style: apply Biome formatting to backported files
CI / Type-check & lint (pull_request) Successful in 17s
CI / Build & push worker image (pull_request) Has been skipped
CI / Build & push API image (pull_request) Has been skipped

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
2026-05-20 00:46:33 +00:00
committed by Hugh Commit [agent]
parent 8944f7b5c0
commit dcfcecfea7
3 changed files with 82 additions and 65 deletions
+41 -12
View File
@@ -17,8 +17,7 @@ import type { AgentName } from '../types/agents.js';
// === Common Fields === // === Common Fields ===
const ANALYSIS_NOTES_DESCRIPTION = const ANALYSIS_NOTES_DESCRIPTION = 'Plain context for defenders (caveats, scope, what is at risk). Not attack steps.';
'Plain context for defenders (caveats, scope, what is at risk). Not attack steps.';
function notesField(exploit: boolean) { function notesField(exploit: boolean) {
const f = z.string().optional(); const f = z.string().optional();
@@ -114,7 +113,10 @@ function toOutputFormat(zodSchema: z.ZodType): JsonSchemaOutputFormat {
function buildOutputFormats(exploit: boolean): Partial<Record<AgentName, JsonSchemaOutputFormat>> { function buildOutputFormats(exploit: boolean): Partial<Record<AgentName, JsonSchemaOutputFormat>> {
const base = makeBase(exploit); const base = makeBase(exploit);
return { return {
'injection-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({ 'injection-vuln': toOutputFormat(
z.object({
vulnerabilities: z.array(
base.extend({
source: z.string().optional(), source: z.string().optional(),
combined_sources: z.string().optional(), combined_sources: z.string().optional(),
path: z.string().optional(), path: z.string().optional(),
@@ -125,8 +127,14 @@ function buildOutputFormats(exploit: boolean): Partial<Record<AgentName, JsonSch
verdict: z.string().optional(), verdict: z.string().optional(),
mismatch_reason: z.string().optional(), mismatch_reason: z.string().optional(),
witness_payload: z.string().optional(), witness_payload: z.string().optional(),
})) })), }),
'xss-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({ ),
}),
),
'xss-vuln': toOutputFormat(
z.object({
vulnerabilities: z.array(
base.extend({
source: z.string().optional(), source: z.string().optional(),
source_detail: z.string().optional(), source_detail: z.string().optional(),
path: z.string().optional(), path: z.string().optional(),
@@ -136,23 +144,41 @@ function buildOutputFormats(exploit: boolean): Partial<Record<AgentName, JsonSch
verdict: z.string().optional(), verdict: z.string().optional(),
mismatch_reason: z.string().optional(), mismatch_reason: z.string().optional(),
witness_payload: z.string().optional(), witness_payload: z.string().optional(),
})) })), }),
'auth-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({ ),
}),
),
'auth-vuln': toOutputFormat(
z.object({
vulnerabilities: z.array(
base.extend({
source_endpoint: z.string().optional(), source_endpoint: z.string().optional(),
vulnerable_code_location: z.string().optional(), vulnerable_code_location: z.string().optional(),
missing_defense: z.string().optional(), missing_defense: z.string().optional(),
exploitation_hypothesis: z.string().optional(), exploitation_hypothesis: z.string().optional(),
suggested_exploit_technique: z.string().optional(), suggested_exploit_technique: z.string().optional(),
})) })), }),
'ssrf-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({ ),
}),
),
'ssrf-vuln': toOutputFormat(
z.object({
vulnerabilities: z.array(
base.extend({
source_endpoint: z.string().optional(), source_endpoint: z.string().optional(),
vulnerable_parameter: z.string().optional(), vulnerable_parameter: z.string().optional(),
vulnerable_code_location: z.string().optional(), vulnerable_code_location: z.string().optional(),
missing_defense: z.string().optional(), missing_defense: z.string().optional(),
exploitation_hypothesis: z.string().optional(), exploitation_hypothesis: z.string().optional(),
