@rafter-security/cli 0.6.5 → 0.7.0

package/dist/commands/backend/scan-status.js

@@ -1,6 +1,7 @@
 import axios from "axios";
 import ora from "ora";
 import { API, writePayload, EXIT_GENERAL_ERROR, EXIT_SCAN_NOT_FOUND } from "../../utils/api.js";
+import { fmt as output } from "../../utils/formatter.js";
 export async function handleScanStatus(scan_id, headers, fmt, quiet) {
     // First poll
     let poll;
@@ -9,10 +10,10 @@ export async function handleScanStatus(scan_id, headers, fmt, quiet) {
     }
     catch (e) {
         if (e.response?.status === 404) {
-            console.error(`Scan '${scan_id}' not found`);
+            console.error(output.error(`Scan '${scan_id}' not found`));
             return EXIT_SCAN_NOT_FOUND;
         }
-        console.error(`Error: ${e.response?.data || e.message}`);
+        console.error(output.error(`${e.response?.data || e.message}`));
         return EXIT_GENERAL_ERROR;
     }
     let status = poll.data.status;

package/dist/commands/brief.js

@@ -54,7 +54,7 @@ function buildTopics() {
             render: () => loadSkill("rafter-agent-security"),
         },
         scanning: {
-            description: "Remote SAST/SCA code analysis via backend API",
+            description: "Remote SAST/SCA code analysis via Rafter API",
             render: () => loadSkill("rafter"),
         },
         commands: {
@@ -78,7 +78,7 @@ function buildTopics() {
                 return [
                     "# Rafter Command Reference",
                     "",
-                    "## Backend (Remote Code Analysis)",
+                    "## Remote Code Analysis",
                     "",
                     backCmds,
                     "",
@@ -128,6 +128,43 @@ function buildTopics() {
             description: "Setup instructions for unsupported / generic agents",
             render: () => renderPlatformSetup("generic"),
         },
+        pricing: {
+            description: "What's free, what's paid, and the philosophy behind it",
+            render: () => [
+                "# Rafter Pricing",
+                "",
+                "**Free forever for individuals and open source. No account required. No telemetry.**",
+                "",
+                "## What's Free",
+                "",
+                "All local agent security features are free with no limits:",
+                "",
+                "- Secret scanning (21+ patterns, Gitleaks integration)",
+                "- Pre-commit hooks (local and global)",
+                "- Command interception with risk-tiered approval",
+                "- Skill/extension auditing",
+                "- Audit logging",
+                "- MCP server for tool integration",
+                "- CI/CD pipeline generation",
+                "- All supported agent integrations (Claude Code, Codex, Gemini, Cursor, Windsurf, Aider, OpenClaw, Continue.dev)",
+                "",
+                "No API key. No sign-up. No telemetry. No data collection. No network access required.",
+                "Everything runs locally on your machine. MIT licensed.",
+                "",
+                "## Remote Code Analysis (API)",
+                "",
+                "Remote SAST/SCA scanning via the Rafter API has a free tier.",
+                "Sign up at rafter.so for an API key. Enterprise plans offer higher",
+                "limits, dashboards, policy management, and compliance reporting.",
+                "",
+                "## Philosophy",
+                "",
+                "Security tooling should be free for the people writing code.",
+                "Generous free tiers drive bottom-up adoption. Enterprise value",
+                "comes from dashboards, policy, and compliance — not from gating",
+                "the tools developers use every day.",
+            ].join("\n"),
+        },
         all: {
             description: "Everything — full security + scanning + setup briefing",
             render: () => {

