npm - ai-config-shield - Versions diffs - 1.0.0 - Mend

ai-config-shield 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/LICENSE +21 -0
package/README.md +46 -0
package/bin/lock.ps1 +107 -0
package/bin/unlock.ps1 +79 -0
package/package.json +34 -0
package/tests/check-status.ps1 +38 -0
package/tests/e2e-security-audit.ps1 +220 -0
package/tests/live-uac-demo.ps1 +120 -0

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 Dennis Menze
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,46 @@
+# AIConfigShield 🛡️
+### Stop AI agents from taking shortcuts in your configuration files.
+## The Background
+Large Language Models (LLMs) and AI coding agents are powerful, but they have a "laziness" property learned from the vast amount of human data they've been trained on. When tasked with fixing thousands of linting errors or complex architectural issues, they often try to take the path of least resistance.
+Instead of fixing 1000 errors, an AI might "secretly" modify your configuration files (like `.flake8`, `eslint.config.js`, or `.pre-commit-config.yaml`) to ignore entire categories of rules. You return to your PC after half an hour, the AI proudly reports "All tasks completed!", only for you to find out it actually fixed 10 errors and muted the other 990.
+Even worse, a simple Windows "Read-Only" attribute is often not enough. Modern AI agents are clever enough to recognize and remove that attribute to continue their shortcut. **AIConfigShield** provides hardened, NTFS-level protection that makes unauthorized modification **impossible** without administrative privileges.
+## Features
+- **Unbypassable Locking**: Uses NTFS permissions (`takeown` and `icacls`) to lock files at a system level.
+- **Admin-Only Access**: Prevents any modification by the standard user session. Even "force" writes fail.
+- **Auto-Elevation**: Automatically requests Administrator privileges to apply these deep locks.
+- **Universal**: Use it in any project (Node, Python, Go, etc.) as long as you're on Windows.
+## Installation
+```bash
+npm install -g ai-config-shield
+```
+## Usage
+### Locking your "Fortress"
+Lock your linting configs and hooks to ensure the AI actually *fixes* the code instead of hiding the problems:
+```bash
+npx shield-lock eslint.config.js .flake8 .pre-commit-config.yaml .git/hooks/pre-commit
+```
+### Unlocking for Manual Maintenance
+When *you* (the human) want to change the configurations:
+```bash
+npx shield-unlock <path-to-file-or-dir>
+```
+## How it works
+The tool performs a "Take Ownership" operation and then modifies the Access Control List (ACL) to grant the current user only **Read & Execute** rights, while preserving **Full Control** for the SYSTEM and Administrators (who must consciously elevate to change these rules).
+## License
+MIT

package/bin/lock.ps1 ADDED Viewed

@@ -0,0 +1,107 @@
+# FILE-LOCK-TOOL: LOCK
+param(
+    [Parameter(Mandatory=$true, Position=0)]
+    [string[]]$Targets,
+    [switch] $SkipProfile
+)
+$global:LockLogFile = Join-Path (Get-Location).Path "lock_output.log"
+function Log-Lock {
+    param([string]$Msg)
+    $timestamp = Get-Date -Format "HH:mm:ss.fff"
+    "[$timestamp] $Msg" | Out-File $global:LockLogFile -Append -Encoding utf8
+}
+Log-Lock "=== LOCK START ==="
+Log-Lock "Args: $($PSBoundParameters | Out-String)"
+# --- 0. ADMIN-CHECK mit Auto-Elevation ---
+$currentPrincipal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())
+if (-not $currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
+    $scriptPath = $MyInvocation.MyCommand.Path
+    $workDir = (Get-Location).Path
+    $targetArgs = ($Targets | ForEach-Object { "`"$_`"" }) -join " "
+    $skipArg = if ($SkipProfile) { " -SkipProfile" } else { "" }
+    $cmd = "Set-Location '$workDir'; & '$scriptPath' $targetArgs$skipArg; exit `$LASTEXITCODE"
+    $proc = Start-Process pwsh -ArgumentList "-ExecutionPolicy Bypass", "-Command", $cmd -Verb RunAs -Wait -PassThru
+    exit $proc.ExitCode
+}
+# --- 1. PRE-RESET: Entsperren für Enumeration ---
+Log-Lock "PRE-RESET: Unlocking targets for enumeration..."
