report

package
v1.0.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 11, 2026 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MCPTrustTrusted     = "trusted"
	MCPTrustBlocked     = "blocked"
	MCPTrustUnreviewed  = "unreviewed"
	MCPTrustUnavailable = "unavailable"
)
View Source 
const (
	SectionHeadline    = "headline_posture"
	SectionMethodology = "methodology"
	SectionTopRisks    = "top_prioritized_risks"
	SectionChanges     = "change_since_previous"
	SectionLifecycle   = "lifecycle_actions"
	SectionProof       = "proof_verification_footer"
	SectionNextAction  = "next_actions"
)
View Source 
const SummaryVersion = "v1"

Variables

This section is empty.

Functions

func IsComplianceSummaryError added in v1.0.8 

func IsComplianceSummaryError(err error) bool

func MCPVisibilityWarnings added in v1.0.8 

func MCPVisibilityWarnings(findings []source.Finding) []string

func MarkdownLines 

func MarkdownLines(markdown string) []string

func PublicSanitizeFindings 

func PublicSanitizeFindings(in []risk.ScoredFinding) []risk.ScoredFinding

func RenderCampaignPublicMarkdown added in v1.0.2 

func RenderCampaignPublicMarkdown(artifact CampaignArtifact) string

func RenderMarkdown 

func RenderMarkdown(summary Summary) string

func ResolveGeneratedAtForCLI added in v1.0.8 

func ResolveGeneratedAtForCLI(snapshot state.Snapshot, generatedAt time.Time) time.Time

func SelectTopFindings 

func SelectTopFindings(report risk.Report, requested int) []risk.ScoredFinding

Types

type AttackPathSummary added in v1.0.5 

type AttackPathSummary struct {
	Total      int      `json:"total"`
	TopPathIDs []string `json:"top_path_ids"`
}

type BuildInput 

type BuildInput struct {
	GeneratedAt      time.Time
	StatePath        string
	Snapshot         state.Snapshot
	PreviousSnapshot *state.Snapshot
	Baseline         *regress.Baseline
	RegressResult    *regress.Result
	Manifest         *manifest.Manifest
	Top              int
	Template         Template
	ShareProfile     ShareProfile
}

type CampaignArtifact added in v1.0.2 

type CampaignArtifact struct {
	SchemaVersion string               `json:"schema_version"`
	GeneratedAt   string               `json:"generated_at"`
	InputGlob     string               `json:"input_glob,omitempty"`
	Methodology   CampaignMethodology  `json:"methodology"`
	Metrics       CampaignMetrics      `json:"metrics"`
	Segments      CampaignSegments     `json:"segments"`
	Scans         []CampaignScanResult `json:"scans"`
}

func AggregateCampaign added in v1.0.2 

func AggregateCampaign(inputs []CampaignScanInput, generatedAt time.Time) CampaignArtifact

func AggregateCampaignWithOptions added in v1.0.2 

func AggregateCampaignWithOptions(inputs []CampaignScanInput, generatedAt time.Time, opts CampaignOptions) CampaignArtifact

type CampaignDetector added in v1.0.2 

type CampaignDetector struct {
	ID           string `json:"id"`
	Version      string `json:"version"`
	FindingCount int    `json:"finding_count"`
}

type CampaignMethodology added in v1.0.2 

type CampaignMethodology struct {
	WrkrVersion        string             `json:"wrkr_version"`
	ScanCount          int                `json:"scan_count"`
	RepoCount          int                `json:"repo_count"`
	FileCountProcessed int                `json:"file_count_processed"`
	Detectors          []CampaignDetector `json:"detectors"`
}

type CampaignMetrics added in v1.0.2 

type CampaignMetrics struct {
	ReposScanned          int      `json:"repos_scanned"`
	ToolsDetectedTotal    int      `json:"tools_detected_total"`
	WriteCapableTools     int      `json:"write_capable_tools"`
	CredentialAccessTools int      `json:"credential_access_tools"`
	ExecCapableTools      int      `json:"exec_capable_tools"`
	ApprovedTools         int      `json:"approved_tools"`
	UnapprovedTools       int      `json:"unapproved_tools"`
	UnknownTools          int      `json:"unknown_tools"`
	ApprovedPercent       float64  `json:"approved_percent"`
	UnapprovedPercent     float64  `json:"unapproved_percent"`
	UnknownPercent        float64  `json:"unknown_percent"`
	UnapprovedPerApproved *float64 `json:"unapproved_per_approved"`
	ProductionWriteStatus string   `json:"production_write_status"`
	ProductionWriteTools  *int     `json:"production_write_tools"`
}

