@guava-parity/guard-scanner 13.0.0 → 16.0.0

package/docs/index.html

@@ -1,441 +1,1029 @@
 <!DOCTYPE html>
 <html lang="en">
+
 <head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>guard-scanner — Security Dashboard</title>
-<meta name="description" content="Real-time security dashboard for AI agent skills. 352 patterns · 32 categories · 8 MCP checks · OWASP ASI01-10. Zero dependencies.">
-<link rel="preconnect" href="https://fonts.googleapis.com">
-<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
-<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&family=JetBrains+Mono:wght@400;500;700&display=swap" rel="stylesheet">
-<style>
-*,*::before,*::after{box-sizing:border-box;margin:0;padding:0}
-:root{
-  --bg:#0a0e17;--bg2:#111827;--surface:rgba(17,24,39,.65);
-  --border:rgba(0,255,136,.12);--border-hover:rgba(0,255,136,.3);
-  --green:#00ff88;--green-dim:rgba(0,255,136,.15);--green-glow:rgba(0,255,136,.25);
-  --amber:#ffb800;--amber-dim:rgba(255,184,0,.15);
-  --red:#ff3b5c;--red-dim:rgba(255,59,92,.15);
-  --blue:#38bdf8;--blue-dim:rgba(56,189,248,.12);
-  --purple:#a78bfa;--purple-dim:rgba(167,139,250,.12);
-  --text:#e2e8f0;--text-dim:#94a3b8;--text-muted:#64748b;
-  --font:'Inter',system-ui,sans-serif;--mono:'JetBrains Mono',monospace;
-  --glass:saturate(180%) blur(20px);
-  --radius:16px;--radius-sm:10px;
-}
-html{scroll-behavior:smooth}
-body{font-family:var(--font);background:var(--bg);color:var(--text);min-height:100vh;overflow-x:hidden;line-height:1.6}
-
-/* ── Background Effects ── */
-body::before{content:'';position:fixed;top:-50%;left:-50%;width:200%;height:200%;background:radial-gradient(ellipse at 20% 50%,rgba(0,255,136,.04) 0%,transparent 50%),radial-gradient(ellipse at 80% 20%,rgba(56,189,248,.03) 0%,transparent 50%),radial-gradient(ellipse at 50% 80%,rgba(167,139,250,.03) 0%,transparent 40%);z-index:0;pointer-events:none}
-.grid-bg{position:fixed;inset:0;background-image:linear-gradient(rgba(0,255,136,.03) 1px,transparent 1px),linear-gradient(90deg,rgba(0,255,136,.03) 1px,transparent 1px);background-size:64px 64px;z-index:0;pointer-events:none;opacity:.5}
-
-/* ── Layout ── */
-.container{max-width:1200px;margin:0 auto;padding:0 24px;position:relative;z-index:1}
-section{margin-bottom:64px}
-
-/* ── Animations ── */
-@keyframes fadeUp{from{opacity:0;transform:translateY(24px)}to{opacity:1;transform:translateY(0)}}
-@keyframes pulse-glow{0%,100%{box-shadow:0 0 20px rgba(0,255,136,.1)}50%{box-shadow:0 0 40px rgba(0,255,136,.2)}}
-@keyframes count-up{from{opacity:.3}to{opacity:1}}
-.fade-up{animation:fadeUp .6s ease-out both}
-.fade-up:nth-child(2){animation-delay:.1s}
-.fade-up:nth-child(3){animation-delay:.2s}
-.fade-up:nth-child(4){animation-delay:.3s}
-
-/* ── Glass Card ── */
-.glass{background:var(--surface);backdrop-filter:var(--glass);-webkit-backdrop-filter:var(--glass);border:1px solid var(--border);border-radius:var(--radius);transition:border-color .3s,box-shadow .3s,transform .3s}
-.glass:hover{border-color:var(--border-hover);box-shadow:0 8px 32px rgba(0,255,136,.08);transform:translateY(-2px)}
-
-/* ── Hero ── */
-.hero{padding:80px 0 48px;text-align:center}
-.hero-badge{display:inline-flex;align-items:center;gap:8px;padding:6px 16px;border-radius:999px;background:var(--green-dim);border:1px solid rgba(0,255,136,.2);font-size:13px;font-weight:600;color:var(--green);letter-spacing:.03em;margin-bottom:24px}
-.hero-badge .dot{width:8px;height:8px;border-radius:50%;background:var(--green);animation:pulse-glow 2s ease-in-out infinite}
-.hero h1{font-size:clamp(2.5rem,6vw,4rem);font-weight:900;letter-spacing:-.03em;background:linear-gradient(135deg,#fff 0%,var(--green) 50%,var(--blue) 100%);-webkit-background-clip:text;-webkit-text-fill-color:transparent;background-clip:text;margin-bottom:12px}
-.hero h1 .shield{font-size:1em;-webkit-text-fill-color:var(--green);filter:drop-shadow(0 0 12px rgba(0,255,136,.4))}
-.hero .tagline{font-size:clamp(1.1rem,2.5vw,1.4rem);color:var(--text-dim);font-weight:500;max-width:640px;margin:0 auto 32px}
-.hero .badges{display:flex;flex-wrap:wrap;gap:8px;justify-content:center}
-.hero .badges img{height:22px;border-radius:4px}
-.hero .sub-stats{display:flex;flex-wrap:wrap;gap:24px;justify-content:center;margin-top:24px;font-size:14px;color:var(--text-muted)}
-.hero .sub-stats span{display:flex;align-items:center;gap:6px}
-.hero .sub-stats .num{color:var(--green);font-family:var(--mono);font-weight:700}
-
-/* ── Stats Grid ── */
-.stats-grid{display:grid;grid-template-columns:repeat(auto-fit,minmax(220px,1fr));gap:20px;margin-bottom:48px}
-.stat-card{padding:28px 24px;text-align:center}
-.stat-card .stat-icon{font-size:28px;margin-bottom:12px;display:block}
-.stat-card .stat-value{font-family:var(--mono);font-size:2.4rem;font-weight:800;line-height:1;margin-bottom:6px;background:linear-gradient(135deg,#fff,var(--green));-webkit-background-clip:text;-webkit-text-fill-color:transparent;background-clip:text}
-.stat-card .stat-label{font-size:13px;color:var(--text-muted);text-transform:uppercase;letter-spacing:.08em;font-weight:600}
-.stat-card.amber .stat-value{background:linear-gradient(135deg,#fff,var(--amber));-webkit-background-clip:text;-webkit-text-fill-color:transparent;background-clip:text}
-.stat-card.red .stat-value{background:linear-gradient(135deg,#fff,var(--red));-webkit-background-clip:text;-webkit-text-fill-color:transparent;background-clip:text}
-.stat-card.blue .stat-value{background:linear-gradient(135deg,#fff,var(--blue));-webkit-background-clip:text;-webkit-text-fill-color:transparent;background-clip:text}
-
-/* ── Section Headings ── */
-.section-head{margin-bottom:28px}
-.section-head h2{font-size:1.6rem;font-weight:800;letter-spacing:-.02em;display:flex;align-items:center;gap:10px}
-.section-head h2 .icon{font-size:1.2em}
-.section-head p{color:var(--text-dim);font-size:14px;margin-top:4px;max-width:600px}
-
-/* ── Checks Grid ── */
-.checks-grid{display:grid;grid-template-columns:repeat(auto-fill,minmax(280px,1fr));gap:16px}
-.check-card{padding:20px;display:flex;align-items:flex-start;gap:14px}
-.check-card .check-num{font-family:var(--mono);font-size:12px;font-weight:700;color:var(--green);background:var(--green-dim);width:28px;height:28px;border-radius:8px;display:flex;align-items:center;justify-content:center;flex-shrink:0}
-.check-card .check-body h3{font-size:14px;font-weight:700;margin-bottom:4px;color:#fff}
-.check-card .check-body p{font-size:12px;color:var(--text-muted);line-height:1.5}
-.check-card .check-body .ref{font-size:11px;color:var(--blue);font-family:var(--mono);margin-top:4px;opacity:.8}
-
-/* ── OWASP Grid ── */
-.owasp-grid{display:grid;grid-template-columns:repeat(auto-fill,minmax(220px,1fr));gap:12px}
-.owasp-item{padding:16px;display:flex;align-items:center;gap:12px}
-.owasp-item .owasp-code{font-family:var(--mono);font-size:12px;font-weight:700;color:var(--green);background:var(--green-dim);padding:4px 10px;border-radius:6px;white-space:nowrap}
-.owasp-item .owasp-label{font-size:13px;font-weight:500}
-.owasp-item .owasp-check{margin-left:auto;color:var(--green);font-size:16px;flex-shrink:0}
-
-/* ── Donut Chart ── */
