@securityreviewai/securityreview-kit 0.1.25 → 0.1.27

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@securityreviewai/securityreview-kit",
-  "version": "0.1.25",
+  "version": "0.1.27",
   "description": "Bootstrap security-review-mcp for AI IDEs and CLI tools",
   "author": "Debarshi Das <debarshi.das@we45.com>",
   "license": "UNLICENSED",

package/src/cli.js

@@ -37,6 +37,10 @@ export function run() {
             '--profiler-cursor-login',
             'Before Cursor profiling, run cursor-agent login in this terminal (then profiling runs in the same init)',
         )
+        .option(
+            '--profiler-quiet',
+            'When profiling, use minimal agent output (no streaming JSON / verbose progress)',
+        )
         .action(async (options) => {
             try {
                 if (options.switchProject) {

package/src/commands/init.js

@@ -41,7 +41,7 @@ function normalizeRuleResults(rawResult) {
         }
 
         if (entry && typeof entry.filePath === 'string') {
-            const allowedKinds = new Set(['rule', 'command', 'agent', 'skill']);
+            const allowedKinds = new Set(['rule', 'command', 'agent', 'skill', 'hooks', 'config']);
             const kind = allowedKinds.has(entry.kind) ? entry.kind : 'rule';
             return { filePath: entry.filePath, action: entry.action || 'created', kind };
         }
@@ -336,6 +336,8 @@ export async function initCommand(options) {
                         command: 'Workspace command',
                         agent: 'Workspace agent',
                         skill: 'Workspace skill',
+                        hooks: 'Hooks',
+                        config: 'CLI config',
                     };
                     const label = labelByKind[rule.kind] || 'Workspace rule';
                     console.log(chalk.green(`    ✓ ${label} → ${rule.filePath} (${rule.action})`));
@@ -459,6 +461,7 @@ export async function initCommand(options) {
                 target: agentTarget,
                 projectName: projectNameForSkill,
                 cursorTrust: !options.profilerNoTrust,
+                streamProgress: !options.profilerQuiet,
             });
             if (pr.ok) {
                 console.log(chalk.green('  \u2713 Profiler agent finished.'));

package/src/commands/status.js

@@ -63,6 +63,19 @@ export async function statusCommand() {
         console.log(
             `    Workspace Rule: ${ruleHasSrai ? chalk.green('✓ Installed') : chalk.dim('✗ Not found')}  ${chalk.dim(target.rulePath)}`,
         );
+        if (key === 'cursor') {
+            const cliPath = join(cwd, '.cursor', 'cli.json');
+            const cliJson = readJson(cliPath);
+            const allow = cliJson?.permissions?.allow;
+            const hasMcpAllow =
+                Array.isArray(allow) &&
+                allow.some(
+                    (e) => typeof e === 'string' && e.toLowerCase().includes('mcp(security-review-mcp'),
+                );
+            console.log(
+                `    CLI MCP allow:  ${hasMcpAllow ? chalk.green('\u2713 security-review-mcp') : chalk.dim('\u2717 Missing in .cursor/cli.json')}  ${chalk.dim('.cursor/cli.json')}`,
+            );
+        }
         console.log('');
     }
 

package/src/commands/switch-project.js

@@ -25,7 +25,7 @@ function normalizeRuleResults(rawResult) {
         }
 
         if (entry && typeof entry.filePath === 'string') {
-            const allowedKinds = new Set(['rule', 'command', 'agent', 'skill']);
+            const allowedKinds = new Set(['rule', 'command', 'agent', 'skill', 'hooks', 'config']);
             const kind = allowedKinds.has(entry.kind) ? entry.kind : 'rule';
             return { filePath: entry.filePath, action: entry.action || 'created', kind };
         }
@@ -180,6 +180,8 @@ export async function switchProjectCommand(options = {}) {
                     command: 'Workspace command',
                     agent: 'Workspace agent',
                     skill: 'Workspace skill',
+                    hooks: 'Hooks',
+                    config: 'CLI config',
                 };
                 const label = labelByKind[rule.kind] || 'Workspace rule';
                 console.log(chalk.green(`    ✓ ${label} → ${rule.filePath} (${rule.action})`));

