Add /ultraresearch-local for structured research combining local codebase analysis with external knowledge via parallel agent swarms. Produces research briefs with triangulation, confidence ratings, and source quality assessment. New command: /ultraresearch-local with modes --quick, --local, --external, --fg. New agents: research-orchestrator (opus), docs-researcher, community-researcher, security-researcher, contrarian-researcher, gemini-bridge (all sonnet). New template: research-brief-template.md. Integration: --research flag in /ultraplan-local accepts pre-built research briefs (up to 3), enriches the interview and exploration phases. Planning orchestrator cross-references brief findings during synthesis. Design principle: Context Engineering — right information to right agent at right time. Research briefs are structured artifacts in the pipeline: ultraresearch → brief → ultraplan --research → plan → ultraexecute. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
188 lines
6.1 KiB
Markdown
188 lines
6.1 KiB
Markdown
# Security Scan Report
|
||
|
||
<!--
|
||
TEMPLATE USAGE
|
||
This is a reference document describing the expected output structure for `/security scan`.
|
||
Agents and commands use this as a formatting guide — fill every section with real findings.
|
||
Do NOT output placeholder text. If a section has no findings, write "None identified."
|
||
-->
|
||
|
||
---
|
||
|
||
## Header
|
||
|
||
**Project:** [Name of the project or directory that was scanned]
|
||
**Scan timestamp:** [ISO 8601 — e.g. 2026-02-19T14:03:22Z]
|
||
**Scope:** [Absolute or relative path(s) passed to the scan command — e.g. `./plugins/llm-security` or `**/*.md, hooks/`]
|
||
**Scan type:** [One of: full | secrets | injection | permissions | mcp | supply-chain]
|
||
**Triggered by:** [Command invocation string — e.g. `/security scan ./plugins`]
|
||
|
||
---
|
||
|
||
## Executive Summary
|
||
|
||
| Field | Value |
|
||
|-------|-------|
|
||
| Verdict | [ALLOW / WARNING / BLOCK] |
|
||
| Risk score | [0–100 integer] |
|
||
| Critical findings | [count] |
|
||
| High findings | [count] |
|
||
| Medium findings | [count] |
|
||
| Low findings | [count] |
|
||
| Info findings | [count] |
|
||
| Files scanned | [count] |
|
||
| Scan duration | [e.g. 4.2 s] |
|
||
|
||
**Verdict rationale:** [1–2 sentences explaining why this verdict was chosen. BLOCK = at least one Critical; WARNING = High or multiple Medium; ALLOW = Low/Info only.]
|
||
|
||
---
|
||
|
||
## Findings
|
||
|
||
Findings are sorted Critical → High → Medium → Low → Info within each section.
|
||
Each finding ID is formatted `SCN-[NNN]` (e.g. `SCN-001`).
|
||
|
||
### Critical
|
||
|
||
> No Critical findings — omit this section if empty.
|
||
|
||
| ID | Category | File / Location | Line | Description |
|
||
|----|----------|-----------------|------|-------------|
|
||
| SCN-001 | [Category — see list below] | [path/to/file.md] | [L42] | [Short description of the issue] |
|
||
|
||
**SCN-001 Detail**
|
||
|
||
- **Severity:** Critical
|
||
- **Category:** [Secrets / Injection / Permissions / Supply Chain / MCP Trust / Destructive / Output Handling / Other]
|
||
- **File:** [Full relative path]
|
||
- **Line(s):** [Line range or N/A]
|
||
- **OWASP LLM Reference:** [e.g. LLM02:2025 Sensitive Information Disclosure]
|
||
- **Description:** [Full explanation of what was found and why it is a risk]
|
||
- **Evidence:** [Exact excerpt or pattern that triggered the finding — redact actual secret values]
|
||
- **Remediation:** [Concrete, actionable fix with example if applicable]
|
||
|
||
---
|
||
|
||
### High
|
||
|
||
> No High findings — omit this section if empty.
|
||
|
||
| ID | Category | File / Location | Line | Description |
|
||
|----|----------|-----------------|------|-------------|
|
||
| SCN-002 | [Category] | [path/to/file.md] | [L17] | [Short description] |
|
||
|
||
**SCN-002 Detail**
|
||
|
||
- **Severity:** High
|
||
- **Category:** [Category]
|
||
- **File:** [path]
|
||
- **Line(s):** [range]
|
||
- **OWASP LLM Reference:** [reference]
|
||
- **Description:** [explanation]
|
||
- **Evidence:** [excerpt]
|
||
- **Remediation:** [fix]
|
||
|
||
---
|
||
|
||
### Medium
|
||
|
||
> No Medium findings — omit this section if empty.
