334",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/conversation.rs",
"line": 629,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0335",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/conversation.rs",
"line": 638,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0336",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/conversation.rs",
"line": 672,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0337",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 16,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0338",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 17,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0339",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 29,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0340",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 43,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0341",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 44,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0342",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 69,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0343",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 80,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0344",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 102,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0345",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 161,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0346",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 171,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0347",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 194,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0348",
"severity": "P1",
"confidence": "static",
"area": "insert-or-ignore",
"file": "semantic-memory/src/db.rs",
"line": 197,
"title": "INSERT OR IGNORE can hide duplicate/constraint bugs",
"why_it_matters": "Ignored inserts can silently discard data or ordinal metadata.",
"suggested_fix": "Validate duplicates before insert or assert affected row count where required.",
"source": "pattern:insert-or-ignore"
},
{
"id": "SM-AUD-0349",
"severity": "P1",
"confidence": "static",
"area": "insert-or-ignore",
"file": "semantic-memory/src/db.rs",
"line": 208,
"title": "INSERT OR IGNORE can hide duplicate/constraint bugs",
"why_it_matters": "Ignored inserts can silently discard data or ordinal metadata.",
"suggested_fix": "Validate duplicates before insert or assert affected row count where required.",
"source": "pattern:insert-or-ignore"
},
{
"id": "SM-AUD-0350",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 297,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0351",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 298,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0352",
"severity": "P1",
"confidence": "static",
"area": "insert-or-ignore",
"file": "semantic-memory/src/db.rs",
"line": 370,
"title": "INSERT OR IGNORE can hide duplicate/constraint bugs",
"why_it_matters": "Ignored inserts can silently discard data or ordinal metadata.",
"suggested_fix": "Validate duplicates before insert or assert affected row count where required.",
"source": "pattern:insert-or-ignore"
},
{
"id": "SM-AUD-0353",
"severity": "P1",
"confidence": "static",
"area": "dynamic-sql",
"file": "semantic-memory/src/db.rs",
"line": 558,
"title": "Dynamic SQL construction should be whitelisted",
"why_it_matters": "Identifier or limit formatting is safe only if all inputs are trusted and bounded.",
"suggested_fix": "Use whitelisted enums for identifiers and bind parameters for values.",
"source": "pattern:dynamic-sql"
},
{
"id": "SM-AUD-0354",
"severity": "P1",
"confidence": "static",
"area": "dynamic-sql",
"file": "semantic-memory/src/db.rs",
"line": 581,
"title": "Dynamic SQL construction should be whitelisted",
"why_it_matters": "Identifier or limit formatting is safe only if all inputs are trusted and bounded.",
"suggested_fix": "Use whitelisted enums for identifiers and bind parameters for values.",
"source": "pattern:dynamic-sql"
},
{
"id": "SM-AUD-0355",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 594,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0356",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/db.rs",
"line": 605,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0357",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/db.rs",
"line": 652,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0358",
"severity": "P1",
"confidence": "static",
"area": "dynamic-sql",
"file": "semantic-memory/src/db.rs",
"line": 653,
"title": "Dynamic SQL construction should be whitelisted",
"why_it_matters": "Identifier or limit formatting is safe only if all inputs are trusted and bounded.",
"suggested_fix": "Use whitelisted enums for identifiers and bind parameters for values.",
"source": "pattern:dynamic-sql"
},
{
"id": "SM-AUD-0359",
"severity": "P1",
"confidence": "static",
"area": "dynamic-sql",
"file": "semantic-memory/src/db.rs",
"line": 705,
"title": "Dynamic SQL construction should be whitelisted",
"why_it_matters": "Identifier or limit formatting is safe only if all inputs are trusted and bounded.",
"suggested_fix": "Use whitelisted enums for identifiers and bind parameters for values.",
"source": "pattern:dynamic-sql"
},
{
"id": "SM-AUD-0360",
"severity": "P1",
"confidence": "static",
"area": "dynamic-sql",
"file": "semantic-memory/src/db.rs",
"line": 715,
"title": "Dynamic SQL construction should be whitelisted",
"why_it_matters": "Identifier or limit formatting is safe only if all inputs are trusted and bounded.",
"suggested_fix": "Use whitelisted enums for identifiers and bind parameters for values.",
"source": "pattern:dynamic-sql"
},
{
"id": "SM-AUD-0361",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/db.rs",
"line": 735,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0362",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 752,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0363",
"severity": "P1",
"confidence": "confirmed",
"area": "bytemuck-storage",
"file": "semantic-memory/src/db.rs",
"line": 788,
"title": "Storage byte cast is alignment/endian fragile",
"why_it_matters": "Casting SQLite bytes into f32 assumes alignment/native endian and can fail or misdecode.",
"suggested_fix": "Decode storage bytes via from_le_bytes/db::bytes_to_embedding.",
"source": "pattern:bytemuck-storage"
},
{
"id": "SM-AUD-0364",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/db.rs",
"line": 807,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0365",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 828,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0366",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 834,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0367",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/db.rs",
