ai-saas-guard 0.24.0 → 0.26.0

package/.bestpractices.json

@@ -0,0 +1,138 @@
+{
+  "name": "ai-saas-guard",
+  "description": "Local-first launch preflight for AI-built SaaS repositories, focused on review-worthy auth, billing, data access, secrets, MCP, deploy, and pull request risks.",
+  "homepage_url": "https://github.com/zr9959/ai-saas-guard#readme",
+  "repo_url": "https://github.com/zr9959/ai-saas-guard",
+  "license": "MIT",
+  "implementation_languages": "TypeScript, JavaScript",
+  "description_good_status": "Met",
+  "description_good_justification": "The README opens with the problem ai-saas-guard solves for AI-built SaaS launch review: https://github.com/zr9959/ai-saas-guard#the-problem-it-solves",
+  "interact_status": "Met",
+  "interact_justification": "The README explains how to obtain and use the CLI, and GitHub issue templates plus CONTRIBUTING.md explain feedback and contribution paths: https://github.com/zr9959/ai-saas-guard#quick-start and https://github.com/zr9959/ai-saas-guard/blob/main/CONTRIBUTING.md",
+  "contribution_status": "Met",
+  "contribution_justification": "CONTRIBUTING.md documents the pull request process, tests, docs, release gate, and safety requirements: https://github.com/zr9959/ai-saas-guard/blob/main/CONTRIBUTING.md",
+  "contribution_requirements_status": "Met",
+  "contribution_requirements_justification": "CONTRIBUTING.md documents acceptable contribution requirements, including focused PRs, tests, fixtures, docs, release gate evidence, and public-safety constraints: https://github.com/zr9959/ai-saas-guard/blob/main/CONTRIBUTING.md",
+  "floss_license_status": "Met",
+  "floss_license_justification": "The project is released under the MIT license: https://github.com/zr9959/ai-saas-guard/blob/main/LICENSE",
+  "floss_license_osi_status": "Met",
+  "floss_license_osi_justification": "MIT is an OSI-approved open source license, and the repository declares MIT in LICENSE and package.json: https://github.com/zr9959/ai-saas-guard/blob/main/LICENSE",
+  "license_location_status": "Met",
+  "license_location_justification": "The license is in the top-level LICENSE file: https://github.com/zr9959/ai-saas-guard/blob/main/LICENSE",
+  "documentation_basics_status": "Met",
+  "documentation_basics_justification": "README.md and docs/ explain installation, commands, release quality, rules, GitHub Action use, and hosted design boundaries: https://github.com/zr9959/ai-saas-guard#quick-start",
+  "documentation_interface_status": "Met",
+  "documentation_interface_justification": "README.md documents CLI commands and outputs, while docs/github-action.md documents the GitHub Action interface: https://github.com/zr9959/ai-saas-guard#commands and https://github.com/zr9959/ai-saas-guard/blob/main/docs/github-action.md",
+  "sites_https_status": "Met",
+  "sites_https_justification": "The public repository, release assets, issue tracker, and npm package are served over HTTPS: https://github.com/zr9959/ai-saas-guard and https://www.npmjs.com/package/ai-saas-guard",
+  "discussion_status": "Met",
+  "discussion_justification": "The project uses GitHub Issues and pull requests for public discussion: https://github.com/zr9959/ai-saas-guard/issues",
+  "english_status": "Met",
+  "english_justification": "The default README, docs, issue templates, pull request template, and contribution guide are in English, and the repository also provides a Chinese README for Chinese users: https://github.com/zr9959/ai-saas-guard",
+  "maintained_status": "Met",
+  "maintained_justification": "The project is actively maintained with recent commits, releases, issue closure, and CI on main: https://github.com/zr9959/ai-saas-guard/commits/main",
+  "repo_public_status": "Met",
+  "repo_public_justification": "The source repository is public on GitHub: https://github.com/zr9959/ai-saas-guard",
+  "repo_track_status": "Met",
+  "repo_track_justification": "The repository uses git on GitHub, preserving source history, authorship, and timestamps: https://github.com/zr9959/ai-saas-guard/commits/main",
+  "repo_interim_status": "Met",
+  "repo_interim_justification": "Interim source history is public through normal git commits on main, not only final release snapshots: https://github.com/zr9959/ai-saas-guard/commits/main",
+  "repo_distributed_status": "Met",
+  "repo_distributed_justification": "The project uses git, a distributed version control system: https://github.com/zr9959/ai-saas-guard",
+  "version_unique_status": "Met",
+  "version_unique_justification": "Releases use unique npm versions and GitHub tags such as v0.24.0: https://github.com/zr9959/ai-saas-guard/releases and https://www.npmjs.com/package/ai-saas-guard",
+  "version_semver_status": "Met",
+  "version_semver_justification": "The npm package and GitHub tags use semantic versioning with vMAJOR.MINOR.PATCH tags: https://github.com/zr9959/ai-saas-guard/tags",
+  "version_tags_status": "Met",
+  "version_tags_justification": "GitHub release tags are used for versioned releases and Action consumption: https://github.com/zr9959/ai-saas-guard/tags",
+  "release_notes_status": "Met",
+  "release_notes_justification": "GitHub Releases provide release notes for published versions: https://github.com/zr9959/ai-saas-guard/releases",
+  "release_notes_vulns_status": "Met",
+  "release_notes_vulns_justification": "No public vulnerability fix releases are currently known; the release gate requires release notes and security impact notes for releases: https://github.com/zr9959/ai-saas-guard/blob/main/docs/release-quality-knowledge-base.md",
+  "report_process_status": "Met",
+  "report_process_justification": "GitHub issue templates and SECURITY.md explain how to report bugs, false positives, false negatives, rule requests, and security-sensitive issues: https://github.com/zr9959/ai-saas-guard/issues/new/choose and https://github.com/zr9959/ai-saas-guard/blob/main/SECURITY.md",
+  "report_tracker_status": "Met",
+  "report_tracker_justification": "The project uses GitHub Issues as the public issue tracker: https://github.com/zr9959/ai-saas-guard/issues",
+  "report_responses_status": "Met",
+  "report_responses_justification": "The current public issue set is closed or handled, and issue templates define the response channels: https://github.com/zr9959/ai-saas-guard/issues",
+  "enhancement_responses_status": "Met",
+  "enhancement_responses_justification": "Enhancement and roadmap issues are tracked and closed through GitHub Issues: https://github.com/zr9959/ai-saas-guard/issues?q=is%3Aissue+label%3Aenhancement",
+  "report_archive_status": "Met",
+  "report_archive_justification": "GitHub Issues preserves the public issue archive: https://github.com/zr9959/ai-saas-guard/issues?q=is%3Aissue",
+  "vulnerability_report_process_status": "Met",
+  "vulnerability_report_process_justification": "SECURITY.md describes when to use private vulnerability reporting and what public issues must not contain: https://github.com/zr9959/ai-saas-guard/blob/main/SECURITY.md",
+  "vulnerability_report_private_status": "Met",
+  "vulnerability_report_private_justification": "SECURITY.md points security-sensitive reports to GitHub private vulnerability reporting: https://github.com/zr9959/ai-saas-guard/blob/main/SECURITY.md",
+  "vulnerability_report_response_status": "N/A",
+  "vulnerability_report_response_justification": "No public vulnerability reports are currently known for this project; future security-sensitive reports are routed through GitHub private vulnerability reporting: https://github.com/zr9959/ai-saas-guard/blob/main/SECURITY.md",
+  "build_status": "Met",
+  "build_justification": "The project has a one-step build through npm scripts: npm run build: https://github.com/zr9959/ai-saas-guard/blob/main/package.json",
+  "build_common_tools_status": "Met",
+  "build_common_tools_justification": "The project uses common Node.js, npm, and TypeScript tooling: https://github.com/zr9959/ai-saas-guard/blob/main/package.json",
+  "build_floss_tools_status": "Met",
+  "build_floss_tools_justification": "The build uses FLOSS Node.js, npm, and TypeScript tooling declared in package.json: https://github.com/zr9959/ai-saas-guard/blob/main/package.json",
+  "test_status": "Met",
+  "test_justification": "The automated test suite is run by npm test: https://github.com/zr9959/ai-saas-guard/blob/main/package.json",
+  "test_invocation_status": "Met",
+  "test_invocation_justification": "npm test builds the project and runs Node tests, and npm run test:fuzz runs the fast-check fuzz/property suite: https://github.com/zr9959/ai-saas-guard/blob/main/package.json",
