# STATE — llm-security **Active focus:** EXECUTE the TRG/SIG/AST-gap plan — 3 new scanners (TRG, SIG, AST). Plan is written, reviewed, validated. Next session = cold start straight into `/trekexecute`. ## COLD START — do this first 1. `pwd` (should be repo root) and `git status` (expect clean; plan + brief committed). 2. Read the plan: `docs/plans/trekplan-2026-06-20-TRG/SIG/AST-gap-analysis.md` (8 steps, validates clean). 3. Run: **`/trekexecute docs/plans/trekplan-2026-06-20-TRG/SIG/AST-gap-analysis.md`** (optionally `/trekexecute --validate ` or `--dry-run ` first to sanity-check). 4. TDD per step (failing test first), commit per step within its scope-fence. Check push window before push. Build order: **TRG** (steps 1-2) → **SIG** (3-4) → **AST** (5-6) → **docs/packaging** (7) → **release v7.8.0** (8 — OPERATOR-GATED, confirm before doing; it's beyond the brief's scope). ## How we got here - Brief: `docs/plans/TRG/SIG/AST-gap-analysis.md` (gap analysis vs NVIDIA/TRG/SIG/AST; all claims verified). - Lean Voyage chosen (trekplan→execute→review, no research). trekplan done; adversarial review caught 3 blockers + 7 majors on draft 1 (59/D) — all real — fixed → 86/B. The fixes are baked into the plan. ## Verified gotchas (DO NOT re-derive — these broke draft 1) - Orchestrator is **`scanners/scan-orchestrator.mjs`** (NOT repo root). Siblings import as `./x.mjs`. New scanner = export `scan(targetPath, discovery)`, add import + `{name,fn}` to SCANNERS (`:113-125`). - `severity.mjs` has **4 OWASP maps with ARRAY values** (`OWASP_MAP`/`_AGENTIC_`/`_SKILLS_`/`_MCP_`). Add array entries to all four per scanner; assert with `deepEqual`. (e.g. `WFL: ['LLM02','LLM06']`) - `parseFrontmatter` already exists: `scanners/lib/yaml-frontmatter.mjs:13` (TRG reuses it). - **Zero npm deps** (no `dependencies` key in package.json — keep it that way). python3 = optional, graceful `status:'skipped'` when absent. Emit via `finding()`/`scannerResult()` (`scanners/lib/output.mjs`). - Policy: add section to `DEFAULT_POLICY` (`scanners/lib/policy-loader.mjs`), read via `getPolicyValue`. - Distribution = Claude Code marketplace git-clone (whole repo), NOT npm — so `package.json` `files[]` is moot for runtime; the `knowledge/` add in Step 7 is correctness-only. - Template scanner to copy: `scanners/memory-poisoning-scanner.mjs:386`. Tests: `node --test`, committed `clean/`+`poisoned/` fixtures, `resetCounter()` in `beforeEach`. Full suite: `npm test`. ## Continuity - STATE.md is canonical + committed (now un-gitignored — global rule). Voyage `.session-state.local.json` is disposable per-plan scratch, gitignored (`*.local.json`). ## Committed this session - `docs/plans/TRG/SIG/AST-gap-analysis.md` (brief), `docs/plans/trekplan-2026-06-20-...md` (plan), `.gitignore` (un-ignore STATE.md; ignore `docs/plans/*.html`), this STATE.md. - Annotation HTML is gitignored (regenerable via Voyage `annotate.mjs`). - NO scanner code written yet — execution is next session.