@oculum/scanner 1.0.14 → 1.0.15

package/src/report/sanitize.ts

@@ -0,0 +1,27 @@
+/**
+ * Sanitize scan results for user-facing output.
+ *
+ * Strips internal-only fields (validation stats, filter audit trail,
+ * per-vulnerability AI metadata) so they never leak to CLI JSON,
+ * API responses, or GitHub Action output.
+ */
+
+import type { ScanResult } from '../shared/types'
+
+export function sanitizeScanResult(result: ScanResult): ScanResult {
+  const { validationStats, filterAuditTrail, projectContext, forReviewFindings, ...rest } = result
+
+  const vulnerabilities = rest.vulnerabilities.map(v => {
+    const {
+      baseConfidence,
+      validationStatus,
+      validationNotes,
+      originalSeverity,
+      validatedByAI,
+      ...clean
+    } = v
+    return clean
+  })
+
+  return { ...rest, vulnerabilities } as ScanResult
+}

package/src/score/adjustments.ts

@@ -46,7 +46,9 @@ const FILE_CONTEXT_RULES: AdjustmentRule[] = [
     name: 'doc_file',
     source: 'file_context',
     applies: (finding: Vulnerability) =>
-      /\.(md|mdx|txt|rst)$/i.test(finding.filePath),
+      /\.(md|mdx|txt|rst)$/i.test(finding.filePath) &&
+      finding.category !== 'ai_rules_file_backdoor' &&
+      finding.category !== 'ai_skill_injection',
     delta: -0.30,
     reason: 'Finding in documentation file',
   },
@@ -156,11 +158,12 @@ const AUTO_DISMISS_RULES: AdjustmentRule[] = [
     source: 'auto_dismiss',
     applies: (finding: Vulnerability) => {
       if (finding.severity !== 'info') return false
-      // Use baseConfidence >= 0.35 instead of getTierForCategory
-      // This replaces the tier-based 'info_severity_core_only' rule
-      return (finding.baseConfidence ?? 0) >= 0.35
+      // Evidence-based: partial+ detectors (AST structural, config audit) already
+      // have meaningful analysis behind them — info severity on top means low priority.
+      const level = finding.evidenceLevel
+      return level === 'proven' || level === 'partial' || level === 'contextual'
     },
-    delta: -0.15,
+    delta: -0.25,
     reason: 'Already info severity for high-confidence detector (low priority)',
   },
   {
@@ -212,6 +215,32 @@ const AUTO_DISMISS_RULES: AdjustmentRule[] = [
     delta: -0.20,
     reason: 'Timeout value (code style, not security)',
   },
+  {
+    name: 'dev_config_file',
+    source: 'auto_dismiss',
+    applies: (finding: Vulnerability, ctx: AdjustmentContext) => {
+      if (
+        finding.category !== 'high_entropy_string' &&
+        finding.category !== 'hardcoded_secret' &&
+        finding.category !== 'sensitive_url'
+      ) {
+        return false
+      }
+      const fp = finding.filePath.toLowerCase()
+      return (
+        fp.includes('launchsettings.json') ||
+        fp.includes('appsettings.example') ||
+        fp.includes('appsettings.development') ||
+        fp.endsWith('.example.json') ||
+        fp.endsWith('.example.yaml') ||
+        fp.endsWith('.example.yml') ||
+        fp.endsWith('.sample.json') ||
+        fp.endsWith('.development.json')
+      )
+    },
+    delta: -0.25,
+    reason: 'Development/example config file',
+  },
   {
     name: 'data_config_file_secret',
     source: 'auto_dismiss',
@@ -228,48 +257,45 @@ const AUTO_DISMISS_RULES: AdjustmentRule[] = [
 ]
 
 // ============================================================================
-// Future Context Engine Rules (empty arrays — structurally present)
+// Depth-Gated Rules
 // ============================================================================
 
