@mcptoolshop/registry-stats 0.4.1 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +25 -0
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -248,6 +248,31 @@ Docs / landing page lives in `site/`.
|
|
|
248
248
|
- Build: `npm run site:build`
|
|
249
249
|
- Preview: `npm run site:preview`
|
|
250
250
|
|
|
251
|
+
## Security & Data Scope
|
|
252
|
+
|
|
253
|
+
| Aspect | Detail |
|
|
254
|
+
|--------|--------|
|
|
255
|
+
| **Data touched** | Public download statistics from npm, PyPI, NuGet, VS Code Marketplace, Docker Hub. In-memory cache (optional) |
|
|
256
|
+
| **Data NOT touched** | No telemetry. No analytics. No credential storage. No user data. No file writes |
|
|
257
|
+
| **Permissions** | Read: public registry APIs via HTTPS. Write: stdout/stderr only |
|
|
258
|
+
| **Network** | HTTPS outbound to public registry APIs. Optional localhost REST server |
|
|
259
|
+
| **Telemetry** | None collected or sent |
|
|
260
|
+
|
|
261
|
+
See [SECURITY.md](SECURITY.md) for vulnerability reporting.
|
|
262
|
+
|
|
263
|
+
## Scorecard
|
|
264
|
+
|
|
265
|
+
| Category | Score |
|
|
266
|
+
|----------|-------|
|
|
267
|
+
| A. Security | 10 |
|
|
268
|
+
| B. Error Handling | 10 |
|
|
269
|
+
| C. Operator Docs | 10 |
|
|
270
|
+
| D. Shipping Hygiene | 10 |
|
|
271
|
+
| E. Identity (soft) | 10 |
|
|
272
|
+
| **Overall** | **50/50** |
|
|
273
|
+
|
|
274
|
+
> Full audit: [SHIP_GATE.md](SHIP_GATE.md) · [SCORECARD.md](SCORECARD.md)
|
|
275
|
+
|
|
251
276
|
## License
|
|
252
277
|
|
|
253
278
|
MIT
|
package/package.json
CHANGED