+foreach ($targetRaw in $Targets) {
+    if (-not (Test-Path $targetRaw)) {
+        Log-Lock "WARN: Target not found: $targetRaw"
+        continue
+    }
+    $item = Get-Item $targetRaw -Force -ErrorAction SilentlyContinue
+    if ($null -eq $item) { continue }
+    Log-Lock "PRE-RESET: $($item.FullName)"
+    if ($item.PSIsContainer) {
+        & icacls "$($item.FullName)" /reset /T /C 2>&1 | Out-Null
+    } else {
+        & icacls "$($item.FullName)" /reset /C 2>&1 | Out-Null
+    }
+}
+Log-Lock "PRE-RESET: Done"
+# --- 2. SCHUTZ ANWENDEN ---
+$allFiles = @()
+foreach ($targetRaw in $Targets) {
+    if (-not (Test-Path $targetRaw)) { continue }
+    $item = Get-Item $targetRaw -Force -ErrorAction SilentlyContinue
+    if ($null -eq $item) { continue }
+    if ($item -is [System.IO.DirectoryInfo]) {
+        $allFiles += $item.FullName
+        try {
+            $children = Get-ChildItem $item.FullName -Recurse -Force -ErrorAction Stop
+            $allFiles += ($children | ForEach-Object { $_.FullName })
+        } catch {
+            Log-Lock "WARN: Cannot enumerate $($item.FullName): $_"
+        }
+    } else {
+        $allFiles += $item.FullName
+    }
+}
+Log-Lock "Expanded targets to $($allFiles.Count) files"
+foreach ($fullPath in $allFiles) {
+    if (-not (Test-Path $fullPath)) { continue }
+    $item = Get-Item $fullPath -Force
+    $isDir = ($item -is [System.IO.DirectoryInfo])
+    Log-Lock "--- Processing: $fullPath (Dir=$isDir) ---"
+    Write-Host "🛡️  Sperre $(Split-Path $fullPath -Leaf)..." -ForegroundColor Cyan
+    # A. Besitz erzwingen (takeown)
+    Log-Lock "STEP: takeown"
+    $out = & takeown /F "$fullPath" /A 2>&1 | Out-String
+    Log-Lock "OUTPUT: $out"
+    # B. Vererbung kappen und aufräumen
+    Log-Lock "STEP: icacls reset"
+    $out = & icacls "$fullPath" /reset /c 2>&1 | Out-String
+    Log-Lock "OUTPUT: $out"
+    Log-Lock "STEP: icacls inheritance:r"
+    $out = & icacls "$fullPath" /inheritance:r /c 2>&1 | Out-String
+    Log-Lock "OUTPUT: $out"
+    # C. Lesezugriff erlauben
+    Log-Lock "STEP: icacls grant RX"
+    $out = & icacls "$fullPath" /grant "${env:USERNAME}:(RX)" /c 2>&1 | Out-String
+    Log-Lock "OUTPUT: $out"
+    Log-Lock "STEP: icacls grant Admin+System"
+    $out = & icacls "$fullPath" /grant "*S-1-5-32-544:(F)" /grant "SYSTEM:(F)" /c 2>&1 | Out-String
+    Log-Lock "OUTPUT: $out"
+    Log-Lock "--- DONE: $fullPath ---"
+    Write-Host "✅ GESPERRT: $(Split-Path $fullPath -Leaf)" -ForegroundColor Green
+}

package/bin/unlock.ps1 ADDED Viewed

@@ -0,0 +1,79 @@
+# FILE-LOCK-TOOL: UNLOCK
+param(
+    [Parameter(Mandatory=$true, Position=0)]
+    [string[]]$Targets,
+    [switch] $SkipProfile
+)
+$global:UnlockLogFile = Join-Path (Get-Location).Path "unlock_output.log"
+function Log-Unlock {
+    param([string]$Msg)
+    $timestamp = Get-Date -Format "HH:mm:ss.fff"
+    "[$timestamp] $Msg" | Out-File $global:UnlockLogFile -Append -Encoding utf8
+}
+Log-Unlock "=== UNLOCK START ==="
+# --- 0. ADMIN-CHECK mit Auto-Elevation ---
+$currentPrincipal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())
+if (-not $currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) {
+    $scriptPath = $MyInvocation.MyCommand.Path
+    $workDir = (Get-Location).Path
+    $targetArgs = ($Targets | ForEach-Object { "`"$_`"" }) -join " "
