agentsqripts/lib/security-vulns/projectRecommendationGenerator.js

Comprehensive static code analysis toolkit for identifying technical debt, security vulnerabilities, performance issues, and code quality problems

/**
 * @file Project recommendation generator
 * @description Generates project-level security recommendations
 */

/**
 * Generates project-level security recommendations
 * @param {number} totalVulns - Total vulnerabilities found
 * @param {number} criticalCount - Number of critical vulnerabilities
 * @param {number} highCount - Number of high severity vulnerabilities
 * @returns {Array<Object>} Project recommendations
 */
function generateProjectRecommendations(totalVulns, criticalCount, highCount) {
  const recommendations = [];
  
  if (criticalCount > 0) {
    recommendations.push({
      priority: 'CRITICAL',
      action: 'Address critical security vulnerabilities immediately',
      description: `Found ${criticalCount} critical vulnerabilities that require immediate attention`
    });
  }
  
  if (highCount > 5) {
    recommendations.push({
      priority: 'HIGH',
      action: 'Implement security review process',
      description: 'High number of security issues suggests need for systematic security review'
    });
  }
  
  if (totalVulns > 20) {
    recommendations.push({
      priority: 'MEDIUM',
      action: 'Consider security training for development team',
      description: 'Many security issues found - team training may help prevent future issues'
    });
  }
  
  return recommendations;
}

module.exports = {
  generateProjectRecommendations
};