@rafter-security/cli 0.7.7 → 0.7.9

package/dist/commands/agent/scan.js

@@ -3,6 +3,7 @@ import { RegexScanner } from "../../scanners/regex-scanner.js";
 import { GitleaksScanner } from "../../scanners/gitleaks.js";
 import { ConfigManager } from "../../core/config-manager.js";
 import { AuditLogger } from "../../core/audit-logger.js";
+import { applySuppressions, loadSuppressions, policyIgnoreToSuppressions, } from "../../core/custom-patterns.js";
 import { execFileSync } from "child_process";
 import fs from "fs";
 import os from "os";
@@ -69,19 +70,20 @@ export function createScanCommand() {
         if (isAgentScan) {
             process.stderr.write("Warning: rafter agent scan is deprecated and will be removed in a future major version. Use rafter secrets instead.\n");
         }
-        // Load policy-merged config for excludePaths/customPatterns
+        // Load policy-merged config for excludePaths/customPatterns/ignore
         const manager = new ConfigManager();
         const cfg = manager.loadWithPolicy();
         const scanCfg = cfg.agent?.scan;
+        const suppressions = collectSuppressions(scanCfg?.ignore);
         const baselineEntries = opts.baseline ? loadBaselineEntries() : [];
         // Handle --diff flag
         if (opts.diff) {
-            await scanDiffFiles(opts.diff, opts, scanCfg, baselineEntries, path.resolve(scanPath));
+            await scanDiffFiles(opts.diff, opts, scanCfg, baselineEntries, path.resolve(scanPath), suppressions);
             return;
         }
         // Handle --staged flag
         if (opts.staged) {
-            await scanStagedFiles(opts, scanCfg, baselineEntries, path.resolve(scanPath));
+            await scanStagedFiles(opts, scanCfg, baselineEntries, path.resolve(scanPath), suppressions);
             return;
         }
         const resolvedPath = path.resolve(scanPath);
@@ -92,7 +94,7 @@ export function createScanCommand() {
         }
         // Handle --watch flag
         if (opts.watch) {
-            await watchAndScan(resolvedPath, opts, scanCfg);
+            await watchAndScan(resolvedPath, opts, scanCfg, suppressions);
             return;
         }
         // Determine scan engine
@@ -112,7 +114,7 @@ export function createScanCommand() {
             }
             results = await scanFile(resolvedPath, engine, scanCfg);
         }
-        outputScanResults(applyBaseline(results, baselineEntries), opts);
+        outputScanResults(applyBaseline(results, baselineEntries), opts, undefined, true, suppressions);
     });
 }
 /**
@@ -126,6 +128,14 @@ export function createSecretsCommand() {
     cmd.description("Scan files/directories for hardcoded secrets (regex + gitleaks). Secrets only — not a code analysis. For full SAST/SCA, use 'rafter run'.");
     return cmd;
 }
+/**
+ * Combine .rafterignore + policy ignore rules into a single Suppression list.
+ * Order matters — first match wins, and policy rules are checked first so an
+ * explicit reason wins over a bare .rafterignore line covering the same finding.
+ */
+function collectSuppressions(policyIgnore) {
+    return [...policyIgnoreToSuppressions(policyIgnore), ...loadSuppressions()];
+}
 /**
  * Emit SARIF 2.1.0 JSON for GitHub/GitLab security tab integration
  */
@@ -180,18 +190,21 @@ function outputSarif(results) {
 /**
  * Shared output logic for scan results
  */
-function outputScanResults(results, opts, context, exitOnFindings = true) {
+function outputScanResults(results, opts, context, exitOnFindings = true, suppressions = []) {
     const format = opts.format ?? (opts.json ? "json" : "text");
     if (!["text", "json", "sarif"].includes(format)) {
         console.error(`Invalid format: ${format}. Valid values: text, json, sarif`);
         process.exit(2);
     }
+    // Split suppressed findings off the main result list. Both engines feed
+    // through here, so policy-driven suppression applies regardless of source.
+    const { results: keptResults, suppressed } = applySuppressions(results, suppressions);
     if (format === "sarif") {
