Files
bot-bottle/docs/research
didericis aa44feea02 docs(research): note on malicious-commit scanning at the git-gate + paid-feature analysis
Adds a research note on whether/how to scan for malicious code (not just
secrets) in commits pushed through the git-gate, and whether the semantic
(LLM) layer is a defensible paid feature.

Verdict: no scanner reliably detects malicious code (undecidable +
adversarial), so the frame is raise-cost + cover-the-obvious + human-gate
the dangerous. Ranked layers: dependency/supply-chain scanning (Socket/OSV/
GuardDog) > heuristic/obfuscation (Semgrep-on-diff) > risk-based human
gating via the existing supervise plane > best-effort LLM diff-review.
Fast scanners inline in the synchronous pre-receive; heavy analysis async.

Monetization: the paid unit is the governed git-egress review bundle
(managed semantic review + web-console human-review flow + RBAC + audit +
cross-run policy), not the raw scanner — which stays OSS like gitleaks.
Extends the egress audit+custody wedge to code artifacts; the supervise
console generalizes across all proposal types (egress, gitleaks, commit
review). Sell the workflow, not the detector's accuracy.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01YBCHap11yGAKuKfsehNPaD
2026-07-18 07:00:22 -04:00
..
2026-05-07 22:45:36 -04:00

Research notes

Investigations into a question or a design space — landscape surveys, tradeoff analyses, "should we do X or Y," assessments of an approach before (or instead of) committing it to a PRD. A research note is where the thinking lives; a PRD is where a decided feature lives, and a decision record is where a settled choice lives (see ../README.md for picking between them).

Notes are opinionated. They reach a conclusion rather than dumping a neutral survey — the point is to move a decision forward and leave a durable record of why it went the way it did.

Naming

kebab-case-topic.md, named by subject and not numbered (unlike PRDs and decision records). Pick a name that says what was investigated: bash-vs-python-vs-go.md, pipelock-assessment.md, issue-tracking-vs-in-repo-decision-history.md.

Shape (freeform)

There's no fixed template — use whatever structure fits the question. In practice most notes share a loose shape:

  • Open with the question — a sentence or two on what's being investigated and why it came up.
  • Lead with the verdict — a ## Summary near the top stating the conclusion, so a reader gets the answer without reading the whole thing.
  • Then the analysis — whatever the argument needs: comparison tables, per-option sections, failure-mode walkthroughs, the axes that actually matter.
  • End with a recommendation when the note exists to drive a decision.

Keep the reasoning self-contained and grounded: cite sources, link files and PRDs, and prefer concrete evidence from this repo over generic claims — a note should stand on its own without a chat log or a Gitea thread. When a note's recommendation gets acted on, capture the resulting decision in a PRD or a decision record; the note stays as the "why we looked into it," not the system of record for the choice.