| # ThreatHunter JSON 資料契約 |
|
|
| > 定義每個 Agent 的輸入輸出 JSON 格式。 |
| > 來源:FINAL_PLAN.md §六 |
| > 版本:v3.5(新增 Intel Fusion evidence gating) |
| |
| |
| --- |
| |
| ## Scout → Analyst |
| |
| ```json |
| { |
| "scan_id": "scan_20260401_001", |
| "timestamp": "2026-04-01T10:00:00Z", |
| "tech_stack": ["django 4.2", "redis 7.0"], |
| "vulnerabilities": [ |
| { |
| "cve_id": "CVE-2024-XXXX", |
| "package": "django", |
| "cvss_score": 7.5, |
| "severity": "HIGH", |
| "description": "...", |
| "is_new": true |
| } |
| ], |
| "summary": { |
| "total": 8, |
| "new_since_last_scan": 2, |
| "critical": 1, |
| "high": 3, |
| "medium": 3, |
| "low": 1 |
| }, |
| "_degraded": false, |
| "_error": null |
| } |
| ``` |
| |
| **欄位說明:** |
|
|
| | 欄位 | 類型 | 必填 | 說明 | |
| |---|---|---|---| |
| | `scan_id` | string | ✅ | 掃描唯一識別符 | |
| | `timestamp` | string | ✅ | ISO 8601 時間戳 | |
| | `tech_stack` | string[] | ✅ | 技術堆疊清單 | |
| | `vulnerabilities` | array | ✅ | 漏洞清單 | |
| | `vulnerabilities[].cve_id` | string | ✅ | CVE 編號 | |
| | `vulnerabilities[].package` | string | ✅ | 套件名稱 | |
| | `vulnerabilities[].cvss_score` | number | ✅ | CVSS 分數(0-10) | |
| | `vulnerabilities[].severity` | string | ✅ | CRITICAL/HIGH/MEDIUM/LOW | |
| | `vulnerabilities[].description` | string | ✅ | 漏洞描述 | |
| | `vulnerabilities[].is_new` | bool | ✅ | 是否為新發現 | |
| | `summary.total` | number | ✅ | 漏洞總數 | |
| | `summary.new_since_last_scan` | number | ✅ | 新增漏洞數 | |
| | `summary.critical` | number | ✅ | CRITICAL 數量 | |
| | `summary.high` | number | ✅ | HIGH 數量 | |
| | `_degraded` | bool | ❌ | 是否為降級輸出 | |
| | `_error` | string/null | ❌ | 錯誤訊息(降級時) | |
|
|
| --- |
|
|
| ## Analyst → Advisor |
|
|
| ```json |
| { |
| "scan_id": "scan_20260401_001", |
| "risk_score": 85, |
| "risk_trend": "+7", |
| "analysis": [ |
| { |
| "cve_id": "CVE-2024-XXXX", |
| "original_cvss": 6.5, |
| "adjusted_risk": "CRITICAL", |
| "in_cisa_kev": true, |
| "exploit_available": true, |
| "chain_risk": { |
| "is_chain": true, |
| "chain_with": ["CVE-2024-YYYY"], |
| "chain_description": "SSRF → Redis → RCE", |
| "confidence": "HIGH" |
| }, |
| "reasoning": "In CISA KEV + public exploit + chains with Redis" |
| } |
| ], |
| "_degraded": false, |
| "_error": null |
| } |
| ``` |
|
|
| **欄位說明:** |
|
|
| | 欄位 | 類型 | 必填 | 說明 | |
| |---|---|---|---| |
| | `scan_id` | string | ✅ | 掃描唯一識別符 | |
| | `risk_score` | number | ✅ | 風險分數(0-100) | |
| | `risk_trend` | string | ✅ | 風險趨勢("+7", "-3", "+0") | |
| | `analysis` | array | ✅ | 分析結果清單 | |
| | `analysis[].cve_id` | string | ✅ | CVE 編號 | |
| | `analysis[].original_cvss` | number | ✅ | 原始 CVSS 分數 | |
| | `analysis[].adjusted_risk` | string | ✅ | 調整後風險等級 | |
| | `analysis[].in_cisa_kev` | bool | ✅ | 是否在 CISA KEV 中 | |
| | `analysis[].exploit_available` | bool | ✅ | 是否有公開 Exploit | |
| | `analysis[].chain_risk` | object | ✅ | 連鎖風險 | |
| | `chain_risk.is_chain` | bool | ✅ | 是否形成連鎖 | |