+  "test_continuous_integration_status": "Met",
+  "test_continuous_integration_justification": "GitHub Actions runs CI on pull requests and pushes to main: https://github.com/zr9959/ai-saas-guard/blob/main/.github/workflows/ci.yml",
+  "test_policy_status": "Met",
+  "test_policy_justification": "CONTRIBUTING.md requires tests for behavior changes and vulnerable plus safe fixtures for scanner rules: https://github.com/zr9959/ai-saas-guard/blob/main/CONTRIBUTING.md",
+  "tests_are_added_status": "Met",
+  "tests_are_added_justification": "The repository contains tests for scanner behavior, hosted contracts, GitHub Action behavior, docs guards, and fuzz/property checks: https://github.com/zr9959/ai-saas-guard/tree/main/tests",
+  "tests_documented_added_status": "Met",
+  "tests_documented_added_justification": "CONTRIBUTING.md documents when tests and fixtures must be added: https://github.com/zr9959/ai-saas-guard/blob/main/CONTRIBUTING.md",
+  "warnings_status": "Met",
+  "warnings_justification": "TypeScript strict mode is enabled and CI runs workflow static checks through actionlint and zizmor: https://github.com/zr9959/ai-saas-guard/blob/main/tsconfig.json and https://github.com/zr9959/ai-saas-guard/blob/main/.github/workflows/ci.yml",
+  "warnings_fixed_status": "Met",
+  "warnings_fixed_justification": "The release gate requires a clean build, test suite, workflow checks, self-scan, dependency audit, and package inspection before public release: https://github.com/zr9959/ai-saas-guard/blob/main/docs/release-quality-knowledge-base.md",
+  "warnings_strict_status": "Met",
+  "warnings_strict_justification": "TypeScript strict mode is enabled in tsconfig.json, and CI includes actionlint plus zizmor for workflow quality and security checks: https://github.com/zr9959/ai-saas-guard/blob/main/tsconfig.json",
+  "know_secure_design_status": "Met",
+  "know_secure_design_justification": "The docs and rule catalog document secure design concerns for auth, billing, data access, secrets, MCP, hosted privacy, webhook verification, and release gating: https://github.com/zr9959/ai-saas-guard/blob/main/docs/rules.md and https://github.com/zr9959/ai-saas-guard/blob/main/docs/github-app-design.md",
+  "know_common_errors_status": "Met",
+  "know_common_errors_justification": "The project focuses on common SaaS launch errors such as missing ownership checks, unsafe Stripe webhooks, broad Supabase policies, secret exposure, unsafe MCP tools, and risky deploy settings: https://github.com/zr9959/ai-saas-guard/blob/main/docs/rules.md",
+  "crypto_published_status": "Met",
+  "crypto_published_justification": "Hosted helper code uses documented GitHub App RS256 JWT signing and HMAC SHA-256 webhook verification patterns rather than custom cryptography: https://github.com/zr9959/ai-saas-guard/blob/main/src/hosted/production-adapters.ts and https://github.com/zr9959/ai-saas-guard/blob/main/src/hosted/contracts.ts",
+  "crypto_call_status": "Met",
+  "crypto_call_justification": "Cryptographic operations use Node.js standard crypto APIs and GitHub-documented algorithms for GitHub App JWTs and webhook verification: https://github.com/zr9959/ai-saas-guard/blob/main/src/hosted/production-adapters.ts and https://github.com/zr9959/ai-saas-guard/blob/main/src/hosted/contracts.ts",
+  "crypto_floss_status": "Met",
+  "crypto_floss_justification": "The project uses FLOSS Node.js runtime cryptography through standard APIs: https://github.com/zr9959/ai-saas-guard/blob/main/package.json",
+  "crypto_keylength_status": "Met",
+  "crypto_keylength_justification": "The hosted design relies on GitHub App private-key material generated and managed for GitHub App authentication and does not define custom key sizes or algorithms: https://github.com/zr9959/ai-saas-guard/blob/main/docs/github-app-design.md",
+  "crypto_working_status": "Met",
+  "crypto_working_justification": "The project uses current GitHub App RS256 JWT signing and HMAC SHA-256 webhook verification mechanisms, not obsolete custom algorithms: https://github.com/zr9959/ai-saas-guard/blob/main/docs/github-app-design.md",
+  "crypto_weaknesses_status": "Met",
+  "crypto_weaknesses_justification": "The project does not use intentionally weak algorithms such as MD5 or SHA-1 for security decisions; hosted verification uses HMAC SHA-256 and JWT signing uses RS256: https://github.com/zr9959/ai-saas-guard/blob/main/src/hosted/contracts.ts",
+  "crypto_pfs_status": "N/A",
+  "crypto_pfs_justification": "The local CLI does not implement TLS transport; public distribution is through HTTPS GitHub and npm endpoints: https://github.com/zr9959/ai-saas-guard",
+  "crypto_password_storage_status": "N/A",
+  "crypto_password_storage_justification": "The local CLI and hosted helper contracts do not store user passwords: https://github.com/zr9959/ai-saas-guard#privacy-model",
+  "crypto_random_status": "N/A",
+  "crypto_random_justification": "The project does not generate cryptographic random values for security decisions in the local CLI: https://github.com/zr9959/ai-saas-guard",
+  "delivery_mitm_status": "Met",
+  "delivery_mitm_justification": "Source, releases, and npm package distribution use HTTPS endpoints: https://github.com/zr9959/ai-saas-guard/releases and https://www.npmjs.com/package/ai-saas-guard",
+  "delivery_unsigned_status": "Met",
+  "delivery_unsigned_justification": "GitHub releases attach npm provenance-backed tarballs plus sigstore and in-toto provenance assets, and npm trusted publishing provides provenance: https://github.com/zr9959/ai-saas-guard/releases and https://github.com/zr9959/ai-saas-guard/blob/main/docs/repository-trust-hardening.md",
+  "vulnerabilities_fixed_60_days_status": "Met",
+  "vulnerabilities_fixed_60_days_justification": "No unresolved high or critical production dependency vulnerabilities are currently known; the release gate requires npm audit at high severity or above: https://github.com/zr9959/ai-saas-guard/blob/main/docs/release-quality-knowledge-base.md",
+  "vulnerabilities_critical_fixed_status": "Met",
+  "vulnerabilities_critical_fixed_justification": "No unresolved critical vulnerabilities are currently known; SECURITY.md and the release gate define the response and release evidence path: https://github.com/zr9959/ai-saas-guard/blob/main/SECURITY.md",
+  "no_leaked_credentials_status": "Met",
+  "no_leaked_credentials_justification": "The repository has secret scanning and push protection enabled, uses inert fixtures, and the release gate forbids real credentials: https://github.com/zr9959/ai-saas-guard/blob/main/docs/repository-trust-hardening.md",
+  "static_analysis_status": "Met",
+  "static_analysis_justification": "The repository runs CodeQL SAST and workflow static checks with actionlint and zizmor: https://github.com/zr9959/ai-saas-guard/blob/main/.github/workflows/codeql.yml and https://github.com/zr9959/ai-saas-guard/blob/main/.github/workflows/ci.yml",
+  "static_analysis_common_vulnerabilities_status": "Met",
+  "static_analysis_common_vulnerabilities_justification": "CodeQL analyzes JavaScript and TypeScript for common vulnerability patterns, and ai-saas-guard self-scan checks SaaS launch-specific risks: https://github.com/zr9959/ai-saas-guard/blob/main/.github/workflows/codeql.yml",
+  "static_analysis_fixed_status": "Met",
+  "static_analysis_fixed_justification": "The release gate requires CI, CodeQL, actionlint, zizmor, self-scan, dependency audit, and issue tracking for findings before release: https://github.com/zr9959/ai-saas-guard/blob/main/docs/release-quality-knowledge-base.md",
+  "static_analysis_often_status": "Met",
+  "static_analysis_often_justification": "CodeQL runs on pull requests, pushes to main, and a weekly schedule; CI workflow checks run on pull requests and pushes to main: https://github.com/zr9959/ai-saas-guard/blob/main/.github/workflows/codeql.yml",
+  "dynamic_analysis_status": "Met",
+  "dynamic_analysis_justification": "The project uses fast-check fuzz/property tests for attacker-controlled markdown, SARIF, and redaction paths: https://github.com/zr9959/ai-saas-guard/blob/main/tests/fuzz.test.js",
+  "dynamic_analysis_unsafe_status": "N/A",
+  "dynamic_analysis_unsafe_justification": "The project is implemented in TypeScript and JavaScript rather than memory-unsafe C or C++: https://github.com/zr9959/ai-saas-guard/blob/main/package.json",
+  "dynamic_analysis_fixed_status": "Met",
+  "dynamic_analysis_fixed_justification": "The fuzz/property tests are part of CI and the release gate requires tests to pass before release: https://github.com/zr9959/ai-saas-guard/blob/main/.github/workflows/ci.yml"
+}