+    $skipArg = if ($SkipProfile) { " -SkipProfile" } else { "" }
+    $cmd = "Set-Location '$workDir'; & '$scriptPath' $targetArgs$skipArg; exit `$LASTEXITCODE"
+    $proc = Start-Process pwsh -ArgumentList "-ExecutionPolicy Bypass", "-Command", $cmd -Verb RunAs -Wait -PassThru
+    exit $proc.ExitCode
+}
+# --- 1. ENTSPERRUNG ---
+foreach ($targetRaw in $Targets) {
+    if (-not (Test-Path $targetRaw)) {
+        Log-Unlock "WARN: Target not found: $targetRaw"
+        continue
+    }
+    $item = Get-Item $targetRaw -Force
+    $fullPath = $item.FullName
+    $isDir = $item.PSIsContainer
+    $fileName = Split-Path $fullPath -Leaf
+    Log-Unlock "--- Processing: $fullPath (Dir=$isDir) ---"
+    Write-Host "🔓 Entsperre $fileName (Dir=$isDir)..." -ForegroundColor Cyan
+    $takeownArgs = @("/F", "$fullPath", "/A")
+    if ($isDir) { $takeownArgs += "/R"; $takeownArgs += "/D"; $takeownArgs += "Y" }
+    # A. Besitz erzwingen (Admin)
+    Log-Unlock "STEP: takeown"
+    $out = & takeown $takeownArgs 2>&1 | Out-String
+    Log-Unlock "OUTPUT: $out"
+    # B. Integrität zurück auf Medium setzen
+    $intArgs = @("$fullPath", "/setintegritylevel", "M", "/c")
+    if ($isDir) { $intArgs += "/T" }
+    Log-Unlock "STEP: setintegritylevel M"
+    $out = & icacls $intArgs 2>&1 | Out-String
+    Log-Unlock "OUTPUT: $out"
+    # C. ACLs komplett zurücksetzen
+    $resetArgs = @("$fullPath", "/reset", "/c")
+    if ($isDir) { $resetArgs += "/T" }
+    Log-Unlock "STEP: reset"
+    $out = & icacls $resetArgs 2>&1 | Out-String
+    Log-Unlock "OUTPUT: $out"
+    # D. Besitzer zurück an User
+    $ownArgs = @("$fullPath", "/setowner", "${env:USERNAME}", "/c")
+    if ($isDir) { $ownArgs += "/T" }
+    Log-Unlock "STEP: setowner ${env:USERNAME}"
+    $out = & icacls $ownArgs 2>&1 | Out-String
+    Log-Unlock "OUTPUT: $out"
+    Log-Unlock "--- DONE: $fullPath ---"
+    Write-Host "✅ $fileName (und Inhalte) entsperrt." -ForegroundColor Green
+}
+Log-Unlock "=== UNLOCK END ==="

package/package.json ADDED Viewed

@@ -0,0 +1,34 @@
+{
+  "name": "ai-config-shield",
+  "version": "1.0.0",
+  "description": "Protect your configuration files from being silently bypassed by AI agents.",
+  "bin": {
+    "shield-lock": "./bin/lock.ps1",
+    "shield-unlock": "./bin/unlock.ps1"
+  },
+  "scripts": {
+    "lock": "pwsh -ExecutionPolicy Bypass -File ./bin/lock.ps1",
+    "unlock": "pwsh -ExecutionPolicy Bypass -File ./bin/unlock.ps1"
+  },
+  "keywords": [
+    "ai",
+    "shield",
+    "lock",
+    "unlock",
+    "permissions",
+    "security",
+    "windows",
+    "powershell",
+    "lint",
+    "config"
+  ],
+  "author": "Denksystem",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/denksystem/AIConfigShield.git"
+  },
+  "os": [
+    "win32"
+  ]
+}

package/tests/check-status.ps1 ADDED Viewed

@@ -0,0 +1,38 @@
+param(
+    [string[]] $Files = @(
+        "package.json",
+        "pyproject.toml",
+        ".husky\pre-commit",
+        ".husky\pre-push"
+    )
+)
+$allLocked = $true
+$allOpen = $true
+foreach ($f in $Files) {
+    if (Test-Path $f) {
+        try {
+            # Versuch, die Datei zu öffnen (Lesen+Schreiben)
+            $stream = [System.IO.File]::Open(
+                $f,
+                [System.IO.FileMode]::Open,
+                [System.IO.FileAccess]::ReadWrite
+            )
+            $stream.Close()