-        outputSarif(results);
+        outputSarif(keptResults);
         return;
     }
     if (format === "json" || opts.json) {
-        const out = results.map((r) => ({
+        const filesOut = keptResults.map((r) => ({
             file: r.file,
             matches: r.matches.map((m) => ({
                 pattern: { name: m.pattern.name, severity: m.pattern.severity, description: m.pattern.description || "" },
@@ -200,12 +213,28 @@ function outputScanResults(results, opts, context, exitOnFindings = true) {
                 redacted: m.redacted || "",
             })),
         }));
+        const out = {
+            _note: "Local-only scan: pattern-based detection without agentic-intelligence triage. " +
+                "Findings have not been evaluated for context (public exposure, key validity, " +
+                "deployment environment). Investigate each before acting; do not dismiss. " +
+                "Run 'rafter run' for backend agentic analysis.",
+            scan_mode: "local",
+            triage_applied: false,
+            results: filesOut,
+        };
+        if (suppressed.length > 0) {
+            out._suppressed = suppressed;
+        }
         console.log(JSON.stringify(out, null, 2));
         if (exitOnFindings)
-            process.exit(results.length > 0 ? 1 : 0);
+            process.exit(keptResults.length > 0 ? 1 : 0);
         return;
     }
-    if (results.length === 0) {
+    // Text output — note suppression on stderr so stdout remains parseable.
+    if (suppressed.length > 0 && !opts.quiet) {
+        console.error(fmt.info(`(${suppressed.length} finding(s) hidden by .rafter.yml)`));
+    }
+    if (keptResults.length === 0) {
         if (!opts.quiet) {
             const msg = context ? `No secrets detected in ${context}` : "No secrets detected";
             console.log(`\n${fmt.success(msg)}\n`);
@@ -214,9 +243,9 @@ function outputScanResults(results, opts, context, exitOnFindings = true) {
             process.exit(0);
         return;
     }
-    console.log(`\n${fmt.warning(`Found secrets in ${results.length} file(s):`)}\n`);
+    console.log(`\n${fmt.warning(`Found secrets in ${keptResults.length} file(s):`)}\n`);
     let totalMatches = 0;
-    for (const result of results) {
+    for (const result of keptResults) {
         console.log(`\n${fmt.info(result.file)}`);
         for (const match of result.matches) {
             totalMatches++;
@@ -229,7 +258,7 @@ function outputScanResults(results, opts, context, exitOnFindings = true) {
             console.log();
         }
     }
-    console.log(`\n${fmt.warning(`Total: ${totalMatches} secret(s) detected in ${results.length} file(s)`)}\n`);
+    console.log(`\n${fmt.warning(`Total: ${totalMatches} secret(s) detected in ${keptResults.length} file(s)`)}\n`);
     if (context === "staged files") {
         console.log(`${fmt.error("Commit blocked. Remove secrets before committing.")}\n`);
     }
@@ -242,7 +271,7 @@ function outputScanResults(results, opts, context, exitOnFindings = true) {
 /**
  * Scan files changed since a git ref
  */
-async function scanDiffFiles(ref, opts, scanCfg, baselineEntries = [], scanPath) {
+async function scanDiffFiles(ref, opts, scanCfg, baselineEntries = [], scanPath, suppressions = []) {
     const cwd = scanPath && fs.existsSync(scanPath) && fs.statSync(scanPath).isDirectory() ? scanPath : undefined;
     try {
         const diffOutput = execFileSync("git", ["diff", "--name-only", "--diff-filter=ACM", ref], {
@@ -251,7 +280,7 @@ async function scanDiffFiles(ref, opts, scanCfg, baselineEntries = [], scanPath)
             stdio: ["pipe", "pipe", "ignore"],
         }).trim();
         if (!diffOutput) {
-            outputScanResults([], opts, `files changed since ${ref}`);
+            outputScanResults([], opts, `files changed since ${ref}`, true, suppressions);
             return;
         }
         const changedFiles = diffOutput.split("\n").map(f => f.trim()).filter(f => f);
@@ -275,7 +304,7 @@ async function scanDiffFiles(ref, opts, scanCfg, baselineEntries = [], scanPath)
