Skip to main content

cc_audit/engine/
mod.rs

1//! Detection engine layer (L5).
2//!
3//! This module provides the core detection functionality:
4//! - Scanner traits for file/directory scanning
5//! - Rule engine for pattern matching
6//! - Content matcher utilities
7//! - Suppression handling
8//! - Malware database scanning
9//! - CVE database scanning
10//! - Content deobfuscation
11//! - Context detection
12//!
13//! The detection engine takes parsed content from L4 and produces
14//! raw findings for the aggregator (L6).
15
16pub mod scanner;
17pub mod scanners;
18pub mod traits;
19
20// Re-export scanner traits and config
21pub use scanner::{ContentScanner, Scanner, ScannerConfig};
22
23// Re-export scanner implementations
24pub use scanners::{
25    CommandScanner, DependencyScanner, DirectoryWalker, DockerScanner, FrontmatterParser,
26    HookScanner, ManifestScanner, McpScanner, PluginScanner, RulesDirScanner, ScanError,
27    ScanResult, SkillFileFilter, SkillScanner, SubagentScanner, WalkConfig,
28    scan_manifest_directory,
29};
30
31// Re-export from existing modules (will be moved here in Phase 10)
32pub use crate::context::{ContentContext, ContextDetector};
33pub use crate::cve_db::{CveDatabase, CveDbError, CveEntry};
34pub use crate::deobfuscation::{DecodedContent, Deobfuscator};
35pub use crate::malware_db::{MalwareDatabase, MalwareDbError};
36pub use crate::rules::{
37    Confidence, CustomRuleError, CustomRuleLoader, DynamicRule, Finding, RuleEngine, RuleSeverity,
38    Severity,
39};
40pub use crate::suppression::{
41    SuppressionManager, SuppressionType, parse_inline_suppression, parse_next_line_suppression,
42};