SO
SecOps WorkbenchSprint 7 · Day 8/10
Agent working
?page=remediation&issue=issue-sec-1745&tab=gates
SEC-1745·FOR-5183·order-service

SQL injection in OrderRepository.findByCustomer

Critical CWE-89 spring-sql-injection@2.3
Previous Next
Current stage
Awaiting human approval
5 of 7 · 71%
TriagedPlannedCodedTestedApprovalMergeVerified
Overview Evidence 12 Human Gates 1 Regression Verdict

Checkpoints where the agent has prepared everything but needs your explicit decision. Each gate shows exactly what will happen on approve — no surprises.

Open

Approve & merge — critical severity

Action required

Critical-severity fixes require explicit human sign-off before merge. The agent has completed all preparation and is paused at this gate.

Required: @alice Opened 8m ago SLA: 6 days left
Why this gate exists
Severity is Critical and policy autonomy.tier=T2 requires explicit human approval before merge. The change touches the data access layer, which is in the protected list for the order-service component owners.
Approvers
JR
AB
3 of 4 approved · waiting on you
Pre-checks passed
All CI pipeline stages green · build #4827
7m 41s
Fortify rescan confirms finding closed
42m ago
2 reviewers approved · Reviewer Agent + J. Reviewer
11m ago
Only expected files touched · 1 of 1 file in scope
scope OK
No conflicts with main · branch is rebased
rebased 4m ago
Dry run — what will happen on approve simulated · no side effects
check MR !8442 still mergeable · approvers still valid
verify Fortify rescan still clean (cache: 42m old, refresh)
merge MR !8442main (squash, signed commit)
transition SEC-1745 Jira: Approval → Merged
post merge notice to AgentBook thread + Slack #sec-ops
trigger deploy pipeline for order-service (auto, standard cadence)
schedule confirmation rescan in 30m → close ticket if clean
cannot be auto-reverted · rollback = git revert 9a7f3d2
press A approve · R request · B block
Passed

Playbook selection — confidence threshold

Passed

Triage agent's choice of remediation playbook had to clear a confidence threshold and avoid the "no-playbook" escalation path.

Auto-pass (confidence ≥ 80%) Confidence: 98% Passed May 10 · 22:09
spring-sql-injection@2.3 selected automatically · no human override needed

Sprint inclusion — planning ceremony

Passed

Issues triaged for the security backlog must be explicitly admitted to a sprint by the security lead during planning.

Approved by @alice Passed May 11 · 09:23
Added to Sprint 7 during planning · "Critical SQLi — standard playbook, low risk fix"
Future

Production deploy

Future

After merge, the standard deploy pipeline will run. Production deploys for the order-service component require a release manager approval window.

Will be required: release manager Estimated open: after merge + 30m
Expected criteria when opened
Standard production deploy criteria: post-deploy smoke tests, no SLO breach in past 30m, deploy window open (Mon–Thu 09:00–16:00).

Verification close-out

Future

30 minutes after deploy, the agent will re-scan and propose closing the issue. If anything is unexpected, a human must confirm closure.

Auto-close if rescan clean Human required only if anomaly detected
Auto-close conditions
Finding still closed in Fortify · no new related findings · no production alerts in 30m post-deploy window · zero rollback signals.