tracectrl-scanner 0.1.0__tar.gz

tracectrl_scanner-0.1.0/.gitignore

@@ -0,0 +1,44 @@
+# Python
+__pycache__/
+*.py[cod]
+*.egg-info/
+*.egg
+dist/
+build/
+.venv/
+venv/
+.pytest_cache/
+.ruff_cache/
+
+# Node
+node_modules/
+ui/dist/
+
+# Environment
+.env
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+.DS_Store
+
+# Docker
+clickhouse-data/
+
+# Internal planning docs
+docs/launch-plan.md
+docs/meetings-actionables-for-launch.md
+docs/licensing-study.md
+docs/
+
+# Agent skills (installed via `skills add`)
+.agents/
+.claude/
+.kiro/
+skills/
+skills-lock.json
+
+videos/
+.mcp.json

tracectrl_scanner-0.1.0/PKG-INFO

@@ -0,0 +1,33 @@
+Metadata-Version: 2.4
+Name: tracectrl-scanner
+Version: 0.1.0
+Summary: Static security scanner for OpenClaw installations
+Author: CloudsineAI
+License-Expression: Apache-2.0
+Requires-Python: >=3.10
+Requires-Dist: networkx>=3.0
+Requires-Dist: pydantic>=2.0
+Requires-Dist: pyjson5>=1.6
+Requires-Dist: rich>=13.0
+Description-Content-Type: text/markdown
+
+# tracectrl-scanner
+
+Static security scanner for OpenClaw installations. Runs 30+ checks across Security, Lateral Movement, Performance, and Compliance categories and produces structured findings with remediation guidance.
+
+## Install
+
+```bash
+pip install tracectrl-scanner
+```
+
+## Usage
+
+```bash
+tracectrl scan /path/to/openclaw/workspace
+```
+
+## Links
+
+- [Docs](https://tracectrl.io/docs)
+- [GitHub](https://github.com/tracectrl/tracectrl)

tracectrl_scanner-0.1.0/README.md

@@ -0,0 +1,20 @@
+# tracectrl-scanner
+
+Static security scanner for OpenClaw installations. Runs 30+ checks across Security, Lateral Movement, Performance, and Compliance categories and produces structured findings with remediation guidance.
+
+## Install
+
+```bash
+pip install tracectrl-scanner
+```
+
+## Usage
+
+```bash
+tracectrl scan /path/to/openclaw/workspace
+```
+
+## Links
+
+- [Docs](https://tracectrl.io/docs)
+- [GitHub](https://github.com/tracectrl/tracectrl)

tracectrl_scanner-0.1.0/pyproject.toml

@@ -0,0 +1,21 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "tracectrl-scanner"
+version = "0.1.0"
+description = "Static security scanner for OpenClaw installations"
+readme = "README.md"
+requires-python = ">=3.10"
+license = "Apache-2.0"
+authors = [{ name = "CloudsineAI" }]
+dependencies = [
+    "pyjson5>=1.6",
+    "networkx>=3.0",
+    "pydantic>=2.0",
+    "rich>=13.0",
+]
+
+[tool.hatch.build.targets.wheel]
+sources = ["src"]

tracectrl_scanner-0.1.0/src/tracectrl_scanner/__init__.py

@@ -0,0 +1 @@
+"""TraceCtrl Scanner — static security analysis for OpenClaw installations."""

tracectrl_scanner-0.1.0/src/tracectrl_scanner/benchmark/checks/__init__.py

@@ -0,0 +1,13 @@
+from . import (  # noqa: F401
+    network, credentials, tools, ingress, guardrails,
+    filesystem, persistence, lateral_movement, plugins,
+    llm_providers, logging_checks, security_advanced,
+    operational, performance, compliance, skills,
+)
+
+__all__ = [
+    "network", "credentials", "tools", "ingress", "guardrails",
+    "filesystem", "persistence", "lateral_movement", "plugins",
+    "llm_providers", "logging_checks", "security_advanced",
+    "operational", "performance", "compliance", "skills",
+]

