fixup! feat: add git node security --validate-reports

Author: RafaelGSS

components/git/security.js

@@ -61,7 +61,7 @@ const securityOptions = {
   },
   'validate-reports-confirm': {
     default: true,
-    describe: 'Ask before continuing to the next report after each LLM assessment',
+    describe: 'Ask before each LLM prompt or assessment, and before continuing to the next report',
     type: 'boolean'
   },
   'validate-reports-cache': {
@@ -70,8 +70,8 @@ const securityOptions = {
     type: 'boolean'
   },
   llm: {
-    choices: ['codex', 'claude', 'copilot'],
-    describe: 'Ask an LLM CLI to assess each triaged report',
+    choices: ['none', 'codex', 'claude', 'copilot'],
+    describe: 'Print prompts for manual LLM use or ask an LLM CLI to assess each triaged report',
     type: 'string'
   },
   'llm-model': {

docs/git-node.md

@@ -522,6 +522,7 @@ only a local triage aid and still requires human review.
   git node security --validate-reports
   git node security --validate-reports --validate-reports-format=json
   git node security --validate-reports --validate-reports-output=reports.md
+  git node security --validate-reports --llm=none
   git node security --validate-reports --llm=codex --node-repo=/path/to/node
   git node security --validate-reports --llm=codex --llm-model=gpt-5.5
   git node security --validate-reports --llm=codex --no-validate-reports-confirm
@@ -531,9 +532,11 @@ only a local triage aid and still requires human review.
   git node security --validate-reports --llm=copilot --llm-command="copilot -p"
 ```
 
-By default, the command runs a heuristic pass only. The heuristic checks the
-report title, vulnerability information, impact, description, comments, current
-severity, CVSS vector, and weakness metadata for common Node.js security topics.
+By default, the command runs a heuristic pass and prints the generated LLM
+prompt for each report so it can be copied into any LLM tool. This is the same
+behavior as `--llm=none`. The heuristic checks the report title, vulnerability
+information, impact, description, comments, current severity, CVSS vector, and
+weakness metadata for common Node.js security topics.
 It can identify obvious mismatches, such as a CVSS vector whose calculated
 rating does not match the HackerOne rating. Keyword matches are treated only as
 topic hints, not as proof that a report is valid or invalid. This is deliberate:
@@ -543,11 +546,12 @@ heuristic output is deliberately conservative and always leaves threat-model
 validity as `needs-manual-review`.
 
 Use `--llm=<provider>` to ask an LLM CLI to produce a structured assessment for
-each report. Supported providers are `codex`, `claude`, and `copilot`.
+each report. Supported providers are `codex`, `claude`, and `copilot`. Use
+`--llm=none`, or omit `--llm`, to print the prompt without running an LLM CLI.
 
-When LLM mode is enabled, the command asks before assessing each report and shows
-the report title, current severity, CVSS vector, and weakness. After each LLM
-assessment, it prints a readable summary with:
+When an LLM CLI provider is enabled, the command asks before assessing each
+report and shows the report title, current severity, CVSS vector, and weakness.
+After each LLM assessment, it prints a readable summary with:
 
 - the report URL and title
 - the provider and model/cache identity
@@ -560,9 +564,11 @@ assessment, it prints a readable summary with:
 - threat model/documentation references used by the model
 - reasoning
 
-Use `--no-validate-reports-confirm` for batch mode without the per-report
-prompts. Use `--validate-reports-limit=<n>` to test the flow against a smaller
-number of reports.