-/** Taint analysis rules — Context Engine Phase 1 */
-const TAINT_RULES: AdjustmentRule[] = [
-  {
-    name: 'confirmed_taint_unsanitised',
-    source: 'taint',
-    applies: (_finding: Vulnerability, ctx: AdjustmentContext) =>
-      ctx.taint?.confirmed === true && !ctx.taint.sanitised && ctx.taint.confidence !== 'low',
-    delta: +0.35,
-    reason: 'Confirmed taint path from user input (no sanitisation)',
-  },
+const DEPTH_GATED_RULES: AdjustmentRule[] = [
   {
-    name: 'confirmed_taint_sanitised',
-    source: 'taint',
-    applies: (_finding: Vulnerability, ctx: AdjustmentContext) =>
-      ctx.taint?.confirmed === true && ctx.taint.sanitised === true,
-    delta: +0.15,
-    reason: 'Confirmed taint path from user input (sanitised)',
+    name: 'package_hallucination_local',
+    source: 'detector',
+    applies: (finding: Vulnerability, ctx: AdjustmentContext) =>
+      finding.category === 'ai_package_hallucination' && ctx.scanDepth === 'local',
+    delta: -1.0,
+    reason: 'Package hallucination detection requires live registry lookup — suppressed at local depth',
   },
   {
-    name: 'no_taint_path',
-    source: 'taint',
-    applies: (finding: Vulnerability, ctx: AdjustmentContext) => {
-      const sinkCategories = ['dangerous_function', 'sql_injection', 'xss', 'command_injection', 'ssrf', 'data_exposure']
-      if (!sinkCategories.includes(finding.category)) return false
-      return ctx.taint !== undefined && ctx.taint.confirmed === false
+    name: 'migration_file',
+    source: 'file_context',
+    applies: (finding: Vulnerability) => {
+      if (finding.category !== 'sql_injection') return false
+      return /[/\\]migrations?[/\\]|[/\\]seeds?[/\\]|\.migration\./i.test(finding.filePath) ||
+        /MigrationInterface|IrreversibleMigration|class\s+\w+Migration/i.test(finding.lineContent)
     },
-    delta: -0.10,
-    reason: 'No taint path found (static data reaches sink)',
-  },
-  {
-    name: 'low_confidence_taint',
-    source: 'taint',
-    applies: (_finding: Vulnerability, ctx: AdjustmentContext) =>
-      ctx.taint?.confirmed === true && !ctx.taint.sanitised && ctx.taint.confidence === 'low',
-    delta: +0.10,
-    reason: 'Low-confidence taint path (long chain or indirect)',
+    delta: -0.25,
+    reason: 'SQL finding in migration/seed file — developer-controlled deploy-time code',
   },
 ]
 