type CampaignOptions added in v1.0.2 

type CampaignOptions struct {
	SegmentMetadata map[string]SegmentMetadata
}

type CampaignScanInput added in v1.0.2 

type CampaignScanInput struct {
	Path            string
	Target          source.Target
	SourceManifest  source.Manifest
	Inventory       *agginventory.Inventory
	PrivilegeBudget agginventory.PrivilegeBudget
	Findings        []source.Finding
}

type CampaignScanResult added in v1.0.2 

type CampaignScanResult struct {
	Path                 string `json:"path"`
	TargetMode           string `json:"target_mode"`
	TargetValue          string `json:"target_value"`
	RepoCount            int    `json:"repo_count"`
	ToolsDetected        int    `json:"tools_detected"`
	WriteCapableTools    int    `json:"write_capable_tools"`
	CredentialAccessTool int    `json:"credential_access_tools"`
	ExecCapableTools     int    `json:"exec_capable_tools"`
}

type CampaignSegmentBucket added in v1.0.2 

type CampaignSegmentBucket struct {
	Segment   string `json:"segment"`
	OrgCount  int    `json:"org_count"`
	ToolCount int    `json:"tool_count"`
}

type CampaignSegments added in v1.0.2 

type CampaignSegments struct {
	OrgSizeBands  []CampaignSegmentBucket `json:"org_size_bands"`
	IndustryBands []CampaignSegmentBucket `json:"industry_bands"`
}

type ChecklistItem 

type ChecklistItem struct {
	ID   string `json:"id"`
	Text string `json:"text"`
}

type DeltaMetric 

type DeltaMetric struct {
	Current     float64 `json:"current"`
	Previous    float64 `json:"previous"`
	Delta       float64 `json:"delta"`
	HasPrevious bool    `json:"has_previous"`
}

type DeltaSummary 

type DeltaSummary struct {
	RiskScoreTrend         DeltaMetric `json:"risk_score_trend"`
	ProfileComplianceDelta DeltaMetric `json:"profile_compliance_delta"`
	PostureScoreTrend      DeltaMetric `json:"posture_score_trend_delta"`
}

type Headline 

type Headline struct {
	Score            float64 `json:"score"`
	Grade            string  `json:"grade"`
	ComplianceStatus string  `json:"compliance_status"`
	Compliance       float64 `json:"compliance_percent"`
}

type LifecycleSummary 

type LifecycleSummary struct {
	IdentityCount      int                   `json:"identity_count"`
	UnderReviewCount   int                   `json:"under_review_count"`
	RevokedCount       int                   `json:"revoked_count"`
	DeprecatedCount    int                   `json:"deprecated_count"`
	PendingActionCount int                   `json:"pending_action_count"`
	RecentTransitions  []LifecycleTransition `json:"recent_transitions"`
}

type LifecycleTransition 

type LifecycleTransition struct {
	AgentID       string `json:"agent_id"`
	PreviousState string `json:"previous_state"`
	NewState      string `json:"new_state"`
	Trigger       string `json:"trigger"`
	Timestamp     string `json:"timestamp"`
}

type MCPList added in v1.0.8 

type MCPList struct {
	Status      string       `json:"status"`
	GeneratedAt string       `json:"generated_at"`
	Rows        []MCPListRow `json:"rows"`
	Warnings    []string     `json:"warnings,omitempty"`
}

func BuildMCPList added in v1.0.8 

func BuildMCPList(snapshot state.Snapshot, generatedAt time.Time, overlayPath string, allowAmbientOverlay bool) MCPList

type MCPListRow added in v1.0.8 

type MCPListRow struct {
	ServerName           string   `json:"server_name"`
	Org                  string   `json:"org"`
	Repo                 string   `json:"repo"`
	Location             string   `json:"location"`
	Transport            string   `json:"transport"`
	RequestedPermissions []string `json:"requested_permissions,omitempty"`
	PrivilegeSurface     []string `json:"privilege_surface,omitempty"`
	GatewayCoverage      string   `json:"gateway_coverage"`
	TrustStatus          string   `json:"trust_status"`
	RiskNote             string   `json:"risk_note"`
}