             const results = await scanFile(filePath, engine, scanCfg);
             allResults.push(...results);
         }
-        outputScanResults(applyBaseline(allResults, baselineEntries), opts, `files changed since ${ref}`);
+        outputScanResults(applyBaseline(allResults, baselineEntries), opts, `files changed since ${ref}`, true, suppressions);
     }
     catch (error) {
         if (error.status === 128) {
@@ -288,7 +317,7 @@ async function scanDiffFiles(ref, opts, scanCfg, baselineEntries = [], scanPath)
 /**
  * Scan git staged files for secrets
  */
-async function scanStagedFiles(opts, scanCfg, baselineEntries = [], scanPath) {
+async function scanStagedFiles(opts, scanCfg, baselineEntries = [], scanPath, suppressions = []) {
     const cwd = scanPath && fs.existsSync(scanPath) && fs.statSync(scanPath).isDirectory() ? scanPath : undefined;
     try {
         const stagedFilesOutput = execFileSync("git", ["diff", "--cached", "--name-only", "--diff-filter=ACM"], {
@@ -297,7 +326,7 @@ async function scanStagedFiles(opts, scanCfg, baselineEntries = [], scanPath) {
             stdio: ["pipe", "pipe", "ignore"]
         }).trim();
         if (!stagedFilesOutput) {
-            outputScanResults([], opts, "staged files");
+            outputScanResults([], opts, "staged files", true, suppressions);
             return;
         }
         const stagedFiles = stagedFilesOutput.split("\n").map(f => f.trim()).filter(f => f);
@@ -321,7 +350,7 @@ async function scanStagedFiles(opts, scanCfg, baselineEntries = [], scanPath) {
             const results = await scanFile(filePath, engine, scanCfg);
             allResults.push(...results);
         }
-        outputScanResults(applyBaseline(allResults, baselineEntries), opts, "staged files");
+        outputScanResults(applyBaseline(allResults, baselineEntries), opts, "staged files", true, suppressions);
     }
     catch (error) {
         if (error.status === 128) {
@@ -404,7 +433,7 @@ async function scanDirectory(dirPath, engine, scanCfg, history) {
 /**
  * Watch a path for changes and re-scan on each change
  */
-async function watchAndScan(watchPath, opts, scanCfg) {
+async function watchAndScan(watchPath, opts, scanCfg, suppressions = []) {
     const { watch } = await import("chokidar");
     const logger = new AuditLogger();
     const engine = await selectEngine(opts.engine || "auto", opts.quiet || false);
@@ -418,7 +447,7 @@ async function watchAndScan(watchPath, opts, scanCfg) {
         : await scanFile(watchPath, engine, scanCfg);
     if (initialResults.length > 0) {
         console.log(fmt.warning(`\n[Initial scan] Found secrets:`));
-        outputScanResults(initialResults, { ...opts, quiet: false }, undefined, /* exitOnFindings= */ false);
+        outputScanResults(initialResults, { ...opts, quiet: false }, undefined, /* exitOnFindings= */ false, suppressions);
         logWatchFindings(logger, initialResults);
     }
     else if (!opts.quiet) {
@@ -442,7 +471,7 @@ async function watchAndScan(watchPath, opts, scanCfg) {
             return;
         const results = await scanFile(filePath, engine, scanCfg);
         if (results.length > 0) {
-            outputScanResults(results, { ...opts, quiet: false }, undefined, /* exitOnFindings= */ false);
+            outputScanResults(results, { ...opts, quiet: false }, undefined, /* exitOnFindings= */ false, suppressions);
             logWatchFindings(logger, results);
         }
         else if (!opts.quiet) {
@@ -459,7 +488,7 @@ async function watchAndScan(watchPath, opts, scanCfg) {
             return;
         const results = await scanFile(filePath, engine, scanCfg);
         if (results.length > 0) {
-            outputScanResults(results, { ...opts, quiet: false }, undefined, /* exitOnFindings= */ false);
+            outputScanResults(results, { ...opts, quiet: false }, undefined, /* exitOnFindings= */ false, suppressions);
             logWatchFindings(logger, results);
         }
         else if (!opts.quiet) {