+            Write-Host "OPEN:   $f" -ForegroundColor Green
+            $allLocked = $false
+        } catch {
+            Write-Host "LOCKED: $f" -ForegroundColor Red
+            $allOpen = $false
+        }
+    }
+}
+if ($allLocked) {
+    exit 10
+} # Code 10 = ALL LOCKED
+if ($allOpen) {
+    exit 20
+} # Code 20 = ALL OPEN
+exit 30 # Code 30 = MIXED

package/tests/e2e-security-audit.ps1 ADDED Viewed

@@ -0,0 +1,220 @@
+# MASTER E2E SECURITY & ANTI-GHOST AUDIT (Fail-Fast)
+param(
+    [switch] $NoElevate,
+    [switch] $VerifyOnly,
+    [string] $Expect = "All" # All, Locked, Open
+)
+Write-Host "DEBUG: E2E SCRIPT STARTED (Param Expect=$Expect, VerifyOnly=$VerifyOnly, NoElevate=$NoElevate)"
+# --- 0. ADMIN-CHECK ---
+$currentPrincipal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())
+if (-not $currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator) -and -not $NoElevate) {
+    Write-Host "CRITICAL: E2E-Test erfordert Administrator-Rechte!" -ForegroundColor Red
+    Start-Process pwsh -ArgumentList "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs
+    exit
+}
+$baseFiles = @("package.json", "pyproject.toml", ".husky")
+# Log File Setup
+$global:AuditLogFile = "$PSScriptRoot\audit_debug.log"
+"--- NEW AUDIT RUN $(Get-Date) ---" | Out-File $global:AuditLogFile -Append -Encoding utf8
+function Log-Audit {
+    param([string]$Msg)
+    $timestamp = Get-Date -Format "HH:mm:ss.fff"
+    "[$timestamp] $Msg" | Out-File $global:AuditLogFile -Append -Encoding utf8
+    # Auch in Konsole für Live-Log
+    Microsoft.PowerShell.Utility\Write-Host "[$timestamp] $Msg" -ForegroundColor Gray
+}
+# 1. Alle Dateien auflösen (rekursiv bei Ordnern wie .husky)
+$files = @()
+foreach ($f in $baseFiles) {
+    if (Test-Path $f) {
+        $item = Get-Item $f
+        if ($item -is [System.IO.DirectoryInfo]) {
+            $files += Get-ChildItem $f -File -Recurse | ForEach-Object { $_.FullName }
+        } else {
+            $files += $item.FullName
+        }
+    }
+}
+# --- 1. STEP RUNNER (STRICT) ---
+function Run-Step {
+    param(
+        [string]$ActionName,
+        [scriptblock]$Action,
+        [switch]$ExpectedUnlocked,
+        [string]$TargetFile
+    )
+    Log-Audit "START: $ActionName on $TargetFile (Unlocked=$ExpectedUnlocked)"
+    # State Reset
+    $error.Clear()
+    $global:lastIdManualOverride = [int](Get-Random)
+    $global:lastSeenErrorCount = 0
+    $contentBefore = if ($TargetFile -and (Test-Path $TargetFile)) {
+        try { Get-Content $TargetFile -Raw -ErrorAction SilentlyContinue } catch { "" }
+    } else { "" }
+    # Reset State
+    $script:shadowWarningShown = $false
+    $global:AuditTargetFile = $TargetFile
+    $global:AuditWarningTriggered = $false
+    $global:SimulatedSecurityError = $null
+    $global:AuditLastExitCode = $null
+    $readErrorBefore = $false
+    $contentBefore = if ($TargetFile -and (Test-Path $TargetFile)) {
+        try { Get-Content $TargetFile -Raw -ErrorAction Stop } catch { $readErrorBefore = $true; Log-Audit "READ ERROR BEFORE: $_"; "" }
+    } else { "" }
+    $failed = $false
+    try {
+        $ErrorActionPreference = "Continue" # Continue damit Stderr captured werden kann
+        # Capture Output (Stdout + Stderr merged via 2>&1)
+        # Wir wollen es im Log UND (optional) sehen? Nein, primär Log.
