npm - agentaudit - Versions diffs - 3.1.0 → 3.3.0 - Mend

agentaudit 3.1.0 → 3.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -4,10 +4,11 @@
 **Security scanner for AI packages**
-Scan MCP servers, agent skills, and AI tools for vulnerabilities — from the terminal or via MCP.
+Scan MCP servers, agent skills, and AI tools for vulnerabilities.
+MCP server for agents + standalone CLI for humans.
 [![npm](https://img.shields.io/npm/v/agentaudit?style=flat-square&color=00C853)](https://www.npmjs.com/package/agentaudit)
-[![Trust Registry](https://img.shields.io/badge/Registry-agentaudit.dev-00C853?style=flat-square)](https://agentaudit.dev)
+[![Registry](https://img.shields.io/badge/Registry-agentaudit.dev-00C853?style=flat-square)](https://agentaudit.dev)
 [![License](https://img.shields.io/badge/License-AGPL_3.0-F9A825?style=flat-square)](LICENSE)
 </div>
@@ -17,76 +18,100 @@ Scan MCP servers, agent skills, and AI tools for vulnerabilities — from the te
 ## Quick Start
 ```bash
-# Install globally
-npm install -g agentaudit
+npx agentaudit discover
+```
+That's it. Finds all MCP servers on your machine and checks them against the security registry.
+```
+AgentAudit v3.2.0
+  Security scanner for AI packages
-# Setup (register + get API key — free, one-time)
-agentaudit setup
+•  Scanning Claude Desktop  ~/.claude/mcp.json    found 2 servers
-# Scan a repo
-agentaudit scan https://github.com/owner/repo
+├──  fastmcp-demo       npm:fastmcp
+│    SAFE  Risk 0  ✔ official  https://agentaudit.dev/skills/fastmcp
+└──  my-tool            npm:some-mcp-tool
+     ⚠ not audited      Run: agentaudit audit <source-url>
-# Scan multiple repos
-agentaudit scan repo1 repo2 repo3
+────────────────────────────────────────────────────────
+  Summary  2 servers across 1 config
-# Check if a package has been audited
-agentaudit check fastmcp
+  ✔  1 audited
+  ⚠  1 not audited
 ```
-Or run without installing:
+## Install
 ```bash
-npx agentaudit scan https://github.com/owner/repo
+npm install -g agentaudit    # global install
+# or use directly:
+npx agentaudit <command>
 ```
-## What it does
+---
-```
-◉  google-workspace-mcp  https://github.com/taylorwilsdon/google_workspace_mcp
-│  Python mcp-server  31 files scanned in 1.0s
-│
-├──  tool    drive_service                 ✔ ok
-├──  tool    docs_service                  ✔ ok
-├──  tool    start_google_auth             ✔ ok
-└──  tool    set_enabled_tools             ✔ ok
-│
-│  Findings (2)  static analysis — may include false positives
-├──  ● MEDIUM   Potential hardcoded secret
-│     .env.oauth21:9  SECRET="your-google-client-secret"
-└──  ● MEDIUM   Potential path traversal
-      auth/credential_store.py:123
-│
-└──  registry  LOW  Risk 10  https://agentaudit.dev/skills/google-workspace-mcp
-```
+## Commands
-**Detects:**
-- 🔴 Prompt injection & tool poisoning
-- 🔴 Shell command injection
-- 🔴 SQL injection
-- 🟡 Hardcoded secrets
-- 🟡 SSL/TLS verification disabled
-- 🟡 Path traversal
-- 🟡 Unsafe YAML/pickle deserialization
-- 🔵 Wildcard CORS
-- 🔵 Undisclosed telemetry
+| Command | What it does | Speed |
+|---------|-------------|-------|
+| `discover` | Find local MCP servers + check registry | ⚡ instant |
+| `check <name>` | Look up a package in the registry | ⚡ instant |
+| `scan <url>` | Quick static analysis (regex-based, local) | 🔵 ~2s |
+| `audit <url>` | **Deep LLM-powered security audit** | 🔴 ~30s |
+| `setup` | Register + configure API key | interactive |
+### `scan` vs `audit`
+| | `scan` | `audit` |
+|--|--------|---------|
+| **How** | Regex pattern matching | LLM 3-pass: UNDERSTAND → DETECT → CLASSIFY |
+| **Speed** | ~2 seconds | ~30 seconds |
+| **Depth** | Surface-level patterns | Semantic code understanding |
+| **Needs LLM API key** | No | Yes (`ANTHROPIC_API_KEY` or `OPENAI_API_KEY`) |
+| **Uploads to registry** | No | Yes (with `agentaudit setup`) |
+### Examples
+```bash
+# Discover all MCP servers on your machine
+npx agentaudit discover
+# Quick static scan
+npx agentaudit scan https://github.com/owner/repo
+# Deep LLM-powered audit
+export ANTHROPIC_API_KEY=sk-ant-...
+npx agentaudit audit https://github.com/owner/repo
+# Export code + audit prompt for manual LLM review
+npx agentaudit audit https://github.com/owner/repo --export
-**Plus** registry lookup — shows if a package has already been officially audited on [agentaudit.dev](https://agentaudit.dev).
