# Pitfall Log

Project: Khamel83/argus

Summary: Found 29 structured pitfall item(s), including 2 high/blocking item(s). Top priority: Security or permission risk - Security or permission risk requires verification.

## 1. Security or permission risk - Security or permission risk requires verification

- Severity: high
- Evidence strength: source_linked
- Finding: Developers should check this security_permissions risk before relying on the project: Escalation: argus#12 deployment requires manual SSH access
- User impact: Developers may expose sensitive permissions or credentials: Escalation: argus#12 deployment requires manual SSH access
- Evidence: failure_mode_cluster:github_issue | https://github.com/Khamel83/argus/issues/13

## 2. Security or permission risk - Security or permission risk requires verification

- Severity: high
- Evidence strength: source_linked
- Finding: Developers should check this security_permissions risk before relying on the project: Multi-egress worker: code complete, deployment pending
- User impact: Developers may expose sensitive permissions or credentials: Multi-egress worker: code complete, deployment pending
- Evidence: failure_mode_cluster:github_issue | https://github.com/Khamel83/argus/issues/12

## 3. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: [Feature] - Tool Hive
- User impact: Developers may fail before the first successful local run: [Feature] - Tool Hive
- Evidence: failure_mode_cluster:github_issue | https://github.com/Khamel83/argus/issues/15

## 4. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: v1.3.0
- User impact: Upgrade or migration may change expected behavior: v1.3.0
- Evidence: failure_mode_cluster:github_release | https://github.com/Khamel83/argus/releases/tag/v1.3.0

## 5. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: v1.3.1
- User impact: Upgrade or migration may change expected behavior: v1.3.1
- Evidence: failure_mode_cluster:github_release | https://github.com/Khamel83/argus/releases/tag/v1.3.1

## 6. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: v1.3.3
- User impact: Upgrade or migration may change expected behavior: v1.3.3
- Evidence: failure_mode_cluster:github_release | https://github.com/Khamel83/argus/releases/tag/v1.3.3

## 7. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: v1.4.0
- User impact: Upgrade or migration may change expected behavior: v1.4.0
- Evidence: failure_mode_cluster:github_release | https://github.com/Khamel83/argus/releases/tag/v1.4.0

## 8. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: v1.5.0
- User impact: Upgrade or migration may change expected behavior: v1.5.0
- Evidence: failure_mode_cluster:github_release | https://github.com/Khamel83/argus/releases/tag/v1.5.0

## 9. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a installation risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/Khamel83/argus/issues/13

## 10. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a installation risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/Khamel83/argus/issues/19

## 11. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a configuration risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: capability.host_targets | https://github.com/Khamel83/argus

## 12. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: deploy: expose dashboard at khamel.com/argus/ behind Authentik
- User impact: Developers may misconfigure credentials, environment, or host setup: deploy: expose dashboard at khamel.com/argus/ behind Authentik
- Evidence: failure_mode_cluster:github_issue | https://github.com/Khamel83/argus/issues/9

## 13. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: feat: Shapley value attribution for search scoring, provider routing, and extraction quality
- User impact: Developers may misconfigure credentials, environment, or host setup: feat: Shapley value attribution for search scoring, provider routing, and extraction quality
- Evidence: failure_mode_cluster:github_issue | https://github.com/Khamel83/argus/issues/7

## 14. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: v1.6.1
- User impact: Upgrade or migration may change expected behavior: v1.6.1
- Evidence: failure_mode_cluster:github_release | https://github.com/Khamel83/argus/releases/tag/v1.6.1

## 15. Capability evidence risk - Capability evidence risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: README/documentation is current enough for a first validation pass.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: capability.assumptions | https://github.com/Khamel83/argus

## 16. Runtime risk - Runtime risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a runtime risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/Khamel83/argus/issues/5

## 17. Maintenance risk - Maintenance risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this migration risk before relying on the project: v1.6.2
- User impact: Upgrade or migration may change expected behavior: v1.6.2
- Evidence: failure_mode_cluster:github_release | https://github.com/Khamel83/argus/releases/tag/v1.6.2

## 18. Maintenance risk - Maintenance risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a maintenance risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://github.com/Khamel83/argus

## 19. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: no_demo
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: downstream_validation.risk_items | https://github.com/Khamel83/argus

## 20. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: no_demo
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: risks.scoring_risks | https://github.com/Khamel83/argus

## 21. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a security or permission risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/Khamel83/argus/issues/12

## 22. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a security or permission risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/Khamel83/argus/issues/9

## 23. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a security or permission risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/Khamel83/argus/issues/7

## 24. Capability evidence risk - Capability evidence risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this capability risk before relying on the project: Expose build-research-pack as MCP tool
- User impact: Developers may hit a documented source-backed failure mode: Expose build-research-pack as MCP tool
- Evidence: failure_mode_cluster:github_issue | https://github.com/Khamel83/argus/issues/19

## 25. Capability evidence risk - Capability evidence risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this capability risk before relying on the project: Investigate unexplained Valvu credit consumption when not in use
- User impact: Developers may hit a documented source-backed failure mode: Investigate unexplained Valvu credit consumption when not in use
- Evidence: failure_mode_cluster:github_issue | https://github.com/Khamel83/argus/issues/5

## 26. Capability evidence risk - Capability evidence risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this conceptual risk before relying on the project: Add AGENTS.md: MCP + HTTP usage contract for agents
- User impact: Developers may hit a documented source-backed failure mode: Add AGENTS.md: MCP + HTTP usage contract for agents
- Evidence: failure_mode_cluster:github_issue | https://github.com/Khamel83/argus/issues/18

## 27. Capability evidence risk - Capability evidence risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this conceptual risk before relying on the project: Add MCP vs HTTP section to README
- User impact: Developers may hit a documented source-backed failure mode: Add MCP vs HTTP section to README
- Evidence: failure_mode_cluster:github_issue | https://github.com/Khamel83/argus/issues/20

## 28. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: issue_or_pr_quality=unknown。
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://github.com/Khamel83/argus

## 29. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: release_recency=unknown。
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://github.com/Khamel83/argus