package/dist/commands/ci/init.js

@@ -1,13 +1,14 @@
 import { Command } from "commander";
 import fs from "fs";
 import path from "path";
-import { fmt } from "../../utils/formatter.js";
+import { fmt, isAgentMode } from "../../utils/formatter.js";
 export function createCiInitCommand() {
     return new Command("init")
         .description("Generate CI/CD pipeline config for secret scanning")
         .option("--platform <platform>", "CI platform: github, gitlab, circleci (default: auto-detect)")
         .option("--output <path>", "Output file path (default: platform-specific)")
-        .option("--with-backend", "Include backend security audit job (requires RAFTER_API_KEY)")
+        .option("--with-remote", "Include remote security audit job (requires RAFTER_API_KEY)")
+        .option("--with-backend", "Deprecated: use --with-remote")
         .action((opts) => {
         const platform = opts.platform || detectPlatform();
         if (!platform) {
@@ -21,7 +22,8 @@ export function createCiInitCommand() {
             console.error(`Valid options: ${validPlatforms.join(", ")}`);
             process.exit(1);
         }
-        const { content, defaultPath } = generateTemplate(platform, !!opts.withBackend);
+        const includeRemote = !!(opts.includeRemote || opts.withBackend);
+        const { content, defaultPath } = generateTemplate(platform, includeRemote);
         const outputPath = opts.output || defaultPath;
         const outputDir = path.dirname(outputPath);
         if (!fs.existsSync(outputDir)) {
@@ -29,28 +31,30 @@ export function createCiInitCommand() {
         }
         fs.writeFileSync(outputPath, content, "utf-8");
         console.log(fmt.success(`Generated ${platform} CI config at ${outputPath}`));
-        console.log();
-        console.log("Next steps:");
-        console.log(`  1. Review the generated file: ${outputPath}`);
-        if (opts.withBackend) {
-            if (platform === "github") {
-                console.log("  2. Add RAFTER_API_KEY to repo Settings > Secrets > Actions");
-            }
-            else if (platform === "gitlab") {
-                console.log("  2. Add RAFTER_API_KEY to Settings > CI/CD > Variables");
+        if (!isAgentMode()) {
+            console.log();
+            console.log("Next steps:");
+            console.log(`  1. Review the generated file: ${outputPath}`);
+            if (includeRemote) {
+                if (platform === "github") {
+                    console.log("  2. Add RAFTER_API_KEY to repo Settings > Secrets > Actions");
+                }
+                else if (platform === "gitlab") {
+                    console.log("  2. Add RAFTER_API_KEY to Settings > CI/CD > Variables");
+                }
+                else {
+                    console.log("  2. Add RAFTER_API_KEY to project environment variables");
+                }
             }
-            else {
-                console.log("  2. Add RAFTER_API_KEY to project environment variables");
+            console.log(`  ${includeRemote ? "3" : "2"}. Commit and push to trigger the pipeline`);
+            if (platform === "github") {
+                console.log();
+                console.log("Alternatives:");
+                console.log("  - GitHub Action: uses: Raftersecurity/rafter-cli@v1");
+                console.log("  - Pre-commit:  https://github.com/Raftersecurity/rafter-cli#pre-commit-framework");
             }
-        }
-        console.log(`  ${opts.withBackend ? "3" : "2"}. Commit and push to trigger the pipeline`);
-        if (platform === "github") {
             console.log();
-            console.log("Alternatives:");
-            console.log("  - GitHub Action: uses: Raftersecurity/rafter-cli@v0");
-            console.log("  - Pre-commit:  https://github.com/Raftersecurity/rafter-cli#pre-commit-framework");
         }
-        console.log();
     });
 }
 function detectPlatform() {
@@ -74,7 +78,7 @@ function generateTemplate(platform, withBackend) {
 }
 function githubTemplate(withBackend) {
     let yaml = `# Generated by: rafter ci init
-# Alternative: uses: Raftersecurity/rafter-cli@v0
+# Alternative: uses: Raftersecurity/rafter-cli@v1
 name: Rafter Security
 
 on:

package/dist/commands/completion.js

@@ -68,7 +68,7 @@ _rafter_completions() {
       if [[ "\${COMP_WORDS[1]}" == "agent" ]]; then
         COMPREPLY=( $(compgen -W "--risk-level --with-openclaw --with-claude-code --with-codex --with-gemini --with-aider --with-cursor --with-windsurf --with-continue --with-gitleaks --all --help" -- "\${cur}") )
       elif [[ "\${COMP_WORDS[1]}" == "ci" ]]; then
-        COMPREPLY=( $(compgen -W "--platform --output --with-backend --help" -- "\${cur}") )
+        COMPREPLY=( $(compgen -W "--platform --output --with-remote --with-backend --help" -- "\${cur}") )
       fi
       return 0
       ;;
@@ -81,7 +81,7 @@ const ZSH_COMPLETION = `#compdef rafter
 _rafter() {
   local -a commands
   commands=(
-    'run:Submit a security scan to the Rafter backend'
+    'run:Submit a remote security scan'
     'scan:Alias for run'
     'get:Retrieve scan results'
     'usage:Check API usage quota'
@@ -369,7 +369,8 @@ complete -c rafter -n '__fish_seen_subcommand_from agent; and __fish_seen_subcom
 complete -c rafter -n '__fish_seen_subcommand_from ci' -a init -d 'Initialize CI pipeline'
 complete -c rafter -n '__fish_seen_subcommand_from ci; and __fish_seen_subcommand_from init' -l platform -d 'CI platform' -ra 'github gitlab circleci'
 complete -c rafter -n '__fish_seen_subcommand_from ci; and __fish_seen_subcommand_from init' -l output -d 'Output path' -r
-complete -c rafter -n '__fish_seen_subcommand_from ci; and __fish_seen_subcommand_from init' -l with-backend -d 'Include backend audit'
+complete -c rafter -n '__fish_seen_subcommand_from ci; and __fish_seen_subcommand_from init' -l with-remote -d 'Include remote audit'
+complete -c rafter -n '__fish_seen_subcommand_from ci; and __fish_seen_subcommand_from init' -l with-backend -d 'Deprecated: use --with-remote'
 
