npm - @ngocsangairvds/vsaf - Versions diffs - 3.2.14 → 3.2.16 - Mend

@ngocsangairvds/vsaf 3.2.14 → 3.2.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1442) hide show

package/tools/vds-scripts/audit_orchestrator/src/vds_audit_orchestrator/agents/security_agent.py DELETED Viewed

@@ -1,1829 +0,0 @@
-"""Security Analysis Agent (TSK-048).
-Enhanced with LLM-powered security analysis across multiple dimensions:
-- Authentication/authorization patterns
-- Input validation practices
-- Secrets management
-- Dependency vulnerabilities
-- Security headers and configurations
-Migrated to PydanticAI patterns (Phase 8).
-Phase 23 Refinement (FR-1, FR-5):
-- Scoped security pattern scanning via SecurityPatternScanner
-- All security findings are now scoped to the target repository only
-- Uses ripgrep with Python fallback for pattern-based scanning
-"""
-from __future__ import annotations
-import asyncio
-import json
-import os
-import re
-import time
-from pathlib import Path
-from typing import Any
-from vds_agent_core.skills.executor import SkillExecutor
-from vds_audit_orchestrator.agents.base import AgentResult, BaseAgent
-from vds_audit_orchestrator.agents.pydantic_base import (
-    AuditDeps,
-    SecurityFindings,
-    Vulnerability,
-    _build_toolsets,
-)
-from vds_audit_orchestrator.agents.security_scanner import (
-    SECURITY_PATTERNS,
-    SecurityPatternScanner,
-)
-from vds_audit_orchestrator.agents.toolsets.evidence_corpus import create_evidence_corpus_toolset
-from vds_audit_orchestrator.agents.toolsets.filesystem import create_filesystem_toolset
-from vds_audit_orchestrator.agents.toolsets.vector_evidence import (
-    create_vector_evidence_toolset,
-    is_vector_evidence_ready,
-)
-from vds_audit_orchestrator.config import get_config
-from vds_audit_orchestrator.errors import AUDIT_ERROR_CODES, AuditError
-from vds_audit_orchestrator.evidence.corpus import EvidenceCorpus, deserialize_evidence_corpus
-from vds_audit_orchestrator.models.evidence import EvidenceBundle
-from vds_audit_orchestrator.models.task import AuditTask
-# =============================================================================
-# System Prompts
-# =============================================================================
-SECURITY_ANALYSIS_SYSTEM_PROMPT = """You are a security analyst specialized in application security.
-Analyze the provided evidence and identify security issues across these dimensions:
-1. **Authentication/Authorization**: Missing or weak auth checks, insecure session handling
-2. **Input Validation**: SQL injection, XSS, command injection risks
-3. **Secrets Management**: Hardcoded credentials, exposed API keys, insecure env var usage
-4. **Dependency Security**: Known vulnerable dependencies, outdated packages
-5. **Security Configuration**: Missing security headers, insecure defaults, CORS issues
-For each vulnerability found, provide:
-- id: A unique identifier (e.g., SEC-001, CWE-89)
-- severity: critical, high, medium, or low
-- category: dependency, code, or configuration
-- title: Brief title of the vulnerability
-- description: Clear explanation of the issue
-- affected_component: Where the issue was found
-- remediation: How to fix it
-Also provide:
-- posture_score: Overall security posture score from 0.0 to 10.0 (10 being most secure)
-- recommendations: List of prioritized security recommendations
-- security_controls: List of security controls detected (e.g., "JWT authentication", "input validation")
-Base your confidence score (0.0-1.0) on the completeness and clarity of evidence provided.
-A confidence below 0.4 indicates insufficient evidence for reliable analysis.
-Output format contract (strict):
-- Return ONLY structured JSON output, no markdown and no prose outside the schema.
-- Use exactly these top-level keys: vulnerabilities, posture_score, recommendations, confidence, sonarqube_issues, dependency_vulnerabilities, security_controls.
-- For each vulnerability always include: id, severity, category, title, description, affected_component, remediation.
-Tool usage guardrails (strict):
-- Never call grep_search/rg_search/ast_grep_search with empty or broad wildcard-only patterns (e.g. ".", ".*", "*", "^.*$").
-- Use targeted security patterns or concrete identifiers, then pivot to read_file/read_evidence_document for grounding.
-- Avoid generic file reads (README, package manifests) unless directly tied to a security finding.
-"""
-# =============================================================================
-# SecurityAgent Implementation
-# =============================================================================
-class SecurityAgent(BaseAgent):
-    """Agent for comprehensive security analysis.
-    Uses PydanticAI-powered analysis to evaluate security posture across:
-    - Code patterns from git evidence
-    - SonarQube vulnerability metrics
-    - Scoped pattern scanning via SecurityPatternScanner
-    Phase 23 Refinement (FR-1, FR-5):
-    - All security findings are now scoped to the target repository only
-    - Uses ripgrep with Python fallback for pattern-based scanning
-    This agent has been migrated to use the PydanticAI foundation from
-    pydantic_base.py while maintaining backward compatibility with the
-    existing analyze() method signature.
-    """
-    _DEFAULT_TOOL_ALLOWLIST: tuple[str, ...] = (
-        "list_evidence_documents",
-        "search_evidence",
-        "read_evidence_document",
-        "search_evidence_vector",
-        "search_code_vector",
-        "grep_search",
-        "rg_search",
-        "ast_grep_search",
-        "read_file",
-    )
-    @staticmethod
-    def _apply_tool_allowlist(toolsets: list[Any], allowlist: list[str]) -> list[Any]:
-        """Filter FunctionToolset entries to allowed tool names only."""
-        allowed = {name for name in allowlist if isinstance(name, str) and name.strip()}
-        if not allowed:
-            return list(toolsets)
-        filtered: list[Any] = []
-        for toolset in toolsets:
-            tools_map = getattr(toolset, "tools", None)
-            if isinstance(tools_map, dict):
-                for name in list(tools_map):
-                    if name not in allowed:
-                        tools_map.pop(name, None)
-                if not tools_map:
-                    continue
-            filtered.append(toolset)
-        return filtered
-    @staticmethod
-    def _parse_positive_int_env(name: str) -> int | None:
-        """Read optional positive integer env override; ignore invalid values."""
-        raw = os.getenv(name)
-        if raw is None:
-            return None
-        value = raw.strip()
-        if not value:
-            return None
-        try:
-            parsed = int(value)
-        except ValueError:
-            return None
-        return parsed if parsed > 0 else None
-    @staticmethod
-    def _parse_env_bool(name: str) -> bool | None:
-        """Parse boolean env flag using common truthy/falsy tokens."""
-        raw = os.getenv(name)
-        if raw is None:
-            return None
-        value = raw.strip().lower()
-        if value in {"1", "true", "yes", "on"}:
-            return True
-        if value in {"0", "false", "no", "off"}:
-            return False
-        return None
-    @classmethod
-    def _parse_positive_int_env_any(cls, *names: str) -> int | None:
-        """Read first valid positive integer env across ordered key candidates."""
-        for name in names:
-            parsed = cls._parse_positive_int_env(name)
-            if parsed is not None:
-                return parsed
-        return None
-    @staticmethod
-    def _parse_csv_env(name: str) -> list[str]:
-        """Read comma-separated env values as normalized non-empty strings."""
-        raw = os.getenv(name)
-        if raw is None:
-            return []
-        values: list[str] = []
-        for part in raw.split(","):
-            item = part.strip()
-            if item:
-                values.append(item)
-        return values
-    @classmethod
-    def _parse_csv_env_any(cls, *names: str) -> list[str]:
-        """Read first non-empty CSV env across ordered key candidates."""
-        for name in names:
-            values = cls._parse_csv_env(name)
-            if values:
-                return values
-        return []
-    @classmethod
-    def _is_security_skills_toolset_enabled(cls, llm_config: Any) -> bool:
-        """Resolve skills toolset enablement with env-first precedence."""
-        security_override = cls._parse_env_bool("VDS_AUDIT_AGENTIC_SECURITY_ENABLE_SKILLS_TOOLSET")
-        if security_override is not None:
-            return security_override
-        generic_override = cls._parse_env_bool("VDS_AUDIT_AGENTIC_ENABLE_SKILLS_TOOLSET")
-        if generic_override is not None:
-            return generic_override
-        return bool(getattr(llm_config, "skills_toolset_enabled", False))
-    async def analyze(
-        self,
-        evidence: EvidenceBundle | dict | AuditTask,
-        profile: dict[str, Any] | None = None,
-        evidence_corpus: EvidenceCorpus | dict[str, Any] | None = None,
-    ) -> AgentResult:
-        """Perform comprehensive security analysis on the evidence bundle.
-        Args:
-            evidence: Evidence bundle containing git files, SonarQube metrics, etc.
-            profile: Optional project profile for context.
-        Returns:
-            AgentResult with security findings and risk assessment.
