diff --git a/plugins/llm-security/.claude-plugin/plugin.json b/plugins/llm-security/.claude-plugin/plugin.json
index ba875b9..2279dcc 100644
--- a/plugins/llm-security/.claude-plugin/plugin.json
+++ b/plugins/llm-security/.claude-plugin/plugin.json
@@ -1,5 +1,5 @@
 {
   "name": "llm-security",
   "description": "Security scanning, auditing, and threat modeling for Claude Code projects. Detects secrets, validates MCP servers, assesses security posture, and generates threat models aligned with OWASP LLM Top 10.",
-  "version": "7.3.1"
+  "version": "7.4.0"
 }
diff --git a/plugins/llm-security/CHANGELOG.md b/plugins/llm-security/CHANGELOG.md
index 59419ca..a27e3d3 100644
--- a/plugins/llm-security/CHANGELOG.md
+++ b/plugins/llm-security/CHANGELOG.md
@@ -6,6 +6,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 
 ## [Unreleased]
 
+## [7.4.0] - 2026-05-05
+
+Examples + e2e suite. Seven runnable demonstration walkthroughs under
+`examples/` and three new test suites under `tests/e2e/` (+45 tests).
+No scanner or hook behavior changes — purely additive surface. Scanner
+`VERSION` constants synced across `dashboard-aggregator.mjs`,
+`posture-scanner.mjs`, `ide-extension-scanner.mjs`.
+
 ### Added
 
 - `tests/e2e/` — three dedicated end-to-end suites that prove the framework
diff --git a/plugins/llm-security/CLAUDE.md b/plugins/llm-security/CLAUDE.md
index 77763e4..bd5140d 100644
--- a/plugins/llm-security/CLAUDE.md
+++ b/plugins/llm-security/CLAUDE.md
@@ -1,4 +1,4 @@
-# LLM Security Plugin (v7.3.1)
+# LLM Security Plugin (v7.4.0)
 
 Security scanning, auditing, and threat modeling for Claude Code projects. 5 frameworks: OWASP LLM Top 10, Agentic AI Top 10 (ASI), Skills Top 10 (AST), MCP Top 10, AI Agent Traps (DeepMind). 1822+ unit, integration, and end-to-end tests (`tests/e2e/` covers the multi-hook attack chain, multi-session state simulation, and the full scan-orchestrator pipeline); mutation-testing coverage not published.
 
diff --git a/plugins/llm-security/README.md b/plugins/llm-security/README.md
index 23d81b7..57728ee 100644
--- a/plugins/llm-security/README.md
+++ b/plugins/llm-security/README.md
@@ -6,7 +6,7 @@
 
 *AI-generated: all code produced by Claude Code through dialog-driven development. [Full disclosure →](../../README.md#ai-generated-code-disclosure)*
 
-![Version](https://img.shields.io/badge/version-7.3.1-blue)
+![Version](https://img.shields.io/badge/version-7.4.0-blue)
 ![Platform](https://img.shields.io/badge/platform-Claude_Code_Plugin-purple)
 ![Commands](https://img.shields.io/badge/commands-20-orange)
 ![Agents](https://img.shields.io/badge/agents-6-orange)
@@ -555,6 +555,7 @@ demonstrations — each with `README.md`, fixture, run script, and
 