package/dist/commands/agent/verify.js

@@ -1,9 +1,11 @@
 import { Command } from "commander";
 import { BinaryManager } from "../../utils/binary-manager.js";
 import { SkillManager } from "../../utils/skill-manager.js";
+import { spawnSync } from "child_process";
 import fs from "fs";
 import path from "path";
 import os from "os";
+import yaml from "js-yaml";
 import { fmt } from "../../utils/formatter.js";
 async function checkGitleaks() {
     const binaryManager = new BinaryManager();
@@ -51,8 +53,10 @@ function checkClaudeCode() {
     }
     try {
         const settings = JSON.parse(fs.readFileSync(settingsPath, "utf-8"));
+        // Substring match — Python install writes an absolute path
+        // (/home/foo/bin/rafter hook pretool), Node writes the bare command.
         const hooks = settings?.hooks?.PreToolUse || [];
-        const hasRafterHook = hooks.some((entry) => (entry.hooks || []).some((h) => h.command === "rafter hook pretool"));
+        const hasRafterHook = hooks.some((entry) => (entry.hooks || []).some((h) => String(h?.command ?? "").includes("rafter hook pretool")));
         if (!hasRafterHook) {
             return { name, passed: false, optional: true, detail: "Rafter hooks not installed — run 'rafter agent init --with-claude-code'" };
         }
@@ -69,6 +73,16 @@ function checkOpenClaw() {
         return { name, passed: false, optional: true, detail: `Not detected — run 'rafter agent init --with-openclaw' to enable` };
     }
     if (!skillManager.isRafterSkillInstalled()) {
+        // rf-zgwj: surface the legacy install path so users on rafter ≤ 0.7.7
+        // know they need to re-run to migrate.
+        if (skillManager.hasLegacyRafterSkill()) {
+            return {
+                name,
+                passed: false,
+                optional: true,
+                detail: `Legacy skill at ${skillManager.getLegacyRafterSkillPath()} (not loaded by OpenClaw) — re-run 'rafter agent init --with-openclaw' to migrate to ${skillManager.getRafterSkillPath()}`,
+            };
+        }
         return { name, passed: false, optional: true, detail: `Rafter skill not installed — run 'rafter agent init --with-openclaw'` };
     }
     const version = skillManager.getInstalledVersion();
@@ -156,13 +170,163 @@ function checkWindsurf() {
         return { name, passed: false, optional: true, detail: `Cannot read config: ${e}` };
     }
 }
+function checkContinueDev() {
+    const name = "Continue.dev";
+    const homeDir = os.homedir();
+    const continueDir = path.join(homeDir, ".continue");
+    if (!fs.existsSync(continueDir)) {
+        return { name, passed: false, optional: true, detail: `Not detected — run 'rafter agent init --with-continue' to enable` };
+    }
+    const configPath = path.join(continueDir, "config.json");
+    if (!fs.existsSync(configPath)) {
+        return { name, passed: false, optional: true, detail: `MCP config not found: ${configPath} — run 'rafter agent init --with-continue'` };
+    }
+    try {
+        const cfg = JSON.parse(fs.readFileSync(configPath, "utf-8"));
+        const servers = cfg?.mcpServers;
+        let hasRafter = false;
+        if (Array.isArray(servers))
+            hasRafter = servers.some((s) => s?.name === "rafter");
+        else if (servers && typeof servers === "object")
+            hasRafter = !!servers.rafter;
+        if (!hasRafter) {
+            return { name, passed: false, optional: true, detail: "Rafter MCP server not configured — run 'rafter agent init --with-continue'" };
+        }
+        return { name, passed: true, detail: "MCP server configured" };
+    }
+    catch (e) {
+        return { name, passed: false, optional: true, detail: `Cannot read config: ${e}` };
+    }
+}
+function checkAider() {
+    // Aider has no platform dir of its own; presence of ~/.aider.conf.yml or
+    // a project-local .aider.conf.yml is the install signal. We check the
+    // user-scope file plus the cwd file (rf-du2o ships at --local scope too).
+    const name = "Aider";
+    const home = os.homedir();
+    const userConf = path.join(home, ".aider.conf.yml");
+    const projectConf = path.join(process.cwd(), ".aider.conf.yml");
+    const userRafterMd = path.join(home, "RAFTER.md");
+    const projectRafterMd = path.join(process.cwd(), "RAFTER.md");
+    // Pick whichever scope has a config file; prefer cwd.
+    const conf = fs.existsSync(projectConf) ? projectConf
