Overview
Stage330 does not replace Stage329. It extends the Stage329 audit submission package by adding automatic SHA256 evidence hash generation.
AI Claim ↓ Reproduction Evidence ↓ Stage328 Evidence Match Gate ↓ accept / pending / reject ↓ Stage329 Signed Audit Report ↓ Stage330 Evidence Hash Auto Builder
Stage327 + Stage328 Integrated Builder
Input AI vulnerability claims and reproduction evidence, generate structured Stage327 JSON, and perform Stage328 gate verification.
AI Vulnerability Claim
Vulnerability Type: prompt-injection Target: model-output AI Claim ID: claim-001 Repository: demo/repository Commit: abc123demo File: src/auth.py Line Range: 40-55
Reproduction Evidence
prompt.txt response.txt run.log
Stage328 Decision
Decision: accept Checks: - same_target - evidence_files_present - sha256_bound - signature_present
Stage329 Audit Submission Layer
After generating the Stage328 decision, Stage329 converts the result into an audit package: JSON, HTML, signature, hash, and verification instructions.
- Audit JSON
- Audit HTML
- Audit Signature
- Verification Instructions
Stage330 Evidence Hash Auto Builder
Stage330 automatically generates SHA256 hashes from reproduction evidence files.
prompt.txt response.txt run.log ↓ Automatic SHA256 Generation ↓ hash_manifest.json ↓ hash_manifest.sha256 ↓ reproduction_evidence.json ↓ Stage328 Evidence Match Gate ↓ Stage329 Audit Submission Package
Generated Files
- docs/evidence/hash_manifest.json
- docs/evidence/hash_manifest.sha256
- docs/evidence/reproduction_evidence.json
- docs/report/audit_report.json
- docs/report/audit_report.html
What Stage330 Adds
| Before Stage330 | After Stage330 |
|---|---|
| Manual SHA256 map entry | Automatic SHA256 map generation |
| Higher risk of copy mistakes | Lower risk of human error |
| Audit package starts after hashes exist | Audit package includes the hash generation layer |