MAGATAMA Attack-Path Fix Guidance Live Deploy

Date: 2026-05-07 UTC

Scope

The Attack Paths detail sidebar rendered a real CTA labeled Open Fix Guidance, but the click handler only executed:

No real drawer, ticket, or finding guidance path opened from that action.

The local training API service for MAGATAMA lane automation is managed by:

Live checks showed:

LaunchAgent state: running
port listener on *:3214
health response on localhost when checked outside sandbox restrictions:
- status = ok
- service = magatama-train-api
- running = false
- pid = null

Interpretation:

the API process is healthy and reachable
it is currently idle between runs
the remaining proof point for automation is a fresh lane training run that writes back lane-specific run metadata and completes local adoption/version switching

File:

Changes:

added openFixGuidanceForNode(nodeId)
showNodeDetail(n) now wires the CTA to the new helper instead of a toast
if the graph node maps to a real finding:
- MAGATAMA opens the existing finding/ticket detail via openTicket(id)
if the node is synthetic and has no backing finding:
- MAGATAMA now shows a clear warning toast instead of pretending guidance opened

Updated file copied to Erik:

Dashboard restarted:

Remote file verification confirmed presence of:

Attack Paths no longer expose a fake remediation CTA
the CTA now routes into the actual MAGATAMA guidance/detail path when the node represents a real finding
local training API health is confirmed, but lane-specific successful return/adoption still needs validation with a fresh real training run