agent-security-scanner-mcp 4.1.0 → 4.2.0

package/README.md

@@ -63,6 +63,10 @@ Continue reading below for full version documentation →
 
 ---
 
+> **New in v4.2.0:** Compliance evidence collection — evaluate projects against SOC2-Technical (8 controls) and GDPR-Technical (6 controls) frameworks. Collects evidence from code scans, SBOM, vulnerability checks, and hallucination detection, then evaluates controls with pass/partial/fail/not_evaluated status. Supports evidence persistence for audit trails. [See Compliance Evaluation](#-compliance-evaluation-new-in-v420).
+>
+> **New in v4.1.0:** SBOM generation and dependency vulnerability analysis — generates CycloneDX v1.5 SBOMs, scans against OSV.dev for CVEs, detects hallucinated packages, compares baselines, and generates HTML audit reports. Supports 8 lock file formats and 7 manifest formats across npm, Python, Go, Rust, Ruby, and Java ecosystems. [See SBOM Tools](#-sbom--supply-chain-analysis-new-in-v410).
+>
 > **New in v4.0.0:** LLM-powered semantic code review agent with intent profiling — understands what your project is supposed to do and flags patterns that violate that intent. Same `eval()` call = safe in a build tool, dangerous in an e-commerce app. Supports Claude CLI (no API key needed!), Anthropic, and OpenAI. [See code-review-agent](#-llm-powered-code-review-agent-new-in-v400).
 >
 > **New in v3.11.0:** ClawHub ecosystem security scanning — scanned all 16,532 ClawHub skills and found 46% have critical vulnerabilities. New `scan-clawhub` CLI for batch scanning, 40+ prompt injection patterns, jailbreak detection (DAN mode, dev mode), data exfiltration checks. [See ClawHub Security Dashboard](https://www.proof-layer.com/dashboard).
@@ -87,6 +91,13 @@ Continue reading below for full version documentation →
 | `scan_skill` | Deep security scan of an OpenClaw skill: prompt injection, AST+taint code analysis, ClawHavoc malware signatures, supply chain, rug pull. Returns A-F grade | Before installing any OpenClaw skill |
 | `scanner_health` | Check plugin health: engine status, daemon status, package data availability | Diagnostics and plugin status |
 | `list_security_rules` | List available security rules and fix templates | To check rule coverage for a language |
+| `sbom_generate` | Generate CycloneDX v1.5 SBOM for a project (8 lock file formats, 7 manifest formats) | Before releases, for compliance audits |
+| `sbom_scan_vulnerabilities` | Cross-reference SBOM against OSV.dev for CVEs with severity filtering | After generating SBOM, for security audits |
+| `sbom_check_hallucinations` | Verify all SBOM packages exist in official registries | Before deploying, to catch AI-invented packages |
+| `sbom_diff` | Compare current SBOM against baseline, detect added/removed/changed packages | In CI/CD to track dependency drift |
+| `sbom_export_report` | Generate HTML or JSON audit report from SBOM with vulnerability data | For PCI-DSS compliance, security reviews |
+| `get_compliance_controls` | Look up compliance controls with evaluation criteria (AIUC-1, SOC2, GDPR) | To understand compliance requirements |
+| `evaluate_compliance` | Evaluate project against compliance frameworks with evidence collection | For SOC2/GDPR technical compliance audits |
 
 ## Quick Start
 
@@ -243,6 +254,351 @@ npx cr-agent analyze ./path/to/project -f sarif -p claude-cli
 
