@oculum/scanner 1.0.12 → 1.0.13

package/src/{layer2 → detect/structural}/index.ts

@@ -5,49 +5,47 @@
  * and AI code fingerprinting
  */
 
-import type { Vulnerability, ScanFile, CancellationToken, DetectorContext } from '../types'
-import type { ProgressCallback } from '../index'
-import type { MiddlewareAuthConfig } from '../utils/middleware-detector'
-import { detectAuthHelpers, type AuthHelperContext } from '../utils/auth-helper-detector'
-import type { FileAuthImports } from '../utils/imported-auth-detector'
+import type { Vulnerability, ScanFile, CancellationToken, DetectorContext } from '../../shared/types'
+import type { ProgressCallback } from '../../shared/types'
+import type { MiddlewareAuthConfig } from '../../model/middleware-detector'
+import { detectAuthHelpers, type AuthHelperContext } from '../../model/auth-helper-detector'
+import type { FileAuthImports } from '../../model/imported-auth-detector'
 import {
   filterFindingsByPath,
   type ExclusionConfig,
-} from '../utils/path-exclusions'
-import { buildFileContext, type FileContext } from '../utils/context-helpers'
+} from '../../parse/path-exclusions'
+import { buildFileContext, type FileContext } from '../../parse/file-classifier'
 import { detectSensitiveVariables } from './variables'
 import { detectLogicGates } from './logic-gates'
 import { detectDangerousFunctions } from './dangerous-functions'
 import { detectRiskyImports } from './risky-imports'
-import { detectAuthAntipatterns } from './auth-antipatterns'
+import { detectAuthAntipatterns } from './auth-patterns'
 import { detectFrameworkIssues } from './framework-checks'
-import { detectAIFingerprints } from './ai-fingerprinting'
+import { detectAIFingerprints } from '../ai-code/fingerprinting'
 import { detectDataExposure } from './data-exposure'
-import { detectBYOKPatterns } from './byok-patterns'
+import { detectBYOKPatterns } from '../ai-code/byok-patterns'
 // Story B: AI-specific detection modules
-import { detectAIPromptHygiene } from './ai-prompt-hygiene'
-import { detectAIExecutionSinks } from './ai-execution-sinks'
-import { detectAIAgentTools } from './ai-agent-tools'
+import { detectAIPromptHygiene } from '../ai-code/prompt-hygiene'
+import { detectAIExecutionSinks } from '../ai-code/execution-sinks'
+import { detectAIAgentTools } from '../ai-code/agent-tools'
 // M5: New AI-era detectors
-import { detectRAGSafetyIssues } from './ai-rag-safety'
-import { detectAIEndpointProtection } from './ai-endpoint-protection'
-import { detectAISchemaValidation } from './ai-schema-validation'
+import { detectRAGSafetyIssues } from '../ai-code/rag-safety'
+import { detectAIEndpointProtection } from '../ai-code/endpoint-protection'
+import { detectAISchemaValidation } from '../ai-code/schema-validation'
 // AI Detection Roadmap Phase 1
-import { detectAIPackageHallucination } from './ai-package-hallucination'
-import { detectMCPSecurity } from './ai-mcp-security'
+import { detectAIPackageHallucination } from '../ai-code/package-hallucination'
+import { detectMCPSecurity } from '../ai-code/mcp-security'
 // AI Detection Roadmap Phase 2
-import { detectModelSupplyChain } from './model-supply-chain'
-// Tier system imports
-import {
-  type TierStats,
-  computeTierStats,
-  formatTierStats,
-  getLayer2DetectorTier,
-  type Layer2DetectorName,
-} from '../tiers'
-import { severityRank } from '../utils/parsed-file'
-import { ParsedFile } from '../utils/parsed-file'
-import { applyContextAdjustments } from '../filtering/context-adjustments'
+import { detectModelSupplyChain } from '../ai-code/model-supply-chain'
+// OWASP Workstream 1
+import { detectSecurityHeaders } from './security-headers'
+import { detectSSRFPatterns } from './ssrf-detection'
+import { detectLogInjection } from './log-injection'
+import { detectXXEPatterns } from './xxe-detection'
+// Tier system removed in Phase 2B — confidence scoring handles routing
+import { severityRank } from '../../shared/parsed-file'
+import { ParsedFile } from '../../shared/parsed-file'
+import { applyContextAdjustments } from '../../postprocess/filtering/context-adjustments'
 
