@rafter-security/cli 0.5.9 → 0.6.1

package/dist/commands/agent/audit.js

@@ -51,13 +51,17 @@ export function createAuditCommand() {
             if (entry.action?.riskLevel) {
                 console.log(`   Risk: ${entry.action.riskLevel}`);
             }
-            console.log(`   Check: ${entry.securityCheck.passed ? "PASSED" : "FAILED"}`);
-            if (entry.securityCheck.reason) {
-                console.log(`   Reason: ${entry.securityCheck.reason}`);
+            if (entry.securityCheck) {
+                console.log(`   Check: ${entry.securityCheck.passed ? "PASSED" : "FAILED"}`);
+                if (entry.securityCheck.reason) {
+                    console.log(`   Reason: ${entry.securityCheck.reason}`);
+                }
             }
-            console.log(`   Action: ${entry.resolution.actionTaken}`);
-            if (entry.resolution.overrideReason) {
-                console.log(`   Override: ${entry.resolution.overrideReason}`);
+            if (entry.resolution) {
+                console.log(`   Action: ${entry.resolution.actionTaken}`);
+                if (entry.resolution.overrideReason) {
+                    console.log(`   Override: ${entry.resolution.overrideReason}`);
+                }
             }
             console.log("");
         }
@@ -130,16 +134,16 @@ export function getRiskLevel(config) {
     return config?.agent?.riskLevel ?? "moderate";
 }
 export function formatShareDetail(entry) {
-    const action = entry.resolution.actionTaken;
+    const action = entry.resolution?.actionTaken ?? "unknown";
     const suffix = `[${action}]`;
     if (entry.eventType === "secret_detected") {
-        const reason = entry.securityCheck.reason ?? "";
+        const reason = entry.securityCheck?.reason ?? "";
         return `${reason} ${suffix}`;
     }
     if (entry.action?.command) {
         return `${truncateCommand(entry.action.command, 60)} ${suffix}`;
     }
-    if (entry.securityCheck.reason) {
+    if (entry.securityCheck?.reason) {
         return `${entry.securityCheck.reason} ${suffix}`;
     }
     return suffix;

package/dist/commands/agent/scan.js

@@ -8,6 +8,9 @@ import fs from "fs";
 import os from "os";
 import path from "path";
 import { fmt } from "../../utils/formatter.js";
+import { createRequire } from "module";
+const _require = createRequire(import.meta.url);
+const { version: CLI_VERSION } = _require("../../../package.json");
 function loadBaselineEntries() {
     const baselinePath = path.join(os.homedir(), ".rafter", "baseline.json");
     if (!fs.existsSync(baselinePath))
@@ -150,7 +153,7 @@ function outputSarif(results) {
                 tool: {
                     driver: {
                         name: "rafter",
-                        version: "0.5.7",
+                        version: CLI_VERSION,
                         informationUri: "https://rafter.so",
                         rules: Array.from(rules.values()),
                     },

package/dist/commands/backend/run.js

@@ -2,7 +2,7 @@ import { Command } from "commander";
 import axios from "axios";
 import ora from "ora";
 import { detectRepo } from "../../utils/git.js";
-import { API, resolveKey, EXIT_GENERAL_ERROR, EXIT_QUOTA_EXHAUSTED } from "../../utils/api.js";
+import { API, resolveKey, EXIT_GENERAL_ERROR, EXIT_QUOTA_EXHAUSTED, EXIT_INSUFFICIENT_SCOPE, handleScopeError } from "../../utils/api.js";
 import { handleScanStatus } from "./scan-status.js";
 /**
  * Shared handler for the remote backend scan (used by both `rafter run` and `rafter scan` / `rafter scan remote`).
@@ -34,7 +34,10 @@ export async function runRemoteScan(opts) {
         }
         catch (e) {
             spinner.fail("Request failed");
-            if (e.response?.status === 429) {
+            if (handleScopeError(e)) {
+                process.exit(EXIT_INSUFFICIENT_SCOPE);
+            }
+            else if (e.response?.status === 429) {
                 console.error("Quota exhausted");
                 process.exit(EXIT_QUOTA_EXHAUSTED);
             }
@@ -59,7 +62,10 @@ export async function runRemoteScan(opts) {
             process.exit(exitCode);
         }
         catch (e) {
-            if (e.response?.status === 429) {
+            if (handleScopeError(e)) {
+                process.exit(EXIT_INSUFFICIENT_SCOPE);
+            }
+            else if (e.response?.status === 429) {
                 process.exit(EXIT_QUOTA_EXHAUSTED);
             }
             else if (e.response?.data) {

