ai-saas-guard 0.25.0 → 0.26.1

package/README.md

@@ -37,6 +37,8 @@ The risky parts are often not the obvious UI bugs. They are the small changes th
 - Can a Stripe webhook grant access twice, miss a failed payment, or trust an unsigned request?
 - Did a public environment variable expose a secret?
 - Did an MCP tool get shell, database, or broad filesystem access?
+- Did AI-generated error handling return fake success or demo data after a real provider failed?
+- Will the Next/Vercel deploy have the headers, env docs, logging, and request behavior needed for launch?
 - Did a pull request hide auth, billing, or deploy changes inside a large AI-generated diff?
 
 `ai-saas-guard` is a local-first, review-first preflight for that moment. It does not try to prove your app is secure. It is not a pentest, certification, or full audit. It gives founders, solo builders, small teams, and reviewers a short, evidence-backed list of what to check before launch or merge.
@@ -74,8 +76,9 @@ The CLI is published on npm as `ai-saas-guard`, and the GitHub Action is availab
 | JSON and SARIF output | Available |
 | Composite GitHub Action | Available |
 | Project config | `.ai-saas-guard.json` rule toggles, severity overrides, and fail thresholds |
-| Versioned Action tags | `v0.25.0`, `v0` |
-| npm package | `ai-saas-guard@0.25.0` |
+| Versioned Action tags | `v0.26.1`, `v0` |
+| npm package | `ai-saas-guard@0.26.1` |
+| Current release | `0.26.1` launch-risk expansion |
 | npm publishing | Trusted Publisher/OIDC, no long-lived publish token |
 | Repository trust hardening | Strict branch protection, Dependabot, CodeQL, fast-check fuzzing, signed release provenance assets, private vulnerability reporting, secret scanning, and push protection |
 | Runtime hardening | Per-file and total text scan caps, escaped markdown evidence, 1 MiB hosted webhook payload cap, stricter hosted deployment blockers |
@@ -83,7 +86,8 @@ The CLI is published on npm as `ai-saas-guard`, and the GitHub Action is availab
 | Hosted app skeleton | Node/container HTTP ingress, health route, worker tick, in-memory provider adapters, and deployment plan validation |
 | Hosted staging deployment planner | Provider binding, staging release-gate evidence, Node/container deployment composition, and GitHub App promotion gating |
 | Hosted staging harness | File-backed webhook replay, queue/report/Check Run artifacts, worker cleanup verification, and local release-gate evidence fixtures |
-| Cloudflare hosted ingress | Deployed at `https://ai-saas-guard-hosted.zr9959.workers.dev` for signed GitHub webhook intake and KV queueing; scan workers and Check Runs are still gated |
+| Cloudflare hosted ingress | Deployed at `https://ai-saas-guard-hosted.zr9959.workers.dev`; Worker health and Check Run publisher configuration are live, but end-to-end GitHub App webhook delivery is still blocked pending private App settings verification |
+| Hosted operations evidence | Recorded in [docs/hosted-operations-evidence.md](docs/hosted-operations-evidence.md) |
 | Hosted GitHub App staging | Private App `ai-saas-guard-hosted` (`3834787`) installed on `zr9959/ai-saas-guard` with contents read, pull requests read, metadata read, and checks write |
 | OpenSSF Best Practices | Passing badge, project `12955`; `.bestpractices.json` remains the conservative evidence record |
 
@@ -100,8 +104,11 @@ Run focused checks:
 ```bash
 npx ai-saas-guard@latest pr-risk --root /path/to/your-saas --base origin/main
 npx ai-saas-guard@latest check-supabase --root /path/to/your-saas
+npx ai-saas-guard@latest check-supabase --root /path/to/your-saas --doctor
 npx ai-saas-guard@latest check-stripe --root /path/to/your-saas
 npx ai-saas-guard@latest check-mcp --root /path/to/your-saas
+npx ai-saas-guard@latest check-mcp --root /path/to/your-saas --policy-template
+npx ai-saas-guard@latest check-actions --root /path/to/your-saas
 ```
 
