@clear-capabilities/agentic-security-scanner 0.74.0

package/src/posture/waf-ingest.js

@@ -0,0 +1,200 @@
+// FR-PROD-1 — WAF rule-set ingest.
+//
+// Read a WAF rule set (Cloudflare custom rules JSON, AWS WAF JSON, ModSecurity
+// `.conf`, or a normalized YAML) from one of the conventional locations:
+//
+//   .agentic-security/waf-rules.{json,yml,yaml,conf}
+//   waf/rules.json
+//   cloudflare-rules.json
+//   aws-waf.json
+//
+// Build a list of `BlockRule { id, pattern, families }` where `families` is the
+// set of attack families this rule unambiguously blocks. Conservative under-
+// approximation: a finding is demoted to `mitigated-by-waf` only when its
+// family appears in some rule's families AND the rule does not depend on
+// runtime context the scanner cannot evaluate (e.g., per-customer rate
+// thresholds).
+//
+// The format is intentionally narrow because vendor WAF rule semantics differ.
+// We support these inputs:
+//
+//  Normalized YAML / JSON (recommended):
+//    rules:
+//      - id: cf-1
+//        pattern: 'SQLi attempt'
+//        families: ['sql-injection']
+//      - id: cf-2
+//        pattern: 'XSS reflected'
+//        families: ['xss']
+//
+//  Cloudflare custom-rule export (best-effort):
+//    [{ "id": "...", "expression": "...", "action": "block" }, ...]
+//    Family is inferred from the expression text via SIGNAL_PATTERNS.
+//
+//  AWS WAF list-rules JSON: same expression-based heuristic.
+
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+
+const CANDIDATE_PATHS = [
+  '.agentic-security/waf-rules.json',
+  '.agentic-security/waf-rules.yml',
+  '.agentic-security/waf-rules.yaml',
+  '.agentic-security/waf-rules.conf',
+  'waf/rules.json',
+  'cloudflare-rules.json',
+  'aws-waf.json',
+];
+
+const SIGNAL_PATTERNS = [
+  [/sqli|sql.injection|union.+select/i, 'sql-injection'],
+  [/xss|cross.site|<script|javascript:/i, 'xss'],
+  [/ssrf|169\.254\.169\.254|metadata.google|localhost.+request/i, 'ssrf'],
+  [/path.traversal|\.\.\//, 'path-traversal'],
+  [/command.injection|shell.injection|\$\(|system\(|exec\(/i, 'command-injection'],
+  [/xxe|external.entity|!ENTITY/i, 'xxe'],
+  [/csrf|cross.site request/i, 'csrf'],
+  [/open.redirect|url.redirect/i, 'open-redirect'],
+  [/log4shell|log4j|jndi/i, 'jndi'],
+  [/deserialization|gadget chain/i, 'unsafe-deserialization'],
+  [/rate.?limit|rate.limit/i, 'unbounded-llm'],
+  [/prompt.injection|jailbreak/i, 'prompt-injection'],
+];
+
+function inferFamilyFromExpression(expr) {
+  if (!expr || typeof expr !== 'string') return [];
+  const fams = new Set();
+  for (const [re, fam] of SIGNAL_PATTERNS) {
+    if (re.test(expr)) fams.add(fam);
+  }
+  return [...fams];
+}
+
+function parseNormalized(obj) {
+  const rules = Array.isArray(obj.rules) ? obj.rules : [];
+  return rules.map((r) => ({
+    id: r.id || r.name || 'unnamed',
+    pattern: r.pattern || r.description || '',
+    families: Array.isArray(r.families) ? r.families : inferFamilyFromExpression(r.pattern || ''),
+    vendor: r.vendor || 'normalized',
+  }));
+}
+
+function parseCloudflare(arr) {
+  return arr.filter(r => r && (r.action === 'block' || r.action === 'managed_challenge')).map((r) => ({
+    id: r.id || r.ref || 'cf-' + Math.random().toString(36).slice(2, 8),
+    pattern: r.description || r.expression || '',
+    families: inferFamilyFromExpression(r.expression || r.description || ''),
+    vendor: 'cloudflare',
+  }));
+}
+
+function parseAwsWaf(obj) {
+  const rules = obj.Rules || obj.rules || [];
+  return rules.map((r) => ({
+    id: r.Name || r.name || 'aws-' + Math.random().toString(36).slice(2, 8),
+    pattern: JSON.stringify(r.Statement || r.statement || {}).slice(0, 200),
+    families: inferFamilyFromExpression(JSON.stringify(r.Statement || r.statement || {})),
+    vendor: 'aws-waf',
+  })).filter(r => r.families.length > 0);
+}
+
+function parseYamlLike(text) {
+  // Tiny YAML subset parser — enough for our recommended shape. NOT a real
+  // YAML parser. Falls back to JSON.parse on failure.
