sourcegraph
diff --git a/‎AGENTS.md‎
Lines changed: 1 addition & 0 deletions b/‎AGENTS.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎benchmarks/ccb_mcp_compliance/ccx-compliance-124/tests/oracle_checks.py‎
Lines changed: 14 additions & 3 deletions b/‎benchmarks/ccb_mcp_compliance/ccx-compliance-124/tests/oracle_checks.py‎
Lines changed: 14 additions & 3 deletions
diff --git a/‎benchmarks/ccb_mcp_compliance/ccx-compliance-124/tests/task_spec.json‎
Lines changed: 191 additions & 16 deletions b/‎benchmarks/ccb_mcp_compliance/ccx-compliance-124/tests/task_spec.json‎
Lines changed: 191 additions & 16 deletions
diff --git a/‎benchmarks/ccb_mcp_crossorg/ccx-crossorg-121/tests/oracle_checks.py‎
Lines changed: 14 additions & 3 deletions b/‎benchmarks/ccb_mcp_crossorg/ccx-crossorg-121/tests/oracle_checks.py‎
Lines changed: 14 additions & 3 deletions
@@ -44,6 +44,7 @@ full operations manual.
 
 ## Maintenance
 - Root and local `AGENTS.md` / `CLAUDE.md` files are generated from sources in `docs/ops/`.
+- `docs/START_HERE_BY_TASK.md` is generated from `docs/ops/task_routes.json`.
 - Regenerate after edits (single command):
 ```bash
 python3 scripts/refresh_agent_navigation.py
 
@@ -27,6 +27,17 @@
 from typing import Any, Dict, List, Optional
 
 
+def _normalize_repo(repo: str) -> str:
+    """Normalize repo name by stripping github.com/ prefix.
+
+    Agents may report repos as 'github.com/sg-evals/foo' while oracle
+    uses 'sg-evals/foo'. This normalizes both to a common form.
+    """
+    if repo.startswith("github.com/"):
+        return repo[len("github.com/"):]
+    return repo
+
+
 def check_file_set_match(
     answer_files: List[Dict[str, str]],
     oracle_files: List[Dict[str, str]],
@@ -50,7 +61,7 @@ def check_file_set_match(
     [{'repo': 'a/b', 'path': 'x.go'}]
     """
     def _key(item: Dict[str, str]) -> tuple:
-        return (item.get("repo", ""), item.get("path", ""))
+        return (_normalize_repo(item.get("repo", "")), item.get("path", ""))
 
     oracle_set = {_key(f) for f in oracle_files}
     answer_set = {_key(f) for f in answer_files}
@@ -90,7 +101,7 @@ def check_symbol_resolution(
     1.0
     """
     def _key(item: Dict[str, str]) -> tuple:
-        return (item.get("repo", ""), item.get("path", ""), item.get("symbol", ""))
+        return (_normalize_repo(item.get("repo", "")), item.get("path", ""), item.get("symbol", ""))
 
     oracle_set = {_key(s) for s in oracle_symbols}
     answer_set = {_key(s) for s in answer_symbols}
@@ -133,7 +144,7 @@ def check_dependency_chain(
     1.0
     """
     def _key(item: Dict[str, str]) -> tuple:
-        return (item.get("repo", ""), item.get("path", ""), item.get("symbol", ""))
+        return (_normalize_repo(item.get("repo", "")), item.get("path", ""), item.get("symbol", ""))
 
     oracle_keys = [_key(s) for s in oracle_chain]
     answer_keys = [_key(s) for s in answer_chain]
 
@@ -5,35 +5,210 @@
   "category": "F",
   "mcp_suite": "ccb_mcp_compliance",
   "prd": {
-    "user_story": "As a developer, I want to: Audit the Content Security Policy (CSP) enforcement infrastructure in Firefox. Find all C++ source files in `mozilla-firefox/firefox` under `dom/security/` that implement CSP parsing, evaluation, and violation reporting. Specifically: 1. The file that defines `nsCSPParser` — the CSP directive parser. 2. The file that implements `nsCSPContext` — the main CSP context that holds policies. 3. The file that implements CSP violation reporting (`nsCSPUtils` or similar). 4. The header file that declares the `nsIContentSecurityPolicy` XPCOM interface. 5. The file under `dom/security/` that performs script-src evaluation for inline scripts. Report each file path and its primary class or function.",
-    "constraints": ["Provide specific file paths and repository names in your answer.", "Write your findings to /workspace/answer.json."],
+    "user_story": "As a developer, I want to: Audit the Content Security Policy (CSP) enforcement infrastructure in Firefox. Find all C++ source files in `mozilla-firefox/firefox` under `dom/security/` that implement CSP parsing, evaluation, and violation reporting. Specifically: 1. The file that defines `nsCSPParser` \u2014 the CSP directive parser. 2. The file that implements `nsCSPContext` \u2014 the main CSP context that holds policies. 3. The file that implements CSP violation reporting (`nsCSPUtils` or similar). 4. The header file that declares the `nsIContentSecurityPolicy` XPCOM interface. 5. The file under `dom/security/` that performs script-src evaluation for inline scripts. Report each file path and its primary class or function.",
+    "constraints": [
+      "Provide specific file paths and repository names in your answer.",
+      "Write your findings to /workspace/answer.json."