 Machine-readable output:
@@ -131,6 +138,7 @@ node dist/cli.js pr-risk --root /path/to/your-saas --base origin/main
 node dist/cli.js check-supabase --root /path/to/your-saas
 node dist/cli.js check-stripe --root /path/to/your-saas
 node dist/cli.js check-mcp --root /path/to/your-saas
+node dist/cli.js check-actions --root /path/to/your-saas
 ```
 
 ## Example Finding
@@ -154,10 +162,12 @@ Evidence:
 | Secrets and env | Secret-like values, risky `NEXT_PUBLIC_*` exposure |
 | Stripe | Missing webhook route, unsigned webhook handling, parsed-body signature risk, missing idempotency, missing failure/cancel/update/refund paths |
 | Supabase | RLS disabled on sensitive tables, broad `USING`/`WITH CHECK`, tenant membership patterns, weak write checks, storage object policy scope |
+| Silent success | Swallowed provider errors, hardcoded fallback success, production mock/demo data in sensitive paths, temporary trust-boundary bypasses, skipped or placeholder tests |
 | API routes | Auth checks without obvious ownership guards, missing rate-limit hints on sensitive mutation routes |
-| MCP | Plaintext secrets, non-localhost binds, broad filesystem/write access, shell tools, raw SQL tools |
-| Deploy config | Next static export/runtime mismatches, Edge runtime with Node-only APIs, missing important env documentation |
-| PR risk | Auth, billing, RLS, env, deploy, API, storage, test-removal, and large mixed-diff classification |
+| MCP | Plaintext secrets, non-localhost binds, broad filesystem/write access, shell tools, raw SQL tools, side-effect classification, local policy and receipt template |
+| Next/Vercel deploy | Static export/runtime mismatches, Edge runtime with Node-only APIs, missing security headers, undocumented server env, public env inventory, image/request amplification hints, missing request ID logging |
+| GitHub Actions | Broad workflow permissions, stale PR runs, docs-only full CI, missing fail-fast secret checks, shallow `pr-risk` checkout, unpinned Action refs |
+| PR risk | Auth, billing, RLS, env, deploy, API, storage, silent-success, test-removal, missing spec context, and large mixed-diff classification |
 
 See [docs/rules.md](docs/rules.md) for the full rule map.
 
@@ -198,9 +208,10 @@ If `--base` cannot be resolved, `pr-risk` emits `pr-risk.diff-unavailable` inste
 | --- | --- |
 | `scan` | Broad local launch preflight across secrets, Stripe, Supabase, MCP, API routes, and deploy config |
 | `pr-risk` | Classify the current git diff or a base branch diff for review priority; supports JSON, SARIF, and PR-focused markdown |
-| `check-supabase` | Inspect migrations and policy files for RLS and ownership risks |
+| `check-supabase` | Inspect migrations and policy files for RLS and ownership risks; use `--doctor` for static RLS debugging steps and SQL cookbook output |
 | `check-stripe` | Inspect webhook handlers and billing lifecycle coverage |
-| `check-mcp` | Inventory MCP configs and classify side effects |
+| `check-mcp` | Inventory MCP configs and classify side effects; use `--policy-template` for a local allow/deny policy and tool-call receipt format |
+| `check-actions` | Inspect GitHub Actions hygiene that affects AI-built SaaS launch readiness |
 
 ## Launch Readiness Checklist
 
@@ -240,7 +251,7 @@ The hosted staging deployment planner is documented in [docs/hosted-staging-depl
 
 The hosted staging harness is documented in [docs/hosted-staging-harness.md](docs/hosted-staging-harness.md). It exports `createFileBackedHostedStagingHarness` and `createHostedStagingHarnessEvidence` from `ai-saas-guard/hosted/staging-harness`. It runs signed webhook replay through the provider-independent hosted runtime with local file-backed queue, compact report, and Check Run adapters, then verifies worker sandbox cleanup. It is a staging rehearsal tool only; it does not call cloud providers, create a GitHub App, publish live Check Runs, or expose a public hosted service.
 
-The first live hosted ingress is deployed on Cloudflare Workers at `https://ai-saas-guard-hosted.zr9959.workers.dev` and documented in [hosted/cloudflare-worker/README.md](hosted/cloudflare-worker/README.md). It exposes `/healthz`, `/github/app/manifest-callback`, and signed `/github/webhook` intake backed by Cloudflare KV. A private staging GitHub App, `ai-saas-guard-hosted`, is installed on `zr9959/ai-saas-guard` with selected-repository access and the first-slice permission contract. The deployed ingress has the required Cloudflare credential bindings configured. It deliberately queues compact pull request identity records only; scan worker execution, GitHub installation-token exchange, PR diff fetching, and Check Run publishing remain blocked until their deployed evidence passes the hosted operational release gate.
+The first live hosted ingress is deployed on Cloudflare Workers at `https://ai-saas-guard-hosted.zr9959.workers.dev` and documented in [hosted/cloudflare-worker/README.md](hosted/cloudflare-worker/README.md). It exposes `/healthz`, `/github/app/manifest-callback`, and signed `/github/webhook` intake backed by Cloudflare KV. A private staging GitHub App, `ai-saas-guard-hosted`, is installed on `zr9959/ai-saas-guard` with selected-repository access and the first-slice permission contract. The Worker can verify signatures, store compact pull request identity records, exchange a scoped installation token, fetch PR file metadata from GitHub, classify PR-risk hotspots, and publish a bounded Check Run summary. Current deployed evidence is tracked in [docs/hosted-operations-evidence.md](docs/hosted-operations-evidence.md): health and Check Run publisher configuration pass, but end-to-end GitHub App webhook delivery is still blocked until the private App webhook settings are verified. It still does not run a full source checkout scan worker or store raw webhook payloads, PR title/body text, raw diffs, source, secrets, checkout paths, or installation tokens.
 
 The hosted operational release gate is documented in [docs/hosted-operational-release-gate.md](docs/hosted-operational-release-gate.md). It defines the hosted-specific CI, replay, queue, worker cleanup, privacy, monitoring, rollback, and incident-response evidence required before any hosted environment is exposed to users. The pure gate evaluator exported from `ai-saas-guard/hosted/contracts` blocks hosted exposure unless every P0 evidence item is fresh, a container digest is recorded, and release notes avoid pentest, certification, and full-audit claims.
 
@@ -288,7 +299,7 @@ Use `suppressions` for narrower false-positive handling when one rule is noisy o
 
 ## GitHub Action
 
-The repo includes a composite Action. Use `v0` for the latest compatible pre-1.0 Action, a specific release tag such as `v0.25.0` for controlled upgrades, or pin a reviewed commit SHA for stricter supply-chain control:
+The repo includes a composite Action. Use `v0` for the latest compatible pre-1.0 Action, a specific release tag such as `v0.26.1` for controlled upgrades, or pin a reviewed commit SHA for stricter supply-chain control:
 