+        $cmdOutput = & $Action 2>&1 | Out-String
+        # Logge den KOMPLETTEN Output
+        Log-Audit "OUTPUT from '$ActionName':"
+        if ($cmdOutput) {
+            $cmdOutput -split "`n" | ForEach-Object { Log-Audit "  > $_" }
+        } else {
+             Log-Audit "  (No Output)"
+        }
+        $global:AuditLastExitCode = $LASTEXITCODE
+        Log-Audit "Action finished. ExitCode: $LASTEXITCODE"
+        if ($LASTEXITCODE -ne 0 -and $LASTEXITCODE -ne $null) {
+            $failed = $true
+            if (-not $global:SimulatedSecurityError) {
+                $global:SimulatedSecurityError = [PSCustomObject]@{
+                    Exception = [PSCustomObject]@{ Message = "Native Command Failure for $TargetFile (ExitCode $LASTEXITCODE)" }
+                }
+            }
+        }
+    } catch {
+        $failed = $true
+        # Sicherstellen, dass der Fehler in $global:Error landet für den Hook
+        $global:SimulatedSecurityError = $_
+        Log-Audit "CATCH: $($_.Exception.Message)"
+    }
+    # Fallback: Wenn Failed aber kein Fehlerobjekt (z.B. Native Git Failure)
+    # Und sicherstellen, dass wir es wirklich setzen!
+    if ($failed -and -not $global:SimulatedSecurityError) {
+         $global:SimulatedSecurityError = [PSCustomObject]@{
+             Exception = [PSCustomObject]@{ Message = "Generischer Fehler für $TargetFile (ExitCode $global:AuditLastExitCode)" }
+         }
+    }
+    # Trigger Hook (explicitly invoke prompt with current state)
+    if (Get-Command prompt -ErrorAction SilentlyContinue) {
+        prompt | Out-Null
+    }
+    $warningTriggered = $global:AuditWarningTriggered
+    $readErrorAfter = $false
+    $contentAfter = if ($TargetFile -and (Test-Path $TargetFile)) {
+        try { Get-Content $TargetFile -Raw -ErrorAction Stop } catch { $readErrorAfter = $true; Log-Audit "READ ERROR AFTER: $_"; "" }
+    } else { "" }
+    # Modified Logic: Only if NO Read Errors occurred
+    if ($readErrorBefore -or $readErrorAfter) {
+        $wasActuallyModified = $false
+        Log-Audit "SKIPPING Modified Check due to Read Errors (Before=$readErrorBefore, After=$readErrorAfter)"
+    } else {
+        $wasActuallyModified = ($contentBefore -ne $contentAfter)
+    }
+    $errorDetail = if ($global:SimulatedSecurityError) { $global:SimulatedSecurityError.Exception.Message } else { "Keine Details (Failed=$failed)" }
+    if ($ExpectedUnlocked) {
+        if ($wasActuallyModified -or -not $failed) {
+             Log-Audit "SUCCESS: Allowed ($ActionName)"
+             return $true
+        } else {
+             Log-Audit "FAIL: Unexpected Block ($ActionName) - $errorDetail"
+             Microsoft.PowerShell.Utility\Write-Host "  ❌ FEHLER: Unerwartet blockiert ($TargetFile)! Fehler: $errorDetail" -ForegroundColor Red
+             return $false
+        }
+    } else {
+        if ($wasActuallyModified) {
+            Log-Audit "CRITICAL: File Modified ($ActionName)"
+            Log-Audit "  Before Len: $($contentBefore.Length)"
+            Log-Audit "  After  Len: $($contentAfter.Length)"
