Commit graph

76 commits

Author SHA1 Message Date
Kjell Tore Guttormsen
71ac02ca13 refactor(agents): add Step 0 + parallel-read hint to mcp-scanner-agent 2026-04-17 14:46:30 +02:00
Kjell Tore Guttormsen
8649926e35 refactor(agents): reduce stacked imperatives in skill-scanner-agent for Opus 4.7 2026-04-17 14:46:06 +02:00
Kjell Tore Guttormsen
6f798f28b3 feat(hooks): register PreCompact event in hooks.json 2026-04-17 14:45:13 +02:00
Kjell Tore Guttormsen
b3ef078450 test(hooks): cover pre-compact-scan happy-path, modes, size-cap 2026-04-17 14:44:52 +02:00
Kjell Tore Guttormsen
cca65aad88 feat(hooks): add pre-compact-scan hook skeleton 2026-04-17 14:40:50 +02:00
Kjell Tore Guttormsen
17b8c8fa16 docs(claude-md): reframe bash-normalize as defense-in-depth layer 2026-04-17 14:37:03 +02:00
Kjell Tore Guttormsen
5a3d005f34 test(scanners): cover bash-normalize T5 IFS + T6 hex + false-positive probe 2026-04-17 14:29:15 +02:00
Kjell Tore Guttormsen
09e42934b1 fix(scanners): preserve single-quoted regions through bash-normalize pipeline
Masks non-empty '...' content before T5/T2-T4 run so literal strings such
as `echo '${IFS}'` are not rewritten. Empty '' pairs are stripped first
so c''u''rl -> curl evasion keeps resolving. ANSI-C $'...' is decoded
before masking.

Caught by the false-positive probe added in Step 3 of ultraplan-v6.2.0.
2026-04-17 14:29:02 +02:00
Kjell Tore Guttormsen
c462d0ed32 feat(scanners): extend bash-normalize with T5 IFS + T6 ANSI-C hex quoting 2026-04-17 13:59:15 +02:00
Kjell Tore Guttormsen
4fa904fb3c docs(readme): replace npx references with node bin/ (not yet on npm)
npx llm-security requires npm publishing which hasn't happened.
Updated 3 references to use node bin/llm-security.mjs which works today.
CI templates and docs intentionally kept as-is (designed for future npm).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 15:20:44 +02:00
Kjell Tore Guttormsen
4bcfcbfe42 docs(readme): update README body for v6.0+v6.1 — fix stale counts and tables
Badges, intro, commands, scanner table, Mermaid diagram, directory tree,
and knowledge base section all had counts frozen at v3-v4 era. Updated
to match actual filesystem: 21 scanners (10+11), 18 commands, 16 knowledge
files, 16 posture categories, 1264 tests. Added missing bin/, ci/, docs/
directories and all standalone scanners to directory tree.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 15:15:16 +02:00
Kjell Tore Guttormsen
b61c631975 feat(ci): add CI/CD integration — --fail-on, --compact, pipeline templates
Add threshold-based exit codes (--fail-on <severity>) and compact
output mode (--compact) to scan-orchestrator and CLI. Pipeline
templates for GitHub Actions, Azure DevOps, GitLab CI with SARIF
upload. CI/CD guide with Schrems II/NSM compliance documentation.
npm publish preparation (files whitelist, .npmignore). Policy ci
section for distributable CI defaults. Version 6.1.0.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 14:59:05 +02:00
Kjell Tore Guttormsen
08201510ac fix(scanners): use process.exitCode instead of process.exit() after stdout.write
process.exit() terminates before pipe buffers drain, truncating output
at 64KB when piped through another Node.js process on macOS. Affects
scan-orchestrator (SARIF output) and supply-chain-recheck-cli.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 14:11:31 +02:00
Kjell Tore Guttormsen
9fa89d6111 chore(release): bump to v6.0.0 — CAISS-readiness release with compliance, governance, CLI
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 14:03:10 +02:00
Kjell Tore Guttormsen
1a5f8676ad feat(cli): add standalone CLI wrapper — npx llm-security scan without Claude Code
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 13:58:25 +02:00
Kjell Tore Guttormsen
367bae3939 feat(governance): add policy-as-code — .llm-security/policy.json for distributable hook configuration
New policy-loader.mjs reads .llm-security/policy.json with deep-merge against
defaults that exactly match existing hardcoded values. Integrated into all 7 hooks:
- pre-prompt-inject-scan: injection.mode (env var still takes precedence)
- post-session-guard: trifecta.mode, window_size, long_horizon_window
- pre-edit-secrets: secrets.additional_patterns
- pre-bash-destructive: destructive.additional_blocked
- pre-write-pathguard: pathguard.additional_protected
- pre-install-supply-chain: supply_chain.additional_blocked_packages
- post-mcp-verify: mcp.volume_threshold_bytes, mcp.trusted_servers