package/dist/commands/mcp/server.js

@@ -7,6 +7,9 @@ import { GitleaksScanner } from "../../scanners/gitleaks.js";
 import { CommandInterceptor } from "../../core/command-interceptor.js";
 import { AuditLogger } from "../../core/audit-logger.js";
 import { ConfigManager } from "../../core/config-manager.js";
+import { createRequire } from "module";
+const _require = createRequire(import.meta.url);
+const { version: CLI_VERSION } = _require("../../../package.json");
 function formatScanResults(results) {
     return results.map(r => ({
         file: r.file,
@@ -25,7 +28,7 @@ function errorResult(message) {
     return { content: [{ type: "text", text: JSON.stringify({ error: message }) }], isError: true };
 }
 function createServer() {
-    const server = new Server({ name: "rafter", version: "0.5.0" }, { capabilities: { tools: {}, resources: {} } });
+    const server = new Server({ name: "rafter", version: CLI_VERSION }, { capabilities: { tools: {}, resources: {} } });
     // ── Tools ───────────────────────────────────────────────────────────
     server.setRequestHandler(ListToolsRequestSchema, async () => ({
         tools: [

package/dist/commands/scan/index.js

@@ -28,6 +28,7 @@ export function createScanGroupCommand() {
     // Root scan group — default action is remote backend scan
     const scanGroup = new Command("scan")
         .description("Scan for security issues. Default: remote backend scan. Use 'scan local' for local secret scanning.")
+        .enablePositionalOptions()
         .option("-r, --repo <repo>", "org/repo (default: current)")
         .option("-b, --branch <branch>", "branch (default: current else main)")
         .option("-k, --api-key <key>", "API key or RAFTER_API_KEY env var")