+        : fs.existsSync(userConf) ? userConf
+            : null;
+    if (!conf) {
+        return { name, passed: false, optional: true, detail: `Not detected — run 'rafter agent init --with-aider' to enable` };
+    }
+    let raw = "";
+    try {
+        raw = fs.readFileSync(conf, "utf-8");
+    }
+    catch (e) {
+        return { name, passed: false, optional: true, detail: `Cannot read config: ${e}` };
+    }
+    let parsed = {};
+    try {
+        const loaded = yaml.load(raw);
+        if (loaded && typeof loaded === "object" && !Array.isArray(loaded)) {
+            parsed = loaded;
+        }
+    }
+    catch {
+        // Unparseable — fall back to substring check
+        const hasReadEntry = /\bRAFTER\.md\b/.test(raw);
+        if (!hasReadEntry) {
+            return { name, passed: false, optional: true, detail: "RAFTER.md not in read: list — run 'rafter agent init --with-aider'" };
+        }
+        return { name, passed: true, detail: "RAFTER.md in read: list (config not strict-YAML)" };
+    }
+    const reads = Array.isArray(parsed.read) ? parsed.read.map(String)
+        : typeof parsed.read === "string" ? [parsed.read] : [];
+    if (!reads.includes("RAFTER.md")) {
+        return { name, passed: false, optional: true, detail: `RAFTER.md not in read: list (${conf}) — run 'rafter agent init --with-aider'` };
+    }
+    const rafterMd = conf === projectConf ? projectRafterMd : userRafterMd;
+    if (!fs.existsSync(rafterMd)) {
+        return { name, passed: false, optional: true, detail: `RAFTER.md missing at ${rafterMd} — run 'rafter agent init --with-aider'` };
+    }
+    return { name, passed: true, detail: `RAFTER.md + read: entry in ${conf}` };
+}
+/**
+ * Probe the Claude Code hook integration end-to-end (rf-65zg).
+ *
+ * Synthesizes a stdin payload that mimics Claude's PreToolUse hook contract
+ * with a known-dangerous test command, invokes `rafter hook pretool` (the
+ * command Claude would invoke), and asserts ~/.rafter/audit.jsonl received
+ * a `command_intercepted` entry for the probe command.
+ *
+ * Catches the rf-luk-style "wrote file but the command never fires the
+ * audit log" failure without needing to drive Claude Code itself.
+ */
+function probeClaudeCode() {
+    const name = "Claude Code (probe)";
+    const home = os.homedir();
+    const settingsPath = path.join(home, ".claude", "settings.json");
+    if (!fs.existsSync(settingsPath)) {
+        return { name, passed: false, optional: true, detail: "Not installed — skip" };
+    }
+    // Use a unique sentinel command per probe run so we don't collide with
+    // real-world audit entries.
+    const sentinel = `rafter-probe-${process.pid}-${Date.now()}`;
+    const probeCommand = `rm -rf /tmp/${sentinel}`;
+    const stdinPayload = JSON.stringify({
+        session_id: sentinel,
+        transcript_path: "",
+        cwd: process.cwd(),
+        permission_mode: "default",
+        hook_event_name: "PreToolUse",
+        tool_name: "Bash",
+        tool_input: { command: probeCommand },
+    });
+    const auditPath = path.join(home, ".rafter", "audit.jsonl");
+    const sizeBefore = fs.existsSync(auditPath) ? fs.statSync(auditPath).size : 0;
+    // Resolve the rafter binary the same way Claude Code would: `rafter hook
+    // pretool` on PATH. Fall back to argv[0] if PATH lookup fails.
+    const result = spawnSync(process.execPath, [process.argv[1], "hook", "pretool"], {
+        input: stdinPayload,
+        encoding: "utf-8",
+        timeout: 10000,
+    });
+    if (result.error) {
+        return { name, passed: false, detail: `rafter hook pretool failed to spawn: ${result.error.message}` };
+    }
+    if (!fs.existsSync(auditPath)) {
+        return { name, passed: false, detail: `Hook ran but ${auditPath} was not created (exit=${result.status})` };
+    }
+    const newContent = fs.readFileSync(auditPath, "utf-8").slice(sizeBefore);
+    const lines = newContent.split("\n").filter((l) => l.trim().length > 0);
+    const hit = lines.some((line) => {
+        try {
+            const entry = JSON.parse(line);
+            const cmd = String(entry?.action?.command ?? entry?.command ?? "");
+            return entry?.eventType === "command_intercepted" && cmd.includes(sentinel);
+        }
+        catch {
+            return false;
+        }
+    });
+    if (!hit) {
+        return {
+            name,
