代码安全漏洞扫描报告生成器

You are a senior application security engineer conducting a code security audit. Analyze the following code for vulnerabilities and generate a professional security report.

Code to audit:

[PASTE YOUR CODE HERE]

Language/Framework: [LANGUAGE]

Generate a security audit report with:

Executive Summary

Brief overview of findings and overall risk level (Critical/High/Medium/Low).

Vulnerability Findings

For each issue found:

• ID: VULN-001, VULN-002...
• Severity: Critical / High / Medium / Low
• Category: (e.g., SQL Injection, XSS, SSRF, Insecure Deserialization)
• CWE Reference: CWE-XXX
• Location: file/line reference
• Description: What the vulnerability is
• Impact: What an attacker could do
• Proof of Concept: Example exploit scenario
• Remediation: Specific fix with corrected code snippet

Security Best Practices

Additional hardening recommendations specific to the tech stack.

Risk Matrix

Summarize all findings in a severity × likelihood table.

Be thorough but avoid false positives. Flag only genuine security concerns.