|
||
|
||
| ID | Category | File / Location | Line | Description |
|
||
|----|----------|-----------------|------|-------------|
|
||
| SCN-003 | [Category] | [path/to/file.md] | [L5] | [Short description] |
|
||
|
||
*(Follow same detail block format as Critical/High above)*
|
||
|
||
---
|
||
|
||
### Low
|
||
|
||
> No Low findings — omit this section if empty.
|
||
|
||
| ID | Category | File / Location | Line | Description |
|
||
|----|----------|-----------------|------|-------------|
|
||
| SCN-004 | [Category] | [path/to/file.md] | [L88] | [Short description] |
|
||
|
||
*(Follow same detail block format)*
|
||
|
||
---
|
||
|
||
### Info
|
||
|
||
> Informational observations that do not require immediate action.
|
||
|
||
| ID | Category | File / Location | Observation |
|
||
|----|----------|-----------------|-------------|
|
||
| SCN-005 | [Category] | [path/to/file.md] | [Observation] |
|
||
|
||
---
|
||
|
||
## Supply Chain Assessment
|
||
|
||
> Include this section when scan type is `supply-chain`, `mcp`, or `full`.
|
||
> Omit for narrow scans (e.g. secrets-only).
|
||
|
||
| Component | Type | Source | Trust score | Notes |
|
||
|-----------|------|--------|-------------|-------|
|
||
| [plugin-name / mcp-server-name] | [Plugin / MCP / Hook] | [URL or local path] | [0–10] | [Verification status] |
|
||
|
||
**Source verification:** [Were sources verified against known-good hashes, npm provenance, or GitHub releases? Describe outcome.]
|
||
|
||
**Permissions analysis:**
|
||
- Requested tools: [list]
|
||
- Minimum necessary tools: [list]
|
||
- Over-permissioned: [Yes / No — explain if Yes]
|
||
|
||
**Supply chain risk summary:** [1–3 sentences on overall supply chain health]
|
||
|
||
---
|
||
|
||
## Recommendations
|
||
|
||
Prioritized by risk. Address Critical and High items before merge/deploy.
|
||
|
||
| Priority | Finding ID(s) | Action | Effort |
|
||
|----------|---------------|--------|--------|
|
||
| 1 | SCN-001 | [Actionable step] | [Low / Medium / High] |
|
||
| 2 | SCN-002 | [Actionable step] | [Low / Medium / High] |
|
||
| 3 | SCN-003, SCN-004 | [Actionable step] | [Low / Medium / High] |
|
||
|
||
**Quick wins (< 5 min):** [List any findings that can be fixed in under 5 minutes — e.g. removing a hardcoded token, adding a `.gitignore` entry]
|
||
|
||
---
|
||
|
||
## Footer
|
||
|
||
| Field | Value |
|
||
|-------|-------|
|
||
| llm-security version | [e.g. 0.1.0] |
|
||
| Scan engine | llm-security skill-scanner-agent / mcp-scanner-agent |
|
||
| Scan duration | [e.g. 4.2 s] |
|
||
| OWASP references | LLM Top 10 2025, Agentic AI Top 10 |
|
||
| Report generated | [ISO 8601 timestamp] |
|
||
|
||
---
|
||
|
||
<!--
|
||
CATEGORY REFERENCE (for agents filling in this template)
|
||
Use exactly one of these category labels per finding:
|
||
|
||
- Secrets — hardcoded credentials, tokens, API keys, private keys
|
||
- Injection — prompt injection, command injection, path traversal
|
||
- Permissions — over-permissioned tools, missing deny-first, excessive scope
|
||
- Supply Chain — unverified plugin/MCP sources, typosquatting, unsigned packages
|
||
- MCP Trust — unsafe MCP server config, missing auth, data leakage via MCP
|
||
- Destructive — commands that delete, overwrite, or corrupt data/state
|
||
- Output Handling — sensitive data in outputs, logs, or artifacts
|
||
- Other — anything that does not fit the categories above
|
||
|
||
VERDICT DECISION LOGIC
|
||
- BLOCK : 1 or more Critical findings
|
||
- WARNING : 1 or more High findings, OR 3 or more Medium findings
|
||
- ALLOW : Low and Info findings only, zero Critical/High/Medium
|
||
|
||
RISK SCORE FORMULA (0–100)
|
||
(Critical * 25) + (High * 10) + (Medium * 4) + (Low * 1)
|
||
Capped at 100. Round to nearest integer.
|
||
-->
|