agent-security-lens 0.1.5 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/.mcp/server.json +2 -2
  2. package/CHANGELOG.md +5 -0
  3. package/README.md +3 -1
  4. package/RELEASE-MANIFEST.json +15 -15
  5. package/apps/mcp-server/agent-security-lens-mcp.mjs +5 -0
  6. package/bin/agent-security-lens-review.mjs +2 -1
  7. package/llms.txt +1 -1
  8. package/package.json +1 -1
  9. package/server.json +2 -2
package/.mcp/server.json CHANGED
@@ -8,12 +8,12 @@
8
8
  "url": "https://github.com/professor2k8/agent-security-lens",
9
9
  "source": "github"
10
10
  },
11
- "version": "0.1.5",
11
+ "version": "0.1.6",
12
12
  "packages": [
13
13
  {
14
14
  "registryType": "npm",
15
15
  "identifier": "agent-security-lens",
16
- "version": "0.1.5",
16
+ "version": "0.1.6",
17
17
  "transport": {
18
18
  "type": "stdio"
19
19
  },
package/CHANGELOG.md CHANGED
@@ -1,5 +1,10 @@
1
1
  # Changelog
2
2
 
3
+ ## 0.1.6
4
+
5
+ - Route `agent-security-lens review ...` to the quick pre-install decision CLI while preserving MCP stdio mode for normal agent configuration.
6
+ - Prefer the package main command in quick-start docs so agents can call the same package they install as an MCP.
7
+
3
8
  ## 0.1.5
4
9
 
5
10
  - Add `asl-review` and `agent-security-lens-review` quick decision commands for pre-install checks without configuring an MCP client first.
package/README.md CHANGED
@@ -11,7 +11,7 @@ ASL is not a malware verdict tool. It returns observable risk signals, required
11
11
  Try one pre-install decision first:
12
12
 
13
13
  ```bash
14
- npx -y --package agent-security-lens asl-review filesystem \
14
+ npx -y agent-security-lens review filesystem \
15
15
  --type mcp \
16
16
  --source-url https://github.com/modelcontextprotocol/servers \
17
17
  --install-command "npx -y @modelcontextprotocol/server-filesystem ." \
@@ -21,6 +21,8 @@ npx -y --package agent-security-lens asl-review filesystem \
21
21
 
22
22
  The command returns an agent-readable decision, trust score, risk signals, safe install plan, and whether automatic installation is allowed.
23
23
 
24
+ If your shell does not expose npm temporary binaries correctly, use `npm install -g agent-security-lens` once, then run the same command without `npx -y`.
25
+
24
26
  Add ASL as a pre-install trust check MCP:
25
27
 
26
28
  ```json
package/RELEASE-MANIFEST.json CHANGED
@@ -1,8 +1,8 @@
1
1
  {
2
2
  "schema_version": "0.1.0",
3
3
  "package": "agent-security-lens",
4
- "version": "0.1.5",
5
- "generated_at": "2026-06-24T12:03:47.242Z",
4
+ "version": "0.1.6",
5
+ "generated_at": "2026-06-24T12:17:11.165Z",
6
6
  "source": "ASL verified public release exporter",
7
7
  "files": [
8
8
  {
@@ -48,7 +48,7 @@
48
48
  {
49
49
  "path": ".mcp/server.json",
50
50
  "bytes": 1316,
51
- "sha256": "01b08b038eb21dd2295495b5b6510fa152a7ad5e0cec8ad58a0930b2236bc2a4"
51
+ "sha256": "ccd53b1ecd798c344991cb136945a256b21e6b9929a594df08be8d4da4f9fcb3"
52
52
  },
53
53
  {
54
54
  "path": ".npmignore",
@@ -57,8 +57,8 @@
57
57
  },
58
58
  {
59
59
  "path": "CHANGELOG.md",
60
- "bytes": 2373,
61
- "sha256": "94e67cb8c723468ff5fab1a1376d5ba3323fb21343823a06d2dcde0c81c33f10"
60
+ "bytes": 2641,
61
+ "sha256": "2ed80a454a044e14aaf185d0b8498bc3d9abaec6ae78159416ceacec9b68227c"
62
62
  },
63
63
  {
64
64
  "path": "CODE_OF_CONDUCT.md",
@@ -87,8 +87,8 @@
87
87
  },
88
88
  {
89
89
  "path": "README.md",
90
- "bytes": 7097,
91
- "sha256": "521c54734fafe40d25719373fc04dbbe052f2185f381cd85015999940745c3e2"
90
+ "bytes": 7239,
91
+ "sha256": "23bfccd78e24d3bcd671d8eb1ea3228d38577145580aa9c8239e26634908bc89"
92
92
  },
93
93
  {
94
94
  "path": "SECURITY.md",
@@ -97,13 +97,13 @@
97
97
  },
98
98
  {
99
99
  "path": "apps/mcp-server/agent-security-lens-mcp.mjs",
100
- "bytes": 15239,
101
- "sha256": "612a1c12ed4a646d9208e8393ac0964b89b6034f5559d32f23a9217f1ff37376"
100
+ "bytes": 15475,
101
+ "sha256": "b52fd8db2d26868d5403664420b631f08e7e1616b787b61644d79b647c1884e7"
102
102
  },
103
103
  {
104
104
  "path": "bin/agent-security-lens-review.mjs",
105
- "bytes": 6938,
106
- "sha256": "8086a968c00640e0aa08b0bb0107ced6aa3e686846d3d51e2bba52f1b2e4eb9d"
105
+ "bytes": 7016,
106
+ "sha256": "a11cfd8a70882c7d4ba4aa3af58f184db1acbfa4aa1a68e08f77ca4c232278f3"
107
107
  },
108
108
  {
109
109
  "path": "bin/agent-security-lens.mjs",
@@ -277,13 +277,13 @@
277
277
  },
278
278
  {
279
279
  "path": "llms.txt",
280
- "bytes": 2151,
281
- "sha256": "07f20087fb912891247d4e4779925fa15a9e83fea52e0142a74292477f52a183"
280
+ "bytes": 2137,
281
+ "sha256": "b54be6efb874b5972956313a3c436edcb1f236de1e700ce7557cee6d940d43f6"
282
282
  },
283
283
  {
284
284
  "path": "package.json",
285
285
  "bytes": 2568,
286
- "sha256": "e7d3850d61923b3d6e8b29decc3aa1e2c4717a1ad1c7736a4901031c2b8f4dce"
286
+ "sha256": "a56f3b0f99b1ebb8fc1e36524dc250ba79632c290ad2471adc197c41277f8e44"
287
287
  },
288
288
  {
289
289
  "path": "profiles/generic-agent/profile.json",
@@ -413,7 +413,7 @@
413
413
  {
414
414
  "path": "server.json",
415
415
  "bytes": 1316,
416
- "sha256": "01b08b038eb21dd2295495b5b6510fa152a7ad5e0cec8ad58a0930b2236bc2a4"
416
+ "sha256": "ccd53b1ecd798c344991cb136945a256b21e6b9929a594df08be8d4da4f9fcb3"
417
417
  },
418
418
  {
419
419
  "path": "src/assessment/assess.mjs",
package/apps/mcp-server/agent-security-lens-mcp.mjs CHANGED
@@ -17,6 +17,11 @@ const serverInfo = {
17
17
  version: "0.1.0"
18
18
  };
19
19
 