 export interface Layer2Options {
   middlewareConfig?: MiddlewareAuthConfig
@@ -76,8 +74,6 @@ export interface Layer2Stats {
   deduped: Record<string, number>
   /** Severity distribution of deduped findings */
   bySeverity: Record<string, number>
-  /** Tier breakdown of deduped findings */
-  tiers: TierStats
   /** Findings suppressed by path exclusions */
   suppressedByPath: number
 }
@@ -112,6 +108,11 @@ type Layer2DetectorStats = {
   mcpSecurity: number
   // AI Detection Roadmap Phase 2
   modelSupplyChain: number
+  // OWASP Workstream 1
+  securityHeaders: number
+  ssrfDetection: number
+  logInjection: number
+  xxeDetection: number
 }
 
 // Process a single file through all Layer 2 detectors
@@ -141,6 +142,11 @@ function processFileLayer2(
     mcpSecurity: 0,
     // AI Detection Roadmap Phase 2
     modelSupplyChain: 0,
+    // OWASP Workstream 1
+    securityHeaders: 0,
+    ssrfDetection: 0,
+    logInjection: 0,
+    xxeDetection: 0,
   }
 
   // Build file-specific context for context-aware detection (Phase 2b)
@@ -195,6 +201,11 @@ function processFileLayer2(
   const mcpSecurityFindings = detectMCPSecurity(file.content, file.path, { parsed })
   // AI Detection Roadmap Phase 2
   const modelSupplyChainFindings = detectModelSupplyChain(file.content, file.path, { parsed })
+  // OWASP Workstream 1
+  const securityHeaderFindings = detectSecurityHeaders(file.content, file.path, { parsed })
+  const ssrfFindings = detectSSRFPatterns(file.content, file.path, { parsed })
+  const logInjectionFindings = detectLogInjection(file.content, file.path, { parsed })
+  const xxeFindings = detectXXEPatterns(file.content, file.path, { parsed })
 
   // Update stats
   stats.variables = variableFindings.length
@@ -217,6 +228,11 @@ function processFileLayer2(
   stats.mcpSecurity = mcpSecurityFindings.length
   // AI Detection Roadmap Phase 2
   stats.modelSupplyChain = modelSupplyChainFindings.length
+  // OWASP Workstream 1
+  stats.securityHeaders = securityHeaderFindings.length
+  stats.ssrfDetection = ssrfFindings.length
+  stats.logInjection = logInjectionFindings.length
+  stats.xxeDetection = xxeFindings.length
 
   // Combine all findings
   const allFindings = [
@@ -240,6 +256,11 @@ function processFileLayer2(
     ...mcpSecurityFindings,
     // AI Detection Roadmap Phase 2
     ...modelSupplyChainFindings,
+    // OWASP Workstream 1
+    ...securityHeaderFindings,
+    ...ssrfFindings,
+    ...logInjectionFindings,
+    ...xxeFindings,
   ]
 
   // Apply context-based severity adjustments (Phase 2b)
@@ -287,6 +308,11 @@ export async function runLayer2Scan(
     mcpSecurity: 0,
     // AI Detection Roadmap Phase 2
     modelSupplyChain: 0,
+    // OWASP Workstream 1
+    securityHeaders: 0,
+    ssrfDetection: 0,
+    logInjection: 0,
+    xxeDetection: 0,
   }
 
   // Detect auth helpers once for all files (if not already provided)
@@ -383,6 +409,11 @@ export async function runLayer2Scan(
     ai_mcp_security: stats.mcpSecurity,
     // AI Detection Roadmap Phase 2
     model_supply_chain: stats.modelSupplyChain,
+    // OWASP Workstream 1
+    security_headers: stats.securityHeaders,
+    ssrf_detection: stats.ssrfDetection,
+    log_injection: stats.logInjection,
+    xxe_detection: stats.xxeDetection,
   }
 
   // Compute deduped counts per category
@@ -398,38 +429,6 @@ export async function runLayer2Scan(
     severityStats[vuln.severity] = (severityStats[vuln.severity] || 0) + 1
   }
 