tracectrl_scanner-0.1.0/src/tracectrl_scanner/benchmark/checks/compliance.py

@@ -0,0 +1,72 @@
+"""Compliance and data governance checks — retention, session scope, redaction."""
+
+from pathlib import Path
+from typing import Any
+from ..models import CheckResult, Severity, Profile, AssessmentType
+
+
+def run(config: dict[str, Any], root: Path) -> list[CheckResult]:
+    results: list[CheckResult] = []
+
+    session_cfg = config.get("session", {})
+    if not isinstance(session_cfg, dict):
+        session_cfg = {}
+
+    # OC-COMP-001: Session data retention policy set
+    maintenance = session_cfg.get("maintenance", {})
+    if not isinstance(maintenance, dict):
+        maintenance = {}
+    prune_after = maintenance.get("pruneAfter")
+    max_entries = maintenance.get("maxEntries")
+    has_retention = bool(prune_after) or bool(max_entries)
+    results.append(CheckResult(
+        check_id="OC-COMP-001",
+        section="Compliance",
+        title="Session data retention policy is configured",
+        severity=Severity.MEDIUM,
+        profile=Profile.L1,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=has_retention,
+        finding="Neither session.maintenance.pruneAfter nor maxEntries is set" if not has_retention else None,
+        remediation="Set session.maintenance.pruneAfter (e.g. \"30d\") and/or maxEntries to enforce data retention limits.",
+        config_path="session.maintenance",
+        rationale="Without a retention policy, conversation data accumulates indefinitely, increasing privacy risk and storage costs.",
+    ))
+
+    # OC-COMP-002: Session scope isolates per-user data
+    dm_scope = session_cfg.get("dmScope", "main")
+    is_isolated = dm_scope != "main"
+    results.append(CheckResult(
+        check_id="OC-COMP-002",
+        section="Compliance",
+        title="Session scope isolates per-user conversations",
+        severity=Severity.MEDIUM,
+        profile=Profile.L1,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=is_isolated,
+        finding=f"session.dmScope is \"{dm_scope}\" — all DM context is shared across senders" if not is_isolated else None,
+        remediation="Set session.dmScope to \"per-peer\" or \"per-channel-peer\" to isolate conversations between different users.",
+        config_path="session.dmScope",
+        rationale="With dmScope set to \"main\", all users share the same conversation context. User A's messages and data are visible to the agent when responding to User B.",
+    ))
+
+    # OC-COMP-003: Sensitive data redaction enabled in logs
+    logging_cfg = config.get("logging", {})
+    if not isinstance(logging_cfg, dict):
+        logging_cfg = {}
+    redact = logging_cfg.get("redactSensitive", "tools")
+    results.append(CheckResult(
+        check_id="OC-COMP-003",
+        section="Compliance",
+        title="Sensitive data redaction is enabled in logs",
+        severity=Severity.MEDIUM,
+        profile=Profile.L1,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=redact != "off",
+        finding="logging.redactSensitive is \"off\"" if redact == "off" else None,
+        remediation="Set logging.redactSensitive to \"tools\" (default) to redact tokens and sensitive data from log output.",
+        config_path="logging.redactSensitive",
+        rationale="Disabling log redaction exposes API keys, tokens, and user data in log files, which may be captured by log aggregation systems.",
+    ))
+
+    return results

