{# ─── Helpers ────────────────────────────────────────────────────────────── #} {%- macro risk_class(score) -%} {%- if score >= 70 -%}risk-critical {%- elif score >= 50 -%}risk-high {%- elif score >= 25 -%}risk-medium {%- elif score >= 1 -%}risk-low {%- else -%}risk-info{%- endif -%} {%- endmacro -%} {%- macro risk_label(score) -%} {%- if score >= 70 -%}CRITICAL {%- elif score >= 50 -%}HIGH {%- elif score >= 25 -%}MEDIUM {%- elif score >= 1 -%}LOW {%- else -%}INFO{%- endif -%} {%- endmacro -%} {%- macro sev_class(sev) -%}sev-{{ sev | lower }}{%- endmacro -%} {%- macro pct_class(pct) -%} {%- if pct < 50 -%}pct-alert {%- elif pct < 80 -%}pct-warn {%- endif -%} {%- endmacro -%} {# ─────────────────────────────────────────────────────────────────────────── #} {# 1. COVER PAGE #} {# ─────────────────────────────────────────────────────────────────────────── #}

SecureScan — Automated Security Analysis

Security Assessment
Report

Comprehensive vulnerability & compliance findings

{%- set score = (scan.risk_score or 0) | float -%} ● Risk Score: {{ "%.1f" | format(score) }} — {{ risk_label(score) }}
Target
{{ scan.target_path }}
Scan ID
{{ scan.id }}
Status
{{ scan.status | upper }}
Started
{%- if scan.started_at -%} {{ scan.started_at.strftime("%Y-%m-%d %H:%M UTC") }} {%- else -%}—{%- endif -%}
Completed
{%- if scan.completed_at -%} {{ scan.completed_at.strftime("%Y-%m-%d %H:%M UTC") }} {%- else -%}—{%- endif -%}
Scan Types
{{ scan.scan_types | map(attribute='value') | join(", ") }}
Total Findings
{{ scan.findings_count }}
{# ─────────────────────────────────────────────────────────────────────────── #} {# 2. EXECUTIVE SUMMARY #} {# ─────────────────────────────────────────────────────────────────────────── #}

Section 1

Executive Summary

{%- if scan.summary %}
{{ scan.summary }}
{%- else %}
No AI-generated summary available for this scan.
{%- endif %} {# Stat grid #}
{{ summary.critical }}
Critical
{{ summary.high }}
High
{{ summary.medium }}
Medium
{{ summary.low }}
Low
{{ summary.info }}
Info

{{ summary.total_findings }} total finding{{ "s" if summary.total_findings != 1 else "" }} identified across all scanners.

{# Scanners used #}

Scanners Used

{%- for scanner in summary.scanners_run %} {{ scanner }} {%- else %} No scanners recorded. {%- endfor %}
{# Top 3 critical / high findings #}

Top Findings

{%- if top_findings %}
    {%- for f in top_findings[:3] %}
  1. {{ f.title }}
    {{ f.severity | upper }} {%- if f.file_path %} · {{ f.file_path }}{% if f.line_start %}:{{ f.line_start }}{% endif %}{%- endif %} {%- if f.cwe %} · {{ f.cwe }}{%- endif %}
    2. {%- endfor %}
{%- else %}

No critical or high findings.

{%- endif %}
{# ─────────────────────────────────────────────────────────────────────────── #} {# 3. COMPLIANCE SUMMARY #} {# ─────────────────────────────────────────────────────────────────────────── #}

Section 2

Compliance Summary

{%- if compliance_coverage %} {# Overview table #} {%- for fw in compliance_coverage %} {%- set pct = fw.coverage_percentage | float %} {%- endfor %}
Framework Version Total Controls Violated Clear Coverage
{{ fw.framework }} {{ fw.version or "—" }} {{ fw.total_controls }} {{ fw.controls_violated }} {{ fw.controls_clear }}
{{ "%.1f" | format(pct) }}%
{# Per-framework violated controls detail #} {%- for fw in compliance_coverage %} {%- if fw.violated_details %}

