{# Reproducibility receipt + footnotes — closes the report.

   Notion-style callout with the exact scan fingerprint so a stakeholder
   can paste the command into a terminal and rerun the scan locally.
   Footnotes list the OWASP / CSA / ASI references the findings cited.
#}
<details class="nr-section" id="nr-section-reproducibility" open>
  <summary class="nr-section__summary">
    <span class="nr-section__chevron" aria-hidden="true">▸</span>
    <span class="nr-section__title">Reproducibility</span>
    <span class="nr-section__badge">{{ package_version }}</span>
  </summary>
  <div class="nr-section__body">
    <p class="nr-section__lede">
      Every value below is signed into <span class="nr-mono-inline">scan.json</span>.
      Copy the command to rerun the exact configuration; the evidence
      fingerprint is what an auditor can cross-check.
    </p>

    <div class="nr-callout" role="group" aria-labelledby="nr-repro-label">
      <p class="nr-callout__label" id="nr-repro-label">REPRODUCIBILITY</p>
      <dl class="nr-callout__grid">
        <div class="nr-callout__row">
          <dt>scan_id</dt>
          <dd><span class="nr-mono-inline">{{ scan_id }}</span></dd>
        </div>
        <div class="nr-callout__row">
          <dt>seed</dt>
          <dd><span class="nr-mono-inline">{{ rng_seed }}</span></dd>
        </div>
        <div class="nr-callout__row">
          <dt>guardian</dt>
          <dd><span class="nr-mono-inline">{{ package_version }}</span></dd>
        </div>
        <div class="nr-callout__row">
          <dt>aivss</dt>
          <dd><span class="nr-mono-inline">{{ aivss_formula_version }}</span></dd>
        </div>
        <div class="nr-callout__row">
          <dt>probes</dt>
          <dd><span class="nr-mono-inline">{{ probe_library_version }}</span></dd>
        </div>
        <div class="nr-callout__row">
          <dt>target</dt>
          <dd><span class="nr-mono-inline">{{ target_ref }}</span></dd>
        </div>
        <div class="nr-callout__row">
          <dt>evidence</dt>
          <dd><span class="nr-mono-inline">{{ evidence_fingerprint }}</span></dd>
        </div>
      </dl>
      <div class="nr-callout__command">
        <pre class="nr-callout__pre" id="nr-repro-command"><code>uv run agent-guardian scan \
  --target {{ target_ref }} \
  --tier {{ tier_label }} \
  --seed {{ rng_seed }}</code></pre>
        <button class="nr-callout__copy"
                type="button"
                data-copy-target="#nr-repro-command"
                aria-label="Copy reproducibility command">
          Copy
        </button>
      </div>
    </div>

    <hr class="nr-rule" aria-hidden="true" />

    <section class="nr-footnotes" aria-labelledby="nr-footnotes-title">
      <h3 class="nr-footnotes__title" id="nr-footnotes-title">References</h3>
      <ol class="nr-footnotes__list" role="list">
        <li id="nr-fn-1">
          <span class="nr-footnotes__marker">¹</span>
          OWASP LLM01 — Prompt Injection.
          <a class="nr-link"
             href="https://owasp.org/www-project-top-10-for-large-language-model-applications/">
            owasp.org · LLM Top 10
          </a>
        </li>
        <li id="nr-fn-2">
          <span class="nr-footnotes__marker">²</span>
          OWASP LLM06 — Sensitive Information Disclosure.
        </li>
        <li id="nr-fn-3">
          <span class="nr-footnotes__marker">³</span>
          MITRE ATLAS — Adversarial Threat Landscape for AI Systems.
          <a class="nr-link" href="https://atlas.mitre.org/">atlas.mitre.org</a>
        </li>
        <li id="nr-fn-4">
          <span class="nr-footnotes__marker">⁴</span>
          Cloud Security Alliance — MAESTRO threat model.
        </li>
        <li id="nr-fn-5">
          <span class="nr-footnotes__marker">⁵</span>
          Agent Guardian Adversarial Surface Index v1 — internal policy catalogue.
        </li>
      </ol>
    </section>
  </div>
</details>