package/dist/core/audit-logger.js

@@ -1,8 +1,104 @@
+import { randomBytes } from "crypto";
+import dns from "dns/promises";
 import fs from "fs";
+import net from "net";
 import path from "path";
 import { getAuditLogPath } from "./config-defaults.js";
 import { ConfigManager } from "./config-manager.js";
 import { assessCommandRisk } from "./risk-rules.js";
+/**
+ * Validate a webhook URL to prevent SSRF attacks.
+ * Rejects non-HTTP(S) schemes and URLs that resolve to private/internal IPs.
+ */
+export async function validateWebhookUrl(rawUrl) {
+    let parsed;
+    try {
+        parsed = new URL(rawUrl);
+    }
+    catch {
+        throw new Error(`Invalid webhook URL: ${rawUrl}`);
+    }
+    if (parsed.protocol !== "https:" && parsed.protocol !== "http:") {
+        throw new Error(`Webhook URL must use http or https, got ${parsed.protocol}`);
+    }
+    // URL.hostname keeps brackets for IPv6 (e.g. "[::1]") — strip them
+    let hostname = parsed.hostname;
+    if (hostname.startsWith("[") && hostname.endsWith("]")) {
+        hostname = hostname.slice(1, -1);
+    }
+    // If the hostname is already an IP, check it directly
+    if (net.isIP(hostname)) {
+        if (isPrivateIp(hostname)) {
+            throw new Error(`Webhook URL must not point to a private/internal address: ${hostname}`);
+        }
+        return;
+    }
+    // Resolve hostname and check all resulting IPs
+    let addresses;
+    try {
+        const results = await dns.resolve(hostname);
+        addresses = results;
+    }
+    catch {
+        throw new Error(`Could not resolve webhook hostname: ${hostname}`);
+    }
+    for (const addr of addresses) {
+        if (isPrivateIp(addr)) {
+            throw new Error(`Webhook URL must not point to a private/internal address: ${hostname} resolved to ${addr}`);
+        }
+    }
+}
+/**
+ * Check if an IP address belongs to a private, loopback, link-local, or
+ * cloud-metadata range.
+ */
+function isPrivateIp(ip) {
+    // IPv4 checks
+    if (net.isIPv4(ip)) {
+        const parts = ip.split(".").map(Number);
+        const [a, b] = parts;
+        // 127.0.0.0/8 — loopback
+        if (a === 127)
+            return true;
+        // 10.0.0.0/8 — private
+        if (a === 10)
+            return true;
+        // 172.16.0.0/12 — private
+        if (a === 172 && b >= 16 && b <= 31)
+            return true;
+        // 192.168.0.0/16 — private
+        if (a === 192 && b === 168)
+            return true;
+        // 169.254.0.0/16 — link-local / cloud metadata
+        if (a === 169 && b === 254)
+            return true;
+        // 0.0.0.0
+        if (a === 0)
+            return true;
+        return false;
+    }
+    // IPv6 checks
+    const lower = ip.toLowerCase();
+    // ::1 — loopback
+    if (lower === "::1")
+        return true;
+    // :: — unspecified
+    if (lower === "::")
+        return true;
+    // fe80::/10 — link-local
+    if (lower.startsWith("fe80:"))
+        return true;
+    // fc00::/7 — unique local (ULA)
+    if (lower.startsWith("fc") || lower.startsWith("fd"))
+        return true;
+    // ::ffff:127.0.0.1 etc — IPv4-mapped IPv6
+    if (lower.startsWith("::ffff:")) {
+        const mapped = lower.slice(7);
+        if (net.isIPv4(mapped))
+            return isPrivateIp(mapped);
+    }
+    return false;
+}
 export const RISK_SEVERITY = {
     low: 0,
     medium: 1,
@@ -17,7 +113,7 @@ export class AuditLogger {
         // Ensure log directory exists
         const dir = path.dirname(this.logPath);
         if (!fs.existsSync(dir)) {
-            fs.mkdirSync(dir, { recursive: true });
+            fs.mkdirSync(dir, { recursive: true, mode: 0o700 });
         }
     }
     /**
@@ -36,7 +132,7 @@ export class AuditLogger {
         };
         // Append to log file
         const line = JSON.stringify(fullEntry) + "\n";
-        fs.appendFileSync(this.logPath, line, "utf-8");
+        fs.appendFileSync(this.logPath, line, { encoding: "utf-8", mode: 0o600 });
         // Send webhook notification if configured and risk meets threshold
         this.sendNotification(fullEntry, config);
     }
@@ -64,13 +160,16 @@ export class AuditLogger {
             content: `[rafter] ${eventRisk}-risk event: ${entry.eventType}${entry.action?.command ? ` — ${entry.action.command}` : ""}`,
         };
         // Fire-and-forget POST — never block audit logging
-        fetch(webhookUrl, {
+        // Validate URL to prevent SSRF before making the request
+        validateWebhookUrl(webhookUrl)
+            .then(() => fetch(webhookUrl, {
             method: "POST",
             headers: { "Content-Type": "application/json" },
             body: JSON.stringify(payload),
             signal: AbortSignal.timeout(5000),
-        }).catch(() => {
-            // Silently ignore webhook failures
+        }))
+            .catch(() => {
+            // Silently ignore webhook failures (including validation rejections)
         });
     }
     /**
@@ -196,13 +295,13 @@ export class AuditLogger {
         const filtered = entries.filter(e => new Date(e.timestamp) >= cutoffDate);
         // Rewrite log file with only retained entries
         const content = filtered.map(e => JSON.stringify(e)).join("\n") + "\n";
-        fs.writeFileSync(this.logPath, content, "utf-8");
+        fs.writeFileSync(this.logPath, content, { encoding: "utf-8", mode: 0o600 });
     }
     /**
      * Generate a unique session ID
      */
     generateSessionId() {
-        return `${Date.now()}-${Math.random().toString(36).substring(7)}`;
+        return `${Date.now()}-${randomBytes(8).toString("hex")}`;
     }
     /**
      * Assess risk level of a command