 ---
 
+## 📦 SBOM / Supply Chain Analysis (New in v4.1.0)
+
+Generate Software Bill of Materials (SBOM) and analyze dependencies for vulnerabilities across your entire supply chain.
+
+### Quick Start
+
+```bash
+# Generate SBOM for current project
+npx agent-security-scanner-mcp sbom-generate .
+
+# Scan for vulnerabilities against OSV.dev
+npx agent-security-scanner-mcp sbom-vulnerabilities .
+
+# Check for hallucinated packages
+npx agent-security-scanner-mcp sbom-check-hallucinations .
+
+# Compare against baseline (CI/CD)
+npx agent-security-scanner-mcp sbom-diff . --save-baseline  # First run
+npx agent-security-scanner-mcp sbom-diff .                  # Subsequent runs
+
+# Generate HTML audit report
+npx agent-security-scanner-mcp sbom-report . --format html
+```
+
+### Supported Ecosystems
+
+| Ecosystem | Lock Files | Manifests | CLI Fallback |
+|-----------|------------|-----------|--------------|
+| **npm** | package-lock.json (v2/v3), yarn.lock (classic/berry), pnpm-lock.yaml | package.json | `npm ls`, `pnpm list` |
+| **Python** | poetry.lock, Pipfile.lock | requirements.txt, pyproject.toml | — |
+| **Go** | go.sum | go.mod | `go list` |
+| **Rust** | Cargo.lock | — | `cargo metadata` |
+| **Ruby** | Gemfile.lock | Gemfile | — |
+| **Java** | — | pom.xml, build.gradle | `mvn dependency:tree` |
+
+### SBOM Tools
+
+#### `sbom_generate`
+
+Generate a CycloneDX v1.5 SBOM for a project. Discovers all dependencies (direct + transitive) from lock files and manifests.
+
+```json
+// Input
+{ "directory_path": "./my-project", "verbosity": "compact" }
+
+// Output
+{
+  "total_components": 212,
+  "direct": 20,
+  "dev": 91,
+  "ecosystems": ["npm", "pypi"],
+  "components": [
+    { "name": "express", "version": "4.18.2", "ecosystem": "npm", "isDirect": true }
+  ]
+}
+```
+
+#### `sbom_scan_vulnerabilities`
+
+Cross-reference SBOM components against OSV.dev vulnerability database. Returns CVE IDs, CVSS scores, severity, and fix recommendations.
+
+```json
+// Input
+{ "directory_path": "./my-project", "severity_threshold": "medium" }
+
+// Output
+{
+  "total_vulnerabilities": 3,
+  "by_severity": { "critical": 1, "high": 1, "medium": 1 },
+  "vulnerabilities": [
+    {
+      "id": "GHSA-xxxx-yyyy-zzzz",
+      "package": "lodash",
+      "severity": "critical",
+      "cvss": 9.8,
+      "fixed_version": "4.17.21"
+    }
+  ]
+}
+```
+
+#### `sbom_check_hallucinations`
+
+Check all packages in an SBOM against official registries to detect AI-invented package names.
+
+```json
+// Input
+{ "directory_path": "./my-project" }
+
+// Output
+{
+  "total_checked": 212,
+  "hallucinated_count": 1,
+  "unsupported_ecosystems": ["go", "java"],
+  "hallucinated": [
+    { "name": "react-async-utils-helper", "ecosystem": "npm" }
+  ]
+}
+```
+
+#### `sbom_diff`
+
+Compare current project SBOM against a stored baseline. Detects added, removed, and version-changed packages.
+
+```json
+// Input (first run)
+{ "directory_path": "./my-project", "save_baseline": true }
+
+// Output
+{ "message": "Baseline saved to .scanner/sbom-baseline.json" }
+
+// Input (subsequent runs)
+{ "directory_path": "./my-project" }
+
+// Output
+{
+  "added": [{ "name": "lodash", "version": "4.17.21", "ecosystem": "npm" }],
+  "removed": [],
+  "changed": [{ "name": "express", "from": "4.17.1", "to": "4.18.2" }]
+}
+```
+
+#### `sbom_export_report`
+
+Generate an HTML or JSON audit report from SBOM data, optionally enriched with vulnerability scan results.
+
+```json
+// Input
+{
+  "directory_path": "./my-project",
+  "format": "html",
+  "include_vulnerabilities": true,
+  "output_path": "./sbom-report.html"
+}
+
+// Output
+{
+  "report_path": "./sbom-report.html",
+  "components": 212,
+  "vulnerabilities": 3
+}
+```
+
+### CLI Commands
+
+```bash
+# Generate SBOM
+sbom-generate <dir> [--save] [--output <path>] [--verbosity minimal|compact|full]