+            if ($contentBefore -eq $null) { Log-Audit "  Before is NULL" }
+            if ($contentAfter -eq $null) { Log-Audit "  After is NULL" }
+            Microsoft.PowerShell.Utility\Write-Host "  ❌ SICHERHEITSLÜCKE: Datei $TargetFile manipuliert!" -ForegroundColor White -BackgroundColor Red
+            return $false
+        }
+        if (-not $warningTriggered) {
+             Log-Audit "FAIL-FAST: No Warning ($ActionName)"
+             Log-Audit "  ErrDetails: $errorDetail"
+             Log-Audit "  Pattern: $(Split-Path $TargetFile -Leaf)"
+             Microsoft.PowerShell.Utility\Write-Host "  ❌ FAIL-FAST: Keine Warnung für $TargetFile" -ForegroundColor Red
+             return $false
+        }
+        Log-Audit "SUCCESS: Blocked + Warned ($ActionName)"
+        return $true
+    }
+}
+# --- 2. AUDIT EXECUTION ---
+try {
+    # 1. Dateiliste bereinigen (Duplikate entfernen)
+    $files = $files | Select-Object -Unique
+    if (Test-Path "./scripts/warning-hook.ps1") {
+        # Wichtig: Pattern muss auf LEAF-Namen basieren für Shell-Kompatibilität
+        $patternList = $files | ForEach-Object { Split-Path $_ -Leaf | ForEach-Object { [Regex]::Escape($_) } }
+        $global:ProtectedFilesPattern = ($patternList | Select-Object -Unique) -join '|'
+        . ./scripts/warning-hook.ps1
+    }
+    if (-not $VerifyOnly) {
+        Microsoft.PowerShell.Utility\Write-Host ">>> PHASE 1: LOCKING <<<" -ForegroundColor Yellow
+        . ./scripts/lock-files.ps1 -SkipProfile | Out-Null
+    }
+    if ($Expect -eq "All" -or $Expect -eq "Locked") {
+        foreach ($f in $files) {
+            if (Test-Path $f) {
+                # ACL Debug
+                try {
+                    $acl = Get-Acl $f
+                    Log-Audit "DEBUG ACL $f :: Owner=$($acl.Owner) Access=$($acl.AccessToString)"
+                } catch { Log-Audit "DEBUG ACL FAIL: $_" }
+                if (-not (Run-Step "Write Check" { "hack" | Out-File $f -Force } -TargetFile $f)) { exit 1 }
+                if (-not (Run-Step "Delete Check" { Remove-Item $f -Force } -TargetFile $f)) { exit 1 }
+                # Restore Check kann tricky sein bei untracked files, aber wir testen nur tracked files
+                if (-not (Run-Step "Restore Check" { git restore -s HEAD $f 2>&1 | Out-Null } -TargetFile $f)) { exit 1 }
+            }
+        }
+    }
+    if ($Expect -eq "All" -or $Expect -eq "Open") {
+        foreach ($f in $files) {
+            if (Test-Path $f) {
+                # Read Check: Versuche Inhalt zu lesen statt git add (weniger Side-Effects)
+                if (-not (Run-Step "Read Check" { Get-Content $f | Select-Object -First 1 } -ExpectedUnlocked -TargetFile $f)) { exit 1 }
+            }
+        }
+    }
+    Microsoft.PowerShell.Utility\Write-Host "`nAUDIT BESTANDEN! ✅" -ForegroundColor Green
+    exit 0
+} finally {
+    if (-not $VerifyOnly) { . ./scripts/unlock-files.ps1 -Targets $baseFiles | Out-Null }
+}
+exit 0

package/tests/live-uac-demo.ps1 ADDED Viewed

@@ -0,0 +1,120 @@
+# FINAL UAC DEMO (FULL CONSENT PROOF)
+# Zeigt, dass KEINE Aenderung ohne explizite Zustimmung moeglich ist.