 ```yaml
 name: ai-saas-guard

package/README.zh-CN.md

@@ -36,6 +36,8 @@ AI 能很快把一个 SaaS 从想法做成可运行的产品。真正难的是
 - Stripe webhook 会不会重复开通权限、漏处理付款失败，或者信任未签名请求？
 - `NEXT_PUBLIC_*` 里是不是不小心暴露了 secret？
 - MCP 工具是不是拿到了 shell、数据库或过宽的文件系统权限？
+- AI 生成的错误处理会不会在真实服务失败后仍然返回“成功”或 demo 数据？
+- Next/Vercel 上线前是不是缺 security headers、env 文档、请求日志或高请求量风险提示？
 - AI 生成的大 PR 里，是不是把 auth、billing 或 deploy 改动藏在 UI 调整中？
 
 `ai-saas-guard` 是面向这个时刻的本地优先、review-first 上线预检工具。它不会证明你的应用绝对安全，也不是渗透测试、认证或完整安全审计。它的目标是给 founder、独立开发者、小团队和 reviewer 一份短而有证据的清单，告诉你上线或合并 PR 前最该先看哪里。
@@ -63,7 +65,7 @@ AI 能很快把一个 SaaS 从想法做成可运行的产品。真正难的是
 
 这个仓库是公开 GitHub 仓库。
 
-CLI 已发布到 npm：`ai-saas-guard@0.25.0`。GitHub Action 支持 `v0` 浮动标签，也支持固定版本标签，例如 `v0.25.0`。
+CLI 已发布到 npm：`ai-saas-guard@0.26.1`。GitHub Action 支持 `v0` 浮动标签，也支持固定版本标签，例如 `v0.26.1`。
 
 | 模块 | 状态 |
 | --- | --- |
@@ -74,8 +76,8 @@ CLI 已发布到 npm：`ai-saas-guard@0.25.0`。GitHub Action 支持 `v0` 浮动
 | Markdown PR summary | 已可用 |
 | GitHub Action | 已可用 |
 | 项目配置 | `.ai-saas-guard.json` 支持规则开关、severity 覆盖和 fail threshold |
-| 当前版本 | `0.25.0` |
-| Action 标签 | `v0.25.0`、`v0` |
+| 当前版本 | `0.26.1` launch-risk expansion |
+| Action 标签 | `v0.26.1`、`v0` |
 | npm 发布 | GitHub Actions Trusted Publisher/OIDC，无需长期 npm token |
 | 仓库可信度加固 | 严格 branch protection、Dependabot、CodeQL、fast-check fuzzing、signed release provenance assets、private vulnerability reporting、secret scanning 和 push protection |
 | 运行时加固 | 单文件和总扫描文本预算、markdown evidence 转义、1 MiB hosted webhook payload 上限、更严格的 hosted deployment 阻断 |
@@ -83,7 +85,8 @@ CLI 已发布到 npm：`ai-saas-guard@0.25.0`。GitHub Action 支持 `v0` 浮动
 | Hosted app skeleton | Node/container HTTP ingress、health route、worker tick、in-memory provider adapters 和 deployment plan 校验 |
 | Hosted staging deployment planner | provider binding、staging release-gate evidence、Node/container deployment 组合和 GitHub App promotion gating |
 | Hosted staging harness | 本地 file-backed webhook replay、queue/report/Check Run artifact、worker cleanup 校验和 release-gate evidence fixture |
-| Cloudflare hosted ingress | 已部署到 `https://ai-saas-guard-hosted.zr9959.workers.dev`，用于签名 GitHub webhook intake 和 KV 排队；scan worker 和 Check Run 仍然受 release gate 阻断 |
+| Cloudflare hosted ingress | 已部署到 `https://ai-saas-guard-hosted.zr9959.workers.dev`；Worker health 和 Check Run publisher 配置已在线，但端到端 GitHub App webhook delivery 仍需要验证私有 App 设置 |
+| Hosted operations evidence | 已记录在 [docs/hosted-operations-evidence.md](docs/hosted-operations-evidence.md) |
 | Hosted GitHub App staging | 私有 App `ai-saas-guard-hosted`（`3834787`）已安装到 `zr9959/ai-saas-guard`，权限为 contents read、pull requests read、metadata read、checks write |
 | OpenSSF Best Practices | 已获得 passing badge，项目 `12955`；`.bestpractices.json` 继续作为保守证据记录 |
 