-  // Compute tier breakdown (all Layer 2 findings have layer: 2)
-  const tierStats = computeTierStats(
-    uniqueVulnerabilities.map(v => ({ category: v.category, layer: 2 as const }))
-  )
-
-  // Map raw stats keys to detector names for tier lookup
-  const detectorNameMap: Record<string, Layer2DetectorName> = {
-    sensitive_variables: 'variables',
-    logic_gates: 'logic_gates',
-    dangerous_functions: 'dangerous_functions',
-    risky_imports: 'risky_imports',
-    auth_antipatterns: 'auth_antipatterns',
-    framework_issues: 'framework_checks',
-    ai_fingerprints: 'ai_fingerprinting',
-    data_exposure: 'data_exposure',
-    byok_patterns: 'byok_patterns',
-    ai_prompt_hygiene: 'ai_prompt_hygiene',
-    ai_execution_sinks: 'ai_execution_sinks',
-    ai_agent_tools: 'ai_agent_tools',
-    // M5: New AI-era detectors
-    ai_rag_safety: 'ai_rag_safety',
-    ai_endpoint_protection: 'ai_endpoint_protection',
-    ai_schema_validation: 'ai_schema_validation',
-    // AI Detection Roadmap Phase 1
-    ai_package_hallucination: 'ai_package_hallucination',
-    ai_mcp_security: 'ai_mcp_security',
-    // AI Detection Roadmap Phase 2
-    model_supply_chain: 'model_supply_chain',
-  }
-
-  // Heuristic breakdown available in stats.raw and stats.tiers for debugging
-
   return {
     vulnerabilities: uniqueVulnerabilities,
     filesScanned: files.filter(f => isCodeFile(f.path)).length,
@@ -438,7 +437,6 @@ export async function runLayer2Scan(
       raw: rawStats,
       deduped: dedupedStats,
       bySeverity: severityStats,
-      tiers: tierStats,
       suppressedByPath: suppressed.length,
     },
   }
@@ -601,21 +599,26 @@ export { detectSensitiveVariables } from './variables'
 export { detectLogicGates } from './logic-gates'
 export { detectDangerousFunctions } from './dangerous-functions'
 export { detectRiskyImports } from './risky-imports'
-export { detectAuthAntipatterns } from './auth-antipatterns'
+export { detectAuthAntipatterns } from './auth-patterns'
 export { detectFrameworkIssues } from './framework-checks'
-export { detectAIFingerprints } from './ai-fingerprinting'
+export { detectAIFingerprints } from '../ai-code/fingerprinting'
 export { detectDataExposure } from './data-exposure'
-export { detectBYOKPatterns } from './byok-patterns'
+export { detectBYOKPatterns } from '../ai-code/byok-patterns'
 // Story B: AI-specific detectors
-export { detectAIPromptHygiene } from './ai-prompt-hygiene'
-export { detectAIExecutionSinks } from './ai-execution-sinks'
-export { detectAIAgentTools } from './ai-agent-tools'
+export { detectAIPromptHygiene } from '../ai-code/prompt-hygiene'
+export { detectAIExecutionSinks } from '../ai-code/execution-sinks'
+export { detectAIAgentTools } from '../ai-code/agent-tools'
 // M5: New AI-era detectors
-export { detectRAGSafetyIssues } from './ai-rag-safety'
-export { detectAIEndpointProtection } from './ai-endpoint-protection'
-export { detectAISchemaValidation } from './ai-schema-validation'
+export { detectRAGSafetyIssues } from '../ai-code/rag-safety'
+export { detectAIEndpointProtection } from '../ai-code/endpoint-protection'
+export { detectAISchemaValidation } from '../ai-code/schema-validation'
 // AI Detection Roadmap Phase 1
-export { detectAIPackageHallucination } from './ai-package-hallucination'
-export { detectMCPSecurity } from './ai-mcp-security'
+export { detectAIPackageHallucination } from '../ai-code/package-hallucination'
+export { detectMCPSecurity } from '../ai-code/mcp-security'
 // AI Detection Roadmap Phase 2
-export { detectModelSupplyChain } from './model-supply-chain'
+export { detectModelSupplyChain } from '../ai-code/model-supply-chain'
+// OWASP Workstream 1
+export { detectSecurityHeaders } from './security-headers'
+export { detectSSRFPatterns } from './ssrf-detection'
+export { detectLogInjection } from './log-injection'
+export { detectXXEPatterns } from './xxe-detection'

