mvar-security · Sdvegas21 · Mar 5, 2026 · Mar 6, 2026 · Mar 6, 2026 · Mar 6, 2026
@@ -6,3 +6,6 @@ contact_links:
   - name: Contribution guide
     url: https://github.com/mvar-security/mvar/blob/main/docs/BUILD_WITH_US.md
     about: Read contribution expectations and security invariants before opening issues/PRs.
+  - name: Integration playbook
+    url: https://github.com/mvar-security/mvar/blob/main/docs/AGENT_INTEGRATION_PLAYBOOK.md
+    about: Review adapter contract requirements before requesting new framework integrations.
@@ -0,0 +1,64 @@
+---
+name: Integration Request
+about: Request or propose a first-party integration path for MVAR
+title: "[INTEGRATION] "
+labels: ["integration", "triage"]
+assignees: ""
+---
+
+## Integration Target
+
+Which runtime or framework should MVAR integrate with?
+
+- [ ] LangChain / LangGraph
+- [ ] OpenAI Agents SDK
+- [ ] OpenAI Responses runtime
+- [ ] Google ADK
+- [ ] MCP server/tooling
+- [ ] AutoGen / CrewAI
+- [ ] OpenClaw
+- [ ] Other:
+
+## Use Case
+
+Describe the exact deployment path and what should be enforced.
+
+## Tool Boundary
+
+Which tool operations are in scope?
+
+- [ ] shell / command execution
+- [ ] filesystem writes
+- [ ] network egress
+- [ ] credential-bearing API calls
+- [ ] other:
+
+## Proposed Contract
+
+What should the adapter preserve?
+
+- [ ] deterministic sink outcome (ALLOW/BLOCK/STEP_UP)
+- [ ] provenance node continuity into tool calls
+- [ ] execution-witness binding semantics
+- [ ] trace fields (`policy_hash`, integrity, sink risk)
+
+## Minimal Repro (Optional)
+
+```bash
+# minimal commands from clean checkout
+```
+
+## Acceptance Criteria
+
+How do we know this integration is done?
+
+- [ ] adapter example added
+- [ ] regression test(s) added
+- [ ] docs quickstart added
+- [ ] launch-gate coverage added (if applicable)
+
+## Contribution Intent
+
+- [ ] I can open a PR
+- [ ] I can test a draft PR
+- [ ] Request only
@@ -1,3 +1,5 @@
+![MVAR Banner](./assets/mvar-banner.png)
+
 # MVAR — MIRRA Verified Agent Runtime
 
 Deterministic enforcement that prevents prompt-injection attacks from reaching tool execution in LLM agents.
@@ -92,6 +94,7 @@ What this proves:
 
 - Runtime trust map: [TRUST.md](TRUST.md)
 - Current security snapshot: [STATUS.md](STATUS.md)
+- Integration intake template: [.github/ISSUE_TEMPLATE/integration_request.md](.github/ISSUE_TEMPLATE/integration_request.md)
 - Profile behavior: [docs/SECURITY_PROFILES.md](docs/SECURITY_PROFILES.md)
 - Public-bind incident class and mitigation: [docs/INCIDENT_CLASS_PUBLIC_BIND_MAR2_2026.md](docs/INCIDENT_CLASS_PUBLIC_BIND_MAR2_2026.md)
 - Troubleshooting matrix: [docs/TROUBLESHOOTING.md](docs/TROUBLESHOOTING.md)
@@ -159,6 +162,7 @@ python examples/otel_demo.py
 ## Research
 
 - [Execution-Witness Binding: Proof-Carrying Authorization for LLM Agent Runtimes](docs/papers/execution-witness-binding.pdf) (February 2026) — Technical paper describing MVAR's novel contributions: composition risk detection, execution-witness binding for TOCTOU prevention, and persistent replay defense.
+- SSRN preprint listing: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=6352164
 
 ---
 

@@ -1,8 +1,8 @@
 # MVAR Security Status
 
-**Last updated:** 2026-03-04T03:26:55.066368+00:00  
-**Version:** 1.2.1  
-**Commit:** 788e9bbafaebaa75e3c2fec792e06e0cf2a2e52a
+**Last updated:** 2026-03-05T21:03:03.412465+00:00  
+**Version:** 1.2.2  
+**Commit:** 50c5723a1198cadcb8280eca32ac2d6e4c2e85ac
 
 ## Attack Corpus Coverage
 

@@ -1,5 +1,19 @@
 # Unreleased
 
+## Maintainer and Adoption Hygiene
+
+- Added integration-request intake template:
+  - `.github/ISSUE_TEMPLATE/integration_request.md`
+  - captures target framework, boundary scope, and acceptance criteria for first-party adapters
+
+- Added integration playbook contact link:
+  - `.github/ISSUE_TEMPLATE/config.yml`
+  - routes requesters to `docs/AGENT_INTEGRATION_PLAYBOOK.md` before filing
+
+- Refreshed repository security status metadata:
+  - `STATUS.md` regenerated from scorecard artifact
+  - package/runtime version strings aligned to `1.2.2`
+
 ## Adoption and Trust Surfaces
 
 - Added top-level trust map: `TRUST.md`

@@ -0,0 +1,27 @@
+# MVAR v1.2.2 — Scorecard and CI Reliability Hardening
+
+## Validation Snapshot
+
+- Launch gate: PASS
+- Security scorecard workflow: PASS
+- CodeQL analyze: PASS
+- Attack corpus: 50/50 blocked
+- Benign corpus: 200/200 passed (0 false blocks)
+- Red-team gate: 7/7 passing
+
+## Security and Governance
+
+- Added `SCORECARD_TOKEN` fallback in scorecard workflow auth path to improve branch-protection visibility and scorecard API reliability.
+- Hardened required-check context handling so merge-blocking checks align with emitted workflow contexts.
+- Kept launch-gate and security validation matrix green for Python 3.10/3.11/3.12 and Docker smoke path.
+
+## Repository Hygiene
+
+- Added SPDX license identifier and canonical Apache-2.0 license text normalization.
+- Added `CODEOWNERS` for explicit ownership coverage.
+- Added collapsed attack-matrix teaser near README top for faster reviewer orientation.
+
+## Compatibility
+
+- No runtime behavior changes in enforcement engine for this release line.
+- CI/governance hardening and documentation structure updates only.
@@ -1,5 +1,5 @@
 # MVAR Core - Information Flow Control for AI Agents
-__version__ = "1.2.1"
+__version__ = "1.2.2"
 
 try:
     from .profiles import SecurityProfile, apply_profile, create_default_runtime, profile_summary

@@ -12,7 +12,7 @@
 
 setup(
     name="mvar",
-    version="1.2.1",
+    version="1.2.2",
     author="Shawn Cohen",
     author_email="security@mvar.io",
     description="MVAR: Information Flow Control for LLM Agent Runtimes — Deterministic prompt injection defense via dual-lattice IFC with cryptographic provenance",