@@ -100,8 +103,11 @@ npx ai-saas-guard@latest scan --root /path/to/your-saas
 ```bash
 npx ai-saas-guard@latest pr-risk --root /path/to/your-saas --base origin/main
 npx ai-saas-guard@latest check-supabase --root /path/to/your-saas
+npx ai-saas-guard@latest check-supabase --root /path/to/your-saas --doctor
 npx ai-saas-guard@latest check-stripe --root /path/to/your-saas
 npx ai-saas-guard@latest check-mcp --root /path/to/your-saas
+npx ai-saas-guard@latest check-mcp --root /path/to/your-saas --policy-template
+npx ai-saas-guard@latest check-actions --root /path/to/your-saas
 ```
 
 机器可读输出：
@@ -128,9 +134,10 @@ node dist/cli.js scan --root /path/to/your-saas
 | --- | --- |
 | `scan` | 对 secrets、Stripe、Supabase、MCP、API routes、deploy config 做整体上线预检 |
 | `pr-risk` | 分析当前 git diff 或指定 base branch diff，判断哪些文件和风险面应该先 review |
-| `check-supabase` | 检查 migration 和 policy 文件里的 RLS、ownership、storage policy 风险 |
+| `check-supabase` | 检查 migration 和 policy 文件里的 RLS、ownership、storage policy 风险；`--doctor` 输出静态 RLS 调试步骤和 SQL cookbook |
 | `check-stripe` | 检查 webhook 签名、raw body、幂等、订阅生命周期和 entitlement 更新路径 |
-| `check-mcp` | 检查 MCP 配置里的 secret、非 localhost 绑定、shell/db/filesystem 等副作用 |
+| `check-mcp` | 检查 MCP 配置里的 secret、非 localhost 绑定、shell/db/filesystem 等副作用；`--policy-template` 输出本地 allow/deny policy 和 tool-call receipt 格式 |
+| `check-actions` | 检查和 AI-built SaaS 上线有关的 GitHub Actions hygiene |
 
 ## 它会检查什么
 
@@ -139,10 +146,12 @@ node dist/cli.js scan --root /path/to/your-saas
 | Secrets 和 env | 类似密钥的字符串、危险的 `NEXT_PUBLIC_*` 暴露 |
 | Stripe | webhook 缺失、未验证签名、raw body 签名风险、缺幂等、缺失败/取消/退款/更新处理 |
 | Supabase | 敏感表没启用 RLS、policy 过宽、缺少 ownership filter、`WITH CHECK` 过弱、storage object policy 过宽 |
+| Silent success | 捕获错误后返回假成功、敏感路径里的 hardcoded fallback、production 路径引入 mock/demo data、临时绕过 auth/webhook/ownership、跳过或占位测试 |
 | API routes | 有 auth 但缺少明显 ownership guard，敏感 mutation route 缺少 rate-limit 提示 |
-| MCP | 明文 secret、非 localhost 绑定、过宽文件系统权限、shell 工具、raw SQL 工具 |
-| Deploy config | Next static export 和 API route 冲突、Edge runtime 使用 Node-only API、关键 env 文档缺失 |
-| PR risk | auth、billing、RLS、env、deploy、API、storage、测试删除、大型混合 diff |
+| MCP | 明文 secret、非 localhost 绑定、过宽文件系统权限、shell 工具、raw SQL 工具、side-effect 分类、本地 policy/receipt 模板 |
+| Next/Vercel deploy | Next static export 和 API route 冲突、Edge runtime 使用 Node-only API、security headers 缺失、server env 文档缺失、public env 盘点、image/request 放大风险、request ID logging 缺失 |
+| GitHub Actions | workflow 权限过宽、PR workflow 缺 concurrency cancel、docs-only 改动跑全量 CI、secret/tool version 缺 fail-fast、`pr-risk` checkout 太浅、Action 未 pin SHA |
+| PR risk | auth、billing、RLS、env、deploy、API、storage、silent-success、测试删除、缺 spec/context、大型混合 diff |
 
 完整规则请看 [docs/rules.md](docs/rules.md)。
 
@@ -266,7 +275,7 @@ jobs:
 