-.chart-container{display:flex;flex-wrap:wrap;gap:40px;align-items:center;justify-content:center}
-.donut-wrap{position:relative;width:200px;height:200px;flex-shrink:0}
-.donut-wrap svg{width:100%;height:100%;transform:rotate(-90deg)}
-.donut-wrap .center-label{position:absolute;inset:0;display:flex;flex-direction:column;align-items:center;justify-content:center}
-.donut-wrap .center-label .big{font-family:var(--mono);font-size:2rem;font-weight:800;color:#fff}
-.donut-wrap .center-label .sub{font-size:12px;color:var(--text-muted);margin-top:2px}
-.legend{display:flex;flex-direction:column;gap:8px}
-.legend-item{display:flex;align-items:center;gap:10px;font-size:13px}
-.legend-item .swatch{width:12px;height:12px;border-radius:3px;flex-shrink:0}
-.legend-item .count{font-family:var(--mono);margin-left:auto;color:var(--text-dim);font-weight:600;min-width:24px;text-align:right}
-
-/* ── Skills Table ── */
-.table-wrap{overflow-x:auto;border-radius:var(--radius)}
-.table-controls{display:flex;flex-wrap:wrap;gap:12px;margin-bottom:16px;align-items:center}
-.table-controls input{background:var(--surface);backdrop-filter:var(--glass);border:1px solid var(--border);border-radius:var(--radius-sm);padding:10px 16px;color:var(--text);font-size:14px;font-family:var(--font);width:280px;outline:none;transition:border-color .3s}
-.table-controls input:focus{border-color:var(--green)}
-.table-controls input::placeholder{color:var(--text-muted)}
-.filter-btn{background:var(--surface);border:1px solid var(--border);border-radius:var(--radius-sm);padding:8px 16px;color:var(--text-dim);font-size:13px;font-weight:600;cursor:pointer;transition:all .2s;font-family:var(--font)}
-.filter-btn:hover,.filter-btn.active{border-color:var(--green);color:var(--green);background:var(--green-dim)}
-table{width:100%;border-collapse:collapse}
-table th{text-align:left;padding:14px 16px;font-size:12px;text-transform:uppercase;letter-spacing:.06em;color:var(--text-muted);font-weight:700;border-bottom:1px solid var(--border);cursor:pointer;user-select:none;white-space:nowrap;transition:color .2s}
-table th:hover{color:var(--green)}
-table td{padding:12px 16px;font-size:14px;border-bottom:1px solid rgba(255,255,255,.04);vertical-align:middle}
-table tr{transition:background .2s}
-table tbody tr:hover{background:rgba(0,255,136,.03)}
-.skill-name{font-weight:600;font-family:var(--mono);font-size:13px}
-.badge{display:inline-block;padding:3px 10px;border-radius:6px;font-size:11px;font-weight:700;font-family:var(--mono);text-transform:uppercase;letter-spacing:.04em}
-.badge-clean{background:var(--green-dim);color:var(--green)}
-.badge-findings{background:var(--amber-dim);color:var(--amber)}
-.badge-error{background:var(--red-dim);color:var(--red)}
-.risk-bar{width:60px;height:6px;background:rgba(255,255,255,.08);border-radius:3px;overflow:hidden;display:inline-block;vertical-align:middle;margin-right:8px}
-.risk-bar-fill{height:100%;border-radius:3px;transition:width .4s ease}
-.risk-low{background:var(--green)}
-.risk-med{background:var(--amber)}
-.risk-high{background:var(--red)}
-
-/* ── Footer ── */
-.footer{text-align:center;padding:48px 0;border-top:1px solid var(--border);color:var(--text-muted);font-size:13px}
-.footer a{color:var(--green);text-decoration:none;font-weight:600;transition:opacity .2s}
-.footer a:hover{opacity:.7}
-.footer .footer-links{display:flex;flex-wrap:wrap;gap:24px;justify-content:center;margin-bottom:16px}
-.footer .heart{color:var(--red)}
-
-/* ── Responsive ── */
-@media(max-width:768px){
-  .hero{padding:48px 0 32px}
-  .hero h1{font-size:2rem}
-  .stats-grid{grid-template-columns:repeat(2,1fr);gap:12px}
-  .stat-card{padding:20px 16px}
-  .stat-card .stat-value{font-size:1.8rem}
-  .checks-grid{grid-template-columns:1fr}
-  .owasp-grid{grid-template-columns:1fr}
-  .chart-container{flex-direction:column;align-items:center}
-  .table-controls input{width:100%}
-}
-@media(max-width:480px){
-  .stats-grid{grid-template-columns:1fr}
-  .container{padding:0 16px}
-}
-</style>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>guard-scanner — Security Dashboard</title>
+  <meta name="description"
+    content="Real-time security dashboard for AI agent skills. 352 patterns · 32 categories · 8 MCP checks · OWASP ASI01-10. Zero dependencies.">
+  <link rel="preconnect" href="https://fonts.googleapis.com">
+  <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+  <link
+    href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&family=JetBrains+Mono:wght@400;500;700&display=swap"
+    rel="stylesheet">
+  <style>
+    *,
+    *::before,
+    *::after {
+      box-sizing: border-box;
+      margin: 0;
+      padding: 0
+    }
+
+    :root {
+      --bg: #0a0e17;
+      --bg2: #111827;
+      --surface: rgba(17, 24, 39, .65);
+      --border: rgba(0, 255, 136, .12);
+      --border-hover: rgba(0, 255, 136, .3);
+      --green: #00ff88;
+      --green-dim: rgba(0, 255, 136, .15);
+      --green-glow: rgba(0, 255, 136, .25);
+      --amber: #ffb800;
+      --amber-dim: rgba(255, 184, 0, .15);
+      --red: #ff3b5c;
+      --red-dim: rgba(255, 59, 92, .15);
+      --blue: #38bdf8;
+      --blue-dim: rgba(56, 189, 248, .12);
+      --purple: #a78bfa;
+      --purple-dim: rgba(167, 139, 250, .12);
+      --text: #e2e8f0;
+      --text-dim: #94a3b8;
+      --text-muted: #64748b;
+      --font: 'Inter', system-ui, sans-serif;
+      --mono: 'JetBrains Mono', monospace;
+      --glass: saturate(180%) blur(20px);
+      --radius: 16px;
+      --radius-sm: 10px;
+    }
+
+    html {
+      scroll-behavior: smooth
+    }
+
+    body {
+      font-family: var(--font);
+      background: var(--bg);
+      color: var(--text);
+      min-height: 100vh;
+      overflow-x: hidden;
+      line-height: 1.6
+    }
+
+    /* ── Background Effects ── */
+    body::before {
+      content: '';
+      position: fixed;
+      top: -50%;
+      left: -50%;
+      width: 200%;
+      height: 200%;
+      background: radial-gradient(ellipse at 20% 50%, rgba(0, 255, 136, .04) 0%, transparent 50%), radial-gradient(ellipse at 80% 20%, rgba(56, 189, 248, .03) 0%, transparent 50%), radial-gradient(ellipse at 50% 80%, rgba(167, 139, 250, .03) 0%, transparent 40%);
+      z-index: 0;
+      pointer-events: none
+    }
+
+    .grid-bg {
+      position: fixed;
+      inset: 0;
+      background-image: linear-gradient(rgba(0, 255, 136, .03) 1px, transparent 1px), linear-gradient(90deg, rgba(0, 255, 136, .03) 1px, transparent 1px);
+      background-size: 64px 64px;
+      z-index: 0;
+      pointer-events: none;
+      opacity: .5
+    }
+
+    /* ── Layout ── */
+    .container {
+      max-width: 1200px;
+      margin: 0 auto;
+      padding: 0 24px;
+      position: relative;
+      z-index: 1
+    }
+
+    section {
+      margin-bottom: 64px
+    }
+
+    /* ── Animations ── */
+    @keyframes fadeUp {
+      from {
+        opacity: 0;
+        transform: translateY(24px)
+      }
+
+      to {
+        opacity: 1;
+        transform: translateY(0)
+      }
+    }
+
+    @keyframes pulse-glow {
+
+      0%,
+      100% {
+        box-shadow: 0 0 20px rgba(0, 255, 136, .1)
+      }
+
+      50% {
+        box-shadow: 0 0 40px rgba(0, 255, 136, .2)
+      }
+    }
+
