Security score
100/100
governed
Why this score
100/100 = 100 − no deductions — clean posture. Credential risk Lower (revocable OAuth, enterprise-backed). Policy-bound.
No prior regression — worst observed equals current (100).
Identity & Access
- user
- mark
- mark@qpoint.io
- org_id
- org_qpoint
- account_uuid
- acct_7f3a91c4e0b2
- host
- mp-mbp
- auth_method
- oauth_jwt
- cred_risk
- Lower
revocable OAuth, enterprise-backed
Process & Runtime
- name / version
- Claude Code · v2.1.161
- configured_model
- claude-opus-4-8
- runtime_model
- claude-opus-4-8
- binary_path
- /Users/mark/.local/bin/claude
- cwd
- /Users/mark/web/qpoint/bob-wire
- config_source
- /Users/mark/.claude/settings.json
- first_seen
- 2026-05-08T09:14:00Z
- last_active
- 2026-06-03T14:02:11Z
Data Access
data-risk 12320
file reads
45
file writes
410
file opens
1.2k
tool calls
Sensitive paths
Path | Category | Severity | Opens |
|---|---|---|---|
| ./.env | secret_file | high | 3 |
| ~/.aws/credentials | cloud_credentials | high | 1 |
MCP Servers
footprint 248 · 2 × 124 callsServer | Calls |
|---|---|
| mcp.figma.com | 84 |
| github-mcp | 40 |
Token & Cost
6.9M tokens · $214.50input1.2M
output180.0k
cache read4.8M
cache write600.0k
reasoning90.0k
total cost$214.50
By model
claude-opus-4-86.9M tok · 1.2k calls · $214.50
Security Score
target ≥ 80Standard
Meets the ≥ 80 target. Policy-bound.
Risk factors
No risk factors — clean posture.
Is it working? — task outcomes
measuredWhat it did — recent activity
1.8k observed eventsNetwork Egress
detail-level signal · not an organizing surfaceHost : Port | TLS | Allowlisted |
|---|---|---|
| api.anthropic.com:443 | TLSv1_3 | yes |
| mcp.figma.com:443 | TLSv1_3 | no |
Do next
Derived: deductions (factors × FACTOR_PTS) · delta vs worst_score · data-risk sub-score (Σ severity×opens) · MCP footprint (servers × calls) · effectiveness signal (measured|inferred|none) · activity slice (tool/file/mcp) · isCompoundRisk — from app/data/c16-fleet.ts (qcontrol /api shape).