#!/bin/bash
# scan-and-report.sh
# Run scan and capture results
RESULTS=$(rafter run --quiet --format json)
# Check for critical vulnerabilities (or any other severity)
CRITICAL_COUNT=$(RESULTS | jq '.vulnerabilities | map(select(.level=="error")) | length')
if [ $CRITICAL_COUNT -gt 0 ]; then
echo "Found $CRITICAL_COUNT critical vulnerabilities!"
exit 1
else
echo "No critical vulnerabilities found"
fi