| | `chain_risk.chain_with` | string[] | ✅ | 連鎖的 CVE 清單 | |
| | `chain_risk.chain_description` | string | ✅ | 連鎖描述 | |
| | `chain_risk.confidence` | string | ✅ | HIGH/MEDIUM/NEEDS_VERIFICATION | |
| | `analysis[].reasoning` | string | ✅ | 推理依據 | |
| |
| --- |
| |
| ## Critic 辯論結果 |
| |
| ```json |
| { |
| "debate_rounds": 2, |
| "challenges": ["Redis 暴露前提未驗證"], |
| "scorecard": { |
| "evidence": 0.85, |
| "chain_completeness": 0.80, |
| "critique_quality": 0.75, |
| "defense_quality": 0.70, |
| "calibration": 0.90 |
| }, |
| "weighted_score": 80.5, |
| "verdict": "MAINTAIN", |
| "reasoning": "Evidence is strong, chain analysis is well-supported.", |
| "generated_at": "2026-04-01T10:05:00Z", |
| "_harness_skipped": false |
| } |
| ``` |
| |
| **欄位說明:** |
|
|
| | 欄位 | 類型 | 必填 | 說明 | |
| |---|---|---|---| |
| | `debate_rounds` | number | ✅ | 辯論輪數 | |
| | `challenges` | string[] | ✅ | 挑戰清單 | |
| | `scorecard` | object | ✅ | 5 維評分卡 | |
| | `scorecard.evidence` | number | ✅ | 證據支持度(0-1) | |
| | `scorecard.chain_completeness` | number | ✅ | 路徑完整性(0-1) | |
| | `scorecard.critique_quality` | number | ✅ | 反駁品質(0-1) | |
| | `scorecard.defense_quality` | number | ✅ | 回應品質(0-1) | |
| | `scorecard.calibration` | number | ✅ | 信心校準(0-1) | |
| | `weighted_score` | number | ✅ | 加權總分(0-100) | |
| | `verdict` | string | ✅ | MAINTAIN/DOWNGRADE/SKIPPED | |
| | `reasoning` | string | ✅ | 裁決理由 | |
| | `generated_at` | string | ✅ | ISO 8601 時間戳 | |
|
|
| **裁決規則:** |
| - weighted_score ≥ 50 → MAINTAIN |
| - weighted_score < 50 → DOWNGRADE |
| - 有 CVE 在 CISA KEV 中 → 禁止 DOWNGRADE |
|
|
| --- |
|
|
| ## Advisor → UI |
|
|
| ```json |
| { |
| "executive_summary": "1 actively exploited chain. Risk increased.", |
| "actions": { |
| "urgent": [ |
| { |
| "cve_id": "CVE-2024-XXXX", |
| "package": "django", |
| "severity": "CRITICAL", |
| "action": "Update Django to latest patched version.", |
| "command": "pip install --upgrade django", |
| "reason": "In CISA KEV with public exploit.", |
| "is_repeated": false |
| } |
| ], |
| "important": [ |
| { |
| "cve_id": "CVE-2024-YYYY", |
| "package": "redis", |
| "severity": "HIGH", |
| "action": "Update Redis and verify network exposure.", |
| "reason": "Part of attack chain." |
| } |
| ], |
| "resolved": [] |
| }, |
| "risk_score": 85, |
| "risk_trend": "+7", |
| "scan_count": 2, |
| "generated_at": "2026-04-01T10:06:00Z" |
| } |
| ``` |
|
|
| **欄位說明:** |
|
|
| | 欄位 | 類型 | 必填 | 說明 | |
| |---|---|---|---| |
| | `executive_summary` | string | ✅ | 一句話摘要 | |
| | `actions` | object | ✅ | 行動清單 | |
| | `actions.urgent` | array | ✅ | 緊急行動 | |
| | `actions.urgent[].cve_id` | string | ✅ | CVE 編號 | |
| | `actions.urgent[].package` | string | ✅ | 套件名稱 | |
| | `actions.urgent[].severity` | string | ✅ | CRITICAL/HIGH | |
| | `actions.urgent[].action` | string | ✅ | 修補說明 | |
| | `actions.urgent[].command` | string | ✅ | 具體指令 | |