{{ fw.framework }}{% if fw.version %} {{ fw.version }}{% endif %} — Violated Controls

{%- for ctrl in fw.violated_details %} {{ ctrl.id }} {%- endfor %}
{# Detailed names table #} {%- for ctrl in fw.violated_details %} {%- endfor %}
Control ID Control Name
{{ ctrl.id }} {{ ctrl.name }}
{%- endif %} {%- endfor %} {%- else %}
No compliance frameworks were mapped for this scan.
{%- endif %}
{# ─────────────────────────────────────────────────────────────────────────── #} {# 4. FINDINGS BY SEVERITY #} {# ─────────────────────────────────────────────────────────────────────────── #}

Section 3

Findings by Severity

{%- set sev_levels = ["critical", "high", "medium", "low", "info"] %} {%- set ns = namespace(any_findings=false) %} {%- for level in sev_levels %} {%- set level_findings = findings | selectattr("severity", "equalto", level) | list %} {%- if level_findings %} {%- set ns.any_findings = true %}
{{ level | capitalize }} {{ level_findings | length }} finding{{ "s" if level_findings | length != 1 else "" }}
{%- for f in level_findings %}
{{ level }} {{ f.title }}
{%- if f.description %}

{{ f.description }}

{%- endif %}
{%- if f.file_path %} File: {{ f.file_path }}{% if f.line_start %}:{{ f.line_start }}{% endif %} {%- endif %} {%- if f.cwe %} CWE: {{ f.cwe }} {%- endif %} {%- if f.scanner %} Scanner: {{ f.scanner }} {%- endif %}
{%- if f.compliance_tags %}
{%- for tag in f.compliance_tags %} {{ tag }} {%- endfor %}
{%- endif %} {%- if f.remediation %}
Remediation
{{ f.remediation }}
{%- endif %}
{%- endfor %} {%- endif %} {%- endfor %} {%- if not ns.any_findings %}
No findings were recorded for this scan. Great work!
{%- endif %}
{# ─────────────────────────────────────────────────────────────────────────── #} {# 5. SCANNER COVERAGE #} {# ─────────────────────────────────────────────────────────────────────────── #}

Section 4

Scanner Coverage

{# Scan duration #} {%- if scan.started_at and scan.completed_at %} {%- set duration_sec = (scan.completed_at - scan.started_at).total_seconds() | int %} {%- set dur_min = (duration_sec // 60) %} {%- set dur_sec = (duration_sec % 60) %}

Scan duration: {%- if dur_min > 0 %}{{ dur_min }}m {{ dur_sec }}s{%- else %}{{ dur_sec }}s{%- endif %} ({{ scan.started_at.strftime("%H:%M:%S") }} → {{ scan.completed_at.strftime("%H:%M:%S") }} UTC, {{ scan.completed_at.strftime("%Y-%m-%d") }})

{%- elif scan.started_at %}

Scan started at {{ scan.started_at.strftime("%Y-%m-%d %H:%M UTC") }} — completion time not recorded.

{%- endif %} {%- if summary.scanners_run %} {%- for scanner in summary.scanners_run %} {%- set scanner_findings = findings | selectattr("scanner", "equalto", scanner) | list %} {%- set scanner_types = scanner_findings | map(attribute="scan_type") | map(attribute="value") | unique | list %} {%- endfor %}
# Scanner Scan Type(s) Findings
{{ loop.index }} {{ scanner }} {%- if scanner_types %}
{%- for st in scanner_types %} {{ st }} {%- endfor %}
{%- else %} {%- endif %} 		{%- set sc = scanner_findings | length %} {{ sc }}
{%- else %}
No scanner information available.
{%- endif %}
{# ─────────────────────────────────────────────────────────────────────────── #} {# Footer #} {# ─────────────────────────────────────────────────────────────────────────── #}