 # hook subcommands
 complete -c rafter -n '__fish_seen_subcommand_from hook' -a pretool -d 'PreToolUse hook handler'

package/dist/commands/hook/posttool.js

@@ -4,31 +4,71 @@ import { AuditLogger } from "../../core/audit-logger.js";
 export function createHookPosttoolCommand() {
     return new Command("posttool")
         .description("PostToolUse hook handler (reads stdin, redacts secrets in output, writes JSON to stdout)")
-        .action(async () => {
+        .option("--format <format>", "Output format: claude (default, also Codex/Continue), cursor, gemini, windsurf", "claude")
+        .action(async (opts) => {
+        const format = (opts.format || "claude");
         try {
             const input = await readStdin();
-            let payload;
+            let raw;
             try {
-                payload = JSON.parse(input);
+                raw = JSON.parse(input);
             }
             catch {
-                writeOutput({ action: "continue" });
+                writeOutput({ action: "continue" }, format);
                 return;
             }
             // Validate payload is an object with expected shape
-            if (!payload || typeof payload !== "object" || Array.isArray(payload)) {
-                writeOutput({ action: "continue" });
+            if (!raw || typeof raw !== "object" || Array.isArray(raw)) {
+                writeOutput({ action: "continue" }, format);
                 return;
             }
+            const payload = normalizePostInput(raw, format);
             const output = evaluateToolResponse(payload);
-            writeOutput(output);
+            writeOutput(output, format);
         }
         catch {
             // Any unexpected error → fail open
-            writeOutput({ action: "continue" });
+            writeOutput({ action: "continue" }, format);
         }
     });
 }
+/**
+ * Normalize platform-specific PostToolUse stdin into common shape.
+ * Windsurf sends { tool_info: { stdout, stderr } }, Cursor sends { output, ... }.
+ */
+function normalizePostInput(raw, format) {
+    if (format === "windsurf") {
+        const toolInfo = raw.tool_info || {};
+        return {
+            session_id: raw.trajectory_id,
+            tool_name: raw.agent_action_name?.includes("run_command") ? "Bash" : (toolInfo.mcp_tool_name || "unknown"),
+            tool_input: {},
+            tool_response: {
+                output: toolInfo.stdout || toolInfo.output || "",
+                error: toolInfo.stderr || "",
+            },
+        };
+    }
+    if (format === "cursor") {
+        return {
+            session_id: raw.conversation_id,
+            tool_name: raw.hook_event_name === "afterShellExecution" ? "Bash" : (raw.tool_name || "unknown"),
+            tool_input: raw.tool_input || {},
+            tool_response: {
+                output: raw.output || raw.tool_response?.output || "",
+                content: raw.content || raw.tool_response?.content || "",
+                error: raw.error || raw.tool_response?.error || "",
+            },
+        };
+    }
+    // Claude, Codex, Continue, Gemini — same shape
+    return {
+        session_id: raw.session_id,
+        tool_name: raw.tool_name || "",
+        tool_input: raw.tool_input || {},
+        tool_response: raw.tool_response,
+    };
+}
 function evaluateToolResponse(payload) {
     const { tool_response } = payload;
     // No response body — pass through
@@ -82,6 +122,51 @@ function readStdin() {
         process.stdin.resume();
     });
 }
-function writeOutput(output) {
-    process.stdout.write(JSON.stringify(output) + "\n");
+function writeOutput(output, format) {
+    const isModify = output.action === "modify" && output.tool_response;
+    switch (format) {
+        case "cursor": {
+            // Cursor: { agentMessage?: string } for post-tool notifications
+            if (isModify) {
+                process.stdout.write(JSON.stringify({
+                    agentMessage: "Rafter redacted secrets from tool output",
+                }) + "\n");
+            }
+            // No output for continue (noop)
+            break;
+        }
+        case "gemini": {
+            // Gemini AfterTool: { systemMessage?: string } or {}
+            if (isModify) {
+                process.stdout.write(JSON.stringify({
+                    systemMessage: "Rafter redacted secrets from tool output",
+                }) + "\n");
+            }
+            else {
+                process.stdout.write("{}\n");
+            }
+            break;
+        }
+        case "windsurf": {
+            // Windsurf: exit 0 for continue, stderr for notification
+            if (isModify) {
+                process.stderr.write("Rafter: secrets redacted from tool output\n");
+            }
+            // Always exit 0 for post-tool (never block after execution)
+            break;
+        }
+        default: {
+            // Claude Code / Codex / Continue.dev: hookSpecificOutput envelope
+            const hookOutput = {
+                hookSpecificOutput: {
+                    hookEventName: "PostToolUse",
+                },
+            };
+            if (isModify) {
+                hookOutput.hookSpecificOutput.modifiedToolResult = output.tool_response;
+            }
+            process.stdout.write(JSON.stringify(hookOutput) + "\n");
+            break;
+        }
+    }
 }