+    @keyframes count-up {
+      from {
+        opacity: .3
+      }
+
+      to {
+        opacity: 1
+      }
+    }
+
+    .fade-up {
+      animation: fadeUp .6s ease-out both
+    }
+
+    .fade-up:nth-child(2) {
+      animation-delay: .1s
+    }
+
+    .fade-up:nth-child(3) {
+      animation-delay: .2s
+    }
+
+    .fade-up:nth-child(4) {
+      animation-delay: .3s
+    }
+
+    /* ── Glass Card ── */
+    .glass {
+      background: var(--surface);
+      backdrop-filter: var(--glass);
+      -webkit-backdrop-filter: var(--glass);
+      border: 1px solid var(--border);
+      border-radius: var(--radius);
+      transition: border-color .3s, box-shadow .3s, transform .3s
+    }
+
+    .glass:hover {
+      border-color: var(--border-hover);
+      box-shadow: 0 8px 32px rgba(0, 255, 136, .08);
+      transform: translateY(-2px)
+    }
+
+    /* ── Hero ── */
+    .hero {
+      padding: 80px 0 48px;
+      text-align: center
+    }
+
+    .hero-badge {
+      display: inline-flex;
+      align-items: center;
+      gap: 8px;
+      padding: 6px 16px;
+      border-radius: 999px;
+      background: var(--green-dim);
+      border: 1px solid rgba(0, 255, 136, .2);
+      font-size: 13px;
+      font-weight: 600;
+      color: var(--green);
+      letter-spacing: .03em;
+      margin-bottom: 24px
+    }
+
+    .hero-badge .dot {
+      width: 8px;
+      height: 8px;
+      border-radius: 50%;
+      background: var(--green);
+      animation: pulse-glow 2s ease-in-out infinite
+    }
+
+    .hero h1 {
+      font-size: clamp(2.5rem, 6vw, 4rem);
+      font-weight: 900;
+      letter-spacing: -.03em;
+      background: linear-gradient(135deg, #fff 0%, var(--green) 50%, var(--blue) 100%);
+      -webkit-background-clip: text;
+      -webkit-text-fill-color: transparent;
+      background-clip: text;
+      margin-bottom: 12px
+    }
+
+    .hero h1 .shield {
+      font-size: 1em;
+      -webkit-text-fill-color: var(--green);
+      filter: drop-shadow(0 0 12px rgba(0, 255, 136, .4))
+    }
+
+    .hero .tagline {
+      font-size: clamp(1.1rem, 2.5vw, 1.4rem);
+      color: var(--text-dim);
+      font-weight: 500;
+      max-width: 640px;
+      margin: 0 auto 32px
+    }
+
+    .hero .badges {
+      display: flex;
+      flex-wrap: wrap;
+      gap: 8px;
+      justify-content: center
+    }
+
+    .hero .badges img {
+      height: 22px;
+      border-radius: 4px
+    }
+
+    .hero .sub-stats {
+      display: flex;
+      flex-wrap: wrap;
+      gap: 24px;
+      justify-content: center;
+      margin-top: 24px;
+      font-size: 14px;
+      color: var(--text-muted)
+    }
+
+    .hero .sub-stats span {
+      display: flex;
+      align-items: center;
+      gap: 6px
+    }
+
+    .hero .sub-stats .num {
+      color: var(--green);
+      font-family: var(--mono);
+      font-weight: 700
+    }
+
+    /* ── Stats Grid ── */
+    .stats-grid {
+      display: grid;
+      grid-template-columns: repeat(auto-fit, minmax(220px, 1fr));
+      gap: 20px;
+      margin-bottom: 48px
+    }
+
+    .stat-card {
+      padding: 28px 24px;
+      text-align: center
+    }
+
+    .stat-card .stat-icon {
+      font-size: 28px;
+      margin-bottom: 12px;
+      display: block
+    }
+
+    .stat-card .stat-value {
+      font-family: var(--mono);
+      font-size: 2.4rem;
+      font-weight: 800;
+      line-height: 1;
+      margin-bottom: 6px;
+      background: linear-gradient(135deg, #fff, var(--green));
+      -webkit-background-clip: text;
+      -webkit-text-fill-color: transparent;
+      background-clip: text
+    }
+
+    .stat-card .stat-label {
+      font-size: 13px;
+      color: var(--text-muted);
+      text-transform: uppercase;
+      letter-spacing: .08em;
+      font-weight: 600
+    }
+
+    .stat-card.amber .stat-value {
+      background: linear-gradient(135deg, #fff, var(--amber));
+      -webkit-background-clip: text;
+      -webkit-text-fill-color: transparent;
+      background-clip: text
+    }
+
+    .stat-card.red .stat-value {
+      background: linear-gradient(135deg, #fff, var(--red));
+      -webkit-background-clip: text;
+      -webkit-text-fill-color: transparent;
+      background-clip: text
+    }
+
+    .stat-card.blue .stat-value {
+      background: linear-gradient(135deg, #fff, var(--blue));
+      -webkit-background-clip: text;
+      -webkit-text-fill-color: transparent;
+      background-clip: text
+    }
+
+    /* ── Section Headings ── */
+    .section-head {
+      margin-bottom: 28px
+    }
+
+    .section-head h2 {
+      font-size: 1.6rem;
+      font-weight: 800;
+      letter-spacing: -.02em;
+      display: flex;
+      align-items: center;
+      gap: 10px
+    }
+
+    .section-head h2 .icon {
+      font-size: 1.2em
+    }
+
+    .section-head p {
+      color: var(--text-dim);
+      font-size: 14px;
+      margin-top: 4px;
+      max-width: 600px
+    }
+
+    /* ── Checks Grid ── */
+    .checks-grid {
+      display: grid;
+      grid-template-columns: repeat(auto-fill, minmax(280px, 1fr));
+      gap: 16px
+    }
+
+    .check-card {
+      padding: 20px;
+      display: flex;
+      align-items: flex-start;
+      gap: 14px
+    }
+
+    .check-card .check-num {
+      font-family: var(--mono);
+      font-size: 12px;
+      font-weight: 700;
+      color: var(--green);
+      background: var(--green-dim);
+      width: 28px;
+      height: 28px;
+      border-radius: 8px;
+      display: flex;
+      align-items: center;
+      justify-content: center;
+      flex-shrink: 0
+    }
+
+    .check-card .check-body h3 {
+      font-size: 14px;
+      font-weight: 700;
+      margin-bottom: 4px;
+      color: #fff
+    }
+
+    .check-card .check-body p {
+      font-size: 12px;
+      color: var(--text-muted);
+      line-height: 1.5
+    }
+
+    .check-card .check-body .ref {
+      font-size: 11px;
+      color: var(--blue);
+      font-family: var(--mono);
+      margin-top: 4px;
+      opacity: .8
+    }
+
+    /* ── OWASP Grid ── */
+    .owasp-grid {
+      display: grid;
+      grid-template-columns: repeat(auto-fill, minmax(220px, 1fr));
+      gap: 12px
+    }
+
+    .owasp-item {
+      padding: 16px;
+      display: flex;
+      align-items: center;
+      gap: 12px
+    }
+
+    .owasp-item .owasp-code {
+      font-family: var(--mono);
+      font-size: 12px;
+      font-weight: 700;
+      color: var(--green);
+      background: var(--green-dim);
+      padding: 4px 10px;
+      border-radius: 6px;
+      white-space: nowrap
+    }
+
+    .owasp-item .owasp-label {
+      font-size: 13px;
+      font-weight: 500
+    }
+
+    .owasp-item .owasp-check {
+      margin-left: auto;
+      color: var(--green);
+      font-size: 16px;
+      flex-shrink: 0
+    }
+
+    /* ── Donut Chart ── */
+    .chart-container {
+      display: flex;
+      flex-wrap: wrap;
+      gap: 40px;
+      align-items: center;
+      justify-content: center
+    }
+
+    .donut-wrap {
+      position: relative;
+      width: 200px;
+      height: 200px;
+      flex-shrink: 0
+    }
+
+    .donut-wrap svg {
+      width: 100%;
+      height: 100%;
+      transform: rotate(-90deg)
+    }
+
+    .donut-wrap .center-label {
+      position: absolute;