+In manual prompt mode, the command asks before printing each report prompt and
+then asks whether to continue to the next report. Use
+`--no-validate-reports-confirm` for batch mode without the per-report prompts.
+Use `--validate-reports-limit=<n>` to test the flow against a smaller number of
+reports.
 
 #### LLM prompt and reasoning
 
@@ -627,11 +633,11 @@ assessment.
 | `--validate-reports-format=markdown\|json` | Select the final output format. Defaults to `markdown`. |
 | `--validate-reports-output=<file>` | Write the final output to a file instead of stdout. |
 | `--validate-reports-limit=<n>` | Validate at most `n` triaged reports. Useful for testing the flow. |
-| `--validate-reports-confirm` | Ask before each LLM assessment and before continuing to the next report. Enabled by default. |
+| `--validate-reports-confirm` | Ask before each LLM prompt or assessment, and before continuing to the next report. Enabled by default. |
 | `--no-validate-reports-confirm` | Disable interactive prompts for batch runs. |
 | `--validate-reports-cache` | Reuse cached successful LLM assessments. Enabled by default. |
 | `--no-validate-reports-cache` | Ignore existing LLM cache entries and do not reuse them. |
-| `--llm=codex\|claude\|copilot` | Ask an LLM CLI to assess each report. |
+| `--llm=none\|codex\|claude\|copilot` | Print prompts for manual LLM use or ask an LLM CLI to assess each report. Defaults to `none`. |
 | `--llm-model=<model>` | Override the provider model and cache identity. |
 | `--llm-command=<command>` | Override the command used for LLM assessment. The prompt is sent on stdin. |
 | `--node-repo=<path>` | Path to a Node.js checkout containing `SECURITY.md` and `doc/`. Defaults to the current directory. |

lib/validate_reports.js

@@ -16,6 +16,7 @@ const H1_TRIAGED_REPORTS_URL =
   'https://api.hackerone.com/v1/reports?filter[program][]=nodejs&filter[state][]=triaged';
 const CACHE_FOLDER = '.ncu-cache/security-report-validation';
 const MANUAL_REVIEW_VALIDITY = 'needs-manual-review';
+const MANUAL_LLM_PROVIDER = 'none';
 
 const CVSS_WEIGHTS = {
   AV: { N: 0.85, A: 0.62, L: 0.55, P: 0.2 },
@@ -519,14 +520,19 @@ function reportToMarkdown(result) {
         `  - References: ${
           result.llm.assessment.threat_model_references.join(', ')}`
       ].join('\n')
-    : result.llm?.error
+    : result.llm?.promptPrinted
       ? [
           `  - Provider: ${result.llm.provider}`,
-          `  - Error: ${result.llm.error}`
+          '  - Prompt printed to terminal for manual LLM assessment'
         ].join('\n')
-      : result.llm?.skipped
-        ? `  - Provider: ${result.llm.provider}\n  - Skipped by user`
-        : '  - Not requested';
+      : result.llm?.error
+        ? [
+            `  - Provider: ${result.llm.provider}`,
+            `  - Error: ${result.llm.error}`
+          ].join('\n')
+        : result.llm?.skipped
+          ? `  - Provider: ${result.llm.provider}\n  - Skipped by user`
+          : '  - Not requested';
 
   return [
     `### ${result.id}: ${result.title}`,
@@ -777,6 +783,10 @@ function inferLLMModel(provider, explicitModel) {
 }
 
 function buildProviderCommand(provider, nodeRepo, commandOverride, model) {
+  if (provider === MANUAL_LLM_PROVIDER) {
+    return;
+  }
+
   if (commandOverride) {
     return {
       command: commandOverride,
@@ -845,6 +855,18 @@ function buildProviderCommand(provider, nodeRepo, commandOverride, model) {
   }
 }
 
+function printLLMPrompt(result, prompt, cli) {
+  cli.separator(`H1 ${result.id} LLM Prompt`);
+  cli.log([
+    'Copy this prompt into any LLM tool. The response should be JSON matching ' +
+      'the schema included in the prompt.',
+    '',
+    '----- BEGIN LLM PROMPT -----',