 ## Hosted GitHub App 设计
 
-当前仓库已经包含未来 Hosted GitHub App 的设计文档、纯契约测试，以及第一个真实 Cloudflare hosted ingress。私有 staging GitHub App `ai-saas-guard-hosted` 已安装到 `zr9959/ai-saas-guard`，Cloudflare 已配置所需的云端凭据绑定。这个 ingress 已经能接收签名 webhook 并写入 KV 队列，但还不是完整自动扫描服务。
+当前仓库已经包含未来 Hosted GitHub App 的设计文档、纯契约测试，以及第一个真实 Cloudflare hosted ingress。私有 staging GitHub App `ai-saas-guard-hosted` 已安装到 `zr9959/ai-saas-guard`，Cloudflare 已配置所需的云端凭据绑定。Worker 代码已经能接收签名 webhook、写入 KV 队列、换取 scoped installation token、读取 GitHub PR file metadata、做 compact PR-risk classification，并发布有长度上限的 Check Run summary；但当前端到端 GitHub App webhook delivery smoke 还被私有 App webhook 设置阻断，证据记录在 [docs/hosted-operations-evidence.md](docs/hosted-operations-evidence.md)。它还不是完整 source checkout scan worker。
 
 相关文档：
 
@@ -295,7 +304,7 @@ jobs:
 - Hosted Node/container app skeleton：`ai-saas-guard/hosted/app` 导出 `createHostedHttpApp`、`createInMemoryHostedAppPlatform` 和 `planHostedNodeContainerDeployment`，提供安全 `/healthz`、签名 `/github/webhook` ingress、单 job worker tick、测试用 in-memory provider adapters，以及 secret manager、queue、compact report store、worker sandbox、GitHub Checks publisher 的部署引用校验；它本身仍然不部署或暴露公开 hosted 服务
 - Hosted staging deployment planner：`ai-saas-guard/hosted/staging` 导出 `planHostedProviderBinding`、`planHostedStagingDeployment` 和 `planHostedGitHubAppPromotion`，把真实 provider 引用、Node/container deployment plan、hosted operational release-gate evidence 和 GitHub App deployment planning 组合起来；缺少 queue、store、worker sandbox、Check Run publisher、logs、metrics、rollback 或 incident-response 引用时，会阻止 staging exposure 和 production promotion；它本身仍然不会调用云平台、创建 GitHub App 或暴露公开 hosted 服务
 - Hosted staging harness：`ai-saas-guard/hosted/staging-harness` 导出 `createFileBackedHostedStagingHarness` 和 `createHostedStagingHarnessEvidence`，可以在本地用 file-backed queue、compact report、Check Run request 和 worker sandbox 跑通签名 webhook replay、worker tick 和 cleanup 校验；它只是 staging 演练工具，不会调用云平台、创建 GitHub App、写真实 Check Run 或暴露公开 hosted 服务
-- Cloudflare hosted ingress：`hosted/cloudflare-worker` 已部署到 `https://ai-saas-guard-hosted.zr9959.workers.dev`，提供 `/healthz`、`/github/app/manifest-callback` 和签名 `/github/webhook` intake，并只把 compact pull request identity 写入 Cloudflare KV；staging GitHub App ID 为 `3834787`，installation ID 为 `135085075`；GitHub installation-token exchange、PR diff fetching、scan worker 和 Check Run publishing 仍然需要通过 hosted operational release gate
+- Cloudflare hosted ingress：`hosted/cloudflare-worker` 已部署到 `https://ai-saas-guard-hosted.zr9959.workers.dev`，提供 `/healthz`、`/github/app/manifest-callback` 和签名 `/github/webhook` intake；Worker 已具备 compact pull request identity、file/category risk signal 和 Check Run metadata 路径；staging GitHub App ID 为 `3834787`，installation ID 为 `135085075`；真实 GitHub App webhook delivery、完整 source checkout scan worker、monitoring、rollback 和 incident-response evidence 仍需要通过 hosted operational release gate
 - webhook event parser
 - check-run summary renderer
 - Check Run publication planner：要求 repository `checks: write`，只从 compact report 生成有长度上限的 Check Run payload，包含 review categories、优先 review 文件、verification steps 和本地 CLI 复现命令；MVP 不发 PR comment

package/action.yml

@@ -4,7 +4,7 @@ author: ai-saas-guard
 
 inputs:
   command:
-    description: "Command to run: scan, check-supabase, check-stripe, check-mcp, or pr-risk."
+    description: "Command to run: scan, check-supabase, check-stripe, check-mcp, check-actions, or pr-risk."
     required: false
     default: scan
   root:
@@ -59,7 +59,7 @@ runs:
         set -o pipefail
 
         case "${INPUT_COMMAND}" in
-          scan|check-supabase|check-stripe|check-mcp|pr-risk) ;;
+          scan|check-supabase|check-stripe|check-mcp|check-actions|pr-risk) ;;
           *)
             echo "Invalid command input: ${INPUT_COMMAND}" >&2
             exit 2

