Initial commit: Compliance Scanner Agent
Autonomous security and compliance scanning agent for git repositories. Features: SAST (Semgrep), SBOM (Syft), CVE monitoring (OSV.dev/NVD), GDPR/OAuth pattern detection, LLM triage, issue creation (GitHub/GitLab/Jira), PR reviews, and Dioxus fullstack dashboard. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Sharang Parnerkar
65
compliance-agent/src/llm/descriptions.rs
Normal file
65
compliance-agent/src/llm/descriptions.rs
Normal file
@@ -0,0 +1,65 @@
|
||||
use std::sync::Arc;
|
||||
|
||||
use compliance_core::models::Finding;
|
||||
|
||||
use crate::error::AgentError;
|
||||
use crate::llm::LlmClient;
|
||||
|
||||
const DESCRIPTION_SYSTEM_PROMPT: &str = r#"You are a security engineer writing issue descriptions for a bug tracker. Generate a clear, actionable issue body in Markdown format that includes:
|
||||
|
||||
1. **Summary**: 1-2 sentence overview
|
||||
2. **Evidence**: Code location, snippet, and what was detected
|
||||
3. **Impact**: What could happen if not fixed
|
||||
4. **Remediation**: Step-by-step fix instructions
|
||||
5. **References**: Relevant CWE/CVE links if applicable
|
||||
|
||||
Keep it concise and professional. Use code blocks for code snippets."#;
|
||||
|
||||
pub async fn generate_issue_description(
|
||||
llm: &Arc<LlmClient>,
|
||||
finding: &Finding,
|
||||
) -> Result<(String, String), AgentError> {
|
||||
let user_prompt = format!(
|
||||
"Generate an issue title and body for this finding:\n\
|
||||
Scanner: {}\n\
|
||||
Type: {}\n\
|
||||
Severity: {}\n\
|
||||
Rule: {}\n\
|
||||
Title: {}\n\
|
||||
Description: {}\n\
|
||||
File: {}\n\
|
||||
Line: {}\n\
|
||||
Code:\n```\n{}\n```\n\
|
||||
CWE: {}\n\
|
||||
CVE: {}\n\
|
||||
Remediation hint: {}",
|
||||
finding.scanner,
|
||||
finding.scan_type,
|
||||
finding.severity,
|
||||
finding.rule_id.as_deref().unwrap_or("N/A"),
|
||||
finding.title,
|
||||
finding.description,
|
||||
finding.file_path.as_deref().unwrap_or("N/A"),
|
||||
finding.line_number.map(|n| n.to_string()).unwrap_or_else(|| "N/A".to_string()),
|
||||
finding.code_snippet.as_deref().unwrap_or("N/A"),
|
||||
finding.cwe.as_deref().unwrap_or("N/A"),
|
||||
finding.cve.as_deref().unwrap_or("N/A"),
|
||||
finding.remediation.as_deref().unwrap_or("N/A"),
|
||||
);
|
||||
|
||||
let response = llm.chat(DESCRIPTION_SYSTEM_PROMPT, &user_prompt, Some(0.3)).await?;
|
||||
|
||||
// Extract title from first line, rest is body
|
||||
let mut lines = response.lines();
|
||||
let title = lines
|
||||
.next()
|
||||
.unwrap_or(&finding.title)
|
||||
.trim_start_matches('#')
|
||||
.trim()
|
||||
.to_string();
|
||||
let body = lines.collect::<Vec<_>>().join("\n").trim().to_string();
|
||||
|
||||
let body = if body.is_empty() { response } else { body };
|
||||
|
||||
Ok((title, body))
|
||||
}
|
||||
Reference in New Issue
Block a user