tracectrl_scanner-0.1.0/src/tracectrl_scanner/benchmark/checks/credentials.py

@@ -0,0 +1,94 @@
+from pathlib import Path
+from typing import Any
+import re
+from ..models import CheckResult, Severity, Profile, AssessmentType
+
+_SENSITIVE_KEY_NAMES = {"apikey", "api_key", "token", "secret", "password", "key"}
+_SAFE_PREFIXES = ("http://", "https://", "~/", "/")
+
+
+def _is_plaintext_key(key_name: str, value: str) -> bool:
+    """Check if a string value under a sensitive key name looks like a plaintext secret."""
+    if not isinstance(value, str) or not value:
+        return False
+    # Only flag values under sensitive key names
+    if key_name.lower() not in _SENSITIVE_KEY_NAMES:
+        return False
+    # Env var references are OK
+    if re.match(r"^\$\{.+\}$", value):
+        return False
+    # Safe prefixes (URLs, paths) are not secrets
+    if value.startswith(_SAFE_PREFIXES):
+        return False
+    # Known key prefixes are always flagged
+    if value.startswith("sk-") or value.startswith("key-"):
+        return True
+    # Non-empty value under a sensitive key name
+    return True
+
+
+def _scan_for_plaintext_keys(obj: Any, path: str = "") -> list[str]:
+    """Recursively scan a dict for plaintext API key values."""
+    findings: list[str] = []
+    if isinstance(obj, dict):
+        for k, v in obj.items():
+            current_path = f"{path}.{k}" if path else k
+            if isinstance(v, str) and _is_plaintext_key(k, v):
+                findings.append(current_path)
+            elif isinstance(v, (dict, list)):
+                findings.extend(_scan_for_plaintext_keys(v, current_path))
+    elif isinstance(obj, list):
+        for i, item in enumerate(obj):
+            findings.extend(_scan_for_plaintext_keys(item, f"{path}[{i}]"))
+    return findings
+
+
+def run(config: dict[str, Any], root: Path) -> list[CheckResult]:
+    results: list[CheckResult] = []
+
+    # OC-CRED-001: No plaintext API keys anywhere in config
+    plaintext_paths = _scan_for_plaintext_keys(config)
+    results.append(CheckResult(
+        check_id="OC-CRED-001",
+        section="Credentials",
+        title="No plaintext API keys in configuration",
+        severity=Severity.HIGH,
+        profile=Profile.L1,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=len(plaintext_paths) == 0,
+        finding=f"Plaintext keys found at: {', '.join(plaintext_paths)}" if plaintext_paths else None,
+        remediation="Replace plaintext API keys with environment variable references using ${VAR_NAME} syntax.",
+        config_path="<entire config>",
+        rationale="Plaintext credentials in config files can be leaked via version control, file sharing, or log output.",
+    ))
+
+    # OC-CRED-002: .env file should be in .gitignore
+    env_file = root / ".env"
+    gitignore = root / ".gitignore"
+    if not env_file.exists():
+        passed = True
+        finding = None
+    else:
+        if gitignore.exists():
+            lines = [line.strip() for line in gitignore.read_text().splitlines()]
+            passed = ".env" in lines or "/.env" in lines
+            finding = ".env file exists but is not listed in .gitignore" if not passed else None
+        else:
+            passed = False
+            finding = ".env file exists but no .gitignore file found"
+
+    results.append(CheckResult(
+        check_id="OC-CRED-002",
+        section="Credentials",
+        title=".env file is protected by .gitignore",
+        severity=Severity.HIGH,
+        profile=Profile.L1,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=passed,
+        finding=finding,
+        remediation="Add .env to your .gitignore file to prevent accidental commits of secrets.",
+        config_path=".env",
+        rationale="An unprotected .env file can be accidentally committed, exposing secrets to anyone with repository access.",
+    ))
+
+    return results

tracectrl_scanner-0.1.0/src/tracectrl_scanner/benchmark/checks/filesystem.py

@@ -0,0 +1,60 @@
+import os
+from pathlib import Path
+from typing import Any
+from ..models import CheckResult, Severity, Profile, AssessmentType
+
+
+def run(config: dict[str, Any], root: Path) -> list[CheckResult]:
+    results: list[CheckResult] = []
+
+    # OC-FS-001: openclaw.json should not be world-readable
+    config_file = root / "openclaw.json"
+    if config_file.exists():
+        mode = os.stat(config_file).st_mode
+        world_readable = bool(mode & 0o004)
+        passed = not world_readable
+        finding = f"openclaw.json has mode {oct(mode)} — world-readable bit is set" if world_readable else None
+    else:
+        passed = True
+        finding = None
+
+    results.append(CheckResult(
+        check_id="OC-FS-001",
+        section="Filesystem",
+        title="openclaw.json is not world-readable",
+        severity=Severity.HIGH,
+        profile=Profile.L1,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=passed,
+        finding=finding,
+        remediation="Restrict file permissions: chmod 600 openclaw.json",
+        config_path="openclaw.json",
+        rationale="A world-readable config file exposes API keys and agent configuration to any local user or container sidecar.",
+    ))
+
+    # OC-FS-002: Credentials directory permissions
+    creds_dir = root / "credentials"
+    if creds_dir.exists() and creds_dir.is_dir():
+        mode = os.stat(creds_dir).st_mode
+        world_readable = bool(mode & 0o004)
+        passed = not world_readable
+        finding = f"credentials/ directory has mode {oct(mode)} — world-readable bit is set" if world_readable else None
+    else:
+        passed = True
+        finding = None
+
+    results.append(CheckResult(
+        check_id="OC-FS-002",
+        section="Filesystem",
+        title="Credentials directory has restrictive permissions",
+        severity=Severity.HIGH,
+        profile=Profile.L1,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=passed,
+        finding=finding,
+        remediation="Restrict directory permissions: chmod 700 credentials/",
+        config_path="credentials/",
+        rationale="A world-readable credentials directory allows any local user to read stored secrets, tokens, and service account keys.",
+    ))
+
+    return results