+
+# Scan vulnerabilities
+sbom-vulnerabilities <dir> [--sbom-path <path>] [--verbosity minimal|compact|full]
+
+# Check hallucinations
+sbom-check-hallucinations <dir> [--verbosity minimal|compact|full]
+
+# Compare baseline
+sbom-diff <dir> [--save-baseline] [--baseline-path <path>] [--verbosity minimal|compact|full]
+
+# Generate report
+sbom-report <dir> [--format html|json] [--output <path>] [--no-vulnerabilities]
+```
+
+### Features
+
+- **CycloneDX v1.5 JSON** — Industry-standard SBOM format
+- **OSV.dev Integration** — Real-time vulnerability data with 24-hour local cache
+- **Multi-Ecosystem** — Single scan discovers dependencies across all package managers
+- **Direct vs Transitive** — Distinguishes direct dependencies from transitive ones
+- **Dev Dependencies** — Optionally include/exclude development dependencies
+- **Baseline Comparison** — Track dependency drift over time
+- **HTML Reports** — Visual dashboard with severity charts for compliance audits
+
+---
+
+## 📋 Compliance Evaluation (New in v4.2.0)
+
+Evaluate projects against technical compliance frameworks with automated evidence collection from code scans, SBOM, vulnerability checks, and hallucination detection.
+
+### Quick Start
+
+```bash
+# Evaluate against SOC2 technical controls
+npx agent-security-scanner-mcp evaluate-compliance . --framework soc2-technical
+
+# Evaluate against GDPR technical controls
+npx agent-security-scanner-mcp evaluate-compliance . --framework gdpr-technical
+
+# Evaluate with evidence persistence (for audit trails)
+npx agent-security-scanner-mcp evaluate-compliance . --framework soc2-technical --save-evidence
+
+# List available compliance frameworks
+npx agent-security-scanner-mcp get-compliance-controls --verbosity full
+```
+
+### Supported Frameworks
+
+| Framework | Controls | Focus Areas |
+|-----------|----------|-------------|
+| **AIUC-1** | 16 | AI agent security, prompt injection, hallucination |
+| **SOC2-Technical** | 8 | Supply chain, code security, crypto, auth, drift |
+| **GDPR-Technical** | 6 | Data privacy, encryption, third-party risks |
+
+> **Note:** These are technical controls only. SOC2-Technical does not cover organizational, administrative, or physical SOC 2 controls. GDPR-Technical does not cover DPIAs, data subject rights, or processor contracts.
+
+### SOC2-Technical Controls
+
+| Control ID | Title | What It Checks |
+|------------|-------|----------------|
+| SOC2-T001 | Software dependency inventory exists | SBOM has ≥1 component |
+| SOC2-T002 | No critical dependency vulnerabilities | OSV.dev scan for critical/high CVEs |
+| SOC2-T003 | No hallucinated packages | Package registry verification |
+| SOC2-T004 | No critical code security findings | Static analysis for injection, deserialization |
+| SOC2-T005 | Data exfiltration/exposure below threshold | Exfiltration patterns, info-exposure scan |
+| SOC2-T006 | Cryptographic controls adequate | Weak algorithms, hardcoded keys |
+| SOC2-T007 | Authentication/authorization adequate | Auth bypass, permissions issues |
+| SOC2-T008 | Dependency drift tracked | SBOM baseline comparison |
+
+### GDPR-Technical Controls
+
+| Control ID | Title | What It Checks |
+|------------|-------|----------------|
+| GDPR-T001 | Sensitive data exposure below threshold | PII patterns, secrets, logging |
+| GDPR-T002 | Data exfiltration below threshold | External data transfer patterns |
+| GDPR-T003 | Encryption/transport adequate | Weak crypto, plaintext transport |
+| GDPR-T004 | Third-party dependency inventory | SBOM component count |
+| GDPR-T005 | No critical third-party vulnerabilities | OSV.dev vulnerability scan |
+| GDPR-T006 | No hallucinated packages | Registry verification |
+
+### MCP Tools
+
+#### `get_compliance_controls`
+
+Look up compliance controls with evaluation criteria. Filter by framework, domain, or OWASP LLM tags.