package/dist/cli.js

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 import { resolve } from "node:path";
 import { applyGuardConfig, loadGuardConfig } from "./config.js";
-import { checkMcp, checkStripe, checkSupabase, classifyPrRisk, scanRepository } from "./index.js";
+import { checkActions, checkMcp, checkStripe, checkSupabase, classifyPrRisk, scanRepository } from "./index.js";
 import { formatJsonReport } from "./report/json.js";
 import { formatMarkdownReport } from "./report/markdown.js";
 import { formatSarifReport } from "./report/sarif.js";
@@ -19,13 +19,16 @@ async function main(argv) {
             report = await scanRepository({ rootDir: args.rootDir });
             break;
         case "check-supabase":
-            report = await checkSupabase({ rootDir: args.rootDir });
+            report = await checkSupabase({ rootDir: args.rootDir, doctor: args.doctor });
             break;
         case "check-stripe":
             report = await checkStripe({ rootDir: args.rootDir });
             break;
         case "check-mcp":
-            report = await checkMcp({ rootDir: args.rootDir });
+            report = await checkMcp({ rootDir: args.rootDir, policyTemplate: args.policyTemplate });
+            break;
+        case "check-actions":
+            report = await checkActions({ rootDir: args.rootDir });
             break;
         case "pr-risk":
             report = await classifyPrRisk({ rootDir: args.rootDir, base: args.base });
@@ -107,6 +110,14 @@ function parseArgs(argv) {
             index += 1;
             continue;
         }
+        if (arg === "--doctor") {
+            result.doctor = true;
+            continue;
+        }
+        if (arg === "--policy-template") {
+            result.policyTemplate = true;
+            continue;
+        }
         if (arg === "-h" || arg === "--help") {
             result.command = "help";
             continue;
@@ -154,9 +165,10 @@ Repo-local launch-readiness scanner for AI-built SaaS apps.
 
 Usage:
   ai-saas-guard scan [--root <repo>] [--config <file>] [--json|--sarif] [--fail-on <severity>]
-  ai-saas-guard check-supabase [--root <repo>] [--config <file>] [--json|--sarif] [--fail-on <severity>]
+  ai-saas-guard check-supabase [--root <repo>] [--config <file>] [--doctor] [--json|--sarif] [--fail-on <severity>]
   ai-saas-guard check-stripe [--root <repo>] [--config <file>] [--json|--sarif] [--fail-on <severity>]
-  ai-saas-guard check-mcp [--root <repo>] [--config <file>] [--json|--sarif] [--fail-on <severity>]
+  ai-saas-guard check-mcp [--root <repo>] [--config <file>] [--policy-template] [--json|--sarif] [--fail-on <severity>]
+  ai-saas-guard check-actions [--root <repo>] [--config <file>] [--json|--sarif] [--fail-on <severity>]
   ai-saas-guard pr-risk [--root <repo>] [--config <file>] [--base <branch>] [--json|--sarif|--markdown] [--fail-on <severity>]
 
 Defaults:

package/dist/commands/checkActions.d.ts

@@ -0,0 +1,2 @@
+import type { ActionsReport, ScanOptions } from "../types.js";
+export declare function checkActions(options: ScanOptions): Promise<ActionsReport>;

package/dist/commands/checkActions.js

@@ -0,0 +1,4 @@
+import { checkActions as runActionsScanner } from "../scanners/actions.js";
+export function checkActions(options) {
+    return runActionsScanner(options.rootDir);
+}

package/dist/commands/checkMcp.d.ts

@@ -1,2 +1,2 @@
-import type { McpReport, ScanOptions } from "../types.js";
-export declare function checkMcp(options: ScanOptions): Promise<McpReport>;
+import type { McpOptions, McpReport } from "../types.js";
+export declare function checkMcp(options: McpOptions): Promise<McpReport>;

package/dist/commands/checkMcp.js

@@ -1,4 +1,4 @@
 import { checkMcp as runMcpScanner } from "../scanners/mcp.js";
 export function checkMcp(options) {
-    return runMcpScanner(options.rootDir);
+    return runMcpScanner(options.rootDir, { policyTemplate: options.policyTemplate });
 }

package/dist/commands/checkSupabase.d.ts

@@ -1,2 +1,2 @@
-import type { ScanOptions, SupabaseReport } from "../types.js";
-export declare function checkSupabase(options: ScanOptions): Promise<SupabaseReport>;
+import type { SupabaseOptions, SupabaseReport } from "../types.js";
+export declare function checkSupabase(options: SupabaseOptions): Promise<SupabaseReport>;

package/dist/commands/checkSupabase.js

@@ -1,4 +1,4 @@
 import { checkSupabase as runSupabaseScanner } from "../scanners/supabase.js";
 export function checkSupabase(options) {
-    return runSupabaseScanner(options.rootDir);
+    return runSupabaseScanner(options.rootDir, { doctor: options.doctor });
 }