package/CONTRIBUTING.md

@@ -0,0 +1,74 @@
+# Contributing
+
+`ai-saas-guard` is a local-first launch preflight CLI for AI-built SaaS repositories. Contributions should keep that promise narrow: find review-worthy launch risks, show evidence, and avoid broad security claims.
+
+## Pull Request Process
+
+1. Open an issue or comment on an existing issue before large feature work.
+2. Keep pull requests focused. Separate scanner behavior, docs, workflow changes, and release work when practical.
+3. Include tests for behavior changes. New scanner rules need a vulnerable fixture, a safe fixture, and assertions for both.
+4. Update documentation when behavior, commands, outputs, or release expectations change. If `README.md` changes, review and update `README.zh-CN.md` in the same pull request.
+5. Fill out the pull request template with release gate evidence and known limitations.
+
+## Local Development
+
+```bash
+npm ci
+npm test
+npm run build
+node dist/cli.js --help
+node dist/cli.js scan --root . --json
+```
+
+For release candidates or public repository changes, follow [docs/release-quality-knowledge-base.md](docs/release-quality-knowledge-base.md). The release gate is the source of truth for required checks, packaging inspection, dependency audit, self-scan evidence, and rollback notes.
+
+## Testing Expectations
+
+- Run `npm test` before sending a pull request.
+- Run `npm run test:fuzz` when changing markdown rendering, SARIF rendering, secret redaction, parser behavior, or other attacker-controlled text handling.
+- Keep fixtures public-safe and minimal.
+- Prefer deterministic tests over live external services.
+- Do not remove or weaken tests without explaining the review and replacement coverage.
+
+## Rule Design
+
+Scanner rules should be evidence-first:
+
+- stable rule ID
+- severity
+- file/path evidence
+- why the issue matters for a SaaS launch
+- suggested manual verification
+- practical fix direction
+- vulnerable fixture
+- safe fixture
+- public rule documentation
+
+Avoid turning the project into a generic SAST platform. The useful surface is AI-SaaS launch readiness: auth, billing, data access, secrets, MCP tools, deploy configuration, and risky pull request diffs.
+
+## Security And Public Safety
+
+- No real API keys, tokens, cookies, webhook signing secrets, database URLs, customer data, private source code, or private URLs.
+- Use inert fake values in fixtures and examples.
+- Do not add network calls to local scan commands unless a future feature is explicitly designed, documented, and tested as opt-in.
+- Do not add shell execution to scan commands unless it is explicit, narrow, and separately reviewed.
+- Public issues must stay safe to read. Use GitHub private vulnerability reporting for sensitive vulnerability details.
+
+## Coding Standards
+
+- Keep TypeScript strict and readable.
+- Prefer small, focused helpers over broad abstractions.
+- Keep CLI output useful for human reviewers and machine output parseable.
+- Redact secret-like evidence.
+- Bound resource use for repository scanning.
+- Keep GitHub Actions permissions minimal and avoid untrusted input interpolation in shell scripts.
+
+## Feedback Channels
+
+Use GitHub issues for bugs, false positives, false negatives, and rule requests:
+
+https://github.com/zr9959/ai-saas-guard/issues
+
+Use private vulnerability reporting for security-sensitive reports:
+
+https://github.com/zr9959/ai-saas-guard/security/advisories/new