tracectrl_scanner-0.1.0/src/tracectrl_scanner/benchmark/checks/guardrails.py

@@ -0,0 +1,57 @@
+from pathlib import Path
+from typing import Any
+from ..models import CheckResult, Severity, Profile, AssessmentType
+
+
+def run(config: dict[str, Any], root: Path) -> list[CheckResult]:
+    results: list[CheckResult] = []
+
+    # OC-GUARD-001: SOUL.md must exist for each agent
+    agents_dir = root / "agents"
+    if not agents_dir.exists():
+        # No agents directory — nothing to check, pass
+        passed = True
+        finding = None
+    else:
+        missing: list[str] = []
+        for agent_dir in agents_dir.iterdir():
+            if agent_dir.is_dir():
+                soul_path = agent_dir / "agent" / "SOUL.md"
+                if not soul_path.exists():
+                    missing.append(agent_dir.name)
+        passed = len(missing) == 0
+        finding = f"Agents missing SOUL.md: {', '.join(missing)}" if missing else None
+
+    results.append(CheckResult(
+        check_id="OC-GUARD-001",
+        section="Guardrails",
+        title="SOUL.md exists for each agent",
+        severity=Severity.MEDIUM,
+        profile=Profile.L1,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=passed,
+        finding=finding,
+        remediation="Create a SOUL.md file at agents/<agent_id>/agent/SOUL.md for each agent to define behavioral guardrails.",
+        config_path="agents/<agent_id>/agent/SOUL.md",
+        rationale="Without a SOUL.md, the agent has no explicit behavioral boundaries, making it susceptible to prompt injection that overrides its purpose.",
+    ))
+
+    # OC-GUARD-002: Content filter should be enabled
+    agents_filter = config.get("agents", {}).get("defaults", {}).get("contentFilter", {}).get("enabled", False)
+    tools_filter = config.get("tools", {}).get("contentFilter", {}).get("enabled", False)
+    filter_enabled = agents_filter is True or tools_filter is True
+    results.append(CheckResult(
+        check_id="OC-GUARD-002",
+        section="Guardrails",
+        title="Content filter is enabled",
+        severity=Severity.MEDIUM,
+        profile=Profile.L2,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=filter_enabled,
+        finding="Content filter is not enabled in agents.defaults.contentFilter or tools.contentFilter" if not filter_enabled else None,
+        remediation="Enable content filtering by setting agents.defaults.contentFilter.enabled or tools.contentFilter.enabled to true.",
+        config_path="agents.defaults.contentFilter.enabled",
+        rationale="Without content filtering, the agent can generate or relay harmful, toxic, or policy-violating content to end users.",
+    ))
+
+    return results