+  try { return JSON.parse(text); } catch {}
+  const rules = [];
+  let current = null;
+  for (const raw of text.split(/\n/)) {
+    const ln = raw.replace(/#.*$/, '').replace(/\s+$/, '');
+    if (!ln.trim()) continue;
+    const dashMatch = /^\s*-\s+(\w+):\s*(.*)$/.exec(ln);
+    const kvMatch = /^\s+(\w+):\s*(.*)$/.exec(ln);
+    if (dashMatch) {
+      if (current) rules.push(current);
+      current = {};
+      current[dashMatch[1]] = parseScalar(dashMatch[2]);
+    } else if (kvMatch && current) {
+      current[kvMatch[1]] = parseScalar(kvMatch[2]);
+    }
+  }
+  if (current) rules.push(current);
+  return { rules };
+}
+
+function parseScalar(s) {
+  s = s.trim();
+  if (s === '' || s === '~' || s === 'null') return null;
+  if (/^\[.*\]$/.test(s)) {
+    return s.slice(1, -1).split(',').map(t => t.trim().replace(/^['"]|['"]$/g, '')).filter(Boolean);
+  }
+  return s.replace(/^['"]|['"]$/g, '');
+}
+
+export function loadWafRules(scanRoot) {
+  const root = scanRoot || process.cwd();
+  for (const rel of CANDIDATE_PATHS) {
+    const fp = path.join(root, rel);
+    if (!fs.existsSync(fp)) continue;
+    let text;
+    try { text = fs.readFileSync(fp, 'utf8'); } catch { continue; }
+    try {
+      const trimmed = text.trim();
+      if (trimmed.startsWith('[')) {
+        return parseCloudflare(JSON.parse(trimmed));
+      }
+      if (trimmed.startsWith('{')) {
+        const obj = JSON.parse(trimmed);
+        if (obj.Rules || obj.rules?.[0]?.Statement) return parseAwsWaf(obj);
+        if (obj.rules) return parseNormalized(obj);
+      }
+      // YAML-like
+      const parsed = parseYamlLike(text);
+      if (parsed && parsed.rules) return parseNormalized(parsed);
+    } catch {
+      // Fall through to next candidate.
+    }
+  }
+  return [];
+}
+
+function familyOf(f) {
+  if (f.family) return String(f.family).toLowerCase();
+  const v = (f.vuln || '').toLowerCase();
+  if (/sql.*injection/.test(v)) return 'sql-injection';
+  if (/command.*injection/.test(v)) return 'command-injection';
+  if (/xss|cross.site/.test(v)) return 'xss';
+  if (/ssrf/.test(v)) return 'ssrf';
+  if (/path.travers/.test(v)) return 'path-traversal';
+  if (/xxe/.test(v)) return 'xxe';
+  if (/csrf/.test(v)) return 'csrf';
+  if (/jndi|log4shell/.test(v)) return 'jndi';
+  if (/deserial/.test(v)) return 'unsafe-deserialization';
+  if (/open.redirect/.test(v)) return 'open-redirect';
+  if (/prompt injection/.test(v)) return 'prompt-injection';
+  if (/max_tokens|unbounded/.test(v)) return 'unbounded-llm';
+  return 'unknown';
+}
+
+export function annotateWafMitigation(findings, scanRoot) {
+  if (!Array.isArray(findings)) return { findings, rules: [] };
+  const rules = loadWafRules(scanRoot);
+  if (!rules.length) return { findings, rules };
+  const byFamily = new Map();
+  for (const r of rules) {
+    for (const fam of r.families) {
+      if (!byFamily.has(fam)) byFamily.set(fam, []);
+      byFamily.get(fam).push(r);
+    }
+  }
+  for (const f of findings) {
+    if (!f || typeof f !== 'object') continue;
+    const fam = familyOf(f);
+    if (!byFamily.has(fam)) continue;
+    const matched = byFamily.get(fam);
+    f.mitigatedByWaf = true;
+    f.wafRuleId = matched.map(r => `${r.vendor}:${r.id}`).join(',');
+    f.wafMatchedFamilies = [fam];
+  }
+  return { findings, rules };
+}

package/src/posture/why-fired.js

@@ -0,0 +1,141 @@
+// FR-UX-9 — Why-fired / why-didn't-fire transparency.