package/dist/commands/hook/pretool.js

@@ -29,32 +29,81 @@ function formatApprovalMessage(command, evaluation) {
 export function createHookPretoolCommand() {
     return new Command("pretool")
         .description("PreToolUse hook handler (reads stdin, writes JSON decision to stdout)")
-        .action(async () => {
+        .option("--format <format>", "Output format: claude (default, also Codex/Continue), cursor, gemini, windsurf", "claude")
+        .action(async (opts) => {
+        const format = (opts.format || "claude");
         try {
             const input = await readStdin();
-            let payload;
+            let raw;
             try {
-                payload = JSON.parse(input);
+                raw = JSON.parse(input);
             }
             catch {
                 // Can't parse → fail open
-                writeDecision({ decision: "allow" });
+                writeDecision({ decision: "allow" }, format);
                 return;
             }
             // Validate payload is an object with expected shape
-            if (!payload || typeof payload !== "object" || Array.isArray(payload)) {
-                writeDecision({ decision: "allow" });
+            if (!raw || typeof raw !== "object" || Array.isArray(raw)) {
+                writeDecision({ decision: "allow" }, format);
                 return;
             }
+            const payload = normalizeInput(raw, format);
             const decision = evaluateToolCall(payload);
-            writeDecision(decision);
+            writeDecision(decision, format);
         }
         catch {
             // Any unexpected error → fail open
-            writeDecision({ decision: "allow" });
+            writeDecision({ decision: "allow" }, format);
         }
     });
 }
+/**
+ * Normalize platform-specific stdin JSON into a common HookInput shape.
+ *
+ * Claude/Codex/Continue: { tool_name, tool_input: { command } }
+ * Cursor:                { hook_event_name, command, cwd }
+ * Gemini:                { tool_name, tool_input: { command } }  (same as Claude)
+ * Windsurf:              { agent_action_name, tool_info: { command_line, cwd } }
+ */
+function normalizeInput(raw, format) {
+    if (format === "cursor") {
+        // Cursor sends { command, cwd, hook_event_name, ... }
+        const command = raw.command || "";
+        const eventName = raw.hook_event_name || "";
+        // beforeShellExecution → Bash, beforeMCPExecution → tool name from payload
+        const toolName = eventName === "beforeShellExecution" ? "Bash"
+            : eventName === "beforeReadFile" ? "Read"
+                : eventName === "afterFileEdit" ? "Write"
+                    : raw.tool_name || "unknown";
+        return {
+            session_id: raw.conversation_id,
+            tool_name: toolName,
+            tool_input: eventName === "beforeShellExecution" ? { command } : (raw.tool_input || {}),
+        };
+    }
+    if (format === "windsurf") {
+        // Windsurf sends { agent_action_name, tool_info: { command_line, cwd } }
+        const toolInfo = raw.tool_info || {};
+        const actionName = raw.agent_action_name || "";
+        const toolName = actionName.includes("run_command") ? "Bash"
+            : actionName.includes("write_code") ? "Write"
+                : actionName.includes("read_code") ? "Read"
+                    : actionName.includes("mcp_tool_use") ? (toolInfo.mcp_tool_name || "unknown")
+                        : "unknown";
+        return {
+            session_id: raw.trajectory_id,
+            tool_name: toolName,
+            tool_input: toolName === "Bash" ? { command: toolInfo.command_line || "" } : toolInfo,
+        };
+    }
+    // Claude, Codex, Continue, Gemini — all use { tool_name, tool_input }
+    return {
+        session_id: raw.session_id,
+        tool_name: raw.tool_name || "",
+        tool_input: raw.tool_input || {},
+    };
+}
 function evaluateToolCall(payload) {
     const { tool_name, tool_input } = payload;
     if (tool_name === "Bash") {
@@ -154,6 +203,52 @@ function readStdin() {
         process.stdin.resume();
     });
 }
-function writeDecision(decision) {
-    process.stdout.write(JSON.stringify(decision) + "\n");
+function writeDecision(decision, format) {
+    const isDeny = decision.decision === "deny";
+    const reason = decision.reason ?? "";
+    switch (format) {
+        case "cursor": {
+            // Cursor: { permission: "allow"|"deny"|"ask", agentMessage?, userMessage? }
+            const output = {
+                permission: isDeny ? "deny" : "allow",
+            };
+            if (isDeny && reason) {
+                output.agentMessage = reason;
+                output.userMessage = reason;
+            }
+            process.stdout.write(JSON.stringify(output) + "\n");
+            break;
+        }
+        case "gemini": {
+            // Gemini: {} for allow, { decision: "deny", reason: "..." } for deny
+            if (isDeny) {
+                process.stdout.write(JSON.stringify({ decision: "deny", reason }) + "\n");
+            }
+            else {
+                process.stdout.write("{}\n");
+            }
+            break;
+        }
+        case "windsurf": {
+            // Windsurf: exit 0 for allow, exit 2 + stderr for deny
+            if (isDeny) {
+                process.stderr.write(reason + "\n");
+                process.exit(2);
+            }
+            // Allow: exit 0 (no output needed)
+            break;
+        }
+        default: {
+            // Claude Code / Codex / Continue.dev: hookSpecificOutput envelope
+            const output = {
+                hookSpecificOutput: {
+                    hookEventName: "PreToolUse",
+                    permissionDecision: isDeny ? "deny" : "allow",
+                    permissionDecisionReason: reason,
+                },
+            };
+            process.stdout.write(JSON.stringify(output) + "\n");
+            break;
+        }
+    }
 }

