npm - @clear-capabilities/agentic-security-scanner - Versions diffs - 0.76.1 → 0.77.0 - Mend

@clear-capabilities/agentic-security-scanner 0.76.1 → 0.77.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (68) hide show

package/dist/agentic-security.mjs +8 -8
package/dist/agentic-security.mjs.sha256 +1 -1
package/package.json +5 -5
package/bin/.agentic-security/findings.json +0 -1596
package/bin/.agentic-security/last-scan.json +0 -1596
package/bin/.agentic-security/last-scan.json.sig +0 -1
package/bin/.agentic-security/scan-history.json +0 -475
package/bin/.agentic-security/streak.json +0 -25
package/dist/218.index.js +0 -793
package/dist/601.index.js +0 -1038
package/dist/634.index.js +0 -1892
package/src/.agentic-security/findings.json +0 -80844
package/src/.agentic-security/last-scan.json +0 -80844
package/src/.agentic-security/last-scan.json.sig +0 -1
package/src/.agentic-security/scan-history.json +0 -8408
package/src/.agentic-security/streak.json +0 -26
package/src/dataflow/.agentic-security/findings.json +0 -3487
package/src/dataflow/.agentic-security/last-scan.json +0 -3487
package/src/dataflow/.agentic-security/last-scan.json.sig +0 -1
package/src/dataflow/.agentic-security/scan-history.json +0 -735
package/src/dataflow/.agentic-security/streak.json +0 -24
package/src/integrations/.agentic-security/findings.json +0 -1504
package/src/integrations/.agentic-security/last-scan.json +0 -1504
package/src/integrations/.agentic-security/scan-history.json +0 -40
package/src/integrations/.agentic-security/streak.json +0 -21
package/src/ir/.agentic-security/findings.json +0 -3036
package/src/ir/.agentic-security/last-scan.json +0 -3036
package/src/ir/.agentic-security/last-scan.json.sig +0 -1
package/src/ir/.agentic-security/scan-history.json +0 -364
package/src/ir/.agentic-security/streak.json +0 -23
package/src/llm-validator/.agentic-security/findings.json +0 -1891
package/src/llm-validator/.agentic-security/last-scan.json +0 -1891
package/src/llm-validator/.agentic-security/last-scan.json.sig +0 -1
package/src/llm-validator/.agentic-security/scan-history.json +0 -168
package/src/llm-validator/.agentic-security/streak.json +0 -20
package/src/lsp/.agentic-security/findings.json +0 -28
package/src/lsp/.agentic-security/last-scan.json +0 -28
package/src/lsp/.agentic-security/scan-history.json +0 -79
package/src/lsp/.agentic-security/streak.json +0 -22
package/src/mcp/.agentic-security/findings.json +0 -8403
package/src/mcp/.agentic-security/last-scan.json +0 -8403
package/src/mcp/.agentic-security/last-scan.json.sig +0 -1
package/src/mcp/.agentic-security/scan-history.json +0 -1182
package/src/mcp/.agentic-security/streak.json +0 -22
package/src/posture/.agentic-security/findings.json +0 -51239
package/src/posture/.agentic-security/last-scan.json +0 -51239
package/src/posture/.agentic-security/last-scan.json.sig +0 -1
package/src/posture/.agentic-security/scan-history.json +0 -5557
package/src/posture/.agentic-security/streak.json +0 -24
package/src/report/.agentic-security/findings.json +0 -79
package/src/report/.agentic-security/last-scan.json +0 -79
package/src/report/.agentic-security/last-scan.json.sig +0 -1
package/src/report/.agentic-security/scan-history.json +0 -332
package/src/report/.agentic-security/streak.json +0 -23
package/src/sast/.agentic-security/findings.json +0 -5051
package/src/sast/.agentic-security/last-scan.json +0 -5051
package/src/sast/.agentic-security/last-scan.json.sig +0 -1
package/src/sast/.agentic-security/scan-history.json +0 -788
package/src/sast/.agentic-security/streak.json +0 -23
package/src/sast/bench-shape/.agentic-security/findings.json +0 -28
package/src/sast/bench-shape/.agentic-security/last-scan.json +0 -28
package/src/sast/bench-shape/.agentic-security/scan-history.json +0 -24
package/src/sast/bench-shape/.agentic-security/streak.json +0 -22
package/src/sca/.agentic-security/findings.json +0 -1096
package/src/sca/.agentic-security/last-scan.json +0 -1096
package/src/sca/.agentic-security/last-scan.json.sig +0 -1
package/src/sca/.agentic-security/scan-history.json +0 -18
package/src/sca/.agentic-security/streak.json +0 -21

