audit

package

v0.0.22 Latest Latest Go to latest Published: Apr 17, 2026 License: MIT Imports: 7 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/dimetron/pi-go

Links

Open Source Insights

Documentation ¶

Index ¶

func ExitCode(findings []ScanFinding) int
func FormatJSON(result *ScanResult) (string, error)
func FormatMarkdown(result *ScanResult) string
func FormatText(result *ScanResult, verbose bool) string
func StripDangerous(content string) string
func StripFile(path string) error
type ScanFinding
type ScanResult
type Severity
- func Classify(findings []ScanFinding) Severity
- func (s Severity) String() string

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ExitCode ¶

func ExitCode(findings []ScanFinding) int

ExitCode returns the appropriate exit code for the findings. 0=clean/info, 1=critical, 2=warnings only.

func FormatJSON ¶

func FormatJSON(result *ScanResult) (string, error)

FormatJSON renders scan results as JSON.

func FormatMarkdown ¶

func FormatMarkdown(result *ScanResult) string

FormatMarkdown renders scan results as a GitHub-flavored markdown table.

func FormatText ¶

func FormatText(result *ScanResult, verbose bool) string

FormatText renders scan results as a terminal-friendly table. If verbose is false, info-level findings are filtered out.

func StripDangerous ¶

func StripDangerous(content string) string

StripDangerous removes critical and warning characters from content, preserving ZWJ in emoji sequences and info-level characters.

func StripFile ¶

func StripFile(path string) error

StripFile reads a file, strips dangerous characters, and writes it back. Creates a .bak backup before modifying.

Types ¶

type ScanFinding ¶

type ScanFinding struct {
	File        string   `json:"file"`
	Line        int      `json:"line"`
	Col         int      `json:"col"`
	Codepoint   string   `json:"codepoint"`
	Severity    Severity `json:"severity"`
	Description string   `json:"description"`
}

ScanFinding represents a single hidden character detected.

type ScanResult ¶

type ScanResult struct {
	Files    []string      `json:"files"`
	Findings []ScanFinding `json:"findings"`
}

ScanResult holds findings for one or more files.

func ScanFile ¶

func ScanFile(path string) (*ScanResult, error)

ScanFile reads a file and scans it for hidden characters.

func ScanSkillDirs ¶

func ScanSkillDirs(dirs ...string) (*ScanResult, error)

ScanSkillDirs discovers and scans all SKILL.md files in the given directories.

func ScanText ¶

func ScanText(content, filename string) *ScanResult

ScanText scans content for hidden Unicode characters. filename is used for reporting only.

func (*ScanResult) CountBySeverity ¶

func (r *ScanResult) CountBySeverity() (critical, warning, info int)

CountBySeverity returns counts for each severity level.

func (*ScanResult) HasCritical ¶

func (r *ScanResult) HasCritical() bool

HasCritical returns true if any finding is critical.

func (*ScanResult) HasWarning ¶

func (r *ScanResult) HasWarning() bool

HasWarning returns true if any finding is warning or higher.

type Severity ¶

type Severity int

Severity represents the severity level of a finding.

const (
	SeverityInfo     Severity = iota // unusual but not dangerous
	SeverityWarning                  // suspicious, skill still loads
	SeverityCritical                 // dangerous, skill should be blocked
)

func Classify ¶

func Classify(findings []ScanFinding) Severity

Classify returns the highest severity found in the findings.

func (Severity) String ¶

func (s Severity) String() string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL