Initial commit: Compliance Scanner Agent
Autonomous security and compliance scanning agent for git repositories. Features: SAST (Semgrep), SBOM (Syft), CVE monitoring (OSV.dev/NVD), GDPR/OAuth pattern detection, LLM triage, issue creation (GitHub/GitLab/Jira), PR reviews, and Dioxus fullstack dashboard. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Sharang Parnerkar
27
compliance-agent/src/llm/fixes.rs
Normal file
27
compliance-agent/src/llm/fixes.rs
Normal file
@@ -0,0 +1,27 @@
|
||||
use std::sync::Arc;
|
||||
|
||||
use compliance_core::models::Finding;
|
||||
|
||||
use crate::error::AgentError;
|
||||
use crate::llm::LlmClient;
|
||||
|
||||
const FIX_SYSTEM_PROMPT: &str = r#"You are a security engineer. Given a security finding with code context, suggest a concrete code fix. Return ONLY the fixed code snippet that can directly replace the vulnerable code. Include brief inline comments explaining the fix."#;
|
||||
|
||||
pub async fn suggest_fix(
|
||||
llm: &Arc<LlmClient>,
|
||||
finding: &Finding,
|
||||
) -> Result<String, AgentError> {
|
||||
let user_prompt = format!(
|
||||
"Suggest a fix for this vulnerability:\n\
|
||||
Language context from file: {}\n\
|
||||
Rule: {}\n\
|
||||
Description: {}\n\
|
||||
Vulnerable code:\n```\n{}\n```",
|
||||
finding.file_path.as_deref().unwrap_or("unknown"),
|
||||
finding.rule_id.as_deref().unwrap_or("N/A"),
|
||||
finding.description,
|
||||
finding.code_snippet.as_deref().unwrap_or("N/A"),
|
||||
);
|
||||
|
||||
llm.chat(FIX_SYSTEM_PROMPT, &user_prompt, Some(0.2)).await
|
||||
}
|
||||
Reference in New Issue
Block a user