+# Registry lookup
+npx agentaudit check fastmcp
+# Register for an API key (free)
+npx agentaudit setup
+```
 ---
 ## MCP Server
-Use AgentAudit as an MCP server in Claude Desktop, Cursor, Windsurf, or any MCP client. Your AI agent gets three tools:
+Add AgentAudit to your AI editor. Your agent gets 4 tools:
-| Tool | Description |
-|------|-------------|
-| `audit_package` | Clone a repo, return source code + audit prompt for deep LLM analysis |
-| `submit_report` | Upload completed audit report to [agentaudit.dev](https://agentaudit.dev) |
-| `check_package` | Look up a package in the registry |
+| MCP Tool | Description |
+|----------|-------------|
+| `discover_servers` | Find all locally installed MCP servers, check registry status |
+| `audit_package` | Clone a repo → return source code + audit prompt → you analyze → `submit_report` |
+| `submit_report` | Upload your audit report to [agentaudit.dev](https://agentaudit.dev) |
+| `check_package` | Quick registry lookup for a package |
-### Claude Desktop / Claude Code
+### Setup
-`~/.claude/mcp.json`:
+One-line config — works with `npx`, no manual clone needed:
+**Claude Desktop** (`~/.claude/mcp.json`):
 ```json
 {
   "mcpServers": {
@@ -98,9 +123,7 @@ Use AgentAudit as an MCP server in Claude Desktop, Cursor, Windsurf, or any MCP
 }
 ```
-### Cursor
-`.cursor/mcp.json`:
+**Cursor** (`.cursor/mcp.json`):
 ```json
 {
   "mcpServers": {
@@ -112,9 +135,7 @@ Use AgentAudit as an MCP server in Claude Desktop, Cursor, Windsurf, or any MCP
 }
 ```
-### Windsurf
-`~/.codeium/windsurf/mcp_config.json`:
+**Windsurf** (`~/.codeium/windsurf/mcp_config.json`):
 ```json
 {
   "mcpServers": {
@@ -126,81 +147,77 @@ Use AgentAudit as an MCP server in Claude Desktop, Cursor, Windsurf, or any MCP
 }
 ```
-> **That's it.** No manual clone, no path config. `npx` handles everything.
-### How the MCP audit works
+### How an audit works via MCP
 ```
-Agent calls audit_package("https://github.com/owner/repo")
-         ↓
-MCP Server clones repo, collects source files (max 300KB)
-         ↓
-Returns source code + 3-pass audit methodology
-         ↓
-Agent's LLM analyzes code (UNDERSTAND → DETECT → CLASSIFY)
-         ↓
-Agent calls submit_report(findings)
-         ↓
-Report published at agentaudit.dev/skills/{slug}
+You: "Audit the blender-mcp server"
+                ↓
+Agent calls discover_servers → finds blender-mcp
+                ↓
+Agent calls check_package("blender-mcp") → not in registry
+                ↓
+Agent calls audit_package("https://github.com/user/blender-mcp")
+                ↓
+MCP server clones repo, returns source code + audit methodology
+                ↓
+Agent's LLM analyzes code (3-pass: UNDERSTAND → DETECT → CLASSIFY)
+                ↓
+Agent calls submit_report(findings_json)
+                ↓
+Report published at agentaudit.dev/skills/blender-mcp
 ```
----
+### Authentication
-## Setup & Authentication
+Run `npx agentaudit setup` once. Both CLI and MCP server find credentials automatically:
-```bash
-agentaudit setup
-```
-Interactive wizard — choose:
-1. **Register new agent** (free) → API key created automatically
-2. **Enter existing API key** → if you already have one
-Credentials are stored in `~/.config/agentaudit/credentials.json` (survives reinstalls).
-The MCP server finds credentials automatically from:
 1. `AGENTAUDIT_API_KEY` environment variable
-2. `~/.config/agentaudit/credentials.json`
+2. `~/.config/agentaudit/credentials.json` (created by `setup`)
-**Scanning and checking work without a key.** Only submitting reports requires authentication.
+**`discover`, `scan`, and `check` work without a key.** Only `audit`/`submit_report` need one.
 ---
-## CLI Reference
+## What it detects
-```
-agentaudit setup                            Register + configure API key
-agentaudit scan <url> [url...]              Scan Git repositories
-agentaudit check <name>                     Look up package in registry
-agentaudit --help                           Show help
-```
+### Static scan (`scan`)
-### Examples
+- 🔴 Prompt injection & tool poisoning
+- 🔴 Shell command injection
+- 🔴 SQL injection
+- 🔴 Unsafe deserialization (pickle, YAML)
+- 🟡 Hardcoded secrets
+- 🟡 SSL/TLS verification disabled
+- 🟡 Path traversal
+- 🔵 Wildcard CORS
+- 🔵 Undisclosed telemetry
-```bash
-# Scan a single repo
-agentaudit scan https://github.com/jlowin/fastmcp
+### Deep audit (`audit` / MCP `audit_package`)
-# Scan multiple repos at once
-agentaudit scan https://github.com/owner/repo1 https://github.com/owner/repo2
+Everything above, plus:
-# Check registry for existing audit
-agentaudit check mongodb-mcp-server
-```
+- 🔴 Multi-file attack chains (credential harvest → exfiltration)
+- 🔴 Agent manipulation (impersonation, capability escalation, jailbreaks)
+- 🔴 MCP-specific: tool description injection, resource traversal, unpinned npx
+- 🟡 Persistence mechanisms (crontab, shell RC, git hooks, systemd)
+- 🟡 Obfuscation (base64 exec, zero-width chars, ANSI escapes)
+- 🟡 Context pollution & indirect prompt injection
+50+ detection patterns across 8 categories. [Full pattern list →](https://github.com/starbuck100/agentaudit-skill)
 ---
 ## Requirements
 - **Node.js 18+**
-- **Git** (for cloning repos during scan)
+- **Git** (for cloning repos)
 ---
 ## Related
-- [agentaudit.dev](https://agentaudit.dev) — Trust registry & audit reports
-- [agentaudit-skill](https://github.com/starbuck100/agentaudit-skill) — Full agent skill with gate scripts, detection patterns & peer review
+- **[agentaudit.dev](https://agentaudit.dev)** — Trust registry with 400+ audit reports
