{"contract":"secmon-evidence-v1","required_fields":["report_id","client","scope","test_window","target","verification_method","methodology_refs","finding_id","title","severity","cvss","cwe","affected_asset","endpoint_or_vector","exploitability","impact","reproduction_steps","request_response_or_trace","screenshots_or_video_refs","attack_path_or_attck_mapping","remediation","owner","sla_due","retest_status","audit_events","appendix_refs"],"severity_sla_days":{"critical":3,"high":7,"medium":30,"low":60,"info":90},"statuses":["accepted","false_positive","fixed","in_progress","open"],"guardrails":["verified target required before scan","AI brief uses existing report data only","deep profiles require trusted/admin role","audit trail records important actions"]}