package/src/generators/rules/cursor.js

@@ -1,7 +1,7 @@
 import { existsSync } from 'node:fs';
 import { join } from 'node:path';
-import { writeText } from '../../utils/fs-helpers.js';
-import { GUARDRAILS_PROFILER_SKILL_REL_DIR } from '../../utils/constants.js';
+import { GUARDRAILS_PROFILER_SKILL_REL_DIR, MCP_SERVER_NAME } from '../../utils/constants.js';
+import { readJson, writeJson, writeText } from '../../utils/fs-helpers.js';
 import {
     getRuleContent,
     getProfileCommandContent,
@@ -34,6 +34,32 @@ function writeCursorCommand(filePath, content) {
     return { filePath, action };
 }
 
+/**
+ * Merge `.cursor/cli.json` so Cursor CLI / Agent auto-allows security-review-mcp tools (no MCP approval prompts).
+ * @see https://cursor.com/docs/cli/reference/permissions
+ */
+function mergeCursorCliMcpAllowlist(cwd) {
+    const cliPath = join(cwd, '.cursor', 'cli.json');
+    const existed = existsSync(cliPath);
+    const existing = readJson(cliPath) || {};
+    if (!existing.permissions || typeof existing.permissions !== 'object') {
+        existing.permissions = {};
+    }
+    if (!Array.isArray(existing.permissions.allow)) {
+        existing.permissions.allow = [];
+    }
+    const token = `Mcp(${MCP_SERVER_NAME}:*)`;
+    if (!existing.permissions.allow.includes(token)) {
+        existing.permissions.allow.push(token);
+    }
+    if (existing.permissions.deny !== undefined && !Array.isArray(existing.permissions.deny)) {
+        existing.permissions.deny = [];
+    }
+    writeJson(cliPath, existing);
+    const action = existed ? 'updated' : 'created';
+    return { filePath: cliPath, action };
+}
+
 /**
  * Generate Cursor workspace rules at .cursor/rules/*.mdc
  * Cursor uses .mdc format with YAML front matter.
@@ -90,6 +116,8 @@ export function generate(cwd, options = {}) {
     const hooksAction = existsSync(hooksPath) ? 'updated' : 'created';
     writeText(hooksPath, hooksContent);
 
+    const cliPermissions = mergeCursorCliMcpAllowlist(cwd);
+
     return [
         { ...baseRule, kind: 'rule' },
         { ...ctmSyncTriggerRule, kind: 'rule' },
@@ -101,5 +129,6 @@ export function generate(cwd, options = {}) {
         { ...guardrailsInitProfileCommand, kind: 'command' },
         { filePath: skillPath, action: skillAction, kind: 'skill' },
         { filePath: hooksPath, action: hooksAction, kind: 'hooks' },
+        { ...cliPermissions, kind: 'config' },
     ];
 }

package/src/generators/rules/guardrails-init-profile.md

@@ -17,11 +17,15 @@ Configured SRAI project name: `<SRAI_PROJECT_NAME>`
 
 Do not skip MCP upload when credentials and MCP are available.
 
+Do **not** ask the user to verbally approve MCP for `security-review-mcp`. The repo’s **`.cursor/cli.json`** should list `Mcp(security-review-mcp:*)` under `permissions.allow`; call the MCP tools directly.
+
 ## Cursor CLI (scripted)
 
-From the repo root, non-interactive runs should include workspace trust and MCP approval (matches `securityreview-kit init`):
+From the repo root, non-interactive runs should include workspace trust, MCP approval, and **streaming progress** (matches default `securityreview-kit init`):
+
+`cursor-agent -p "<your profiling instructions>" --output-format stream-json --stream-partial-output --trust --approve-mcps`
 
-`cursor-agent -p "<your profiling instructions>" --trust --approve-mcps`
+Omit `--output-format` / `--stream-partial-output` if you want less verbose terminal output (or use `securityreview-kit init` with `--profiler-quiet`).
 