package/dist/commands/scan.js

@@ -1,21 +1,25 @@
 import { createScanContext } from "../context.js";
 import { createReport, uniqueFindings } from "../report/findings.js";
+import { checkActions } from "../scanners/actions.js";
 import { scanApiRoutes } from "../scanners/apiRoutes.js";
 import { scanDeployConfig } from "../scanners/deploy.js";
 import { checkMcp } from "../scanners/mcp.js";
 import { scanNextPublicEnv, scanSecrets } from "../scanners/secrets.js";
+import { scanSilentSuccess } from "../scanners/silentSuccess.js";
 import { checkStripe } from "../scanners/stripe.js";
 import { checkSupabase } from "../scanners/supabase.js";
 export async function scanRepository(options) {
     const context = await createScanContext(options.rootDir);
-    const [secretFindings, nextPublicFindings, stripeReport, supabaseReport, mcpReport, apiFindings, deployFindings] = await Promise.all([
+    const [secretFindings, nextPublicFindings, stripeReport, supabaseReport, mcpReport, apiFindings, deployFindings, silentSuccessFindings, actionsReport] = await Promise.all([
         scanSecrets(context),
         scanNextPublicEnv(context),
         checkStripe(context),
         checkSupabase(context),
         checkMcp(context),
         scanApiRoutes(context),
-        scanDeployConfig(context)
+        scanDeployConfig(context),
+        scanSilentSuccess(context),
+        checkActions(context)
     ]);
     return createReport("scan", options.rootDir, uniqueFindings([
         ...secretFindings,
@@ -24,6 +28,8 @@ export async function scanRepository(options) {
         ...supabaseReport.findings,
         ...mcpReport.findings,
         ...apiFindings,
-        ...deployFindings
+        ...deployFindings,
+        ...silentSuccessFindings,
+        ...actionsReport.findings
     ]), {});
 }

package/dist/hosted/app.js

@@ -261,7 +261,7 @@ function isValidSecretRef(value) {
     return /^secret:[A-Za-z0-9._:/@-]+$/.test(value);
 }
 function normalizePublicBaseUrl(publicBaseUrl) {
-    return publicBaseUrl.trim().replace(/\/+$/, "");
+    return trimTrailingSlashes(publicBaseUrl.trim());
 }
 function isSafePublicHttpsUrl(value) {
     try {
@@ -279,6 +279,13 @@ function isUnsafeHostedHostname(hostname) {
         isUnsafeIpv4Hostname(normalized) ||
         isUnsafeIpv6Hostname(normalized));
 }
+function trimTrailingSlashes(value) {
+    let end = value.length;
+    while (end > 0 && value[end - 1] === "/") {
+        end -= 1;
+    }
+    return value.slice(0, end);
+}
 function normalizeHostname(hostname) {
     const lower = hostname.toLowerCase().replace(/\.$/, "");
     return lower.startsWith("[") && lower.endsWith("]") ? lower.slice(1, -1) : lower;

package/dist/hosted/contracts.js

@@ -1156,7 +1156,7 @@ function getHostedCheckRunFiles(report) {
     return [...new Set(report.evidence.map((finding) => finding.file))].slice(0, 10);
 }
 function escapeMarkdownTableCell(value) {
-    return value.replace(/\|/g, "\\|").replace(/\r?\n/g, " ");
+    return value.replaceAll("\\", "\\\\").replaceAll("|", "\\|").replaceAll("\r", " ").replaceAll("\n", " ");
 }
 function capitalize(value) {
     return `${value.charAt(0).toUpperCase()}${value.slice(1)}`;

package/dist/hosted/production-adapters.js

@@ -190,7 +190,14 @@ function safeApiUrlBlockedReasons(apiBaseUrl) {
 }
 function normalizeApiBaseUrl(apiBaseUrl) {
     const value = apiBaseUrl?.trim() || "https://api.github.com";
-    return value.replace(/\/+$/, "");
+    return trimTrailingSlashes(value);
+}
+function trimTrailingSlashes(value) {
+    let end = value.length;
+    while (end > 0 && value[end - 1] === "/") {
+        end -= 1;
+    }
+    return value.slice(0, end);
 }
 function permissionsForPurpose(purpose) {
     if (purpose === "worker_checkout") {

package/dist/index.d.ts

@@ -2,11 +2,12 @@ export { scanRepository } from "./commands/scan.js";
 export { checkStripe } from "./commands/checkStripe.js";
 export { checkSupabase } from "./commands/checkSupabase.js";
 export { checkMcp } from "./commands/checkMcp.js";
+export { checkActions } from "./commands/checkActions.js";
 export { classifyPrRisk } from "./commands/prRisk.js";
 export { applyGuardConfig, defaultConfigFileName, loadGuardConfig } from "./config.js";
 export { createScanContext } from "./context.js";
 export { getRuleMetadata, RULE_CATALOG } from "./rules/catalog.js";
-export type { BaseReport, CommandName, Evidence, Finding, McpReport, McpServerInventory, PrRiskFile, PrRiskReport, ScanOptions, StripeReport, SupabaseReport } from "./types.js";
+export type { BaseReport, CommandName, Evidence, Finding, ActionsReport, McpOptions, McpPolicyTemplate, McpReport, McpServerInventory, McpSideEffect, PrRiskFile, PrRiskReport, ScanOptions, StripeReport, SupabaseOptions, SupabaseDoctorReport, SupabaseReport } from "./types.js";
 export type { ScanContext, ScanInput } from "./context.js";
 export type { FindingSuppression, GuardConfig, RuleConfigValue } from "./config.js";
 export type { RuleMetadata, RuleStability } from "./rules/catalog.js";

