Feature Request: Improved CLI Output for cnspec Scan Results

[scottford-io]

Is your feature request related to a problem? Please describe.

Enhance the CLI output format for cnspec scan results to provide clearer, risk-aligned visibility into findings. The updated output groups results by status and severity, making it easier for users to interpret scan outcomes, especially when leveraging risk thresholds.

Problem Statement:

The current CLI output mixes all findings together with limited context, making it hard to:

• Quickly distinguish critical failures from lower-severity issues.
• Understand how risk scores contribute to pass/fail outcomes.
• Communicate results effectively to stakeholders.

Example of current output with --score-threshold 15:

Checks:
✕ Fail:   20  something high
✓ Pass:  100  Ensure the port is set to 22
✕ Fail:   50  something medium
✕ Fail:   10  something critical

☝ This output lacks clarity on severity levels and does not align cleanly with risk-based evaluation.

Describe the solution you'd like
Introduce structured, severity-based output when using --risk-threshold, organized as follows:

Passing:
✓ Ensure the port is set to 22

Warnings:
⚠ Medium (50):    something medium
⚠ High (80):      something high

Failing:
✕ Critical (90):  something critical

Key Improvements:

• Groups findings into clear sections: Passing, Warnings, Failing.
• Includes severity labels (e.g., Medium, High, Critical) based on risk score ranges.
• Displays numeric risk scores for transparency.
• Uses intuitive symbols to visually distinguish result types.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Benefits:

✅ Dramatically improves readability of results.
✅ Helps users quickly focus on critical issues.
✅ Makes risk thresholds and severity mapping explicit.
✅ Produces output suitable for CI/CD pipelines, reports, or team reviews.