返回 Skill 列表
extension
分类: 开发与工程无需 API Key

security-report

生成docx格式的安全评估报告,包含发现的问题、风险等级以及修复建议。使用场景:当用户请求安全审计报告、漏洞评估文档、渗透测试报告或合规差距分析文档时。关键词:安全报告、审计发现、漏洞报告、渗透测试报告

person作者: jakexiaohubgithub

Security Report Generator

Quick Start

from docx import Document
from docx.shared import Pt, Inches, RGBColor
from docx.enum.text import WD_ALIGN_PARAGRAPH

doc = Document()
doc.add_heading('Security Assessment Report', 0)

Core Workflow

  1. Create document with standard sections (see structure below)
  2. Apply risk rating colors (Critical=red, High=orange, Medium=yellow, Low=green)
  3. Generate findings table with severity sorting
  4. Add remediation timeline
  5. Save to /mnt/user-data/outputs/

Document Structure

1. Executive Summary (1 page max)
2. Scope & Methodology
3. Risk Summary (table + chart)
4. Detailed Findings (sorted by severity)
   - Finding ID
   - Title
   - Severity + CVSS
   - Description
   - Evidence
   - Remediation
   - References
5. Remediation Roadmap
6. Appendices

Critical Gotchas

  • Table borders: Must set each cell border explicitly, no table-level setting
  • Color codes: Use RGBColor(r,g,b), not hex strings
  • Page breaks: Add before major sections with doc.add_page_break()

Risk Rating Colors

RISK_COLORS = {
    'Critical': RGBColor(192, 0, 0),    # Dark red
    'High': RGBColor(255, 102, 0),      # Orange  
    'Medium': RGBColor(255, 192, 0),    # Yellow
    'Low': RGBColor(0, 176, 80),        # Green
    'Info': RGBColor(91, 155, 213)      # Blue
}

Advanced Features