@drbaher/draft-cli 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/AGENTS.md +224 -0
  2. package/ARCHITECTURE.md +206 -0
  3. package/CHANGELOG.md +108 -0
  4. package/FAQ.md +190 -0
  5. package/GETTING_STARTED.md +263 -0
  6. package/LICENSE +21 -0
  7. package/PARAM_SCHEMA.md +341 -0
  8. package/README.md +305 -0
  9. package/SECURITY.md +76 -0
  10. package/draft-cli.mjs +1757 -0
  11. package/package.json +58 -0
package/SECURITY.md ADDED
@@ -0,0 +1,76 @@
1
+ # Security policy
2
+
3
+ ## Posture
4
+
5
+ `draft-cli` is **local-first**. Every step of the substitution pipeline
6
+ runs on your machine. There is no telemetry, no usage reporting, no
7
+ crash reporter, and no auto-update.
8
+
9
+ ## Network calls
10
+
11
+ There is exactly **one** outbound network surface in the entire CLI:
12
+ the optional T5 LLM tier. It runs only when **all** of these are true:
13
+
14
+ 1. The deterministic tiers (bracket, mustache, `.docx` highlight,
15
+ heuristic) all found zero placeholders.
16
+ 2. A provider API key is configured — either in a `.env` file in the
17
+ working directory or in the process environment.
18
+ 3. `--no-llm` was not passed.
19
+
20
+ When T5 runs, it sends **template text only** to the configured
21
+ provider (Anthropic, OpenAI, or an explicit `DRAFT_LLM_*` override).
22
+ It does **not** send:
23
+
24
+ - The `--params` file contents
25
+ - The `<template>.params.json` schema contents
26
+ - The `.env` file contents (other than the API key it reads to make the call)
27
+ - CLI flag values
28
+ - Any other environment variables
29
+
30
+ Pass `--no-llm` to disable T5 even when env is configured.
31
+
32
+ ## Dependencies
33
+
34
+ One runtime dependency: `jszip` (MIT, used for `.docx` unzip). Pinned
35
+ in `package.json`; verified at install time via `npm install --provenance`
36
+ when published. No transitive runtime deps beyond what jszip itself
37
+ needs.
38
+
39
+ All other parsing (`.env`, command-line args, XML, JSON) is hand-rolled
40
+ in `draft-cli.mjs` using the Node stdlib.
41
+
42
+ ## Reporting a vulnerability
43
+
44
+ Email **Drbaher@gmail.com** with subject `draft-cli: security` and
45
+ include:
46
+
47
+ - Affected version (`draft --version`)
48
+ - A minimal reproduction (template snippet, command, observed behavior)
49
+ - The actual vs expected impact
50
+
51
+ Please give a reasonable disclosure window before publishing. I'll
52
+ acknowledge within 5 business days and aim to patch within 30 days for
53
+ anything that could leak template content, params, or `.env` contents.
54
+
55
+ ## Threat model — what's in scope
56
+
57
+ - A malicious template that tries to exfiltrate data via the LLM tier.
58
+ Mitigation: T5 sends template text only. No other context.
59
+ - A malicious schema file that triggers parser misbehavior.
60
+ Mitigation: schema parsing is plain `JSON.parse` + structural validation;
61
+ no `eval`, no `Function` constructor.
62
+ - A malicious `.docx` that triggers a zip bomb or path traversal.
63
+ Mitigation: we only read `word/document.xml`; jszip is stream-bounded
64
+ and `.docx` paths are hard-coded, not user-controlled.
65
+ - An untrusted `--dictionary` file. Mitigation: parsed as JSON array of
66
+ strings; non-string entries rejected.
67
+
68
+ ## Threat model — what's out of scope
69
+
70
+ - Running `draft-cli` on hostile shell input. `draft-cli` is a CLI; if
71
+ your invocation context is hostile, that's your shell's problem.
72
+ - LLM provider compromise (Anthropic / OpenAI infrastructure). If you
73
+ don't trust the provider, don't configure their key.
74
+ - A user who sets `--yes-heuristic` and then complains that the
75
+ heuristic substituted over their real party name. That's the entire
76
+ reason the default is "warn-only."