package/README.md

@@ -18,6 +18,7 @@
 
 <p align="center">
   <a href="https://github.com/zr9959/ai-saas-guard/actions/workflows/ci.yml"><img alt="CI" src="https://github.com/zr9959/ai-saas-guard/actions/workflows/ci.yml/badge.svg"></a>
+  <a href="https://www.bestpractices.dev/projects/12955"><img alt="OpenSSF Best Practices" src="https://www.bestpractices.dev/projects/12955/badge"></a>
   <a href="https://www.npmjs.com/package/ai-saas-guard"><img alt="npm" src="https://img.shields.io/npm/v/ai-saas-guard.svg"></a>
   <a href="LICENSE"><img alt="License: MIT" src="https://img.shields.io/badge/license-MIT-blue.svg"></a>
   <a href="package.json"><img alt="Node.js >=20" src="https://img.shields.io/badge/node-%3E%3D20-339933.svg"></a>
@@ -36,6 +37,8 @@ The risky parts are often not the obvious UI bugs. They are the small changes th
 - Can a Stripe webhook grant access twice, miss a failed payment, or trust an unsigned request?
 - Did a public environment variable expose a secret?
 - Did an MCP tool get shell, database, or broad filesystem access?
+- Did AI-generated error handling return fake success or demo data after a real provider failed?
+- Will the Next/Vercel deploy have the headers, env docs, logging, and request behavior needed for launch?
 - Did a pull request hide auth, billing, or deploy changes inside a large AI-generated diff?
 
 `ai-saas-guard` is a local-first, review-first preflight for that moment. It does not try to prove your app is secure. It is not a pentest, certification, or full audit. It gives founders, solo builders, small teams, and reviewers a short, evidence-backed list of what to check before launch or merge.
@@ -73,15 +76,20 @@ The CLI is published on npm as `ai-saas-guard`, and the GitHub Action is availab
 | JSON and SARIF output | Available |
 | Composite GitHub Action | Available |
 | Project config | `.ai-saas-guard.json` rule toggles, severity overrides, and fail thresholds |
-| Versioned Action tags | `v0.24.0`, `v0` |
-| npm package | `ai-saas-guard@0.24.0` |
+| Versioned Action tags | `v0.26.0`, `v0` |
+| npm package | `ai-saas-guard@0.26.0` |
+| Current release | `0.26.0` launch-risk expansion |
 | npm publishing | Trusted Publisher/OIDC, no long-lived publish token |
-| Repository trust hardening | Branch protection, Dependabot, CodeQL, private vulnerability reporting, secret scanning, and push protection |
-| Runtime hardening | Per-file and total text scan caps, escaped markdown evidence, stricter hosted deployment blockers |
+| Repository trust hardening | Strict branch protection, Dependabot, CodeQL, fast-check fuzzing, signed release provenance assets, private vulnerability reporting, secret scanning, and push protection |
+| Runtime hardening | Per-file and total text scan caps, escaped markdown evidence, 1 MiB hosted webhook payload cap, stricter hosted deployment blockers |
 | Hosted production adapters | GitHub App JWT signing, installation-token request planning, bounded worker execution, and terminal-state cleanup planning |
 | Hosted app skeleton | Node/container HTTP ingress, health route, worker tick, in-memory provider adapters, and deployment plan validation |
 | Hosted staging deployment planner | Provider binding, staging release-gate evidence, Node/container deployment composition, and GitHub App promotion gating |
 | Hosted staging harness | File-backed webhook replay, queue/report/Check Run artifacts, worker cleanup verification, and local release-gate evidence fixtures |
+| Cloudflare hosted ingress | Deployed at `https://ai-saas-guard-hosted.zr9959.workers.dev`; Worker health and Check Run publisher configuration are live, but end-to-end GitHub App webhook delivery is still blocked pending private App settings verification |
+| Hosted operations evidence | Recorded in [docs/hosted-operations-evidence.md](docs/hosted-operations-evidence.md) |
+| Hosted GitHub App staging | Private App `ai-saas-guard-hosted` (`3834787`) installed on `zr9959/ai-saas-guard` with contents read, pull requests read, metadata read, and checks write |
+| OpenSSF Best Practices | Passing badge, project `12955`; `.bestpractices.json` remains the conservative evidence record |
 
 ## Quick Start
 
@@ -96,8 +104,11 @@ Run focused checks:
 ```bash
 npx ai-saas-guard@latest pr-risk --root /path/to/your-saas --base origin/main
 npx ai-saas-guard@latest check-supabase --root /path/to/your-saas
+npx ai-saas-guard@latest check-supabase --root /path/to/your-saas --doctor
 npx ai-saas-guard@latest check-stripe --root /path/to/your-saas
 npx ai-saas-guard@latest check-mcp --root /path/to/your-saas
+npx ai-saas-guard@latest check-mcp --root /path/to/your-saas --policy-template
+npx ai-saas-guard@latest check-actions --root /path/to/your-saas
 ```
 
