Add risk levels to simple output

pkg/action/testdata/scan_archive

@@ -1,121 +1,121 @@
-# testdata/apko_nested.tar.gz ∴ /apko_0.13.2_linux_arm64/apko
-archives/zip
-combo/dropper/shell
-compression/bzip2
-compression/gzip
-compression/zstd
-crypto/aes
-crypto/ecdsa
-crypto/ed25519
-crypto/tls
-data/embedded/pem/certificate
-data/embedded/pem/test_key
-data/embedded/ssh/signature
-data/embedded/zstd
-encoding/base64
-encoding/json
-encoding/json/decode
-encoding/json/encode
-env/HOME
-env/USER
-evasion/content/length/0
-exec/program
-fs/blkid
-fs/directory/create
-fs/directory/list
-fs/directory/remove
-fs/fifo/create
-fs/file/delete
-fs/file/delete/forcibly
-fs/file/read
-fs/file/stat
-fs/file/write
-fs/link/create
-fs/link/read
-fs/lock/update
-fs/mount
-fs/node/create
-fs/permission/chown
-fs/permission/modify
-fs/swap/off
-fs/swap/on
-fs/symlink/resolve
-fs/tempfile/create
-fs/unmount
-hash/blake2b
-hash/md5
-kernel/cpu/info
-kernel/hostname/get
-kernel/netlink
-kernel/pivot_root
-kernel/platform
-net/dns
-net/dns/reverse
-net/dns/servers
-net/dns/txt
-net/download
-net/fetch
-net/hostname/resolve
-net/http/accept/encoding
-net/http/auth
-net/http/cookies
-net/http/form/upload
-net/http/post
-net/http/request
-net/http2
-net/http_proxy
-net/interface/list
-net/ip
-net/ip/parse
-net/mac/address
-net/sendfile
-net/socket/listen
-net/socket/local/address
-net/socket/peer/address
-net/socket/receive
-net/socket/send
-net/socks5
-net/ssh
-net/stat
-net/udp/receive
-net/udp/send
-net/upload
-net/url
-net/url/encode
-net/url/request
-persist/crontab
-process/chdir
-process/chroot
-process/executable_path
-process/find
-process/groups/set
-process/unshare
-process/username/get
-ref/daemon
-ref/ip_port
-ref/path/bin/su
-ref/path/etc
-ref/path/etc/hosts
-ref/path/etc/resolv.conf
-ref/path/hidden
-ref/path/home
-ref/path/home/config
-ref/path/relative
-ref/path/root
-ref/path/usr/bin
-ref/path/usr/local
-ref/path/usr/sbin
-ref/path/var
-ref/site/url
-ref/words/exclamation
-ref/words/heartbeat
-ref/words/password
-ref/words/plugin
-ref/words/server_address
-secrets/keychain
-secrets/private_key
-secrets/ssh
-security_controls/linux/selinux
-shell/background/sleep
-shell/exec
-time/clock/set
+# testdata/apko_nested.tar.gz ∴ /apko_0.13.2_linux_arm64/apko: medium
+archives/zip: medium
+combo/dropper/shell: medium
+compression/bzip2: low
+compression/gzip: low
+compression/zstd: low
+crypto/aes: low
+crypto/ecdsa: low
+crypto/ed25519: low
+crypto/tls: low
+data/embedded/pem/certificate: low
+data/embedded/pem/test_key: low
+data/embedded/ssh/signature: medium
+data/embedded/zstd: medium
+encoding/base64: low
+encoding/json: low
+encoding/json/decode: low
+encoding/json/encode: low
+env/HOME: low
+env/USER: low
+evasion/content/length/0: medium
+exec/program: medium
+fs/blkid: low
+fs/directory/create: low
+fs/directory/list: low
+fs/directory/remove: low
+fs/fifo/create: low
+fs/file/delete: low
+fs/file/delete/forcibly: low
+fs/file/read: low
+fs/file/stat: low
+fs/file/write: low
+fs/link/create: low
+fs/link/read: low
+fs/lock/update: low
+fs/mount: low
+fs/node/create: low
+fs/permission/chown: medium
+fs/permission/modify: medium
+fs/swap/off: low
+fs/swap/on: low
+fs/symlink/resolve: low
+fs/tempfile/create: low
+fs/unmount: low
+hash/blake2b: low
+hash/md5: low
+kernel/cpu/info: low
+kernel/hostname/get: low
+kernel/netlink: low
+kernel/pivot_root: low
+kernel/platform: low
+net/dns: low
+net/dns/reverse: medium
+net/dns/servers: low
+net/dns/txt: low
+net/download: medium
+net/fetch: medium
+net/hostname/resolve: low
+net/http/accept/encoding: low
+net/http/auth: low
+net/http/cookies: medium
+net/http/form/upload: medium
+net/http/post: medium
+net/http/request: low
+net/http2: low
+net/http_proxy: low
+net/interface/list: medium
+net/ip: low
+net/ip/parse: medium
+net/mac/address: medium
+net/sendfile: low
+net/socket/listen: low
+net/socket/local/address: low
+net/socket/peer/address: low
+net/socket/receive: low
+net/socket/send: low
+net/socks5: medium
+net/ssh: medium
+net/stat: medium
+net/udp/receive: low
+net/udp/send: low
+net/upload: medium
+net/url: low
+net/url/encode: medium
+net/url/request: medium
+persist/crontab: medium
+process/chdir: low
+process/chroot: low
+process/executable_path: low
+process/find: medium
+process/groups/set: low
+process/unshare: low
+process/username/get: medium
+ref/daemon: medium
+ref/ip_port: medium
+ref/path/bin/su: low
+ref/path/etc: low
+ref/path/etc/hosts: medium
+ref/path/etc/resolv.conf: low
+ref/path/hidden: medium
+ref/path/home: medium
+ref/path/home/config: low
+ref/path/relative: medium
+ref/path/root: medium
+ref/path/usr/bin: low
+ref/path/usr/local: medium
+ref/path/usr/sbin: low
+ref/path/var: low
+ref/site/url: low
+ref/words/exclamation: medium
+ref/words/heartbeat: medium
+ref/words/password: low
+ref/words/plugin: low
+ref/words/server_address: medium
+secrets/keychain: medium
+secrets/private_key: low
+secrets/ssh: medium
+security_controls/linux/selinux: medium
+shell/background/sleep: medium
+shell/exec: medium
+time/clock/set: low