type Methodology added in v1.0.2 

type Methodology struct {
	WrkrVersion         string   `json:"wrkr_version"`
	ScanStartedAt       string   `json:"scan_started_at"`
	ScanCompletedAt     string   `json:"scan_completed_at"`
	ScanDurationSeconds float64  `json:"scan_duration_seconds"`
	RepoCount           int      `json:"repo_count"`
	FileCountProcessed  int      `json:"file_count_processed"`
	DetectorCount       int      `json:"detector_count"`
	CommandSet          []string `json:"command_set"`
	SampleDefinition    string   `json:"sample_definition"`
	ExclusionCriteria   []string `json:"exclusion_criteria"`
}

type ProofReference 

type ProofReference struct {
	ChainPath            string            `json:"chain_path"`
	HeadHash             string            `json:"head_hash"`
	RecordCount          int               `json:"record_count"`
	RecordTypeCounts     []RecordTypeCount `json:"record_type_counts"`
	CanonicalFindingKeys []string          `json:"canonical_finding_keys"`
}

type ReasonGroup 

type ReasonGroup struct {
	Code  string `json:"code"`
	Count int    `json:"count"`
}

type RecordTypeCount 

type RecordTypeCount struct {
	RecordType string `json:"record_type"`
	Count      int    `json:"count"`
}

type RegressSummary 

type RegressSummary struct {
	BaselineProvided bool          `json:"baseline_provided"`
	DriftDetected    bool          `json:"drift_detected"`
	ReasonCount      int           `json:"reason_count"`
	ReasonGroups     []ReasonGroup `json:"reason_groups"`
}

type RiskItem 

type RiskItem struct {
	Rank         int      `json:"rank"`
	CanonicalKey string   `json:"canonical_key"`
	Score        float64  `json:"risk_score"`
	FindingType  string   `json:"finding_type"`
	Severity     string   `json:"severity"`
	ToolType     string   `json:"tool_type"`
	Org          string   `json:"org"`
	Repo         string   `json:"repo"`
	Location     string   `json:"location"`
	Rationale    []string `json:"rationale"`
	Remediation  string   `json:"remediation"`
}

type Section 

type Section struct {
	ID     string         `json:"id"`
	Title  string         `json:"title"`
	Facts  []string       `json:"facts"`
	Impact string         `json:"impact"`
	Action string         `json:"action"`
	Proof  ProofReference `json:"proof"`
}

type SegmentMetadata added in v1.0.2 

type SegmentMetadata struct {
	Industry string
	SizeBand string
}

type ShareProfile 

type ShareProfile string
const (
	ShareProfileInternal ShareProfile = "internal"
	ShareProfilePublic   ShareProfile = "public"
)

func ParseShareProfile 

func ParseShareProfile(raw string) (ShareProfile, bool)

type Summary 

type Summary struct {
	SummaryVersion    string                       `json:"summary_version"`
	GeneratedAt       string                       `json:"generated_at"`
	Template          string                       `json:"template"`
	ShareProfile      string                       `json:"share_profile"`
	SectionOrder      []string                     `json:"section_order"`
	Sections          []Section                    `json:"sections"`
	Headline          Headline                     `json:"headline"`
	Methodology       Methodology                  `json:"methodology"`
	TopRisks          []RiskItem                   `json:"top_risks"`
	PrivilegeBudget   agginventory.PrivilegeBudget `json:"privilege_budget"`
	Deltas            DeltaSummary                 `json:"deltas"`
	Lifecycle         LifecycleSummary             `json:"lifecycle"`
	RegressDrift      *RegressSummary              `json:"regress_drift,omitempty"`
	AttackPaths       AttackPathSummary            `json:"attack_paths"`
	ComplianceSummary compliance.RollupSummary     `json:"compliance_summary"`
	Proof             ProofReference               `json:"proof"`
	NextActions       []ChecklistItem              `json:"next_actions"`
}

func BuildSummary 

func BuildSummary(in BuildInput) (Summary, error)

BuildSummary composes deterministic report sections from scan, risk, score, lifecycle, regress, and proof data. Non-goal guardrail: this path must remain deterministic and non-generative.

type Template 

type Template string
const (
	TemplateExec     Template = "exec"
	TemplateOperator Template = "operator"
	TemplateAudit    Template = "audit"
	TemplatePublic   Template = "public"
)

func ParseTemplate 

func ParseTemplate(raw string) (Template, bool)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.