+- **[agentaudit-skill](https://github.com/starbuck100/agentaudit-skill)** — Full agent skill with gate scripts, detection patterns & peer review system
 ---

package/cli.mjs CHANGED Viewed

@@ -780,7 +780,7 @@ async function discoverCommand() {
       } else {
         unauditedServers++;
         console.log(`${branch}  ${c.bold}${server.name}${c.reset}    ${sourceLabel}`);
-        console.log(`${pipe}  ${c.yellow}⚠ not audited${c.reset}  ${c.dim}Run: agentaudit scan <source-url>${c.reset}`);
+        console.log(`${pipe}  ${c.yellow}⚠ not audited${c.reset}  ${c.dim}Run: agentaudit audit <source-url>${c.reset}`);
       }
       if (server.sourceUrl) {
@@ -806,6 +806,236 @@ async function discoverCommand() {
   }
 }
+// ── Audit command (deep LLM-powered) ────────────────────
+function loadAuditPrompt() {
+  const promptPath = path.join(SKILL_DIR, 'prompts', 'audit-prompt.md');
+  if (fs.existsSync(promptPath)) return fs.readFileSync(promptPath, 'utf8');
+  return null;
+}
+async function auditRepo(url) {
+  const start = Date.now();
+  const slug = slugFromUrl(url);
+  console.log(`${icons.scan}  ${c.bold}Auditing ${slug}${c.reset}  ${c.dim}${url}${c.reset}`);
+  console.log(`${icons.pipe}  ${c.dim}Deep LLM-powered analysis (3-pass: UNDERSTAND → DETECT → CLASSIFY)${c.reset}`);
+  console.log();
+  // Step 1: Clone
+  process.stdout.write(`  ${c.dim}[1/4]${c.reset} Cloning repository...`);
+  const tmpDir = fs.mkdtempSync('/tmp/agentaudit-');
+  const repoPath = path.join(tmpDir, 'repo');
+  try {
+    execSync(`git clone --depth 1 "${url}" "${repoPath}" 2>/dev/null`, {
+      timeout: 30_000, stdio: 'pipe',
+    });
+    console.log(` ${c.green}done${c.reset}`);
+  } catch {
+    console.log(` ${c.red}failed${c.reset}`);
+    return null;
+  }
+  // Step 2: Collect files
+  process.stdout.write(`  ${c.dim}[2/4]${c.reset} Collecting source files...`);
+  const files = collectFiles(repoPath);
+  console.log(` ${c.green}${files.length} files${c.reset}`);
+  // Step 3: Build audit payload
+  process.stdout.write(`  ${c.dim}[3/4]${c.reset} Preparing audit payload...`);
+  const auditPrompt = loadAuditPrompt();
+  let codeBlock = '';
+  for (const file of files) {
+    codeBlock += `\n### FILE: ${file.path}\n\`\`\`\n${file.content}\n\`\`\`\n`;
+  }
+  console.log(` ${c.green}done${c.reset}`);
+  // Step 4: LLM Analysis
+  // Check for API keys to determine which LLM to use
+  const anthropicKey = process.env.ANTHROPIC_API_KEY;
+  const openaiKey = process.env.OPENAI_API_KEY;
+  if (!anthropicKey && !openaiKey) {
+    // No LLM API key — output the prepared audit for piping or MCP use
+    console.log();
+    console.log(`  ${c.yellow}No LLM API key found.${c.reset} To run the audit automatically, set one of:`);
+    console.log(`    ${c.dim}export ANTHROPIC_API_KEY=sk-ant-...${c.reset}`);
+    console.log(`    ${c.dim}export OPENAI_API_KEY=sk-...${c.reset}`);
+    console.log();
+    console.log(`  ${c.bold}Alternatives:${c.reset}`);
+    console.log(`    ${c.dim}1.${c.reset} Use the MCP server in Claude/Cursor — your agent runs the audit automatically`);
+    console.log(`    ${c.dim}2.${c.reset} Export for manual review: ${c.cyan}agentaudit audit ${url} --export${c.reset}`);
+    console.log();
+    // Check if --export flag
+    if (process.argv.includes('--export')) {
+      const exportPath = path.join(process.cwd(), `audit-${slug}.md`);
+      const exportContent = [
+        `# Security Audit: ${slug}`,
+        `**Source:** ${url}`,
+        `**Files:** ${files.length}`,
+        ``,
+        `## Audit Instructions`,
+        ``,
+        auditPrompt || '(audit prompt not found)',
+        ``,
+        `## Report Format`,
+        ``,
+        `After analysis, produce a JSON report:`,
+        '```json',
+        `{ "skill_slug": "${slug}", "source_url": "${url}", "risk_score": 0, "result": "safe", "findings": [] }`,
+        '```',
+        ``,
+        `## Source Code`,
+        ``,
+        codeBlock,
+      ].join('\n');
+      fs.writeFileSync(exportPath, exportContent);
+      console.log(`  ${icons.safe}  Exported to ${c.bold}${exportPath}${c.reset}`);
+      console.log(`  ${c.dim}Paste this into any LLM (Claude, ChatGPT, etc.) for analysis${c.reset}`);
+    }
+    // Cleanup
+    try { execSync(`rm -rf "${tmpDir}"`, { stdio: 'pipe' }); } catch {}
+    return null;
+  }
+  // We have an API key — run LLM audit
+  process.stdout.write(`  ${c.dim}[4/4]${c.reset} Running LLM analysis...`);
+  const systemPrompt = auditPrompt || 'You are a security auditor. Analyze the code and report findings as JSON.';
+  const userMessage = [
+    `Audit this package: **${slug}** (${url})`,
+    ``,
+    `After analysis, respond with ONLY a JSON object (no markdown, no explanation):`,
+    '```',
+    `{ "skill_slug": "${slug}", "source_url": "${url}", "package_type": "<mcp-server|agent-skill|library|cli-tool>",`,
+    `  "risk_score": <0-100>, "result": "<safe|caution|unsafe>", "max_severity": "<none|low|medium|high|critical>",`,
+    `  "findings_count": <n>, "findings": [{ "id": "...", "title": "...", "severity": "...", "category": "...",`,
+    `  "description": "...", "file": "...", "line": <n>, "remediation": "...", "confidence": "...", "is_by_design": false }] }`,
+    '```',
+    ``,
+    `## Source Code`,
+    codeBlock,
+  ].join('\n');
+  let report = null;
+  try {
+    if (anthropicKey) {
+      const res = await fetch('https://api.anthropic.com/v1/messages', {
+        method: 'POST',
+        headers: {
+          'x-api-key': anthropicKey,