package/src/llm-validator/.agentic-security/last-scan.json.sig DELETED Viewed

	@@ -1 +0,0 @@
1	- 4c7773244a54b5c390324ea1d7302921511d2ac2526cebc27cf16deff479564f

package/src/llm-validator/.agentic-security/scan-history.json DELETED Viewed

@@ -1,168 +0,0 @@
-[
-  {
-    "timestamp": "2026-05-18T17:45:05.442Z",
-    "label": "scan",
-    "total": 4,
-    "critical": 0,
-    "high": 1,
-    "medium": 3,
-    "low": 0,
-    "kev": 0,
-    "ids": [
-      "prompt-tpl:index.js:30:Prompt_Template__user_input_interpolated_into_prompt_string_",
-      "struct:index.js:80:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:81:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:87:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)"
-    ]
-  },
-  {
-    "timestamp": "2026-05-18T21:57:42.021Z",
-    "label": "scan",
-    "total": 4,
-    "critical": 0,
-    "high": 1,
-    "medium": 3,
-    "low": 0,
-    "kev": 0,
-    "ids": [
-      "prompt-tpl:index.js:55:Prompt_Template__user_input_interpolated_into_prompt_string_",
-      "struct:index.js:114:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:115:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:121:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)"
-    ]
-  },
-  {
-    "timestamp": "2026-05-18T22:28:47.440Z",
-    "label": "scan",
-    "total": 4,
-    "critical": 0,
-    "high": 1,
-    "medium": 3,
-    "low": 0,
-    "kev": 0,
-    "ids": [
-      "prompt-tpl:index.js:55:Prompt_Template__user_input_interpolated_into_prompt_string_",
-      "struct:index.js:114:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:115:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:121:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)"
-    ]
-  },
-  {
-    "timestamp": "2026-05-18T22:29:03.014Z",
-    "label": "scan",
-    "total": 4,
-    "critical": 0,
-    "high": 1,
-    "medium": 3,
-    "low": 0,
-    "kev": 0,
-    "ids": [
-      "prompt-tpl:index.js:55:Prompt_Template__user_input_interpolated_into_prompt_string_",
-      "struct:index.js:114:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:115:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:121:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)"
-    ]
-  },
-  {
-    "timestamp": "2026-05-18T22:29:18.932Z",
-    "label": "scan",
-    "total": 4,
-    "critical": 0,
-    "high": 1,
-    "medium": 3,
-    "low": 0,
-    "kev": 0,
-    "ids": [
-      "prompt-tpl:index.js:55:Prompt_Template__user_input_interpolated_into_prompt_string_",
-      "struct:index.js:114:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:115:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:121:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)"
-    ]
-  },
-  {
-    "timestamp": "2026-05-18T23:16:38.135Z",
-    "label": "scan",
-    "total": 4,
-    "critical": 0,
-    "high": 1,
-    "medium": 3,
-    "low": 0,
-    "kev": 0,
-    "ids": [
-      "prompt-tpl:index.js:55:Prompt_Template__user_input_interpolated_into_prompt_string_",
-      "struct:index.js:114:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:115:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:121:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)"
-    ]
-  },
-  {
-    "timestamp": "2026-05-18T23:16:47.744Z",
-    "label": "scan",
-    "total": 4,
-    "critical": 0,
-    "high": 1,
-    "medium": 3,
-    "low": 0,
-    "kev": 0,
-    "ids": [
-      "prompt-tpl:index.js:55:Prompt_Template__user_input_interpolated_into_prompt_string_",
-      "struct:index.js:114:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:115:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:121:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)"
-    ]
-  },
-  {
-    "timestamp": "2026-05-19T00:12:15.461Z",
-    "label": "scan",
-    "total": 4,
-    "critical": 0,
-    "high": 1,
-    "medium": 3,
-    "low": 0,
-    "kev": 0,
-    "ids": [
-      "prompt-tpl:index.js:57:Prompt_Template__user_input_interpolated_into_prompt_string_",
-      "struct:index.js:116:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:117:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:123:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)"
-    ]
-  },
-  {
-    "timestamp": "2026-05-19T22:20:17.395Z",
-    "label": "scan",
-    "total": 7,
-    "critical": 0,
-    "high": 1,
-    "medium": 6,
-    "low": 0,
-    "kev": 0,
-    "ids": [
-      "prompt-tpl:index.js:57:Prompt_Template__user_input_interpolated_into_prompt_string_",
-      "struct:consistency.js:66:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:consistency.js:67:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:116:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:117:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:123:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "toctou-fs:index.js:116"
-    ]
-  },
-  {
-    "timestamp": "2026-05-20T12:29:43.775Z",
-    "label": "scan",
-    "total": 7,
-    "critical": 0,
-    "high": 1,
-    "medium": 6,
-    "low": 0,
-    "kev": 0,
-    "ids": [
-      "prompt-tpl:index.js:57:Prompt_Template__user_input_interpolated_into_prompt_string_",
-      "struct:consistency.js:66:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:consistency.js:67:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:116:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:117:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "struct:index.js:123:Synchronous_Blocking_I/O_(DoS_Risk_in_Server_Context)",
-      "toctou-fs:index.js:116"
-    ]
-  }
-]