+//
+// Every finding emitted by the engine carries an implicit "I fired because
+// X." This module materializes that into an explicit provenance record so
+// the user can see exactly what produced the finding without reading the
+// scanner source. The provenance record is attached to `f.whyFired` and
+// surfaces in SARIF properties + the HTML report.
+//
+// We intentionally do NOT try to capture LLM prompt hashes here — those are
+// the llm-validator's responsibility and live on `f.validator_meta`. This
+// module captures the pre-validator path: which detector ran, what rule
+// matched, what evidence was present.
+//
+// The record shape:
+//   {
+//     detector:       'sast/sql-injection',
+//     ruleId:         'CWE-89',
+//     parser:         'JS' | 'IR-TAINT' | 'PYTHON' | ...,
+//     evidence: {
+//       sinkSnippet:  '...',
+//       sourceSnippet:'...',
+//       pathSteps:    [...],
+//       sanitizers:   [],          // if any were considered+rejected
+//       guards:       [],          // auth/RBAC checks observed
+//     },
+//     considered: {
+//       suppressionsApplied: [...],
+//       suppressionsSkipped: [...],
+//       reachabilityFilter:  'kept'|'demoted'|'unaffected',
+//       clusterCollapsed:    boolean,
+//       typeNarrowed:        boolean,
+//     },
+//     scanner: { rulesetVersion, packHash, modelId? }
+//   }
+//
+// `whyNotFired` is a separate API call — see `explainWhyNotFired`.
+
+function detectorOf(f) {
+  if (f.detector) return f.detector;
+  const fam = f.family || '';
+  const parser = f.parser || '';
+  if (parser === 'IR-TAINT') return 'dataflow/ir-taint';
+  if (parser === 'PYTHON' || /python/i.test(parser)) return 'sast/python';
+  if (parser === 'SCA') return 'sca/cve';
+  if (parser === 'SECRET') return 'secrets/entropy';
+  if (fam) return `sast/${fam.toLowerCase().replace(/\s+/g, '-')}`;
+  return 'sast/unknown';
+}
+
+function ruleOf(f) {
+  return f.ruleId || f.cwe || f.family || (f.vuln || '').slice(0, 40) || 'unknown-rule';
+}
+
+export function buildWhyFired(f, ctx = {}) {
+  if (!f || typeof f !== 'object') return null;
+  return {
+    detector: detectorOf(f),
+    ruleId: ruleOf(f),
+    parser: f.parser || 'pattern',
+    evidence: {
+      sinkSnippet: f.sink?.snippet || f.snippet || null,
+      sourceSnippet: f.source?.snippet || null,
+      pathSteps: Array.isArray(f.pathSteps) ? f.pathSteps.map(s => ({ type: s.type, label: s.label })) : [],
+      sanitizers: f.sanitizers || [],
+      guards: f.guards || [],
+    },
+    considered: {
+      suppressionsApplied: f._suppressionsApplied || [],
+      suppressionsSkipped: f._suppressionsSkipped || [],
+      reachabilityFilter: f.unreachable ? 'demoted' : (f.reachable === true ? 'kept' : 'unaffected'),
+      clusterCollapsed: !!f.clusterSize && f.clusterSize > 1,
+      typeNarrowed: !!f.typeNarrowed,
+      crownJewelTier: f.crownJewelTier || null,
+      mitigationVerdict: f.mitigationVerdict || null,
+    },
+    scanner: {
+      rulesetVersion: ctx.rulesetVersion || null,
+      packHash: ctx.packHash || null,
+      modelId: ctx.modelId || null,
+    },
+  };
+}
+
+export function annotateWhyFired(findings, ctx = {}) {
+  if (!Array.isArray(findings)) return findings;
+  for (const f of findings) {
+    if (!f || typeof f !== 'object') continue;
+    f.whyFired = buildWhyFired(f, ctx);
+  }
+  return findings;
+}
+
+// "Why didn't you fire CWE-X on this file?" — used by the /why-not slash
+// command. Given a target CWE and a project, surface what the engine considered
+// and why it did not emit. This is intentionally simple: it walks the file
+// contents, runs the family's regex set, and reports which patterns matched +
+// which suppressions / mitigations dropped them.