+          'anthropic-version': '2023-06-01',
+          'content-type': 'application/json',
+        },
+        body: JSON.stringify({
+          model: 'claude-sonnet-4-20250514',
+          max_tokens: 8192,
+          system: systemPrompt,
+          messages: [{ role: 'user', content: userMessage }],
+        }),
+        signal: AbortSignal.timeout(120_000),
+      });
+      const data = await res.json();
+      const text = data.content?.[0]?.text || '';
+      // Extract JSON from response
+      const jsonMatch = text.match(/\{[\s\S]*\}/);
+      if (jsonMatch) report = JSON.parse(jsonMatch[0]);
+    } else if (openaiKey) {
+      const res = await fetch('https://api.openai.com/v1/chat/completions', {
+        method: 'POST',
+        headers: {
+          'Authorization': `Bearer ${openaiKey}`,
+          'Content-Type': 'application/json',
+        },
+        body: JSON.stringify({
+          model: 'gpt-4o',
+          max_tokens: 8192,
+          messages: [
+            { role: 'system', content: systemPrompt },
+            { role: 'user', content: userMessage },
+          ],
+        }),
+        signal: AbortSignal.timeout(120_000),
+      });
+      const data = await res.json();
+      const text = data.choices?.[0]?.message?.content || '';
+      const jsonMatch = text.match(/\{[\s\S]*\}/);
+      if (jsonMatch) report = JSON.parse(jsonMatch[0]);
+    }
+    console.log(` ${c.green}done${c.reset} ${c.dim}(${elapsed(start)})${c.reset}`);
+  } catch (err) {
+    console.log(` ${c.red}failed${c.reset}`);
+    console.log(`  ${c.red}${err.message}${c.reset}`);
+    try { execSync(`rm -rf "${tmpDir}"`, { stdio: 'pipe' }); } catch {}
+    return null;
+  }
+  // Cleanup repo
+  try { execSync(`rm -rf "${tmpDir}"`, { stdio: 'pipe' }); } catch {}
+  if (!report) {
+    console.log(`  ${c.red}Could not parse LLM response as JSON${c.reset}`);
+    return null;
+  }
+  // Display results
+  console.log();
+  const riskScore = report.risk_score || 0;
+  console.log(`  ${riskBadge(riskScore)} Risk ${riskScore}/100  ${c.bold}${report.result || 'unknown'}${c.reset}`);
+  console.log();
+  if (report.findings && report.findings.length > 0) {
+    console.log(`  ${c.bold}Findings (${report.findings.length})${c.reset}`);
+    console.log();
+    for (const f of report.findings) {
+      const sc = severityColor(f.severity);
+      console.log(`  ${severityIcon(f.severity)} ${sc}${(f.severity || '').toUpperCase().padEnd(8)}${c.reset} ${f.title}`);
+      if (f.file) console.log(`    ${c.dim}${f.file}${f.line ? ':' + f.line : ''}${c.reset}`);
+      if (f.description) console.log(`    ${c.dim}${f.description.slice(0, 120)}${c.reset}`);
+      console.log();
+    }
+  } else {
+    console.log(`  ${c.green}No findings — package looks clean.${c.reset}`);
+    console.log();
+  }
+  // Upload to registry
+  const creds = loadCredentials();
+  if (creds) {
+    process.stdout.write(`  Uploading report to registry...`);
+    try {
+      const res = await fetch(`${REGISTRY_URL}/api/reports`, {
+        method: 'POST',
+        headers: {
+          'Authorization': `Bearer ${creds.api_key}`,
+          'Content-Type': 'application/json',
+        },
+        body: JSON.stringify(report),
+        signal: AbortSignal.timeout(15_000),
+      });
+      if (res.ok) {
+        const data = await res.json();
+        console.log(` ${c.green}done${c.reset}`);
+        console.log(`  ${c.dim}Report: ${REGISTRY_URL}/skills/${slug}${c.reset}`);
+      } else {
+        console.log(` ${c.yellow}failed (HTTP ${res.status})${c.reset}`);
+      }
+    } catch (err) {
+      console.log(` ${c.yellow}failed${c.reset}`);
+    }
+  } else {
+    console.log(`  ${c.dim}Run ${c.cyan}agentaudit setup${c.dim} to upload reports to the registry${c.reset}`);
+  }
+  console.log();
+  return report;
+}
 // ── Check command ───────────────────────────────────────
 async function checkPackage(name) {
@@ -815,7 +1045,7 @@ async function checkPackage(name) {
   const data = await checkRegistry(name);
   if (!data) {
     console.log(`  ${c.yellow}Not found${c.reset} — package "${name}" hasn't been audited yet.`);
-    console.log(`  ${c.dim}Run: agentaudit scan <repo-url> to audit it${c.reset}`);
+    console.log(`  ${c.dim}Run: agentaudit audit <repo-url> for a deep LLM audit${c.reset}`);
     return;
   }
@@ -835,17 +1065,22 @@ async function main() {
   if (args.length === 0 || args[0] === '--help' || args[0] === '-h') {
     banner();
-    console.log(`  ${c.bold}Usage:${c.reset}`);
-    console.log(`    agentaudit setup                            Register + configure API key`);
-    console.log(`    agentaudit discover                         Find & check local MCP servers`);
-    console.log(`    agentaudit scan <repo-url> [repo-url...]    Scan repositories`);
-    console.log(`    agentaudit check <package-name>             Look up in registry`);
+    console.log(`  ${c.bold}Commands:${c.reset}`);
+    console.log();
+    console.log(`    ${c.cyan}agentaudit discover${c.reset}                         Find local MCP servers + check registry`);
+    console.log(`    ${c.cyan}agentaudit scan${c.reset} <url> [url...]               Quick static scan (regex, local)`);
+    console.log(`    ${c.cyan}agentaudit audit${c.reset} <url> [url...]              Deep LLM-powered security audit`);
+    console.log(`    ${c.cyan}agentaudit check${c.reset} <name>                      Look up package in registry`);
+    console.log(`    ${c.cyan}agentaudit setup${c.reset}                             Register + configure API key`);