tracectrl_scanner-0.1.0/src/tracectrl_scanner/benchmark/checks/ingress.py

@@ -0,0 +1,58 @@
+from pathlib import Path
+from typing import Any
+from ..models import CheckResult, Severity, Profile, AssessmentType
+
+
+def run(config: dict[str, Any], root: Path) -> list[CheckResult]:
+    results: list[CheckResult] = []
+
+    # OC-ING-001: Enabled channels must not have dmPolicy "open"
+    channels = config.get("channels", {})
+    open_channels: list[str] = []
+    for name, channel_cfg in channels.items():
+        if isinstance(channel_cfg, dict) and channel_cfg.get("enabled", False):
+            if channel_cfg.get("dmPolicy") == "open":
+                open_channels.append(name)
+
+    results.append(CheckResult(
+        check_id="OC-ING-001",
+        section="Ingress",
+        title="No enabled channels have open DM policy",
+        severity=Severity.HIGH,
+        profile=Profile.L1,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=len(open_channels) == 0,
+        finding=f"Channels with open dmPolicy: {', '.join(open_channels)}" if open_channels else None,
+        remediation='Set dmPolicy to "pairing" (requires one-time approval) or "allowlist" (explicit sender list).',
+        config_path="channels.<name>.dmPolicy",
+        rationale="An open DM policy lets any user message the agent, enabling prompt injection and social engineering attacks from unknown senders.",
+    ))
+
+    # OC-ING-002: Webhook auth token should be set (only if webhook is configured)
+    webhook = config.get("webhook")
+    if webhook is None or not isinstance(webhook, dict):
+        # Webhook section not configured — check is not applicable
+        passed = True
+        finding = None
+    else:
+        auth_token = webhook.get("auth", {}).get("token", "")
+        webhook_secret = webhook.get("secret", "")
+        has_auth = bool(auth_token) or bool(webhook_secret)
+        passed = has_auth
+        finding = "Neither webhook.auth.token nor webhook.secret is set" if not has_auth else None
+
+    results.append(CheckResult(
+        check_id="OC-ING-002",
+        section="Ingress",
+        title="Webhook authentication is configured",
+        severity=Severity.HIGH,
+        profile=Profile.L2,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=passed,
+        finding=finding,
+        remediation="Configure webhook.auth.token or webhook.secret to authenticate incoming webhook requests.",
+        config_path="webhook.auth.token",
+        rationale="Unauthenticated webhooks let any external party trigger agent actions by sending crafted payloads to the endpoint.",
+    ))
+
+    return results

tracectrl_scanner-0.1.0/src/tracectrl_scanner/benchmark/checks/lateral_movement.py

@@ -0,0 +1,51 @@
+from pathlib import Path
+from typing import Any
+from ..models import CheckResult, Severity, Profile, AssessmentType
+
+
+def run(config: dict[str, Any], root: Path) -> list[CheckResult]:
+    results: list[CheckResult] = []
+
+    # OC-LAT-001: subagents spawning has restrictions
+    # Correct path: agents.defaults.subagents (not top-level subagents)
+    agents_cfg = config.get("agents", {})
+    defaults = agents_cfg.get("defaults", {}) if isinstance(agents_cfg, dict) else {}
+    subagents = defaults.get("subagents", {}) if isinstance(defaults, dict) else {}
+    if not isinstance(subagents, dict):
+        subagents = {}
+
+    # Check if sub-agents are unrestricted
+    allow_agents = subagents.get("allowAgents")
+    max_depth = subagents.get("maxSpawnDepth")
+    require_id = subagents.get("requireAgentId", False)
+
+    # Fail if: allowAgents is an open list or True, with no depth limit and no requireAgentId
+    if isinstance(allow_agents, list) and len(allow_agents) > 0:
+        # Explicit allowlist — this is restricted
+        passed = True
+        finding = None
+    elif allow_agents is True or allow_agents is None:
+        # Unrestricted or default — check for other controls
+        has_depth = isinstance(max_depth, int) and max_depth > 0
+        has_require = require_id is True
+        passed = has_depth or has_require
+        finding = "Sub-agent spawning is unrestricted — no allowAgents list, maxSpawnDepth, or requireAgentId" if not passed else None
+    else:
+        passed = True
+        finding = None
+
+    results.append(CheckResult(
+        check_id="OC-LAT-001",
+        section="Lateral Movement",
+        title="Sub-agent spawning has restrictions",
+        severity=Severity.HIGH,
+        profile=Profile.L1,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=passed,
+        finding=finding,
+        remediation="Configure agents.defaults.subagents.allowAgents with a list of permitted agent IDs, set maxSpawnDepth, or enable requireAgentId.",
+        config_path="agents.defaults.subagents",
+        rationale="Unrestricted sub-agent spawning lets a compromised agent create new agents with elevated privileges, enabling lateral movement across the system.",
+    ))
+
+    return results