+export function explainWhyNotFired(targetCwe, fileContents, suppressions = []) {
+  const out = { cwe: targetCwe, considered: [], dropped: [] };
+  if (!targetCwe || !fileContents) return out;
+  const probes = WHY_NOT_PROBES[targetCwe] || [];
+  if (!probes.length) {
+    out.note = `No registered probe set for ${targetCwe}; cannot explain why-not from data.`;
+    return out;
+  }
+  for (const [fp, text] of Object.entries(fileContents)) {
+    if (!text || typeof text !== 'string') continue;
+    for (const probe of probes) {
+      probe.re.lastIndex = 0;
+      let m;
+      while ((m = probe.re.exec(text))) {
+        const line = text.slice(0, m.index).split('\n').length;
+        const entry = { file: fp, line, probe: probe.label, snippet: m[0].slice(0, 80) };
+        if (probe.suppress && probe.suppress(m[0], text)) {
+          out.dropped.push({ ...entry, reason: probe.suppressReason });
+        } else {
+          out.considered.push(entry);
+        }
+      }
+    }
+  }
+  return out;
+}
+
+const WHY_NOT_PROBES = {
+  'CWE-89': [
+    { label: 'sql-concat', re: /(?:SELECT|INSERT|UPDATE|DELETE)[^;]{0,200}\+\s*\w+/gi,
+      suppress: (m) => /\$\{[^}]+\}/.test(m) === false && /\?|\$\d+/.test(m),
+      suppressReason: 'parameterized-placeholder-present' },
+  ],
+  'CWE-78': [
+    { label: 'shell-exec', re: /\b(?:exec|spawn|spawnSync)\s*\([^)]*\+/g,
+      suppress: (m) => /\bsanitize\b|\bshellEscape\b/.test(m),
+      suppressReason: 'sanitizer-call-detected' },
+  ],
+  'CWE-79': [
+    { label: 'innerHTML-write', re: /\.innerHTML\s*=\s*[^;]+/g,
+      suppress: (m) => /\bDOMPurify\b|\bsanitize\b/.test(m),
+      suppressReason: 'sanitizer-present' },
+  ],
+};

package/src/pr-comment.js

@@ -0,0 +1,172 @@
+// Advisor-tone PR comment renderer (v0.72).
+//
+// Replaces the typical "12 findings detected, see SARIF" wall of text
+// with a single security-advisor's note:
+//
+//   "I noticed you added /api/admin/users in this PR. I checked 4 things:
+//    ✓ auth (route is behind requireAdmin)
+//    ⚠ rate-limit (no rateLimit() middleware found)
+//    ✓ input validation (express-validator chain present)
+//    ✓ audit log (logger.security() called on success path)
+//
+//    The rate-limit gap matters because /admin endpoints are common
+//    credential-stuffing targets. A 5-line fix:
+//
+//    ```js
+//    import rateLimit from 'express-rate-limit';
+//    app.use('/api/admin', rateLimit({ windowMs: 15*60_000, max: 30 }));
+//    ```"
+//
+// The pure-narrative format optimizes for SCREENSHOTABILITY — engineers
+// share security-tool comments that read like a person, not a table.
+//
+// Generation is deterministic (no LLM) for the v1: we render from the
+// delta + a per-CWE narrative template. A future v2 could optionally
+// route through an LLM for richer prose when AGENTIC_SECURITY_LLM_ENDPOINT
+// is configured.
