@cencori/scan 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +98 -0
- package/dist/cli.d.mts +1 -0
- package/dist/cli.d.ts +1 -0
- package/dist/cli.js +679 -0
- package/dist/cli.js.map +1 -0
- package/dist/cli.mjs +656 -0
- package/dist/cli.mjs.map +1 -0
- package/dist/index.d.mts +65 -0
- package/dist/index.d.ts +65 -0
- package/dist/index.js +536 -0
- package/dist/index.js.map +1 -0
- package/dist/index.mjs +496 -0
- package/dist/index.mjs.map +1 -0
- package/package.json +58 -0
package/README.md
ADDED
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
# @cencori/scan
|
|
2
|
+
|
|
3
|
+
Security scanner for AI apps. Detect hardcoded secrets, PII leaks, and exposed routes.
|
|
4
|
+
|
|
5
|
+
## Installation
|
|
6
|
+
|
|
7
|
+
```bash
|
|
8
|
+
# Run directly with npx
|
|
9
|
+
npx @cencori/scan
|
|
10
|
+
|
|
11
|
+
# Or install globally
|
|
12
|
+
npm install -g @cencori/scan
|
|
13
|
+
```
|
|
14
|
+
|
|
15
|
+
## Usage
|
|
16
|
+
|
|
17
|
+
```bash
|
|
18
|
+
# Scan current directory
|
|
19
|
+
cencori-scan
|
|
20
|
+
|
|
21
|
+
# Scan specific path
|
|
22
|
+
cencori-scan ./my-project
|
|
23
|
+
|
|
24
|
+
# Output JSON
|
|
25
|
+
cencori-scan --json
|
|
26
|
+
|
|
27
|
+
# Quiet mode (score only)
|
|
28
|
+
cencori-scan --quiet
|
|
29
|
+
```
|
|
30
|
+
|
|
31
|
+
## What It Detects
|
|
32
|
+
|
|
33
|
+
### API Keys & Secrets
|
|
34
|
+
- OpenAI, Anthropic, Google AI
|
|
35
|
+
- Supabase, Firebase
|
|
36
|
+
- Stripe, AWS, GitHub
|
|
37
|
+
- And 20+ more providers
|
|
38
|
+
|
|
39
|
+
### PII (Personal Identifiable Information)
|
|
40
|
+
- Email addresses
|
|
41
|
+
- Phone numbers
|
|
42
|
+
- Social Security Numbers
|
|
43
|
+
- Credit card numbers
|
|
44
|
+
|
|
45
|
+
### Exposed Routes
|
|
46
|
+
- Next.js API routes without auth
|
|
47
|
+
- Express routes without middleware
|
|
48
|
+
- Sensitive files in public folders
|
|
49
|
+
|
|
50
|
+
## Security Score
|
|
51
|
+
|
|
52
|
+
| Score | Meaning |
|
|
53
|
+
|-------|---------|
|
|
54
|
+
| A-Tier | Excellent - No issues found |
|
|
55
|
+
| B-Tier | Good - Minor improvements needed |
|
|
56
|
+
| C-Tier | Fair - Some concerns |
|
|
57
|
+
| D-Tier | Poor - Significant issues |
|
|
58
|
+
| F-Tier | Critical - Leaking secrets |
|
|
59
|
+
|
|
60
|
+
## Example Output
|
|
61
|
+
|
|
62
|
+
```
|
|
63
|
+
Cencori Scan
|
|
64
|
+
v0.1.0
|
|
65
|
+
|
|
66
|
+
Scanned 142 files
|
|
67
|
+
|
|
68
|
+
┌─────────────────────────────────────────────┐
|
|
69
|
+
│ Security Score: F-Tier │
|
|
70
|
+
└─────────────────────────────────────────────┘
|
|
71
|
+
|
|
72
|
+
SECRETS (3)
|
|
73
|
+
├─ src/api.ts:12 sk-proj-****
|
|
74
|
+
├─ src/lib.ts:5 eyJh****
|
|
75
|
+
└─ .env.local:3 ANTH****
|
|
76
|
+
|
|
77
|
+
Recommendations:
|
|
78
|
+
- Use environment variables for secrets
|
|
79
|
+
- Never commit API keys to version control
|
|
80
|
+
|
|
81
|
+
Share: https://scan.cencori.com
|
|
82
|
+
Docs: https://cencori.com/docs
|
|
83
|
+
```
|
|
84
|
+
|
|
85
|
+
## Programmatic Usage
|
|
86
|
+
|
|
87
|
+
```typescript
|
|
88
|
+
import { scan } from '@cencori/scan';
|
|
89
|
+
|
|
90
|
+
const result = await scan('./my-project');
|
|
91
|
+
|
|
92
|
+
console.log(result.score); // 'A' | 'B' | 'C' | 'D' | 'F'
|
|
93
|
+
console.log(result.issues); // Array of detected issues
|
|
94
|
+
```
|
|
95
|
+
|
|
96
|
+
## License
|
|
97
|
+
|
|
98
|
+
MIT - Cencori
|
package/dist/cli.d.mts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
package/dist/cli.d.ts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
#!/usr/bin/env node
|