+      inset: 0;
+      display: flex;
+      flex-direction: column;
+      align-items: center;
+      justify-content: center
+    }
+
+    .donut-wrap .center-label .big {
+      font-family: var(--mono);
+      font-size: 2rem;
+      font-weight: 800;
+      color: #fff
+    }
+
+    .donut-wrap .center-label .sub {
+      font-size: 12px;
+      color: var(--text-muted);
+      margin-top: 2px
+    }
+
+    .legend {
+      display: flex;
+      flex-direction: column;
+      gap: 8px
+    }
+
+    .legend-item {
+      display: flex;
+      align-items: center;
+      gap: 10px;
+      font-size: 13px
+    }
+
+    .legend-item .swatch {
+      width: 12px;
+      height: 12px;
+      border-radius: 3px;
+      flex-shrink: 0
+    }
+
+    .legend-item .count {
+      font-family: var(--mono);
+      margin-left: auto;
+      color: var(--text-dim);
+      font-weight: 600;
+      min-width: 24px;
+      text-align: right
+    }
+
+    /* ── Skills Table ── */
+    .table-wrap {
+      overflow-x: auto;
+      border-radius: var(--radius)
+    }
+
+    .table-controls {
+      display: flex;
+      flex-wrap: wrap;
+      gap: 12px;
+      margin-bottom: 16px;
+      align-items: center
+    }
+
+    .table-controls input {
+      background: var(--surface);
+      backdrop-filter: var(--glass);
+      border: 1px solid var(--border);
+      border-radius: var(--radius-sm);
+      padding: 10px 16px;
+      color: var(--text);
+      font-size: 14px;
+      font-family: var(--font);
+      width: 280px;
+      outline: none;
+      transition: border-color .3s
+    }
+
+    .table-controls input:focus {
+      border-color: var(--green)
+    }
+
+    .table-controls input::placeholder {
+      color: var(--text-muted)
+    }
+
+    .filter-btn {
+      background: var(--surface);
+      border: 1px solid var(--border);
+      border-radius: var(--radius-sm);
+      padding: 8px 16px;
+      color: var(--text-dim);
+      font-size: 13px;
+      font-weight: 600;
+      cursor: pointer;
+      transition: all .2s;
+      font-family: var(--font)
+    }
+
+    .filter-btn:hover,
+    .filter-btn.active {
+      border-color: var(--green);
+      color: var(--green);
+      background: var(--green-dim)
+    }
+
+    table {
+      width: 100%;
+      border-collapse: collapse
+    }
+
+    table th {
+      text-align: left;
+      padding: 14px 16px;
+      font-size: 12px;
+      text-transform: uppercase;
+      letter-spacing: .06em;
+      color: var(--text-muted);
+      font-weight: 700;
+      border-bottom: 1px solid var(--border);
+      cursor: pointer;
+      user-select: none;
+      white-space: nowrap;
+      transition: color .2s
+    }
+
+    table th:hover {
+      color: var(--green)
+    }
+
+    table td {
+      padding: 12px 16px;
+      font-size: 14px;
+      border-bottom: 1px solid rgba(255, 255, 255, .04);
+      vertical-align: middle
+    }
+
+    table tr {
+      transition: background .2s
+    }
+
+    table tbody tr:hover {
+      background: rgba(0, 255, 136, .03)
+    }
+
+    .skill-name {
+      font-weight: 600;
+      font-family: var(--mono);
+      font-size: 13px
+    }
+
+    .badge {
+      display: inline-block;
+      padding: 3px 10px;
+      border-radius: 6px;
+      font-size: 11px;
+      font-weight: 700;
+      font-family: var(--mono);
+      text-transform: uppercase;
+      letter-spacing: .04em
+    }
+
+    .badge-clean {
+      background: var(--green-dim);
+      color: var(--green)
+    }
+
+    .badge-findings {
+      background: var(--amber-dim);
+      color: var(--amber)
+    }
+
+    .badge-error {
+      background: var(--red-dim);
+      color: var(--red)
+    }
+
+    .risk-bar {
+      width: 60px;
+      height: 6px;
+      background: rgba(255, 255, 255, .08);
+      border-radius: 3px;
+      overflow: hidden;
+      display: inline-block;
+      vertical-align: middle;
+      margin-right: 8px
+    }
+
+    .risk-bar-fill {
+      height: 100%;
+      border-radius: 3px;
+      transition: width .4s ease
+    }
+
+    .risk-low {
+      background: var(--green)
+    }
+
+    .risk-med {
+      background: var(--amber)
+    }
+
+    .risk-high {
+      background: var(--red)
+    }
+
+    /* ── Footer ── */
+    .footer {
+      text-align: center;
+      padding: 48px 0;
+      border-top: 1px solid var(--border);
+      color: var(--text-muted);
+      font-size: 13px
+    }
+
+    .footer a {
+      color: var(--green);
+      text-decoration: none;
+      font-weight: 600;
+      transition: opacity .2s
+    }
+
+    .footer a:hover {
+      opacity: .7
+    }
+
+    .footer .footer-links {
+      display: flex;
+      flex-wrap: wrap;
+      gap: 24px;
+      justify-content: center;
+      margin-bottom: 16px
+    }
+
+    .footer .heart {
+      color: var(--red)
+    }
+
+    /* ── Responsive ── */
+    @media(max-width:768px) {
+      .hero {
+        padding: 48px 0 32px
+      }
+
+      .hero h1 {
+        font-size: 2rem
+      }
+
+      .stats-grid {
+        grid-template-columns: repeat(2, 1fr);
+        gap: 12px
+      }
+
+      .stat-card {
+        padding: 20px 16px
+      }
+
+      .stat-card .stat-value {
+        font-size: 1.8rem
+      }
+
+      .checks-grid {
+        grid-template-columns: 1fr
+      }
+
+      .owasp-grid {
+        grid-template-columns: 1fr
+      }
+
+      .chart-container {
+        flex-direction: column;
+        align-items: center
+      }
+
+      .table-controls input {
+        width: 100%
+      }
+    }
+
+    @media(max-width:480px) {
+      .stats-grid {
+        grid-template-columns: 1fr
+      }
+
+      .container {
+        padding: 0 16px
+      }
+    }
+  </style>
 </head>
+
 <body>
-<div class="grid-bg"></div>
-
-<div class="container">
-  <!-- ═══ HERO ═══ -->
-  <section class="hero fade-up">
-    <div class="hero-badge"><span class="dot"></span> Live Security Intelligence</div>
-    <h1><span class="shield">🛡️</span> guard-scanner</h1>
-    <p class="tagline">VirusTotal for AI Agent Skills — real-time threat detection across 32 categories, 352 patterns, and 8 MCP security checks.</p>
-    <div class="badges">
-      <img src="https://img.shields.io/npm/v/@guava-parity/guard-scanner?color=cb3837&style=flat-square" alt="npm">
-      <img src="https://img.shields.io/badge/tests-63%2F63-00ff88?style=flat-square" alt="tests">
-      <img src="https://img.shields.io/badge/deps-0-38bdf8?style=flat-square" alt="deps">
-      <img src="https://img.shields.io/badge/OWASP_ASI-100%25-a78bfa?style=flat-square" alt="OWASP">
-      <img src="https://img.shields.io/npm/l/guard-scanner?color=64748b&style=flat-square" alt="license">
-    </div>
-    <div class="sub-stats">
-      <span>🏷️ Version <span class="num" id="versionBadge">13.0.0</span></span>
-      <span>📦 Categories <span class="num">32</span></span>
-      <span>⚡ Avg Scan <span class="num">0.016ms</span></span>
-      <span>🔌 IDEs <span class="num">8</span></span>
-    </div>
-  </section>
-
-  <!-- ═══ STATS ═══ -->
-  <section class="stats-grid" id="statsGrid">
-    <div class="glass stat-card fade-up">
-      <span class="stat-icon">📋</span>
-      <div class="stat-value" id="statTotal">—</div>
