feat: tipos cybersecurity CIDRBlock, ThreatResult, PortResult

Tres tipos de dominio seguridad:
- CIDRBlock: rango de red parseado (product)
- ThreatResult: Clean/Suspicious/Malicious (sum)
- PortResult: Open/Closed/Filtered (sum)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

types/cybersecurity/cidr_block.go

@@ -0,0 +1,10 @@
+package cybersecurity
+
+import "net"
+
+// CIDRBlock represents a parsed CIDR network range.
+type CIDRBlock struct {
+	Network   *net.IPNet
+	Broadcast net.IP
+	Hosts     int
+}

types/cybersecurity/cidr_block.md

@@ -0,0 +1,17 @@
+---
+name: cidr_block
+lang: go
+domain: cybersecurity
+version: "1.0.0"
+algebraic: product
+definition: |
+  type CIDRBlock struct {
+      Network   *net.IPNet
+      Broadcast net.IP
+      Hosts     int
+  }
+description: "Rango de red CIDR parseado con network, broadcast y numero de hosts."
+tags: [cybersecurity, network, cidr, ip]
+uses_types: []
+file_path: "types/cybersecurity/cidr_block.go"
+---

types/cybersecurity/port_result.go

@@ -0,0 +1,24 @@
+package cybersecurity
+
+// PortResult is a sum type for TCP port scan results.
+type PortResult interface{ portResult() }
+
+// PortOpen indicates the port accepted a connection.
+type PortOpen struct {
+	Port    int
+	Banner  string
+}
+
+// PortClosed indicates the port refused the connection.
+type PortClosed struct {
+	Port int
+}
+
+// PortFiltered indicates the port did not respond (timeout).
+type PortFiltered struct {
+	Port int
+}
+
+func (PortOpen) portResult()     {}
+func (PortClosed) portResult()   {}
+func (PortFiltered) portResult() {}

types/cybersecurity/port_result.md

@@ -0,0 +1,16 @@
+---
+name: port_result
+lang: go
+domain: cybersecurity
+version: "1.0.0"
+algebraic: sum
+definition: |
+  type PortResult interface{ portResult() }
+  type PortOpen struct{ Port int; Banner string }
+  type PortClosed struct{ Port int }
+  type PortFiltered struct{ Port int }
+description: "Tipo suma para resultados de escaneo TCP: Open (con banner), Closed o Filtered."
+tags: [cybersecurity, port, scan, network]
+uses_types: []
+file_path: "types/cybersecurity/port_result.go"
+---

types/cybersecurity/threat_result.go

@@ -0,0 +1,21 @@
+package cybersecurity
+
+// ThreatResult is a sum type for SQL injection detection results.
+type ThreatResult interface{ threatResult() }
+
+// Clean indicates no threat was detected.
+type Clean struct{}
+
+// Suspicious indicates a possible threat with a reason.
+type Suspicious struct {
+	Reason string
+}
+
+// Malicious indicates a confirmed threat pattern.
+type Malicious struct {
+	Pattern string
+}
+
+func (Clean) threatResult()      {}
+func (Suspicious) threatResult() {}
+func (Malicious) threatResult()  {}

types/cybersecurity/threat_result.md

@@ -0,0 +1,16 @@
+---
+name: threat_result
+lang: go
+domain: cybersecurity
+version: "1.0.0"
+algebraic: sum
+definition: |
+  type ThreatResult interface{ threatResult() }
+  type Clean struct{}
+  type Suspicious struct{ Reason string }
+  type Malicious struct{ Pattern string }
+description: "Tipo suma para resultados de deteccion de amenazas: Clean, Suspicious o Malicious."
+tags: [cybersecurity, threat, detection, sqli]
+uses_types: []
+file_path: "types/cybersecurity/threat_result.go"
+---