Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Finding ¶
type Finding struct {
Rule string `json:"rule"`
Severity string `json:"severity"` // critical, high, medium, info
Confidence string `json:"confidence"` // high, medium, low
File string `json:"file"`
Line int `json:"line"`
Match string `json:"match"`
Message string `json:"message"`
}
Finding describes a single matched security rule.
type Report ¶
type Report struct {
Status string `json:"status"` // clean, info, warn, critical
Findings []Finding `json:"findings"`
Summary Summary `json:"summary"`
}
Report is the result of scanning a skill archive or content for security issues.
func ScanContent ¶
ScanContent scans a single file's content and returns a completed report.
type Rule ¶
type Rule struct {
Name string
Category string
Severity string
Confidence string
Pattern *regexp.Regexp
Message string
// Reject, when set, suppresses a match if the matched text also matches this
// pattern. Go's regexp (RE2) has no lookahead, so this is how a rule excludes
// placeholders/references (e.g. `password = "your-password-here"`) that would
// otherwise be false positives.
Reject *regexp.Regexp
}
Rule defines a single security detection rule with its pattern and metadata.
Source Files
Click to show internal directories.
Click to hide internal directories.