-      <div class="stat-label">Skills Scanned</div>
-    </div>
-    <div class="glass stat-card fade-up">
-      <span class="stat-icon">✅</span>
-      <div class="stat-value" id="statClean">—</div>
-      <div class="stat-label">Clean Rate</div>
-    </div>
-    <div class="glass stat-card amber fade-up">
-      <span class="stat-icon">⚠️</span>
-      <div class="stat-value" id="statFindings">—</div>
-      <div class="stat-label">Findings</div>
-    </div>
-    <div class="glass stat-card blue fade-up">
-      <span class="stat-icon">🕐</span>
-      <div class="stat-value" id="statDate">—</div>
-      <div class="stat-label">Last Scan</div>
-    </div>
-  </section>
-
-  <!-- ═══ THREAT CATEGORIES ═══ -->
-  <section id="chartSection" class="fade-up">
-    <div class="section-head">
-      <h2><span class="icon">📊</span> Threat Category Breakdown</h2>
-      <p>Distribution of detected threats across 32 categories</p>
-    </div>
-    <div class="chart-container glass" style="padding:32px">
-      <div class="donut-wrap">
-        <svg viewBox="0 0 120 120" id="donutChart"></svg>
-        <div class="center-label">
-          <span class="big" id="donutTotal">0</span>
-          <span class="sub">findings</span>
+  <div class="grid-bg"></div>
+
+  <div class="container">
+    <!-- ═══ HERO ═══ -->
+    <section class="hero fade-up">
+      <div class="hero-badge"><span class="dot"></span> Live Security Intelligence</div>
+      <h1><span class="shield">🛡️</span> guard-scanner</h1>
+      <p class="tagline">VirusTotal for AI Agent Skills — real-time threat detection across 32 categories, 352 patterns,
+        and 8 MCP security checks.</p>
+      <div class="badges">
+        <img src="https://img.shields.io/npm/v/@guava-parity/guard-scanner?color=cb3837&style=flat-square" alt="npm">
+        <img src="https://img.shields.io/badge/tests-63%2F63-00ff88?style=flat-square" alt="tests">
+        <img src="https://img.shields.io/badge/deps-0-38bdf8?style=flat-square" alt="deps">
+        <img src="https://img.shields.io/badge/OWASP_ASI-100%25-a78bfa?style=flat-square" alt="OWASP">
+        <img src="https://img.shields.io/npm/l/guard-scanner?color=64748b&style=flat-square" alt="license">
+      </div>
+      <div class="sub-stats">
+        <span>🏷️ Version <span class="num" id="versionBadge">13.0.0</span></span>
+        <span>📦 Categories <span class="num">32</span></span>
+        <span>⚡ Avg Scan <span class="num">0.016ms</span></span>
+        <span>🔌 IDEs <span class="num">8</span></span>
+      </div>
+    </section>
+
+    <!-- ═══ STATS ═══ -->
+    <section class="stats-grid" id="statsGrid">
+      <div class="glass stat-card fade-up">
+        <span class="stat-icon">📋</span>
+        <div class="stat-value" id="statTotal">—</div>
+        <div class="stat-label">Skills Scanned</div>
+      </div>
+      <div class="glass stat-card fade-up">
+        <span class="stat-icon">✅</span>
+        <div class="stat-value" id="statClean">—</div>
+        <div class="stat-label">Clean Rate</div>
+      </div>
+      <div class="glass stat-card amber fade-up">
+        <span class="stat-icon">⚠️</span>
+        <div class="stat-value" id="statFindings">—</div>
+        <div class="stat-label">Findings</div>
+      </div>
+      <div class="glass stat-card blue fade-up">
+        <span class="stat-icon">🕐</span>
+        <div class="stat-value" id="statDate">—</div>
+        <div class="stat-label">Last Scan</div>
+      </div>
+    </section>
+
+    <!-- ═══ THREAT CATEGORIES ═══ -->
+    <section id="chartSection" class="fade-up">
+      <div class="section-head">
+        <h2><span class="icon">📊</span> Threat Category Breakdown</h2>
+        <p>Distribution of detected threats across 32 categories</p>
+      </div>
+      <div class="chart-container glass" style="padding:32px">
+        <div class="donut-wrap">
+          <svg viewBox="0 0 120 120" id="donutChart"></svg>
+          <div class="center-label">
+            <span class="big" id="donutTotal">0</span>
+            <span class="sub">findings</span>
+          </div>
         </div>
+        <div class="legend" id="chartLegend"></div>
+      </div>
+    </section>
+
+    <!-- ═══ MCP SECURITY CHECKS ═══ -->
+    <section class="fade-up">
+      <div class="section-head">
+        <h2><span class="icon">🔒</span> 8 MCP Security Checks</h2>
+        <p>Deep inspection of AI editor MCP configurations across 8 IDEs</p>
+      </div>
+      <div class="checks-grid" id="checksGrid"></div>
+    </section>
+
+    <!-- ═══ OWASP ASI ═══ -->
+    <section class="fade-up">
+      <div class="section-head">
+        <h2><span class="icon">🏛️</span> OWASP ASI01–10 Coverage</h2>
+        <p>100% coverage of the OWASP Agentic Security Initiative top 10 risks</p>
+      </div>
+      <div class="owasp-grid" id="owaspGrid"></div>
+    </section>
+
+    <!-- ═══ SKILL RESULTS TABLE ═══ -->
+    <section class="fade-up">
+      <div class="section-head">
+        <h2><span class="icon">🔍</span> Skill Scan Results</h2>
+        <p>Detailed findings per scanned AI agent skill</p>
+      </div>
+      <div class="table-controls">
+        <input type="text" id="searchInput" placeholder="🔎 Search skills...">
+        <button class="filter-btn active" data-filter="all">All</button>
+        <button class="filter-btn" data-filter="clean">✅ Clean</button>
+        <button class="filter-btn" data-filter="findings">⚠️ Findings</button>
+        <button class="filter-btn" data-filter="error">❌ Error</button>
       </div>
-      <div class="legend" id="chartLegend"></div>
-    </div>
-  </section>
-
-  <!-- ═══ MCP SECURITY CHECKS ═══ -->
-  <section class="fade-up">
-    <div class="section-head">
-      <h2><span class="icon">🔒</span> 8 MCP Security Checks</h2>
-      <p>Deep inspection of AI editor MCP configurations across 8 IDEs</p>
-    </div>
-    <div class="checks-grid" id="checksGrid"></div>
-  </section>
-
-  <!-- ═══ OWASP ASI ═══ -->
-  <section class="fade-up">
-    <div class="section-head">
-      <h2><span class="icon">🏛️</span> OWASP ASI01–10 Coverage</h2>
-      <p>100% coverage of the OWASP Agentic Security Initiative top 10 risks</p>
-    </div>
-    <div class="owasp-grid" id="owaspGrid"></div>
-  </section>
-
-  <!-- ═══ SKILL RESULTS TABLE ═══ -->
-  <section class="fade-up">
-    <div class="section-head">
-      <h2><span class="icon">🔍</span> Skill Scan Results</h2>
-      <p>Detailed findings per scanned AI agent skill</p>
-    </div>
-    <div class="table-controls">
-      <input type="text" id="searchInput" placeholder="🔎 Search skills...">
-      <button class="filter-btn active" data-filter="all">All</button>
-      <button class="filter-btn" data-filter="clean">✅ Clean</button>
-      <button class="filter-btn" data-filter="findings">⚠️ Findings</button>
-      <button class="filter-btn" data-filter="error">❌ Error</button>
-    </div>
-    <div class="glass table-wrap">
-      <table>
-        <thead>
-          <tr>
-            <th data-sort="name">Skill ↕</th>
-            <th data-sort="status">Status ↕</th>
-            <th data-sort="risk">Risk ↕</th>
-            <th data-sort="findings">Findings ↕</th>