+// ============================================================================
+// Future Context Engine Rules (empty arrays — structurally present)
+// ============================================================================
+
+/**
+ * Taint analysis rules — formerly 4 rules (+0.35, +0.15, -0.10, +0.10).
+ * Absorbed into evidence-based scoring in Phase 7:
+ * - confirmed_taint_unsanitised → proven evidence level (base 0.90)
+ * - confirmed_taint_sanitised → sanitized paths don't produce findings
+ * - no_taint_path → partial/pattern_only evidence level
+ * - low_confidence_taint → proven evidence level (base 0.90)
+ */
+const TAINT_RULES: AdjustmentRule[] = []
+
 /** Auth-related categories where route auth context matters */
 const AUTH_RELATED_CATEGORIES = new Set([
   'missing_auth', 'missing_authorization', 'data_exposure',
@@ -294,8 +320,12 @@ const ROUTE_RULES: AdjustmentRule[] = [
   {
     name: 'has_auth_on_route',
     source: 'route',
-    applies: (_finding: Vulnerability, ctx: AdjustmentContext) =>
-      ctx.route?.hasAuth === true,
+    applies: (finding: Vulnerability, ctx: AdjustmentContext) => {
+      if (!ctx.route?.hasAuth) return false
+      // Only discount auth-related categories — auth doesn't mitigate
+      // prompt injection, RAG poisoning, schema issues, etc.
+      return AUTH_RELATED_CATEGORIES.has(finding.category)
+    },
     delta: -0.15,
     reason: 'Route is protected by auth middleware',
   },
@@ -309,6 +339,18 @@ const ROUTE_RULES: AdjustmentRule[] = [
     delta: -0.25,
     reason: 'Route is an explicitly public endpoint (health, status, etc.)',
   },
+  {
+    name: 'readonly_route',
+    source: 'route',
+    applies: (finding: Vulnerability, ctx: AdjustmentContext) => {
+      if (finding.category !== 'missing_auth') return false
+      if (!ctx.route) return false
+      const safeMethods = ['GET', 'HEAD']
+      return ctx.route.methods.every(m => safeMethods.includes(m))
+    },
+    delta: -0.10,
+    reason: 'Route only handles safe/read-only HTTP methods (GET/HEAD)',
+  },
   {
     name: 'mutation_route',
     source: 'route',
@@ -364,6 +406,33 @@ const FRAMEWORK_RULES: AdjustmentRule[] = [
   },
 ]
 
+// ============================================================================
+// Severity Boost Rules
+// ============================================================================
+
+/**
+ * AST structural findings land at `partial` evidence (0.60 base) which is below
+ * the local/offline surfaceThreshold (0.70). Without taint backing, critical/high
+ * findings are silently suppressed. This boost ensures deterministic high-severity
+ * AST detections surface in all scan modes.
+ *
+ * Negative adjustments (test files, auth context, ORM patterns) naturally
+ * counteract this boost when the finding is likely a false positive.
+ */
+const SEVERITY_BOOST_RULES: AdjustmentRule[] = [
+  {
+    name: 'high_severity_structural_boost',
+    source: 'detector',
+    applies: (finding: Vulnerability) => {
+      const isHighSeverity = finding.severity === 'critical' || finding.severity === 'high'
+      const isStructural = finding.source === 'structural' || finding.source === 'ai_code'
+      return isHighSeverity && isStructural
+    },
+    delta: +0.20,
+    reason: 'High/critical severity AST detection — deterministic structural evidence',
+  },
+]
+
 // ============================================================================
 // Combined Export
 // ============================================================================
@@ -372,16 +441,20 @@ const FRAMEWORK_RULES: AdjustmentRule[] = [
 export const ALL_ADJUSTMENT_RULES: AdjustmentRule[] = [
   ...FILE_CONTEXT_RULES,
   ...AUTO_DISMISS_RULES,
+  ...DEPTH_GATED_RULES,
   ...TAINT_RULES,
   ...ROUTE_RULES,
   ...FRAMEWORK_RULES,
+  ...SEVERITY_BOOST_RULES,
 ]
 
 // Named exports for testing individual rule groups
 export {
   FILE_CONTEXT_RULES,
   AUTO_DISMISS_RULES,
+  DEPTH_GATED_RULES,
   TAINT_RULES,
   ROUTE_RULES,
   FRAMEWORK_RULES,
+  SEVERITY_BOOST_RULES,
 }

package/src/score/confidence.ts

@@ -13,13 +13,17 @@ import type {
   AdjustmentContext,
   DepthConfig,
 } from './types'
-
-/** Default base confidence when detector doesn't set baseConfidence */
-const DEFAULT_BASE_CONFIDENCE = 0.35
+import { classifyEvidence, EVIDENCE_BASE } from './evidence'
 
