feat: initial open marketplace with llm-security, config-audit, ultraplan-local
This commit is contained in:
Kjell Tore Guttormsen
commit
f93d6abdae
380 changed files with 65935 additions and 0 deletions
188
plugins/llm-security/templates/archive/scan-report.md
Normal file
188
plugins/llm-security/templates/archive/scan-report.md
Normal file
|
|
@ -0,0 +1,188 @@
|
|||
# Security Scan Report
|
||||
|
||||
<!--
|
||||
TEMPLATE USAGE
|
||||
This is a reference document describing the expected output structure for `/security scan`.
|
||||
Agents and commands use this as a formatting guide — fill every section with real findings.
|
||||
Do NOT output placeholder text. If a section has no findings, write "None identified."
|
||||
-->
|
||||
|
||||
---
|
||||
|
||||
## Header
|
||||
|
||||
**Project:** [Name of the project or directory that was scanned]
|
||||
**Scan timestamp:** [ISO 8601 — e.g. 2026-02-19T14:03:22Z]
|
||||
**Scope:** [Absolute or relative path(s) passed to the scan command — e.g. `./plugins/llm-security` or `**/*.md, hooks/`]
|
||||
**Scan type:** [One of: full | secrets | injection | permissions | mcp | supply-chain]
|
||||
**Triggered by:** [Command invocation string — e.g. `/security scan ./plugins`]
|
||||
|
||||
---
|
||||
|
||||
## Executive Summary
|
||||
|
||||
| Field | Value |
|
||||
|-------|-------|
|
||||
| Verdict | [ALLOW / WARNING / BLOCK] |
|
||||
| Risk score | [0–100 integer] |
|
||||
| Critical findings | [count] |
|
||||
| High findings | [count] |
|
||||
| Medium findings | [count] |
|
||||
| Low findings | [count] |
|
||||
| Info findings | [count] |
|
||||
| Files scanned | [count] |
|
||||
| Scan duration | [e.g. 4.2 s] |
|
||||
|
||||
**Verdict rationale:** [1–2 sentences explaining why this verdict was chosen. BLOCK = at least one Critical; WARNING = High or multiple Medium; ALLOW = Low/Info only.]
|
||||
|
||||
---
|
||||
|
||||
## Findings
|
||||
|
||||
Findings are sorted Critical → High → Medium → Low → Info within each section.
|
||||
Each finding ID is formatted `SCN-[NNN]` (e.g. `SCN-001`).
|
||||
|
||||
### Critical
|
||||
|
||||
> No Critical findings — omit this section if empty.
|
||||
|
||||
| ID | Category | File / Location | Line | Description |
|
||||
|----|----------|-----------------|------|-------------|
|
||||
| SCN-001 | [Category — see list below] | [path/to/file.md] | [L42] | [Short description of the issue] |
|
||||
|
||||
**SCN-001 Detail**
|
||||
|
||||
- **Severity:** Critical
|
||||
- **Category:** [Secrets / Injection / Permissions / Supply Chain / MCP Trust / Destructive / Output Handling / Other]
|
||||
- **File:** [Full relative path]
|
||||
- **Line(s):** [Line range or N/A]
|
||||
- **OWASP LLM Reference:** [e.g. LLM02:2025 Sensitive Information Disclosure]
|
||||
- **Description:** [Full explanation of what was found and why it is a risk]
|
||||
- **Evidence:** [Exact excerpt or pattern that triggered the finding — redact actual secret values]
|
||||
- **Remediation:** [Concrete, actionable fix with example if applicable]
|
||||
|
||||
---
|
||||
|
||||
### High
|
||||
|
||||
> No High findings — omit this section if empty.
|
||||
|
||||
| ID | Category | File / Location | Line | Description |
|
||||
|----|----------|-----------------|------|-------------|
|
||||
| SCN-002 | [Category] | [path/to/file.md] | [L17] | [Short description] |
|
||||
|
||||
**SCN-002 Detail**
|
||||
|
||||
- **Severity:** High
|
||||
- **Category:** [Category]
|
||||
- **File:** [path]
|
||||
- **Line(s):** [range]
|
||||
- **OWASP LLM Reference:** [reference]
|
||||
- **Description:** [explanation]
|
||||
- **Evidence:** [excerpt]
|
||||
- **Remediation:** [fix]
|
||||
|
||||
---
|
||||
|
||||
### Medium
|
||||
|
||||
> No Medium findings — omit this section if empty.
