Kjell Tore Guttormsen f418a8fe08 feat(llm-security-copilot): port llm-security v5.1.0 to GitHub Copilot CLI

Full port of llm-security plugin for internal use on Windows with GitHub
Copilot CLI. Protocol translation layer (copilot-hook-runner.mjs)
normalizes Copilot camelCase I/O to Claude Code snake_case format — all
original hook scripts run unmodified.

- 8 hooks with protocol translation (stdin/stdout/exit code)
- 18 SKILL.md skills (Agent Skills Open Standard)
- 6 .agent.md agent definitions
- 20 scanners + 14 scanner lib modules (unchanged)
- 14 knowledge files (unchanged)
- 39 test files including copilot-port-verify.mjs (17 tests)
- Windows-ready: node:path, os.tmpdir(), process.execPath, no bash

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-04-09 21:56:10 +02:00

1.1 KiB

Raw Blame History

name	description
security-dashboard	Cross-project security dashboard — machine-wide posture overview with per-project grades

Security Dashboard

Machine-wide posture overview. Scans all detected projects, aggregates to a single machine grade (weakest link).

Step 1: Run Aggregator

node <plugin-root>/scanners/dashboard-aggregator.mjs [--no-cache]

Uses 24h cache by default. Pass --no-cache to force fresh scan.

Step 2: Format Dashboard

Parse JSON: meta, machine.grade (weakest link), projects[], errors[].

# Security Dashboard

| Machine Grade | [A-F] (weakest link) |
| Projects Scanned | N |
| Cached | Yes/No |

## Per-Project Grades

| Project | Grade | Risk Score | Verdict | Last Scan |
|---------|-------|------------|---------|-----------|
[sorted by grade, worst first]

## Errors (if any)

[List projects that failed to scan]

Step 3: Recommendations

Grade A/B: "Machine posture is strong."
Grade C: "Review projects with grade C or below."
Grade D/F: "Significant exposure. Run audit on failing projects."

1.1 KiB Raw Blame History

Security Dashboard

Step 1: Run Aggregator

Step 2: Format Dashboard

Step 3: Recommendations

1.1 KiB

Raw Blame History