 During `securityreview-kit init`, choose **Yes** when asked to run Cursor login in-terminal, or pass **`--profiler-cursor-login`** with **`--profile-repo`** so login and profiling stay in one run.
 

package/src/generators/rules/guardrails-profiler/SKILL.md

@@ -104,21 +104,13 @@ Create `.guardrails/` if needed and write the profile file.
 
 ### Step 6: Build `profile.json` (project root)
 
-Write **`profile.json`** at the project root with this structure (all parts required; use empty strings or `[]` when unknown — never fabricate compliance or user groups):
+Write **`profile.json`** at the project root with **only** these parts:
 
 ```json
 {
   "schema_version": "2.0",
   "srai_project_name": "<SRAI_PROJECT_NAME>",
   "guardrails_profile": {},
-  "vibe_profile": {
-    "description": "<short summary of what the repo appears to be, from detected stack only>",
-    "architecture_notes": [],
-    "tech_categories": [],
-    "user_groups": [],
-    "compliance_requirements": [],
-    "language_stacks": []
-  },
   "default_guardrail_pack": {
     "guardrail_packs": [],
     "pack_count": 0
@@ -126,26 +118,22 @@ Write **`profile.json`** at the project root with this structure (all parts requ
 }
 ```
 
-Populate `guardrails_profile` with the **same object** written to `.guardrails/profile.json`.
-
-Populate `default_guardrail_pack.guardrail_packs` with the deduplicated pack id list (same as `guardrails_profile.guardrail_packs`) and `pack_count`.
+- Populate **`guardrails_profile`** with the **same object** written to `.guardrails/profile.json` (detection summary, packs, etc.).
+- Populate **`default_guardrail_pack`** with the deduplicated `guardrail_packs` list (same ids as in `guardrails_profile`) and `pack_count`.
 
-Derive `vibe_profile` fields **only** from what you observed:
-
-- `tech_categories`: e.g. `backend`, `frontend`, `database`, `cloud`, `mobile` when supported by files/deps.
-- `language_stacks`: strings like `TypeScript/Node`, `Python/FastAPI` from detection.
-- `architecture_notes`: short bullets (e.g. "Dockerfile present", "GitHub Actions CI") — not speculative threat narratives.
-- `user_groups` / `compliance_requirements`: only if explicit in repo (e.g. compliance docs); else `[]`.
+**Do not** add a separate `vibe_profile` block and do **not** populate narrative fields such as long `description`, `architecture_notes`, `tech_categories`, `user_groups`, `compliance_requirements`, or `language_stacks`. The server-facing “vibe” update is driven **only** from the technical **`guardrails_profile`** plus the default pack (see Step 7).
 
 ### Step 7: Upload to SecurityReview.ai (security-review-mcp)
 
 1. Resolve `project_id`: `find_project_by_name` with `name="<SRAI_PROJECT_NAME>"`. If missing, follow existing kit rules (`list_projects`, `create_project`).
 
-2. Call **`update_vibe_profile`** with `project_id` and the fields from `profile.json.vibe_profile` (map parameter names to the MCP tool’s expected shape; pass only fields the tool accepts).
+2. Call **`update_vibe_profile`** with `project_id` and arguments mapped **only** from **`profile.json.guardrails_profile`** (and any required `project_id` fields) per the MCP tool’s documented schema. Treat the guardrails detection object as the profile payload — **not** a separate prose vibe document.
+
+3. Call **`write_default_pack`** with `project_id` and the payload from **`profile.json.default_guardrail_pack`** (match the MCP tool’s schema).
 