+# Ablauf:
+# 1. LOCK   -> JA   (Erfolg)
+# 2. UNLOCK -> NEIN (Muss fehlschlagen, Datei bleibt gesperrt)
+# 3. UNLOCK -> JA   (Erfolg)
+# 4. LOCK   -> NEIN (Muss fehlschlagen, Datei bleibt offen)
+$pwd = (Get-Item .).FullName
+# Helper for detailed logging
+function Log-Demo {
+    param([string]$Msg)
+    $timestamp = Get-Date -Format "HH:mm:ss.fff"
+    $logFile = Join-Path $pwd "scripts/audit_debug.log"
+    "[$timestamp] [DEMO-CONTROLLER] $Msg" | Out-File $logFile -Append -Encoding utf8
+    Write-Host $Msg -ForegroundColor DarkGray
+}
+# Clear all logs at start
+$scriptsDir = Join-Path $pwd "scripts"
+Remove-Item (Join-Path $scriptsDir "audit_debug.log") -ErrorAction SilentlyContinue
+Remove-Item (Join-Path $scriptsDir "lock_output.log") -ErrorAction SilentlyContinue
+Remove-Item (Join-Path $scriptsDir "unlock_output.log") -ErrorAction SilentlyContinue
+Remove-Item (Join-Path $scriptsDir "lock_processing.log") -ErrorAction SilentlyContinue
+Log-Demo "--- DEMO STARTED ---"
+function Show-Header {
+    param($Text)
+    Log-Demo "PHASE START: $Text"
+    Write-Host "`n====================================================" -ForegroundColor Magenta
+    Write-Host "   $Text" -ForegroundColor Magenta
+    Write-Host "====================================================" -ForegroundColor Magenta
+}
+function Run-Audit {
+    param($TargetExpect)
+    Log-Demo "Run-Audit Expect=$TargetExpect Start"
+    # Wir rufen das Audit-Skript auf und geben nur relevante Zeilen aus
+    # -NoElevate wird genutzt, da die Demo bereits UAC/Admin-Kontext steuert.
+    $auditPath = Join-Path $pwd "scripts/e2e-security-audit.ps1"
+    # Starte Audit als NEUEN Prozess, damit Windows frische ACLs liest (kein Caching vom Parent)
+    $proc = Start-Process pwsh -ArgumentList "-ExecutionPolicy Bypass", "-File `"$auditPath`"", "-Expect $TargetExpect", "-VerifyOnly", "-NoElevate" -Wait -PassThru -NoNewWindow
+    $auditExitCode = $proc.ExitCode
+    if ($auditExitCode -ne 0) {
+    Log-Demo "Run-Audit Failed with $auditExitCode"
+    Write-Host "🚨 DEMO ABBRUCH: Audit fehlgeschlagen mit Exit-Code: $auditExitCode" -ForegroundColor Red
+    if (Test-Path "$PSScriptRoot\audit_debug.log") {
+        Write-Host "`n--- AUDIT LOG (FEHLER DETAILS) ---" -ForegroundColor Yellow
+        Get-Content "$PSScriptRoot\audit_debug.log" -Tail 30
+        Write-Host "----------------------------------" -ForegroundColor Yellow
+    }
+    # NICHT automatisch entsperren - User soll manuell unlock-files.ps1 ausführen wenn nötig
+    exit 1
+}
+    Log-Demo "Run-Audit Success"
+    Write-Host "✨ Audit ($TargetExpect) bestanden!" -ForegroundColor Green
+}
+# --- PHASE 1: LOCK (JA) ---
+Show-Header "PHASE 1: SPERRE AKTIVIEREN (KLICK: JA)"
+Write-Host ">>> BITTE JETZT IM WINDOWS-FENSTER AUF 'JA' KLICKEN <<<" -ForegroundColor Red -BackgroundColor White
+Log-Demo "Sending UAC Request for lock-files.ps1..."