| | `actions.urgent[].reason` | string | ✅ | 為何標記為 URGENT | |
| | `actions.urgent[].is_repeated` | bool | ✅ | 是否重複未修補 | |
| | `actions.important` | array | ✅ | 重要行動 | |
| | `actions.resolved` | array | ✅ | 已修補項目 | |
| | `risk_score` | number | ✅ | 風險分數(0-100) | |
| | `risk_trend` | string | ✅ | 風險趨勢 | |
| | `scan_count` | number | ✅ | 掃描次數 | |
| | `generated_at` | string | ✅ | ISO 8601 時間戳 | |
|
|
| --- |
|
|
| ## Pipeline Meta(最終輸出附加欄位) |
|
|
| ```json |
| { |
| "pipeline_meta": { |
| "pipeline_version": "3.0", |
| "tech_stack": "Django 4.2, Redis 7.0", |
| "stages_completed": 4, |
| "stages_detail": { |
| "scout": { |
| "status": "SUCCESS", |
| "vuln_count": 9, |
| "duration_ms": 1200 |
| }, |
| "analyst": { |
| "status": "SUCCESS", |
| "risk_score": 85, |
| "duration_ms": 800 |
| }, |
| "critic": { |
| "status": "SUCCESS", |
| "verdict": "MAINTAIN", |
| "score": 80.5, |
| "duration_ms": 600 |
| }, |
| "advisor": { |
| "status": "SUCCESS", |
| "urgent_count": 2, |
| "duration_ms": 500 |
| } |
| }, |
| "enable_critic": false, |
| "critic_verdict": "SKIPPED", |
| "critic_score": 0, |
| "duration_seconds": 3.1, |
| "degradation": { |
| "level": 1, |
| "label": "⚡ 全速運行", |
| "degraded_components": [], |
| "timestamp": "2026-04-01T10:06:00Z" |
| }, |
| "generated_at": "2026-04-01T10:06:00Z" |
| } |
| } |
| ``` |
|
|
| **欄位說明:** |
|
|
| | 欄位 | 類型 | 必填 | 說明 | |
| |---|---|---|---| |
| | `pipeline_version` | string | ✅ | Pipeline 版本(當前 3.0) | |
| | `tech_stack` | string | ✅ | 使用者輸入的技術堆疊 | |
| | `stages_completed` | number | ✅ | 完成的 Stage 數量 | |
| | `stages_detail` | object | ✅ | 每個 Stage 的詳細資訊 | |
| | `stages_detail.{stage}.status` | string | ✅ | SUCCESS/DEGRADED | |
| | `enable_critic` | bool | ✅ | Critic 是否啟用 | |
| | `critic_verdict` | string | ✅ | MAINTAIN/DOWNGRADE/SKIPPED | |
| | `critic_score` | number | ✅ | Critic 加權分數 | |
| | `duration_seconds` | number | ✅ | 總執行時間(秒) | |
| | `degradation` | object | ✅ | 降級狀態 | |
| | `degradation.level` | number | ✅ | 1-5(1=全速,5=最低生存) | |
| | `degradation.label` | string | ✅ | UI 顯示文字 | |
| | `degradation.degraded_components` | string[] | ✅ | 降級元件清單 | |
|
|
| **降級層級定義:** |
|
|
| | 層級 | 標籤 | 觸發條件 | |
| |---|---|---| |
| | 1 | ⚡ 全速運行 | 所有元件正常 | |
| | 2 | ⚠️ LLM 降級 | vLLM → OpenRouter → OpenAI | |
| | 3 | ⚠️ API 降級 | NVD/OTX → 離線快取 | |
| | 4 | 🔶 Agent 降級 | Analyst/Critic 跳過 | |
| | 5 | 🔶 最低生存模式 | 使用上次掃描結果 | |
|
|
| --- |
|
|
| ## v3.1 新增:L0 淨化報告(input_sanitizer → Pipeline) |
| |
| ```json |
| { |
| "safe": true, |
| "input_type": "source_code", |
| "truncated": false, |
| "input_hash": "a3f8b1c2d4e5f6a7", |
| "blocked_reason": "", |
| "l0_findings": [ |
| { |
| "pattern": "hardcoded_secret", |
| "description": "硬編碼憑證(Credential Exposure 風險)", |
| "line_no": 42, |
| "severity": "WARNING" |
| } |
| ], |
| "l0_warning_count": 1 |
| } |
| ``` |
| |
| **`input_type` 枚舉**:`"package_list"` / `"source_code"` / `"config_file"` / `"sql_review"` / `"blocked"` |