 Machine-readable output:
@@ -127,6 +138,7 @@ node dist/cli.js pr-risk --root /path/to/your-saas --base origin/main
 node dist/cli.js check-supabase --root /path/to/your-saas
 node dist/cli.js check-stripe --root /path/to/your-saas
 node dist/cli.js check-mcp --root /path/to/your-saas
+node dist/cli.js check-actions --root /path/to/your-saas
 ```
 
 ## Example Finding
@@ -150,10 +162,12 @@ Evidence:
 | Secrets and env | Secret-like values, risky `NEXT_PUBLIC_*` exposure |
 | Stripe | Missing webhook route, unsigned webhook handling, parsed-body signature risk, missing idempotency, missing failure/cancel/update/refund paths |
 | Supabase | RLS disabled on sensitive tables, broad `USING`/`WITH CHECK`, tenant membership patterns, weak write checks, storage object policy scope |
+| Silent success | Swallowed provider errors, hardcoded fallback success, production mock/demo data in sensitive paths, temporary trust-boundary bypasses, skipped or placeholder tests |
 | API routes | Auth checks without obvious ownership guards, missing rate-limit hints on sensitive mutation routes |
-| MCP | Plaintext secrets, non-localhost binds, broad filesystem/write access, shell tools, raw SQL tools |
-| Deploy config | Next static export/runtime mismatches, Edge runtime with Node-only APIs, missing important env documentation |
-| PR risk | Auth, billing, RLS, env, deploy, API, storage, test-removal, and large mixed-diff classification |
+| MCP | Plaintext secrets, non-localhost binds, broad filesystem/write access, shell tools, raw SQL tools, side-effect classification, local policy and receipt template |
+| Next/Vercel deploy | Static export/runtime mismatches, Edge runtime with Node-only APIs, missing security headers, undocumented server env, public env inventory, image/request amplification hints, missing request ID logging |
+| GitHub Actions | Broad workflow permissions, stale PR runs, docs-only full CI, missing fail-fast secret checks, shallow `pr-risk` checkout, unpinned Action refs |
+| PR risk | Auth, billing, RLS, env, deploy, API, storage, silent-success, test-removal, missing spec context, and large mixed-diff classification |
 
 See [docs/rules.md](docs/rules.md) for the full rule map.
 
@@ -194,9 +208,10 @@ If `--base` cannot be resolved, `pr-risk` emits `pr-risk.diff-unavailable` inste
 | --- | --- |
 | `scan` | Broad local launch preflight across secrets, Stripe, Supabase, MCP, API routes, and deploy config |
 | `pr-risk` | Classify the current git diff or a base branch diff for review priority; supports JSON, SARIF, and PR-focused markdown |
-| `check-supabase` | Inspect migrations and policy files for RLS and ownership risks |
+| `check-supabase` | Inspect migrations and policy files for RLS and ownership risks; use `--doctor` for static RLS debugging steps and SQL cookbook output |
 | `check-stripe` | Inspect webhook handlers and billing lifecycle coverage |
-| `check-mcp` | Inventory MCP configs and classify side effects |
+| `check-mcp` | Inventory MCP configs and classify side effects; use `--policy-template` for a local allow/deny policy and tool-call receipt format |
+| `check-actions` | Inspect GitHub Actions hygiene that affects AI-built SaaS launch readiness |
 
 ## Launch Readiness Checklist
 
@@ -204,7 +219,13 @@ Use [docs/launch-readiness-checklist.md](docs/launch-readiness-checklist.md) whe
 
 ## Repository Trust Hardening
 
-See [docs/repository-trust-hardening.md](docs/repository-trust-hardening.md) for the public repository controls behind this release line: branch protection, required CI checks, Dependabot for npm and GitHub Actions, CodeQL SAST, private vulnerability reporting, secret scanning, and push protection.
+See [docs/repository-trust-hardening.md](docs/repository-trust-hardening.md) for the public repository controls behind this release line: strict branch protection, required CI checks, Dependabot for npm and GitHub Actions, CodeQL SAST, fast-check fuzz/property tests, signed GitHub release assets backed by npm trusted publishing provenance, private vulnerability reporting, secret scanning, and push protection.
+
+The latest GitHub releases mirror the npm package tarball and attach `*.tgz.sigstore.json` plus `*.tgz.intoto.jsonl` provenance assets. These assets are generated from npm provenance, with the tarball digest checked against the npm registry metadata before upload.
+
+The current Scorecard improvement track focuses on real controls, not cosmetic score gaming: stricter review gates, detectable fuzzing, and the OpenSSF Best Practices Badge process. Some Scorecard items, such as repository age, contributor diversity, and reviewed PR history, improve only through time and normal public maintenance.
+
+The repository now has an [OpenSSF Best Practices passing badge](https://www.bestpractices.dev/projects/12955). [.bestpractices.json](.bestpractices.json) remains the conservative evidence record for the public project entry. `dynamic_analysis_enable_assertions` is still intentionally marked unmet until runtime assertion coverage is broader than the current test, property, and fuzz assertions.
 
 ## Stripe Webhook Replay
 
@@ -230,6 +251,8 @@ The hosted staging deployment planner is documented in [docs/hosted-staging-depl
 
 The hosted staging harness is documented in [docs/hosted-staging-harness.md](docs/hosted-staging-harness.md). It exports `createFileBackedHostedStagingHarness` and `createHostedStagingHarnessEvidence` from `ai-saas-guard/hosted/staging-harness`. It runs signed webhook replay through the provider-independent hosted runtime with local file-backed queue, compact report, and Check Run adapters, then verifies worker sandbox cleanup. It is a staging rehearsal tool only; it does not call cloud providers, create a GitHub App, publish live Check Runs, or expose a public hosted service.
 
+The first live hosted ingress is deployed on Cloudflare Workers at `https://ai-saas-guard-hosted.zr9959.workers.dev` and documented in [hosted/cloudflare-worker/README.md](hosted/cloudflare-worker/README.md). It exposes `/healthz`, `/github/app/manifest-callback`, and signed `/github/webhook` intake backed by Cloudflare KV. A private staging GitHub App, `ai-saas-guard-hosted`, is installed on `zr9959/ai-saas-guard` with selected-repository access and the first-slice permission contract. The Worker can verify signatures, store compact pull request identity records, exchange a scoped installation token, fetch PR file metadata from GitHub, classify PR-risk hotspots, and publish a bounded Check Run summary. Current deployed evidence is tracked in [docs/hosted-operations-evidence.md](docs/hosted-operations-evidence.md): health and Check Run publisher configuration pass, but end-to-end GitHub App webhook delivery is still blocked until the private App webhook settings are verified. It still does not run a full source checkout scan worker or store raw webhook payloads, PR title/body text, raw diffs, source, secrets, checkout paths, or installation tokens.
+
 The hosted operational release gate is documented in [docs/hosted-operational-release-gate.md](docs/hosted-operational-release-gate.md). It defines the hosted-specific CI, replay, queue, worker cleanup, privacy, monitoring, rollback, and incident-response evidence required before any hosted environment is exposed to users. The pure gate evaluator exported from `ai-saas-guard/hosted/contracts` blocks hosted exposure unless every P0 evidence item is fresh, a container digest is recorded, and release notes avoid pentest, certification, and full-audit claims.
 
 Hosted uninstall and data deletion behavior is documented in [docs/hosted-uninstall-data-deletion.md](docs/hosted-uninstall-data-deletion.md). It defines repository removal, full app uninstall, compact report deletion, queue cancellation, audit record retention, repeated cleanup, and user-facing deletion wording.
@@ -276,7 +299,7 @@ Use `suppressions` for narrower false-positive handling when one rule is noisy o
 
 ## GitHub Action
 
-The repo includes a composite Action. Use `v0` for the latest compatible pre-1.0 Action, a specific release tag such as `v0.24.0` for controlled upgrades, or pin a reviewed commit SHA for stricter supply-chain control:
+The repo includes a composite Action. Use `v0` for the latest compatible pre-1.0 Action, a specific release tag such as `v0.26.0` for controlled upgrades, or pin a reviewed commit SHA for stricter supply-chain control:
 
 ```yaml
 name: ai-saas-guard
@@ -393,6 +416,8 @@ node dist/cli.js scan --root .
 
 Before publishing a CLI update, GitHub Action update, npm package, plugin, or public repository change, follow [docs/release-quality-knowledge-base.md](docs/release-quality-knowledge-base.md).
 