 /**
  * Compute confidence score for a single finding.
  *
+ * Base score is determined by evidence level classification:
+ *   - proven (0.90): Taint engine confirmed source-to-sink path
+ *   - partial (0.60): AST structural pattern with semantic context
+ *   - contextual (0.45): Config/secrets with file context
+ *   - pattern_only (0.30): Regex pattern match only
+ *
  * Logic: score = clamp(base + sum(applicable deltas), 0.0, 1.0)
  * Then route by depth thresholds:
  *   - score >= surfaceThreshold → 'surface'
@@ -32,7 +36,8 @@ export function computeConfidence(
   rules: AdjustmentRule[],
   depthConfig: DepthConfig
 ): ConfidenceComputation {
-  const base = finding.baseConfidence ?? DEFAULT_BASE_CONFIDENCE
+  const evidenceLevel = finding.evidenceLevel ?? classifyEvidence(finding)
+  const base = EVIDENCE_BASE[evidenceLevel]
 
   // Evaluate all rules and collect applicable adjustments
   const adjustments: ConfidenceAdjustment[] = []
@@ -50,7 +55,7 @@ export function computeConfidence(
   // Compute final score: base + sum(deltas), clamped to [0.0, 1.0]
   const totalDelta = adjustments.reduce((sum, adj) => sum + adj.delta, 0)
   const rawScore = base + totalDelta
-  const score = Math.max(0.0, Math.min(1.0, rawScore))
+  const score = Math.round(Math.max(0.0, Math.min(1.0, rawScore)) * 100) / 100
 
   // Route by thresholds
   let routing: ConfidenceComputation['routing']

package/src/score/evidence.ts

@@ -0,0 +1,55 @@
+/**
+ * Evidence Level Classification
+ *
+ * Classifies every finding's evidence level based on the type of analysis
+ * that produced it. This replaces the fixed baseConfidence approach with
+ * a semantically meaningful evidence tier.
+ *
+ * Evidence levels:
+ * - proven:       Taint engine confirmed source-to-sink path (0.90)
+ * - partial:      AST structural pattern with semantic context (0.60)
+ * - contextual:   Config audit / secret pattern with file context (0.45)
+ * - pattern_only: Regex pattern match, no structural evidence (0.30)
+ */
+
+import type { Vulnerability } from '../shared/types'
+import type { EvidenceLevel } from '../shared/types'
+
+/** Base confidence score per evidence level. */
+export const EVIDENCE_BASE: Record<EvidenceLevel, number> = {
+  proven: 0.90,
+  partial: 0.60,
+  contextual: 0.45,
+  pattern_only: 0.30,
+}
+
+/**
+ * Classify the evidence level for a finding.
+ *
+ * If the finding already has an evidenceLevel set (e.g. from taint-flow-ast),
+ * that value is returned as-is.
+ */
+export function classifyEvidence(finding: Vulnerability): EvidenceLevel {
+  // Respect pre-set evidence level
+  if (finding.evidenceLevel) {
+    return finding.evidenceLevel
+  }
+
+  // Proven: taint engine found a complete unsanitized source->sink path
+  if (finding.taintPath && finding.taintPath.steps.length > 0 && !finding.taintPath.sanitized) {
+    return 'proven'
+  }
+
+  // Partial: AST structural detection with context
+  if (finding.source === 'structural' || finding.source === 'ai_code') {
+    return 'partial'
+  }
+
+  // Contextual: Layer 1 config/secrets findings
+  if (finding.source === 'config' || finding.source === 'secrets') {
+    return 'contextual'
+  }
+
+  // Pattern-only fallback
+  return 'pattern_only'
+}