package/src/llm-validator/.agentic-security/streak.json DELETED Viewed

@@ -1,20 +0,0 @@
-{
-  "firstScanDate": "2026-05-18T17:45:05.477Z",
-  "lastScanDate": "2026-05-20T12:29:43.794Z",
-  "totalScans": 10,
-  "daysCleanCritical": 3,
-  "lastCleanDate": "2026-05-20",
-  "lastCriticalDate": null,
-  "hasEverHadCritical": false,
-  "bestDaysCleanCritical": 3,
-  "totalFindingsAtFirstScan": 6,
-  "totalFindingsAtLastScan": 9,
-  "totalFixesInferred": 0,
-  "lastGrade": "A-",
-  "bestGrade": "A-",
-  "launchCheckPassedAt": null,
-  "achievements": [
-    "first-scan"
-  ],
-  "previousGrade": "A-"
-}

package/src/lsp/.agentic-security/findings.json DELETED Viewed

@@ -1,28 +0,0 @@
-{
-  "scanId": "a086129d-1915-4e73-ad43-27444fe98585",
-  "startedAt": "2026-05-19T00:13:29.781Z",
-  "durationMs": 88,
-  "scanned": {
-    "files": 1,
-    "lines": 0
-  },
-  "findings": [],
-  "bundles": [],
-  "routes": [],
-  "components": [],
-  "suppressedCount": 5,
-  "blastRadiusSignals": {
-    "industry": "generic",
-    "industryConfidence": "low",
-    "jurisdictions": [],
-    "controls": [],
-    "estimatedUsers": 50,
-    "revenueIndicator": "pre-revenue",
-    "hasStripe": false,
-    "hasAuth": false,
-    "hasUserTable": false,
-    "hasPII": false,
-    "hasPHI": false,
-    "hasS3": false
-  }
-}