package/src/detect/structural/log-injection.ts

@@ -0,0 +1,254 @@
+/**
+ * Layer 2: Log Injection Detector
+ * Detects unsanitized user input flowing into log statements
+ *
+ * OWASP A09:2021 - Security Logging and Monitoring Failures
+ * CWE-117: Improper Output Neutralization for Logs
+ */
+
+import type { Vulnerability, VulnerabilitySeverity } from '../../shared/types'
+import type { ParsedFile } from '../../shared/parsed-file'
+import {
+  isComment,
+  isTestOrMockFile,
+  isScannerOrFixtureFile,
+} from '../../parse/file-classifier'
+
+const BASE_CONFIDENCE = 0.35
+
+interface LogInjectionOptions {
+  parsed?: ParsedFile
+}
+
+/** Log sink patterns */
+const LOG_SINK_PATTERNS = [
+  /console\.(?:log|info|warn|error|debug|trace)\s*\(/,
+  /logger\.(?:log|info|warn|error|debug|trace|fatal|silly|verbose)\s*\(/,
+  /(?:winston|pino|bunyan|log4js|signale)\.(?:log|info|warn|error|debug)\s*\(/,
+  /log\.(?:info|warn|error|debug|trace|fatal)\s*\(/,
+]
+
+/** User-controlled request data patterns */
+const USER_INPUT_PATTERNS = [
+  /(?:req|request|ctx\.request)\.(?:body|query|params)(?:\.\w+|\[['"][^'"]+['"]\])/,
+  /(?:req|request)\.headers(?:\.\w+|\[['"][^'"]+['"]\])/,
+]
+
+/** Error/catch variable names to exclude */
+const ERROR_VAR_PATTERN = /\b(?:err|error|e|ex|exception)\b/
+
+/** Patterns that are NOT user input (internal/app data) */
+const NOT_USER_INPUT_PATTERNS = [
+  // Error objects in catch blocks
+  /\bcatch\s*\(\s*(?:err|error|e|ex|exception)\b/,
+  // Internal IDs
+  /(?:user|session|tenant|org|account)\.id\b/,
+  /(?:userId|sessionId|tenantId|orgId|accountId)\b/,
+  // Internal state
+  /\.length\b/,
+  /\.count\b/,
+  /\.size\b/,
+  /\.status\b/,
+]
+
+/** Middleware logging patterns to skip entirely */
+const MIDDLEWARE_LOGGING = /(?:app|server|router)\.use\s*\(\s*(?:morgan|pino|express-winston|express\.logger)/
+
+/** Sanitization patterns near log line */
+const SANITIZATION_PATTERNS = [
+  /\.replace\s*\(\s*\/\[\\r\\n\]/,
+  /sanitize\s*\(/,
+  /escape\s*\(/,
+  /encodeURI(?:Component)?\s*\(/,
+  /stripNewlines?\s*\(/,
+  /\.replace\s*\(\s*\/[\r\n]/,
+]
+
+/**
+ * Check if a log line contains user input (not just error objects)
+ */
+function containsUserInput(line: string, lines: string[], lineIndex: number): {
+  found: boolean
+  type: 'header' | 'body' | 'spread' | 'stringify'
+} {
+  // Check for req.headers in log
+  if (/(?:req|request)\.headers/.test(line)) {
+    return { found: true, type: 'header' }
+  }
+
+  // Check for req.body/query/params in log
+  if (/(?:req|request|ctx\.request)\.(?:body|query|params)(?:\.\w+|\[)/.test(line)) {
+    return { found: true, type: 'body' }
+  }
+
+  // Check for spread of request body: console.log({ ...req.body })
+  if (/\.\.\.\s*(?:req|request|ctx\.request)\.(?:body|query|params)/.test(line)) {
+    return { found: true, type: 'spread' }
+  }
+
+  // Check for JSON.stringify(req.body) in log
+  if (/JSON\.stringify\s*\(\s*(?:req|request|ctx\.request)\.(?:body|query|params)/.test(line)) {
+    return { found: true, type: 'stringify' }
+  }
+
+  // Check for template literal with user input
+  if (/`[^`]*\$\{[^}]*(?:req|request|ctx\.request)\.(?:body|query|params)[^}]*\}/.test(line)) {
+    return { found: true, type: 'body' }
+  }
+
+  // Multi-line log calls: check ±3 lines
+  for (let offset = -3; offset <= 3; offset++) {
+    if (offset === 0) continue
+    const idx = lineIndex + offset
+    if (idx < 0 || idx >= lines.length) continue
+    const nearLine = lines[idx]
+    if (USER_INPUT_PATTERNS.some(p => p.test(nearLine))) {
+      // Only flag if the nearby line is part of the same log call (open paren)
+      const fromStart = Math.min(lineIndex, idx)
+      const toEnd = Math.max(lineIndex, idx)
+      const block = lines.slice(fromStart, toEnd + 1).join('\n')
+      // Check for unclosed paren indicating multi-line call
+      const openParens = (block.match(/\(/g) || []).length
+      const closeParens = (block.match(/\)/g) || []).length
+      if (openParens > closeParens) {
+        if (/(?:req|request)\.headers/.test(nearLine)) {
+          return { found: true, type: 'header' }
+        }
+        return { found: true, type: 'body' }
+      }
+    }
+  }
+
+  return { found: false, type: 'body' }
+}
+
+/**
+ * Check if the log line is just error logging in a catch block
+ */
+function isErrorLogging(line: string, lines: string[], lineIndex: number): boolean {