package/src/score/index.ts

@@ -16,10 +16,10 @@ import type {
   DepthConfig,
 } from './types'
 import type { ContextEngineResult } from '../model/taint-types'
-import type { CrossFileTaintPath } from '../model/cross-file-taint'
 import { findClosestRoute } from '../model/route-discovery/utils'
 import { computeConfidence } from './confidence'
 import { ALL_ADJUSTMENT_RULES } from './adjustments'
+import { classifyEvidence } from './evidence'
 import {
   isTestOrMockFile,
   isExampleFile,
@@ -40,6 +40,9 @@ import {
  * - verified: High-confidence surface directly; medium goes to AI.
  * - deep:     High-confidence surface; nearly everything goes to AI.
  */
+/** Minimum score for findings to appear in the "For Review" section */
+export const FOR_REVIEW_THRESHOLD = 0.50
+
 export const DEPTH_CONFIGS: Record<ScanDepth, DepthConfig> = {
   local: {
     surfaceThreshold: 0.70,
@@ -47,12 +50,12 @@ export const DEPTH_CONFIGS: Record<ScanDepth, DepthConfig> = {
     aiEnabled: false,
   },
   verified: {
-    surfaceThreshold: 0.70,
-    validateThreshold: 0.20,
+    surfaceThreshold: 0.80,   // Only proven findings (0.90) skip AI directly
+    validateThreshold: 0.35,
     aiEnabled: true,
   },
   deep: {
-    surfaceThreshold: 0.70,
+    surfaceThreshold: 0.80,   // Match verified
     validateThreshold: 0.10,
     aiEnabled: true,
   },
@@ -67,9 +70,11 @@ export const DEPTH_CONFIGS: Record<ScanDepth, DepthConfig> = {
  */
 export function buildAdjustmentContext(
   finding: Vulnerability,
-  ceResult: ContextEngineResult
+  ceResult: ContextEngineResult,
+  scanDepth?: ScanDepth
 ): AdjustmentContext {
-  // Look up taint data for this finding's file
+  // Taint context: currently unused after Phase 7 absorbed taint adjustment rules
+  // into evidence levels. Kept for future rules and for AdjustmentContext completeness.
   let taint: AdjustmentContext['taint'] = undefined
   const fileAnalysis = ceResult.fileTaintAnalyses?.get(finding.filePath)
   if (fileAnalysis) {
@@ -86,42 +91,17 @@ export function buildAdjustmentContext(
         sinkType: bestPath.sink.sinkType,
         sanitised: bestPath.sanitised,
         confidence: bestPath.confidence,
+        hasPath: bestPath.chain.length > 0,
       }
     } else {
-      // Check cross-file taint paths (CE Phase 4) — sink-side match
-      const crossFilePaths = findCrossFileTaintMatch(ceResult, finding)
-
-      if (crossFilePaths.length > 0) {
-        const bestPath = crossFilePaths.find(p => !p.sanitised) ?? crossFilePaths[0]
-        taint = {
-          confirmed: true,
-          sources: crossFilePaths.map(p => p.source.sourceType),
-          sinkType: bestPath.sink.sinkType,
-          sanitised: bestPath.sanitised,
-          confidence: bestPath.confidence,
-        }
-      } else {
-        // File has taint analysis but no path to this finding's line
-        taint = {
-          confirmed: false,
-          sources: [],
-          sinkType: null,
-          sanitised: false,
-          confidence: null,
-        }
-      }
-    }
-  } else {
-    // No intra-file taint analysis — still check cross-file taint paths (call-site match)
-    const crossFilePaths = findCrossFileTaintMatch(ceResult, finding)
-    if (crossFilePaths.length > 0) {
-      const bestPath = crossFilePaths.find(p => !p.sanitised) ?? crossFilePaths[0]
+      // File has taint analysis but no path to this finding's line
       taint = {
-        confirmed: true,
-        sources: crossFilePaths.map(p => p.source.sourceType),
-        sinkType: bestPath.sink.sinkType,
-        sanitised: bestPath.sanitised,
-        confidence: bestPath.confidence,
+        confirmed: false,
+        sources: [],
+        sinkType: null,
+        sanitised: false,
+        confidence: null,
+        hasPath: false,
       }
     }
   }
@@ -186,26 +166,13 @@ export function buildAdjustmentContext(
     },
     lineContent: finding.lineContent,
     filePath: finding.filePath,
+    scanDepth,
     taint,
     route,
     framework,
   }
 }
 