+    ],
     "success_definition": "Agent successfully identifies relevant files and symbols across all repos in the mozilla-firefox fixture.",
-    "seed_prompt": "Audit the Content Security Policy (CSP) enforcement infrastructure in Firefox. Find all C++ source files in `mozilla-firefox/firefox` under `dom/security/` that implement CSP parsing, evaluation, and violation reporting. Specifically: 1. The file that defines `nsCSPParser` — the CSP directive parser. 2. The file that implements `nsCSPContext` — the main CSP context that holds policies. 3. The file that implements CSP violation reporting (`nsCSPUtils` or similar). 4. The header file that declares the `nsIContentSecurityPolicy` XPCOM interface. 5. The file under `dom/security/` that performs script-src evaluation for inline scripts. Report each file path and its primary class or function."
+    "seed_prompt": "Audit the Content Security Policy (CSP) enforcement infrastructure in Firefox. Find all C++ source files in `mozilla-firefox/firefox` under `dom/security/` that implement CSP parsing, evaluation, and violation reporting. Specifically: 1. The file that defines `nsCSPParser` \u2014 the CSP directive parser. 2. The file that implements `nsCSPContext` \u2014 the main CSP context that holds policies. 3. The file that implements CSP violation reporting (`nsCSPUtils` or similar). 4. The header file that declares the `nsIContentSecurityPolicy` XPCOM interface. 5. The file under `dom/security/` that performs script-src evaluation for inline scripts. Report each file path and its primary class or function."
   },
   "artifacts": {
     "repo_set_id": "mozilla-firefox",
     "oracle": {
-      "required_files": [],
-      "required_symbols": [],
+      "required_files": [
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsCSPParser.h"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsCSPParser.cpp"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsCSPContext.h"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsCSPContext.cpp"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsCSPUtils.h"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsCSPUtils.cpp"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsCSPService.h"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsCSPService.cpp"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/CSPViolationData.h"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/CSPViolationData.cpp"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/interfaces/security/nsIContentSecurityPolicy.idl"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/moz.build"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsContentSecurityUtils.cpp"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsMixedContentBlocker.cpp"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/SRIMetadata.cpp"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/PolicyContainer.cpp"
+        }
+      ],
+      "required_symbols": [
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsCSPParser.h",
+          "symbol": "nsCSPParser"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsCSPParser.h",
+          "symbol": "parseContentSecurityPolicy"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsCSPContext.h",
+          "symbol": "nsCSPContext"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsCSPContext.cpp",
+          "symbol": "ShouldLoad"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsCSPUtils.h",
+          "symbol": "nsCSPUtils"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/nsCSPService.h",
+          "symbol": "nsCSPService"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/security/CSPViolationData.h",
+          "symbol": "CSPViolationData"
+        },
+        {
+          "repo": "sg-evals/firefox--871325b8",
+          "path": "dom/interfaces/security/nsIContentSecurityPolicy.idl",
+          "symbol": "nsIContentSecurityPolicy"
+        }
+      ],
       "required_references": [],
-      "dependency_chains": []
+      "dependency_chains": [
+        {
+          "steps": [
+            {
+              "repo": "sg-evals/firefox--871325b8",
+              "path": "dom/interfaces/security/nsIContentSecurityPolicy.idl",