+  // Direct error object logging: console.error(err), console.error(error)
+  if (/console\.(?:error|warn|log)\s*\(\s*(?:['"][^'"]*['"],?\s*)?(?:err|error|e|ex|exception)\s*\)/.test(line)) {
+    return true
+  }
+
+  // console.error('message', error) pattern
+  if (/console\.(?:error|warn|log)\s*\(\s*['"][^'"]*['"],\s*(?:err|error|e|ex|exception)\s*\)/.test(line)) {
+    return true
+  }
+
+  // error.message logging
+  if (/(?:err|error|e|ex|exception)\.(?:message|stack|name|code)\b/.test(line)) {
+    return true
+  }
+
+  // logger.error('msg', { error })
+  if (/logger\.(?:error|warn)\s*\(.*(?:err|error|e)\b/.test(line) && !USER_INPUT_PATTERNS.some(p => p.test(line))) {
+    return true
+  }
+
+  // Check if we're inside a catch block
+  for (let j = lineIndex - 1; j >= Math.max(0, lineIndex - 5); j--) {
+    if (/\bcatch\s*\(/.test(lines[j])) {
+      // We're in a catch block — check if the logged value is the error var
+      const catchMatch = lines[j].match(/catch\s*\(\s*(\w+)/)
+      if (catchMatch) {
+        const errorVar = catchMatch[1]
+        if (new RegExp(`\\b${errorVar}\\b`).test(line)) {
+          return true
+        }
+      }
+    }
+  }
+
+  return false
+}
+
+/**
+ * Check for sanitization near the log line
+ */
+function hasSanitization(lines: string[], lineIndex: number): boolean {
+  const start = Math.max(0, lineIndex - 3)
+  const end = Math.min(lines.length, lineIndex + 4)
+  const context = lines.slice(start, end).join('\n')
+  return SANITIZATION_PATTERNS.some(p => p.test(context))
+}
+
+/**
+ * Detect log injection patterns
+ */
+export function detectLogInjection(
+  content: string,
+  filePath: string,
+  options?: LogInjectionOptions
+): Vulnerability[] {
+  const vulnerabilities: Vulnerability[] = []
+
+  if (isScannerOrFixtureFile(filePath)) return vulnerabilities
+  if (isTestOrMockFile(filePath)) return vulnerabilities
+
+  // Skip Morgan/express middleware logging (intentional request logging)
+  if (MIDDLEWARE_LOGGING.test(content)) return vulnerabilities
+
+  const lines = options?.parsed?.lines ?? content.split('\n')
+
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i]
+    if (isComment(line)) continue
+
+    // Check if this line is a log sink
+    const isLogSink = LOG_SINK_PATTERNS.some(p => p.test(line))
+    if (!isLogSink) continue
+
+    // Skip error logging (not user input)
+    if (isErrorLogging(line, lines, i)) continue
+
+    // Check if user input flows to this log call
+    const userInput = containsUserInput(line, lines, i)
+    if (!userInput.found) continue
+
+    // Skip if sanitization is nearby
+    if (hasSanitization(lines, i)) continue
+
+    // Determine severity
+    let severity: VulnerabilitySeverity = 'low'
+    let title = 'Log injection: User input in log statement'
+    let description = ''
+
+    if (userInput.type === 'header') {
+      severity = 'medium'
+      title = 'Log injection: HTTP headers in log statement'
+      description =
+        'HTTP request headers are logged without sanitization. Headers can contain CRLF sequences that forge log entries or inject malicious content into log processing tools.'
+    } else if (userInput.type === 'spread' || userInput.type === 'stringify') {
+      severity = 'low'
+      title = 'Log injection: Entire request body logged'
+      description =
+        'Entire request body is logged, which may contain unsanitized user input. This can lead to log forging, log injection, or sensitive data exposure in logs.'
+    } else {
+      severity = 'low'
+      title = 'Log injection: Request data in log statement'
+      description =
+        'User-controlled request data flows into a log statement. Unsanitized input can forge log entries or inject newlines to create misleading log records.'
+    }
+
+    vulnerabilities.push({
+      id: `loginj-${filePath}-${i + 1}`,
+      filePath,
+      lineNumber: i + 1,
+      lineContent: line.trim(),
+      severity,
+      category: 'log_injection',
+      title,
+      description,
+      suggestedFix:
+        'Sanitize user input before logging (strip newlines and control characters). Use structured logging (JSON format) to prevent log forging.',
+      confidence: severity === 'medium' ? 'high' : 'medium',
+      baseConfidence: BASE_CONFIDENCE,
+      layer: 2,
+        source: 'structural' as const,
+      requiresAIValidation: severity !== 'medium',
+    })
+  }
+
+  return vulnerabilities
+}