"line": 863,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0368",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/db.rs",
"line": 887,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0369",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/db.rs",
"line": 903,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0370",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/db.rs",
"line": 911,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0371",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/db.rs",
"line": 926,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0372",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/db.rs",
"line": 1023,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0373",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/db.rs",
"line": 1197,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0374",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/db.rs",
"line": 1392,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0375",
"severity": "P1",
"confidence": "static",
"area": "dynamic-sql",
"file": "semantic-memory/src/db.rs",
"line": 1400,
"title": "Dynamic SQL construction should be whitelisted",
"why_it_matters": "Identifier or limit formatting is safe only if all inputs are trusted and bounded.",
"suggested_fix": "Use whitelisted enums for identifiers and bind parameters for values.",
"source": "pattern:dynamic-sql"
},
{
"id": "SM-AUD-0376",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/db.rs",
"line": 1401,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0377",
"severity": "P1",
"confidence": "static",
"area": "zip-truncate",
"file": "semantic-memory/src/documents.rs",
"line": 70,
"title": "zip iteration can silently truncate mismatched collections",
"why_it_matters": "zip stops at the shorter collection, which is dangerous for batch write/update paths.",
"suggested_fix": "Pre-check lengths before zip unless truncation is intentional and documented.",
"source": "pattern:zip-truncate"
},
{
"id": "SM-AUD-0378",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/documents.rs",
"line": 78,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0379",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/documents.rs",
"line": 80,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0380",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/documents.rs",
"line": 168,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0381",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/documents.rs",
"line": 187,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0382",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/documents.rs",
"line": 195,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0383",
"severity": "P1",
"confidence": "static",
"area": "dynamic-sql",
"file": "semantic-memory/src/documents.rs",
"line": 234,
"title": "Dynamic SQL construction should be whitelisted",
"why_it_matters": "Identifier or limit formatting is safe only if all inputs are trusted and bounded.",
"suggested_fix": "Use whitelisted enums for identifiers and bind parameters for values.",
"source": "pattern:dynamic-sql"
},
{
"id": "SM-AUD-0384",
"severity": "P1",
"confidence": "static",
"area": "zip-truncate",
"file": "semantic-memory/src/documents.rs",
"line": 324,
"title": "zip iteration can silently truncate mismatched collections",
"why_it_matters": "zip stops at the shorter collection, which is dangerous for batch write/update paths.",
"suggested_fix": "Pre-check lengths before zip unless truncation is intentional and documented.",
"source": "pattern:zip-truncate"
},
{
"id": "SM-AUD-0385",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/documents.rs",
"line": 330,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0386",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/documents.rs",
"line": 426,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0387",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/embedder.rs",
"line": 127,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0388",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/embedder.rs",
"line": 179,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0389",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/embedder.rs",
"line": 250,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0390",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/embedder.rs",
"line": 251,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0391",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/episodes.rs",
"line": 90,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0392",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/episodes.rs",
"line": 167,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0393",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/episodes.rs",
"line": 191,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0394",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/episodes.rs",
"line": 231,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0395",
"severity": "P1",
"confidence": "static",
"area": "insert-or-ignore",
"file": "semantic-memory/src/episodes.rs",
"line": 285,
"title": "INSERT OR IGNORE can hide duplicate/constraint bugs",
"why_it_matters": "Ignored inserts can silently discard data or ordinal metadata.",
"suggested_fix": "Validate duplicates before insert or assert affected row count where required.",
"source": "pattern:insert-or-ignore"
},
{
"id": "SM-AUD-0396",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/episodes.rs",
"line": 287,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0397",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/episodes.rs",
"line": 369,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0398",
"severity": "P1",
"confidence": "static",
"area": "dynamic-sql",
"file": "semantic-memory/src/episodes.rs",
"line": 410,
"title": "Dynamic SQL construction should be whitelisted",
"why_it_matters": "Identifier or limit formatting is safe only if all inputs are trusted and bounded.",
"suggested_fix": "Use whitelisted enums for identifiers and bind parameters for values.",
"source": "pattern:dynamic-sql"
},
{
"id": "SM-AUD-0399",
"severity": "P1",
"confidence": "static",
"area": "dynamic-sql",
"file": "semantic-memory/src/episodes.rs",
"line": 414,
"title": "Dynamic SQL construction should be whitelisted",
"why_it_matters": "Identifier or limit formatting is safe only if all inputs are trusted and bounded.",
"suggested_fix": "Use whitelisted enums for identifiers and bind parameters for values.",
"source": "pattern:dynamic-sql"
},
{
"id": "SM-AUD-0400",
"severity": "P1",
"confidence": "static",
"area": "dynamic-sql",
"file": "semantic-memory/src/episodes.rs",
"line": 417,
"title": "Dynamic SQL construction should be whitelisted",