tracectrl_scanner-0.1.0/src/tracectrl_scanner/benchmark/checks/llm_providers.py

@@ -0,0 +1,44 @@
+from pathlib import Path
+from typing import Any
+from ..models import CheckResult, Severity, Profile, AssessmentType
+
+
+def run(config: dict[str, Any], root: Path) -> list[CheckResult]:
+    results: list[CheckResult] = []
+
+    # OC-LLM-001: LLM provider configuration hygiene
+    # Credential scanning is handled by OC-CRED-001; this check focuses on
+    # provider-specific configuration issues (missing provider field, HTTP endpoints).
+    providers = config.get("models", {}).get("providers", {})
+
+    issues: list[str] = []
+    for name, provider_cfg in providers.items():
+        if not isinstance(provider_cfg, dict):
+            continue
+        # Check for missing provider type
+        if not provider_cfg.get("provider"):
+            issues.append(f"models.providers.{name}: missing 'provider' field")
+        # Check for HTTP (non-TLS) endpoint
+        endpoint = provider_cfg.get("endpoint", "") or provider_cfg.get("baseUrl", "")
+        if isinstance(endpoint, str) and endpoint.startswith("http://"):
+            issues.append(f"models.providers.{name}: endpoint uses HTTP instead of HTTPS")
+
+    passed = len(issues) == 0
+    results.append(CheckResult(
+        check_id="OC-LLM-001",
+        section="LLM Providers",
+        title="LLM provider configuration is well-formed and secure",
+        severity=Severity.HIGH,
+        profile=Profile.L1,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=passed,
+        finding="; ".join(issues) if issues else None,
+        remediation=(
+            "Ensure each provider has a 'provider' field and uses HTTPS endpoints. "
+            "Credential scanning is handled by OC-CRED-001."
+        ),
+        config_path="models.providers",
+        rationale="Missing provider fields cause runtime errors; HTTP endpoints transmit API keys and prompts in cleartext, enabling interception.",
+    ))
+
+    return results

tracectrl_scanner-0.1.0/src/tracectrl_scanner/benchmark/checks/logging_checks.py

@@ -0,0 +1,43 @@
+from pathlib import Path
+from typing import Any
+from ..models import CheckResult, Severity, Profile, AssessmentType
+
+
+def run(config: dict[str, Any], root: Path) -> list[CheckResult]:
+    results: list[CheckResult] = []
+
+    # OC-LOG-001: Audit logging should be enabled
+    logging_cfg = config.get("logging", {})
+    audit_enabled = logging_cfg.get("audit", False)
+    results.append(CheckResult(
+        check_id="OC-LOG-001",
+        section="Logging",
+        title="Audit logging is enabled",
+        severity=Severity.MEDIUM,
+        profile=Profile.L1,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=audit_enabled is True,
+        finding="logging.audit is not enabled" if audit_enabled is not True else None,
+        remediation="Enable audit logging by setting logging.audit to true.",
+        config_path="logging.audit",
+        rationale="Without audit logs, there is no forensic trail to detect or investigate agent misuse, prompt injection, or data exfiltration.",
+    ))
+
+    # OC-LOG-002: Log level should not be "debug" in production
+    log_level = logging_cfg.get("level", "info")
+    is_debug = str(log_level).lower() == "debug"
+    results.append(CheckResult(
+        check_id="OC-LOG-002",
+        section="Logging",
+        title="Log level is not set to debug",
+        severity=Severity.MEDIUM,
+        profile=Profile.L2,
+        assessment_type=AssessmentType.AUTOMATED,
+        passed=not is_debug,
+        finding="logging.level is set to \"debug\" — may expose sensitive data in production" if is_debug else None,
+        remediation="Set logging.level to \"info\" or \"warn\" for production deployments.",
+        config_path="logging.level",
+        rationale="Debug-level logs often include full prompts, API keys, and user data, which can be captured by log aggregation systems.",
+    ))
+
+    return results