+    console.log();
+    console.log(`  ${c.bold}scan${c.reset} vs ${c.bold}audit${c.reset}:`);
+    console.log(`    ${c.dim}scan  = fast regex-based static analysis (~2s)${c.reset}`);
+    console.log(`    ${c.dim}audit = deep LLM analysis with 3-pass methodology (~30s)${c.reset}`);
     console.log();
     console.log(`  ${c.bold}Examples:${c.reset}`);
-    console.log(`    agentaudit setup`);
     console.log(`    agentaudit discover`);
     console.log(`    agentaudit scan https://github.com/owner/repo`);
-    console.log(`    agentaudit scan repo1.git repo2.git repo3.git`);
+    console.log(`    agentaudit audit https://github.com/owner/repo`);
     console.log(`    agentaudit check fastmcp`);
     console.log();
     process.exit(0);
@@ -879,6 +1114,7 @@ async function main() {
     if (targets.length === 0) {
       console.log(`  ${c.red}Error: at least one repository URL required${c.reset}`);
       console.log(`  ${c.dim}Tip: use ${c.cyan}agentaudit discover${c.dim} to find & check locally installed MCP servers${c.reset}`);
+      console.log(`  ${c.dim}Tip: use ${c.cyan}agentaudit audit <url>${c.dim} for a deep LLM-powered audit${c.reset}`);
       process.exit(1);
     }
@@ -894,6 +1130,19 @@ async function main() {
     return;
   }
+  if (command === 'audit') {
+    const urls = targets.filter(t => !t.startsWith('--'));
+    if (urls.length === 0) {
+      console.log(`  ${c.red}Error: at least one repository URL required${c.reset}`);
+      process.exit(1);
+    }
+    for (const url of urls) {
+      await auditRepo(url);
+    }
+    return;
+  }
   console.log(`  ${c.red}Unknown command: ${command}${c.reset}`);
   console.log(`  ${c.dim}Run agentaudit --help for usage${c.reset}`);
   process.exit(1);

package/index.mjs CHANGED Viewed

@@ -2,25 +2,20 @@
 /**
  * AgentAudit MCP Server
  *
- * Provides security audit capabilities via Model Context Protocol.
+ * Security audit capabilities via Model Context Protocol.
  *
  * Tools:
- *   - audit_package: Clone a repo, read source files, return with audit prompt
- *   - submit_report: Upload a completed audit report to agentaudit.dev
- *   - check_package: Look up a package in the AgentAudit registry
+ *   - discover_servers  Find locally installed MCP servers + check registry status
+ *   - audit_package     Clone a repo, return source code + audit prompt for LLM analysis
+ *   - submit_report     Upload a completed audit report to agentaudit.dev
+ *   - check_package     Look up a package in the AgentAudit registry
  *
  * Usage:
- *   node mcp-server/index.mjs
+ *   npx agentaudit                (starts MCP server via stdio)
+ *   node index.mjs                (same)
  *
- * Configure in Claude/Cursor/etc:
- *   {
- *     "mcpServers": {
- *       "agentaudit": {
- *         "command": "node",
- *         "args": ["path/to/agentaudit/mcp-server/index.mjs"]
- *       }
- *     }
- *   }
+ * Configure in Claude/Cursor/Windsurf:
+ *   { "mcpServers": { "agentaudit": { "command": "npx", "args": ["-y", "agentaudit"] } } }
  */
 import { Server } from '@modelcontextprotocol/sdk/server/index.js';
@@ -37,8 +32,8 @@ import { fileURLToPath } from 'url';
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
 const SKILL_DIR = path.resolve(__dirname);
 const REGISTRY_URL = 'https://agentaudit.dev';
-const MAX_FILE_SIZE = 50_000; // 50KB per file
-const MAX_TOTAL_SIZE = 300_000; // 300KB total code
+const MAX_FILE_SIZE = 50_000;
+const MAX_TOTAL_SIZE = 300_000;
 const SKIP_DIRS = new Set([
   'node_modules', '.git', '__pycache__', '.venv', 'venv', 'dist', 'build',
   '.next', '.nuxt', 'coverage', '.pytest_cache', '.mypy_cache', 'vendor',
@@ -61,7 +56,7 @@ const PRIORITY_FILES = [
   'Makefile', 'Dockerfile', 'docker-compose.yml',
 ];
-// ── Helpers ──────────────────────────────────────────────
+// ── Credentials ─────────────────────────────────────────
 function loadApiKey() {
   if (process.env.AGENTAUDIT_API_KEY) return process.env.AGENTAUDIT_API_KEY;
@@ -84,39 +79,32 @@ function loadApiKey() {
 function loadAuditPrompt() {
   const promptPath = path.join(SKILL_DIR, 'prompts', 'audit-prompt.md');
-  if (fs.existsSync(promptPath)) {
-    return fs.readFileSync(promptPath, 'utf8');
-  }
+  if (fs.existsSync(promptPath)) return fs.readFileSync(promptPath, 'utf8');
   return 'ERROR: audit-prompt.md not found at ' + promptPath;
 }
+// ── File Collection ─────────────────────────────────────
 function collectFiles(dir, basePath = '', collected = [], totalSize = { bytes: 0 }) {
   if (totalSize.bytes >= MAX_TOTAL_SIZE) return collected;
   let entries;
   try { entries = fs.readdirSync(dir, { withFileTypes: true }); }
   catch { return collected; }
-  // Sort: priority files first
   entries.sort((a, b) => {
     const aP = PRIORITY_FILES.includes(a.name) ? 0 : 1;
     const bP = PRIORITY_FILES.includes(b.name) ? 0 : 1;
     return aP - bP || a.name.localeCompare(b.name);
   });
   for (const entry of entries) {
     if (totalSize.bytes >= MAX_TOTAL_SIZE) break;
     const relPath = basePath ? `${basePath}/${entry.name}` : entry.name;
     const fullPath = path.join(dir, entry.name);
     if (entry.isDirectory()) {
       if (SKIP_DIRS.has(entry.name) || entry.name.startsWith('.')) continue;
       collectFiles(fullPath, relPath, collected, totalSize);
     } else {
       const ext = path.extname(entry.name).toLowerCase();
       if (SKIP_EXTENSIONS.has(ext)) continue;
       try {
         const stat = fs.statSync(fullPath);
         if (stat.size > MAX_FILE_SIZE) {