package/src/{layer2 → detect/structural}/logic-gates.ts

@@ -3,11 +3,13 @@
  * Identifies security bypass patterns and dangerous logic flows
  */
 
-import type { Vulnerability } from '../types'
-import type { ParsedFile } from '../utils/parsed-file'
-import { isScannerOrFixtureFile } from '../utils/context-helpers'
-import { isDisabledAuthComment } from '../utils/comment-analyzer'
-import { isReactStateSetter, isActualRedirect } from '../utils/intent-detector'
+import type { Vulnerability } from '../../shared/types'
+import type { ParsedFile } from '../../shared/parsed-file'
+import { isScannerOrFixtureFile } from '../../parse/file-classifier'
+import { isDisabledAuthComment } from '../../shared/comment-analyzer'
+import { isReactStateSetter, isActualRedirect } from '../../shared/intent-detector'
+
+const BASE_CONFIDENCE = 0.20
 
 interface LogicPattern {
   name: string
@@ -180,7 +182,9 @@ export function detectLogicGates(
           description: logicPattern.description,
           suggestedFix: logicPattern.suggestedFix,
           confidence: 'medium',
+          baseConfidence: BASE_CONFIDENCE,
           layer: 2,
+        source: 'structural' as const,
         })
         break // Only report once per line
       }
@@ -205,7 +209,9 @@ export function detectLogicGates(
           description: 'Commented out authentication/authorization code detected. This may indicate disabled security controls.',
           suggestedFix: 'Remove commented code or restore the security check',
           confidence: 'medium',
+          baseConfidence: BASE_CONFIDENCE,
           layer: 2,
+        source: 'structural' as const,
         })
       }
     }
@@ -240,7 +246,9 @@ function detectMultiLinePatterns(content: string, filePath: string): Vulnerabili
       description: 'Try-catch block with minimal error handling may hide security issues',
       suggestedFix: 'Log errors appropriately and handle them based on type',
       confidence: 'low',
+      baseConfidence: BASE_CONFIDENCE,
       layer: 2,
+        source: 'structural' as const,
     })
   }
 

package/src/{layer2 → detect/structural}/risky-imports.ts

@@ -3,9 +3,11 @@
  * Detects imports of packages known to have security concerns or deprecated
  */
 
-import type { Vulnerability, VulnerabilitySeverity } from '../types'
-import type { ParsedFile } from '../utils/parsed-file'
-import { isScannerOrFixtureFile } from '../utils/context-helpers'
+import type { Vulnerability, VulnerabilitySeverity } from '../../shared/types'
+import type { ParsedFile } from '../../shared/parsed-file'
+import { isScannerOrFixtureFile } from '../../parse/file-classifier'
+
+const BASE_CONFIDENCE = 0.20
 
 interface RiskyPackage {
   name: string
@@ -182,7 +184,9 @@ export function detectRiskyImports(
           description: pkg.description,
           suggestedFix: pkg.suggestedFix,
           confidence: 'high',
+          baseConfidence: BASE_CONFIDENCE,
           layer: 2,
+        source: 'structural' as const,
         })
         break // Only report once per line
       }