Kjell Tore Guttormsen 716c8384d9 feat(post-mcp-verify): E5 — scan SVG desc/title/metadata/foreignObject ... SVG containers carry text that is invisible in the rendered image but fully parsed by an agent reading the source. <desc>, <title>, <metadata>, and <foreignObject> are all valid surfaces for adversarial injection. Adds a per-element extractor inside the existing HTML-tag gate, gated on /<svg[\s>]/i so it only fires for actual SVG content. Inner text is HTML-entity-decoded then run through scanForInjection. Emits at the strongest tier with category svg-element-injection. +3 tests (62 → 65). Refs: Batch B Wave 4 / Step 10 / v7.2.0		2026-04-29 14:54:58 +02:00
..
post-mcp-verify.mjs	feat(post-mcp-verify): E5 — scan SVG desc/title/metadata/foreignObject	2026-04-29 14:54:58 +02:00
post-session-guard.mjs	feat(post-session-guard): E17 — configurable escalation window + 20-call MEDIUM advisory	2026-04-29 14:26:18 +02:00
pre-bash-destructive.mjs	feat(governance): add policy-as-code — .llm-security/policy.json for distributable hook configuration	2026-04-10 13:37:02 +02:00
pre-compact-scan.mjs	test(hooks): cover pre-compact-scan happy-path, modes, size-cap	2026-04-17 14:44:52 +02:00
pre-edit-secrets.mjs	feat(governance): add policy-as-code — .llm-security/policy.json for distributable hook configuration	2026-04-10 13:37:02 +02:00
pre-install-supply-chain.mjs	feat(governance): add policy-as-code — .llm-security/policy.json for distributable hook configuration	2026-04-10 13:37:02 +02:00
pre-prompt-inject-scan.mjs	feat(governance): add policy-as-code — .llm-security/policy.json for distributable hook configuration	2026-04-10 13:37:02 +02:00
pre-write-pathguard.mjs	fix(llm-security): B1 pathguard regex — match multi-segment .env.*.*	2026-04-19 23:59:38 +02:00
update-check.mjs	feat: initial open marketplace with llm-security, config-audit, ultraplan-local	2026-04-06 18:47:49 +02:00