From 899cb5c121f732628f705162e9dc67c4e8ce35b9 Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Wed, 29 Apr 2026 12:45:28 +0200 Subject: [PATCH] =?UTF-8?q?fix(llm-security):=20template=20=E2=80=94=20v1?= =?UTF-8?q?=20=E2=86=92=20v2=20risk=20constants=20+=20narrative=5Faudit=20?= =?UTF-8?q?block?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updates the HTML-comment risk-formula reference at lines 55-66 from the stale v1 sum-and-cap formula to the v2 severity-dominated tiers that have been authoritative in scanners/lib/severity.mjs since v7.0.0. Adds a Narrative Audit block inside the Executive Summary section surfacing summary.narrative_audit.suppressed_findings.{count,by_category} from the agent's trailing JSON. The block is transparency only — it does NOT affect risk_score, riskBand, or verdict. Part of v7.1.1 narrative-coherence patch (plan: .claude/plans/ultraplan-2026-04-29-report-coherence.md). Co-Authored-By: Claude Opus 4.7 --- .../llm-security/templates/unified-report.md | 47 ++++++++++++++----- 1 file changed, 36 insertions(+), 11 deletions(-) diff --git a/plugins/llm-security/templates/unified-report.md b/plugins/llm-security/templates/unified-report.md index 75016bf..ca1ba31 100644 --- a/plugins/llm-security/templates/unified-report.md +++ b/plugins/llm-security/templates/unified-report.md @@ -52,17 +52,29 @@ Rollback | - | - | - | - | - | Recommendations | Y | Y | - | Y | Y | - | - | Y | - Footer | Y | Y | Y | Y | Y | Y | Y | Y | Y -RISK SCORING (unified — all analysis types) - Formula: score = min((Critical × 25) + (High × 10) + (Medium × 4) + (Low × 1), 100) - Bands: 0-20 Low, 21-40 Medium, 41-60 High, 61-80 Critical, 81-100 Extreme - Verdict: BLOCK if Critical >= 1 OR score >= 61 - WARNING if High >= 1 OR score >= 21 - ALLOW otherwise - Grade: A: pass_rate >= 0.89 AND zero FAIL in cat 1,2,5 AND zero Critical - B: pass_rate >= 0.72 AND zero Critical - C: pass_rate >= 0.56 - D: pass_rate >= 0.33 - F: pass_rate < 0.33 OR 3+ Critical +RISK SCORING (v2 — severity-dominated, log-scaled, v7.0.0+) + See scanners/lib/severity.mjs riskScore(), verdict(), riskBand() — + this comment block is reference only; severity.mjs is authoritative. + + Tiers (riskScore): + critical >= 1 → 70-95 (1=80, 2=86, 4=93, 10=95) + high only → 40-65 (1=48, 5=60, 17=65) + medium only → 15-35 (1=20, 5=28, 50=33) + low only → 1-11 (1=4, 10=11) + none → 0 + + Bands (riskBand): 0-14 Low, 15-39 Medium, 40-64 High, 65-84 Critical, 85-100 Extreme + + Verdict: BLOCK if critical>=1 OR score>=65 + WARNING if high>=1 OR score>=15 + ALLOW otherwise + + Grade (gradeFromPassRate, posture/audit only): + A: pass_rate >= 0.89 AND zero FAIL in cat 1,2,5 AND zero Critical + B: pass_rate >= 0.72 AND zero Critical + C: pass_rate >= 0.56 + D: pass_rate >= 0.33 + F: pass_rate < 0.33 OR 3+ Critical FINDING CATEGORIES Secrets, Injection, Permissions, Supply Chain, MCP Trust, @@ -124,6 +136,19 @@ SEVERITY CLASSIFICATION {{EXECUTIVE_SUMMARY}} + + +### Narrative Audit + +**Suppressed signals:** {{SUPPRESSED_FINDINGS_COUNT}} ({{SUPPRESSED_FINDINGS_BREAKDOWN}}) + +> Per `summary.narrative_audit.suppressed_findings`. Suppressed signals +> are raw extractor matches (entropy, frontmatter, taint) that the agent +> downgraded after context evaluation (e.g., GLSL keywords, framework +> env-var references, animation markup, SVG inline data URIs). They do +> NOT appear in the Findings sections and do NOT affect risk_score or +> verdict. The category breakdown is for reviewer transparency only. + ---