 | Version | Date | Highlights |
 |---------|------|------------|
+| **7.4.0** | 2026-05-05 | **Examples + e2e suite.** Seven runnable demonstration walkthroughs under `examples/` (`prompt-injection-showcase`, `lethal-trifecta-walkthrough`, `mcp-rug-pull`, `supply-chain-attack`, `poisoned-claude-md`, `bash-evasion-gallery`, `toxic-agent-demo`, `pre-compact-poisoning`) — each with `README.md`, runtime-isolated fixture, single-command run-script, and `expected-findings.md` testable contract. Three new `tests/e2e/` suites (attack-chain 17 tests + multi-session 9 tests + scan-pipeline 19 tests = +45 tests, total 1822) prove the framework works as a coordinated system, not just isolated units. No scanner or hook behavior changes — purely additive surface. Scanner `VERSION` constants synced across `dashboard-aggregator.mjs`, `posture-scanner.mjs`, `ide-extension-scanner.mjs`. |
 | **7.3.1** | 2026-05-01 | **Stabilization patch.** Project repositioned as solo, stabilization-only, with explicit "fork & own" stance for enterprise features. New public docs: `CONTRIBUTING.md` (fork-and-own model), README "Project scope" section (out-of-scope table with commercial alternatives), updated `SECURITY.md` (v7.3.x supported, v7.0–v7.2 best-effort, < v7.0 EOL). Coherence: `package.json` files whitelist + `bugs` URL + repo URL fix; scanner `VERSION` constants synced across `dashboard-aggregator.mjs`, `posture-scanner.mjs`, `ide-extension-scanner.mjs`. Test ceiling raised on flaky pre-compact-scan timing test (500 ms → 1000 ms; design target unchanged). No behavior changes. |
 | **7.3.0** | 2026-05-01 | **Batch C release.** Wave A (T7-T9 bash normalization + rot13 comment-block decoder), Wave B (`.gitattributes` post-clone advisory + npm scope-hop typosquat + GitHub/Forgejo workflow-scanner with 23-field blacklist + re-interpolation tracking + auth-bypass detection), Wave C (MCP cumulative-drift baseline + `/security mcp-baseline-reset`), Wave D (riskScoreV1 `@deprecated`; sandbox-architecture rationale docs; env-var deprecation runway to v8.0.0; CLAUDE.md hooks count + consistency test). 1665+ → 1777 tests. Wave E (additional attack-simulator scenarios) deferred indefinitely |
 | **7.2.0** | 2026-04-29 | **Batch B release.** Critical-review B-tier scanner defects + v7.2.0 evasion-arsenal (PUA-A/B Unicode coverage, NFKC homoglyph fold, escalation-after-input window, markdown link-title + SVG `<desc>`/`<foreignObject>` + HTML comment extractors). Two-stage entropy context classification. v1→v2 risk-formula constants unified across docs. 8 new red-team scenarios (64 → 72). 1522 → 1665 tests |
diff --git a/plugins/llm-security/package.json b/plugins/llm-security/package.json
index d05feaa..76a01bb 100644
--- a/plugins/llm-security/package.json
+++ b/plugins/llm-security/package.json
@@ -1,6 +1,6 @@
 {
   "name": "llm-security",
-  "version": "7.3.1",
+  "version": "7.4.0",
   "description": "Security scanning, auditing, and threat modeling for Claude Code projects",
   "type": "module",
   "bin": {
diff --git a/plugins/llm-security/scanners/dashboard-aggregator.mjs b/plugins/llm-security/scanners/dashboard-aggregator.mjs
index 96fb234..3c0659e 100644
--- a/plugins/llm-security/scanners/dashboard-aggregator.mjs
+++ b/plugins/llm-security/scanners/dashboard-aggregator.mjs
@@ -19,7 +19,7 @@ import { scan } from './posture-scanner.mjs';
 // Constants
 // ---------------------------------------------------------------------------
 
-const VERSION = '7.3.1';
+const VERSION = '7.4.0';
 
 /** Cache location */
 const CACHE_DIR = join(homedir(), '.cache', 'llm-security');
diff --git a/plugins/llm-security/scanners/ide-extension-scanner.mjs b/plugins/llm-security/scanners/ide-extension-scanner.mjs
index 18fdc53..6ea60b9 100644
--- a/plugins/llm-security/scanners/ide-extension-scanner.mjs
+++ b/plugins/llm-security/scanners/ide-extension-scanner.mjs
@@ -49,7 +49,7 @@ import { scan as scanTaint } from './taint-tracer.mjs';
 import { scan as scanMemoryPoisoning } from './memory-poisoning-scanner.mjs';
 import { scan as scanSupplyChain } from './supply-chain-recheck.mjs';
 
-const VERSION = '7.3.1';
+const VERSION = '7.4.0';
 const SCANNER = 'IDE';
 
 // ---------------------------------------------------------------------------
diff --git a/plugins/llm-security/scanners/posture-scanner.mjs b/plugins/llm-security/scanners/posture-scanner.mjs
index 07212b8..1159cb6 100644
--- a/plugins/llm-security/scanners/posture-scanner.mjs
+++ b/plugins/llm-security/scanners/posture-scanner.mjs
@@ -20,7 +20,7 @@ import { finding, scannerResult, resetCounter } from './lib/output.mjs';
 // Constants
 // ---------------------------------------------------------------------------
 
-const VERSION = '7.3.1';
+const VERSION = '7.4.0';
 
 /** Minimum lines for a hook script to be considered non-stub */
 const NON_STUB_THRESHOLD = 5;