package/dist/commands/mcp/server.js

@@ -27,14 +27,14 @@ function textResult(data) {
 function errorResult(message) {
     return { content: [{ type: "text", text: JSON.stringify({ error: message }) }], isError: true };
 }
-function createServer() {
+export function createServer() {
     const server = new Server({ name: "rafter", version: CLI_VERSION }, { capabilities: { tools: {}, resources: {} } });
     // ── Tools ───────────────────────────────────────────────────────────
     server.setRequestHandler(ListToolsRequestSchema, async () => ({
         tools: [
             {
                 name: "scan_secrets",
-                description: "Scan files or directories for hardcoded secrets and credentials",
+                description: "Scan files or directories for leaked secrets, API keys, tokens, passwords, and credentials. Use before pushing code, when handling config files, or when asked 'is this safe to commit?' or 'check for leaked keys'.",
                 inputSchema: {
                     type: "object",
                     properties: {
@@ -50,7 +50,7 @@ function createServer() {
             },
             {
                 name: "evaluate_command",
-                description: "Evaluate whether a shell command is allowed by Rafter security policy",
+                description: "Check if a shell command is safe to run per security policy. Use when asked 'is this command safe?' or before running destructive or privileged operations.",
                 inputSchema: {
                     type: "object",
                     properties: {
@@ -61,7 +61,7 @@ function createServer() {
             },
             {
                 name: "read_audit_log",
-                description: "Read Rafter audit log entries with optional filtering",
+                description: "Read security event history — blocked commands, detected secrets, policy overrides. Use when asked 'what happened?' or 'show security events'.",
                 inputSchema: {
                     type: "object",
                     properties: {
@@ -76,7 +76,7 @@ function createServer() {
             },
             {
                 name: "get_config",
-                description: "Read Rafter configuration (full config or a specific key)",
+                description: "Read Rafter security policy and configuration. Use to understand what protections are active and what risk level is configured.",
                 inputSchema: {
                     type: "object",
                     properties: {