"why_it_matters": "Identifier or limit formatting is safe only if all inputs are trusted and bounded.",
"suggested_fix": "Use whitelisted enums for identifiers and bind parameters for values.",
"source": "pattern:dynamic-sql"
},
{
"id": "SM-AUD-0401",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/episodes.rs",
"line": 641,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0402",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/episodes.rs",
"line": 700,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0403",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/episodes.rs",
"line": 779,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0404",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/episodes.rs",
"line": 843,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0405",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/graph.rs",
"line": 34,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0406",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/graph.rs",
"line": 55,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0407",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/graph.rs",
"line": 99,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0408",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/graph.rs",
"line": 469,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0409",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/graph.rs",
"line": 597,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0410",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/graph.rs",
"line": 607,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0411",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/graph.rs",
"line": 680,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0412",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/graph.rs",
"line": 691,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0413",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/graph.rs",
"line": 702,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0414",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/graph.rs",
"line": 714,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0415",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/graph.rs",
"line": 726,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0416",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/graph.rs",
"line": 737,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0417",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/graph.rs",
"line": 767,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0418",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/graph.rs",
"line": 819,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0419",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/graph.rs",
"line": 832,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0420",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/graph.rs",
"line": 893,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0421",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/graph.rs",
"line": 920,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0422",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/hnsw.rs",
"line": 10,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0423",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/hnsw.rs",
"line": 77,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0424",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/hnsw.rs",
"line": 79,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0425",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/hnsw.rs",
"line": 84,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0426",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/hnsw.rs",
"line": 86,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0427",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/hnsw.rs",
"line": 250,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0428",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/hnsw.rs",
"line": 291,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0429",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/hnsw.rs",
"line": 294,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0430",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/hnsw.rs",
"line": 317,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0431",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/hnsw.rs",
"line": 324,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0432",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/hnsw.rs",
"line": 326,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0433",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/hnsw.rs",
"line": 332,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0434",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/hnsw.rs",
"line": 359,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0435",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/hnsw.rs",
"line": 360,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0436",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/hnsw.rs",
"line": 496,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0437",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/hnsw.rs",
"line": 501,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0438",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "semantic-memory/src/hnsw.rs",
"line": 530,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0439",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/hnsw.rs",
"line": 533,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0440",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "semantic-memory/src/hnsw.rs",
"line": 534,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0441",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "semantic-memory/src/hnsw.rs",
"line": 543,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0442",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "semantic-memory/src/hnsw.rs",
"line": 552,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0443",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "semantic-memory/src/hnsw.rs",
"line": 564,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0444",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "semantic-memory/src/hnsw.rs",
"line": 566,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0445",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "semantic-memory/src/hnsw.rs",
"line": 575,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0446",
"severity": "P3",
"confidence": "static",
"area": "unwrap-expect",
"file": "semantic-memory/src/hnsw.rs",
"line": 576,
"title": "unwrap/expect occurrence should be reviewed",
"why_it_matters": "Panics are usually fine in tests but not in production or helper code used by examples.",
"suggested_fix": "Replace in production paths; leave in tests only when failure message is useful.",