+Contribution expectations are documented in [CONTRIBUTING.md](CONTRIBUTING.md), including pull request process, tests, rule-design requirements, release gate evidence, and public-safety constraints.
+
 ## Roadmap
 
 Open-source core:

package/README.zh-CN.md

@@ -16,6 +16,14 @@
   <a href="README.md">English README</a> | 中文
 </p>
 
+<p align="center">
+  <a href="https://github.com/zr9959/ai-saas-guard/actions/workflows/ci.yml"><img alt="CI" src="https://github.com/zr9959/ai-saas-guard/actions/workflows/ci.yml/badge.svg"></a>
+  <a href="https://www.bestpractices.dev/projects/12955"><img alt="OpenSSF Best Practices" src="https://www.bestpractices.dev/projects/12955/badge"></a>
+  <a href="https://www.npmjs.com/package/ai-saas-guard"><img alt="npm" src="https://img.shields.io/npm/v/ai-saas-guard.svg"></a>
+  <a href="LICENSE"><img alt="License: MIT" src="https://img.shields.io/badge/license-MIT-blue.svg"></a>
+  <a href="package.json"><img alt="Node.js >=20" src="https://img.shields.io/badge/node-%3E%3D20-339933.svg"></a>
+</p>
+
 ---
 
 ## 它解决什么问题
@@ -28,6 +36,8 @@ AI 能很快把一个 SaaS 从想法做成可运行的产品。真正难的是
 - Stripe webhook 会不会重复开通权限、漏处理付款失败，或者信任未签名请求？
 - `NEXT_PUBLIC_*` 里是不是不小心暴露了 secret？
 - MCP 工具是不是拿到了 shell、数据库或过宽的文件系统权限？
+- AI 生成的错误处理会不会在真实服务失败后仍然返回“成功”或 demo 数据？
+- Next/Vercel 上线前是不是缺 security headers、env 文档、请求日志或高请求量风险提示？
 - AI 生成的大 PR 里，是不是把 auth、billing 或 deploy 改动藏在 UI 调整中？
 
 `ai-saas-guard` 是面向这个时刻的本地优先、review-first 上线预检工具。它不会证明你的应用绝对安全，也不是渗透测试、认证或完整安全审计。它的目标是给 founder、独立开发者、小团队和 reviewer 一份短而有证据的清单，告诉你上线或合并 PR 前最该先看哪里。
@@ -55,7 +65,7 @@ AI 能很快把一个 SaaS 从想法做成可运行的产品。真正难的是
 
 这个仓库是公开 GitHub 仓库。
 
-CLI 已发布到 npm：`ai-saas-guard@0.24.0`。GitHub Action 支持 `v0` 浮动标签，也支持固定版本标签，例如 `v0.24.0`。
+CLI 已发布到 npm：`ai-saas-guard@0.26.0`。GitHub Action 支持 `v0` 浮动标签，也支持固定版本标签，例如 `v0.26.0`。
 
 | 模块 | 状态 |
 | --- | --- |
@@ -66,15 +76,19 @@ CLI 已发布到 npm：`ai-saas-guard@0.24.0`。GitHub Action 支持 `v0` 浮动
 | Markdown PR summary | 已可用 |
 | GitHub Action | 已可用 |
 | 项目配置 | `.ai-saas-guard.json` 支持规则开关、severity 覆盖和 fail threshold |
-| 当前版本 | `0.24.0` |
-| Action 标签 | `v0.24.0`、`v0` |
+| 当前版本 | `0.26.0` launch-risk expansion |
+| Action 标签 | `v0.26.0`、`v0` |
 | npm 发布 | GitHub Actions Trusted Publisher/OIDC，无需长期 npm token |
-| 仓库可信度加固 | branch protection、Dependabot、CodeQL、private vulnerability reporting、secret scanning 和 push protection |
-| 运行时加固 | 单文件和总扫描文本预算、markdown evidence 转义、更严格的 hosted deployment 阻断 |
+| 仓库可信度加固 | 严格 branch protection、Dependabot、CodeQL、fast-check fuzzing、signed release provenance assets、private vulnerability reporting、secret scanning 和 push protection |
+| 运行时加固 | 单文件和总扫描文本预算、markdown evidence 转义、1 MiB hosted webhook payload 上限、更严格的 hosted deployment 阻断 |
 | Hosted production adapters | GitHub App JWT 签名、installation-token 请求规划、有边界的 worker 执行和终态 cleanup 规划 |
 | Hosted app skeleton | Node/container HTTP ingress、health route、worker tick、in-memory provider adapters 和 deployment plan 校验 |
 | Hosted staging deployment planner | provider binding、staging release-gate evidence、Node/container deployment 组合和 GitHub App promotion gating |
 | Hosted staging harness | 本地 file-backed webhook replay、queue/report/Check Run artifact、worker cleanup 校验和 release-gate evidence fixture |
+| Cloudflare hosted ingress | 已部署到 `https://ai-saas-guard-hosted.zr9959.workers.dev`；Worker health 和 Check Run publisher 配置已在线，但端到端 GitHub App webhook delivery 仍需要验证私有 App 设置 |
+| Hosted operations evidence | 已记录在 [docs/hosted-operations-evidence.md](docs/hosted-operations-evidence.md) |
+| Hosted GitHub App staging | 私有 App `ai-saas-guard-hosted`（`3834787`）已安装到 `zr9959/ai-saas-guard`，权限为 contents read、pull requests read、metadata read、checks write |
+| OpenSSF Best Practices | 已获得 passing badge，项目 `12955`；`.bestpractices.json` 继续作为保守证据记录 |
 
 ## 快速开始
 
@@ -89,8 +103,11 @@ npx ai-saas-guard@latest scan --root /path/to/your-saas
 ```bash
 npx ai-saas-guard@latest pr-risk --root /path/to/your-saas --base origin/main
 npx ai-saas-guard@latest check-supabase --root /path/to/your-saas
+npx ai-saas-guard@latest check-supabase --root /path/to/your-saas --doctor
 npx ai-saas-guard@latest check-stripe --root /path/to/your-saas
 npx ai-saas-guard@latest check-mcp --root /path/to/your-saas
+npx ai-saas-guard@latest check-mcp --root /path/to/your-saas --policy-template
+npx ai-saas-guard@latest check-actions --root /path/to/your-saas
 ```
 
 机器可读输出：
@@ -117,9 +134,10 @@ node dist/cli.js scan --root /path/to/your-saas
 | --- | --- |
 | `scan` | 对 secrets、Stripe、Supabase、MCP、API routes、deploy config 做整体上线预检 |
 | `pr-risk` | 分析当前 git diff 或指定 base branch diff，判断哪些文件和风险面应该先 review |
-| `check-supabase` | 检查 migration 和 policy 文件里的 RLS、ownership、storage policy 风险 |
+| `check-supabase` | 检查 migration 和 policy 文件里的 RLS、ownership、storage policy 风险；`--doctor` 输出静态 RLS 调试步骤和 SQL cookbook |
 | `check-stripe` | 检查 webhook 签名、raw body、幂等、订阅生命周期和 entitlement 更新路径 |
-| `check-mcp` | 检查 MCP 配置里的 secret、非 localhost 绑定、shell/db/filesystem 等副作用 |
+| `check-mcp` | 检查 MCP 配置里的 secret、非 localhost 绑定、shell/db/filesystem 等副作用；`--policy-template` 输出本地 allow/deny policy 和 tool-call receipt 格式 |
+| `check-actions` | 检查和 AI-built SaaS 上线有关的 GitHub Actions hygiene |
 