package/dist/core/config-manager.js

@@ -2,6 +2,101 @@ import fs from "fs";
 import path from "path";
 import { getDefaultConfig, getConfigPath, getRafterDir, CONFIG_VERSION } from "./config-defaults.js";
 import { loadPolicy } from "./policy-loader.js";
+const VALID_RISK_LEVELS = new Set(["minimal", "moderate", "aggressive"]);
+const VALID_COMMAND_MODES = new Set(["allow-all", "approve-dangerous", "deny-list"]);
+const VALID_LOG_LEVELS = new Set(["debug", "info", "warn", "error"]);
+/**
+ * Validate a parsed config JSON object, warning and falling back to defaults for invalid fields.
+ */
+function validateConfig(raw) {
+    if (!raw || typeof raw !== "object") {
+        console.error("Warning: config file is not a JSON object — using defaults.");
+        return getDefaultConfig();
+    }
+    const defaults = getDefaultConfig();
+    // Top-level scalars
+    if (raw.version !== undefined && typeof raw.version !== "string") {
+        console.error('Warning: config "version" must be a string — using default.');
+        raw.version = defaults.version;
+    }
+    if (raw.initialized !== undefined && typeof raw.initialized !== "string") {
+        console.error('Warning: config "initialized" must be a string — using default.');
+        raw.initialized = defaults.initialized;
+    }
+    const agent = raw.agent;
+    if (agent && typeof agent === "object") {
+        // riskLevel
+        if (agent.riskLevel !== undefined && !VALID_RISK_LEVELS.has(agent.riskLevel)) {
+            console.error(`Warning: config "agent.riskLevel" must be one of: minimal, moderate, aggressive — using default.`);
+            agent.riskLevel = defaults.agent.riskLevel;
+        }
+        // commandPolicy
+        const cp = agent.commandPolicy;
+        if (cp && typeof cp === "object") {
+            if (cp.mode !== undefined && !VALID_COMMAND_MODES.has(cp.mode)) {
+                console.error(`Warning: config "agent.commandPolicy.mode" must be one of: allow-all, approve-dangerous, deny-list — using default.`);
+                cp.mode = defaults.agent.commandPolicy.mode;
+            }
+            if (cp.blockedPatterns !== undefined && (!Array.isArray(cp.blockedPatterns) || !cp.blockedPatterns.every((v) => typeof v === "string"))) {
+                console.error('Warning: config "agent.commandPolicy.blockedPatterns" must be an array of strings — using default.');
+                cp.blockedPatterns = [...defaults.agent.commandPolicy.blockedPatterns];
+            }
+            if (cp.requireApproval !== undefined && (!Array.isArray(cp.requireApproval) || !cp.requireApproval.every((v) => typeof v === "string"))) {
+                console.error('Warning: config "agent.commandPolicy.requireApproval" must be an array of strings — using default.');
+                cp.requireApproval = [...defaults.agent.commandPolicy.requireApproval];
+            }
+        }
+        // audit
+        const audit = agent.audit;
+        if (audit && typeof audit === "object") {
+            if (audit.retentionDays !== undefined && (typeof audit.retentionDays !== "number" || isNaN(audit.retentionDays))) {
+                console.error('Warning: config "agent.audit.retentionDays" must be a number — using default.');
+                audit.retentionDays = defaults.agent.audit.retentionDays;
+            }
+            if (audit.logLevel !== undefined && !VALID_LOG_LEVELS.has(audit.logLevel)) {
+                console.error(`Warning: config "agent.audit.logLevel" must be one of: debug, info, warn, error — using default.`);
+                audit.logLevel = defaults.agent.audit.logLevel;
+            }
+        }
+        // outputFiltering
+        const of = agent.outputFiltering;
+        if (of && typeof of === "object") {
+            if (of.redactSecrets !== undefined && typeof of.redactSecrets !== "boolean") {
+                console.error('Warning: config "agent.outputFiltering.redactSecrets" must be a boolean — using default.');
+                of.redactSecrets = defaults.agent.outputFiltering.redactSecrets;
+            }
+            if (of.blockPatterns !== undefined && typeof of.blockPatterns !== "boolean") {
+                console.error('Warning: config "agent.outputFiltering.blockPatterns" must be a boolean — using default.');
+                of.blockPatterns = defaults.agent.outputFiltering.blockPatterns;
+            }
+        }
+        // scan.customPatterns — validate regex compilation
+        const scan = agent.scan;
+        if (scan && typeof scan === "object") {
+            if (scan.excludePaths !== undefined && (!Array.isArray(scan.excludePaths) || !scan.excludePaths.every((v) => typeof v === "string"))) {
+                console.error('Warning: config "agent.scan.excludePaths" must be an array of strings — using default.');
+                delete scan.excludePaths;
+            }
+            if (Array.isArray(scan.customPatterns)) {
+                scan.customPatterns = scan.customPatterns.filter((p) => {
+                    if (!p || typeof p !== "object" || typeof p.name !== "string" || !p.name || typeof p.regex !== "string" || !p.regex) {
+                        console.error(`Warning: skipping malformed scan.customPatterns entry — must have name and regex.`);
+                        return false;
+                    }
+                    try {
+                        new RegExp(p.regex);
+                    }
+                    catch {
+                        console.error(`Warning: skipping custom pattern "${p.name}" — invalid regex.`);
+                        return false;
+                    }
+                    return true;
+                });
+            }
+        }
+    }
+    return raw;
+}
 export class ConfigManager {
     constructor(configPath) {
         this.configPath = configPath || getConfigPath();
@@ -15,7 +110,8 @@ export class ConfigManager {
         }
         try {
             const content = fs.readFileSync(this.configPath, "utf-8");
-            const config = JSON.parse(content);
+            const parsed = JSON.parse(content);
+            const config = validateConfig(parsed);
             // Migrate config if needed
             return this.migrate(config);
         }