-            <th>Time</th>
-          </tr>
-        </thead>
-        <tbody id="resultsBody"></tbody>
-      </table>
-    </div>
-  </section>
-
-  <!-- ═══ FOOTER ═══ -->
-  <footer class="footer">
-    <div class="footer-links">
-      <a href="https://github.com/koatora20/guard-scanner">GitHub</a>
-      <a href="https://www.npmjs.com/package/@guava-parity/guard-scanner">npm</a>
-      <a href="https://github.com/koatora20/dual-shield-paper">Research Paper</a>
-    </div>
-    <p>Built with <span class="heart">♥</span> by <a href="https://github.com/koatora20">Guava Parity Institute</a> — dee & Guava 🍈</p>
-  </footer>
-</div>
-
-<script>
-'use strict';
-
-// ── MCP Security Checks data ──
-const MCP_CHECKS = [
-  { id: 1, name: 'SECRET_IN_ENV', desc: 'Detects hardcoded API keys, tokens, and passwords in MCP server environment variables', ref: 'Original' },
-  { id: 2, name: 'PATH_TRAVERSAL', desc: 'Catches ../ directory traversal patterns in command arguments', ref: 'CVE-2026-27735' },
-  { id: 3, name: 'SUSPICIOUS_FILE_URI', desc: 'Flags file:// URIs targeting sensitive paths like /etc/passwd or ~/.ssh', ref: 'Smithery.ai' },
-  { id: 4, name: 'COMMAND_INJECTION', desc: 'Detects shell metacharacters (;, |, &, $(), backticks) in arguments', ref: 'CVE-2025-54135' },
-  { id: 5, name: 'HOMOGLYPH_NAME', desc: 'Identifies non-ASCII lookalike characters in MCP server names', ref: 'Palo Alto Unit 42' },
-  { id: 6, name: 'PROTOTYPE_POLLUTION', desc: 'Pre-parse raw JSON scan for __proto__, constructor, prototype injection', ref: 'CVE-2026-29063' },
-  { id: 7, name: 'TOOL_SHADOWING', desc: 'Levenshtein distance ≤2 comparison against 17 known MCP server names', ref: 'Snyk Invariant Labs' },
-  { id: 8, name: 'SUSPICIOUS_URL', desc: 'Flags external https:// URLs embedded in MCP tool arguments', ref: 'postmark-mcp incident' },
-];
-
-// ── OWASP ASI01-10 data ──
-const OWASP_ASI = [
-  { code: 'ASI01', label: 'Prompt Injection' },
-  { code: 'ASI02', label: 'Unsafe Tool/Function Calls' },
-  { code: 'ASI03', label: 'Agent Identity Spoofing' },
-  { code: 'ASI04', label: 'Privilege Escalation' },
-  { code: 'ASI05', label: 'Memory Poisoning' },
-  { code: 'ASI06', label: 'Data/Secret Exfiltration' },
-  { code: 'ASI07', label: 'Supply Chain Attack' },
-  { code: 'ASI08', label: 'Cascading Hallucination' },
-  { code: 'ASI09', label: 'Repudiation / Audit Failure' },
-  { code: 'ASI10', label: 'Denial of Service' },
-];
-
-// ── Chart colors ──
-const CHART_COLORS = [
-  '#00ff88','#38bdf8','#a78bfa','#ffb800','#ff3b5c','#f472b6',
-  '#2dd4bf','#fb923c','#818cf8','#a3e635','#e879f9','#fbbf24',
-  '#22d3ee','#f87171','#34d399','#c084fc','#fcd34d','#6ee7b7',
-  '#93c5fd','#fca5a1','#86efac','#c4b5fd','#fde68a',
-];
-
-// ── Demo data (used when fetch fails) ──
-const DEMO_DATA = {
-  meta: { scanDate: new Date().toISOString(), scannerVersion: '13.0.0', totalSkills: 104 },
-  summary: { clean: 85, withFindings: 12, errors: 7, totalFindings: 34, cleanPercentage: 82 },
-  categoryBreakdown: {
-    'Prompt Injection': 8, 'Malicious Code': 6, 'Exfiltration': 5,
-    'Memory Poisoning': 4, 'MCP Security': 3, 'Credential Handling': 3,
-    'Obfuscation': 2, 'Trust Exploitation': 2, 'Persistence': 1,
-  },
-  results: Array.from({ length: 104 }, (_, i) => {
-    const statuses = ['clean','clean','clean','clean','clean','clean','clean','findings','error'];
-    const s = statuses[i % statuses.length];
-    return {
-      name: `skill-${String(i + 1).padStart(3, '0')}`,
-      status: s,
-      findingsCount: s === 'findings' ? Math.ceil(Math.random() * 5) : 0,
-      riskScore: s === 'findings' ? +(Math.random() * 80 + 20).toFixed(1) : s === 'error' ? -1 : 0,
-      findings: [],
-      scannedAt: new Date(Date.now() - Math.random() * 3600000).toISOString(),
+      <div class="glass table-wrap">
+        <table>
+          <thead>
+            <tr>
+              <th data-sort="name">Skill ↕</th>
+              <th data-sort="status">Status ↕</th>
+              <th data-sort="risk">Risk ↕</th>
+              <th data-sort="findings">Findings ↕</th>
+              <th>Time</th>
+            </tr>
+          </thead>
+          <tbody id="resultsBody"></tbody>
+        </table>
+      </div>
+    </section>
+
+    <!-- ═══ FOOTER ═══ -->
+    <footer class="footer">
+      <div class="footer-links">
+        <a href="https://github.com/koatora20/guard-scanner">GitHub</a>
+        <a href="https://www.npmjs.com/package/@guava-parity/guard-scanner">npm</a>
+        <a href="https://github.com/koatora20/dual-shield-paper">Research Paper</a>
+      </div>
+      <p>Built with <span class="heart">♥</span> by <a href="https://github.com/koatora20">Guava Parity Institute</a> —
+        dee & Guava 🍈</p>
+    </footer>
+  </div>
+
+  <script>
+    'use strict';
+
+    // ── MCP Security Checks data ──
+    const MCP_CHECKS = [
+      { id: 1, name: 'SECRET_IN_ENV', desc: 'Detects hardcoded API keys, tokens, and passwords in MCP server environment variables', ref: 'Original' },
+      { id: 2, name: 'PATH_TRAVERSAL', desc: 'Catches ../ directory traversal patterns in command arguments', ref: 'CVE-2026-27735' },
+      { id: 3, name: 'SUSPICIOUS_FILE_URI', desc: 'Flags file:// URIs targeting sensitive paths like /etc/passwd or ~/.ssh', ref: 'Smithery.ai' },
+      { id: 4, name: 'COMMAND_INJECTION', desc: 'Detects shell metacharacters (;, |, &, $(), backticks) in arguments', ref: 'CVE-2025-54135' },
+      { id: 5, name: 'HOMOGLYPH_NAME', desc: 'Identifies non-ASCII lookalike characters in MCP server names', ref: 'Palo Alto Unit 42' },
+      { id: 6, name: 'PROTOTYPE_POLLUTION', desc: 'Pre-parse raw JSON scan for __proto__, constructor, prototype injection', ref: 'CVE-2026-29063' },
+      { id: 7, name: 'TOOL_SHADOWING', desc: 'Levenshtein distance ≤2 comparison against 17 known MCP server names', ref: 'Snyk Invariant Labs' },
+      { id: 8, name: 'SUSPICIOUS_URL', desc: 'Flags external https:// URLs embedded in MCP tool arguments', ref: 'postmark-mcp incident' },
+    ];
+
+    // ── OWASP ASI01-10 data ──
+    const OWASP_ASI = [
+      { code: 'ASI01', label: 'Prompt Injection' },
+      { code: 'ASI02', label: 'Unsafe Tool/Function Calls' },
+      { code: 'ASI03', label: 'Agent Identity Spoofing' },
+      { code: 'ASI04', label: 'Privilege Escalation' },
+      { code: 'ASI05', label: 'Memory Poisoning' },
+      { code: 'ASI06', label: 'Data/Secret Exfiltration' },
+      { code: 'ASI07', label: 'Supply Chain Attack' },
+      { code: 'ASI08', label: 'Cascading Hallucination' },
+      { code: 'ASI09', label: 'Repudiation / Audit Failure' },
+      { code: 'ASI10', label: 'Denial of Service' },
+    ];
+
+    // ── Chart colors ──
+    const CHART_COLORS = [
+      '#00ff88', '#38bdf8', '#a78bfa', '#ffb800', '#ff3b5c', '#f472b6',
+      '#2dd4bf', '#fb923c', '#818cf8', '#a3e635', '#e879f9', '#fbbf24',
+      '#22d3ee', '#f87171', '#34d399', '#c084fc', '#fcd34d', '#6ee7b7',
+      '#93c5fd', '#fca5a1', '#86efac', '#c4b5fd', '#fde68a',
+    ];
+
+    // ── Demo data (used when fetch fails) ──
+    const DEMO_DATA = {
+      meta: { scanDate: new Date().toISOString(), scannerVersion: '13.0.0', totalSkills: 104 },