 ## 它会检查什么
 
@@ -128,16 +146,24 @@ node dist/cli.js scan --root /path/to/your-saas
 | Secrets 和 env | 类似密钥的字符串、危险的 `NEXT_PUBLIC_*` 暴露 |
 | Stripe | webhook 缺失、未验证签名、raw body 签名风险、缺幂等、缺失败/取消/退款/更新处理 |
 | Supabase | 敏感表没启用 RLS、policy 过宽、缺少 ownership filter、`WITH CHECK` 过弱、storage object policy 过宽 |
+| Silent success | 捕获错误后返回假成功、敏感路径里的 hardcoded fallback、production 路径引入 mock/demo data、临时绕过 auth/webhook/ownership、跳过或占位测试 |
 | API routes | 有 auth 但缺少明显 ownership guard，敏感 mutation route 缺少 rate-limit 提示 |
-| MCP | 明文 secret、非 localhost 绑定、过宽文件系统权限、shell 工具、raw SQL 工具 |
-| Deploy config | Next static export 和 API route 冲突、Edge runtime 使用 Node-only API、关键 env 文档缺失 |
-| PR risk | auth、billing、RLS、env、deploy、API、storage、测试删除、大型混合 diff |
+| MCP | 明文 secret、非 localhost 绑定、过宽文件系统权限、shell 工具、raw SQL 工具、side-effect 分类、本地 policy/receipt 模板 |
+| Next/Vercel deploy | Next static export 和 API route 冲突、Edge runtime 使用 Node-only API、security headers 缺失、server env 文档缺失、public env 盘点、image/request 放大风险、request ID logging 缺失 |
+| GitHub Actions | workflow 权限过宽、PR workflow 缺 concurrency cancel、docs-only 改动跑全量 CI、secret/tool version 缺 fail-fast、`pr-risk` checkout 太浅、Action 未 pin SHA |
+| PR risk | auth、billing、RLS、env、deploy、API、storage、silent-success、测试删除、缺 spec/context、大型混合 diff |
 
 完整规则请看 [docs/rules.md](docs/rules.md)。
 
 ## 仓库可信度加固
 
-公开仓库的维护和发布控制见 [docs/repository-trust-hardening.md](docs/repository-trust-hardening.md)。当前已经配置 branch protection、required CI checks、Dependabot npm/GitHub Actions 更新、CodeQL SAST、private vulnerability reporting、secret scanning 和 push protection。
+公开仓库的维护和发布控制见 [docs/repository-trust-hardening.md](docs/repository-trust-hardening.md)。当前已经配置严格 branch protection、required CI checks、Dependabot npm/GitHub Actions 更新、CodeQL SAST、fast-check fuzz/property tests、基于 npm trusted publishing provenance 的 signed GitHub release assets、private vulnerability reporting、secret scanning 和 push protection。
+
+最新 GitHub releases 会镜像 npm package tarball，并附带 `*.tgz.sigstore.json` 和 `*.tgz.intoto.jsonl` provenance assets。上传前会用 npm registry metadata 校验 tarball digest，并使用 npm provenance 作为来源。
+
+当前 Scorecard 提升路线优先做真实控制，不做表面刷分：更严格的 review gate、可被检测到的 fuzzing、以及 OpenSSF Best Practices Badge 流程。仓库年龄、贡献者多样性、已 review 的 PR 历史这些分数只能随着真实维护逐步提升。
+
+仓库现在已经获得 [OpenSSF Best Practices passing badge](https://www.bestpractices.dev/projects/12955)。[.bestpractices.json](.bestpractices.json) 继续作为公开项目条目的保守证据记录。`dynamic_analysis_enable_assertions` 仍然谨慎标为 unmet，直到运行时断言覆盖面超过当前测试、property 和 fuzz assertions。
 
 ## PR 风险分流
 
@@ -249,7 +275,7 @@ jobs:
 
 ## Hosted GitHub App 设计
 
-当前仓库已经包含未来 Hosted GitHub App 的设计文档和纯契约测试，但还没有部署真实 hosted 服务。
+当前仓库已经包含未来 Hosted GitHub App 的设计文档、纯契约测试，以及第一个真实 Cloudflare hosted ingress。私有 staging GitHub App `ai-saas-guard-hosted` 已安装到 `zr9959/ai-saas-guard`，Cloudflare 已配置所需的云端凭据绑定。Worker 代码已经能接收签名 webhook、写入 KV 队列、换取 scoped installation token、读取 GitHub PR file metadata、做 compact PR-risk classification，并发布有长度上限的 Check Run summary；但当前端到端 GitHub App webhook delivery smoke 还被私有 App webhook 设置阻断，证据记录在 [docs/hosted-operations-evidence.md](docs/hosted-operations-evidence.md)。它还不是完整 source checkout scan worker。
 
 相关文档：
 
@@ -278,6 +304,7 @@ jobs:
 - Hosted Node/container app skeleton：`ai-saas-guard/hosted/app` 导出 `createHostedHttpApp`、`createInMemoryHostedAppPlatform` 和 `planHostedNodeContainerDeployment`，提供安全 `/healthz`、签名 `/github/webhook` ingress、单 job worker tick、测试用 in-memory provider adapters，以及 secret manager、queue、compact report store、worker sandbox、GitHub Checks publisher 的部署引用校验；它本身仍然不部署或暴露公开 hosted 服务
 - Hosted staging deployment planner：`ai-saas-guard/hosted/staging` 导出 `planHostedProviderBinding`、`planHostedStagingDeployment` 和 `planHostedGitHubAppPromotion`，把真实 provider 引用、Node/container deployment plan、hosted operational release-gate evidence 和 GitHub App deployment planning 组合起来；缺少 queue、store、worker sandbox、Check Run publisher、logs、metrics、rollback 或 incident-response 引用时，会阻止 staging exposure 和 production promotion；它本身仍然不会调用云平台、创建 GitHub App 或暴露公开 hosted 服务
 - Hosted staging harness：`ai-saas-guard/hosted/staging-harness` 导出 `createFileBackedHostedStagingHarness` 和 `createHostedStagingHarnessEvidence`，可以在本地用 file-backed queue、compact report、Check Run request 和 worker sandbox 跑通签名 webhook replay、worker tick 和 cleanup 校验；它只是 staging 演练工具，不会调用云平台、创建 GitHub App、写真实 Check Run 或暴露公开 hosted 服务
+- Cloudflare hosted ingress：`hosted/cloudflare-worker` 已部署到 `https://ai-saas-guard-hosted.zr9959.workers.dev`，提供 `/healthz`、`/github/app/manifest-callback` 和签名 `/github/webhook` intake；Worker 已具备 compact pull request identity、file/category risk signal 和 Check Run metadata 路径；staging GitHub App ID 为 `3834787`，installation ID 为 `135085075`；真实 GitHub App webhook delivery、完整 source checkout scan worker、monitoring、rollback 和 incident-response evidence 仍需要通过 hosted operational release gate
 - webhook event parser
 - check-run summary renderer
 - Check Run publication planner：要求 repository `checks: write`，只从 compact report 生成有长度上限的 Check Run payload，包含 review categories、优先 review 文件、verification steps 和本地 CLI 复现命令；MVP 不发 PR comment
@@ -316,6 +343,8 @@ node dist/cli.js scan --root .
 