@@ -124,24 +112,22 @@ function collectFiles(dir, basePath = '', collected = [], totalSize = { bytes: 0
           continue;
         }
         if (stat.size === 0) continue;
         const content = fs.readFileSync(fullPath, 'utf8');
         totalSize.bytes += content.length;
         collected.push({ path: relPath, content });
-      } catch {
-        // Binary or unreadable — skip
-      }
+      } catch {}
     }
   }
   return collected;
 }
+// ── Repo Helpers ────────────────────────────────────────
 function cloneRepo(sourceUrl) {
   const tmpDir = fs.mkdtempSync('/tmp/agentaudit-');
   try {
     execSync(`git clone --depth 1 "${sourceUrl}" "${tmpDir}/repo" 2>/dev/null`, {
-      timeout: 30_000,
-      stdio: 'pipe',
+      timeout: 30_000, stdio: 'pipe',
     });
     return path.join(tmpDir, 'repo');
   } catch (err) {
@@ -150,30 +136,95 @@ function cloneRepo(sourceUrl) {
 }
 function cleanupRepo(repoPath) {
-  try {
-    execSync(`rm -rf "${path.dirname(repoPath)}"`, { stdio: 'pipe' });
-  } catch {}
+  try { execSync(`rm -rf "${path.dirname(repoPath)}"`, { stdio: 'pipe' }); } catch {}
 }
 function slugFromUrl(url) {
-  // https://github.com/owner/repo → owner-repo or just repo
   const match = url.match(/github\.com\/([^/]+)\/([^/.\s]+)/);
   if (match) return match[2].toLowerCase().replace(/[^a-z0-9-]/g, '-');
   return url.replace(/[^a-z0-9]/gi, '-').toLowerCase().slice(0, 60);
 }
+// ── Discover local MCP configs ──────────────────────────
+function discoverMcpServers() {
+  const home = process.env.HOME || process.env.USERPROFILE || '';
+  const candidates = [
+    { platform: 'Claude Desktop', path: path.join(home, '.claude', 'mcp.json') },
+    { platform: 'Claude Desktop', path: path.join(home, 'Library', 'Application Support', 'Claude', 'claude_desktop_config.json') },
+    { platform: 'Claude Desktop', path: path.join(home, 'AppData', 'Roaming', 'Claude', 'claude_desktop_config.json') },
+    { platform: 'Claude Desktop', path: path.join(home, '.config', 'claude', 'claude_desktop_config.json') },
+    { platform: 'Cursor', path: path.join(home, '.cursor', 'mcp.json') },
+    { platform: 'Windsurf', path: path.join(home, '.codeium', 'windsurf', 'mcp_config.json') },
+    { platform: 'VS Code', path: path.join(home, '.vscode', 'mcp.json') },
+  ];
+  const results = [];
+  for (const c of candidates) {
+    if (!fs.existsSync(c.path)) {
+      results.push({ platform: c.platform, config_path: c.path, status: 'not found', servers: [] });
+      continue;
+    }
+    let content;
+    try { content = JSON.parse(fs.readFileSync(c.path, 'utf8')); }
+    catch { results.push({ platform: c.platform, config_path: c.path, status: 'parse error', servers: [] }); continue; }
+    const serverMap = content.mcpServers || content.servers || {};
+    const servers = [];
+    for (const [name, cfg] of Object.entries(serverMap)) {
+      const allArgs = [cfg.command, ...(cfg.args || [])].filter(Boolean).join(' ');
+      const npxMatch = allArgs.match(/npx\s+(?:-y\s+)?(@?[a-z0-9][\w./-]*)/i);
+      const pyMatch = allArgs.match(/(?:uvx|pip run|python -m)\s+(@?[a-z0-9][\w./-]*)/i);
+      servers.push({
+        name,
+        command: cfg.command || null,
+        args: cfg.args || [],
+        npm_package: npxMatch?.[1] || null,
+        pip_package: pyMatch?.[1] || null,
+      });
+    }
+    results.push({ platform: c.platform, config_path: c.path, status: 'found', server_count: servers.length, servers });
+  }
+  return results;
+}
+async function checkRegistry(slug) {
+  try {
+    const res = await fetch(`${REGISTRY_URL}/api/skills/${encodeURIComponent(slug)}`, {
+      signal: AbortSignal.timeout(5000),
+    });
+    if (res.ok) return await res.json();
+  } catch {}
+  return null;
+}
 // ── MCP Server ───────────────────────────────────────────
 const server = new Server(
-  { name: 'agentaudit', version: '1.0.0' },
+  { name: 'agentaudit', version: '3.2.0' },
   { capabilities: { tools: {} } }
 );
 server.setRequestHandler(ListToolsRequestSchema, async () => ({
   tools: [
+    {
+      name: 'discover_servers',
+      description: 'Find all locally installed MCP servers by scanning config files (Claude Desktop, Cursor, Windsurf, VS Code). Returns the list of configured servers with their names, commands, and package sources. Use this to see what MCP servers are installed, then check each against the registry with check_package, or audit them with audit_package.',
+      inputSchema: {
+        type: 'object',
+        properties: {
+          check_registry: {
+            type: 'boolean',
+            description: 'If true, also check each discovered server against the AgentAudit registry (default: true)',
+          },
+        },
+      },
+    },
     {
       name: 'audit_package',
-      description: 'Clone a repository and prepare it for security audit. Returns the source code and audit instructions. You (the agent) then analyze the code following the audit prompt and call submit_report with the results.',
+      description: 'Deep security audit: clone a repository and prepare it for LLM-powered analysis. Returns the source code and a 3-pass audit methodology (UNDERSTAND → DETECT → CLASSIFY). You (the agent) then analyze the code following the instructions and call submit_report with your findings. This is a DEEP audit — use check_package first for a quick registry lookup.',
       inputSchema: {
         type: 'object',
         properties: {
@@ -187,13 +238,13 @@ server.setRequestHandler(ListToolsRequestSchema, async () => ({
     },
     {
       name: 'submit_report',