-        """
-        # Normalize evidence input and extract profile
-        evidence_data: Any = evidence
-        resolved_corpus = deserialize_evidence_corpus(evidence_corpus)
-        if isinstance(evidence, AuditTask):
-            payload = evidence.input_data
-            profile = profile or payload.get("profile", {})
-            evidence_data = payload.get("evidence_bundle") or payload.get("evidence")
-            if resolved_corpus is None:
-                resolved_corpus = deserialize_evidence_corpus(payload.get("evidence_corpus"))
-        elif isinstance(evidence, dict):
-            profile = profile or evidence.get("profile", {})
-            evidence_data = evidence.get("evidence_bundle") or evidence.get("evidence")
-            if resolved_corpus is None:
-                resolved_corpus = deserialize_evidence_corpus(evidence.get("evidence_corpus"))
-        if isinstance(evidence_data, dict):
-            try:
-                evidence_data = EvidenceBundle.model_validate(evidence_data)
-            except Exception as exc:
-                self.logger.debug("evidence_bundle_validation_failed", error=str(exc))
-        if not isinstance(evidence_data, EvidenceBundle):
-            return self._result(
-                agent_name="SecurityAgent",
-                success=False,
-                error=AuditError(
-                    code=AUDIT_ERROR_CODES["AGENT_EVIDENCE_MISSING"],
-                    message="Evidence bundle missing",
-                    template_params={"agent_name": "SecurityAgent"},
-                ),
-            )
-        evidence = evidence_data
-        # Store profile for use in LLM analysis
-        self._profile = profile
-        findings: list[dict[str, Any]] = []
-        metadata: dict[str, Any] = {
-            "llm_analysis_used": False,
-            "pydantic_ai_used": False,
-            "pattern_scanner_used": False,
-            "sonarqube_issues_parsed": 0,
-        }
-        SkillExecutor.reset_usage()
-        # 1. Extract repo_path from evidence bundle or profile (FR-1.1)
-        repo_path = self._get_repo_path(evidence, profile)
-        # 2. Use scoped pattern scanner for security patterns (FR-1, FR-5)
-        if repo_path:
-            pattern_findings = await self._scan_security_patterns(repo_path)
-            findings.extend(pattern_findings)
-            metadata["pattern_scanner_used"] = True
-            metadata["pattern_scanner_findings"] = len(pattern_findings)
-            metadata["repo_path"] = str(repo_path)
-        else:
-            self.logger.warning(
-                "security_pattern_scan_skipped",
-                reason="repo_path not available",
-            )
-            metadata["pattern_scanner_skipped"] = "repo_path not available"
-        # 3. Parse SonarQube evidence intelligently
-        sonar_findings = self._parse_sonarqube_evidence(evidence)
-        findings.extend(sonar_findings)
-        metadata["sonarqube_issues_parsed"] = len(evidence.sonarqube_evidence)
-        # 4. Analyze git evidence for security patterns
-        git_findings = self._analyze_git_evidence(evidence)
-        findings.extend(git_findings)
-        # 5. Use PydanticAI agent for comprehensive security assessment
-        if self.settings.enabled:
-            try:
-                llm_result = await self._run_pydantic_ai_analysis(
-                    evidence,
-                    findings,
-                    profile,
-                    evidence_corpus=resolved_corpus,
-                )
-                if llm_result:
-                    # Merge LLM findings with rule-based findings
-                    for vuln in llm_result.vulnerabilities:
-                        findings.append(self._vulnerability_to_finding(vuln))
-                    metadata["llm_analysis_used"] = True
-                    metadata["pydantic_ai_used"] = True
-                    metadata["posture_score"] = llm_result.posture_score
-                    metadata["confidence"] = llm_result.confidence
-                    metadata["security_controls"] = llm_result.security_controls
-                    metadata["recommendations"] = llm_result.recommendations
-                    metadata["overall_risk_level"] = self._score_to_risk_level(llm_result.posture_score)
-                    metadata["security_summary"] = self._generate_summary(llm_result)
-            except Exception as e:
-                if self._is_tool_policy_violation_error(str(e)):
-                    return self._result(
-                        agent_name="SecurityAgent",
-                        success=False,
-                        findings=findings,
-                        metadata=metadata,
-                        error=str(e),
-                    )
-                self.logger.warning("security_pydantic_ai_analysis_failed", error=str(e))
-                metadata["llm_error"] = str(e)
-        runtime_summary = getattr(self, "_security_agent_runtime_summary", None)
-        if isinstance(runtime_summary, dict):
-            configured_limit = runtime_summary.get("security_agent_tool_calls_limit")
-            if isinstance(configured_limit, int):
-                metadata["security_agent_tool_calls_limit"] = configured_limit
-            exhausted_count = int(runtime_summary.get("security_agent_tool_call_limit_exhausted_count", 0) or 0)
-            metadata["security_agent_tool_call_limit_exhausted_count"] = exhausted_count
-        tool_usage = SkillExecutor.consume_usage()
-        if tool_usage:
-            metadata["tool_usage"] = tool_usage
-        return self._result(
-            agent_name="SecurityAgent",
-            success=True,
-            findings=findings,
-            metadata=metadata,
-        )
-    @staticmethod
-    def _is_tool_policy_violation_error(error: str) -> bool:
-        lowered = error.lower()
-        return "tool policy violation" in lowered or "cadence guard unsatisfied" in lowered
-    def _resolve_tool_policy(self) -> tuple[list[str], dict[str, Any]]:
-        try:
-            cfg = get_config().agentic
-        except Exception:
-            return (list(self._DEFAULT_TOOL_ALLOWLIST), {})
-        configured_allowlist = cfg.tool_allowlists.get("security", [])
-        allowlist = [str(item).strip() for item in configured_allowlist if str(item).strip()]
-        if not allowlist:
-            allowlist = list(self._DEFAULT_TOOL_ALLOWLIST)
-        non_progress_policy = cfg.non_progress_policy.model_dump()
-        return (allowlist, non_progress_policy)
-    @staticmethod
-    def _is_invalid_tool_usage_error(error: str) -> bool:
-        lowered = error.lower()
-        return (
-            "tool" in lowered
-            and (
-                "not found" in lowered
-                or "unknown tool" in lowered
-                or "invalid tool" in lowered
-                or "not allowed" in lowered
-                or "not in available tools" in lowered
-            )
-            and "invalid tool call arguments" not in lowered
-        )
-    @staticmethod
-    def _parse_tool_name_from_invalid_tool_error(error: str) -> str | None:
-        patterns = (
-            r"tool '([^']+)'",
-            r'tool "([^"]+)"',
-            r"unknown tool[:\s]+([a-zA-Z0-9_./-]+)",
-            r"invalid tool[:\s]+([a-zA-Z0-9_./-]+)",
-        )
-        for pattern in patterns:
-            match = re.search(pattern, error, flags=re.IGNORECASE)
-            if match:
-                value = str(match.group(1)).strip()
-                if value:
-                    return value
-        return None
-    @staticmethod
-    def _is_low_signal_search_burst(
-        telemetry: dict[str, Any] | None,
-        *,
-        policy: dict[str, Any] | None = None,
-    ) -> bool:
-        if not isinstance(telemetry, dict):
-            return False
-        policy_values = dict(policy or {})
-        def _ival(name: str, default: int) -> int:
-            raw = policy_values.get(name, default)
-            try:
-                return int(raw)
-            except (TypeError, ValueError):
-                return default
-        min_tool_calls = _ival("search_only_burst_min_tool_calls", 4)
-        min_search_calls = _ival("search_only_burst_min_search_calls", 4)
-        max_read_calls = _ival("search_only_burst_max_read_calls", 0)
-        high_repeat_min_tool_calls = _ival("high_repeat_min_tool_calls", 10)
-        max_unique_tools_in_window = _ival("max_unique_tools_in_window", 2)
-        usage = telemetry.get("usage")
-        usage_tool_calls = int(usage.get("tool_calls", 0) or 0) if isinstance(usage, dict) else 0
-        event_tool_calls = int(telemetry.get("event_tool_calls_completed", telemetry.get("event_tool_calls", 0)) or 0)
-        tool_calls = max(usage_tool_calls, event_tool_calls)
-        by_name = telemetry.get("event_tool_count_by_name")
-        if not isinstance(by_name, dict):
-            return False
-        search_calls = (
-            int(by_name.get("list_directory", 0) or 0)
-            + int(by_name.get("grep_search", 0) or 0)
-            + int(by_name.get("rg_search", 0) or 0)
-            + int(by_name.get("ast_grep_search", 0) or 0)
-            + int(by_name.get("search_evidence", 0) or 0)
-            + int(by_name.get("search_evidence_vector", 0) or 0)
-            + int(by_name.get("search_code_vector", 0) or 0)
-        )
-        read_calls = (
-            int(by_name.get("read_file", 0) or 0)
-            + int(by_name.get("read_evidence_document", 0) or 0)
-            + int(by_name.get("get_definition", 0) or 0)
-            + int(by_name.get("find_references", 0) or 0)
-            + int(by_name.get("workspace_symbol", 0) or 0)
-        )
-        search_only_burst = (
-            tool_calls >= min_tool_calls and search_calls >= min_search_calls and read_calls <= max_read_calls
-        )
-        if search_only_burst:
-            return True
-        # Guard repetitive mixed search/read loops that never diversify beyond 1-2 tools.
-        # This catches long "grep -> read -> grep -> read" churn that still burns budgets.
-        unique_active_tools = sum(1 for value in by_name.values() if int(value or 0) > 0)
-        mixed_loop_churn = (
-            tool_calls >= high_repeat_min_tool_calls
-            and unique_active_tools <= max_unique_tools_in_window
-            and (search_calls + read_calls) >= max(1, tool_calls - 1)
-        )
-        if mixed_loop_churn:
-            return True
-        # Evidence-search churn: repeated search_evidence-like calls with weak
-        # read pivoting. This is common in low-quality loops and should trigger
-        # cadence guards earlier.
-        evidence_search_churn = tool_calls >= 8 and search_calls >= 6 and search_calls >= (read_calls * 3)
-        return evidence_search_churn
-    async def _run_pydantic_ai_analysis(
-        self,
-        evidence: EvidenceBundle,
-        existing_findings: list[dict[str, Any]],
-        profile: dict[str, Any] | None = None,
-        evidence_corpus: EvidenceCorpus | None = None,
-    ) -> SecurityFindings | None:
-        """Run PydanticAI-based security analysis.