"source": "pattern:unwrap-expect"
},
{
"id": "SM-AUD-0447",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/json_compat_import.rs",
"line": 25,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0448",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/json_compat_import.rs",
"line": 82,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0449",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/json_compat_import.rs",
"line": 91,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0450",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/json_compat_import.rs",
"line": 118,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0451",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/json_compat_import.rs",
"line": 145,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0452",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/knowledge.rs",
"line": 213,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0453",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/knowledge.rs",
"line": 621,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0454",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/knowledge.rs",
"line": 692,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0455",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/knowledge.rs",
"line": 767,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0456",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/knowledge.rs",
"line": 817,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0457",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 413,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0458",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/lib.rs",
"line": 416,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0459",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 465,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0460",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 771,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0461",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 782,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0462",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 845,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0463",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 927,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0464",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 949,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0465",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 1028,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0466",
"severity": "P1",
"confidence": "static",
"area": "zip-truncate",
"file": "semantic-memory/src/lib.rs",
"line": 1123,
"title": "zip iteration can silently truncate mismatched collections",
"why_it_matters": "zip stops at the shorter collection, which is dangerous for batch write/update paths.",
"suggested_fix": "Pre-check lengths before zip unless truncation is intentional and documented.",
"source": "pattern:zip-truncate"
},
{
"id": "SM-AUD-0467",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 1176,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0468",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 1184,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0469",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 1214,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0470",
"severity": "P1",
"confidence": "static",
"area": "zip-truncate",
"file": "semantic-memory/src/lib.rs",
"line": 1254,
"title": "zip iteration can silently truncate mismatched collections",
"why_it_matters": "zip stops at the shorter collection, which is dangerous for batch write/update paths.",
"suggested_fix": "Pre-check lengths before zip unless truncation is intentional and documented.",
"source": "pattern:zip-truncate"
},
{
"id": "SM-AUD-0471",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 1260,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0472",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/lib.rs",
"line": 1269,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0473",
"severity": "P1",
"confidence": "static",
"area": "zip-truncate",
"file": "semantic-memory/src/lib.rs",
"line": 1314,
"title": "zip iteration can silently truncate mismatched collections",
"why_it_matters": "zip stops at the shorter collection, which is dangerous for batch write/update paths.",
"suggested_fix": "Pre-check lengths before zip unless truncation is intentional and documented.",
"source": "pattern:zip-truncate"
},
{
"id": "SM-AUD-0474",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 1320,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0475",
"severity": "P1",
"confidence": "static",
"area": "zip-truncate",
"file": "semantic-memory/src/lib.rs",
"line": 1374,
"title": "zip iteration can silently truncate mismatched collections",
"why_it_matters": "zip stops at the shorter collection, which is dangerous for batch write/update paths.",
"suggested_fix": "Pre-check lengths before zip unless truncation is intentional and documented.",
"source": "pattern:zip-truncate"
},
{
"id": "SM-AUD-0476",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 1380,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0477",
"severity": "P1",
"confidence": "static",
"area": "zip-truncate",
"file": "semantic-memory/src/lib.rs",
"line": 1434,
"title": "zip iteration can silently truncate mismatched collections",
"why_it_matters": "zip stops at the shorter collection, which is dangerous for batch write/update paths.",
"suggested_fix": "Pre-check lengths before zip unless truncation is intentional and documented.",
"source": "pattern:zip-truncate"
},
{
"id": "SM-AUD-0478",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/lib.rs",
"line": 1440,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0479",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/lib.rs",
"line": 1452,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0480",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/pool.rs",
"line": 289,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0481",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/pool.rs",
"line": 295,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0482",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/pool.rs",
"line": 305,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0483",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_batch.rs",
"line": 71,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0484",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_import.rs",
"line": 206,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0485",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_import.rs",
"line": 278,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0486",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_import.rs",