-3. Call **`write_default_pack`** with `project_id` and the default pack payload from `profile.json.default_guardrail_pack` (match the MCP tool’s schema — typically the pack id list and metadata the server expects).
+4. **MCP approval:** Do **not** ask the user to “approve MCP” or “say you approve” for `security-review-mcp`. Security Review Kit installs **`.cursor/cli.json`** with `Mcp(security-review-mcp:*)` in `permissions.allow` so Cursor CLI runs tools without that prompt. Invoke `find_project_by_name`, `update_vibe_profile`, and `write_default_pack` directly. If a call still fails with permissions, report the error and suggest verifying Cursor **auto-run** / CLI permissions — not a conversational approval step.
 
-4. Confirm success to the user: paths written (`profile.json`, `.guardrails/profile.json`) and that both MCP calls completed or the exact error.
+5. Confirm success: paths written (`profile.json`, `.guardrails/profile.json`) and whether both MCP calls succeeded, or the exact error.
 
 ### Step 8: Report
 
@@ -157,7 +145,7 @@ If there are no signals:
 
 1. Optionally read `.git/config` for hints.
 2. Emit minimal profile: `owasp-asvs` only, empty summaries where appropriate.
-3. Still write `profile.json` and attempt MCP calls with honest minimal `vibe_profile` data.
+3. Still write `profile.json` (minimal `guardrails_profile` + `default_guardrail_pack`) and attempt MCP calls.
 
 ## IDE-Specific Notes
 

package/src/utils/profiler-agent.js

@@ -52,16 +52,28 @@ export function pickProfilerAgentTarget(targets) {
  * @param {boolean} [opts.cursorTrust=true] When true, passes `--trust` and `--approve-mcps` so headless init is not blocked by
  *   workspace trust or MCP approval (user confirmed profiling in the kit). Set false with `--profiler-no-trust`
  *   if you need an interactive trust/login/MCP flow in the same terminal.
+ * @param {boolean} [opts.streamProgress=true] When true, pass each CLI’s streaming / verbose flags so the terminal shows live progress
+ *   (JSON event lines on Cursor/Codex; stream-json + partial messages + verbose on Claude). Disable with `--profiler-quiet`.
  */
-export function runProfilerAgent(cwd, { target, projectName, cursorTrust = true }) {
+export function runProfilerAgent(cwd, { target, projectName, cursorTrust = true, streamProgress = true }) {
     const prompt = buildProfilerAgentPrompt(projectName, target);
     const opts = { cwd, stdio: 'inherit', env: { ...process.env } };
 
+    if (streamProgress) {
+        console.error(
+            '\n[securityreview-kit] Profiler live output: you should see streaming progress below ' +
+                '(JSON lines are normal). Use --profiler-quiet for minimal output.\n',
+        );
+    }
+
     if (target === 'cursor') {
         if (!commandOk('cursor-agent', ['--version'])) {
             return { ok: false, message: 'cursor-agent not on PATH' };
         }
         const args = ['-p', prompt];
+        if (streamProgress) {
+            args.push('--output-format', 'stream-json', '--stream-partial-output');
+        }
         if (cursorTrust) {
             args.push('--trust', '--approve-mcps');
         }
@@ -73,7 +85,10 @@ export function runProfilerAgent(cwd, { target, projectName, cursorTrust = true
         if (!commandOk('claude', ['--version'])) {
             return { ok: false, message: 'claude not on PATH' };
         }
-        const r = spawnSync('claude', ['-p', prompt], opts);
+        const args = streamProgress
+            ? ['-p', '--output-format', 'stream-json', '--include-partial-messages', '--verbose', prompt]
+            : ['-p', prompt];
+        const r = spawnSync('claude', args, opts);
         return { ok: r.status === 0, status: r.status };
     }
 
@@ -81,7 +96,8 @@ export function runProfilerAgent(cwd, { target, projectName, cursorTrust = true
         if (!commandOk('codex', ['--version'])) {
             return { ok: false, message: 'codex not on PATH' };
         }
-        const r = spawnSync('codex', ['exec', prompt], opts);
+        const args = streamProgress ? ['exec', '--json', prompt] : ['exec', prompt];
+        const r = spawnSync('codex', args, opts);
         return { ok: r.status === 0, status: r.status };
     }