Initial commit: Compliance Scanner Agent

Autonomous security and compliance scanning agent for git repositories.
Features: SAST (Semgrep), SBOM (Syft), CVE monitoring (OSV.dev/NVD),
GDPR/OAuth pattern detection, LLM triage, issue creation (GitHub/GitLab/Jira),
PR reviews, and Dioxus fullstack dashboard.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

compliance-core/src/models/cve.rs

@@ -0,0 +1,46 @@
+use chrono::{DateTime, Utc};
+use serde::{Deserialize, Serialize};
+
+#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
+#[serde(rename_all = "lowercase")]
+pub enum CveSource {
+    Osv,
+    Nvd,
+    SearXNG,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct CveAlert {
+    #[serde(rename = "_id", skip_serializing_if = "Option::is_none")]
+    pub id: Option<mongodb::bson::oid::ObjectId>,
+    pub cve_id: String,
+    pub repo_id: String,
+    pub affected_package: String,
+    pub affected_version: String,
+    pub source: CveSource,
+    pub severity: Option<String>,
+    pub cvss_score: Option<f64>,
+    pub summary: Option<String>,
+    pub llm_impact_summary: Option<String>,
+    pub references: Vec<String>,
+    pub created_at: DateTime<Utc>,
+}
+
+impl CveAlert {
+    pub fn new(cve_id: String, repo_id: String, affected_package: String, affected_version: String, source: CveSource) -> Self {
+        Self {
+            id: None,
+            cve_id,
+            repo_id,
+            affected_package,
+            affected_version,
+            source,
+            severity: None,
+            cvss_score: None,
+            summary: None,
+            llm_impact_summary: None,
+            references: Vec::new(),
+            created_at: Utc::now(),
+        }
+    }
+}