"line": 301,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0487",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_import.rs",
"line": 324,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0488",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_import.rs",
"line": 347,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0489",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_import.rs",
"line": 357,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0490",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_import.rs",
"line": 396,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0491",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_import.rs",
"line": 422,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0492",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_import.rs",
"line": 433,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0493",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_lane.rs",
"line": 130,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0494",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_lane.rs",
"line": 644,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0495",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_lane.rs",
"line": 674,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0496",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_lane.rs",
"line": 952,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0497",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_lane.rs",
"line": 1024,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0498",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_lane.rs",
"line": 1046,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0499",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_lane.rs",
"line": 1090,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0500",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_lane.rs",
"line": 1412,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0501",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_legacy_compat.rs",
"line": 50,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0502",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_legacy_compat.rs",
"line": 92,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0503",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_legacy_compat.rs",
"line": 127,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0504",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_legacy_compat.rs",
"line": 130,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0505",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_legacy_compat.rs",
"line": 135,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0506",
"severity": "P1",
"confidence": "static",
"area": "insert-or-ignore",
"file": "semantic-memory/src/projection_legacy_compat.rs",
"line": 177,
"title": "INSERT OR IGNORE can hide duplicate/constraint bugs",
"why_it_matters": "Ignored inserts can silently discard data or ordinal metadata.",
"suggested_fix": "Validate duplicates before insert or assert affected row count where required.",
"source": "pattern:insert-or-ignore"
},
{
"id": "SM-AUD-0507",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_legacy_compat.rs",
"line": 179,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0508",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_legacy_compat.rs",
"line": 207,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0509",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_legacy_compat.rs",
"line": 264,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0510",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_storage.rs",
"line": 58,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0511",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_storage.rs",
"line": 99,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0512",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_storage.rs",
"line": 153,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0513",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_storage.rs",
"line": 171,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0514",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_storage.rs",
"line": 201,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0515",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_storage.rs",
"line": 226,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0516",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_storage.rs",
"line": 253,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0517",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_storage.rs",
"line": 309,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0518",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_storage.rs",
"line": 362,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0519",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 430,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0520",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 477,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0521",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 520,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0522",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 521,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0523",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 615,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0524",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 616,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0525",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 617,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0526",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 618,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0527",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 619,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0528",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 620,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0529",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 627,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0530",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 701,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0531",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 702,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0532",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 703,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0533",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 704,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0534",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 705,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0535",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 706,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0536",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 713,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0537",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 756,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0538",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 764,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0539",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/projection_storage.rs",