-        Args:
-            evidence: Evidence bundle for analysis.
-            existing_findings: Findings from rule-based analysis.
-            profile: Optional project profile.
-        Returns:
-            SecurityFindings with LLM analysis results, or None on failure.
-        """
-        # Build dependencies for PydanticAI agent
-        deps = AuditDeps.from_evidence_bundle(
-            evidence=evidence,
-            profile=profile,
-            settings=self.settings if hasattr(self.settings, "model_dump") else None,
-            evidence_corpus=evidence_corpus,
-        )
-        repo_path = self._get_repo_path(evidence, profile)
-        self._analysis_repo_path = repo_path
-        toolsets = self._build_analysis_toolsets()
-        if deps.evidence_corpus is not None:
-            try:
-                toolsets.append(create_evidence_corpus_toolset())
-            except Exception as exc:
-                self.logger.warning("security_evidence_corpus_toolset_unavailable", error=str(exc))
-        try:
-            if is_vector_evidence_ready(deps=deps):
-                toolsets.append(create_vector_evidence_toolset())
-        except Exception as exc:
-            self.logger.warning("security_vector_evidence_toolset_unavailable", error=str(exc))
-        zero_tool_mode = not toolsets
-        available_skill_names = self._collect_available_skill_names(toolsets)
-        max_tool_calls = 0 if zero_tool_mode else None
-        tool_call_limit_exhausted_count = 0
-        self._security_agent_runtime_summary = {
-            "security_agent_tool_call_limit_exhausted_count": 0,
-        }
-        local_openai_protocol = self._should_disable_parallel_tool_calls()
-        # Prepare context prompt
-        user_prompt = self._build_analysis_prompt(
-            evidence,
-            existing_findings,
-            available_skill_names=available_skill_names,
-            tools_available=not zero_tool_mode,
-            local_openai_mode=local_openai_protocol,
-        )
-        allowlist, non_progress_policy = self._resolve_tool_policy()
-        toolsets = self._apply_tool_allowlist(toolsets, allowlist)
-        base_toolsets = list(toolsets)
-        zero_tool_mode = not toolsets
-        agentic_cfg = get_config().agentic
-        strict_no_fallback = bool(agentic_cfg.strict_no_fallback)
-        compact_default_max_turns = (
-            self._parse_positive_int_env_any(
-                "VDS_AUDIT_AGENTIC_COMPACT_DEFAULT_MAX_TURNS",
-                "VDS_AUDIT_AGENTIC_SECURITY_COMPACT_DEFAULT_MAX_TURNS",
-            )
-            or 8
-        )
-        compact_default_max_tool_calls = (
-            self._parse_positive_int_env_any(
-                "VDS_AUDIT_AGENTIC_COMPACT_DEFAULT_MAX_TOOL_CALLS",
-                "VDS_AUDIT_AGENTIC_SECURITY_COMPACT_DEFAULT_MAX_TOOL_CALLS",
-            )
-            or 20
-        )
-        compact_max_turns_override = self._parse_positive_int_env_any(
-            "VDS_AUDIT_AGENTIC_COMPACT_MAX_TURNS",
-            "VDS_AUDIT_AGENTIC_SECURITY_COMPACT_MAX_TURNS",
-        )
-        compact_max_tool_calls_override = self._parse_positive_int_env_any(
-            "VDS_AUDIT_AGENTIC_COMPACT_MAX_TOOL_CALLS",
-            "VDS_AUDIT_AGENTIC_SECURITY_COMPACT_MAX_TOOL_CALLS",
-        )
-        # Quality-first policy: strict mode should still bound search churn tightly.
-        max_turn_cap = 8 if strict_no_fallback else 24
-        strict_turn_cap_override = self._parse_positive_int_env_any(
-            "VDS_AUDIT_AGENTIC_STRICT_MAX_TURNS_CAP",
-            "VDS_AUDIT_AGENTIC_SECURITY_STRICT_MAX_TURNS_CAP",
-        )
-        if strict_no_fallback and strict_turn_cap_override is not None:
-            # Explicit override should control strict turn cap for profile-level tuning.
-            max_turn_cap = strict_turn_cap_override
-        # Keep strict mode bounded to limit search churn before recovery/synthesis.
-        # 20 keeps enough room for one focused discovery pass plus evidence reads.
-        max_tool_calls_cap = 20 if strict_no_fallback else 64
-        strict_cap_override = self._parse_positive_int_env_any(
-            "VDS_AUDIT_AGENTIC_STRICT_MAX_TOOL_CALLS_CAP",
-            "VDS_AUDIT_AGENTIC_SECURITY_STRICT_MAX_TOOL_CALLS_CAP",
-        )
-        if strict_no_fallback and strict_cap_override is not None:
-            # Explicit override should control strict tool-call cap for profile-level tuning.
-            max_tool_calls_cap = strict_cap_override
-        if strict_no_fallback and local_openai_protocol:
-            local_turn_cap = compact_max_turns_override or compact_default_max_turns
-            local_tool_cap = compact_max_tool_calls_override or compact_default_max_tool_calls
-            max_turn_cap = min(max_turn_cap, local_turn_cap)
-            max_tool_calls_cap = min(max_tool_calls_cap, local_tool_cap)
-        security_specific_tool_calls_limit = self._parse_positive_int_env_any(
-            "VDS_AUDIT_AGENTIC_SECURITY_TOOL_CALLS_LIMIT",
-            "VDS_AUDIT_SECURITY_AGENT_TOOL_CALLS_LIMIT",
-        )
-        configured_max_tool_calls = (
-            int(security_specific_tool_calls_limit)
-            if security_specific_tool_calls_limit is not None
-            else int(agentic_cfg.max_tool_calls)
-        )
-        min_tool_calls_floor = 1 if security_specific_tool_calls_limit is not None else 8
-        max_turns = None if zero_tool_mode else max(4, min(int(agentic_cfg.max_turns), max_turn_cap))
-        max_tool_calls = (
-            0 if zero_tool_mode else max(min_tool_calls_floor, min(configured_max_tool_calls, max_tool_calls_cap))
-        )
-        security_reported_tool_calls_limit = int(max_tool_calls)
-        self._security_agent_runtime_summary = {
-            "security_agent_tool_calls_limit": security_reported_tool_calls_limit,
-            "security_agent_tool_call_limit_exhausted_count": tool_call_limit_exhausted_count,
-        }
-        if not zero_tool_mode:
-            if strict_no_fallback and local_openai_protocol:
-                self.logger.info(
-                    "security_local_openai_budget_tightened",
-                    max_turn_cap=max_turn_cap,
-                    max_tool_calls_cap=max_tool_calls_cap,
-                    strict_turn_cap_override=strict_turn_cap_override,
-                    strict_cap_override=strict_cap_override,
-                    compact_default_max_turns=compact_default_max_turns,
-                    compact_default_max_tool_calls=compact_default_max_tool_calls,
-                    compact_max_turns_override=compact_max_turns_override,
-                    compact_max_tool_calls_override=compact_max_tool_calls_override,
-                )
-            self.logger.info(
-                "security_agent_budget_applied",
-                max_turns=max_turns,
-                max_tool_calls=max_tool_calls,
-                configured_max_turns=agentic_cfg.max_turns,
-                configured_max_tool_calls=configured_max_tool_calls,
-                security_specific_tool_calls_limit=security_specific_tool_calls_limit,
-                strict_no_fallback=strict_no_fallback,
-            )
-        guard_prompt = user_prompt
-        if local_openai_protocol and (not zero_tool_mode) and max_turns is not None:
-            guard_prompt = (
-                user_prompt
-                + "\n\nLOCAL OPENAI EXECUTION BUDGET:\n"
-                + f"- Hard cap: max_turns={max_turns}, max_tool_calls={max_tool_calls}.\n"
-                + "- Use exactly one tool call per turn.\n"
-                + "- Call list_evidence_documents once, then pivot to read_evidence_document/read_file.\n"
-                + "- Use search_evidence only when a direct read target is not available.\n"
-                + "- After at least one concrete read, stop tool calls and return final SecurityFindings JSON.\n"
-            )
-        used_allowlist_retry = False
-        used_cadence_retry = False
-        used_grounding_retry = False
-        used_budget_recovery_retry = False
-        used_budget_synthesis_retry = False
-        budget_recovery_mode = False
-        used_recovery_early_synthesis_pivot = False
-        used_output_format_retry = False
-        used_rate_limit_retry = False
-        while True:
-            try:
-                output = await self._run_pydantic_agent(
-                    system_prompt=SECURITY_ANALYSIS_SYSTEM_PROMPT,
-                    user_prompt=guard_prompt,
-                    result_type=SecurityFindings,
-                    complexity="standard",
-                    deps=deps,
-                    prompt_type="security_analysis",
-                    toolsets=toolsets,
-                    max_turns=max_turns,
-                    max_tool_calls=max_tool_calls,
-                )
-            except Exception as exc:
-                message = str(exc)
-                rate_limited = ("rate limit" in message.lower()) or ("status_code: 429" in message.lower())
-                if rate_limited:
-                    if used_rate_limit_retry:
-                        raise RuntimeError("security provider rate-limit retry exhausted") from exc
-                    used_rate_limit_retry = True
-                    self.logger.warning(
-                        "security_rate_limit_retry",
-                        error=message,
-                        backoff_seconds=2,
-                    )
-                    await asyncio.sleep(2)
-                    continue
-                trailing_output_error = "trailing characters at line" in message.lower()
-                if trailing_output_error:
-                    if used_output_format_retry:
-                        raise RuntimeError("security output format recovery failed after retry") from exc
-                    self.logger.warning(
-                        "security_output_format_recovery_retry",
-                        error=message,
-                    )
-                    used_output_format_retry = True
-                    guard_prompt = (
-                        user_prompt
-                        + "\n\nOUTPUT FORMAT RECOVERY MODE:\n"
-                        + "- STOP calling tools.\n"
-                        + "- Use only evidence already collected from previous tool results.\n"
-                        + "- Return exactly one strict SecurityFindings JSON object (no markdown, no prose).\n"
-                    )
-                    toolsets = []
-                    zero_tool_mode = True
-                    # Keep a minimal allowance for residual provider-side final_result
-                    # tool emissions while still enforcing effective no-tool behavior.
