subjectId
language:c
inScope
Operating systems, kernels, embedded firmware, performance-critical
libraries (codecs, crypto), interpreter cores, and any environment
that needs a thin portable abstraction over hardware.
outOfScope
Application-level code where memory-safety bugs cost more than the
perf wins (use Rust or Go), and projects with junior teams without
secure-coding discipline.
outOfScopeReasonIds