{
  "context": "Tests whether the agent uses 1Password Connect for runtime application secrets (not GitHub repository secrets), OIDC for cloud authentication (not long-lived credentials), enforces correct secret hygiene in workflow steps, and sets minimal workflow permissions.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "1Password for runtime env",
      "description": "Uses 1password/load-secrets-action (or the load-1password-env composite action) to render runtime application secrets, rather than referencing them directly from `secrets.*` in the deploy step",
      "max_score": 12
    },
    {
      "name": "op:// references in template",
      "description": "An env template file is committed to the repo containing `op://` references (not plaintext secrets), e.g. `op://vault/item/field` format",
      "max_score": 8
    },
    {
      "name": "OIDC for cloud credentials",
      "description": "Uses aws-actions/configure-aws-credentials (with `role-to-assume`) or equivalent OIDC mechanism for cloud access, NOT a long-lived AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY in secrets",
      "max_score": 12
    },
    {
      "name": "id-token write at job level",
      "description": "The deploy job grants `id-token: write` permission at the job level (not at the workflow root), and the workflow root uses `contents: read` only",
      "max_score": 9
    },
    {
      "name": "Root permissions minimal",
      "description": "The workflow-level `permissions:` block grants only `contents: read` (or is absent and the job-level grants are used exclusively)",
      "max_score": 7
    },
    {
      "name": "No secrets as CLI flags",
      "description": "Secret values are passed to commands via environment variables (the `env:` block), NOT as positional or named command-line arguments",
      "max_score": 9
    },
    {
      "name": "No env file dump",
      "description": "No workflow step uses `cat`, `echo`, or `print` to output the full contents of a rendered `.env` or secrets file",
      "max_score": 9
    },
    {
      "name": "account-id in vars not secrets",
      "description": "Non-sensitive identifiers like Cloudflare account ID or AWS account ID are referenced from `vars.*` (not `secrets.*`) in the workflow",
      "max_score": 7
    },
    {
      "name": "Fine-grained PAT",
      "description": "Any PAT used for cross-repo operations is stored with a scoped name (e.g. `TAP_GITHUB_TOKEN`, `OPS_TRIGGER_TOKEN`) and the explanation does NOT reference a classic `ghp_` PAT or an unscoped token",
      "max_score": 8
    },
    {
      "name": "GitHub secrets only for bootstrap",
      "description": "The written explanation or comments describe GitHub secrets as holding only CI-access credentials (e.g. OP_SERVICE_ACCOUNT_TOKEN, cloud OIDC role ARN) — not application runtime env values",
      "max_score": 9
    },
    {
      "name": "Env rendered in runner not VPS",
      "description": "For VPS/container deployments, the env file is rendered on the GitHub Actions runner (not on the VPS), and the rendered file is transferred to the VPS via scp or equivalent",
      "max_score": 10
    }
  ]
}