package/dist/index.js

@@ -2,6 +2,7 @@ export { scanRepository } from "./commands/scan.js";
 export { checkStripe } from "./commands/checkStripe.js";
 export { checkSupabase } from "./commands/checkSupabase.js";
 export { checkMcp } from "./commands/checkMcp.js";
+export { checkActions } from "./commands/checkActions.js";
 export { classifyPrRisk } from "./commands/prRisk.js";
 export { applyGuardConfig, defaultConfigFileName, loadGuardConfig } from "./config.js";
 export { createScanContext } from "./context.js";

package/dist/report/markdown.js

@@ -45,6 +45,7 @@ function formatGenericMarkdown(report) {
     lines.push("");
     lines.push("### Findings");
     appendFindings(lines, report.findings);
+    appendGenericExtras(lines, report);
     return lines.join("\n");
 }
 function summaryLine(report) {
@@ -71,6 +72,39 @@ function appendFindings(lines, findings) {
         lines.push(`   - Fix direction: ${escapeMarkdownInline(finding.suggestedFix)}`);
     }
 }
+function appendGenericExtras(lines, report) {
+    if (report.command === "check-supabase") {
+        const supabase = report;
+        if (supabase.doctor.sqlCookbook.length === 0)
+            return;
+        lines.push("");
+        lines.push("### Supabase RLS Doctor");
+        appendList(lines, supabase.doctor.twoAccountVerificationSteps);
+        lines.push("");
+        lines.push("```sql");
+        lines.push(...supabase.doctor.sqlCookbook);
+        lines.push("```");
+    }
+    if (report.command === "check-mcp") {
+        const mcp = report;
+        if (!mcp.policyTemplate)
+            return;
+        lines.push("");
+        lines.push("### MCP Policy Template");
+        lines.push("");
+        lines.push("```yaml");
+        lines.push(...mcp.policyTemplate.localPolicyTemplate);
+        lines.push("```");
+        lines.push("");
+        lines.push(`Receipt fields: ${mcp.policyTemplate.receiptFormat.map((field) => `\`${field}\``).join(", ")}`);
+    }
+    if (report.command === "check-actions") {
+        const actions = report;
+        lines.push("");
+        lines.push("### GitHub Actions Hygiene Checklist");
+        appendList(lines, actions.hygieneChecklist);
+    }
+}
 function formatEvidence(evidence) {
     if (!evidence)
         return "`none`";

package/dist/report/terminal.js

@@ -6,6 +6,7 @@ export function formatTerminalReport(report) {
     if (report.findings.length === 0) {
         lines.push("");
         lines.push("No heuristic launch-readiness risks found by this command.");
+        appendCommandExtras(lines, report);
         return lines.join("\n");
     }
     for (const [index, item] of report.findings.entries()) {
@@ -22,8 +23,47 @@ export function formatTerminalReport(report) {
             lines.push(`   - ${location}${detail ? ` -> ${detail}` : ""}`);
         }
     }
+    appendCommandExtras(lines, report);
     return lines.join("\n");
 }
+function appendCommandExtras(lines, report) {
+    if (report.command === "check-supabase") {
+        const supabase = report;
+        if (supabase.doctor.sqlCookbook.length > 0) {
+            lines.push("");
+            lines.push("Supabase RLS doctor:");
+            for (const step of supabase.doctor.twoAccountVerificationSteps.slice(0, 5)) {
+                lines.push(`- ${step}`);
+            }
+            lines.push("SQL cookbook:");
+            for (const line of supabase.doctor.sqlCookbook.slice(0, 8)) {
+                lines.push(`  ${line}`);
+            }
+        }
+    }
+    if (report.command === "check-mcp") {
+        const mcp = report;
+        if (mcp.policyTemplate) {
+            lines.push("");
+            lines.push("MCP policy template:");
+            for (const line of mcp.policyTemplate.localPolicyTemplate) {
+                lines.push(`  ${line}`);
+            }
+            lines.push("Receipt fields:");
+            lines.push(`  ${mcp.policyTemplate.receiptFormat.join(", ")}`);
+        }
+    }
+    if (report.command === "check-actions") {
+        const actions = report;
+        if (actions.hygieneChecklist.length > 0) {
+            lines.push("");
+            lines.push("GitHub Actions hygiene checklist:");
+            for (const item of actions.hygieneChecklist) {
+                lines.push(`- ${item}`);
+            }
+        }
+    }
+}
 export function formatFindingSummary(finding) {
     const firstEvidence = finding.evidence[0];
     const location = firstEvidence?.line ? `${firstEvidence.file}:${firstEvidence.line}` : firstEvidence?.file;