+            passed: false,
+            detail: `Probe ran (exit=${result.status}) but no command_intercepted entry for sentinel "${sentinel}" landed in ${auditPath}`,
+        };
+    }
+    return { name, passed: true, detail: `Probe fired → command_intercepted recorded in ${auditPath}` };
+}
 export function createVerifyCommand() {
     return new Command("verify")
         .description("Check agent security integration status")
-        .action(async () => {
-        console.log(fmt.header("Rafter Agent Verify"));
-        console.log(fmt.divider());
-        console.log();
+        .option("--json", "Emit results as JSON (one object per check + summary)")
+        .option("--probe", "Runtime probe: invoke rafter hook commands with synthetic platform-format payloads and assert ~/.rafter/audit.jsonl recorded the interception. Catches the 'wrote file but never fires' failure mode (rf-65zg).")
+        .action(async (opts) => {
+        const json = !!opts.json;
+        if (!json) {
+            console.log(fmt.header("Rafter Agent Verify"));
+            console.log(fmt.divider());
+            console.log();
+        }
         const results = [
             checkConfig(),
             await checkGitleaks(),
@@ -172,30 +336,56 @@ export function createVerifyCommand() {
             checkGemini(),
             checkCursor(),
             checkWindsurf(),
+            checkContinueDev(),
+            checkAider(),
         ];
-        for (const r of results) {
-            if (r.passed) {
-                console.log(fmt.success(`${r.name}: ${r.detail}`));
-            }
-            else if (r.optional) {
-                console.log(fmt.warning(`${r.name}: ${r.detail}`));
-            }
-            else {
-                console.log(fmt.error(`${r.name}: FAIL — ${r.detail}`));
-            }
+        if (opts.probe) {
+            // Only Claude Code has a probe today (rf-65zg). Codex/Cursor/Gemini
+            // hook payloads can be added in follow-ups.
+            results.push(probeClaudeCode());
         }
-        console.log();
         const hardFailed = results.filter((r) => !r.passed && !r.optional);
         const warned = results.filter((r) => !r.passed && r.optional);
         const passed = results.filter((r) => r.passed);
-        if (hardFailed.length === 0) {
-            const warnNote = warned.length > 0 ? ` (${warned.length} optional check${warned.length > 1 ? "s" : ""} not configured)` : "";
-            console.log(fmt.success(`${passed.length}/${results.length} core checks passed${warnNote}`));
+        if (json) {
+            const payload = {
+                checks: results.map((r) => ({
+                    name: r.name,
+                    status: r.passed ? "pass" : r.optional ? "warn" : "fail",
+                    detail: r.detail,
+                })),
+                summary: {
+                    passed: passed.length,
+                    warned: warned.length,
+                    failed: hardFailed.length,
+                    total: results.length,
+                    probe: !!opts.probe,
+                },
+            };
+            process.stdout.write(JSON.stringify(payload) + "\n");
         }
         else {
-            console.log(fmt.error(`${passed.length}/${results.length} checks passed — ${hardFailed.length} failed`));
+            for (const r of results) {
+                if (r.passed) {
+                    console.log(fmt.success(`${r.name}: ${r.detail}`));
+                }
+                else if (r.optional) {
+                    console.log(fmt.warning(`${r.name}: ${r.detail}`));
+                }
+                else {
+                    console.log(fmt.error(`${r.name}: FAIL — ${r.detail}`));
+                }
+            }
+            console.log();
+            if (hardFailed.length === 0) {
+                const warnNote = warned.length > 0 ? ` (${warned.length} optional check${warned.length > 1 ? "s" : ""} not configured)` : "";
+                console.log(fmt.success(`${passed.length}/${results.length} core checks passed${warnNote}`));
+            }
+            else {
+                console.log(fmt.error(`${passed.length}/${results.length} checks passed — ${hardFailed.length} failed`));
+            }
+            console.log();
         }
-        console.log();
         if (hardFailed.length > 0) {
             process.exit(1);
         }

