Expand description
Detection engine layer (L5).
This module provides the core detection functionality:
- Scanner traits for file/directory scanning
- Rule engine for pattern matching
- Content matcher utilities
- Suppression handling
- Malware database scanning
- CVE database scanning
- Content deobfuscation
- Context detection
The detection engine takes parsed content from L4 and produces raw findings for the aggregator (L6).
Re-exports§
pub use scanner::ContentScanner;pub use scanner::Scanner;pub use scanner::ScannerConfig;pub use scanners::CommandScanner;pub use scanners::DependencyScanner;pub use scanners::DirectoryWalker;pub use scanners::DockerScanner;pub use scanners::FrontmatterParser;pub use scanners::HookScanner;pub use scanners::ManifestScanner;pub use scanners::McpScanner;pub use scanners::PluginScanner;pub use scanners::RulesDirScanner;pub use scanners::ScanError;pub use scanners::ScanResult;pub use scanners::SkillFileFilter;pub use scanners::SkillScanner;pub use scanners::SubagentScanner;pub use scanners::WalkConfig;pub use scanners::scan_manifest_directory;pub use crate::context::ContentContext;pub use crate::context::ContextDetector;pub use crate::cve_db::CveDatabase;pub use crate::cve_db::CveDbError;pub use crate::cve_db::CveEntry;pub use crate::deobfuscation::DecodedContent;pub use crate::deobfuscation::Deobfuscator;pub use crate::malware_db::MalwareDatabase;pub use crate::malware_db::MalwareDbError;pub use crate::rules::Confidence;pub use crate::rules::CustomRuleError;pub use crate::rules::CustomRuleLoader;pub use crate::rules::DynamicRule;pub use crate::rules::Finding;pub use crate::rules::RuleEngine;pub use crate::rules::RuleSeverity;pub use crate::rules::Severity;pub use crate::suppression::SuppressionManager;pub use crate::suppression::SuppressionType;pub use crate::suppression::parse_inline_suppression;pub use crate::suppression::parse_next_line_suppression;