catlog22/Claude-Code-Workflow
1
0
Fork 0
mirror of https://github.com/catlog22/Claude-Code-Workflow.git synced 2026-02-12 02:37:45 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
79da2c8c173fcd8564ded3243a503fb61371fe8d
Claude-Code-Workflow/.claude/workflows/cli-templates/schemas/review-dimension-results-schema.json

52 lines
1.6 KiB
JSON
Raw Blame History

[
{
"dimension": "security",
"review_id": "review-20250125-143022",
"analysis_timestamp": "2025-01-25T14:30:22Z",
"cli_tool_used": "gemini",
"model": "gemini-2.5-pro",
"analysis_duration_ms": 2145000,
"summary": {
"total_findings": 15,
"critical": 2,
"high": 4,
"medium": 6,
"low": 3,
"files_analyzed": 47,
"lines_reviewed": 8932
},
"findings": [
{
"id": "sec-001-a1b2c3d4",
"title": "SQL Injection vulnerability in user query",
"severity": "critical",
"category": "injection",
"description": "Direct string concatenation in SQL query allows injection attacks. User input is not sanitized before query execution.",
"file": "src/database/query-builder.ts",
"line": 145,
"snippet": "const query = `SELECT * FROM users WHERE id = ${userId}`;",
"recommendation": "Use parameterized queries: db.query('SELECT * FROM users WHERE id = ?', [userId])",
"references": [
"OWASP Top 10 - A03:2021 Injection",
"https://owasp.org/www-community/attacks/SQL_Injection"
],
"impact": "Potential data breach, unauthorized access to user records, data manipulation",
"metadata": {
"cwe_id": "CWE-89",
"owasp_category": "A03:2021-Injection"
},
"iteration": 0,
"status": "pending_remediation",
"cross_references": []
}
],
"cross_references": [
{
"finding_id": "sec-001-a1b2c3d4",
"related_dimensions": ["quality", "architecture"],
"reason": "Same file flagged in multiple dimensions"
}
]
}
]
Reference in New Issue View Git Blame Copy Permalink