+
+```json
+// Input
+{ "framework": "soc2-technical", "domain": "supply-chain", "verbosity": "compact" }
+
+// Output
+{
+  "framework": "SOC2-Technical",
+  "controls_count": 4,
+  "controls": [
+    {
+      "id": "SOC2-T001",
+      "title": "Software dependency inventory exists",
+      "domain": "supply-chain",
+      "references": ["CC6.6", "CC7.1"],
+      "scanner_tools": ["sbom_generate"],
+      "evaluation": { "evidence_checks": [...] }
+    }
+  ]
+}
+```
+
+#### `evaluate_compliance`
+
+Evaluate a project against compliance frameworks. Collects evidence from multiple sources, evaluates each control, and optionally saves timestamped evidence bundles.
+
+```json
+// Input
+{
+  "directory_path": "./my-project",
+  "frameworks": ["soc2-technical", "gdpr-technical"],
+  "save_evidence": true,
+  "verbosity": "compact"
+}
+
+// Output
+{
+  "directory": "./my-project",
+  "tools_run": ["scan_project", "scan_security", "sbom_generate", "sbom_scan_vulnerabilities", "sbom_check_hallucinations"],
+  "scan_summary": { "grade": "B", "by_severity": { "CRITICAL": 0, "HIGH": 2, "MEDIUM": 5 } },
+  "sbom_summary": { "component_count": 212, "ecosystems": ["npm", "pypi"] },
+  "supply_chain": {
+    "vulnerabilities": { "total": 3, "by_severity": { "critical": 0, "high": 1, "medium": 2 } },
+    "hallucinations": { "hallucinated_count": 0 },
+    "drift": { "baseline_exists": true, "added": 2, "removed": 0 }
+  },
+  "compliance": {
+    "soc2-technical": {
+      "pass": 6, "partial": 1, "fail": 0, "not_evaluated": 1,
+      "results": [
+        { "control_id": "SOC2-T001", "status": "pass", "reasons": [] },
+        { "control_id": "SOC2-T002", "status": "partial", "reasons": ["High-severity dependency vulnerabilities exceed threshold"] }
+      ]
+    }
+  },
+  "evidence_saved": ".scanner/evidence/2026-04-02T05-30-00-soc2-technical.json"
+}
+```
+
+### Evidence Collection
+
+The `evaluate_compliance` tool collects evidence from multiple sources:
+
+| Source | Tools Used | Evidence Collected |
+|--------|------------|-------------------|
+| Code Scan | `scan_project`, `scan_security` | Security grade, findings by severity/category |
+| SBOM | `sbom_generate` | Component count, ecosystems, direct vs transitive |
+| Vulnerabilities | `sbom_scan_vulnerabilities` | CVE counts by severity |
+| Hallucinations | `sbom_check_hallucinations` | Hallucinated package count |
+| Drift | `sbom_diff` | Added/removed/changed packages vs baseline |
+
+### Evidence Persistence
+
+When `save_evidence: true`, the tool saves timestamped JSON evidence bundles to `.scanner/evidence/`:
+
+```
+.scanner/evidence/
+├── 2026-04-02T05-30-00-soc2-technical.json
+├── 2026-04-02T05-35-00-gdpr-technical.json
+└── ...
+```
+
+These bundles contain complete evidence data for audit trails and compliance documentation.
+
+### Control Evaluation Logic
+
+Controls use a path-based evidence check system with operators:
+
+| Operator | Description | Example |
+|----------|-------------|---------|
+| `exists` | Path value is present and non-null | `sbom.component_count exists` |
+| `eq` | Exact equality | `drift.baseline_exists eq true` |
+| `lte` | Less than or equal | `vulnerabilities.critical lte 0` |
+| `gte` | Greater than or equal | `sbom.component_count gte 1` |
+
+**Three-tier null handling:**
+1. **Explicit null** (e.g., OSV outage) → `not_evaluated` — source failure
+2. **Missing top-level section** → `not_evaluated` — evidence never collected
+3. **Missing leaf key** → use `default` value if specified (e.g., no crypto findings = 0)
+
+### CLI Commands
+
+```bash
+# Evaluate compliance
+evaluate-compliance <dir> [--framework <name>] [--save-evidence] [--verbosity minimal|compact|full]
+
+# List controls
+get-compliance-controls [--framework <name>] [--domain <name>] [--verbosity minimal|compact|full]
+```
+
+---
+
 ## Tool Reference
 
