It would be helpful to add a mode that outputs vulnerable file paths in a plain format without any JSON wrappers, line labels, or other descriptor text. This could then be used as piped arguments to simple scripted followup actions, e.g. foo | xargs rm.