+              "symbol": "nsIContentSecurityPolicy"
+            },
+            {
+              "repo": "sg-evals/firefox--871325b8",
+              "path": "dom/security/nsCSPParser.h",
+              "symbol": "nsCSPParser"
+            },
+            {
+              "repo": "sg-evals/firefox--871325b8",
+              "path": "dom/security/nsCSPParser.cpp",
+              "symbol": "parseContentSecurityPolicy"
+            },
+            {
+              "repo": "sg-evals/firefox--871325b8",
+              "path": "dom/security/nsCSPContext.h",
+              "symbol": "nsCSPContext"
+            },
+            {
+              "repo": "sg-evals/firefox--871325b8",
+              "path": "dom/security/nsCSPContext.cpp",
+              "symbol": "ShouldLoad"
+            },
+            {
+              "repo": "sg-evals/firefox--871325b8",
+              "path": "dom/security/nsCSPService.cpp",
+              "symbol": "nsCSPService"
+            },
+            {
+              "repo": "sg-evals/firefox--871325b8",
+              "path": "dom/security/nsCSPUtils.cpp",
+              "symbol": "nsCSPUtils"
+            },
+            {
+              "repo": "sg-evals/firefox--871325b8",
+              "path": "dom/security/CSPViolationData.h",
+              "symbol": "CSPViolationData"
+            }
+          ]
+        }
+      ]
     }
   },
   "evaluation": {
-    "modes": ["deterministic"],
+    "modes": [
+      "deterministic"
+    ],
     "checks": [
-  {
-    "type": "file_set_match",
-    "params": {
-      "search_pattern": "",
-      "file_filter": ""
-    }
-  }
-],
+      {
+        "type": "file_set_match",
+        "params": {
+          "search_pattern": "",
+          "file_filter": ""
+        }
+      },
+      {
+        "type": "keyword_presence",
+        "params": {
+          "required_keywords": [
+            "nsCSPParser",
+            "parseContentSecurityPolicy",
+            "nsCSPContext",
+            "ShouldLoad",
+            "nsCSPUtils",
+            "nsCSPService",
+            "CSPViolationData",
+            "nsIContentSecurityPolicy"
+          ]
+        }
+      }
+    ],
     "eval_script": "/tests/eval.sh",
     "pass_exit_code": 0
   },
   "logging": {
-    "required_metrics": ["oracle_coverage", "time_to_first_oracle_hit_ms", "unique_repos_touched"]
+    "required_metrics": [
+      "oracle_coverage",
+      "time_to_first_oracle_hit_ms",
+      "unique_repos_touched"
+    ]
   }
 }
@@ -27,6 +27,17 @@
 from typing import Any, Dict, List, Optional
 
 
+def _normalize_repo(repo: str) -> str:
+    """Normalize repo name by stripping github.com/ prefix.
+
+    Agents may report repos as 'github.com/sg-evals/foo' while oracle
+    uses 'sg-evals/foo'. This normalizes both to a common form.
+    """
+    if repo.startswith("github.com/"):
+        return repo[len("github.com/"):]
+    return repo
+
+
 def check_file_set_match(
     answer_files: List[Dict[str, str]],
     oracle_files: List[Dict[str, str]],
@@ -50,7 +61,7 @@ def check_file_set_match(
     [{'repo': 'a/b', 'path': 'x.go'}]
     """
     def _key(item: Dict[str, str]) -> tuple:
-        return (item.get("repo", ""), item.get("path", ""))
+        return (_normalize_repo(item.get("repo", "")), item.get("path", ""))
 
     oracle_set = {_key(f) for f in oracle_files}
     answer_set = {_key(f) for f in answer_files}
@@ -90,7 +101,7 @@ def check_symbol_resolution(
     1.0
     """
     def _key(item: Dict[str, str]) -> tuple:
-        return (item.get("repo", ""), item.get("path", ""), item.get("symbol", ""))
+        return (_normalize_repo(item.get("repo", "")), item.get("path", ""), item.get("symbol", ""))
 
     oracle_set = {_key(s) for s in oracle_symbols}
     answer_set = {_key(s) for s in answer_symbols}
@@ -133,7 +144,7 @@ def check_dependency_chain(
     1.0
     """
     def _key(item: Dict[str, str]) -> tuple:
-        return (item.get("repo", ""), item.get("path", ""), item.get("symbol", ""))
+        return (_normalize_repo(item.get("repo", "")), item.get("path", ""), item.get("symbol", ""))
 
     oracle_keys = [_key(s) for s in oracle_chain]
     answer_keys = [_key(s) for s in answer_chain]