-                    max_tool_calls = 1
-                    max_turns = None
-                    continue
-                if self._is_invalid_tool_usage_error(message):
-                    attempted_tool = self._parse_tool_name_from_invalid_tool_error(message)
-                    if zero_tool_mode:
-                        self.logger.warning(
-                            "security_invalid_tool_usage_zero_tool_mode",
-                            error=message,
-                            attempted_tool=attempted_tool,
-                            max_tool_calls=max_tool_calls,
-                        )
-                        raise RuntimeError(
-                            "security tool policy violation: zero-tool mode forbids tool calls "
-                            f"(attempted={attempted_tool or 'unknown'}, max_tool_calls=0)"
-                        ) from exc
-                    self.logger.warning(
-                        "security_invalid_tool_usage_allowlist",
-                        error=message,
-                        attempted_tool=attempted_tool,
-                        allowed_tools=allowlist,
-                    )
-                    if used_allowlist_retry:
-                        raise RuntimeError(
-                            "security tool policy violation: invalid tool usage "
-                            f"(attempted={attempted_tool or 'unknown'}, allowlist={allowlist})"
-                        ) from exc
-                    used_allowlist_retry = True
-                    guard_prompt = (
-                        user_prompt
-                        + "\n\nTOOL ALLOWLIST GUARD:\n"
-                        + f"- Allowed tools for SecurityAgent: {', '.join(allowlist)}.\n"
-                        + f"- Invalid tool requested: {attempted_tool or 'unknown'}.\n"
-                        + "- Use only allowlisted tools and call one tool per turn.\n"
-                        + "- If search/list results are low-signal, pivot to read_file/read_evidence_document."
-                    )
-                    continue
-                lowered_message = message.lower()
-                limit_exhausted = (
-                    ("tool_calls_limit" in lowered_message)
-                    or ("request_limit" in lowered_message)
-                    or ("usagelimitexceeded" in lowered_message)
-                    or ("usage limit exceeded" in lowered_message)
-                )
-                if limit_exhausted:
-                    tool_call_limit_exhausted_count += 1
-                    self._security_agent_runtime_summary = {
-                        "security_agent_tool_calls_limit": security_reported_tool_calls_limit,
-                        "security_agent_tool_call_limit_exhausted_count": tool_call_limit_exhausted_count,
-                    }
-                exhausted_tool_calls = self._parse_tool_calls_exhausted_from_error(message) if limit_exhausted else None
-                exhausted_request_limit = (
-                    self._parse_request_limit_exhausted_from_error(message) if limit_exhausted else None
-                )
-                skip_recovery_for_request_limit = bool(
-                    limit_exhausted
-                    and strict_no_fallback
-                    and local_openai_protocol
-                    and exhausted_request_limit is not None
-                )
-                # For strict mode we still allow one bounded read-first recovery pass
-                # when tool-call limit is exceeded, then pivot to synthesis-only mode.
-                skip_recovery_for_tool_calls_limit = False
-                if skip_recovery_for_request_limit and (not used_budget_recovery_retry):
-                    self.logger.warning(
-                        "security_budget_recovery_skipped_request_limit_strict_local_openai",
-                        error=message,
-                        max_turns=max_turns,
-                        max_tool_calls=max_tool_calls,
-                        exhausted_request_limit=exhausted_request_limit,
-                    )
-                if skip_recovery_for_tool_calls_limit and (not used_budget_recovery_retry):
-                    self.logger.warning(
-                        "security_budget_recovery_skipped_tool_calls_limit_strict_mode",
-                        error=message,
-                        max_turns=max_turns,
-                        max_tool_calls=max_tool_calls,
-                        exhausted_tool_calls=exhausted_tool_calls,
-                    )
-                if (
-                    limit_exhausted
-                    and (not zero_tool_mode)
-                    and (not used_budget_recovery_retry)
-                    and (not skip_recovery_for_request_limit)
-                    and (not skip_recovery_for_tool_calls_limit)
-                ):
-                    used_budget_recovery_retry = True
-                    budget_recovery_mode = True
-                    recovery_max_turns = (
-                        self._parse_positive_int_env_any(
-                            "VDS_AUDIT_AGENTIC_BUDGET_RECOVERY_MAX_TURNS",
-                            "VDS_AUDIT_AGENTIC_SECURITY_BUDGET_RECOVERY_MAX_TURNS",
-                        )
-                        or 6
-                    )
-                    recovery_max_tool_calls = (
-                        self._parse_positive_int_env_any(
-                            "VDS_AUDIT_AGENTIC_BUDGET_RECOVERY_MAX_TOOL_CALLS",
-                            "VDS_AUDIT_AGENTIC_SECURITY_BUDGET_RECOVERY_MAX_TOOL_CALLS",
-                        )
-                        or 8
-                    )
-                    recovery_terminal_max_turns = (
-                        self._parse_positive_int_env_any(
-                            "VDS_AUDIT_AGENTIC_BUDGET_RECOVERY_TERMINAL_MAX_TURNS",
-                            "VDS_AUDIT_AGENTIC_SECURITY_BUDGET_RECOVERY_TERMINAL_MAX_TURNS",
-                        )
-                        or recovery_max_turns
-                    )
-                    recovery_terminal_max_tool_calls = (
-                        self._parse_positive_int_env_any(
-                            "VDS_AUDIT_AGENTIC_BUDGET_RECOVERY_TERMINAL_MAX_TOOL_CALLS",
-                            "VDS_AUDIT_AGENTIC_SECURITY_BUDGET_RECOVERY_TERMINAL_MAX_TOOL_CALLS",
-                        )
-                        or recovery_max_tool_calls
-                    )
-                    # Recovery is one bounded read-first terminal pass, not another full exploration loop.
-                    recovery_max_turns = min(recovery_max_turns, recovery_terminal_max_turns)
-                    recovery_max_tool_calls = min(recovery_max_tool_calls, recovery_terminal_max_tool_calls)
-                    # Keep local-openai recovery tighter to avoid search churn on weak local models.
-                    if local_openai_protocol:
-                        recovery_max_tool_calls = min(recovery_max_tool_calls, max(2, recovery_max_turns + 1))
-                    read_first_recovery_allowlist = [
-                        "list_evidence_documents",
-                        "read_evidence_document",
-                        "read_file",
-                    ]
-                    configured_recovery_allowlist = self._parse_csv_env_any(
-                        "VDS_AUDIT_AGENTIC_BUDGET_RECOVERY_TOOL_ALLOWLIST",
-                        "VDS_AUDIT_AGENTIC_SECURITY_BUDGET_RECOVERY_TOOL_ALLOWLIST",
-                    )
-                    if configured_recovery_allowlist:
-                        allowed_recovery_tools = set(read_first_recovery_allowlist)
-                        recovery_allowlist = [
-                            tool_name
-                            for tool_name in configured_recovery_allowlist
-                            if tool_name in allowed_recovery_tools
-                        ]
-                    else:
-                        recovery_allowlist = list(read_first_recovery_allowlist)
-                    telemetry_for_recovery = getattr(self, "_last_agent_run_telemetry", {})
-                    if isinstance(telemetry_for_recovery, dict):
-                        by_name = telemetry_for_recovery.get("event_tool_count_by_name")
-                        if isinstance(by_name, dict):
-                            search_evidence_calls = int(by_name.get("search_evidence", 0) or 0)
-                            read_calls = int(by_name.get("read_file", 0) or 0) + int(
-                                by_name.get("read_evidence_document", 0) or 0
-                            )
-                            if search_evidence_calls >= 6 and read_calls < 1:
-                                # Force a deterministic pivot away from repeated search-only loops.