+
+const SEVERITY_GLYPH = {
+  critical: '🟥',
+  high:     '🟧',
+  medium:   '🟨',
+  low:      '🟦',
+  info:     '⬜',
+};
+
+const CWE_NARRATIVE = {
+  'CWE-89':   { name: 'SQL injection',          why: 'A malicious payload like `1\' OR 1=1--` would dump every row.' },
+  'CWE-79':   { name: 'XSS',                    why: 'An attacker who controls this string can execute JavaScript in another user\'s browser.' },
+  'CWE-78':   { name: 'Command injection',      why: 'A `;rm -rf /` style payload would run with the privileges of your service account.' },
+  'CWE-22':   { name: 'path traversal',         why: 'A `../../etc/passwd` style payload would read files outside the intended directory.' },
+  'CWE-918':  { name: 'SSRF',                   why: 'An attacker can pivot to the cloud metadata endpoint (`169.254.169.254`) or internal services.' },
+  'CWE-502':  { name: 'insecure deserialization', why: 'A crafted payload triggers gadget chains — typically remote code execution.' },
+  'CWE-611':  { name: 'XXE',                    why: 'A malicious DOCTYPE can exfiltrate local files or trigger SSRF via entity expansion.' },
+  'CWE-94':   { name: 'template injection',     why: 'A `{{7*7}}` style payload escapes to the template engine\'s expression evaluator (often RCE).' },
+  'CWE-1321': { name: 'prototype pollution',    why: 'A `__proto__` injection can alter the behavior of every downstream object check.' },
+  'CWE-352':  { name: 'CSRF',                   why: 'A cross-origin form can trigger authenticated state changes without the user\'s knowledge.' },
+  'CWE-601':  { name: 'open redirect',          why: 'Trusted-domain bouncer for phishing — credentials get harvested on the second hop.' },
+  'CWE-113':  { name: 'HTTP response splitting', why: 'CR/LF injection lets an attacker forge an entire response, including cache poisoning.' },
+  'CWE-798':  { name: 'hardcoded secret',       why: 'Committed credentials are scraped by automated scanners minutes after a push.' },
+  'CWE-327':  { name: 'weak crypto',            why: 'Modern adversaries can crack MD5/SHA-1/RC4/3DES at practical cost.' },
+  'CWE-1333': { name: 'regex DoS',              why: 'A pathological input freezes the worker for seconds — DoS without much effort.' },
+  'CWE-90':   { name: 'LDAP injection',         why: 'An attacker can extend the filter to enumerate users or bypass auth.' },
+  'CWE-643':  { name: 'XPath injection',        why: 'A `\' or \'1\'=\'1` payload can return data the query never intended to expose.' },
+  'CWE-1336': { name: 'prompt injection',       why: 'Untrusted text in the LLM context can override your system prompt.' },
+  'CWE-269':  { name: 'privilege escalation',   why: 'A low-privilege actor can reach a higher-privilege capability through this surface.' },
+};
+
+function _topCwes(findings, n = 3) {
+  const counts = new Map();
+  for (const f of findings) {
+    const k = f.cwe || 'unknown';
+    counts.set(k, (counts.get(k) || 0) + 1);
+  }
+  return [...counts.entries()].sort((a, b) => b[1] - a[1]).slice(0, n);
+}
+
+function _route(f) {
+  // Best-effort: pull a route-ish string from the file path / vuln text.
+  // Many SAST findings carry the route via `f.route` or in the vuln name.
+  if (f.route) return f.route;
+  const m = (f.vuln || '').match(/\b(GET|POST|PUT|DELETE|PATCH)\s+([\/\w:-]+)/i);
+  if (m) return `${m[1].toUpperCase()} ${m[2]}`;
+  return null;
+}
+
+/**
+ * Top-level renderer. Takes a delta produced by `computePrDelta` and
+ * emits a Markdown string suitable for posting as a single PR comment.