package/dist/core/custom-patterns.js

@@ -4,6 +4,7 @@
  */
 import fs from "fs";
 import path from "path";
+import { minimatch } from "minimatch";
 import { getRafterDir } from "./config-defaults.js";
 // ---------------------------------------------------------------------------
 // Custom pattern loading
@@ -69,12 +70,24 @@ function loadJsonPatterns(file) {
             return [];
         const patterns = [];
         for (const entry of data) {
-            if (typeof entry.pattern !== "string")
+            if (typeof entry.pattern !== "string" || !entry.pattern)
                 continue;
+            try {
+                new RegExp(entry.pattern);
+            }
+            catch {
+                console.error(`Warning: skipping custom pattern in ${path.basename(file)} — invalid regex: ${entry.pattern}`);
+                continue;
+            }
+            const severity = entry.severity ?? "high";
+            if (!["low", "medium", "high", "critical"].includes(severity)) {
+                console.error(`Warning: skipping custom pattern in ${path.basename(file)} — invalid severity: ${severity}`);
+                continue;
+            }
             patterns.push({
                 name: entry.name ?? `Custom (${path.basename(file, ".json")})`,
                 regex: entry.pattern,
-                severity: entry.severity ?? "high",
+                severity: severity,
                 description: entry.description,
             });
         }
@@ -135,23 +148,13 @@ export function isSuppressed(filePath, patternName, suppressions) {
     return false;
 }
 /**
- * Minimal glob matcher: supports * (within segment) and ** (cross-segment).
- * Not full micromatch — covers the 90% case for .rafterignore.
+ * Match a file path against a glob pattern using minimatch.
+ *
+ * Uses `matchBase` so bare patterns like "*.env" match against the basename
+ * (e.g. "config/.env"), and `dot` so dotfiles are included.
  */
 function matchGlob(glob, filePath) {
-    // Normalise separators
     const g = glob.replace(/\\/g, "/");
     const f = filePath.replace(/\\/g, "/");
-    // Escape regex special chars except * which we handle specially
-    const escaped = g
-        .replace(/[.+^${}()|[\]\\]/g, "\\$&")
-        .replace(/\*\*/g, "\x00") // placeholder for **
-        .replace(/\*/g, "[^/]*") // * = anything within one segment
-        .replace(/\x00/g, ".*"); // ** = anything including /
-    try {
-        return new RegExp(`(^|/)${escaped}(/|$)`).test(f);
-    }
-    catch {
-        return false;
-    }
+    return minimatch(f, g, { dot: true, matchBase: true });
 }

package/dist/core/policy-loader.js

@@ -136,10 +136,33 @@ function validatePolicy(policy, raw) {
             }
         }
         if (policy.scan.customPatterns !== undefined) {
-            if (!Array.isArray(policy.scan.customPatterns) || !policy.scan.customPatterns.every((v) => v && typeof v === "object" && typeof v.name === "string" && v.name !== "" && typeof v.regex === "string" && v.regex !== "" && typeof v.severity === "string")) {
-                console.error(`Warning: "scan.custom_patterns" must be an array of objects with name, regex, severity — ignoring.`);
+            if (!Array.isArray(policy.scan.customPatterns)) {
+                console.error(`Warning: "scan.custom_patterns" must be an array — ignoring.`);
                 delete policy.scan.customPatterns;
             }
+            else {
+                const valid = [];
+                for (const v of policy.scan.customPatterns) {
+                    if (!v || typeof v !== "object" || typeof v.name !== "string" || !v.name || typeof v.regex !== "string" || !v.regex || typeof v.severity !== "string") {
+                        console.error(`Warning: skipping malformed custom_patterns entry — must have name, regex, severity.`);
+                        continue;
+                    }
+                    try {
+                        new RegExp(v.regex);
+                    }
+                    catch {
+                        console.error(`Warning: skipping custom pattern "${v.name}" — invalid regex.`);
+                        continue;
+                    }
+                    valid.push(v);
+                }
+                if (valid.length > 0) {
+                    policy.scan.customPatterns = valid;
+                }
+                else {
+                    delete policy.scan.customPatterns;
+                }
+            }
         }
     }
     if (policy.audit) {