| **`safe=false`** 時 Pipeline 直接返回錯誤,不進入任何 Agent |
| |
| --- |
| |
| ## v3.2 新增:SQL Syntax Review(孤立 `.sql` corpus → Pipeline/UI) |
| |
| ```json |
| { |
| "sql_syntax_review": { |
| "review_status": "completed", |
| "review_type": "sql_syntax_review", |
| "requires_application_context": true, |
| "verified_application_vulnerability": false, |
| "code_scan_excluded": true, |
| "package_scan_allowed": false, |
| "patterns": [ |
| { |
| "syntax_pattern": "union_select", |
| "line_no": 12, |
| "category": "sql_injection_payload", |
| "snippet": "UNION SELECT", |
| "risk_note": "UNION-based SQL injection payload. Requires application input-flow context.", |
| "requires_application_context": true |
| } |
| ], |
| "summary": { |
| "total": 1, |
| "patterns_detected": 1, |
| "syntax_patterns": ["union_select"] |
| } |
| } |
| } |
| ``` |
| |
| **契約限制:** |
|
|
| - `sql_syntax_review` 只表示 SQL corpus 內含危險語法或測試 payload。 |
| - `verified_application_vulnerability` 必須維持 `false`,直到同時有 application source/sink evidence。 |
| - SQL review 不得產生 package CVE/GHSA scan。 |
| - SQL review 不納入一般 source-code CWE recall 分母。 |
|
|
| --- |
|
|
| ## v3.1 新增:Orchestrator 任務計畫(orchestrator → main.py) |
|
|
| ```json |
| { |
| "path": "B", |
| "parallel_layer1": ["security_guard", "intel_fusion"], |
| "agents_to_run": ["security_guard", "intel_fusion", "scout", "analyst", "debate", "advisor"], |
| "shortcuts": [], |
| "feedback_loop_count": 0, |
| "l0_input_type": "source_code" |
| } |
| ``` |
|
|
| **`path` 枚舉**:`"A"` 套件 / `"B"` 完整程式碼 / `"C"` 配置文件 / `"D"` 回饋補充 |
|
|
| --- |
|
|
| ## v3.1 新增:Security Guard 輸出(security_guard → scout) |
| |
| ```json |
| { |
| "extraction_status": "success", |
| "functions": [ |
| {"name": "execute_query", "args": ["sql"], "line_no": 15, "suspicious": true, "reason": "字串拼接"} |
| ], |
| "imports": [{"module": "os", "alias": null, "line_no": 1}], |
| "patterns": [{"type": "sql_concat", "pattern": "f\"SELECT...\"", "line_no": 23, "severity": "HIGH"}], |
| "hardcoded": [{"type": "api_key", "key_name": "AWS_SECRET", "line_no": 8}], |
| "stats": {"total_lines": 150, "functions_found": 12, "patterns_found": 3} |
| } |
| ``` |
| |
| --- |
|
|
| ## v3.1 新增:Intel Fusion 輸出(intel_fusion → scout) |
| |
| ```json |
| { |
| "fusion_results": [ |
| { |
| "cve_id": "CVE-2024-42005", |
| "composite_score": 9.1, |
| "confidence": "HIGH", |
| "dimensions": { |
| "nvd_cvss": 9.8, "epss_score": 0.97, |
| "in_kev": true, "ghsa_hits": 3, |
| "attack_techniques": 2, "otx_pulse_count": 5 |
| }, |
| "weights_used": {"nvd": 0.20, "epss": 0.00, "kev": 0.55, "ghsa": 0.10, "attack": 0.10, "otx": 0.05}, |
| "kev_shortcut": true, |
| "cve_year": 2024 |
| } |
| ], |
| "api_health": {"epss": "ok", "ghsa": "ok", "otx": "degraded"}, |
| "degraded": false |
| } |
| ``` |
| |
| **動態加權規則**: |
| - `in_kev=true` → `epss_weight=0.00`,`kev_weight` 增至 0.55 |