pkg/action/testdata/scan_oci

@@ -1,17 +1,17 @@
-# testdata/static.tar.xz ∴ /etc/profile
-fs/file/permission/mask/set
-persist/bash
-persist/shell/init_files
-ref/path/etc
-ref/path/usr
-ref/path/usr/local
-# testdata/static.tar.xz ∴ /var/lib/db/sbom/ca-certificates-bundle-20240705-r0.spdx.json
-net/download
-ref/site/url
-# testdata/static.tar.xz ∴ /var/lib/db/sbom/tzdata-2024b-r0.spdx.json
-net/download
-ref/site/url
-time/tzinfo
-# testdata/static.tar.xz ∴ /var/lib/db/sbom/wolfi-baselayout-20230201-r15.spdx.json
-net/download
-ref/site/url
+# testdata/static.tar.xz ∴ /etc/profile: medium
+fs/file/permission/mask/set: none
+persist/bash: medium
+persist/shell/init_files: low
+ref/path/etc: low
+ref/path/usr: none
+ref/path/usr/local: medium
+# testdata/static.tar.xz ∴ /var/lib/db/sbom/ca-certificates-bundle-20240705-r0.spdx.json: medium
+net/download: medium
+ref/site/url: low
+# testdata/static.tar.xz ∴ /var/lib/db/sbom/tzdata-2024b-r0.spdx.json: medium
+net/download: medium
+ref/site/url: low
+time/tzinfo: low
+# testdata/static.tar.xz ∴ /var/lib/db/sbom/wolfi-baselayout-20230201-r15.spdx.json: medium
+net/download: medium
+ref/site/url: low

pkg/render/simple.go

@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"io"
 	"sort"
+	"strings"
 
 	"github.com/chainguard-dev/malcontent/pkg/malcontent"
 )
@@ -28,7 +29,7 @@ func (r Simple) File(_ context.Context, fr *malcontent.FileReport) error {
 	}
 
 	if len(fr.Behaviors) > 0 {
-		fmt.Fprintf(r.w, "# %s\n", fr.Path)
+		fmt.Fprintf(r.w, "# %s: %s\n", fr.Path, strings.ToLower(fr.RiskLevel))
 	}
 
 	var bs []*malcontent.Behavior
@@ -40,7 +41,7 @@ func (r Simple) File(_ context.Context, fr *malcontent.FileReport) error {
 	})
 
 	for _, b := range bs {
-		fmt.Fprintf(r.w, "%s\n", b.ID)
+		fmt.Fprintf(r.w, "%s: %s\n", b.ID, strings.ToLower(b.RiskLevel))
 	}
 	return nil
 }

test_data/does-nothing/does-nothing.simple

@@ -1,19 +1,19 @@
-# does-nothing/does-nothing
-encoding/base64
-encoding/json
-encoding/json/encode
-exec/program
-fs/directory/remove
-fs/file/delete
-fs/file/read
-fs/permission/chown
-fs/permission/modify
-kernel/cpu/info
-kernel/hostname/get
-kernel/platform
-net/socket/receive
-net/socket/send
-process/multithreaded
-ref/path/etc
-ref/path/home
-ref/words/plugin
+# does-nothing/does-nothing: medium
+encoding/base64: low
+encoding/json: low
+encoding/json/encode: low
+exec/program: medium
+fs/directory/remove: low
+fs/file/delete: low
+fs/file/read: low
+fs/permission/chown: medium
+fs/permission/modify: medium
+kernel/cpu/info: low
+kernel/hostname/get: low
+kernel/platform: low
+net/socket/receive: low
+net/socket/send: low
+process/multithreaded: low
+ref/path/etc: low
+ref/path/home: medium
+ref/words/plugin: low

test_data/javascript/2022.an-instance.99.10.9/index.js.simple

@@ -1,17 +1,17 @@
-# javascript/2022.an-instance.99.10.9/index.js
-combo/recon/nodejs
-encoding/json/encode
-evasion/hex
-fd/write
-fs/directory/list
-kernel/hostname/get
-net/dns
-net/dns/servers
-net/http/form/upload
-net/http/post
-net/interface/list
-net/url/encode
-process/userinfo
-ref/path/home
-ref/path/relative
-ref/path/root
+# javascript/2022.an-instance.99.10.9/index.js: critical
+combo/recon/nodejs: critical
+encoding/json/encode: low
+evasion/hex: medium
+fd/write: low
+fs/directory/list: low
+kernel/hostname/get: low
+net/dns: low
+net/dns/servers: low
+net/http/form/upload: medium
+net/http/post: medium
+net/interface/list: medium
+net/url/encode: medium
+process/userinfo: medium
+ref/path/home: medium
+ref/path/relative: medium
+ref/path/root: medium