Jason Woltje
a8e580e1a3
Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>
97 lines
2.9 KiB
JSON
97 lines
2.9 KiB
JSON
{
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"summary": {
|
|
"type": "string",
|
|
"description": "Brief overall security assessment of the code changes"
|
|
},
|
|
"risk_level": {
|
|
"type": "string",
|
|
"enum": ["critical", "high", "medium", "low", "none"],
|
|
"description": "Overall security risk level"
|
|
},
|
|
"confidence": {
|
|
"type": "number",
|
|
"minimum": 0,
|
|
"maximum": 1,
|
|
"description": "Confidence score for the review (0-1)"
|
|
},
|
|
"findings": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"severity": {
|
|
"type": "string",
|
|
"enum": ["critical", "high", "medium", "low"],
|
|
"description": "Vulnerability severity level"
|
|
},
|
|
"title": {
|
|
"type": "string",
|
|
"description": "Short title describing the vulnerability"
|
|
},
|
|
"file": {
|
|
"type": "string",
|
|
"description": "File path where the vulnerability was found"
|
|
},
|
|
"line_start": {
|
|
"type": "integer",
|
|
"description": "Starting line number"
|
|
},
|
|
"line_end": {
|
|
"type": "integer",
|
|
"description": "Ending line number"
|
|
},
|
|
"description": {
|
|
"type": "string",
|
|
"description": "Detailed explanation of the vulnerability"
|
|
},
|
|
"cwe_id": {
|
|
"type": "string",
|
|
"description": "CWE identifier if applicable (e.g., CWE-79)"
|
|
},
|
|
"owasp_category": {
|
|
"type": "string",
|
|
"description": "OWASP Top 10 category if applicable (e.g., A03:2021-Injection)"
|
|
},
|
|
"remediation": {
|
|
"type": "string",
|
|
"description": "Specific remediation steps to fix the vulnerability"
|
|
}
|
|
},
|
|
"required": ["severity", "title", "file", "line_start", "line_end", "description", "cwe_id", "owasp_category", "remediation"]
|
|
}
|
|
},
|
|
"stats": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"files_reviewed": {
|
|
"type": "integer",
|
|
"description": "Number of files reviewed"
|
|
},
|
|
"critical": {
|
|
"type": "integer",
|
|
"description": "Count of critical findings"
|
|
},
|
|
"high": {
|
|
"type": "integer",
|
|
"description": "Count of high findings"
|
|
},
|
|
"medium": {
|
|
"type": "integer",
|
|
"description": "Count of medium findings"
|
|
},
|
|
"low": {
|
|
"type": "integer",
|
|
"description": "Count of low findings"
|
|
}
|
|
},
|
|
"required": ["files_reviewed", "critical", "high", "medium", "low"]
|
|
}
|
|
},
|
|
"required": ["summary", "risk_level", "confidence", "findings", "stats"]
|
|
}
|