Our tests currently check whether a specific rule is triggered for a given payload. However, we do not check the anomaly score (or action) of the triggered rules. Usually, this isn't a problem, but for new or refactored rules especially, they might include errors. For example, the setvar action for the anomaly score might be missing, or the score might be set for the wrong paranoia level.

Should we test for this? If so, we will need to implement this in go-ftw.