name: "terrascan"
command: "terrascan"
enabled: true
short_description: "基础设施即代码安全扫描工具"
description: |
  Terrascan是一个基础设施即代码安全扫描工具，用于检测IaC配置中的安全问题。

  **主要功能：**
  - IaC安全扫描
  - 多种框架支持
  - 策略检查
  - 合规性验证

  **使用场景：**
  - IaC安全扫描
  - 云配置审计
  - 安全策略检查
  - 合规性检查
parameters:
  - name: "scan_type"
    type: "string"
    description: "扫描类型（all, terraform, k8s等）"
    required: false
    flag: "--scan-type"
    format: "flag"
    default: "all"
  - name: "iac_dir"
    type: "string"
    description: "IaC目录"
    required: false
    flag: "-d"
    format: "flag"
    default: "."
  - name: "policy_type"
    type: "string"
    description: "要使用的策略类型"
    required: false
    flag: "--policy-type"
    format: "flag"
  - name: "output_format"
    type: "string"
    description: "输出格式（json, yaml, xml）"
    required: false
    flag: "--output"
    format: "flag"
    default: "json"
  - name: "severity"
    type: "string"
    description: "严重程度过滤（high, medium, low）"
    required: false
    flag: "--severity"
    format: "flag"
  - name: "additional_args"
    type: "string"
    description: |
      额外的terrascan参数。用于传递未在参数列表中定义的terrascan选项。

      **示例值：**
      - 根据工具特性添加常用参数示例

      **注意事项：**
      - 多个参数用空格分隔
      - 确保参数格式正确，避免命令注入
      - 此参数会直接追加到命令末尾
    required: false
    format: "positional"