package/dist/commands/brief.js

@@ -125,43 +125,6 @@ function buildTopics() {
             description: "Setup instructions for unsupported / generic agents",
             render: () => renderPlatformSetup("generic"),
         },
-        pricing: {
-            description: "What's free, what's paid, and the philosophy behind it",
-            render: () => [
-                "# Rafter Pricing",
-                "",
-                "**Free forever for individuals and open source. No account required. No telemetry.**",
-                "",
-                "## What's Free",
-                "",
-                "All local agent security features are free with no limits:",
-                "",
-                "- Secret scanning (21+ patterns, Gitleaks integration)",
-                "- Pre-commit hooks (local and global)",
-                "- Command interception with risk-tiered approval",
-                "- Skill/extension auditing",
-                "- Audit logging",
-                "- MCP server for tool integration",
-                "- CI/CD pipeline generation",
-                "- All supported agent integrations (Claude Code, Codex, Gemini, Cursor, Windsurf, Aider, OpenClaw, Continue.dev)",
-                "",
-                "No API key. No sign-up. No telemetry. No data collection. No network access required.",
-                "Everything runs locally on your machine. MIT licensed.",
-                "",
-                "## Remote Code Analysis (API)",
-                "",
-                "Remote SAST/SCA scanning via the Rafter API has a free tier.",
-                "Sign up at rafter.so for an API key. Enterprise plans offer higher",
-                "limits, dashboards, policy management, and compliance reporting.",
-                "",
-                "## Philosophy",
-                "",
-                "Security tooling should be free for the people writing code.",
-                "Generous free tiers drive bottom-up adoption. Enterprise value",
-                "comes from dashboards, policy, and compliance — not from gating",
-                "the tools developers use every day.",
-            ].join("\n"),
-        },
         ...Object.fromEntries(RAFTER_SUBDOCS.map(({ slug, desc }) => [
             slug,
             {
@@ -323,7 +286,9 @@ Add to Windsurf's MCP config (\`~/.codeium/windsurf/mcp_config.json\`):
 \`\`\``,
     aider: `# Rafter Setup — Aider
 
-Aider uses MCP for tool integration.
+Aider has no plugin/hook system and no native MCP support. Its only intercept
+for persistent context is the \`read:\` flag in \`.aider.conf.yml\`, which
+injects read-only files into every session.
 
 ## Automated Setup
 
@@ -331,18 +296,21 @@ Aider uses MCP for tool integration.
 rafter agent init --with-aider
 \`\`\`
 
+This writes \`RAFTER.md\` at the workspace root and adds it to \`read:\` in
+\`.aider.conf.yml\`.
+
 ## Manual Setup
 
-Add to \`~/.aider.conf.yml\`:
-\`\`\`yaml
-mcp-servers:
-  - name: rafter
-    command: rafter mcp serve
-\`\`\`
+1. Create \`RAFTER.md\` at the workspace root with rafter's security context.
+2. Add to \`.aider.conf.yml\`:
+   \`\`\`yaml
+   read:
+     - RAFTER.md
+   \`\`\`
 
 ## Supplementing with Brief
 
-Aider doesn't have persistent memory, so run before each session:
+Aider doesn't have persistent memory beyond \`read:\`, so run before each session:
 \`\`\`bash
 rafter brief commands    # quick command reference
 \`\`\``,

package/dist/commands/issues/from-scan.js

@@ -132,7 +132,10 @@ async function draftsFromBackendScan(scanId, apiKey) {
 }
 function draftsFromLocalScan(filePath) {
     const raw = fs.readFileSync(filePath, "utf-8");
-    const results = JSON.parse(raw);
+    const parsed = JSON.parse(raw);
+    // New shape: { _note, scan_mode, triage_applied, results: [...] }
+    // Legacy shape (pre-0.7.8): bare array. Accept both for forward-compat reading.
+    const results = Array.isArray(parsed) ? parsed : (parsed?.results ?? []);
     const drafts = [];
     for (const result of results) {
         for (const match of result.matches) {

package/dist/core/config-manager.js

@@ -254,6 +254,12 @@ export class ConfigManager {
                 config.agent.scan.customPatterns = policy.scan.customPatterns;
             }
         }
+        // Ignore rules — top-level policy key, applied per finding at scan time
+        if (policy.ignore && config.agent) {
+            if (!config.agent.scan)
+                config.agent.scan = {};
+            config.agent.scan.ignore = policy.ignore;
+        }
         // Audit settings
         if (policy.audit && config.agent) {
             if (policy.audit.retentionDays != null) {