๐Ÿ“Š

Structured Gate Reviews

Every phase ends with a structured gate review โ€” operator decisions, not auto-pilot. Four verdicts, full context, no surprises.

Overview

PortShim is not an autonomous scanner โ€” it's an operator-in-the-loop pipeline. At the end of every phase, a structured gate review presents findings, metrics, and recommendations. The operator decides what happens next.

Gate Review Structure

Each gate presents:

  1. Phase summary โ€” What was scanned, what was found, how long it took
  2. Key findings โ€” Prioritised list with severity, confidence, and evidence
  3. Model performance โ€” Tokens processed, inference time, cost/time estimate
  4. Recommendation โ€” LLM-generated suggestion based on findings
  5. Decision prompt โ€” Four choices awaiting operator input

The Four Verdicts

Gate 1 โ€” Topology Review

The most detailed gate. topology.py --gate1 produces complete host summaries from nmap XML โ€” never truncated, never abbreviated. The operator sees every discovered host with its classified role, open ports, and OS fingerprint before approving the target list for vulnerability analysis.

AI Agent Integration

Gate reviews are agent-friendly by design. When paired with Hermes Agent or another AI assistant, reviews become interactive conversations. The agent presents findings, answers questions about specific hosts or vulnerabilities, waits for your decision, and executes the chosen action. Common workflows:

Audit Trail

All gate decisions are logged with timestamp, operator identity, and the context that led to the decision. This produces a complete engagement record suitable for compliance, legal review, or after-action analysis.