 ### `scan_security`
@@ -1158,7 +1514,7 @@ AI coding agents introduce attack surfaces that traditional security tools weren
 |----------|-------|
 | **Transport** | stdio |
 | **Package** | `agent-security-scanner-mcp` (npm) |
-| **Tools** | 12 |
+| **Tools** | 17 |
 | **Languages** | 12 |
 | **Ecosystems** | 7 |
 | **Auth** | None required |
@@ -1240,6 +1596,43 @@ All MCP tools support a `verbosity` parameter to minimize context window consump
 
 ## Changelog
 
+### v4.2.0 (2026-04-02) - Compliance Evidence Collection
+
+**🚀 New Feature: SOC2/GDPR Technical Compliance Evaluation**
+
+- **2 New MCP Tools:** `evaluate_compliance`, `get_compliance_controls` (enhanced)
+- **SOC2-Technical Framework:** 8 controls covering dependency inventory, vulnerabilities, hallucinations, code findings, exfiltration, crypto, auth, drift
+- **GDPR-Technical Framework:** 6 controls covering data exposure, exfiltration, encryption, dependency inventory, vulnerabilities, hallucinations
+- **Multi-Framework Registry:** Generalized loader supporting per-framework domain validation
+- **Evidence Collection:** Automated evidence gathering from code scans, SBOM, OSV.dev, hallucination checks
+- **Evidence Persistence:** Timestamped JSON bundles saved to `.scanner/evidence/` for audit trails
+- **Generic evidence_checks Evaluator:** Path-based check system with `exists`/`eq`/`lte`/`gte` operators
+- **Three-Tier Null Handling:** Distinguishes source failures (null) from absent categories (undefined)
+- **48 New Tests:** Comprehensive coverage for multi-framework loading, evidence checks, SOC2/GDPR evaluation
+
+**Design Notes:**
+- Technical controls only — does not claim full SOC 2 or GDPR compliance
+- Missing evidence → `not_evaluated`, not false pass (secure default)
+- AIUC-1 backward compatibility maintained (zero regression)
+
+---
+
+### v4.1.0 (2026-03-27) - SBOM Generation & Vulnerability Analysis
+
+**🚀 New Feature: Software Bill of Materials (SBOM)**
+
+- **5 New MCP Tools:** `sbom_generate`, `sbom_scan_vulnerabilities`, `sbom_check_hallucinations`, `sbom_diff`, `sbom_export_report`
+- **CycloneDX v1.5:** Industry-standard SBOM format output
+- **8 Lock File Parsers:** package-lock.json (v2/v3), yarn.lock (classic/berry), pnpm-lock.yaml, poetry.lock, Pipfile.lock, Cargo.lock, go.sum, Gemfile.lock
+- **7 Manifest Parsers:** package.json, requirements.txt, pyproject.toml, go.mod, Gemfile, pom.xml, build.gradle
+- **CLI Fallbacks:** npm ls, pnpm list, cargo metadata, go list, mvn dependency:tree
+- **OSV.dev Integration:** Real-time vulnerability database with 24-hour local cache
+- **Baseline Comparison:** Track dependency drift with save/compare workflow
+- **HTML Reports:** Visual dashboard with severity charts for compliance
+- **86 New Tests:** Comprehensive coverage across all SBOM features
+
+---
+
 ### v4.0.0 (2026-03-21) - LLM-Powered Code Review Agent
 
