open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions
100 commits 2 branches 9 tags 140 MiB
Commit graph

9 commits

Author SHA1 Message Date
Kjell Tore Guttormsen
2c33e9cc64 feat(ci): add CI/CD integration — --fail-on, --compact, pipeline templates 
Add threshold-based exit codes (--fail-on <severity>) and compact
output mode (--compact) to scan-orchestrator and CLI. Pipeline
templates for GitHub Actions, Azure DevOps, GitLab CI with SARIF
upload. CI/CD guide with Schrems II/NSM compliance documentation.
npm publish preparation (files whitelist, .npmignore). Policy ci
section for distributable CI defaults. Version 6.1.0.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-10 14:59:05 +02:00
Kjell Tore Guttormsen
52d26ddb0b feat(cli): add standalone CLI wrapper — npx llm-security scan without Claude Code 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-10 13:58:25 +02:00
Kjell Tore Guttormsen
0439e0f650 feat(scanner): add AI-BOM generator — CycloneDX 1.6 format for AI supply chain transparency 
New bom-builder.mjs discovers AI components (models, MCP servers, plugins,
knowledge files, hooks) and builds CycloneDX 1.6 JSON BOMs.
CLI entry point: node scanners/ai-bom-generator.mjs <target>.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-10 13:29:30 +02:00
Kjell Tore Guttormsen
2116e702df feat(scanner): add SARIF 2.1.0 output format to scan-orchestrator (--format sarif) 
New sarif-formatter.mjs converts scan envelope to OASIS SARIF 2.1.0 standard.
Maps severity to SARIF levels, findings to results with locations and rules.
scan-orchestrator accepts --format sarif|json (default: json).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-10 13:22:59 +02:00
Kjell Tore Guttormsen
51b5371d6f feat(posture): add EU AI Act, NIST AI RMF, ISO 42001 compliance categories (14-16) 
Extends posture scanner from 13 to 16 categories with three governance/compliance
checks. New categories are advisory (not in CRITICAL_CATEGORIES) — existing Grade A
projects remain Grade A. VERSION bumped to 6.0.0.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-10 13:17:25 +02:00
Kjell Tore Guttormsen
0765a5595e feat(scanner): add --benchmark mode to attack-simulator with structured reporting 2026-04-10 13:02:58 +02:00
Kjell Tore Guttormsen
e2c8924074 feat(knowledge): add MITRE ATLAS IDs to OWASP files + Norwegian regulatory context 2026-04-10 12:49:10 +02:00
Kjell Tore Guttormsen
5bb9d5bd11 feat(knowledge): add compliance-mapping document — EU AI Act, NIST AI RMF, ISO 42001 2026-04-10 12:29:14 +02:00
Kjell Tore Guttormsen
f93d6abdae feat: initial open marketplace with llm-security, config-audit, ultraplan-local 2026-04-06 18:47:49 +02:00