20
+ if (process.argv[2] === "review" || process.argv[2] === "quick-review" || process.argv[2] === "--help" || process.argv[2] === "-h") {
21
+ await import("../../bin/agent-security-lens-review.mjs");
22
+ process.exit(process.exitCode || 0);
23
+ }
24
+
20
25
  const tools = [
21
26
  {
22
27
  name: "get_install_policy",
package/bin/agent-security-lens-review.mjs CHANGED
@@ -42,6 +42,7 @@ function parseArgs(argv) {
42
42
  };
43
43
 
44
44
  const rest = argv.slice(2);
45
+ if (rest[0] === "review" || rest[0] === "quick-review") rest.shift();
45
46
  if (!rest.length || rest.includes("--help") || rest.includes("-h")) return { help: true };
46
47
 
47
48
  args.component_name = rest[0];
@@ -187,7 +188,7 @@ async function main() {
187
188
  }
188
189
  }
189
190
 
190
- main().catch((error) => {
191
+ await main().catch((error) => {
191
192
  console.error(error?.stack || String(error));
192
193
  process.exitCode = 1;
193
194
  });
package/llms.txt CHANGED
@@ -6,7 +6,7 @@ Primary use:
6
6
  Before installing or enabling any MCP, Skill, tool, prompt bundle or workflow, call the AgentSecurityLens MCP tool `review_before_install`.
7
7
 
8
8
  Quick pre-install review command:
9
- `npx -y --package agent-security-lens asl-review <component-name> --type mcp --source-url <url> --install-command <command>`
9
+ `npx -y agent-security-lens review <component-name> --type mcp --source-url <url> --install-command <command>`
10
10
 
11
11
  Public intelligence files:
12
12
  - docs/agent-install.md
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "agent-security-lens",
3
- "version": "0.1.5",
3
+ "version": "0.1.6",
4
4
  "private": false,
5
5
  "mcpName": "io.github.professor2k8/agent-security-lens",
6
6
  "description": "Safe-install and trust-check MCP for autonomous agents before they install MCPs, Skills or tools.",
package/server.json CHANGED
@@ -8,12 +8,12 @@
8
8
  "url": "https://github.com/professor2k8/agent-security-lens",
9
9
  "source": "github"
10
10
  },
11
- "version": "0.1.5",
11
+ "version": "0.1.6",
12
12
  "packages": [
13
13
  {
14
14
  "registryType": "npm",
15
15
  "identifier": "agent-security-lens",
16
- "version": "0.1.5",
16
+ "version": "0.1.6",
17
17
  "transport": {
18
18
  "type": "stdio"
19
19
  },