Struct Finding 

pub struct Finding {

    pub id: Uuid,
    pub scanner: String,
    pub target: String,
    pub severity: Severity,
    pub title: String,
    pub detail: String,
    pub kind: FindingKind,
    pub evidence: Vec<Evidence>,
    pub tags: Vec<String>,
    pub timestamp: DateTime<Utc>,
    pub cve_ids: Vec<String>,
    pub references: Vec<String>,
    pub confidence: Option<f64>,
    pub exploit_hint: Option<String>,
    pub matched_values: Vec<String>,
}

A single security finding produced by any Santh tool.

This is the universal output format. Whether the finding comes from Gossan (discovery), Karyx (routing), Calyx (templates), Sear (SAST), jsdet (JS malware), or a binding (sqlmap-rs), it produces a Finding.

Fields

id: Uuid

Unique identifier for this finding instance.

scanner: String

Which tool/scanner produced this finding.

target: String

The target that was scanned (URL, file path, domain, IP, etc.).

severity: Severity

Finding severity.

title: String

Short human-readable title.

detail: String

Detailed description of the finding.

kind: FindingKind

Classification of the finding.

evidence: Vec<Evidence>

Typed evidence proving the finding.

tags: Vec<String>

Free-form tags for categorization and filtering.

timestamp: DateTime<Utc>

When the finding was produced.

cve_ids: Vec<String>

CVE identifiers associated with this finding.

references: Vec<String>

Reference URLs (advisories, documentation, etc.).

confidence: Option<f64>

Statistical confidence score (0.0 to 1.0).

exploit_hint: Option<String>

Ready-to-run command demonstrating exploitability.

matched_values: Vec<String>

Specific values that triggered the finding (matched strings, payloads, etc.).

Implementations

impl Finding

pub fn builder( scanner: impl Into<String>, target: impl Into<String>, severity: Severity, ) -> FindingBuilder

Start building a finding with the three required fields.

Examples found in repository

examples/basic.rs (line 4)

fn main() {
    let finding = Finding::builder("basic-scanner", "https://example.com", Severity::High)
        .title("Potential command injection")
        .detail("Untrusted input reaches shell execution")
        .tag("rce")
        .evidence(secfinding::Evidence::http_status(500))
        .build();

    println!("{finding}");

    let json = serde_json::to_string_pretty(&finding).unwrap();
    println!("{json}");
}

pub fn new( scanner: impl Into<String>, target: impl Into<String>, severity: Severity, title: impl Into<String>, detail: impl Into<String>, ) -> Self

Quick constructor for simple findings without the builder.

Trait Implementations

impl Clone for Finding

fn clone(&self) -> Finding

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Finding

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for Finding

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Display for Finding

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl From<Finding> for Value

fn from(finding: Finding) -> Self

Converts to this type from the input type.

impl Reportable for Finding

Blanket: secfinding’s own Finding implements Reportable.

fn scanner(&self) -> &str

Which tool produced this finding.

fn target(&self) -> &str

What was scanned (URL, file path, package name, etc.).

fn severity(&self) -> Severity

How severe is this finding.

fn title(&self) -> &str

Short human-readable title.

fn detail(&self) -> &str

Detailed description.

fn cwe_ids(&self) -> Vec<String>

CWE identifiers (e.g. ["CWE-89"]).

fn cve_ids(&self) -> Vec<String>

CVE identifiers.

fn tags(&self) -> Vec<String>

Free-form tags.

fn confidence(&self) -> Option<f64>

Confidence score 0.0-1.0 (None = not applicable).

fn exploit_hint(&self) -> Option<&str>

Exploit hint / PoC command.

fn rule_id(&self) -> String

SARIF rule ID (defaults to “scanner/title-slug”).

fn sarif_level(&self) -> &str

SARIF severity level string.

impl Serialize for Finding

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.