|
||||
|
||||
| ID | Category | File / Location | Line | Description |
|
||||
|----|----------|-----------------|------|-------------|
|
||||
| SCN-003 | [Category] | [path/to/file.md] | [L5] | [Short description] |
|
||||
|
||||
*(Follow same detail block format as Critical/High above)*
|
||||
|
||||
---
|
||||
|
||||
### Low
|
||||
|
||||
> No Low findings — omit this section if empty.
|
||||
|
||||
| ID | Category | File / Location | Line | Description |
|
||||
|----|----------|-----------------|------|-------------|
|
||||
| SCN-004 | [Category] | [path/to/file.md] | [L88] | [Short description] |
|
||||
|
||||
*(Follow same detail block format)*
|
||||
|
||||
---
|
||||
|
||||
### Info
|
||||
|
||||
> Informational observations that do not require immediate action.
|
||||
|
||||
| ID | Category | File / Location | Observation |
|
||||
|----|----------|-----------------|-------------|
|
||||
| SCN-005 | [Category] | [path/to/file.md] | [Observation] |
|
||||
|
||||
---
|
||||
|
||||
## Supply Chain Assessment
|
||||
|
||||
> Include this section when scan type is `supply-chain`, `mcp`, or `full`.
|
||||
> Omit for narrow scans (e.g. secrets-only).
|
||||
|
||||
| Component | Type | Source | Trust score | Notes |
|
||||
|-----------|------|--------|-------------|-------|
|
||||
| [plugin-name / mcp-server-name] | [Plugin / MCP / Hook] | [URL or local path] | [0–10] | [Verification status] |
|
||||
|
||||
**Source verification:** [Were sources verified against known-good hashes, npm provenance, or GitHub releases? Describe outcome.]
|
||||
|
||||
**Permissions analysis:**
|
||||
- Requested tools: [list]
|
||||
- Minimum necessary tools: [list]
|
||||
- Over-permissioned: [Yes / No — explain if Yes]
|
||||
|
||||
**Supply chain risk summary:** [1–3 sentences on overall supply chain health]
|
||||
|
||||
---
|
||||
|
||||
## Recommendations
|
||||
|
||||
Prioritized by risk. Address Critical and High items before merge/deploy.
|
||||
|
||||
| Priority | Finding ID(s) | Action | Effort |
|
||||
|----------|---------------|--------|--------|
|
||||
| 1 | SCN-001 | [Actionable step] | [Low / Medium / High] |
|
||||
| 2 | SCN-002 | [Actionable step] | [Low / Medium / High] |
|
||||
| 3 | SCN-003, SCN-004 | [Actionable step] | [Low / Medium / High] |
|
||||
|
||||
**Quick wins (< 5 min):** [List any findings that can be fixed in under 5 minutes — e.g. removing a hardcoded token, adding a `.gitignore` entry]
|
||||
|
||||
---
|
||||
|
||||
## Footer
|
||||
|
||||
| Field | Value |
|
||||
|-------|-------|
|
||||
| llm-security version | [e.g. 0.1.0] |
|
||||
| Scan engine | llm-security skill-scanner-agent / mcp-scanner-agent |
|
||||
| Scan duration | [e.g. 4.2 s] |
|
||||
| OWASP references | LLM Top 10 2025, Agentic AI Top 10 |
|
||||
| Report generated | [ISO 8601 timestamp] |
|
||||
|
||||
---
|
||||
|
||||
<!--
|
||||
CATEGORY REFERENCE (for agents filling in this template)
|
||||
Use exactly one of these category labels per finding:
|
||||
|
||||
- Secrets — hardcoded credentials, tokens, API keys, private keys
|
||||
- Injection — prompt injection, command injection, path traversal
|
||||
- Permissions — over-permissioned tools, missing deny-first, excessive scope
|
||||
- Supply Chain — unverified plugin/MCP sources, typosquatting, unsigned packages
|
||||
- MCP Trust — unsafe MCP server config, missing auth, data leakage via MCP
|
||||
- Destructive — commands that delete, overwrite, or corrupt data/state
|
||||
- Output Handling — sensitive data in outputs, logs, or artifacts
|
||||
- Other — anything that does not fit the categories above
|
||||
|
||||
VERDICT DECISION LOGIC
|
||||
- BLOCK : 1 or more Critical findings
|
||||
- WARNING : 1 or more High findings, OR 3 or more Medium findings
|
||||
- ALLOW : Low and Info findings only, zero Critical/High/Medium
|
||||
|
||||
RISK SCORE FORMULA (0–100)
|
||||
(Critical * 25) + (High * 10) + (Medium * 4) + (Low * 1)
|
||||
Capped at 100. Round to nearest integer.
|
||||
-->
|
||||
Loading…
Add table
Add a link
Reference in a new issue