-                                recovery_allowlist = list(read_first_recovery_allowlist)
-                    self.logger.warning(
-                        "security_budget_recovery_retry",
-                        error=message,
-                        max_turns=max_turns,
-                        max_tool_calls=max_tool_calls,
-                        exhausted_tool_calls=exhausted_tool_calls,
-                        exhausted_request_limit=exhausted_request_limit,
-                        recovery_max_turns=recovery_max_turns,
-                        recovery_max_tool_calls=recovery_max_tool_calls,
-                        recovery_allowlist=recovery_allowlist,
-                    )
-                    guard_prompt = (
-                        user_prompt
-                        + "\n\nBUDGET RECOVERY MODE (READ-FOCUSED TERMINAL PASS):\n"
-                        + "- Keep tool usage minimal and deterministic.\n"
-                        + "- Start with list_evidence_documents, then read_evidence_document/read_file on concrete matches.\n"
-                        + "- This is the final tool-enabled pass before synthesis-only mode.\n"
-                        + "- Do not use broad search loops in recovery mode.\n"
-                        + "- Do not use broad wildcard-only search patterns ('.', '.*', '*', '^.*$').\n"
-                        + "- Do not read generic files (README/package manifests) unless explicitly security-relevant.\n"
-                        + "- Avoid repeated broad searches.\n"
-                        + "- Return final SecurityFindings JSON once at least one concrete evidence read is completed.\n"
-                    )
-                    toolsets = self._apply_tool_allowlist(list(base_toolsets), recovery_allowlist)
-                    zero_tool_mode = not toolsets
-                    if zero_tool_mode:
-                        budget_recovery_mode = False
-                        max_tool_calls = 1
-                        max_turns = None
-                    else:
-                        max_turns = recovery_max_turns
-                        max_tool_calls = recovery_max_tool_calls
-                    continue
-                if limit_exhausted and not used_budget_synthesis_retry:
-                    budget_recovery_mode = False
-                    self.logger.warning(
-                        "security_budget_synthesis_retry",
-                        error=message,
-                        max_turns=max_turns,
-                        max_tool_calls=max_tool_calls,
-                    )
-                    used_budget_synthesis_retry = True
-                    guard_prompt = (
-                        user_prompt
-                        + "\n\nBUDGET EXHAUSTED - FINAL SYNTHESIS MODE:\n"
-                        + "- STOP calling tools.\n"
-                        + "- Use only evidence already collected from previous tool results.\n"
-                        + "- Return final SecurityFindings JSON now."
-                    )
-                    toolsets = []
-                    zero_tool_mode = True
-                    max_tool_calls = 1
-                    # Disable request_limit in synthesis mode. Keeping a small request_limit
-                    # here can preempt structured-output retries and fail the fallback itself.
-                    max_turns = None
-                    continue
-                raise
-            telemetry = getattr(self, "_last_agent_run_telemetry", {})
-            telemetry_has_tool_observability = isinstance(telemetry, dict) and any(
-                key in telemetry
-                for key in ("event_tool_calls_completed", "event_tool_calls", "event_tool_count_by_name")
-            )
-            if (not zero_tool_mode) and telemetry_has_tool_observability and self._has_zero_tool_activity(telemetry):
-                self.logger.warning(
-                    "security_grounding_guard_unsatisfied",
-                    observed_tool_names=(telemetry.get("event_tool_names") if isinstance(telemetry, dict) else None),
-                    observed_tool_counts=(
-                        telemetry.get("event_tool_count_by_name") if isinstance(telemetry, dict) else None
-                    ),
-                )
-                if budget_recovery_mode and not used_recovery_early_synthesis_pivot:
-                    used_recovery_early_synthesis_pivot = True
-                    budget_recovery_mode = False
-                    self.logger.warning(
-                        "security_recovery_terminal_pass_zero_tool_pivot",
-                        observed_tool_names=(
-                            telemetry.get("event_tool_names") if isinstance(telemetry, dict) else None
-                        ),
-                        observed_tool_counts=(
-                            telemetry.get("event_tool_count_by_name") if isinstance(telemetry, dict) else None
-                        ),
-                    )
-                    guard_prompt = (
-                        user_prompt
-                        + "\n\nRECOVERY TERMINAL PASS EXIT - FINAL SYNTHESIS MODE:\n"
-                        + "- STOP calling tools.\n"
-                        + "- Synthesize from already collected evidence only.\n"
-                        + "- Return final SecurityFindings JSON now.\n"
-                    )
-                    toolsets = []
-                    zero_tool_mode = True
-                    max_tool_calls = 1
-                    max_turns = None
-                    continue
-                if used_grounding_retry:
-                    # Prefer deterministic scanner findings over ungrounded LLM hallucinations.
-                    return None
-                used_grounding_retry = True
-                guard_prompt = (
-                    user_prompt
-                    + "\n\nEVIDENCE GROUNDING GUARD:\n"
-                    + "- Before final answer, call at least one search/list tool and one evidence-read tool.\n"
-                    + "- Ground each vulnerability in concrete evidence from read_file/read_evidence_document output.\n"
-                    + "- If no concrete evidence is found, return zero vulnerabilities and confidence <= 0.4."
-                )
-                continue
-            if self._is_low_signal_search_burst(telemetry, policy=non_progress_policy):
-                cadence_accept_min_read_calls = (
-                    self._parse_positive_int_env_any(
-                        "VDS_AUDIT_AGENTIC_CADENCE_ACCEPT_MIN_READ_CALLS",
-                        "VDS_AUDIT_AGENTIC_SECURITY_CADENCE_ACCEPT_MIN_READ_CALLS",
-                    )
-                    or 2
-                )
-                cadence_accept_min_unique_tools = (
-                    self._parse_positive_int_env_any(
-                        "VDS_AUDIT_AGENTIC_CADENCE_ACCEPT_MIN_UNIQUE_TOOLS",
-                        "VDS_AUDIT_AGENTIC_SECURITY_CADENCE_ACCEPT_MIN_UNIQUE_TOOLS",
-                    )
-                    or 2
-                )
-                self.logger.warning(
-                    "security_low_signal_cadence_guard",
-                    observed_tool_names=(telemetry.get("event_tool_names") if isinstance(telemetry, dict) else None),
-                    observed_tool_counts=(
-                        telemetry.get("event_tool_count_by_name") if isinstance(telemetry, dict) else None
-                    ),
-                    cadence_accept_min_read_calls=cadence_accept_min_read_calls,
-                    cadence_accept_min_unique_tools=cadence_accept_min_unique_tools,
-                )
-                has_min_grounding = self._has_min_evidence_grounding(
-                    telemetry if isinstance(telemetry, dict) else None,
-                    min_read_calls=cadence_accept_min_read_calls,
-                    min_unique_tools=cadence_accept_min_unique_tools,
-                )
-                search_dominant = False
-                if isinstance(telemetry, dict):
-                    by_name = telemetry.get("event_tool_count_by_name")
-                    if isinstance(by_name, dict):
-                        search_calls = (
-                            int(by_name.get("list_directory", 0) or 0)
-                            + int(by_name.get("grep_search", 0) or 0)
-                            + int(by_name.get("rg_search", 0) or 0)
-                            + int(by_name.get("ast_grep_search", 0) or 0)
-                            + int(by_name.get("search_evidence", 0) or 0)
-                            + int(by_name.get("search_evidence_vector", 0) or 0)
-                            + int(by_name.get("search_code_vector", 0) or 0)
-                        )
-                        read_calls = (
-                            int(by_name.get("read_file", 0) or 0)
-                            + int(by_name.get("read_evidence_document", 0) or 0)
-                            + int(by_name.get("get_definition", 0) or 0)
-                            + int(by_name.get("find_references", 0) or 0)
-                            + int(by_name.get("workspace_symbol", 0) or 0)
-                        )
-                        search_dominant = search_calls >= max(8, (read_calls * 4))
-                if budget_recovery_mode and (not has_min_grounding or search_dominant):
-                    used_recovery_early_synthesis_pivot = True
-                    budget_recovery_mode = False
-                    self.logger.warning(
-                        "security_recovery_terminal_pass_early_synthesis_pivot",
-                        has_min_grounding=has_min_grounding,
-                        search_dominant=search_dominant,
-                        observed_tool_names=(
-                            telemetry.get("event_tool_names") if isinstance(telemetry, dict) else None
-                        ),
-                        observed_tool_counts=(
-                            telemetry.get("event_tool_count_by_name") if isinstance(telemetry, dict) else None
-                        ),
-                    )
-                    guard_prompt = (
-                        user_prompt
-                        + "\n\nRECOVERY TERMINAL PASS EXIT - FINAL SYNTHESIS MODE:\n"
-                        + "- STOP calling tools.\n"
-                        + "- Synthesize from already collected evidence only.\n"
-                        + "- Return final SecurityFindings JSON now.\n"
-                    )
-                    toolsets = []
-                    zero_tool_mode = True
-                    max_tool_calls = 1
-                    max_turns = None
-                    continue
-                if used_cadence_retry and not has_min_grounding:
-                    raise RuntimeError("security cadence guard unsatisfied: low-signal repetition without pivot")
-                used_cadence_retry = True
-                if has_min_grounding and not search_dominant:
-                    # Avoid unnecessary extra model round-trips when output is already grounded.
-                    self.logger.info(
-                        "security_cadence_guard_grounded_output_accepted",
-                        observed_tool_names=(
-                            telemetry.get("event_tool_names") if isinstance(telemetry, dict) else None
-                        ),
-                        observed_tool_counts=(
-                            telemetry.get("event_tool_count_by_name") if isinstance(telemetry, dict) else None
-                        ),
-                        cadence_accept_min_read_calls=cadence_accept_min_read_calls,
-                        cadence_accept_min_unique_tools=cadence_accept_min_unique_tools,
-                    )
-                    budget_recovery_mode = False
-                    break
-                guard_prompt = (
-                    user_prompt
-                    + "\n\nCADENCE PIVOT GUARD:\n"
-                    + "- Stop search/list-only bursts.\n"
-                    + "- Pivot from list/search tools to read_file/read_evidence_document on a concrete match.\n"
-                    + "- Do not finish without at least one high-signal evidence read."