package/dist/index.js

@@ -14,12 +14,15 @@ import { createCompletionCommand } from "./commands/completion.js";
 import { createIssuesCommand } from "./commands/issues/index.js";
 import { checkForUpdate } from "./utils/update-checker.js";
 import { setAgentMode } from "./utils/formatter.js";
+import { createRequire } from "module";
 dotenv.config();
-const VERSION = "0.5.7";
+const require = createRequire(import.meta.url);
+const { version: VERSION } = require("../package.json");
 const program = new Command()
     .name("rafter")
     .description("Rafter CLI")
     .version(VERSION)
+    .enablePositionalOptions()
     .option("-a, --agent", "Plain output for AI agents (no colors/emoji)");
 // Set agent mode before any subcommand runs
 program.hook("preAction", (thisCommand) => {

package/dist/scanners/gitleaks.js

@@ -1,5 +1,6 @@
 import { execFile } from "child_process";
 import { promisify } from "util";
+import { randomBytes } from "crypto";
 import { BinaryManager } from "../utils/binary-manager.js";
 import fs from "fs";
 import os from "os";
@@ -26,7 +27,7 @@ export class GitleaksScanner {
             throw new Error("Gitleaks not available");
         }
         const gitleaksPath = this.binaryManager.getGitleaksPath();
-        const tmpReport = path.join(os.tmpdir(), `gitleaks-${Date.now()}-${Math.random().toString(36).slice(2, 8)}.json`);
+        const tmpReport = path.join(os.tmpdir(), `gitleaks-${Date.now()}-${randomBytes(6).toString("hex")}.json`);
         try {
             // Run gitleaks detect on file
             await execFileAsync(gitleaksPath, ["detect", "--no-git", "-f", "json", "-r", tmpReport, "-s", filePath], { timeout: 30000 });
@@ -86,7 +87,7 @@ export class GitleaksScanner {
             throw new Error("Gitleaks not available");
         }
         const gitleaksPath = this.binaryManager.getGitleaksPath();
-        const tmpReport = path.join(os.tmpdir(), `gitleaks-${Date.now()}-${Math.random().toString(36).slice(2, 8)}.json`);
+        const tmpReport = path.join(os.tmpdir(), `gitleaks-${Date.now()}-${randomBytes(6).toString("hex")}.json`);
         try {
             // Run gitleaks detect on directory
             await execFileAsync(gitleaksPath, ["detect", "--no-git", "-f", "json", "-r", tmpReport, "-s", dirPath], { timeout: 60000 });

package/dist/scanners/regex-scanner.js

@@ -112,6 +112,10 @@ export class RegexScanner {
         try {
             const entries = fs.readdirSync(dir, { withFileTypes: true });
             for (const entry of entries) {
+                // Skip symlinks to prevent traversal outside intended scope
+                if (entry.isSymbolicLink()) {
+                    continue;
+                }
                 const fullPath = path.join(dir, entry.name);
                 // Skip excluded directories
                 if (exclude.includes(entry.name)) {

