chore(llm-security): v7.4.0 — examples + e2e suite minor

Bumps from v7.3.1 to v7.4.0. Purely additive surface — no scanner
or hook behavior changes, no breaking changes.

Headline content (already merged on main since v7.3.1):

- examples/ utvidelse — seven runnable demonstration walkthroughs
  shipped over three sessions (sesjon 1 pre-existing
  prompt-injection-showcase + lethal-trifecta-walkthrough,
  mcp-rug-pull, supply-chain-attack, poisoned-claude-md,
  bash-evasion-gallery, toxic-agent-demo, pre-compact-poisoning).
  Each is self-contained: README + fixture + run-script +
  expected-findings testable contract. State-isolation pattern
  (PID-suffixed JSONL or env-overrides like
  LLM_SECURITY_MCP_CACHE_FILE) keeps the user's real cache and
  /tmp state untouched.
- tests/e2e/ — three new suites totalling 45 tests:
  attack-chain.test.mjs (17), multi-session.test.mjs (9),
  scan-pipeline.test.mjs (19). Test count 1777 to 1822. These
  exercise the framework as a coordinated system rather than as
  isolated unit-tests.

Version sync (8 files):

- package.json
- .claude-plugin/plugin.json
- CLAUDE.md (header)
- README.md (badge + Recent versions tabellen new row)
- CHANGELOG.md (Unreleased to [7.4.0] - 2026-05-05 with summary)
- scanners/dashboard-aggregator.mjs VERSION constant
- scanners/ide-extension-scanner.mjs VERSION constant
- scanners/posture-scanner.mjs VERSION constant

Stabilization-stance unchanged. v8.0.0 remains the planned
deprecation-cleanup release. v7.x continues as the stable line.

Tests: 1822/1822 grønne lokalt etter bump.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

plugins/llm-security/.claude-plugin/plugin.json

@@ -1,5 +1,5 @@
 {
   "name": "llm-security",
   "description": "Security scanning, auditing, and threat modeling for Claude Code projects. Detects secrets, validates MCP servers, assesses security posture, and generates threat models aligned with OWASP LLM Top 10.",
-  "version": "7.3.1"
+  "version": "7.4.0"
 }

plugins/llm-security/CHANGELOG.md

@@ -6,6 +6,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 
 ## [Unreleased]
 
+## [7.4.0] - 2026-05-05
+
+Examples + e2e suite. Seven runnable demonstration walkthroughs under
+`examples/` and three new test suites under `tests/e2e/` (+45 tests).
+No scanner or hook behavior changes — purely additive surface. Scanner
+`VERSION` constants synced across `dashboard-aggregator.mjs`,
+`posture-scanner.mjs`, `ide-extension-scanner.mjs`.
+
 ### Added
 
 - `tests/e2e/` — three dedicated end-to-end suites that prove the framework

plugins/llm-security/CLAUDE.md

@@ -1,4 +1,4 @@
-# LLM Security Plugin (v7.3.1)
+# LLM Security Plugin (v7.4.0)
 
 Security scanning, auditing, and threat modeling for Claude Code projects. 5 frameworks: OWASP LLM Top 10, Agentic AI Top 10 (ASI), Skills Top 10 (AST), MCP Top 10, AI Agent Traps (DeepMind). 1822+ unit, integration, and end-to-end tests (`tests/e2e/` covers the multi-hook attack chain, multi-session state simulation, and the full scan-orchestrator pipeline); mutation-testing coverage not published.
 

plugins/llm-security/README.md

@@ -6,7 +6,7 @@
 
 *AI-generated: all code produced by Claude Code through dialog-driven development. [Full disclosure →](../../README.md#ai-generated-code-disclosure)*
 
-![Version](https://img.shields.io/badge/version-7.3.1-blue)
+![Version](https://img.shields.io/badge/version-7.4.0-blue)
 ![Platform](https://img.shields.io/badge/platform-Claude_Code_Plugin-purple)
 ![Commands](https://img.shields.io/badge/commands-20-orange)
 ![Agents](https://img.shields.io/badge/agents-6-orange)
@@ -555,6 +555,7 @@ demonstrations — each with `README.md`, fixture, run script, and
 
