agent-security-scanner-mcp 3.13.0 → 3.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/README.md +55 -1
  2. package/package.json +2 -2
  3. package/packages/npm-bloom.json +0 -1
  4. package/packages/pypi-bloom.json +0 -1
  5. package/packages/rubygems-bloom.json +0 -1
package/README.md CHANGED
@@ -1,6 +1,12 @@
1
+ <div align="center">
2
+
3
+ <img src="./prooflayer-scanner/logo.svg" alt="ProofLayer Logo" width="400"/>
4
+
1
5
  # agent-security-scanner-mcp
2
6
 
3
- Security scanner for AI coding agents and autonomous assistants. Scans code for vulnerabilities, detects hallucinated packages, and blocks prompt injection — via MCP (Claude Code, Cursor, Windsurf, Cline) or CLI (OpenClaw, CI/CD).
7
+ **Security scanner for AI coding agents and autonomous assistants**
8
+
9
+ Scans code for vulnerabilities, detects hallucinated packages, and blocks prompt injection — via MCP (Claude Code, Cursor, Windsurf, Cline) or CLI (OpenClaw, CI/CD).
4
10
 
5
11
  [![npm downloads](https://img.shields.io/npm/dt/agent-security-scanner-mcp.svg)](https://www.npmjs.com/package/agent-security-scanner-mcp)
6
12
  [![npm version](https://img.shields.io/npm/v/agent-security-scanner-mcp.svg)](https://www.npmjs.com/package/agent-security-scanner-mcp)
@@ -8,6 +14,54 @@ Security scanner for AI coding agents and autonomous assistants. Scans code for
8
14
  [![Benchmark: 97.7% precision](https://img.shields.io/badge/precision-97.7%25-brightgreen.svg)](benchmarks/RESULTS.md)
9
15
  [![CI](https://github.com/sinewaveai/agent-security-scanner-mcp/actions/workflows/test.yml/badge.svg)](https://github.com/sinewaveai/agent-security-scanner-mcp/actions/workflows/test.yml)
10
16
 
17
+ </div>
18
+
19
+ ---
20
+
21
+ ## 🎯 Two Versions Available
22
+
23
+ ### 🔥 ProofLayer (Lightweight) - **NEW!**
24
+ **Ultra-fast, zero-Python security scanner** — 81.5KB package, 4-second install
25
+
26
+ [![npm](https://img.shields.io/npm/v/@prooflayer/security-scanner.svg)](https://www.npmjs.com/package/@prooflayer/security-scanner)
27
+ [![Install Size](https://img.shields.io/badge/size-81.5KB-brightgreen)](https://www.npmjs.com/package/@prooflayer/security-scanner)
28
+
29
+ ```bash
30
+ npm install -g @prooflayer/security-scanner
31
+ ```
32
+
33
+ - ⚡ **4-second install** (vs 45s traditional scanners)
34
+ - 📦 **81.5KB package** (vs 50MB+ alternatives)
35
+ - 🚀 **Instant scans** - pure regex, no Python/LLM
36
+ - 🛡️ **400+ security rules** across 9 languages
37
+ - 🎯 **7 MCP tools** for AI agents
38
+ - ✅ **Zero dependencies** on Python
39
+ - 💯 **MIT licensed** - free for commercial use
40
+
41
+ [📖 ProofLayer Documentation →](./prooflayer-scanner/)
42
+
43
+ ---
44
+
45
+ ### 🔬 Full Version (Advanced)
46
+ **Enterprise-grade scanner** with AST analysis, taint tracking, and cross-file analysis
47
+
48
+ [![npm](https://img.shields.io/npm/v/agent-security-scanner-mcp.svg)](https://www.npmjs.com/package/agent-security-scanner-mcp)
49
+
50
+ ```bash
51
+ npm install -g agent-security-scanner-mcp
52
+ ```
53
+
54
+ - 🧬 **AST + Taint Analysis** - deep code understanding
55
+ - 🔍 **1,700+ security rules** across 12 languages
56
+ - 📊 **Cross-file tracking** - follow data flows
57
+ - 🎯 **11 MCP tools** + CLI commands
58
+ - 📦 **4.3M+ package verification** (bloom filters)
59
+ - 🐍 **Python analyzer** for advanced features
60
+
61
+ Continue reading below for full version documentation →
62
+
63
+ ---
64
+
11
65
  > **New in v3.11.0:** ClawHub ecosystem security scanning — scanned all 777 ClawHub skills and found 69.5% have security issues. New `scan-clawhub` CLI for batch scanning, 40+ prompt injection patterns, jailbreak detection (DAN mode, dev mode), data exfiltration checks. [See ClawHub Security Reports](./clawhub-security-reports/).
12
66
  >
13
67
  > **Also in v3.10.0:** ClawProof OpenClaw plugin — 6-layer deep skill scanner (`scan_skill`) with ClawHavoc malware signatures (27 rules, 121 patterns covering reverse shells, crypto miners, info stealers, C2 beacons, and OpenClaw-specific attacks), package supply chain verification, and rug pull detection.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "agent-security-scanner-mcp",
3
- "version": "3.13.0",
3
+ "version": "3.15.0",
4
4
  "mcpName": "io.github.sinewaveai/agent-security-scanner-mcp",
5
5
  "description": "Security scanner MCP server for AI coding agents. Prompt injection firewall, package hallucination detection (4.3M+ packages), 1000+ vulnerability rules with AST & taint analysis, auto-fix. For Claude Code, Cursor, Windsurf, Cline, OpenClaw.",
6
6
  "main": "index.js",
@@ -64,7 +64,7 @@
64
64
  "type": "git",
65
65
  "url": "git+https://github.com/sinewaveai/agent-security-scanner-mcp.git"
66
66
  },
67
- "homepage": "https://github.com/sinewaveai/agent-security-scanner-mcp#readme",
67
+ "homepage": "https://www.proof-layer.com/",
68
68
  "bugs": {
69
69
  "url": "https://github.com/sinewaveai/agent-security-scanner-mcp/issues"
70
70
  },