Failure Atlas

Navigate failure domains, deterministic reproductions, containment guardrails, and postmortems as one connected documentation system.

FP = Failure Pattern FM = Failure Mode / Reproduction GR = Guardrail PM = Postmortem

FP_002 · Extension Authority Persistence

Type
FP
Failure domain
Policy Enforcement
Mechanism
Extension Authority Lifecycle
Status
draft
View source on GitHub

Related artifacts

FP_001 · FM_001 · GR_002 · PM_002 · FP_003

Failure Pattern

Authority granted to an extension persists beyond the extension lifecycle, creating stale privilege scope.

Hidden Assumption

Revoking/deactivating a component is assumed to revoke all delegated authority derived from it.

Trigger Condition

Extension/plugin uninstall or deactivation occurs while delegated credential/tool bindings remain registered.

Failure Mechanism

Lifecycle management and authority registry evolve independently. Revocation path is missing or asynchronous enough to leave active stale grants.

Observable Symptoms

  • registry contains bindings for inactive extension IDs
  • operations still pass authority checks after uninstall
  • policy intent differs from runtime capability surface

Detection

registry.contains(extension_id) AND NOT extension_active(extension_id)

Lab Reproduction

  • lab/failure_modes/FM_001_duplicate_retry/

Relevant Guardrails

  • guardrails/GR_002_lifecycle_bound_authority.md

Postmortem

  • lab/postmortems/PM_002_extension_authority_persistence.md
  • FP_001 Duplicate Execution After Retry Timeout
  • FP_003 Read-only Enforcement Gap