package/dist/scanners/secret-patterns.js

@@ -90,13 +90,13 @@ export const DEFAULT_SECRET_PATTERNS = [
     // Generic patterns
     {
         name: "Generic API Key",
-        regex: "(?i)(?<![a-zA-Z0-9_])(api[_-]?key|apikey)[\\s]*[:=][\\s]*['\"](?=[0-9a-zA-Z\\-_]*[0-9])[0-9a-zA-Z\\-_]{16,}['\"]",
+        regex: "(?i)(?<![a-zA-Z0-9_])(api[_-]?key|apikey)[\\s]*[:=][\\s]*['\"](?=[0-9a-zA-Z\\-_]*[0-9])[0-9a-zA-Z\\-_]{16,256}['\"]",
         severity: "high",
         description: "Generic API key pattern detected"
     },
     {
         name: "Generic Secret",
-        regex: "(?i)(?<![a-zA-Z0-9_])(secret|password|passwd|pwd)[\\s]*[:=][\\s]*['\"](?=[^\\s'\"]*[0-9])(?=[^\\s'\"]*[a-zA-Z])[0-9a-zA-Z\\-_!@#$%^&*()]{12,}['\"]",
+        regex: "(?i)(?<![a-zA-Z0-9_])(secret|password|passwd|pwd)[\\s]*[:=][\\s]*['\"](?=[^\\s'\"]*[0-9])(?=[^\\s'\"]*[a-zA-Z])[0-9a-zA-Z\\-_!@#$%^&*()]{12,256}['\"]",
         severity: "high",
         description: "Generic secret pattern detected"
     },
@@ -108,21 +108,21 @@ export const DEFAULT_SECRET_PATTERNS = [
     },
     {
         name: "Bearer Token",
-        regex: "(?i)bearer[\\s]+(?=[a-zA-Z0-9\\-_\\.=]*[0-9])(?=[a-zA-Z0-9\\-_\\.=]*[a-zA-Z])[a-zA-Z0-9\\-_\\.=]{20,}",
+        regex: "(?i)bearer[\\s]+(?=[a-zA-Z0-9\\-_\\.=]*[0-9])(?=[a-zA-Z0-9\\-_\\.=]*[a-zA-Z])[a-zA-Z0-9\\-_\\.=]{20,512}",
         severity: "high",
         description: "Bearer token detected"
     },
     // Database connection strings
     {
         name: "Database Connection String",
-        regex: "(?i)(postgres|mysql|mongodb)://[^\\s]+:[^\\s]+@[^\\s]+",
+        regex: "(?i)(postgres|mysql|mongodb)://[^\\s:@]+:[^\\s@]+@[^\\s]+",
         severity: "critical",
         description: "Database connection string with credentials detected"
     },
     // JWT
     {
         name: "JSON Web Token",
-        regex: "eyJ[A-Za-z0-9_-]{10,}\\.[A-Za-z0-9_-]{10,}\\.[A-Za-z0-9_-]{10,}",
+        regex: "eyJ[A-Za-z0-9_-]{10,2048}\\.[A-Za-z0-9_-]{10,2048}\\.[A-Za-z0-9_-]{10,2048}",
         severity: "high",
         description: "JWT token detected"
     },
@@ -136,7 +136,7 @@ export const DEFAULT_SECRET_PATTERNS = [
     // PyPI token
     {
         name: "PyPI Token",
-        regex: "pypi-AgEIcHlwaS5vcmc[A-Za-z0-9\\-_]{50,}",
+        regex: "pypi-AgEIcHlwaS5vcmc[A-Za-z0-9\\-_]{50,1024}",
         severity: "critical",
         description: "PyPI API token detected"
     }

package/dist/utils/api.js

@@ -4,6 +4,24 @@ export const EXIT_SUCCESS = 0;
 export const EXIT_GENERAL_ERROR = 1;
 export const EXIT_SCAN_NOT_FOUND = 2;
 export const EXIT_QUOTA_EXHAUSTED = 3;
+export const EXIT_INSUFFICIENT_SCOPE = 4;
+/**
+ * Detect a 403 scope-enforcement error from the API and print a helpful message.
+ * Returns true if the error was a scope error (caller should exit), false otherwise.
+ */
+export function handleScopeError(e) {
+    if (!e || e.response?.status !== 403)
+        return false;
+    const body = e.response?.data;
+    const msg = typeof body === "string" ? body : body?.error ?? "";
+    if (msg.includes("scope")) {
+        console.error('Error: This API key only has read access.\nTo trigger scans, create a key with "Read & Scan" scope at https://rfrr.co/account');
+    }
+    else {
+        console.error(`Error: Forbidden (403) — ${msg || "access denied"}`);
+    }
+    return true;
+}
 export function resolveKey(cliKey) {
     if (cliKey)
         return cliKey;

