Foxguard ablation baseline — 2026-05-22
Empty baseline. Committed alongside the Foxguard sibling runner in pwnkit#254 so the decision gate has an honest starting point. All slots below are
<pending>until the harness is run.Re-run via
node packages/benchmark/scripts/foxguard-ablation.mjs --slice all. Slot definitions live in_template.md.
Pinned versions
Section titled “Pinned versions”- pwnkit —
<pending>(commit at time of run) - Foxguard —
v0.8.1(theFOXGUARD_PINNED_TAGconstant inpackages/core/src/shared-analysis.ts) - Semgrep —
<pending>(output ofsemgrep --version)
Result
Section titled “Result”| Slice | Static | Findings | Confirmed | Wall (s) | FP rate |
|---|---|---|---|---|---|
| self-scan | semgrep | <pending> | <pending> | <pending> | <pending> |
| self-scan | foxguard | <pending> | <pending> | <pending> | <pending> |
| xbow-bb-wave | semgrep | <pending> | <pending> | <pending> | <pending> |
| xbow-bb-wave | foxguard | <pending> | <pending> | <pending> | <pending> |
| npm-bench-wave | semgrep | <pending> | <pending> | <pending> | <pending> |
| npm-bench-wave | foxguard | <pending> | <pending> | <pending> | <pending> |
Decision
Section titled “Decision”- Confirmed-findings gate (≥ semgrep on source-code):
<pending> - Wall-time gate (≥ 2× faster on source-code):
<pending> - Category-coverage gate (no PHP/JS regression):
<pending>
Decision: <pending — harness has not been run yet>
Follow-up issue (if applicable): <pending>
- This file exists so that the directory has a dated artifact from
day zero. The next agent or operator to run the harness should
replace the
<pending>slots with measured numbers and either keep Foxguard as the default inselectedStaticScanner()or revert the default to Semgrep and close pwnkit#254 as evaluated. - Do not delete this file even after the gate is decided — it is the starting reference point for any future re-evaluation if Foxguard ships a major release.