// per-tool methodology
kubernetes service account token abuse detector
drop k8s audit log · detect sa token usage from unexpected pods
public grade
this tool is in the forensics catalog but has not been graded yet. the maturity badge is hidden until npm run forensics:grades includes it. see the public rubric for how grading works.
known limitations
limitations will be published once the automated audit assigns a grade. all forensics output requires independent verification before any legal, financial, medical, safety, or evidentiary use.
B minimum ship bar
- newly added forensics tools must clear the public B minimum before merging
- minimum: letter grade B or A · raw score ≥ 9/14 · UI dimension = 2 · IF/OU/DQ/RB/HN ≥ 1 each · no critical red flags (missing engine, placeholder logic, no exports)
- the ship bar is enforced by quality.audit.json sidecars and npm run tools:grade-forensics --check