-/**
- * Find cross-file taint paths matching a finding — both sink-side and call-site.
- * Mirrors the matching logic in request-builder.ts for AI annotations.
- */
-function findCrossFileTaintMatch(
-  ceResult: ContextEngineResult,
-  finding: Vulnerability
-): CrossFileTaintPath[] {
-  return ceResult.crossFileTaintPaths?.filter(
-    cfp => (cfp.sinkFile === finding.filePath && cfp.sink.line === finding.lineNumber) ||
-           (cfp.sourceFile === finding.filePath && cfp.importLink.callLine === finding.lineNumber)
-  ) ?? []
-}
-
 // ============================================================================
 // Score Findings
 // ============================================================================
@@ -240,8 +207,12 @@ export function scoreFindings(
   const categoryScoreSums: Record<string, { sum: number; count: number }> = {}
 
   const scored = findings.map(finding => {
-    const context = buildAdjustmentContext(finding, ceResult)
-    const computation = computeConfidence(finding, context, ALL_ADJUSTMENT_RULES, depthConfig)
+    // Stamp evidence level once, before computeConfidence (avoids double classify)
+    const evidenceLevel = finding.evidenceLevel ?? classifyEvidence(finding)
+    const findingWithEvidence = finding.evidenceLevel ? finding : { ...finding, evidenceLevel }
+
+    const context = buildAdjustmentContext(findingWithEvidence, ceResult, depth)
+    const computation = computeConfidence(findingWithEvidence, context, ALL_ADJUSTMENT_RULES, depthConfig)
 
     // Collect diagnostics
     for (const adj of computation.adjustments) {
@@ -267,6 +238,7 @@ export function scoreFindings(
 
     return {
       ...finding,
+      evidenceLevel,
       confidence_score: computation,
     }
   })

package/src/score/types.ts

@@ -141,6 +141,8 @@ export interface AdjustmentContext {
   lineContent: string
   /** The file path of the finding */
   filePath: string
+  /** Current scan depth (local/verified/deep) */
+  scanDepth?: ScanDepth
 
   // Context Engine fields (optional — existing rules ignore undefined)
   taint?: {
@@ -149,6 +151,8 @@ export interface AdjustmentContext {
     sinkType: string | null
     sanitised: boolean
     confidence: 'high' | 'medium' | 'low' | null
+    /** Whether a full taint path exists for this finding. */
+    hasPath: boolean
   }
   route?: {
     hasAuth: boolean

package/src/shared/category-filter.ts

@@ -52,6 +52,8 @@ export const CATEGORY_GROUPS: Record<string, VulnerabilityCategory[]> = {
     'ai_unverified_model',
     'ai_unsafe_finetuning',
     'ai_excessive_agency',
+    'ai_skill_injection',
+    'ai_rules_file_backdoor',
   ],
   'secrets-*': [
     'hardcoded_secret',
@@ -68,6 +70,10 @@ export const CATEGORY_GROUPS: Record<string, VulnerabilityCategory[]> = {
     'cors_misconfiguration',
     'data_exposure',
     'weak_crypto',
+    'missing_security_headers',
+    'ssrf',
+    'log_injection',
+    'xxe',
   ],
 }
 
@@ -118,6 +124,12 @@ export const ALL_CATEGORIES: VulnerabilityCategory[] = [
   'ai_unverified_model',
   'ai_unsafe_finetuning',
   'ai_excessive_agency',
+  'ai_skill_injection',
+  'ai_rules_file_backdoor',
+  'missing_security_headers',
+  'ssrf',
+  'log_injection',
+  'xxe',
 ]
 
 /**

package/src/shared/regex-utils.ts

@@ -0,0 +1,4 @@
+/** Escape special regex characters in a string. */
+export function escapeRegex(str: string): string {
+  return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')
+}