ktg-plugin-marketplace

open/ktg-plugin-marketplace

Fork 0

Commit graph

Author	SHA1	Message	Date
Kjell Tore Guttormsen	6252e55700	feat(llm-security): add /security ide-scan — VS Code / JetBrains extension prescan (v6.3.0) New standalone scanner (prefix IDE) discovers installed VS Code extensions across forks (Cursor, Windsurf, VSCodium, code-server, Insiders, Remote-SSH) and runs 7 IDE-specific threat checks: blocklist match (CRITICAL), theme-with-code, sideload (unsigned .vsix), dangerous uninstall hook (HIGH), wildcard activation, extension-pack expansion, typosquat (MEDIUM). Per-extension reuse of UNI/ENT/NET/TNT/MEM/SCR scanners with bounded concurrency. Offline-first; --online opt-in. JetBrains discovery stubbed for v1.1. 22 new tests (1296 total, was 1274). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-17 16:23:35 +02:00
Kjell Tore Guttormsen	2c33e9cc64	feat(ci): add CI/CD integration — --fail-on, --compact, pipeline templates Add threshold-based exit codes (--fail-on <severity>) and compact output mode (--compact) to scan-orchestrator and CLI. Pipeline templates for GitHub Actions, Azure DevOps, GitLab CI with SARIF upload. CI/CD guide with Schrems II/NSM compliance documentation. npm publish preparation (files whitelist, .npmignore). Policy ci section for distributable CI defaults. Version 6.1.0. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-10 14:59:05 +02:00
Kjell Tore Guttormsen	52d26ddb0b	feat(cli): add standalone CLI wrapper — npx llm-security scan without Claude Code Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-10 13:58:25 +02:00

Author

SHA1

Message

Date

Kjell Tore Guttormsen

6252e55700

feat(llm-security): add /security ide-scan — VS Code / JetBrains extension prescan (v6.3.0)

New standalone scanner (prefix IDE) discovers installed VS Code extensions
across forks (Cursor, Windsurf, VSCodium, code-server, Insiders, Remote-SSH)
and runs 7 IDE-specific threat checks: blocklist match (CRITICAL),
theme-with-code, sideload (unsigned .vsix), dangerous uninstall hook (HIGH),
wildcard activation, extension-pack expansion, typosquat (MEDIUM).

Per-extension reuse of UNI/ENT/NET/TNT/MEM/SCR scanners with bounded
concurrency. Offline-first; --online opt-in. JetBrains discovery stubbed
for v1.1. 22 new tests (1296 total, was 1274).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-04-17 16:23:35 +02:00

Kjell Tore Guttormsen

2c33e9cc64

feat(ci): add CI/CD integration — --fail-on, --compact, pipeline templates

Add threshold-based exit codes (--fail-on <severity>) and compact
output mode (--compact) to scan-orchestrator and CLI. Pipeline
templates for GitHub Actions, Azure DevOps, GitLab CI with SARIF
upload. CI/CD guide with Schrems II/NSM compliance documentation.
npm publish preparation (files whitelist, .npmignore). Policy ci
section for distributable CI defaults. Version 6.1.0.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-04-10 14:59:05 +02:00

Kjell Tore Guttormsen

52d26ddb0b

feat(cli): add standalone CLI wrapper — npx llm-security scan without Claude Code

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-04-10 13:58:25 +02:00

3 commits