-                )
-                if not zero_tool_mode:
-                    cadence_retry_max_turns = (
-                        self._parse_positive_int_env_any(
-                            "VDS_AUDIT_AGENTIC_CADENCE_RETRY_MAX_TURNS",
-                            "VDS_AUDIT_AGENTIC_SECURITY_CADENCE_RETRY_MAX_TURNS",
-                        )
-                        or 4
-                    )
-                    cadence_retry_max_tool_calls = (
-                        self._parse_positive_int_env_any(
-                            "VDS_AUDIT_AGENTIC_CADENCE_RETRY_MAX_TOOL_CALLS",
-                            "VDS_AUDIT_AGENTIC_SECURITY_CADENCE_RETRY_MAX_TOOL_CALLS",
-                        )
-                        or 6
-                    )
-                    cadence_retry_allowlist = self._parse_csv_env_any(
-                        "VDS_AUDIT_AGENTIC_CADENCE_RETRY_TOOL_ALLOWLIST",
-                        "VDS_AUDIT_AGENTIC_SECURITY_CADENCE_RETRY_TOOL_ALLOWLIST",
-                    )
-                    if cadence_retry_allowlist:
-                        toolsets = self._apply_tool_allowlist(toolsets, cadence_retry_allowlist)
-                    max_turns = (
-                        cadence_retry_max_turns if max_turns is None else min(max_turns, cadence_retry_max_turns)
-                    )
-                    max_tool_calls = min(max_tool_calls or 0, cadence_retry_max_tool_calls)
-                continue
-            vulnerability_count = len(getattr(output, "vulnerabilities", []) or [])
-            if vulnerability_count > 0:
-                strong_grounding = self._has_min_evidence_grounding(
-                    telemetry if isinstance(telemetry, dict) else None,
-                    min_read_calls=2,
-                    min_unique_tools=3,
-                )
-                if not strong_grounding:
-                    if zero_tool_mode:
-                        self.logger.warning(
-                            "security_strict_grounding_guard_zero_tool_coerce",
-                            vulnerabilities_count=vulnerability_count,
-                            observed_tool_names=(
-                                telemetry.get("event_tool_names") if isinstance(telemetry, dict) else None
-                            ),
-                            observed_tool_counts=(
-                                telemetry.get("event_tool_count_by_name") if isinstance(telemetry, dict) else None
-                            ),
-                        )
-                        # In zero-tool synthesis mode we cannot gather additional evidence.
-                        # Prefer conservative output over ungrounded vulnerability assertions.
-                        output.vulnerabilities = []
-                        output.confidence = min(float(getattr(output, "confidence", 0.4) or 0.4), 0.4)
-                        if not output.recommendations:
-                            output.recommendations = [
-                                "Collect concrete security evidence (read_file/read_evidence_document) before reporting vulnerabilities."
-                            ]
-                        break
-                    if budget_recovery_mode and not used_recovery_early_synthesis_pivot:
-                        used_recovery_early_synthesis_pivot = True
-                        budget_recovery_mode = False
-                        self.logger.warning(
-                            "security_recovery_terminal_pass_strict_grounding_pivot",
-                            vulnerabilities_count=vulnerability_count,
-                            observed_tool_names=(
-                                telemetry.get("event_tool_names") if isinstance(telemetry, dict) else None
-                            ),
-                            observed_tool_counts=(
-                                telemetry.get("event_tool_count_by_name") if isinstance(telemetry, dict) else None
-                            ),
-                        )
-                        guard_prompt = (
-                            user_prompt
-                            + "\n\nRECOVERY TERMINAL PASS EXIT - STRICT GROUNDING SYNTHESIS MODE:\n"
-                            + "- STOP calling tools.\n"
-                            + "- Use already collected evidence only.\n"
-                            + "- Return SecurityFindings JSON with conservative confidence when grounding is insufficient.\n"
-                        )
-                        toolsets = []
-                        zero_tool_mode = True
-                        max_tool_calls = 1
-                        max_turns = None
-                        continue
-                    self.logger.warning(
-                        "security_strict_grounding_guard_unsatisfied",
-                        vulnerabilities_count=vulnerability_count,
-                        observed_tool_names=(
-                            telemetry.get("event_tool_names") if isinstance(telemetry, dict) else None
-                        ),
-                        observed_tool_counts=(
-                            telemetry.get("event_tool_count_by_name") if isinstance(telemetry, dict) else None
-                        ),
-                    )
-                    if used_grounding_retry:
-                        self.logger.warning(
-                            "security_strict_grounding_guard_coerced_zero_vulnerabilities",
-                            vulnerabilities_count=vulnerability_count,
-                            observed_tool_names=(
-                                telemetry.get("event_tool_names") if isinstance(telemetry, dict) else None
-                            ),
-                            observed_tool_counts=(
-                                telemetry.get("event_tool_count_by_name") if isinstance(telemetry, dict) else None
-                            ),
-                        )
-                        # Conservative fallback: avoid ungrounded vulnerability claims.
-                        output.vulnerabilities = []
-                        output.confidence = min(float(getattr(output, "confidence", 0.4) or 0.4), 0.4)
-                        if not output.recommendations:
-                            output.recommendations = [
-                                "Collect concrete security evidence (read_file/read_evidence_document) before reporting vulnerabilities."
-                            ]
-                        break
-                    used_grounding_retry = True
-                    guard_prompt = (
-                        user_prompt
-                        + "\n\nSTRICT SECURITY GROUNDING GUARD:\n"
-                        + "- Do not report vulnerabilities unless grounded in concrete read_file/read_evidence_document evidence.\n"
-                        + "- Perform at least two evidence reads before final output.\n"
-                        + "- If concrete evidence remains insufficient, return zero vulnerabilities and confidence <= 0.4.\n"
-                    )
-                    if not zero_tool_mode:
-                        strict_grounding_retry_max_turns = (
-                            self._parse_positive_int_env_any(
-                                "VDS_AUDIT_AGENTIC_STRICT_GROUNDING_RETRY_MAX_TURNS",
-                                "VDS_AUDIT_AGENTIC_SECURITY_STRICT_GROUNDING_RETRY_MAX_TURNS",
-                            )
-                            or 6
-                        )
-                        strict_grounding_retry_max_tool_calls = (
-                            self._parse_positive_int_env_any(
-                                "VDS_AUDIT_AGENTIC_STRICT_GROUNDING_RETRY_MAX_TOOL_CALLS",
-                                "VDS_AUDIT_AGENTIC_SECURITY_STRICT_GROUNDING_RETRY_MAX_TOOL_CALLS",
-                            )
-                            or 10
-                        )
-                        toolsets = self._apply_tool_allowlist(
-                            list(base_toolsets),
-                            ["list_evidence_documents", "read_evidence_document", "read_file"],
-                        )
-                        max_turns = min(max_turns or strict_grounding_retry_max_turns, strict_grounding_retry_max_turns)
-                        max_tool_calls = min(
-                            max_tool_calls or strict_grounding_retry_max_tool_calls,
-                            strict_grounding_retry_max_tool_calls,
-                        )
-                    continue
-            budget_recovery_mode = False
-            break
-        # Log response summary (additional specific fields)
-        self.logger.info(
-            "security_agent_response",
-            confidence=round(getattr(output, "confidence", 0), 2),
-            posture_score=getattr(output, "posture_score", None),
-            vulnerabilities_count=len(getattr(output, "vulnerabilities", []) or []),
-            recommendations_count=len(getattr(output, "recommendations", []) or []),
-        )
-        self._security_agent_runtime_summary = {
-            "security_agent_tool_calls_limit": security_reported_tool_calls_limit,
-            "security_agent_tool_call_limit_exhausted_count": tool_call_limit_exhausted_count,
-        }
-        return output
-    @staticmethod
-    def _has_min_evidence_grounding(
-        telemetry: dict[str, Any] | None,
-        *,
-        min_read_calls: int = 1,
-        min_unique_tools: int = 2,
-    ) -> bool:
-        """Return True when tool telemetry shows both search/list and evidence-read activity."""
-        if not isinstance(telemetry, dict):
-            return False
-        by_name = telemetry.get("event_tool_count_by_name")
-        if not isinstance(by_name, dict):
-            return False
-        search_calls = (
-            int(by_name.get("list_directory", 0) or 0)
-            + int(by_name.get("grep_search", 0) or 0)
-            + int(by_name.get("rg_search", 0) or 0)
-            + int(by_name.get("ast_grep_search", 0) or 0)
-            + int(by_name.get("search_evidence", 0) or 0)
-            + int(by_name.get("search_evidence_vector", 0) or 0)
-            + int(by_name.get("search_code_vector", 0) or 0)
-        )
-        read_calls = (
-            int(by_name.get("read_file", 0) or 0)
-            + int(by_name.get("read_evidence_document", 0) or 0)
-            + int(by_name.get("get_definition", 0) or 0)
-            + int(by_name.get("find_references", 0) or 0)
-            + int(by_name.get("workspace_symbol", 0) or 0)
-        )
-        unique_active_tools = sum(1 for value in by_name.values() if int(value or 0) > 0)
-        return (
-            search_calls >= 1
-            and read_calls >= max(1, int(min_read_calls))
-            and unique_active_tools >= max(1, int(min_unique_tools))
-        )
-    @staticmethod
-    def _has_zero_tool_activity(telemetry: dict[str, Any] | None) -> bool:
-        """Return True when no tool call activity is observed for the run."""
-        if not isinstance(telemetry, dict):
-            return True
-        by_name = telemetry.get("event_tool_count_by_name")
-        if isinstance(by_name, dict):
-            total = sum(int(value or 0) for value in by_name.values())
-            if total > 0:
-                return False
-        completed = int(telemetry.get("event_tool_calls_completed", telemetry.get("event_tool_calls", 0)) or 0)
-        return completed <= 0
-    def _build_analysis_toolsets(self) -> list[Any]:
-        """Build optional MCP/skills toolsets for evidence-grounded analysis."""
