# Hekate Gate Security Review Handoff

This is the packet to send to an external reviewer before any mainnet or
enterprise certification claim.

## Review Target

- Product: Hekate Gate
- Domain: `https://hekategate.com`
- Repository: `bez111/mission-control`
- Technical namespace: `agentsec`
- Current public status: private beta, mainnet not certified

## Reviewer Should Inspect

- Agent/tool preflight logic.
- MCP manifest scanning and remote fetch controls.
- x402 preflight and payment proof verification.
- Permission diff and dangerous tool-chain logic.
- Receipt signing, evidence hashing, and trust bundle verification.
- Audit chain design and tamper-evidence.
- Registry status review workflow.
- Signer/custody isolation.
- Facilitator verification and settlement proof checks.
- Auth scopes and admin boundaries.
- Dependency exception register.
- Public claim boundaries.

## Commands

Baseline:

```bash
npm run security:ci
```

Production readiness summary:

```bash
npm run hekate:readiness
```

Live production smoke:

```bash
npm run hekate:production-smoke
```

Receipt signer, with Ed25519 env configured or self-test:

```bash
npm run hekate:receipt-signer:conformance
```

Custody, only after real custody env is configured:

```bash
npm run custody:conformance
```

Facilitator, only after real verifier env is configured:

```bash
npm run facilitator:conformance
```

Hekate discovery:

```bash
npm run hekate:check
```

## Evidence To Provide

- Latest commit SHA.
- GitHub Actions Security Gates URL.
- `docs/dependency-risk-register.md`.
- `docs/signer-runbook.md`.
- `docs/production-security-gates.md`.
- `docs/agentsec-security-review-pack.md`.
- `docs/HEKATE_PRODUCTION_READINESS.md`.
- `docs/HEKATE_RECEIPT_SIGNER_SETUP.md`.
- `npm run hekate:readiness` output.
- `npm run hekate:production-smoke` output.
- Real custody conformance output, secrets redacted.
- Real facilitator conformance output, secrets redacted.
- Public discovery output from `/.well-known/hekate.json`.
- Public `security.txt`.

## Required Reviewer Output

Ask the reviewer for:

- Critical findings.
- High findings.
- Required fixes before mainnet.
- Required fixes before enterprise claims.
- Moderate/low residual risks.
- Retest notes.
- Explicit statement whether the reviewed build may claim private beta,
  pilot-ready, or production-ready status.

## Acceptance Rule

Do not claim mainnet readiness or enterprise certification while any critical
or high finding remains unresolved.