package/src/lsp/.agentic-security/last-scan.json DELETED Viewed

@@ -1,28 +0,0 @@
-{
-  "scanId": "a086129d-1915-4e73-ad43-27444fe98585",
-  "startedAt": "2026-05-19T00:13:29.781Z",
-  "durationMs": 88,
-  "scanned": {
-    "files": 1,
-    "lines": 0
-  },
-  "findings": [],
-  "bundles": [],
-  "routes": [],
-  "components": [],
-  "suppressedCount": 5,
-  "blastRadiusSignals": {
-    "industry": "generic",
-    "industryConfidence": "low",
-    "jurisdictions": [],
-    "controls": [],
-    "estimatedUsers": 50,
-    "revenueIndicator": "pre-revenue",
-    "hasStripe": false,
-    "hasAuth": false,
-    "hasUserTable": false,
-    "hasPII": false,
-    "hasPHI": false,
-    "hasS3": false
-  }
-}

package/src/lsp/.agentic-security/scan-history.json DELETED Viewed

@@ -1,79 +0,0 @@
-[
-  {
-    "timestamp": "2026-05-18T21:27:21.719Z",
-    "label": "scan",
-    "total": 0,
-    "critical": 0,
-    "high": 0,
-    "medium": 0,
-    "low": 0,
-    "kev": 0,
-    "ids": []
-  },
-  {
-    "timestamp": "2026-05-18T22:04:44.971Z",
-    "label": "scan",
-    "total": 0,
-    "critical": 0,
-    "high": 0,
-    "medium": 0,
-    "low": 0,
-    "kev": 0,
-    "ids": []
-  },
-  {
-    "timestamp": "2026-05-18T22:34:17.177Z",
-    "label": "scan",
-    "total": 0,
-    "critical": 0,
-    "high": 0,
-    "medium": 0,
-    "low": 0,
-    "kev": 0,
-    "ids": []
-  },
-  {
-    "timestamp": "2026-05-18T23:15:27.884Z",
-    "label": "scan",
-    "total": 0,
-    "critical": 0,
-    "high": 0,
-    "medium": 0,
-    "low": 0,
-    "kev": 0,
-    "ids": []
-  },
-  {
-    "timestamp": "2026-05-18T23:58:08.356Z",
-    "label": "scan",
-    "total": 0,
-    "critical": 0,
-    "high": 0,
-    "medium": 0,
-    "low": 0,
-    "kev": 0,
-    "ids": []
-  },
-  {
-    "timestamp": "2026-05-19T00:13:16.849Z",
-    "label": "scan",
-    "total": 0,
-    "critical": 0,
-    "high": 0,
-    "medium": 0,
-    "low": 0,
-    "kev": 0,
-    "ids": []
-  },
-  {
-    "timestamp": "2026-05-19T00:13:29.869Z",
-    "label": "scan",
-    "total": 0,
-    "critical": 0,
-    "high": 0,
-    "medium": 0,
-    "low": 0,
-    "kev": 0,
-    "ids": []
-  }
-]

package/src/lsp/.agentic-security/streak.json DELETED Viewed

@@ -1,22 +0,0 @@
-{
-  "firstScanDate": "2026-05-18T21:27:21.727Z",
-  "lastScanDate": "2026-05-19T00:13:29.875Z",
-  "totalScans": 7,
-  "daysCleanCritical": 2,
-  "lastCleanDate": "2026-05-19",
-  "lastCriticalDate": null,
-  "hasEverHadCritical": false,
-  "bestDaysCleanCritical": 2,
-  "totalFindingsAtFirstScan": 0,
-  "totalFindingsAtLastScan": 0,
-  "totalFixesInferred": 0,
-  "lastGrade": "A+",
-  "bestGrade": "A+",
-  "launchCheckPassedAt": null,
-  "achievements": [
-    "first-scan",
-    "grade-a",
-    "grade-a-plus"
-  ],
-  "previousGrade": "A+"
-}