-      description: 'Submit a completed security audit report to the AgentAudit registry (agentaudit.dev). Call this after you have analyzed the code from audit_package.',
+      description: 'Submit a completed security audit report to the AgentAudit registry (agentaudit.dev). Call this after you have analyzed the code from audit_package. The report becomes publicly available and helps other agents make install decisions.',
       inputSchema: {
         type: 'object',
         properties: {
           report: {
             type: 'object',
-            description: 'The audit report JSON object. Must include: skill_slug, source_url, risk_score (0-100), result (safe|caution|unsafe), findings (array), findings_count, max_severity.',
+            description: 'The audit report JSON object. Required fields: skill_slug, source_url, risk_score (0-100), result (safe|caution|unsafe), findings (array), findings_count, max_severity, package_type.',
           },
         },
         required: ['report'],
@@ -201,7 +252,7 @@ server.setRequestHandler(ListToolsRequestSchema, async () => ({
     },
     {
       name: 'check_package',
-      description: 'Look up a package in the AgentAudit security registry. Returns the latest audit results if available.',
+      description: 'Quick registry lookup: check if a package has already been audited on agentaudit.dev. Returns the latest audit results (risk score, findings, official status) if available. Use this before audit_package to avoid duplicate work.',
       inputSchema: {
         type: 'object',
         properties: {
@@ -218,39 +269,99 @@ server.setRequestHandler(ListToolsRequestSchema, async () => ({
 server.setRequestHandler(CallToolRequestSchema, async (request) => {
   const { name, arguments: args } = request.params;
   switch (name) {
+    // ── discover_servers ──────────────────────────────────
+    case 'discover_servers': {
+      const doRegistryCheck = args.check_registry !== false;
+      const configs = discoverMcpServers();
+      const foundConfigs = configs.filter(c => c.status === 'found');
+      const allServers = foundConfigs.flatMap(c => c.servers.map(s => ({ ...s, platform: c.platform })));
+      let text = `# Discovered MCP Servers\n\n`;
+      text += `Scanned ${configs.length} config locations. Found ${foundConfigs.length} config(s) with ${allServers.length} server(s).\n\n`;
+      for (const config of configs) {
+        if (config.status === 'not found') continue;
+        text += `## ${config.platform}\n`;
+        text += `Config: \`${config.config_path}\`\n\n`;
+        if (config.servers.length === 0) {
+          text += `No servers configured.\n\n`;
+          continue;
+        }
+        for (const srv of config.servers) {
+          const slug = srv.npm_package?.replace(/^@/, '').replace(/\//g, '-')
+            || srv.pip_package?.replace(/[^a-z0-9-]/gi, '-')
+            || srv.name.toLowerCase().replace(/[^a-z0-9-]/gi, '-');
+          text += `### ${srv.name}\n`;
+          text += `- Command: \`${[srv.command, ...srv.args].join(' ')}\`\n`;
+          if (srv.npm_package) text += `- npm: ${srv.npm_package}\n`;
+          if (srv.pip_package) text += `- pip: ${srv.pip_package}\n`;
+          if (doRegistryCheck) {
+            const regData = await checkRegistry(slug);
+            if (regData) {
+              const risk = regData.risk_score ?? regData.latest_risk_score ?? 0;
+              const official = regData.has_official_audit ? ' (official)' : '';
+              text += `- **Registry: ✅ Audited** — Risk ${risk}/100${official}\n`;
+              text += `- Report: ${REGISTRY_URL}/skills/${slug}\n`;
+            } else {
+              text += `- **Registry: ⚠️ Not audited** — no audit report found\n`;
+              text += `- To audit: call \`audit_package\` with the source URL\n`;
+            }
+          }
+          text += `\n`;
+        }
+      }
+      if (allServers.length === 0) {
+        text += `No MCP servers found. Config locations searched:\n`;
+        text += `- Claude Desktop: ~/.claude/mcp.json\n`;
+        text += `- Cursor: ~/.cursor/mcp.json\n`;
+        text += `- Windsurf: ~/.codeium/windsurf/mcp_config.json\n`;
+        text += `- VS Code: ~/.vscode/mcp.json\n`;
+      }
+      return { content: [{ type: 'text', text }] };
+    }
+    // ── audit_package ─────────────────────────────────────
     case 'audit_package': {
       const { source_url } = args;
       if (!source_url || !source_url.startsWith('http')) {
         return { content: [{ type: 'text', text: 'Error: source_url must be a valid HTTP(S) URL' }] };
       }
       let repoPath;
       try {
         repoPath = cloneRepo(source_url);
         const files = collectFiles(repoPath);
         const slug = slugFromUrl(source_url);
         const auditPrompt = loadAuditPrompt();
-        // Build the response
         let codeBlock = '';
         for (const file of files) {
           codeBlock += `\n### FILE: ${file.path}\n\`\`\`\n${file.content}\n\`\`\`\n`;
         }
         const response = [
-          `# Security Audit Request`,
+          `# Security Audit: ${slug}`,
           ``,
-          `**Package:** ${slug}`,
           `**Source:** ${source_url}`,
           `**Files collected:** ${files.length}`,
           ``,
-          `## Instructions`,
+          `## Your Task`,
+          ``,
+          `1. Analyze the source code below using the 3-pass audit methodology`,
+          `2. Call \`submit_report\` with your findings as JSON`,
           ``,
