agentsqripts
Version:
Comprehensive static code analysis toolkit for identifying technical debt, security vulnerabilities, performance issues, and code quality problems
38 lines (32 loc) • 1.13 kB
JavaScript
/**
* @file Security recommendation generator
* @description Generates security recommendations based on analysis
*/
const { getCategoryRecommendations } = require('./categoryRecommendationProvider');
/**
* Generates security recommendations based on analysis
* @param {Object} analysis - Security analysis results
* @returns {Array<Object>} Array of recommendations
*/
function generateSecurityRecommendations(analysis) {
const recommendations = [];
// Generic recommendations based on risk level
if (analysis.riskLevel === 'CRITICAL') {
recommendations.push({
priority: 'CRITICAL',
action: 'Immediate security review required',
description: 'Critical security vulnerabilities detected that could lead to system compromise'
});
}
// Category-specific recommendations
Object.keys(analysis.categories).forEach(category => {
const vulns = analysis.categories[category];
if (vulns.length > 0) {
recommendations.push(...getCategoryRecommendations(category, vulns));
}
});
return recommendations;
}
module.exports = {
generateSecurityRecommendations
};