-        try:
-            toolsets = _build_toolsets(get_config().llm)
-            enable_skills = self._is_security_skills_toolset_enabled(get_config().llm)
-            filtered: list[Any] = []
-            dropped = 0
-            for toolset in toolsets:
-                has_skills_map = isinstance(getattr(toolset, "skills", None), dict)
-                has_skill_metadata = isinstance(getattr(toolset, "_vds_skill_metadata", None), list)
-                if (not enable_skills) and (has_skills_map or has_skill_metadata):
-                    dropped += 1
-                    continue
-                filtered.append(toolset)
-            if dropped:
-                self.logger.info("security_analysis_skills_toolset_disabled", dropped_toolsets=dropped)
-            repo_path = getattr(self, "_analysis_repo_path", None)
-            if isinstance(repo_path, Path) and repo_path.exists():
-                try:
-                    cfg = get_config().agentic
-                    fs_toolset = create_filesystem_toolset(
-                        repo_path,
-                        safe_extensions=tuple(cfg.safe_extensions),
-                        max_read_bytes=int(cfg.max_read_bytes),
-                        max_read_lines=int(cfg.max_read_lines),
-                        grep_timeout_sec=int(cfg.tool_timeout_sec),
-                    )
-                    filtered.append(fs_toolset)
-                except Exception as exc:
-                    self.logger.warning("security_filesystem_toolset_unavailable", error=str(exc))
-            return filtered
-        except Exception as exc:
-            self.logger.warning("security_analysis_toolsets_failed", error=str(exc))
-            return []
-    @staticmethod
-    def _collect_available_skill_names(toolsets: list[Any]) -> list[str]:
-        """Extract available skill names from toolset metadata."""
-        names: list[str] = []
-        for toolset in toolsets:
-            skills_map = getattr(toolset, "skills", None)
-            if isinstance(skills_map, dict) and skills_map:
-                for skill_name in skills_map:
-                    name = str(skill_name or "").strip()
-                    if name and name not in names:
-                        names.append(name)
-                continue
-            metadata = getattr(toolset, "_vds_skill_metadata", None)
-            if not isinstance(metadata, list):
-                continue
-            for entry in metadata:
-                name = str(getattr(entry, "name", "") or "").strip()
-                if name and name not in names:
-                    names.append(name)
-        return names
-    @staticmethod
-    def _is_missing_skill_error(error: str) -> bool:
-        lowered = error.lower()
-        return "skill" in lowered and "not found" in lowered
-    @staticmethod
-    def _parse_tool_calls_exhausted_from_error(error: str) -> int | None:
-        match = re.search(r"tool_calls_limit of \d+ \(tool_calls=(\d+)\)", error, flags=re.IGNORECASE)
-        if not match:
-            return None
-        try:
-            value = int(match.group(1))
-        except (TypeError, ValueError):
-            return None
-        return value if value >= 0 else None
-    @staticmethod
-    def _parse_request_limit_exhausted_from_error(error: str) -> int | None:
-        match = re.search(r"request_limit of (\d+)", error, flags=re.IGNORECASE)
-        if not match:
-            return None
-        try:
-            value = int(match.group(1))
-        except (TypeError, ValueError):
-            return None
-        return value if value >= 0 else None
-    @staticmethod
-    def _parse_skill_name_from_error(error: str) -> str | None:
-        patterns = (
-            r"skill '([^']+)'",
-            r'skill "([^"]+)"',
-            r"skill_name['\"]?\s*[:=]\s*['\"]([^'\"]+)['\"]",
-        )
-        for pattern in patterns:
-            match = re.search(pattern, error, flags=re.IGNORECASE)
-            if match:
-                name = str(match.group(1)).strip()
-                if name:
-                    return name
-        return None
-    @staticmethod
-    def _drop_skill_from_toolsets(toolsets: list[Any], skill_name: str) -> tuple[list[Any], int]:
-        if not skill_name:
-            return list(toolsets), 0
-        removed_count = 0
-        updated_toolsets: list[Any] = []
-        for toolset in toolsets:
-            skills_map = getattr(toolset, "skills", None)
-            metadata = getattr(toolset, "_vds_skill_metadata", None)
-            if isinstance(skills_map, dict):
-                if skill_name in skills_map:
-                    skills_map.pop(skill_name, None)
-                    removed_count += 1
-                if isinstance(metadata, list):
-                    filtered_metadata = [
-                        item for item in metadata if str(getattr(item, "name", "") or "").strip() != skill_name
-                    ]
-                    toolset._vds_skill_metadata = filtered_metadata
-                if skills_map:
-                    updated_toolsets.append(toolset)
-                continue
-            if isinstance(metadata, list):
-                matched = False
-                filtered_metadata = []
-                for item in metadata:
-                    name = str(getattr(item, "name", "") or "").strip()
-                    if name == skill_name:
-                        matched = True
-                        continue
-                    filtered_metadata.append(item)
-                if matched:
-                    removed_count += 1
-                    toolset._vds_skill_metadata = filtered_metadata
-                    if filtered_metadata:
-                        updated_toolsets.append(toolset)
-                    continue
-            updated_toolsets.append(toolset)
-        return updated_toolsets, removed_count
-    @staticmethod
-    def _drop_all_skill_toolsets(toolsets: list[Any]) -> tuple[list[Any], int]:
-        filtered_toolsets: list[Any] = []
-        removed = 0
-        for toolset in toolsets:
-            has_skills_map = isinstance(getattr(toolset, "skills", None), dict)
-            has_skill_metadata = isinstance(getattr(toolset, "_vds_skill_metadata", None), list)
-            if has_skills_map or has_skill_metadata:
-                removed += 1
-                continue
-            filtered_toolsets.append(toolset)
-        return filtered_toolsets, removed
-    def _build_analysis_prompt(
-        self,
-        evidence: EvidenceBundle,
-        existing_findings: list[dict[str, Any]],
-        *,
-        available_skill_names: list[str] | None = None,
-        tools_available: bool = True,
-        local_openai_mode: bool = False,
-    ) -> str:
-        """Build the user prompt for LLM analysis.
-        Args:
-            evidence: Evidence bundle for analysis.
-            existing_findings: Findings from rule-based analysis.
-        Returns:
-            Formatted prompt string.
-        """
-        context_parts = []
-        # Add SonarQube summary
-        if evidence.sonarqube_evidence:
-            context_parts.append("## SonarQube Evidence")
-            for metric in evidence.sonarqube_evidence[:5]:
-                context_parts.append(f"- {metric.title}: {metric.content[:500]}")
-        # Add sample of git files (security-relevant)
-        security_relevant_files = [
-            f
-            for f in evidence.git_evidence
-            if any(kw in f.source_id.lower() for kw in ["security", "auth", "config", "env", "secret"])
-        ]
-        if security_relevant_files:
-            context_parts.append("\n## Security-Relevant Files")
-            for f in security_relevant_files[:3]:
-                context_parts.append(f"### {f.source_id}\n```\n{f.content[:1000]}\n```")
-        # Add existing findings summary
-        if existing_findings:
-            context_parts.append("\n## Preliminary Findings from Static Analysis")
-            for finding in existing_findings[:10]:
-                severity = finding.get("severity", "INFO")
-                description = finding.get("description", "")
-                context_parts.append(f"- [{severity}] {description}")
-        skills_clause = ""
-        if available_skill_names:
-            skills_clause = (
-                "\nSkill usage constraints:\n"
-                f"- Available skills: {', '.join(available_skill_names)}\n"
-                "- Use only the available skill names exactly as listed.\n"
-                "- Do not invent or call missing skill names.\n"
-            )
-        if tools_available:
-            tool_requirements = """Tool-first requirements:
-- When tools are available, retrieve or verify evidence snippets before concluding.
-- Ground each vulnerability claim in retrieved code/doc evidence.
-- Do not rely on assumptions that cannot be traced to evidence.
-- Use an efficient flow: search -> read -> conclude (avoid repetitive search-only loops).
-- Prefer diversified tools over repeating the same search tool with near-identical intent."""
-            if local_openai_mode:
-                tool_requirements += """
-- Local OpenAI discipline: keep tool usage bounded and deterministic.
-- Use list_evidence_documents first, then targeted read_evidence_document/read_file.
-- Keep search_evidence calls minimal (prefer at most one broad search before reading concrete files)."""
-        else:
-            tool_requirements = """Zero-tool requirements (strict):
-- No tools are available for this run.
-- Do not call any tool or skill.
-- Return final JSON directly from the provided evidence context."""
-        return f"""Analyze the following evidence for security vulnerabilities and assess the overall security posture:
-Repository: {evidence.repository}
-{chr(10).join(context_parts)}
-{tool_requirements}
-{skills_clause}
-Provide a comprehensive security assessment including:
-1. All vulnerabilities found (with severity, category, and remediation)
-2. Overall security posture score (0-10)
-3. Detected security controls
-4. Prioritized recommendations
-Focus on identifying issues not already captured in the preliminary findings."""
-    def _get_repo_path(
-        self,
-        evidence: EvidenceBundle,
-        profile: dict[str, Any] | None,
-    ) -> Path | None:
-        """Extract repository path from evidence bundle or profile.
-        Args:
-            evidence: Evidence bundle that may contain repo path.
-            profile: Optional project profile with repo path.
-        Returns:
-            Path to the repository, or None if not available.
