| name | security-report |
| description | Generate security assessment reports in docx format with findings,
risk ratings, and remediation recommendations.
Use when: User asks for security audit report, vulnerability assessment
document, penetration test report, or compliance gap analysis document.
Keywords: security report, audit findings, vulnerability report, pentest report
|
Security Report Generator
Quick Start
from docx import Document
from docx.shared import Pt, Inches, RGBColor
from docx.enum.text import WD_ALIGN_PARAGRAPH
doc = Document()
doc.add_heading('Security Assessment Report', 0)
Core Workflow
- Create document with standard sections (see structure below)
- Apply risk rating colors (Critical=red, High=orange, Medium=yellow, Low=green)
- Generate findings table with severity sorting
- Add remediation timeline
- Save to
/mnt/user-data/outputs/
Document Structure
1. Executive Summary (1 page max)
2. Scope & Methodology
3. Risk Summary (table + chart)
4. Detailed Findings (sorted by severity)
- Finding ID
- Title
- Severity + CVSS
- Description
- Evidence
- Remediation
- References
5. Remediation Roadmap
6. Appendices
Critical Gotchas
- Table borders: Must set each cell border explicitly, no table-level setting
- Color codes: Use RGBColor(r,g,b), not hex strings
- Page breaks: Add before major sections with
doc.add_page_break()
Risk Rating Colors
RISK_COLORS = {
'Critical': RGBColor(192, 0, 0), # Dark red
'High': RGBColor(255, 102, 0), # Orange
'Medium': RGBColor(255, 192, 0), # Yellow
'Low': RGBColor(0, 176, 80), # Green
'Info': RGBColor(91, 155, 213) # Blue
}
Advanced Features