+      summary: { clean: 85, withFindings: 12, errors: 7, totalFindings: 34, cleanPercentage: 82 },
+      categoryBreakdown: {
+        'Prompt Injection': 8, 'Malicious Code': 6, 'Exfiltration': 5,
+        'Memory Poisoning': 4, 'MCP Security': 3, 'Credential Handling': 3,
+        'Obfuscation': 2, 'Trust Exploitation': 2, 'Persistence': 1,
+      },
+      results: Array.from({ length: 104 }, (_, i) => {
+        const statuses = ['clean', 'clean', 'clean', 'clean', 'clean', 'clean', 'clean', 'findings', 'error'];
+        const s = statuses[i % statuses.length];
+        return {
+          name: `skill-${String(i + 1).padStart(3, '0')}`,
+          status: s,
+          findingsCount: s === 'findings' ? Math.ceil(Math.random() * 5) : 0,
+          riskScore: s === 'findings' ? +(Math.random() * 80 + 20).toFixed(1) : s === 'error' ? -1 : 0,
+          findings: [],
+          scannedAt: new Date(Date.now() - Math.random() * 3600000).toISOString(),
+        };
+      }),
     };
-  }),
-};
-
-// ── State ──
-let DATA = null;
-let sortCol = 'risk';
-let sortDir = -1;
-let filterStatus = 'all';
-
-// ── Init ──
-async function init() {
-  try {
-    // Try relative paths for both GitHub Pages and local dev
-    let resp;
-    for (const url of ['../data/latest.json', './data/latest.json', 'data/latest.json']) {
-      try { resp = await fetch(url); if (resp.ok) break; } catch {}
-    }
-    if (resp && resp.ok) {
-      DATA = await resp.json();
-    } else {
-      throw new Error('No data');
-    }
-  } catch {
-    DATA = DEMO_DATA;
-    console.log('ℹ️ Using demo data. Deploy data/latest.json for live results.');
-  }
-  renderAll();
-}
-
-function renderAll() {
-  renderStats();
-  renderChart();
-  renderChecks();
-  renderOwasp();
-  renderTable();
-  setupControls();
-}
-
-// ── Stats ──
-function renderStats() {
-  const { summary, meta } = DATA;
-  animateValue('statTotal', summary.clean + summary.withFindings + summary.errors, '', 0);
-  animateValue('statClean', summary.cleanPercentage, '%', 0);
-  animateValue('statFindings', summary.totalFindings, '', 0);
-  const d = new Date(meta.scanDate);
-  document.getElementById('statDate').textContent = d.toLocaleDateString('en-US', { month: 'short', day: 'numeric' });
-  document.getElementById('versionBadge').textContent = meta.scannerVersion || '13.0.0';
-}
-
-function animateValue(id, target, suffix, decimals) {
-  const el = document.getElementById(id);
-  const dur = 1200;
-  const start = performance.now();
-  function tick(now) {
-    const t = Math.min((now - start) / dur, 1);
-    const ease = 1 - Math.pow(1 - t, 3);
-    const val = (target * ease).toFixed(decimals);
-    el.textContent = val + suffix;
-    if (t < 1) requestAnimationFrame(tick);
-  }
-  requestAnimationFrame(tick);
-}
-
-// ── Donut Chart ──
-function renderChart() {
-  const cats = DATA.categoryBreakdown || {};
-  const entries = Object.entries(cats).sort((a, b) => b[1] - a[1]);
-  const total = entries.reduce((s, [, v]) => s + v, 0);
-  document.getElementById('donutTotal').textContent = total;
-
-  if (total === 0) {
-    document.getElementById('chartSection').querySelector('.chart-container').innerHTML =
-      '<div style="text-align:center;padding:40px;color:var(--green)"><div style="font-size:48px;margin-bottom:12px">✅</div><div style="font-size:18px;font-weight:700">All Clear</div><div style="color:var(--text-muted);font-size:14px;margin-top:4px">No threats detected in this scan</div></div>';
-    return;
-  }
-
-  const svg = document.getElementById('donutChart');
-  const legend = document.getElementById('chartLegend');
-  const R = 50, CX = 60, CY = 60, SW = 14;
-  const C = 2 * Math.PI * R;
-  let offset = 0;
-  let html = '';
-  let legendHtml = '';
-
-  entries.forEach(([cat, count], i) => {
-    const pct = count / total;
-    const len = pct * C;
-    const color = CHART_COLORS[i % CHART_COLORS.length];
-    html += `<circle cx="${CX}" cy="${CY}" r="${R}" fill="none" stroke="${color}" stroke-width="${SW}" stroke-dasharray="${len} ${C - len}" stroke-dashoffset="${-offset}" opacity="0.9"/>`;
-    offset += len;
-    legendHtml += `<div class="legend-item"><span class="swatch" style="background:${color}"></span><span>${cat}</span><span class="count">${count}</span></div>`;
-  });
-
-  svg.innerHTML = html;
-  legend.innerHTML = legendHtml;
-}
-
-// ── MCP Checks ──
-function renderChecks() {
-  const grid = document.getElementById('checksGrid');
-  grid.innerHTML = MCP_CHECKS.map(c =>
-    `<div class="glass check-card">
+
+    // ── State ──
+    let DATA = null;
+    let sortCol = 'risk';
+    let sortDir = -1;
+    let filterStatus = 'all';
+
+    // ── Init ──
+    async function init() {
+      try {
+        // Try relative paths for both GitHub Pages and local dev (cache-bust)
+        const cb = `?_=${Date.now()}`;
+        let resp;
+        for (const url of [`data/latest.json${cb}`, `./data/latest.json${cb}`]) {
+          try { resp = await fetch(url); if (resp.ok) break; } catch { }
+        }
+        if (resp && resp.ok) {
+          DATA = await resp.json();
+        } else {
+          throw new Error('No data');
+        }
+      } catch {
+        DATA = DEMO_DATA;
+        console.log('ℹ️ Using demo data. Deploy data/latest.json for live results.');
+      }
+      renderAll();
+    }
+
+    function renderAll() {
+      renderStats();
+      renderChart();
+      renderChecks();
+      renderOwasp();
+      renderTable();
+      setupControls();
+    }
+
+    // ── Stats ──
+    function renderStats() {
+      const { summary, meta } = DATA;
+      animateValue('statTotal', summary.clean + summary.withFindings + summary.errors, '', 0);
+      animateValue('statClean', summary.cleanPercentage, '%', 0);
+      animateValue('statFindings', summary.totalFindings, '', 0);
+      const d = new Date(meta.scanDate);
+      document.getElementById('statDate').textContent = d.toLocaleDateString('en-US', { month: 'short', day: 'numeric' });
+      document.getElementById('versionBadge').textContent = meta.scannerVersion || '13.0.0';
+    }
+
+    function animateValue(id, target, suffix, decimals) {
+      const el = document.getElementById(id);
+      const dur = 1200;
+      const start = performance.now();
+      function tick(now) {
+        const t = Math.min((now - start) / dur, 1);
+        const ease = 1 - Math.pow(1 - t, 3);
+        const val = (target * ease).toFixed(decimals);
+        el.textContent = val + suffix;
+        if (t < 1) requestAnimationFrame(tick);
+      }
+      requestAnimationFrame(tick);
+    }
+
+    // ── Donut Chart ──
+    function renderChart() {
+      const cats = DATA.categoryBreakdown || {};
+      const entries = Object.entries(cats).sort((a, b) => b[1] - a[1]);
+      const total = entries.reduce((s, [, v]) => s + v, 0);
+      document.getElementById('donutTotal').textContent = total;
+
+      if (total === 0) {
+        document.getElementById('chartSection').querySelector('.chart-container').innerHTML =
