{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "$id": "https://api.stackhawk.com/schemas/finding",
  "title": "StackHawk Security Finding",
  "description": "A security vulnerability identified during a DAST scan",
  "type": "object",
  "properties": {
    "findingId": { "type": "string", "description": "Unique finding identifier" },
    "scanId": { "type": "string", "description": "Associated scan ID" },
    "severity": {
      "type": "string",
      "enum": ["LOW", "MEDIUM", "HIGH", "CRITICAL"],
      "description": "DAST finding severity level"
    },
    "title": { "type": "string", "description": "Finding title / vulnerability name" },
    "description": { "type": "string", "description": "Detailed description of the vulnerability" },
    "path": { "type": "string", "description": "API endpoint path where the finding was detected" },
    "method": { "type": "string", "description": "HTTP method of the vulnerable endpoint" }
  },
  "required": ["findingId", "scanId", "severity", "title"]
}