+Start-Process pwsh -ArgumentList "-NoProfile", "-File", "$pwd/scripts/lock-files.ps1", "-SkipProfile" -Verb RunAs -Wait
+Log-Demo "UAC Request finished."
+Write-Host "`nAUDIT 1: Prüfe ob Dateien GESPERRT sind (und Warnung kommt!)..." -ForegroundColor Yellow
+Run-Audit "Locked"
+# --- PHASE 2: UNLOCK (NEIN) ---
+Show-Header "PHASE 2: ENTSPERREN ABLEHNEN (KLICK: NEIN)"
+Write-Host "Wir versuchen den Schutz aufzuheben. Du verbietest es." -ForegroundColor Gray
+Write-Host ">>> BITTE JETZT IM WINDOWS-FENSTER AUF 'NEIN' / 'ABBRECHEN' KLICKEN <<<" -ForegroundColor Red -BackgroundColor White
+try {
+    Start-Process pwsh -ArgumentList "-NoProfile", "-File", "$pwd/scripts/unlock-files.ps1" -Verb RunAs -Wait -ErrorAction Stop
+    Write-Host "`nHinweis: Du hast 'JA' geklickt, wir wollten 'NEIN' testen." -ForegroundColor Gray
+} catch {
+    Write-Host "`n✅ ERFOLG: Du hast das Entsperren verweigert!" -ForegroundColor Green
+}
+Write-Host "`nAUDIT 2: Prüfe ob Dateien IMMER NOCH GESPERRT sind..." -ForegroundColor Yellow
+Run-Audit "Locked"
+# --- PHASE 3: UNLOCK (JA) ---
+Show-Header "PHASE 3: ENTSPERREN ERLAUBEN (KLICK: JA)"
+Write-Host "Jetzt erlauben wir es wirklich." -ForegroundColor Gray
+Write-Host ">>> BITTE JETZT IM WINDOWS-FENSTER AUF 'JA' KLICKEN <<<" -ForegroundColor Red -BackgroundColor White
+Start-Process pwsh -ArgumentList "-NoProfile", "-File", "$pwd/scripts/unlock-files.ps1" -Verb RunAs -Wait
+Write-Host "`nAUDIT 3: Prüfe ob Dateien jetzt OFFEN sind..." -ForegroundColor Yellow
+Run-Audit "Open"
+# --- PHASE 4: LOCK (NEIN) ---
+Show-Header "PHASE 4: SPERRE ABLEHNEN (KLICK: NEIN)"
+Write-Host "Versuch einer erneuten Sperre. Du verbietest es." -ForegroundColor Gray
+Write-Host ">>> BITTE JETZT IM WINDOWS-FENSTER AUF 'NEIN' / 'ABBRECHEN' KLICKEN <<<" -ForegroundColor Red -BackgroundColor White
+try {
+    Start-Process pwsh -ArgumentList "-NoProfile", "-File", "$pwd/scripts/lock-files.ps1", "-SkipProfile" -Verb RunAs -Wait -ErrorAction Stop
+    Write-Host "`nHinweis: Du hast 'JA' geklickt, wir wollten 'NEIN' testen." -ForegroundColor Gray
+} catch {
+    Write-Host "`n✅ ERFOLG: Du hast das Sperren verweigert!" -ForegroundColor Green
+}
+Write-Host "`nAUDIT 4: Prüfe ob Dateien IMMER NOCH OFFEN sind..." -ForegroundColor Yellow
+Run-Audit "Open"
+Show-Header "DEMO BEENDET: EXAKT 4 ADMIN-ENTSCHEIDUNGEN (JA, NEIN, JA, NEIN)"
+Write-Host "Beweisführung abgeschlossen: Ohne dein JA passiert hier gar nichts." -ForegroundColor Green