+ *
+ * Mode is chosen automatically:
+ *   - "clean":     no introduced + (resolved > 0 || persistent > 0)
+ *   - "trivial":   no introduced + nothing resolved
+ *   - "needs-work": one or more introduced findings
+ */
+export function renderPrComment(delta, { repoName, prNumber, prTitle } = {}) {
+  if (!delta) return '_no security delta available_';
+  const intro = delta.introduced || [];
+  const resolved = delta.resolved || [];
+  const shifted = delta.shifted || [];
+  const heading = repoName && prNumber
+    ? `### 🛡 agentic-security on ${repoName}#${prNumber}`
+    : `### 🛡 agentic-security`;
+  if (intro.length === 0 && resolved.length === 0 && shifted.length === 0) {
+    return [
+      heading,
+      ``,
+      `No security delta from \`${delta.baseRef}\` → \`${delta.headRef}\`. ` +
+      `${delta.changedFiles.length} file${delta.changedFiles.length === 1 ? '' : 's'} touched; ` +
+      `nothing in those changes introduced or resolved a finding. **Safe to merge.**`,
+      ``,
+      `<sub>Scanned ${delta.head?.summary?.total ?? 0} pre-existing findings on the head ref ` +
+      `(${delta.base?.summary?.total ?? 0} on base) — none of them moved in this PR.</sub>`,
+    ].join('\n');
+  }
+  if (intro.length === 0 && (resolved.length || shifted.length)) {
+    const r = delta.summary?.resolved || {};
+    return [
+      heading,
+      ``,
+      `This PR **resolves** ${resolved.length} finding${resolved.length === 1 ? '' : 's'}` +
+      (r.critical || r.high ? ` (including ${r.critical} critical + ${r.high} high)` : '') +
+      ` and introduces **none**. Nice cleanup work — safe to merge. ✨`,
+      ``,
+      `<sub>${delta.changedFiles.length} file${delta.changedFiles.length === 1 ? '' : 's'} ` +
+      `touched between \`${delta.baseRef}\` and \`${delta.headRef}\`.</sub>`,
+    ].join('\n');
+  }
+  // needs-work mode: narrative + per-finding paragraphs.
+  const lines = [];
+  lines.push(heading);
+  lines.push('');
+  const topCwes = _topCwes(intro);
+  const cweSummary = topCwes.map(([cwe, n]) => {
+    const meta = CWE_NARRATIVE[cwe];
+    return meta ? `${n} ${meta.name}` : `${n} ${cwe}`;
+  }).join(', ');
+  const hint = prTitle ? ` in "${prTitle}"` : '';
+  lines.push(`I looked at the ${delta.changedFiles.length} file${delta.changedFiles.length === 1 ? '' : 's'} ` +
+    `you changed${hint} and noticed **${intro.length} new finding${intro.length === 1 ? '' : 's'}** ` +
+    `that wasn't on \`${delta.baseRef}\`. Top concerns: ${cweSummary}.`);
+  lines.push('');
+  // Per-introduced-finding paragraph (cap at 5 for readability).
+  const SHOW = intro.slice(0, 5);
+  for (const f of SHOW) {
+    const meta = CWE_NARRATIVE[f.cwe];
+    const sev = SEVERITY_GLYPH[f.severity] || '⬜';
+    const route = _route(f);
+    const where = route ? `\`${route}\` (\`${f.file}:${f.line}\`)` : `\`${f.file}:${f.line}\``;
+    lines.push(`${sev} **${meta?.name || f.vuln}** — ${where}`);
+    if (meta) lines.push(`  > ${meta.why}`);
+    if (f.remediation) {
+      const onelineFix = String(f.remediation).split('\n')[0].slice(0, 240);
+      lines.push(`  Suggested fix: ${onelineFix}`);
+    }
+    if (f.confidence != null && f.confidence < 0.7) {
+      lines.push(`  <sub>Lower confidence (${(f.confidence * 100).toFixed(0)}%) — may be a false positive worth a quick look.</sub>`);
+    }
+    lines.push('');
+  }
+  if (intro.length > SHOW.length) {
+    lines.push(`<sub>+${intro.length - SHOW.length} more new finding${intro.length - SHOW.length === 1 ? '' : 's'} — see the scan output for the full list.</sub>`);
+    lines.push('');
+  }
+  if (resolved.length) {
+    lines.push(`On the bright side: this PR **resolved ${resolved.length} pre-existing finding${resolved.length === 1 ? '' : 's'}**. 👏`);
+    lines.push('');
+  }
+  const i = delta.summary?.introduced || {};
+  const blockMerge = (i.critical || 0) + (i.high || 0) > 0;
+  if (blockMerge) {
+    lines.push(`---`);
+    lines.push(`**Blocking merge:** ${i.critical || 0} critical + ${i.high || 0} high severity ` +
+      `finding${(i.critical || 0) + (i.high || 0) === 1 ? '' : 's'} introduced. ` +
+      `Fix or suppress with \`// agentic-security-ignore: <rule-id>\` before merging.`);
+  } else {
+    lines.push(`---`);
+    lines.push(`Non-blocking: no critical/high severity findings introduced — but consider addressing the items above before this becomes harder to revisit.`);
+  }
+  return lines.join('\n');
+}
+
+export const _internal = { CWE_NARRATIVE, SEVERITY_GLYPH, _topCwes };