 **🚀 Major Release: LLM-Powered Semantic Code Review**

package/compliance/gdpr-technical-controls.json

@@ -0,0 +1,112 @@
+{
+  "schema_version": "1.1",
+  "framework": "GDPR-Technical",
+  "source": "GDPR Articles 25, 32 — technical measures subset",
+  "source_snapshot": "2026-03-31",
+  "source_note": "Technical controls only. This does not cover organizational measures, DPIAs, data subject rights, lawful basis, or processor contracts. Not a substitute for legal compliance assessment.",
+  "domains": ["privacy", "security", "supply-chain"],
+  "controls": [
+    {
+      "id": "GDPR-T001",
+      "title": "Sensitive data exposure findings below threshold",
+      "domain": "privacy",
+      "references": ["Art. 25(1)", "Art. 32(1)(b)"],
+      "scanner_tools": ["scan_security", "scan_project"],
+      "evidence_requirements": [
+        "Information exposure scan results (secrets, PII patterns, logging of sensitive data)",
+        "No critical sensitive data exposure findings"
+      ],
+      "evaluation": {
+        "evidence_checks": [
+          { "path": "scan.by_category_severity.info-exposure.CRITICAL", "operator": "lte", "value": 0, "on_fail": "fail", "reason": "Critical sensitive data exposure findings detected", "default": 0 },
+          { "path": "scan.by_category_severity.info-exposure.HIGH", "operator": "lte", "value": 3, "on_fail": "partial", "reason": "High-severity data exposure findings exceed threshold", "default": 0 },
+          { "path": "scan.by_category_severity.secrets.CRITICAL", "operator": "lte", "value": 0, "on_fail": "fail", "reason": "Critical hardcoded secrets detected", "default": 0 }
+        ]
+      }
+    },
+    {
+      "id": "GDPR-T002",
+      "title": "Data exfiltration findings below threshold",
+      "domain": "privacy",
+      "references": ["Art. 32(1)(b)", "Art. 32(2)"],
+      "scanner_tools": ["scan_security", "scan_project"],
+      "evidence_requirements": [
+        "Exfiltration pattern detection results",
+        "No critical or high exfiltration findings"
+      ],
+      "evaluation": {
+        "evidence_checks": [
+          { "path": "scan.by_category_severity.exfiltration.CRITICAL", "operator": "lte", "value": 0, "on_fail": "fail", "reason": "Critical data exfiltration patterns detected", "default": 0 },
+          { "path": "scan.by_category_severity.exfiltration.HIGH", "operator": "lte", "value": 0, "on_fail": "fail", "reason": "High-severity data exfiltration patterns detected", "default": 0 }
+        ]
+      }
+    },
+    {
+      "id": "GDPR-T003",
+      "title": "Encryption and secure transport controls adequate",
+      "domain": "security",
+      "references": ["Art. 32(1)(a)"],
+      "scanner_tools": ["scan_security", "scan_project"],
+      "evidence_requirements": [
+        "Cryptographic findings scan (weak algorithms, missing encryption, plaintext transport)",
+        "No critical crypto findings"
+      ],
+      "evaluation": {
+        "evidence_checks": [
+          { "path": "scan.by_category_severity.crypto.CRITICAL", "operator": "lte", "value": 0, "on_fail": "fail", "reason": "Critical cryptographic findings (weak encryption, plaintext transport)", "default": 0 },
+          { "path": "scan.by_category_severity.crypto.HIGH", "operator": "lte", "value": 2, "on_fail": "partial", "reason": "High-severity cryptographic findings exceed threshold", "default": 0 }
+        ]
+      }
+    },
+    {
+      "id": "GDPR-T004",
+      "title": "Third-party dependency inventory exists",
+      "domain": "supply-chain",
+      "references": ["Art. 28(1)", "Art. 32(1)(d)"],
+      "scanner_tools": ["sbom_generate"],
+      "evidence_requirements": [
+        "CycloneDX SBOM generated from project lockfiles",
+        "Inventory of all third-party components processing data"
+      ],
+      "evaluation": {
+        "evidence_checks": [
+          { "path": "sbom.component_count", "operator": "gte", "value": 1, "on_fail": "fail", "reason": "No third-party dependency inventory — SBOM generation found zero components" }
+        ]
+      }
+    },
+    {
+      "id": "GDPR-T005",
+      "title": "No critical vulnerabilities in third-party dependencies",
+      "domain": "supply-chain",
+      "references": ["Art. 32(1)(b)", "Art. 32(1)(d)"],
+      "scanner_tools": ["sbom_generate", "sbom_scan_vulnerabilities"],
+      "evidence_requirements": [
+        "OSV vulnerability scan results for all SBOM components",
+        "Zero critical-severity known vulnerabilities in third-party code"
+      ],
+      "evaluation": {
+        "evidence_checks": [
+          { "path": "supply_chain.vulnerabilities.by_severity.critical", "operator": "lte", "value": 0, "on_fail": "fail", "reason": "Critical vulnerabilities in third-party dependencies", "default": 0 },
+          { "path": "supply_chain.vulnerabilities.by_severity.high", "operator": "lte", "value": 5, "on_fail": "partial", "reason": "High-severity dependency vulnerabilities exceed threshold", "default": 0 }
+        ]
+      }
+    },
+    {
+      "id": "GDPR-T006",
+      "title": "No hallucinated packages in dependency tree",
+      "domain": "supply-chain",
+      "references": ["Art. 32(1)(d)"],
+      "scanner_tools": ["sbom_generate", "sbom_check_hallucinations"],
+      "evidence_requirements": [
+        "Hallucination check results against official package registries",
+        "Zero phantom/hallucinated packages"
+      ],
+      "evaluation": {
+        "evidence_checks": [
+          { "path": "supply_chain.hallucinations.hallucinated_count", "operator": "eq", "value": 0, "on_fail": "fail", "reason": "Hallucinated (phantom) packages detected — supply chain integrity risk" },
+          { "path": "supply_chain.hallucinations.legitimate_count", "operator": "gte", "value": 1, "on_fail": "not_evaluated", "not_evaluated_reason": "No packages could be verified — all ecosystems unsupported by hallucination checker", "default": 0 }
+        ]
+      }
+    }
+  ]
+}