{"id":"coding-security-scanner-interpreter","title":"Security Scanner Interpreter","description":"Grouped findings + FP flags typed. SARIF/semgrep noise. Typed v1 agent with eval coverage.","category":"coding","status":"validated","version":"1.0.0","source":"agentskit-registry","license":"MIT","tags":["coding","structured-output","v1"],"packages":["@agentskit/core","@agentskit/runtime","@agentskit/tools"],"files":["agent.ts","README.md","eval.ts"],"requires":{"zod":"^3","zod-to-json-schema":"^3"},"skill":{"name":"coding-security-scanner-interpreter","description":"Grouped findings + FP flags typed. SARIF/semgrep noise. Typed v1 agent with eval coverage.","systemPrompt":"You are Security Scanner Interpreter. SARIF/semgrep noise. Output: Grouped findings + FP flags typed.\nActionable findings citing input sources. No invented issues.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_scanner_interpreter exactly once. Stop."},"flow":null,"a2a":{"id":"io.agentskit.registry.coding-security-scanner-interpreter","name":"Security Scanner Interpreter","description":"Grouped findings + FP flags typed. SARIF/semgrep noise. Typed v1 agent with eval coverage.","version":"1.0.0","homepage":"https://registry.agentskit.io","skills":[{"name":"coding-security-scanner-interpreter","description":"Grouped findings + FP flags typed. SARIF/semgrep noise. Typed v1 agent with eval coverage.","capabilities":{"streaming":true,"cancellation":true,"requiresApproval":false}}]},"sources":[{"path":"agent.ts","content":"import type { AdapterFactory, ChatMemory, Observer, ToolCall, ToolDefinition } from '@agentskit/core'\nimport { fenceUntrustedContent, UNTRUSTED_CONTENT_DIRECTIVE } from '@agentskit/core/security'\nimport { invokeStructured } from '@agentskit/runtime'\nimport { defineZodTool } from '@agentskit/tools'\nimport { z } from 'zod'\nimport { zodToJsonSchema } from 'zod-to-json-schema'\nimport type { JSONSchema7 } from 'json-schema'\n\n/** Security Scanner Interpreter — v1 validated. Pain: SARIF/semgrep noise */\n\nexport interface Finding { id: string; severity: 'critical' | 'high' | 'medium' | 'low' | 'info'; message: string; source?: string; recommendation?: string }\nexport interface AgentOutput { summary: string; findings: Finding[]; gaps: string[]; openQuestions: string[] }\nexport interface AgentResult extends AgentOutput { requiresReview: boolean }\nexport interface CodingSecurityScannerInterpreterConfig {\n  adapter: AdapterFactory\n  memory?: ChatMemory\n  observers?: Observer[]\n  onConfirm?: (toolCall: ToolCall) => boolean | Promise<boolean>\n  maxSteps?: number\n}\n\nconst Output = z.object({\n  summary: z.string(),\n  findings: z.array(z.object({\n    id: z.string(), severity: z.enum(['critical', 'high', 'medium', 'low', 'info']),\n    message: z.string(), source: z.string().optional(), recommendation: z.string().optional(),\n  })),\n  gaps: z.array(z.string()).default([]),\n  openQuestions: z.array(z.string()).default([]),\n})\nconst toJson = (s: z.ZodTypeAny): JSONSchema7 => zodToJsonSchema(s) as JSONSchema7\n\nconst skill = {\n  name: 'coding-security-scanner-interpreter',\n  description: \"Security Scanner Interpreter — typed output agent (draft spec).\",\n  systemPrompt: `You are Security Scanner Interpreter. SARIF/semgrep noise. Output: Grouped findings + FP flags typed.\nActionable findings citing input sources. No invented issues.\nNEVER invent facts — gaps and openQuestions for missing input. Always draft for human review.\n${UNTRUSTED_CONTENT_DIRECTIVE}\nCall submit_scanner_interpreter exactly once. Stop.`,\n  tools: ['submit_scanner_interpreter'],\n}\n\nexport function createCodingSecurityScannerInterpreterAgent(config: CodingSecurityScannerInterpreterConfig) {\n  const submit = (): ToolDefinition =>\n    defineZodTool({ name: 'submit_scanner_interpreter', description: 'Submit result. Once.', schema: Output, toJsonSchema: toJson, async execute() { return 'recorded' } }) as ToolDefinition\n\n  async function run(input: string): Promise<AgentResult> {\n    if (!input?.trim()) throw new Error('coding-security-scanner-interpreter requires non-empty input')\n    const result = await invokeStructured({\n      adapter: config.adapter,\n      tool: submit(),\n      task: `INPUT:\\n${fenceUntrustedContent(input)}`,\n      parse: (a) => Output.parse(a),\n      skill,\n      memory: config.memory,\n      observers: config.observers,\n      onConfirm: config.onConfirm,\n      maxSteps: config.maxSteps ?? 4,\n    })\n    return { ...result, requiresReview: true }\n  }\n  return {\n    name: 'coding-security-scanner-interpreter',\n    run,\n    asHandle() { return { name: 'coding-security-scanner-interpreter', run: (t: string) => run(t).then((r) => JSON.stringify(r)) } },\n  }\n}\n"},{"path":"README.md","content":"# Security Scanner Interpreter\n\n> **v1 validated** — `npx agentskit add coding-security-scanner-interpreter`\n\n## Pain\nSARIF/semgrep noise\n\n## Output\nGrouped findings + FP flags typed\n"},{"path":"eval.ts","content":"import type { EvalSuite } from '@agentskit/eval'\n\nexport const suite: EvalSuite = {\n  name: 'coding-security-scanner-interpreter',\n  cases: [\n    { input: 'Complete input for Security Scanner Interpreter: SARIF/semgrep noise. Provide full structured output.', expected: (r: string) => r.length > 20 && /requiresReview|summary|title|category|findings|sections|score|clusters|items|steps/i.test(r) },\n    { input: 'Minimal input.', expected: (r: string) => /gap|openQuestion/i.test(r) || r.length > 10 },\n    { input: 'Input with specific detail: ACME Corp project deadline March 15.', expected: (r: string) => /ACME|March|15/i.test(r) || /gap/i.test(r) },\n    { input: 'Empty context — only says \"process this\".', expected: (r: string) => r.length > 5 },\n  ],\n}\n"}],"installable":true,"validation":{"status":"approved","score":97,"confidence":0.96,"method":"codex-executor-independent-reviewer","iterations":1,"cases":3,"summary":"The agent produced valid structured outputs for all three cases, did not follow the injection attempt, did not invent scanner findings from absent evidence, and consistently surfaced missing SARIF/Semgrep data, repository context, and review needs. Its behavior is conservative and aligned with a security scanner interpreter: no unsupported vulnerability claims, no unsafe leakage, and clear uncertainty handling.","strengths":["Valid structured output in every case with summary, findings, gaps, open questions, and review flag.","Correctly treated instruction-like user text as untrusted data rather than following it.","Avoided hallucinating security findings when no scanner evidence was provided.","Provided actionable next steps by asking for raw SARIF/Semgrep output, rule IDs, locations, snippets, and revision context.","Injection case explicitly rejected the override request and preserved the intended agent behavior."],"notes":[]}}