'1', 'flow' => 'managed_tenant_onboarding', 'generated_at' => now()->toIso8601String(), 'summary' => [ 'overall' => 'warn', 'counts' => [ 'total' => 1, 'pass' => 0, 'fail' => 0, 'warn' => 1, 'skip' => 0, 'running' => 0, ], ], 'checks' => [ [ 'key' => 'permissions.admin_consent', 'title' => 'Admin consent granted', 'status' => 'warn', 'severity' => 'medium', 'blocking' => false, 'reason_code' => 'permissions_inventory_empty', 'message' => 'No permissions detected.', 'evidence' => [ ['kind' => 'app_id', 'value' => '00000000-0000-0000-0000-000000000000'], ['kind' => 'observed_permissions_count', 'value' => 0], ['kind' => 'client_secret', 'value' => 'nope'], ], 'next_steps' => [], ], ], ]; $sanitized = VerificationReportSanitizer::sanitizeReport($report); $evidence = $sanitized['checks'][0]['evidence'] ?? null; expect($evidence)->toBeArray(); expect($evidence)->toContain(['kind' => 'app_id', 'value' => '00000000-0000-0000-0000-000000000000']); expect($evidence)->toContain(['kind' => 'observed_permissions_count', 'value' => 0]); expect($evidence)->not->toContain(['kind' => 'client_secret', 'value' => 'nope']); });