llm-security/.llm-security-ignore
Kjell Tore Guttormsen f153f969a0 feat(ultraplan-local): v1.6.0 — /ultraresearch-local deep research command
Add /ultraresearch-local for structured research combining local codebase
analysis with external knowledge via parallel agent swarms. Produces research
briefs with triangulation, confidence ratings, and source quality assessment.

New command: /ultraresearch-local with modes --quick, --local, --external, --fg.
New agents: research-orchestrator (opus), docs-researcher, community-researcher,
security-researcher, contrarian-researcher, gemini-bridge (all sonnet).
New template: research-brief-template.md.

Integration: --research flag in /ultraplan-local accepts pre-built research
briefs (up to 3), enriches the interview and exploration phases. Planning
orchestrator cross-references brief findings during synthesis.

Design principle: Context Engineering — right information to right agent at
right time. Research briefs are structured artifacts in the pipeline:
ultraresearch → brief → ultraplan --research → plan → ultraexecute.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-08 08:58:35 +02:00

67 lines
2.2 KiB
Text

# .llm-security-ignore — Suppress expected findings when scanning this plugin
#
# Why 150 suppressed findings? A security plugin that documents attack patterns,
# ships a malicious demo fixture, and tests against deliberately evil code will
# trigger its own scanners. This is the "scanning the scanner" paradox:
#
# - examples/ contains an intentionally malicious plugin (the demo)
# - knowledge/ documents real attack regex patterns and example URLs
# - tests/ contain deliberate taint flows and suspicious URLs as test input
# - hooks/ and scanners/ contain high-entropy regex for secret detection
#
# Every suppression below is explained. Run without this file to see all 150.
#
# Format: SCANNER:glob or just glob (applies to all scanners)
# Scanners: UNI, ENT, PRM, DEP, TNT, GIT, NET, TFA
# Demo fixture: intentionally malicious (the whole point of the demo)
examples/**
# Test files contain deliberate malicious patterns as test input
TNT:tests/**
NET:tests/**
# Knowledge base documents attack patterns with example URLs and regex
ENT:knowledge/**
NET:knowledge/**
# Hook scripts contain high-entropy regex patterns and log strings
ENT:hooks/**
# Scanner code contains regex patterns that trigger entropy detection
ENT:scanners/**
# Injection patterns module contains injection keywords (by design)
TNT:scanners/lib/injection-patterns.mjs
# Command files contain long prompt strings
ENT:commands/**
# Permission findings: clean needs write tools (by design), deep-scan uses Bash
PRM:commands/**
PRM:agents/**
# Git findings: subtree split artifacts and commit message heuristics
GIT:**
# Network: README references to OWASP, Anthropic, research papers
NET:README.md
# Network: agent docs reference example domains for documentation
NET:agents/**
# Network: supply-chain hook legitimately contacts osv.dev and socket.dev
NET:hooks/**
# Orchestrator legitimately writes log file from argv path
TNT:scanners/scan-orchestrator.mjs
# Toxic flow: plugin commands/agents have Read+Bash access by design (it's a security scanner)
TFA:commands/**
TFA:agents/**
# Network: CLAUDE.md references public repo URL
NET:CLAUDE.md
# Baseline files: generated JSON with scan results (high entropy expected)
reports/baselines/**