00DESIGN SYSTEM

Evidence, not narrative.

The visual language for CVE Hunter: a static-analysis CLI that reports security findings with labelled evidence. Warm-dark, monospace-forward, editorial — closer to a forensic log than a dashboard.

v 0.1 · draft

apr 2026

inspirations

linear · cloudflare · vercel

mode

dark-first

accent

signal #E5484D

01COLOR

A warm dark with one loud accent.

Neutrals drift warm so the page reads like ink on paper, not chrome on glass. Signal red is the only decorative colour. Semantic colour is reserved strictly for evidence state.

Neutrals

bg#0B0A09

bg-1#110F0D

bg-2#18150F

bg-3#1F1B14

line-strong#3A3224

ink#F5F1E8

Brand + Semantic

signal#E5484D

rust#D4492E

ok#3BD07A

warn#F2A33B

info#6AB6F9

violet#B084F3

02TYPE

Geist · Geist Mono · Instrument Serif.

Geist handles UI and editorial sans duty. Geist Mono marks meta, code, values, and provenance hashes. Instrument Serif italic is a rare accent — used for single emphasised words, never whole sentences.

Display · 72 / 500

Findings with evidence.

H1 · 48 / 500

Point the CLI at a git repository.

H2 · 28 / 500

Specialists answer specific questions.

H3 · 18 / 600

Evidence assembler

Body · 16 / 400

Each finding carries a CPG reachability path, a sanitiser-harvested artefact, or a structural-invariant trace — plus a signed provenance triple.

Meta · 11 mono

§ 04 · EVIDENCE HIERARCHY

Code · 13 mono

$ cveh scan /target --out ./runs # respects allow-list

03EVIDENCE RANKS

Five ranks. One gate.

The product's core abstraction gets a dedicated visual language. Rank 1 is deterministic truth; rank 5 is tuned model inference. Colour is ordered, but not ordinal-loaded — no rank reads as "bad".

1 Reachability

CPG / CodeQL taint path. Deterministic.

2 Crash

OSS-Fuzz / syzbot artefact. Harvested.

3 Ensemble

3 families + held-out judge.

4 Invariant

Structural / test-derived rule.

5 Validator

Fine-tuned per-CWE check.

CONFIRMED

state: confirmed

Carries rank 3 plus one of rank 1, 2, or 4.

CANDIDATE

state: candidate

Doesn't meet the confirmed bar. Reported with lower-confidence labelling. Never silently suppressed.

04COMPONENTS

Buttons, chips, severity, finding card.

Buttons

Chips

Reachable Potentially Reachable Unreachable Confirmed Ensemble 4/4 Joern CPG

Severity

Critical High Medium Low

Finding card

Critical CWE-416 · Use-After-Free

1 3 5

Session token not invalidated on logout

src/auth/session.py:42–68 · validate_token()

Reachable Ensemble 4/4 confirmed

05MOTIFS

Crosshair marks. Hairline rules. Blinking cursor.

Three signature moves carry the forensic voice across every surface.

FRAME CORNERS

signal // targeting

CROSS GRID

forensic backdrop

LIVE CURSOR

$ cveh scan