-          `Analyze the source code below following the audit methodology. After your analysis, call the \`submit_report\` tool with your findings as a JSON object.`,
+          `## Report Format`,
           ``,
-          `The report JSON must include:`,
+          `Your report JSON must include:`,
           '```json',
           `{`,
           `  "skill_slug": "${slug}",`,
@@ -285,7 +396,7 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
           ``,
           codeBlock,
         ].join('\n');
         return { content: [{ type: 'text', text: response }] };
       } catch (err) {
         return { content: [{ type: 'text', text: `Error: ${err.message}` }] };
@@ -293,27 +404,26 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
         if (repoPath) cleanupRepo(repoPath);
       }
     }
+    // ── submit_report ─────────────────────────────────────
     case 'submit_report': {
       const { report } = args;
       if (!report || typeof report !== 'object') {
         return { content: [{ type: 'text', text: 'Error: report must be a JSON object' }] };
       }
       const apiKey = loadApiKey();
       if (!apiKey) {
-        return { content: [{ type: 'text', text: 'Error: No API key configured. Set AGENTAUDIT_API_KEY or register first.' }] };
+        return { content: [{ type: 'text', text: 'Error: No API key configured. Run `npx agentaudit setup` or set AGENTAUDIT_API_KEY.' }] };
       }
-      // Validate required fields
       const required = ['skill_slug', 'source_url', 'risk_score', 'result'];
       for (const field of required) {
         if (report[field] == null) {
           return { content: [{ type: 'text', text: `Error: Missing required field "${field}" in report` }] };
         }
       }
-      // Auto-fix findings
       if (!Array.isArray(report.findings)) report.findings = [];
       report.findings_count = report.findings.length;
       if (!report.max_severity) {
@@ -324,7 +434,7 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
           return fi < mi ? f.severity : max;
         }, 'none');
       }
       try {
         const res = await fetch(`${REGISTRY_URL}/api/reports`, {
           method: 'POST',
@@ -335,13 +445,13 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
           body: JSON.stringify(report),
           signal: AbortSignal.timeout(60_000),
         });
         const body = await res.text();
         let data;
         try { data = JSON.parse(body); } catch { data = { raw: body }; }
         if (res.ok) {
-          return { content: [{ type: 'text', text: `Report submitted successfully!\nReport ID: ${data.report_id || 'unknown'}\nURL: ${REGISTRY_URL}/skills/${report.skill_slug}\n\n${JSON.stringify(data, null, 2)}` }] };
+          return { content: [{ type: 'text', text: `✅ Report submitted!\n\nReport ID: ${data.report_id || 'unknown'}\nURL: ${REGISTRY_URL}/skills/${report.skill_slug}\nRisk: ${report.risk_score}/100 (${report.result})\nFindings: ${report.findings_count}` }] };
         } else {
           return { content: [{ type: 'text', text: `Upload failed (HTTP ${res.status}): ${JSON.stringify(data, null, 2)}` }] };
         }
@@ -349,31 +459,42 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
         return { content: [{ type: 'text', text: `Upload error: ${err.message}` }] };
       }
     }
+    // ── check_package ─────────────────────────────────────
     case 'check_package': {
       const { package_name } = args;
       if (!package_name) {
         return { content: [{ type: 'text', text: 'Error: package_name is required' }] };
       }
       try {
         const res = await fetch(`${REGISTRY_URL}/api/skills/${encodeURIComponent(package_name)}`, {
           signal: AbortSignal.timeout(10_000),
         });
         if (res.status === 404) {
-          return { content: [{ type: 'text', text: `Package "${package_name}" not found in registry. It may not have been audited yet. Use audit_package to audit it.` }] };
+          return { content: [{ type: 'text', text: `Package "${package_name}" not found in registry.\n\nIt hasn't been audited yet. To audit it:\n1. Find the source URL (GitHub repo)\n2. Call audit_package with the URL\n3. Analyze the code\n4. Call submit_report with your findings` }] };
         }
         const data = await res.json();
-        return { content: [{ type: 'text', text: JSON.stringify(data, null, 2) }] };
+        const risk = data.risk_score ?? data.latest_risk_score ?? 'unknown';
+        const official = data.has_official_audit ? '✅ Officially audited' : 'Community audit';
+        let summary = `# ${package_name}\n\n`;
+        summary += `**Risk Score:** ${risk}/100\n`;
+        summary += `**Status:** ${official}\n`;
+        if (data.source_url) summary += `**Source:** ${data.source_url}\n`;
+        summary += `**Registry:** ${REGISTRY_URL}/skills/${package_name}\n\n`;
+        summary += `## Full Data\n\`\`\`json\n${JSON.stringify(data, null, 2)}\n\`\`\``;
+        return { content: [{ type: 'text', text: summary }] };
       } catch (err) {
         return { content: [{ type: 'text', text: `Registry lookup failed: ${err.message}` }] };
       }
     }
     default:
-      return { content: [{ type: 'text', text: `Unknown tool: ${name}` }] };
+      return { content: [{ type: 'text', text: `Unknown tool: ${name}. Available: discover_servers, audit_package, submit_report, check_package` }] };
   }
 });

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "agentaudit",
-  "version": "3.1.0",
+  "version": "3.3.0",
   "description": "Security scanner for AI packages — MCP server + CLI",
   "type": "module",
   "bin": {