profile_id: authz-bypass-generic
match_rules:
  keywords:
    - authorization bypass
    - auth bypass
    - access control
vuln_family: authz-bypass
provisioning_mode: real
artifact_source:
  strategy: official-image-or-source
required_services:
  - app
seed_actions:
  - kind: note
    message: Create low-privilege and admin test users for server-side recheck validation.
baseline_actions:
  - kind: http-get
    path: /
attack_actions:
  - kind: note
    message: Use minimal authorization bypass probes defined by case-specific runner or manual session tooling.
browser_assertions:
  required: false
success_criteria:
  - Protected route or action is evaluated with controlled credentials and logged.
cleanup_policy: destroy
destructive_risk: medium
allowed_target_types:
  - lab-local
  - lab-public
  - authorized-third-party