"line": 894,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0540",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage.rs",
"line": 922,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0541",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 17,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0542",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 134,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0543",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 256,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0544",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 271,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0545",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 272,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0546",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 370,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0547",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 474,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0548",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 575,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0549",
"severity": "P2",
"confidence": "static",
"area": "error-default",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 586,
"title": "Error/default swallowing should be audited",
"why_it_matters": "This line converts an error/missing value into a default; that may hide corruption or failed IO.",
"suggested_fix": "Preserve typed error or add explicit comment/test proving default is safe.",
"source": "pattern:error-default"
},
{
"id": "SM-AUD-0550",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 651,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0551",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 668,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0552",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 727,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0553",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 743,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0554",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 761,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0555",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 762,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0556",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 763,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0557",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 764,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0558",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 765,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0559",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 766,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0560",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/projection_storage_query.rs",
"line": 797,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0561",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/quantize.rs",
"line": 71,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0562",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/quantize.rs",
"line": 76,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0563",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/quantize.rs",
"line": 77,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0564",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/quantize.rs",
"line": 92,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0565",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/search.rs",
"line": 9,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0566",
"severity": "P1",
"confidence": "confirmed",
"area": "debug-assert",
"file": "semantic-memory/src/search.rs",
"line": 61,
"title": "debug_assert is not a release invariant",
"why_it_matters": "debug_asserts disappear in release builds.",
"suggested_fix": "Use a normal check for correctness invariants.",
"source": "pattern:debug-assert"
},
{
"id": "SM-AUD-0567",
"severity": "P1",
"confidence": "static",
"area": "zip-truncate",
"file": "semantic-memory/src/search.rs",
"line": 62,
"title": "zip iteration can silently truncate mismatched collections",
"why_it_matters": "zip stops at the shorter collection, which is dangerous for batch write/update paths.",
"suggested_fix": "Pre-check lengths before zip unless truncation is intentional and documented.",
"source": "pattern:zip-truncate"
},
{
"id": "SM-AUD-0568",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/search.rs",
"line": 73,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0569",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/search.rs",
"line": 75,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0570",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/search.rs",
"line": 104,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0571",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/search.rs",
"line": 186,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0572",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/search.rs",
"line": 189,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0573",
"severity": "P1",
"confidence": "confirmed",
"area": "bytemuck-storage",
"file": "semantic-memory/src/search.rs",
"line": 272,
"title": "Storage byte cast is alignment/endian fragile",
"why_it_matters": "Casting SQLite bytes into f32 assumes alignment/native endian and can fail or misdecode.",
"suggested_fix": "Decode storage bytes via from_le_bytes/db::bytes_to_embedding.",
"source": "pattern:bytemuck-storage"
},
{
"id": "SM-AUD-0574",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/search.rs",
"line": 290,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0575",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/search.rs",
"line": 367,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0576",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/search.rs",
"line": 409,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0577",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/search.rs",
"line": 429,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0578",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/search.rs",
"line": 457,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0579",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/search.rs",
"line": 504,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0580",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/search.rs",