Backward compatible: no policy file = identical behavior to v5.1.0.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 13:37:02 +02:00
Kjell Tore Guttormsen
04116e0b30 feat(scanner): add AI-BOM generator — CycloneDX 1.6 format for AI supply chain transparency
New bom-builder.mjs discovers AI components (models, MCP servers, plugins,
knowledge files, hooks) and builds CycloneDX 1.6 JSON BOMs.
CLI entry point: node scanners/ai-bom-generator.mjs <target>.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 13:29:30 +02:00
Kjell Tore Guttormsen
482d9320b7 feat(governance): add structured JSONL audit trail with SIEM-ready schema
New audit-trail.mjs writes structured events to LLM_SECURITY_AUDIT_LOG path.
Integrated into post-session-guard at 6 warning emission points: trifecta,
escalation-after-input, data flow, volume threshold, slow-burn, behavioral drift.
No-op when env var not set — zero overhead for existing users.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 13:25:59 +02:00
Kjell Tore Guttormsen
fd323437c0 feat(scanner): add SARIF 2.1.0 output format to scan-orchestrator (--format sarif)
New sarif-formatter.mjs converts scan envelope to OASIS SARIF 2.1.0 standard.
Maps severity to SARIF levels, findings to results with locations and rules.
scan-orchestrator accepts --format sarif|json (default: json).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 13:22:59 +02:00
Kjell Tore Guttormsen
7b96e19cbe feat(posture): add EU AI Act, NIST AI RMF, ISO 42001 compliance categories (14-16)
Extends posture scanner from 13 to 16 categories with three governance/compliance
checks. New categories are advisory (not in CRITICAL_CATEGORIES) — existing Grade A
projects remain Grade A. VERSION bumped to 6.0.0.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-10 13:17:25 +02:00
Kjell Tore Guttormsen
941eb441f8 feat(scanner): add --benchmark mode to attack-simulator with structured reporting 2026-04-10 13:02:58 +02:00
Kjell Tore Guttormsen
07cfd89a1e feat(knowledge): add MITRE ATLAS IDs to OWASP files + Norwegian regulatory context 2026-04-10 12:49:10 +02:00
Kjell Tore Guttormsen
4b63f73b53 feat(knowledge): add compliance-mapping document — EU AI Act, NIST AI RMF, ISO 42001 2026-04-10 12:29:14 +02:00
Kjell Tore Guttormsen
85efea701c docs: standardize installation instructions across all plugins
All 6 plugin READMEs now use identical installation section:
marketplace-first approach with /plugin browsing, then direct
settings.json as alternative. Replaces inconsistent mix of
git clone, plugin add, and JSON-only instructions.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-08 15:10:24 +02:00
Kjell Tore Guttormsen
3082ec355a chore: fix metadata gaps and add root CLAUDE.md
- llm-security SECURITY.md: update supported versions 3.0.x → 5.1.x
- config-audit plugin.json: add license, repository, keywords
- Add root CLAUDE.md with repo structure and conventions

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-08 13:10:22 +02:00
Kjell Tore Guttormsen
f153f969a0 feat(ultraplan-local): v1.6.0 — /ultraresearch-local deep research command
Add /ultraresearch-local for structured research combining local codebase
analysis with external knowledge via parallel agent swarms. Produces research
briefs with triangulation, confidence ratings, and source quality assessment.

New command: /ultraresearch-local with modes --quick, --local, --external, --fg.
New agents: research-orchestrator (opus), docs-researcher, community-researcher,
security-researcher, contrarian-researcher, gemini-bridge (all sonnet).
New template: research-brief-template.md.

Integration: --research flag in /ultraplan-local accepts pre-built research
briefs (up to 3), enriches the interview and exploration phases. Planning
orchestrator cross-references brief findings during synthesis.

Design principle: Context Engineering — right information to right agent at
right time. Research briefs are structured artifacts in the pipeline:
ultraresearch → brief → ultraplan --research → plan → ultraexecute.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-08 08:58:35 +02:00