False Positive Reduction
The biggest complaint from the community was that almost every result came back N/A. This release fixes that at every layer.
Root Cause
The scanner was logging every hit as a finding without requiring proof of impact. Dalfox alert(1) was logged as XSS. Nuclei version-detection templates were logged as vulnerabilities. IDOR on your own data was logged as IDOR. None of these should have made it past the scanner.
4-Layer Fix
Layer 1 — Scanner Confidence States
Every finding is now tagged before it leaves the scanner:
| State | Meaning |
|---|---|
[CONFIRMED] |
PoC-verified, real impact demonstrated |
[POSSIBLE] |
Strong signal, needs manual verification |
[INFORMATIONAL] |
Version/banner/config data — not a vulnerability |
Examples of what changed:
- Dalfox
alert(1)→[POSSIBLE](not[CONFIRMED]— CSP may block execution) - Nuclei
infotemplate →[INFORMATIONAL](version detection is not an exploit) - SQLi time-delay →
[POSSIBLE](delay ≠ data exfil) - SSRF DNS-only callback →
[POSSIBLE](DNS ping ≠ internal access)
Layer 2 — Validation Gate Hardening
/validate now requires a real curl PoC. Blank answer or typing "skip" = automatic fail. No PoC, no report.
For auth-related findings (IDOR, auth bypass, account takeover, privilege escalation), three identity checks are now enforced:
- Cross-account tested — did session A read session B's data?
- Fresh session tested — reproduced from a clean browser state?
- Anonymous delta — does removing auth change the response?
Blank answers auto-fail. The most common reason "confirmed IDOR" came back N/A was that the hunter only tested their own data.
Layer 3 — Rejection Reason Codes
Every gate failure now returns a specific code so you know exactly why a finding was killed:
| Code | Meaning |
|---|---|
no_reproducible_impact |
No curl PoC provided |
no_concrete_impact |
Impact is theoretical, not demonstrated |
unrealistic_privileges |
Requires admin/physical/MFA precondition attacker can't get |
identity_not_proven |
Cross-account access not verified |
not_reproducible |
Cannot reproduce from scratch |
out_of_scope |
Asset not on program scope page |
duplicate_or_already_disclosed |
Already reported or documented |
Layer 4 — Kill Signal Table (SKILL.md)
Added a 12-row "COMMON N/A CLASSES — KILL SIGNALS" table to skills/triage-validation/SKILL.md. Each row has a specific observable signal that tells you to kill the finding before writing the report:
- Reflected XSS with
Content-Security-Policyheader present → kill - SSRF DNS-only with no HTTP reply + internal content → kill
- IDOR where user ID in response matches your own test account → kill
- SQLi where you got DB error string but no table rows returned → kill
- CORS wildcard with
withCredentialsabsent → kill - Nuclei
infoseverity → kill
Regression Tests
14 new tests in tests/test_false_positives.py covering every known N/A class. If a future change accidentally lets a weak finding through, CI breaks.
Classes tested: SSRF DNS-only · Open redirect without token theft · CORS without credentialed exfil · IDOR own-data-only · Auth bypass with admin precondition
Repository Polish
README redesign — Rewrote from ~590 lines to ~230 lines. Cleaner structure, tighter tables, collapsible vuln lists, star history embed. No walls of text.
Project Structure section — Annotated directory tree added to README. Every folder captioned inline.
Folder READMEs — 11 new README.md files, one per major directory. Each has a purpose statement and file table:
agents/ · commands/ · tools/ · memory/ · rules/ · scripts/ · hooks/ · site/ · wordlists/ · docs/ · mcp/
Stats
- 14 new regression tests — all passing
- 7-Question Gate updated with Q8 identity check
- 26 commands · 9 agents · 10 skills · ~35 tools
- Scanner confidence states on 100% of findings