+          '<div style="text-align:center;padding:40px;color:var(--green)"><div style="font-size:48px;margin-bottom:12px">✅</div><div style="font-size:18px;font-weight:700">All Clear</div><div style="color:var(--text-muted);font-size:14px;margin-top:4px">No threats detected in this scan</div></div>';
+        return;
+      }
+
+      const svg = document.getElementById('donutChart');
+      const legend = document.getElementById('chartLegend');
+      const R = 50, CX = 60, CY = 60, SW = 14;
+      const C = 2 * Math.PI * R;
+      let offset = 0;
+      let html = '';
+      let legendHtml = '';
+
+      entries.forEach(([cat, count], i) => {
+        const pct = count / total;
+        const len = pct * C;
+        const color = CHART_COLORS[i % CHART_COLORS.length];
+        html += `<circle cx="${CX}" cy="${CY}" r="${R}" fill="none" stroke="${color}" stroke-width="${SW}" stroke-dasharray="${len} ${C - len}" stroke-dashoffset="${-offset}" opacity="0.9"/>`;
+        offset += len;
+        legendHtml += `<div class="legend-item"><span class="swatch" style="background:${color}"></span><span>${cat}</span><span class="count">${count}</span></div>`;
+      });
+
+      svg.innerHTML = html;
+      legend.innerHTML = legendHtml;
+    }
+
+    // ── MCP Checks ──
+    function renderChecks() {
+      const grid = document.getElementById('checksGrid');
+      grid.innerHTML = MCP_CHECKS.map(c =>
+        `<div class="glass check-card">
       <div class="check-num">${c.id}</div>
       <div class="check-body">
         <h3>${c.name}</h3>
@@ -443,50 +1031,50 @@ function renderChecks() {
         <div class="ref">${c.ref}</div>
       </div>
     </div>`
-  ).join('');
-}
-
-// ── OWASP ASI ──
-function renderOwasp() {
-  const grid = document.getElementById('owaspGrid');
-  grid.innerHTML = OWASP_ASI.map(o =>
-    `<div class="glass owasp-item">
+      ).join('');
+    }
+
+    // ── OWASP ASI ──
+    function renderOwasp() {
+      const grid = document.getElementById('owaspGrid');
+      grid.innerHTML = OWASP_ASI.map(o =>
+        `<div class="glass owasp-item">
       <span class="owasp-code">${o.code}</span>
       <span class="owasp-label">${o.label}</span>
       <span class="owasp-check">✓</span>
     </div>`
-  ).join('');
-}
-
-// ── Results Table ──
-function renderTable() {
-  const body = document.getElementById('resultsBody');
-  const search = (document.getElementById('searchInput')?.value || '').toLowerCase();
-
-  let rows = (DATA.results || []).filter(r => {
-    if (filterStatus !== 'all' && r.status !== filterStatus) return false;
-    if (search && !r.name.toLowerCase().includes(search)) return false;
-    return true;
-  });
-
-  rows.sort((a, b) => {
-    let va, vb;
-    switch (sortCol) {
-      case 'name': va = a.name; vb = b.name; return sortDir * va.localeCompare(vb);
-      case 'status': va = a.status; vb = b.status; return sortDir * va.localeCompare(vb);
-      case 'risk': va = a.riskScore; vb = b.riskScore; return sortDir * (va - vb);
-      case 'findings': va = a.findingsCount; vb = b.findingsCount; return sortDir * (va - vb);
-      default: return 0;
-    }
-  });
-
-  body.innerHTML = rows.map(r => {
-    const badgeClass = r.status === 'clean' ? 'badge-clean' : r.status === 'findings' ? 'badge-findings' : 'badge-error';
-    const riskPct = Math.max(0, Math.min(100, r.riskScore));
-    const riskColor = riskPct <= 30 ? 'risk-low' : riskPct <= 60 ? 'risk-med' : 'risk-high';
-    const time = r.scannedAt ? new Date(r.scannedAt).toLocaleTimeString('en-US', { hour: '2-digit', minute: '2-digit' }) : '—';
-
-    return `<tr>
+      ).join('');
+    }
+
+    // ── Results Table ──
+    function renderTable() {
+      const body = document.getElementById('resultsBody');
+      const search = (document.getElementById('searchInput')?.value || '').toLowerCase();
+
+      let rows = (DATA.results || []).filter(r => {
+        if (filterStatus !== 'all' && r.status !== filterStatus) return false;
+        if (search && !r.name.toLowerCase().includes(search)) return false;
+        return true;
+      });
+
+      rows.sort((a, b) => {
+        let va, vb;
+        switch (sortCol) {
+          case 'name': va = a.name; vb = b.name; return sortDir * va.localeCompare(vb);
+          case 'status': va = a.status; vb = b.status; return sortDir * va.localeCompare(vb);
+          case 'risk': va = a.riskScore; vb = b.riskScore; return sortDir * (va - vb);
+          case 'findings': va = a.findingsCount; vb = b.findingsCount; return sortDir * (va - vb);
+          default: return 0;
+        }
+      });
+
+      body.innerHTML = rows.map(r => {
+        const badgeClass = r.status === 'clean' ? 'badge-clean' : r.status === 'findings' ? 'badge-findings' : 'badge-error';
+        const riskPct = Math.max(0, Math.min(100, r.riskScore));
+        const riskColor = riskPct <= 30 ? 'risk-low' : riskPct <= 60 ? 'risk-med' : 'risk-high';
+        const time = r.scannedAt ? new Date(r.scannedAt).toLocaleTimeString('en-US', { hour: '2-digit', minute: '2-digit' }) : '—';
+
+        return `<tr>
       <td class="skill-name">${escHtml(r.name)}</td>
       <td><span class="badge ${badgeClass}">${r.status}</span></td>
       <td>
@@ -496,35 +1084,36 @@ function renderTable() {
       <td style="font-family:var(--mono)">${r.findingsCount}</td>
       <td style="color:var(--text-muted);font-size:12px">${time}</td>
     </tr>`;
-  }).join('');
-}
+      }).join('');
+    }
 
-function escHtml(s) { return s.replace(/&/g,'&amp;').replace(/</g,'&lt;').replace(/>/g,'&gt;'); }
+    function escHtml(s) { return s.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;'); }
 
-// ── Controls ──
-function setupControls() {
-  document.getElementById('searchInput').addEventListener('input', renderTable);
+    // ── Controls ──
+    function setupControls() {
+      document.getElementById('searchInput').addEventListener('input', renderTable);
 
-  document.querySelectorAll('.filter-btn').forEach(btn => {
-    btn.addEventListener('click', () => {
-      document.querySelectorAll('.filter-btn').forEach(b => b.classList.remove('active'));
-      btn.classList.add('active');
-      filterStatus = btn.dataset.filter;
-      renderTable();
-    });
-  });
+      document.querySelectorAll('.filter-btn').forEach(btn => {
+        btn.addEventListener('click', () => {
+          document.querySelectorAll('.filter-btn').forEach(b => b.classList.remove('active'));
+          btn.classList.add('active');
+          filterStatus = btn.dataset.filter;
+          renderTable();
+        });
+      });
 
-  document.querySelectorAll('th[data-sort]').forEach(th => {
-    th.addEventListener('click', () => {
-      const col = th.dataset.sort;
-      if (sortCol === col) sortDir *= -1; else { sortCol = col; sortDir = -1; }
-      renderTable();
-    });
-  });
-}
+      document.querySelectorAll('th[data-sort]').forEach(th => {
+        th.addEventListener('click', () => {
+          const col = th.dataset.sort;
+          if (sortCol === col) sortDir *= -1; else { sortCol = col; sortDir = -1; }
+          renderTable();
+        });
+      });
+    }
 
-// ── Launch ──
-document.addEventListener('DOMContentLoaded', init);
-</script>
+    // ── Launch ──
+    document.addEventListener('DOMContentLoaded', init);
+  </script>
 </body>
-</html>
+
+</html>