From 843254df5bd1860c847f4378fe913204fbb5ed9c Mon Sep 17 00:00:00 2001 From: Kjell Tore Guttormsen Date: Sat, 20 Jun 2026 11:58:39 +0200 Subject: [PATCH] =?UTF-8?q?chore(catalog):=20release=20llm-security=20v7.8?= =?UTF-8?q?.0=20=E2=80=94=20bump=20ref=20+=20README,=20refresh=20rollout?= =?UTF-8?q?=20brief?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit llm-security cut v7.8.0 (TRG/SIG/AST deep-scan scanners) and tagged `v7.8.0` (commit 6d3c4b5) in its repo. Sync the marketplace coordinator: - .claude-plugin/marketplace.json: source.ref v7.7.2 → v7.8.0 (installs track the real release; version-consistency gate → OK for llm-security). - README.md: version label v7.7.2 → v7.8.0; scanner count 23 → 26 (+3: TRG/SIG/AST) in both the "Deterministic scanning" bullet and the stat line; tests 1822 → 1863. - docs/state-version-rollout.md: mark llm-security STATE.md row DONE (it is tracked, not gitignored), add the missing playground-design-system row, and refresh the Workstream B run note (8 OK / 2 WARN; llm-security resolved this day). Gate: `node scripts/check-versions.mjs` → 8 OK, 2 WARN (linkedin-studio, ms-ai-architect — pre-existing, operator decision), 0 ERROR. Co-Authored-By: Claude Opus 4.8 (1M context) Claude-Session: https://claude.ai/code/session_01V3s6WnubSSrFjAQTLQdVbG --- .claude-plugin/marketplace.json | 2 +- README.md | 6 +++--- docs/state-version-rollout.md | 7 +++++-- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/.claude-plugin/marketplace.json b/.claude-plugin/marketplace.json index 684c25f..2b8b565 100644 --- a/.claude-plugin/marketplace.json +++ b/.claude-plugin/marketplace.json @@ -15,7 +15,7 @@ "source": { "source": "url", "url": "https://git.fromaitochitta.com/open/llm-security.git", - "ref": "v7.7.2" + "ref": "v7.8.0" }, "description": "Security scanning, auditing, and threat modeling for Claude Code projects. OWASP LLM Top 10 (2025) and Agentic AI Top 10." }, diff --git a/README.md b/README.md index 4519f54..87d183d 100644 --- a/README.md +++ b/README.md @@ -20,18 +20,18 @@ Each plugin keeps its own full README and CHANGELOG; this page is just the catal ## Plugins -### [LLM Security](https://git.fromaitochitta.com/open/llm-security) `v7.7.2` +### [LLM Security](https://git.fromaitochitta.com/open/llm-security) `v7.8.0` Security scanning, auditing, and threat modeling for agentic AI projects. Built on OWASP LLM Top 10 (2025), OWASP Agentic AI Top 10, and Google DeepMind's AI Agent Traps taxonomy. - **Automated enforcement** — 9 hooks block prompt injection, secrets in code, destructive commands, and supply-chain risks in real time -- **Deterministic scanning** — 23 Node.js scanners for entropy, Unicode codepoints, typosquatting, taint flow, git forensics, AI-BOM, and IDE-extension prescan (VS Code + JetBrains) +- **Deterministic scanning** — 26 Node.js scanners for entropy, Unicode codepoints, typosquatting, taint flow, git forensics, AI-BOM, trigger/signature/AST-taint, and IDE-extension prescan (VS Code + JetBrains) - **Advisory analysis** — 20 commands that scan, audit, and model threats with letter-graded reports and remediation - **Enterprise governance** — EU AI Act / NIST AI RMF / ISO 42001 mapping, SARIF 2.1.0 output, policy-as-code, standalone CLI Key commands: `/security posture`, `/security audit`, `/security scan`, `/security ide-scan`, `/security threat-model` -6 agents · 23 scanners · 9 hooks · 1822 tests · [Full documentation →](https://git.fromaitochitta.com/open/llm-security) +6 agents · 26 scanners · 9 hooks · 1863 tests · [Full documentation →](https://git.fromaitochitta.com/open/llm-security) --- diff --git a/docs/state-version-rollout.md b/docs/state-version-rollout.md index e7eaa91..3da9c65 100644 --- a/docs/state-version-rollout.md +++ b/docs/state-version-rollout.md @@ -25,13 +25,14 @@ These two workstreams are independent and can be done in any order. | config-audit | yes | **yes** | no | ✅ DONE | — | | ms-ai-architect | yes | **yes** | no | ✅ DONE | — | | voyage | yes | **yes** | no | ✅ DONE | — | +| llm-security | yes | **yes** | no | ✅ DONE (2026-06-20) | — | | linkedin-studio | yes | no | yes | avgitignore + track | `:62` | | claude-design | yes | no | yes | avgitignore + track | `:3` | -| llm-security | no | no | yes | avgitignore (file made later) | `:19` | | graceful-handoff | no | no | yes | avgitignore (file made later) | `:3` | | ai-psychosis | no | no | yes | avgitignore (file made later) | `:21` | | okr | no | no | yes | avgitignore (file made later) | `:28` | | human-friendly-style | no | no | yes | avgitignore (file made later) | `:3` | +| playground-design-system | no | no | yes | avgitignore (file made later) | `:3` | | catalog | no | no | yes | avgitignore (file made later) | `:5` | \* Line numbers as of 2026-06-20 — they drift. At execution time, resolve the exact source with @@ -61,7 +62,9 @@ These two workstreams are independent and can be done in any order. ## Workstream B — Version-consistency Run from catalog: `node scripts/check-versions.mjs` (add `--strict` to fail on WARN too). -Current run: **8 OK, 2 WARN, 0 ERROR.** +Current run (2026-06-20): **8 OK, 2 WARN, 0 ERROR.** llm-security was resolved this day — +v7.8.0 released + tagged `v7.8.0` (commit `6d3c4b5`), catalog `ref` + README version/stats +bumped 7.7.2 → 7.8.0; gate → OK. The 2 WARN below are unchanged. ### The 2 WARN — require an operator decision