mirror of
https://github.com/FuzzingLabs/fuzzforge_ai.git
synced 2026-03-21 21:13:25 +00:00
112 lines
2.6 KiB
YAML
112 lines
2.6 KiB
YAML
name: security_assessment
|
|
version: "2.0.0"
|
|
description: "Comprehensive security assessment workflow that scans files, analyzes code for vulnerabilities, and generates SARIF reports"
|
|
author: "FuzzForge Team"
|
|
category: "comprehensive"
|
|
tags:
|
|
- "security"
|
|
- "scanner"
|
|
- "analyzer"
|
|
- "static-analysis"
|
|
- "sarif"
|
|
- "comprehensive"
|
|
|
|
supported_volume_modes:
|
|
- "ro"
|
|
- "rw"
|
|
|
|
default_volume_mode: "ro"
|
|
default_target_path: "/workspace"
|
|
|
|
requirements:
|
|
tools:
|
|
- "file_scanner"
|
|
- "security_analyzer"
|
|
- "sarif_reporter"
|
|
resources:
|
|
memory: "512Mi"
|
|
cpu: "500m"
|
|
timeout: 1800
|
|
|
|
has_docker: true
|
|
|
|
default_parameters:
|
|
target_path: "/workspace"
|
|
volume_mode: "ro"
|
|
scanner_config: {}
|
|
analyzer_config: {}
|
|
reporter_config: {}
|
|
|
|
parameters:
|
|
type: object
|
|
properties:
|
|
target_path:
|
|
type: string
|
|
default: "/workspace"
|
|
description: "Path to analyze"
|
|
volume_mode:
|
|
type: string
|
|
enum: ["ro", "rw"]
|
|
default: "ro"
|
|
description: "Volume mount mode"
|
|
scanner_config:
|
|
type: object
|
|
description: "File scanner configuration"
|
|
properties:
|
|
patterns:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: "File patterns to scan"
|
|
check_sensitive:
|
|
type: boolean
|
|
description: "Check for sensitive files"
|
|
calculate_hashes:
|
|
type: boolean
|
|
description: "Calculate file hashes"
|
|
max_file_size:
|
|
type: integer
|
|
description: "Maximum file size to scan (bytes)"
|
|
analyzer_config:
|
|
type: object
|
|
description: "Security analyzer configuration"
|
|
properties:
|
|
file_extensions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: "File extensions to analyze"
|
|
check_secrets:
|
|
type: boolean
|
|
description: "Check for hardcoded secrets"
|
|
check_sql:
|
|
type: boolean
|
|
description: "Check for SQL injection risks"
|
|
check_dangerous_functions:
|
|
type: boolean
|
|
description: "Check for dangerous function calls"
|
|
reporter_config:
|
|
type: object
|
|
description: "SARIF reporter configuration"
|
|
properties:
|
|
include_code_flows:
|
|
type: boolean
|
|
description: "Include code flow information"
|
|
|
|
output_schema:
|
|
type: object
|
|
properties:
|
|
sarif:
|
|
type: object
|
|
description: "SARIF-formatted security findings"
|
|
summary:
|
|
type: object
|
|
description: "Scan execution summary"
|
|
properties:
|
|
total_findings:
|
|
type: integer
|
|
severity_counts:
|
|
type: object
|
|
tool_counts:
|
|
type: object
|