| - `cve_year < 2020` → `epss_weight=0.10` |
| - `otx_fail_rate > 0.5` → `otx_weight=0.01` |
|
|
| --- |
|
|
| ## v3.1 更新:Pipeline Meta 完整欄位 |
|
|
| ```json |
| { |
| "pipeline_meta": { |
| "pipeline_version": "3.1", |
| "tech_stack": "Django 4.2, Redis 7.0", |
| "stages_completed": 7, |
| "stages_detail": { |
| "orchestrator": {"status": "SUCCESS", "scan_path": "B", "l0_input_type": "source_code"}, |
| "security_guard": {"status": "SUCCESS", "functions_found": 12}, |
| "intel_fusion": {"status": "SUCCESS", "cves_scored": 2}, |
| "scout": {"status": "SUCCESS", "vuln_count": 2}, |
| "analyst": {"status": "SUCCESS", "risk_score": 85}, |
| "critic": {"status": "SUCCESS", "verdict": "MAINTAIN"}, |
| "advisor": {"status": "SUCCESS", "urgent_count": 1} |
| }, |
| "enable_critic": true, |
| "critic_verdict": "MAINTAIN", |
| "critic_score": 80.5, |
| "duration_seconds": 45.2, |
| "degradation": {"level": 1, "label": "FULL_SPEED"}, |
| "generated_at": "2026-04-10T00:02:00Z", |
| "l0_report": {"safe": true, "input_type": "source_code", "l0_warning_count": 0} |
| } |
| } |
| ``` |
|
|
| | v3.1 新增欄位 | 說明 | |
| |---|---| |
| | `stages_detail.orchestrator` | Orchestrator 路徑 + L0 類型 | |
| | `stages_detail.security_guard` | Security Guard 提取統計 | |
| | `stages_detail.intel_fusion` | Intel Fusion 計分統計 | |
| | `stages_completed` | 現在包含 orchestrator + 4 主 Stage(≥ 5)| |
| | `l0_report` | L0 淨化報告摘要 | |
|
|
| --- |
|
|
| ## v3.3 更新:DIM11 Benchmark Context 與 Critic Recall Challenge |
|
|
| 此契約只在 `main.py` 偵測到 DIM11 fixture exact match 時啟用;一般使用者掃描不應產生 expected baseline,也不應套用 expected-CWE recall 判罰。 |
|
|
| ```json |
| { |
| "benchmark_context": { |
| "benchmark": "dim11_redteam", |
| "fixture": "c_cpp_multivuln_01.c", |
| "expected_cwe_categories": ["CWE-120", "CWE-134"], |
| "observed_cwe_categories": ["CWE-120", "CWE-134"], |
| "min_category_recall": 0.7, |
| "route_correct": true, |
| "expected_path": "B", |
| "actual_path": "B", |
| "external_pollution_count": 0, |
| "activation": "exact_fixture_match" |
| }, |
| "critic_recall_challenge": { |
| "fixture": "c_cpp_multivuln_01.c", |
| "expected_cwe_categories": ["CWE-120", "CWE-134"], |
| "observed_cwe_categories": ["CWE-120", "CWE-134"], |
| "missing_cwe_categories": [], |
| "category_recall": 1.0, |
| "min_category_recall": 0.7, |
| "route_correct": true, |
| "external_pollution_count": 0, |
| "verdict": "PASS", |
| "failed_reasons": [] |
| } |
| } |
| ``` |
|
|
| | 欄位 | 說明 | |
| |---|---| |
| | `benchmark_context` | Pipeline 在 Analyst → Critic 之間注入的 benchmark baseline,只允許 fixture exact match。 | |
| | `critic_recall_challenge` | Critic deterministic challenge 結果;若 FAIL,Critic 會輸出 `verdict=DOWNGRADE` 與 `needs_rescan=true`。 | |
| | `external_pollution_count` | source code 沒有第三方 package evidence 卻出現外部 CVE/GHSA finding 時的污染計數。 | |
| | `activation` | 啟用條件;目前只允許 `exact_fixture_match`,避免一般掃描被 DIM11 catalog 誤判。 | |