+    prompt.trimEnd(),
+    '----- END LLM PROMPT -----'
+  ].join('\n'));
+}
+
 function cacheDir() {
   return path.join(process.cwd(), CACHE_FOLDER);
 }
@@ -879,11 +901,11 @@ function writeCachedAssessment(key, assessment, metadata = {}) {
   fs.writeFileSync(file, JSON.stringify(cache, null, 2) + '\n');
 }
 
-// This is the actual prompt sent to Codex, Claude, Copilot, or --llm-command.
-// The command receives it on stdin and must return JSON matching
-// LLM_OUTPUT_SCHEMA. Keep this prompt explicit about SECURITY.md and doc/
-// because the model should make a threat-model decision from Node.js sources,
-// not only from reporter-controlled HackerOne text.
+// This is the actual prompt printed for manual LLM use or sent to Codex,
+// Claude, Copilot, or --llm-command. Commands receive it on stdin and must
+// return JSON matching LLM_OUTPUT_SCHEMA. Keep this prompt explicit about
+// SECURITY.md and doc/ because the model should make a threat-model decision
+// from Node.js sources, not only from reporter-controlled HackerOne text.
 function buildLLMPrompt(report, heuristic, nodeRepo, allReports) {
   const payload = getReportPromptPayload(report, heuristic, allReports);
   return `You are assessing a private HackerOne report for Node.js core.
@@ -987,6 +1009,16 @@ async function assessOneReportWithLLM({
   }
 
   const prompt = buildLLMPrompt(report, result, nodeRepo, reports);
+
+  if (provider === MANUAL_LLM_PROVIDER) {
+    printLLMPrompt(result, prompt, cli);
+    result.llm = {
+      provider,
+      promptPrinted: true
+    };
+    return promptAfterManualLLMPrompt(argv, cli);
+  }
+
   const key = cacheKey({
     provider,
     model,
@@ -1056,7 +1088,7 @@ async function assessOneReportWithLLM({
 
 async function assessReportsWithLLM(reports, results, argv, cli) {
   const nodeRepo = path.resolve(argv['node-repo'] ?? process.cwd());
-  const provider = argv.llm;
+  const provider = argv.llm ?? MANUAL_LLM_PROVIDER;
   const explicitModel = argv['llm-model'];
   const modelInfo = inferLLMModel(provider, explicitModel);
   const model = modelInfo.model;
@@ -1086,7 +1118,7 @@ async function assessReportsWithLLM(reports, results, argv, cli) {
       if (!shouldContinue) break;
     }
   } finally {
-    commandConfig.cleanup?.();
+    commandConfig?.cleanup?.();
   }
 }
 
@@ -1105,7 +1137,11 @@ async function promptBeforeLLMAssessment(result, argv, cli, index, total) {
       `${result.weakness.name || ''}`.trim()
   ].join('\n'));
 
-  return cli.prompt(`Assess H1 report ${result.id}: ${result.title}?`, {
+  const action = (argv.llm ?? MANUAL_LLM_PROVIDER) === MANUAL_LLM_PROVIDER
+    ? 'Print LLM prompt for'
+    : 'Assess';
+
+  return cli.prompt(`${action} H1 report ${result.id}: ${result.title}?`, {
     defaultAnswer: true
   });
 }
@@ -1123,6 +1159,16 @@ async function promptAfterLLMAssessment(result, argv, cli) {
   });
 }
 
+async function promptAfterManualLLMPrompt(argv, cli) {
+  if (!argv['validate-reports-confirm']) {
+    return true;
+  }
+
+  return cli.prompt('Continue to the next report?', {
+    defaultAnswer: true
+  });
+}
+
 export default class ValidateReports {
   constructor(cli, argv = {}) {
     this.cli = cli;
@@ -1144,9 +1190,7 @@ export default class ValidateReports {
     this.cli.stopSpinner(`Fetched ${reports.length} triaged HackerOne reports`);
 
     const results = reports.map(assessReport);
-    if (this.argv.llm) {
-      await assessReportsWithLLM(reports, results, this.argv, this.cli);
-    }
+    await assessReportsWithLLM(reports, results, this.argv, this.cli);
 
     const format = this.argv['validate-reports-format'] ?? 'markdown';
     const output = format === 'json'