Generate consolidated security report

Rank and consolidate SAST vulnerability findings by severity

Executive-facing security report consolidating 10+ vulnerability types into one prioritized list

• · sast/*-results.md (all scan output files)

• · sast/final-report.md (ranked by Critical/High/Medium/Low + confidentiality)

• · SAST scan results (RCE, SQLi, SSRF, XSS, IDOR, XXE, etc.)
• · severity scoring table

At least one sast/*-results.md file exists, all scans completed first

• · Missing scan result files (incomplete run)
• · Inconsistent severity naming across scan types
• · Duplicate findings across scans (manual dedup needed)
• · Missing architectu re.md context

• · Severity ranking table provided (RCE=Critical, SSTI=Critical, SQLi=High-Critical, IDOR=Medium-High)
• · Confidentiality impact as tiebreaker
• · Appendix shows scan coverage
• · Sample report format matches real SAST output