|
|
| --- |
|
|
| ## v3.4 更新:CWE Registry Canonical Fields |
|
|
| `code_patterns_summary[]` 的 CWE mapping 以 `tools/cwe_registry.py` 為後端唯一來源。Security Guard 保留原始 `pattern_type`,Pipeline/Advisor/UI 使用 registry 產生 canonical 欄位,避免 `main.py`、Advisor、UI 各自維護不同 CWE 對照表。 |
|
|
| ```json |
| { |
| "code_patterns_summary": [ |
| { |
| "finding_id": "CODE-001", |
| "type": "code_pattern", |
| "pattern_type": "PROTOTYPE_POLLUTION", |
| "cwe_id": "CWE-1321", |
| "canonical_cwe_id": "CWE-1321", |
| "weakness_family": "prototype_pollution", |
| "evidence_type": "code_scan", |
| "owasp_category": "A03:2021-Injection", |
| "severity": "CRITICAL", |
| "cwe_reference": { |
| "id": "CWE-1321", |
| "name": "Prototype Pollution", |
| "source": "MITRE CWE v4.14", |
| "representative_cves": [] |
| } |
| } |
| ] |
| } |
| ``` |
|
|
| | 欄位 | 說明 | |
| |---|---| |
| | `canonical_cwe_id` | registry 正規化後的 CWE ID;目前與 `cwe_id` 一致,保留給後續 taxonomy migration。 | |
| | `weakness_family` | 給 UI 與 recall 統計使用的穩定弱點家族名稱。 | |
| | `evidence_type` | 目前 code finding 固定為 `code_scan`;不得用它表示 package CVE。 | |
| | `cwe_reference` | 從 `tools.cwe_registry.build_cwe_reference()` 產生,優先引用 MITRE CWE 離線資料庫。 | |
|
|
| --- |
|
|
| ## v3.5 更新:Intel Fusion Evidence Gating |
|
|
| Intel Fusion 的 CVE/GHSA 輸出必須區分「本次掃描直接觀察到的 package advisory」與「用來佐證 CWE 風險的代表性 CVE」。Representative CVE 只能出現在 explanation / CWE support context,不得進入 `vulnerability_detail` 或 Advisor `actions.urgent/actions.important`。 |
|
|
| ```json |
| { |
| "fusion_results": [ |
| { |
| "cve_id": "CVE-2024-42005", |
| "evidence_type": "direct_cve", |
| "not_directly_observed": false, |
| "must_not_enter_package_actions": false, |
| "source_package_evidence": ["django"], |
| "composite_score": 9.1 |
| }, |
| { |
| "cve_id": "CVE-2024-9999", |
| "evidence_type": "representative_cve", |
| "supports_cwe": ["CWE-89"], |
| "not_directly_observed": true, |
| "must_not_enter_package_actions": true, |
| "evidence_note": "Representative CVE for a Security Guard CWE finding; not a directly observed package CVE." |
| } |
| ], |
| "evidence_contract": { |
| "direct_cve_count": 1, |
| "cwe_support_count": 1, |
| "package_target_count": 1, |
| "representative_cve_count": 1 |
| } |
| } |
| ``` |
|
|
| | 欄位 | 說明 | |
| |---|---| |
| | `evidence_type=direct_cve` | Scout/OSV/NVD/GHSA 直接從 package evidence 觀察到,可進 package action list。 | |
| | `evidence_type=package_cve` | Intel Fusion 從 package target 補充的外部 CVE,可進 package vulnerability flow。 | |
| | `evidence_type=representative_cve` | CWE support evidence,只能解釋 CWE 風險,不得當成本專案直接受影響 CVE。 | |
| | `not_directly_observed` | `true` 表示本次掃描沒有直接 package evidence。 | |
| | `must_not_enter_package_actions` | Advisor/Scout/main.py 必須把此類項目擋在 `actions` 與 `vulnerability_detail` 外。 | |
| | `representative_cve_evidence` | final output 中保存 representative CVE 的獨立欄位,供 UI/Thinking Path 顯示佐證。 | |
|
|