package/dist/utils/binary-manager.js

@@ -1,6 +1,7 @@
 import fs from "fs";
 import os from "os";
 import path from "path";
+import crypto from "crypto";
 import https from "https";
 import { exec, execSync } from "child_process";
 import { promisify } from "util";
@@ -173,6 +174,10 @@ export class BinaryManager {
             // Log downloaded file size as basic integrity signal
             const stats = fs.statSync(archivePath);
             log(`  Downloaded: ${(stats.size / 1024).toFixed(1)} KB`);
+            // Verify SHA256 checksum against official checksums file
+            log("Verifying checksum...");
+            await this.verifyChecksum(archivePath, platform, arch, version, log);
+            log("  ✓ Checksum verified");
             // Extract binary
             log("Extracting binary...");
             if (platform === "windows") {
@@ -322,6 +327,64 @@ export class BinaryManager {
             });
         });
     }
+    /**
+     * Verify downloaded archive checksum against official gitleaks checksums file.
+     */
+    async verifyChecksum(archivePath, platform, arch, version, onProgress) {
+        const checksumsUrl = `https://github.com/gitleaks/gitleaks/releases/download/v${version}/gitleaks_${version}_checksums.txt`;
+        const checksumsPath = path.join(this.binDir, "checksums.txt");
+        try {
+            await this.downloadFile(checksumsUrl, checksumsPath, () => { });
+            const checksumsContent = fs.readFileSync(checksumsPath, "utf-8");
+            const archiveFilename = platform === "windows"
+                ? `gitleaks_${version}_windows_${arch}.zip`
+                : `gitleaks_${version}_${platform}_${arch}.tar.gz`;
+            const expectedHash = this.parseChecksumFile(checksumsContent, archiveFilename);
+            if (!expectedHash) {
+                throw new Error(`Checksum not found for ${archiveFilename} in checksums file`);
+            }
+            const actualHash = await this.computeSHA256(archivePath);
+            if (actualHash !== expectedHash) {
+                throw new Error(`Checksum mismatch for ${archiveFilename}:\n` +
+                    `  Expected: ${expectedHash}\n` +
+                    `  Actual:   ${actualHash}\n` +
+                    `The downloaded file may be corrupted or tampered with.`);
+            }
+        }
+        finally {
+            if (fs.existsSync(checksumsPath)) {
+                fs.unlinkSync(checksumsPath);
+            }
+        }
+    }
+    /**
+     * Parse a checksums.txt file and return the SHA256 hash for the given filename.
+     */
+    parseChecksumFile(content, filename) {
+        for (const line of content.split("\n")) {
+            const trimmed = line.trim();
+            if (!trimmed)
+                continue;
+            // Format: "<sha256>  <filename>" (two spaces between hash and filename)
+            const parts = trimmed.split(/\s+/);
+            if (parts.length >= 2 && parts[1] === filename) {
+                return parts[0].toLowerCase();
+            }
+        }
+        return null;
+    }
+    /**
+     * Compute SHA256 hash of a file.
+     */
+    computeSHA256(filePath) {
+        return new Promise((resolve, reject) => {
+            const hash = crypto.createHash("sha256");
+            const stream = fs.createReadStream(filePath);
+            stream.on("data", (data) => hash.update(data));
+            stream.on("end", () => resolve(hash.digest("hex")));
+            stream.on("error", reject);
+        });
+    }
     /**
      * Extract zip (Windows) — uses PowerShell's Expand-Archive, then copies
      * only the gitleaks.exe binary to binDir. Cleans up the temp extract dir.
@@ -330,7 +393,10 @@ export class BinaryManager {
         const tempDir = fs.mkdtempSync(path.join(os.tmpdir(), "rafter-gitleaks-"));
         try {
             // PowerShell 5+ ships on all supported Windows versions
-            await execAsync(`powershell -NoProfile -Command "Expand-Archive -Force -LiteralPath '${zipPath}' -DestinationPath '${tempDir}'"`, { timeout: 30000 });
+            // Escape single quotes to prevent shell injection ('' is the PS escape for ')
+            const safeZipPath = zipPath.replace(/'/g, "''");
+            const safeTempDir = tempDir.replace(/'/g, "''");
+            await execAsync(`powershell -NoProfile -Command "Expand-Archive -Force -LiteralPath '${safeZipPath}' -DestinationPath '${safeTempDir}'"`, { timeout: 30000 });
             // Find gitleaks.exe — may be at root or inside a subdirectory
             const findBinary = (dir) => {
                 for (const entry of fs.readdirSync(dir)) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rafter-security/cli",
-  "version": "0.5.9",
+  "version": "0.6.1",
   "type": "module",
   "bin": {
     "rafter": "./dist/index.js"
@@ -20,14 +20,15 @@
   "license": "MIT",
   "dependencies": {
     "@modelcontextprotocol/sdk": "^1.12.0",
-    "axios": "^1.6.8",
+    "axios": "^1.13.5",
     "chalk": "^5.3.0",
     "chokidar": "^5.0.0",
     "commander": "^11.1.0",
     "dotenv": "^16.4.5",
     "js-yaml": "^4.1.0",
+    "minimatch": "^10.2.4",
     "ora": "^7.0.1",
-    "tar": "^7.5.7"
+    "tar": "^7.5.10"
   },
   "devDependencies": {
     "@types/js-yaml": "^4.0.9",