Problem
In pkg/cli/audit.go, the AuditWorkflowRun function (lines 450–543) contains 8+ analysis sub-steps that silently discard errors when verbose=false. This is the default operating mode, meaning users never see these failures.
// pkg/cli/audit.go:451-453
jobDetails, err := fetchJobDetails(run.DatabaseID, verbose)
if err != nil && verbose {
fmt.Fprintln(os.Stderr, console.FormatWarningMessage(...))
}
// When !verbose: error is silenced; jobDetails is nil; downstream code proceeds with nilThe same if err != nil && verbose pattern appears at lines 451, 457, 463, 469, 475, 481, 498, and more — covering job details, missing tools, missing data, noops, MCP failures, access logs, firewall logs, policy analysis, MCP tool usage, and token usage.
Impact
- Severity: High
- Affected files:
pkg/cli/audit.go (8+ locations)
- Risk: Silent partial failures produce audit reports that look complete but are missing data (job details, firewall analysis, etc.) with no indication to the user. This is especially dangerous in automated/CI usage where
verbose=false is the default.
Recommendation
Decouple diagnostic verbosity from error visibility. Errors should always be surfaced (at minimum via the auditLog logger), while the details can remain behind the verbose flag:
// Before (silences errors in non-verbose mode)
jobDetails, err := fetchJobDetails(run.DatabaseID, verbose)
if err != nil && verbose {
fmt.Fprintln(os.Stderr, console.FormatWarningMessage(...))
}
// After (always logs; stderr output stays verbose-gated)
jobDetails, err := fetchJobDetails(run.DatabaseID, verbose)
if err != nil {
auditLog.Printf("fetchJobDetails failed: %v", err)
if verbose {
fmt.Fprintln(os.Stderr, console.FormatWarningMessage(...))
}
}Alternatively, consider collecting partial-failure warnings and surfacing them as a summary even in non-verbose mode.
Validation
Estimated Effort: Medium
Found by Sergo — Serena Go static analysis, run 2026-05-07
Generated by Sergo - Serena Go Expert · ● 578.5K · ◷
Problem
In
pkg/cli/audit.go, theAuditWorkflowRunfunction (lines 450–543) contains 8+ analysis sub-steps that silently discard errors whenverbose=false. This is the default operating mode, meaning users never see these failures.The same
if err != nil && verbosepattern appears at lines 451, 457, 463, 469, 475, 481, 498, and more — covering job details, missing tools, missing data, noops, MCP failures, access logs, firewall logs, policy analysis, MCP tool usage, and token usage.Impact
pkg/cli/audit.go(8+ locations)verbose=falseis the default.Recommendation
Decouple diagnostic verbosity from error visibility. Errors should always be surfaced (at minimum via the
auditLoglogger), while the details can remain behind the verbose flag:Alternatively, consider collecting partial-failure warnings and surfacing them as a summary even in non-verbose mode.
Validation
auditLogis always enabled or that the log level is appropriateverbose=falseto confirm warnings appear in logsif err != nil && verboseoccurrences (lines 452, 458, 464, 470, 476, 482, 499, and following)Estimated Effort: Medium
Found by Sergo — Serena Go static analysis, run 2026-05-07