utksh1 · mythri2405 · Jun 19, 2026
diff --git a/plugins/subdomain_discovery/parser.py b/plugins/subdomain_discovery/parser.py
@@ -1,4 +1,4 @@
-from typing import Dict, Any, List
+from typing import Dict, Any
 
 def parse(output: str) -> Dict[str, Any]:
     """
@@ -13,10 +13,18 @@ def parse(output: str) -> Dict[str, Any]:
             "title": f"Subdomain Discovered: {sub}",
             "category": "Subdomain",
             "severity": "info",
-            "description": f"Discovered subdomain: {sub}",
-            "remediation": "Verify if this subdomain is intended to be public and secure.",
+            "description": (
+                f"Discovered subdomain: {sub}. "
+                "Confidence: high based on passive enumeration output."
+            ),
+            "remediation": (
+                "Verify if this subdomain is intended to be public and secure."
+            ),
             "metadata": {
-                "subdomain": sub
+                "subdomain": sub,
+                "source": "subfinder",
+                "evidence": f"Subdomain discovered from subfinder output: {sub}",
+                "confidence": "high"
             }
         })
 

diff --git a/testing/backend/unit/test_subdomain_finder_plugin.py b/testing/backend/unit/test_subdomain_finder_plugin.py
@@ -92,7 +92,14 @@ def test_subdomain_discovery_parser_fixture_produces_stable_findings(plugin_mana
     assert first["title"] == "Subdomain Discovered: api.secuscan.in"
     assert first["category"] == "Subdomain"
     assert first["severity"] == "info"
-    assert first["metadata"]["subdomain"] == "api.secuscan.in"
+
+    metadata = first["metadata"]
+
+    assert metadata["subdomain"] == "api.secuscan.in"
+    assert metadata["source"] == "subfinder"
+    assert metadata["confidence"] == "high"
+    assert "evidence" in metadata
+    assert "api.secuscan.in" in metadata["evidence"]
 
 
 def test_subdomain_discovery_parser_empty_output_is_deterministic(plugin_manager):