 | Version | Date | Highlights |
 |---------|------|------------|
+| **7.4.0** | 2026-05-05 | **Examples + e2e suite.** Seven runnable demonstration walkthroughs under `examples/` (`prompt-injection-showcase`, `lethal-trifecta-walkthrough`, `mcp-rug-pull`, `supply-chain-attack`, `poisoned-claude-md`, `bash-evasion-gallery`, `toxic-agent-demo`, `pre-compact-poisoning`) — each with `README.md`, runtime-isolated fixture, single-command run-script, and `expected-findings.md` testable contract. Three new `tests/e2e/` suites (attack-chain 17 tests + multi-session 9 tests + scan-pipeline 19 tests = +45 tests, total 1822) prove the framework works as a coordinated system, not just isolated units. No scanner or hook behavior changes — purely additive surface. Scanner `VERSION` constants synced across `dashboard-aggregator.mjs`, `posture-scanner.mjs`, `ide-extension-scanner.mjs`. |
 | **7.3.1** | 2026-05-01 | **Stabilization patch.** Project repositioned as solo, stabilization-only, with explicit "fork & own" stance for enterprise features. New public docs: `CONTRIBUTING.md` (fork-and-own model), README "Project scope" section (out-of-scope table with commercial alternatives), updated `SECURITY.md` (v7.3.x supported, v7.0–v7.2 best-effort, < v7.0 EOL). Coherence: `package.json` files whitelist + `bugs` URL + repo URL fix; scanner `VERSION` constants synced across `dashboard-aggregator.mjs`, `posture-scanner.mjs`, `ide-extension-scanner.mjs`. Test ceiling raised on flaky pre-compact-scan timing test (500 ms → 1000 ms; design target unchanged). No behavior changes. |
 | **7.3.0** | 2026-05-01 | **Batch C release.** Wave A (T7-T9 bash normalization + rot13 comment-block decoder), Wave B (`.gitattributes` post-clone advisory + npm scope-hop typosquat + GitHub/Forgejo workflow-scanner with 23-field blacklist + re-interpolation tracking + auth-bypass detection), Wave C (MCP cumulative-drift baseline + `/security mcp-baseline-reset`), Wave D (riskScoreV1 `@deprecated`; sandbox-architecture rationale docs; env-var deprecation runway to v8.0.0; CLAUDE.md hooks count + consistency test). 1665+ → 1777 tests. Wave E (additional attack-simulator scenarios) deferred indefinitely |
 | **7.2.0** | 2026-04-29 | **Batch B release.** Critical-review B-tier scanner defects + v7.2.0 evasion-arsenal (PUA-A/B Unicode coverage, NFKC homoglyph fold, escalation-after-input window, markdown link-title + SVG `<desc>`/`<foreignObject>` + HTML comment extractors). Two-stage entropy context classification. v1→v2 risk-formula constants unified across docs. 8 new red-team scenarios (64 → 72). 1522 → 1665 tests |

plugins/llm-security/package.json

@@ -1,6 +1,6 @@
 {
   "name": "llm-security",
-  "version": "7.3.1",
+  "version": "7.4.0",
   "description": "Security scanning, auditing, and threat modeling for Claude Code projects",
   "type": "module",
   "bin": {

plugins/llm-security/scanners/dashboard-aggregator.mjs

@@ -19,7 +19,7 @@ import { scan } from './posture-scanner.mjs';
 // Constants
 // ---------------------------------------------------------------------------
 
-const VERSION = '7.3.1';
+const VERSION = '7.4.0';
 
 /** Cache location */
 const CACHE_DIR = join(homedir(), '.cache', 'llm-security');

plugins/llm-security/scanners/ide-extension-scanner.mjs

@@ -49,7 +49,7 @@ import { scan as scanTaint } from './taint-tracer.mjs';
 import { scan as scanMemoryPoisoning } from './memory-poisoning-scanner.mjs';
 import { scan as scanSupplyChain } from './supply-chain-recheck.mjs';
 
-const VERSION = '7.3.1';
+const VERSION = '7.4.0';
 const SCANNER = 'IDE';
 
 // ---------------------------------------------------------------------------

plugins/llm-security/scanners/posture-scanner.mjs

@@ -20,7 +20,7 @@ import { finding, scannerResult, resetCounter } from './lib/output.mjs';
 // Constants
 // ---------------------------------------------------------------------------
 
-const VERSION = '7.3.1';
+const VERSION = '7.4.0';
 
 /** Minimum lines for a hook script to be considered non-stub */
 const NON_STUB_THRESHOLD = 5;