Public Docs / Risk / Signal Families
Risk Signal Families
Public taxonomy of the signal families used by risk-oriented workflows.
- Severity Signals: severity baselines and confidence-aware interpretations.
- Exploit Signals: observed exploit references, exploitation likelihood proxies, and exploit-intelligence indicators.
- Malware Signals: package-level malicious behavior evidence and consensus outcomes.
- Supply Chain Signals: package/repository integrity and provenance divergence indicators.
- Exposure Signals: scope, prevalence, and environmental relevance metrics.
- Operational Signals: queue and review-state indicators that affect response urgency.
Signal weights, thresholds, and enforcement internals are intentionally excluded from public documentation.