Low confidence warning if not a class

lib/brakeman/checks/check_ransack.rb

@@ -18,10 +18,13 @@ def check_ransack_calls
       # If an allow list is defined anywhere in the
       # class or super classes, consider it safe
       class_name = result[:chain].first
+
       next if ransackable_allow_list?(class_name)
 
       if input = has_immediate_user_input?(arg)
-        confidence = if result[:location][:file].relative.include? 'admin'
+        confidence = if tracker.find_class(class_name).nil?
+                       confidence = :low
+                     elsif result[:location][:file].relative.include? 'admin'
                        confidence = :medium
                      else
                        confidence = :high

test/apps/rails7/app/controllers/users_controller.rb

@@ -44,6 +44,9 @@ def search
   def search_books
     # Should not warn - search limited appropriately
     Book.ransack(params[:q])
+
+    # Low confidence because no idea what `some_book` is
+    some_book.things.ransack(params[:q])
   end
 
   class << self

test/tests/rails7.rb

@@ -16,7 +16,7 @@ def expected
       :controller => 0,
       :model => 0,
       :template => 0,
-      :warning => 25
+      :warning => 26
     }
   end
 
@@ -448,4 +448,18 @@ def test_missing_authorization_ransack_2
       confidence: 0,
       relative_path: "app/controllers/users_controller.rb"
   end
+
+  def test_missing_authorization_ransack_low
+    assert_warning check_name: "Ransack",
+      type: :warning,
+      warning_code: 129,
+      fingerprint: "50e236d8fbc9db0f67e0011941b92b08d0ece176ce4b8caea89d372f007a4873",
+      warning_type: "Missing Authorization",
+      line: 49,
+      message: /^Unrestricted\ search\ using\ `ransack`\ libr/,
+      confidence: 2,
+      relative_path: "app/controllers/users_controller.rb",
+      code: s(:call, s(:call, s(:call, nil, :some_book), :things), :ransack, s(:call, s(:params), :[], s(:lit, :q))),
+      user_input: s(:call, s(:params), :[], s(:lit, :q))
+  end
 end