[SESSION_127] SecurityAgent: Implement Weighted Threat Scoring (Phase 23)

Resolved ๐Ÿ’ฌ 2 comments Opened Nov 20, 2025 by ragdm Closed Nov 29, 2025

Feature: Weighted Threat Scoring Algorithm

Component: SecurityAgent (/agents/security_agent/)
Severity: ๐Ÿ”ด CRITICAL BLOCKER
Session: SESSION 127 (Definition of Done)
Current Status: Returns hardcoded threat level 'low'
Target Phase: Phase 23

Context

SecurityAgent's core functionality is threat detection through weighted signal correlation. Currently, all threat analyses return hardcoded 'low' severity, making the entire threat detection system ineffective.

Requirements

Threat Scoring Signals (5 signals, configurable weights):

  1. Loitering duration (20% weight)
  2. Cross-camera movement (25% weight)
  3. Temporal anomalies (20% weight)
  4. Behavioral patterns (20% weight)
  5. Environmental context (15% weight)

Severity Levels:

  • low: Single signal exceeds threshold
  • medium: Multiple signals triggered
  • high: Persistent pattern
  • critical: Armed zone breach indicators

Impact

Without this feature:

  • Cannot distinguish threat levels
  • Defeats entire threat detection system
  • No meaningful security incidents generated

Effort Estimate

  • Signal computation: 6-8 hours
  • Weighting algorithm: 2-3 hours
  • Testing & calibration: 2-3 hours
  • Total: 8-10 hours

---

Generated by SESSION 127 FASE 2.7

View original on GitHub โ†—

This issue has 2 comments on GitHub. Read the full discussion on GitHub โ†—