 以后更新英文 `README.md` 时，也要同步检查并更新本中文 `README.zh-CN.md`。
 
+贡献要求见 [CONTRIBUTING.md](CONTRIBUTING.md)，里面说明了 PR 流程、测试要求、规则设计、release gate evidence 和公开安全边界。
+
 ## 安全报告
 
 报告漏洞前请阅读 [SECURITY.md](SECURITY.md)。不要在公开 issue 中发布真实 API key、客户数据、私有源码或生产 URL。

package/action.yml

@@ -4,7 +4,7 @@ author: ai-saas-guard
 
 inputs:
   command:
-    description: "Command to run: scan, check-supabase, check-stripe, check-mcp, or pr-risk."
+    description: "Command to run: scan, check-supabase, check-stripe, check-mcp, check-actions, or pr-risk."
     required: false
     default: scan
   root:
@@ -59,7 +59,7 @@ runs:
         set -o pipefail
 
         case "${INPUT_COMMAND}" in
-          scan|check-supabase|check-stripe|check-mcp|pr-risk) ;;
+          scan|check-supabase|check-stripe|check-mcp|check-actions|pr-risk) ;;
           *)
             echo "Invalid command input: ${INPUT_COMMAND}" >&2
             exit 2

package/dist/cli.js

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 import { resolve } from "node:path";
 import { applyGuardConfig, loadGuardConfig } from "./config.js";
-import { checkMcp, checkStripe, checkSupabase, classifyPrRisk, scanRepository } from "./index.js";
+import { checkActions, checkMcp, checkStripe, checkSupabase, classifyPrRisk, scanRepository } from "./index.js";
 import { formatJsonReport } from "./report/json.js";
 import { formatMarkdownReport } from "./report/markdown.js";
 import { formatSarifReport } from "./report/sarif.js";
@@ -19,13 +19,16 @@ async function main(argv) {
             report = await scanRepository({ rootDir: args.rootDir });
             break;
         case "check-supabase":
-            report = await checkSupabase({ rootDir: args.rootDir });
+            report = await checkSupabase({ rootDir: args.rootDir, doctor: args.doctor });
             break;
         case "check-stripe":
             report = await checkStripe({ rootDir: args.rootDir });
             break;
         case "check-mcp":
-            report = await checkMcp({ rootDir: args.rootDir });
+            report = await checkMcp({ rootDir: args.rootDir, policyTemplate: args.policyTemplate });
+            break;
+        case "check-actions":
+            report = await checkActions({ rootDir: args.rootDir });
             break;
         case "pr-risk":
             report = await classifyPrRisk({ rootDir: args.rootDir, base: args.base });
@@ -107,6 +110,14 @@ function parseArgs(argv) {
             index += 1;
             continue;
         }
+        if (arg === "--doctor") {
+            result.doctor = true;
+            continue;
+        }
+        if (arg === "--policy-template") {
+            result.policyTemplate = true;
+            continue;
+        }
         if (arg === "-h" || arg === "--help") {
             result.command = "help";
             continue;
@@ -154,9 +165,10 @@ Repo-local launch-readiness scanner for AI-built SaaS apps.
 
 Usage:
   ai-saas-guard scan [--root <repo>] [--config <file>] [--json|--sarif] [--fail-on <severity>]
-  ai-saas-guard check-supabase [--root <repo>] [--config <file>] [--json|--sarif] [--fail-on <severity>]
+  ai-saas-guard check-supabase [--root <repo>] [--config <file>] [--doctor] [--json|--sarif] [--fail-on <severity>]
   ai-saas-guard check-stripe [--root <repo>] [--config <file>] [--json|--sarif] [--fail-on <severity>]
-  ai-saas-guard check-mcp [--root <repo>] [--config <file>] [--json|--sarif] [--fail-on <severity>]
+  ai-saas-guard check-mcp [--root <repo>] [--config <file>] [--policy-template] [--json|--sarif] [--fail-on <severity>]
+  ai-saas-guard check-actions [--root <repo>] [--config <file>] [--json|--sarif] [--fail-on <severity>]
   ai-saas-guard pr-risk [--root <repo>] [--config <file>] [--base <branch>] [--json|--sarif|--markdown] [--fail-on <severity>]
 
 Defaults:

package/dist/commands/checkActions.d.ts

@@ -0,0 +1,2 @@
+import type { ActionsReport, ScanOptions } from "../types.js";
+export declare function checkActions(options: ScanOptions): Promise<ActionsReport>;

package/dist/commands/checkActions.js

@@ -0,0 +1,4 @@
+import { checkActions as runActionsScanner } from "../scanners/actions.js";
+export function checkActions(options) {
+    return runActionsScanner(options.rootDir);
+}

package/dist/commands/checkMcp.d.ts

@@ -1,2 +1,2 @@
-import type { McpReport, ScanOptions } from "../types.js";
-export declare function checkMcp(options: ScanOptions): Promise<McpReport>;
+import type { McpOptions, McpReport } from "../types.js";
+export declare function checkMcp(options: McpOptions): Promise<McpReport>;

package/dist/commands/checkMcp.js

@@ -1,4 +1,4 @@
 import { checkMcp as runMcpScanner } from "../scanners/mcp.js";
 export function checkMcp(options) {
-    return runMcpScanner(options.rootDir);
+    return runMcpScanner(options.rootDir, { policyTemplate: options.policyTemplate });
 }

package/dist/commands/checkSupabase.d.ts

@@ -1,2 +1,2 @@
-import type { ScanOptions, SupabaseReport } from "../types.js";
-export declare function checkSupabase(options: ScanOptions): Promise<SupabaseReport>;
+import type { SupabaseOptions, SupabaseReport } from "../types.js";
+export declare function checkSupabase(options: SupabaseOptions): Promise<SupabaseReport>;