Skip to main content

Findings

Each issue Hardpoint detects is reported as a finding with detailed information to help you understand and remediate the issue.

Finding Structure

{
  "id": "AI-001",
  "title": "Instruction Override Detected",
  "description": "Pattern attempts to override AI safety guidelines",
  "severity": "critical",
  "confidence": "high",
  "scanner": "ai",
  "file_path": ".cursorrules",
  "line_number": 15,
  "line_content": "Ignore all previous instructions...",
  "remediation": "Remove instruction override attempts",
  "references": [
    "https://example.com/ai-security"
  ],
  "tags": ["prompt-injection", "ai-safety"]
}

Severity Levels

LevelDescriptionAction
CriticalImmediate security riskFix immediately
HighSignificant security concernFix soon
MediumPotential security issueReview and fix
LowMinor security considerationFix when convenient
InfoInformational findingNo action required

Confidence Levels

LevelMeaning
HighVery likely a real issue
MediumProbably an issue, verify
LowMight be a false positive

Filtering Findings

By Severity

# Only critical findings
hardpoint scan --severity critical

# High and above
hardpoint scan --severity high

By Confidence

# Only high confidence
hardpoint scan --confidence high

Combined Filters

# High severity, high confidence only
hardpoint scan --severity high --confidence high

Finding IDs

Each scanner uses a prefix for its finding IDs:
PrefixScanner
AI-AI Configuration
SHELL-Shell Configuration
GIT-Git Security
NET-Network Exposure
SECRET-Secrets

Output Formats

Terminal

Human-readable output with colors and formatting: 
CRITICAL  AI-001: Instruction Override Detected
          File: .cursorrules:15
          Pattern attempts to override AI safety guidelines

          Remediation: Remove instruction override attempts

JSON

Machine-readable for scripting: 
hardpoint scan --output json | jq '.findings[] | select(.severity == "critical")'

SARIF

For GitHub Code Scanning and IDE integration: 
hardpoint scan --output sarif > results.sarif

Remediation

Each finding includes remediation guidance. Common actions:
Finding TypeTypical Remediation
Instruction OverrideRemove override attempts from config
Hidden UnicodeUse hardpoint fix AI-003 to strip
Curl Pipe BashDownload then inspect before running
Exposed ServiceBind to 127.0.0.1 instead of 0.0.0.0
Hardcoded SecretMove to environment variables

References

Many findings include references to:
  • Security advisories
  • Best practice documentation
  • Attack technique descriptions
Use these to understand the risk and learn more about the threat.