suggested_exploit_technique: z.string().optional(), suggested_exploit_technique: z.string().optional(),
})) })), }),
'authz-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({ ),
}),
),
'authz-vuln': toOutputFormat(
z.object({
vulnerabilities: z.array(
base.extend({
endpoint: z.string().optional(), endpoint: z.string().optional(),
vulnerable_code_location: z.string().optional(), vulnerable_code_location: z.string().optional(),
role_context: z.string().optional(), role_context: z.string().optional(),
@@ -160,7 +186,10 @@ function buildOutputFormats(exploit: boolean): Partial<Record<AgentName, JsonSch
side_effect: z.string().optional(), side_effect: z.string().optional(),
reason: z.string().optional(), reason: z.string().optional(),
minimal_witness: z.string().optional(), minimal_witness: z.string().optional(),
})) })), }),
),
}),
),
}; };
} }
+3 -15
View File
@@ -17,13 +17,7 @@
*/ */
import { fs, path } from 'zx'; import { fs, path } from 'zx';
import type { import type { AuthFinding, AuthzFinding, InjectionFinding, SsrfFinding, XssFinding } from '../ai/queue-schemas.js';
AuthFinding,
AuthzFinding,
InjectionFinding,
SsrfFinding,
XssFinding,
} from '../ai/queue-schemas.js';
import { deliverablesDir } from '../paths.js'; import { deliverablesDir } from '../paths.js';
import type { ActivityLogger } from '../types/activity-logger.js'; import type { ActivityLogger } from '../types/activity-logger.js';
import type { VulnClass } from '../types/config.js'; import type { VulnClass } from '../types/config.js';
@@ -125,10 +119,7 @@ function renderInjectionEntry(e: InjectionFinding): string {
return buildEntry( return buildEntry(
e.ID, e.ID,
e.vulnerability_type, e.vulnerability_type,
[ [summaryRow('Vulnerable location', location), summaryRow('Overview', e.mismatch_reason)],
summaryRow('Vulnerable location', location),
summaryRow('Overview', e.mismatch_reason),
],
e.notes, e.notes,
); );
} }
@@ -138,10 +129,7 @@ function renderXssEntry(e: XssFinding): string {
return buildEntry( return buildEntry(
e.ID, e.ID,
e.vulnerability_type, e.vulnerability_type,
[ [summaryRow('Vulnerable location', location), summaryRow('Overview', e.mismatch_reason)],
summaryRow('Vulnerable location', location),
summaryRow('Overview', e.mismatch_reason),
],
e.notes, e.notes,
); );
} }
+1 -1
View File
@@ -28,10 +28,10 @@ import { DEFAULT_DELIVERABLES_SUBDIR, deliverablesDir } from '../paths.js';
import { getContainer, getOrCreateContainer, removeContainer } from '../services/container.js'; import { getContainer, getOrCreateContainer, removeContainer } from '../services/container.js';
import { classifyErrorForTemporal, PentestError } from '../services/error-handling.js'; import { classifyErrorForTemporal, PentestError } from '../services/error-handling.js';
import { ExploitationCheckerService } from '../services/exploitation-checker.js'; import { ExploitationCheckerService } from '../services/exploitation-checker.js';
import { renderFindingsFromQueues } from '../services/findings-renderer.js';
import { executeGitCommandWithRetry } from '../services/git-manager.js'; import { executeGitCommandWithRetry } from '../services/git-manager.js';
import { runPreflightChecks } from '../services/preflight.js'; import { runPreflightChecks } from '../services/preflight.js';
import type { ExploitationDecision, VulnType } from '../services/queue-validation.js'; import type { ExploitationDecision, VulnType } from '../services/queue-validation.js';
import { renderFindingsFromQueues } from '../services/findings-renderer.js';
import { assembleFinalReport, injectModelIntoReport } from '../services/reporting.js'; import { assembleFinalReport, injectModelIntoReport } from '../services/reporting.js';
import { AGENTS } from '../session-manager.js'; import { AGENTS } from '../session-manager.js';
import type { AgentName } from '../types/agents.js'; import type { AgentName } from '../types/agents.js';