# Coverage Analysis Checklist

Use this checklist during Phase 3 of the Self-Review SOP.

## Active Extractors Inventory

List all extractors that produced claims:

| Extractor | File Types | Claims Count | Top Files |
|-----------|------------|--------------|-----------|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |

## File Type Coverage

| File Extension | Extractor(s) | Claims | Status |
|----------------|--------------|--------|--------|
| .rs | | | Covered / Gap |
| .toml | | | Covered / Gap |
| .json | | | Covered / Gap |
| .yaml/.yml | | | Covered / Gap |
| .go | | | Covered / Gap |
| .py | | | Covered / Gap |
| .ts/.js | | | Covered / Gap |
| .env | | | Covered / Gap |
| Dockerfile | | | Covered / Gap |
| Other: ___ | | | Covered / Gap |

## Security-Critical Path Audit

These paths MUST have coverage:

### Authentication (`auth/`, `authn/`, `login/`)
- [ ] Path exists in project: YES / NO
- [ ] Claims extracted: ___
- [ ] Extractors active: ___
- [ ] **Status:** Covered / BLOCKER

### Cryptography (`crypto/`, `encryption/`, `tls/`, `ssl/`)
- [ ] Path exists in project: YES / NO
- [ ] Claims extracted: ___
- [ ] Extractors active: ___
- [ ] **Status:** Covered / BLOCKER

### Networking (`network/`, `http/`, `api/`, `rpc/`)
- [ ] Path exists in project: YES / NO
- [ ] Claims extracted: ___
- [ ] Extractors active: ___
- [ ] **Status:** Covered / BLOCKER

### Secrets (`secrets/`, `credentials/`, `.env`)
- [ ] Path exists in project: YES / NO
- [ ] Claims extracted: ___
- [ ] Extractors active: ___
- [ ] **Status:** Covered / BLOCKER

### Authorization (`authz/`, `permissions/`, `acl/`, `rbac/`)
- [ ] Path exists in project: YES / NO
- [ ] Claims extracted: ___
- [ ] Extractors active: ___
- [ ] **Status:** Covered / BLOCKER

## Acceptable Gaps

Gaps that are expected and documented:

| Path Pattern | Reason for Exclusion |
|--------------|---------------------|
| `test/`, `tests/`, `*_test.rs` | Test fixtures, not production |
| `fixtures/`, `testdata/` | Mock data for testing |
| `examples/`, `demo/` | Documentation, not production |
| `vendor/`, `node_modules/` | Third-party code |
| `target/`, `dist/`, `build/` | Generated artifacts |

## Zero-Extraction Analysis

Files/directories with no claims:

| Path | Expected? | Investigation Needed? |
|------|-----------|----------------------|
| | YES / NO | YES / NO |
| | YES / NO | YES / NO |
| | YES / NO | YES / NO |

## Missing Extractor Analysis

Patterns that should be extracted but aren't:

| Pattern | Example File | Suggested Extractor |
|---------|--------------|---------------------|
| | | |
| | | |

## Outcome

- [ ] All active extractors documented
- [ ] File type coverage assessed
- [ ] Security-critical paths checked
- [ ] BLOCKER gaps identified: ___
- [ ] Acceptable gaps documented
- [ ] Missing extractors identified