-        """
-        # Try to get repo_path from profile first
-        if profile:
-            repo_path = profile.get("repo_path") or profile.get("repository_path")
-            if repo_path:
-                path = Path(repo_path)
-                if path.exists():
-                    return path
-                self.logger.debug(
-                    "repo_path_from_profile_not_found",
-                    repo_path=repo_path,
-                )
-        # Try to get from evidence bundle metadata
-        if hasattr(evidence, "metadata") and evidence.metadata:
-            repo_path = evidence.metadata.get("repo_path") or evidence.metadata.get("repository_path")
-            if repo_path:
-                path = Path(repo_path)
-                if path.exists():
-                    return path
-        # Try to infer from evidence.repository (may be a URL or path)
-        if evidence.repository:
-            # Check if it's a local path
-            path = Path(evidence.repository)
-            if path.exists():
-                return path
-        self.logger.debug(
-            "repo_path_not_found",
-            repository=evidence.repository,
-            profile_keys=list(profile.keys()) if profile else [],
-        )
-        return None
-    async def _scan_security_patterns(self, repo_path: Path) -> list[dict[str, Any]]:
-        """Scan repository for security patterns using scoped scanner.
-        Uses a scoped ripgrep-based scanner that ONLY searches
-        the target repository (FR-1.3).
-        Args:
-            repo_path: Path to the repository to scan.
-        Returns:
-            List of security findings from pattern scanning.
-        """
-        findings: list[dict[str, Any]] = []
-        try:
-            scanner = SecurityPatternScanner(repo_path)
-            start = time.monotonic()
-            results = scanner.scan(SECURITY_PATTERNS)
-            duration_ms = int((time.monotonic() - start) * 1000)
-            for result in results:
-                findings.append(
-                    {
-                        "type": f"security_{result.pattern_name}",
-                        "severity": result.severity,
-                        "description": result.description,
-                        "location": f"{result.file_path}:{result.line_number}",
-                        "details": {
-                            "file_path": result.file_path,
-                            "line_number": result.line_number,
-                            "line_content": result.line_content,
-                            "match_text": result.match_text,
-                        },
-                        "source": "pattern_scanner",
-                    }
-                )
-            self.logger.info(
-                "security_pattern_scan_complete",
-                repo_path=str(repo_path),
-                findings_count=len(findings),
-            )
-            SkillExecutor.record_tool_usage(
-                {
-                    "tool": "security_pattern_scanner",
-                    "agent": "SecurityAgent",
-                    "repo_path": str(repo_path),
-                    "pattern_count": len(SECURITY_PATTERNS),
-                    "findings_count": len(findings),
-                    "duration_ms": duration_ms,
-                    "success": True,
-                }
-            )
-        except Exception as e:
-            self.logger.warning("pattern_scan_failed", error=str(e))
-            SkillExecutor.record_tool_usage(
-                {
-                    "tool": "security_pattern_scanner",
-                    "agent": "SecurityAgent",
-                    "repo_path": str(repo_path),
-                    "pattern_count": len(SECURITY_PATTERNS),
-                    "findings_count": 0,
-                    "duration_ms": 0,
-                    "success": False,
-                    "error": str(e),
-                }
-            )
-        return findings
-    def _vulnerability_to_finding(self, vuln: Vulnerability) -> dict[str, Any]:
-        """Convert a Vulnerability model to a finding dict.
-        Args:
-            vuln: Vulnerability model instance.
-        Returns:
-            Finding dictionary in standard audit format.
-        """
-        return {
-            "type": f"security_{vuln.category}",
-            "severity": vuln.severity.upper(),
-            "description": vuln.description,
-            "location": vuln.affected_component,
-            "recommendation": vuln.remediation,
-            "id": vuln.id,
-            "title": vuln.title,
-            "cvss_score": vuln.cvss_score,
-            "source": "pydantic_ai_analysis",
-        }
-    def _score_to_risk_level(self, score: float) -> str:
-        """Convert posture score to risk level.
-        Args:
-            score: Security posture score (0-10).
-        Returns:
-            Risk level string.
-        """
-        if score >= 8.0:
-            return "LOW"
-        if score >= 6.0:
-            return "MEDIUM"
-        if score >= 4.0:
-            return "HIGH"
-        return "CRITICAL"
-    def _generate_summary(self, findings: SecurityFindings) -> str:
-        """Generate a security summary from findings.
-        Args:
-            findings: SecurityFindings model instance.
-        Returns:
-            Summary string.
-        """
-        critical = findings.critical_count
-        high = findings.high_count
-        total = len(findings.vulnerabilities)
-        if critical > 0:
-            return (
-                f"Critical security issues detected: {critical} critical, "
-                f"{high} high severity vulnerabilities out of {total} total. "
-                f"Posture score: {findings.posture_score:.1f}/10."
-            )
-        if high > 0:
-            return (
-                f"Security concerns identified: {high} high severity "
-                f"vulnerabilities out of {total} total. "
-                f"Posture score: {findings.posture_score:.1f}/10."
-            )
-        if total > 0:
-            return (
-                f"Minor security issues found: {total} vulnerabilities detected. "
-                f"Posture score: {findings.posture_score:.1f}/10."
-            )
-        return f"No significant security issues detected. Posture score: {findings.posture_score:.1f}/10."
-    def _parse_sonarqube_evidence(self, evidence: EvidenceBundle) -> list[dict[str, Any]]:
-        """Parse SonarQube evidence for security vulnerabilities.
-        Args:
-            evidence: Evidence bundle with SonarQube metrics.
-        Returns:
-            List of security findings from SonarQube.
-        """
-        findings = []
-        for metric in evidence.sonarqube_evidence:
-            content = metric.content
-            # Try to parse as JSON for structured analysis
-            try:
-                data = json.loads(content) if content.startswith("{") or content.startswith("[") else None
-            except json.JSONDecodeError:
-                data = None
-            if data:
-                # Structured SonarQube data parsing
-                issues = data.get("issues", []) if isinstance(data, dict) else data
-                for issue in issues if isinstance(issues, list) else []:
-                    severity = issue.get("severity", "UNKNOWN")
-                    if severity in ("CRITICAL", "BLOCKER"):
-                        findings.append(
-                            {
-                                "type": "sonarqube_vulnerability",
-                                "severity": "CRITICAL",
-                                "description": issue.get("message", f"Critical issue in {metric.title}"),
-                                "location": issue.get("component", metric.source_id),
-                                "rule": issue.get("rule", "unknown"),
-                                "source": "sonarqube",
-                            }
-                        )
-                    elif severity in ("MAJOR", "HIGH"):
-                        findings.append(
-                            {
-                                "type": "sonarqube_vulnerability",
-                                "severity": "HIGH",
-                                "description": issue.get("message", f"High severity issue in {metric.title}"),
-                                "location": issue.get("component", metric.source_id),
-                                "rule": issue.get("rule", "unknown"),
-                                "source": "sonarqube",
-                            }
-                        )
-            else:
-                # Fallback: keyword-based detection for unstructured content
-                severity_keywords = {
-                    "CRITICAL": [
-                        "CRITICAL",
-                        "BLOCKER",
-                        "vulnerability",
-                        "security hotspot",
-                    ],
-                    "HIGH": ["MAJOR", "HIGH", "injection", "authentication"],
-                    "MEDIUM": ["MINOR", "code smell"],
-                }
-                for severity, keywords in severity_keywords.items():
-                    if any(kw.lower() in content.lower() for kw in keywords):
-                        findings.append(
-                            {
-                                "type": "sonarqube_issue",
-                                "severity": severity,
-                                "description": f"{severity} severity issue detected in {metric.title}",
-                                "location": metric.source_id,
-                                "source": "sonarqube",
-                            }
-                        )
-                        break  # Only report highest severity match
-        return findings
-    def _analyze_git_evidence(self, evidence: EvidenceBundle) -> list[dict[str, Any]]:
-        """Analyze git evidence for security-related patterns.
-        Args:
-            evidence: Evidence bundle with git files.
-        Returns:
-            List of security findings from git evidence.
-        """
-        findings = []
-        security_file_patterns = {
-            "security.md": "security_documentation",
-            "security.txt": "security_documentation",
-            ".snyk": "dependency_scanning",
-            "trivy.yaml": "container_scanning",
-            "dependabot.yml": "dependency_updates",
-            "codeql": "sast_scanning",
-        }
-        found_security_configs = set()
-        for file_evidence in evidence.git_evidence:
-            file_lower = file_evidence.source_id.lower()
-            content_lower = file_evidence.content.lower()
-            # Check for security configuration files
-            for pattern, config_type in security_file_patterns.items():
-                if pattern in file_lower:
-                    found_security_configs.add(config_type)
-            # Check for hardcoded secrets patterns
-            secret_patterns = [
-                ("password", "hardcoded_password"),
-                ("api_key", "hardcoded_api_key"),
-                ("secret_key", "hardcoded_secret"),
-                ("private_key", "hardcoded_private_key"),
-                ("bearer ", "hardcoded_token"),
-            ]
-            for pattern, issue_type in secret_patterns:
-                if pattern in content_lower and "=" in file_evidence.content:
-                    # Exclude common false positives
-                    if not any(fp in content_lower for fp in ["example", "placeholder", "your_", "xxx", "***"]):
-                        findings.append(
-                            {
-                                "type": f"potential_{issue_type}",
-                                "severity": "HIGH",
-                                "description": f"Potential {issue_type.replace('_', ' ')} in {file_evidence.title}",
-                                "location": file_evidence.source_id,
-                                "source": "git_analysis",
-                            }
-                        )
-        # Report missing security configurations
-        expected_configs = {"security_documentation", "dependency_scanning"}
-        missing = expected_configs - found_security_configs
-        if missing:
-            findings.append(
-                {
-                    "type": "missing_security_config",
-                    "severity": "MEDIUM",
-                    "description": f"Missing security configurations: {', '.join(missing)}",
-                    "recommendation": "Add SECURITY.md and enable dependency scanning (Snyk/Dependabot)",
-                    "source": "git_analysis",
-                }
-            )
-        return findings