"line": 633,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0581",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/search.rs",
"line": 755,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0582",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/search.rs",
"line": 962,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0583",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/search.rs",
"line": 964,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0584",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/search.rs",
"line": 966,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0585",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/search.rs",
"line": 968,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0586",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/search.rs",
"line": 971,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0587",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/search.rs",
"line": 1061,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0588",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/search.rs",
"line": 1109,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0589",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/search.rs",
"line": 1173,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0590",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/src/search.rs",
"line": 1232,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0591",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/search.rs",
"line": 1255,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0592",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "semantic-memory/src/search.rs",
"line": 1321,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0593",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/src/store_support.rs",
"line": 102,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0594",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/tests/db_tests.rs",
"line": 32,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0595",
"severity": "P1",
"confidence": "static",
"area": "zip-truncate",
"file": "semantic-memory/tests/db_tests.rs",
"line": 36,
"title": "zip iteration can silently truncate mismatched collections",
"why_it_matters": "zip stops at the shorter collection, which is dangerous for batch write/update paths.",
"suggested_fix": "Pre-check lengths before zip unless truncation is intentional and documented.",
"source": "pattern:zip-truncate"
},
{
"id": "SM-AUD-0596",
"severity": "P1",
"confidence": "static",
"area": "dynamic-sql",
"file": "semantic-memory/tests/import_ugly_cases.rs",
"line": 33,
"title": "Dynamic SQL construction should be whitelisted",
"why_it_matters": "Identifier or limit formatting is safe only if all inputs are trusted and bounded.",
"suggested_fix": "Use whitelisted enums for identifiers and bind parameters for values.",
"source": "pattern:dynamic-sql"
},
{
"id": "SM-AUD-0597",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/tests/knowledge_tests.rs",
"line": 538,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0598",
"severity": "P1",
"confidence": "static",
"area": "zip-truncate",
"file": "semantic-memory/tests/knowledge_tests.rs",
"line": 555,
"title": "zip iteration can silently truncate mismatched collections",
"why_it_matters": "zip stops at the shorter collection, which is dangerous for batch write/update paths.",
"suggested_fix": "Pre-check lengths before zip unless truncation is intentional and documented.",
"source": "pattern:zip-truncate"
},
{
"id": "SM-AUD-0599",
"severity": "P1",
"confidence": "static",
"area": "zip-truncate",
"file": "semantic-memory/tests/quantization.rs",
"line": 9,
"title": "zip iteration can silently truncate mismatched collections",
"why_it_matters": "zip stops at the shorter collection, which is dangerous for batch write/update paths.",
"suggested_fix": "Pre-check lengths before zip unless truncation is intentional and documented.",
"source": "pattern:zip-truncate"
},
{
"id": "SM-AUD-0600",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/tests/quantization.rs",
"line": 29,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0601",
"severity": "P2",
"confidence": "static",
"area": "numeric-cast",
"file": "semantic-memory/tests/quantization.rs",
"line": 30,
"title": "Unchecked numeric cast should be audited",
"why_it_matters": "Numeric casts can truncate, wrap, or lose precision if values are config/user/data derived.",
"suggested_fix": "Prefer TryFrom, checked conversion, or explicit range assertion.",
"source": "pattern:numeric-cast"
},
{
"id": "SM-AUD-0602",
"severity": "P1",
"confidence": "static",
"area": "zip-truncate",
"file": "semantic-memory/tests/quantization.rs",
"line": 46,
"title": "zip iteration can silently truncate mismatched collections",
"why_it_matters": "zip stops at the shorter collection, which is dangerous for batch write/update paths.",
"suggested_fix": "Pre-check lengths before zip unless truncation is intentional and documented.",
"source": "pattern:zip-truncate"
},
{
"id": "SM-AUD-0603",
"severity": "P1",
"confidence": "static",
"area": "zip-truncate",
"file": "semantic-memory/tests/quantization.rs",
"line": 68,
"title": "zip iteration can silently truncate mismatched collections",
"why_it_matters": "zip stops at the shorter collection, which is dangerous for batch write/update paths.",
"suggested_fix": "Pre-check lengths before zip unless truncation is intentional and documented.",
"source": "pattern:zip-truncate"
},
{
"id": "SM-AUD-0604",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory/tests/search_tests.rs",
"line": 672,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0605",
"severity": "P2",
"confidence": "static",
"area": "runtime-clock",
"file": "semantic-memory-forge/src/bundle.rs",
"line": 351,
"title": "Runtime clock use affects replay/determinism",
"why_it_matters": "Wall-clock timestamps make tests/replay/ranking less deterministic.",
"suggested_fix": "Inject a clock or document that this path is intentionally real-time.",
"source": "pattern:runtime-clock"
},
{
"id": "SM-AUD-0606",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "stack-ids/src/digest.rs",
"line": 234,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0607",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "stack-ids/src/digest.rs",
"line": 275,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
},
{
"id": "SM-AUD-0608",
"severity": "P2",
"confidence": "static",
"area": "hashmap-order",
"file": "stack-ids/src/digest.rs",
"line": 279,
"title": "HashMap order should be audited in deterministic surfaces",
"why_it_matters": "HashMap iteration order is nondeterministic and can affect receipts/scores if not sorted before output.",
"suggested_fix": "Sort before output or use BTreeMap where deterministic ordering matters.",
"source": "pattern:hashmap-order"
}
]
}