awguard 1.5.0 → 1.6.0

package/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Changelog
 
+## 1.6.0
+
+- Add `awguard init` to print starter GitHub Action, strict config, baseline, report, and badge setup snippets.
+- Add `--format inventory-json` for machine-readable agentic surface inventories.
+- Add `--compare previous.json current.json` for introduced/resolved finding and file drift reports.
+- Add policy allowlists with `AWG015` for unapproved files, MCP servers, packages, or commands.
+- Add Docker, GitLab CI, pre-commit, VS Code task, Marketplace, comparison, demo, and vulnerable lab assets.
+
 ## 1.5.0
 
 - Add `--format inventory` to map agentic repository surfaces by workflows, agent context files, and MCP configs.

package/Dockerfile

@@ -0,0 +1,8 @@
+FROM node:20-alpine
+
+WORKDIR /app
+COPY package.json README.md LICENSE action.yml ./
+COPY bin ./bin
+COPY src ./src
+
+ENTRYPOINT ["node", "/app/bin/awguard.js"]

package/README.md

@@ -5,8 +5,11 @@
 [![GitHub release](https://img.shields.io/github/v/release/Mughal-Baig/agentic-workflow-guard)](https://github.com/Mughal-Baig/agentic-workflow-guard/releases)
 [![npm](https://img.shields.io/npm/v/awguard)](https://www.npmjs.com/package/awguard)
 [![AWI risk](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/Mughal-Baig/agentic-workflow-guard/main/docs/awguard-badge.json)](docs/awguard-badge.json)
+[![Project site](https://img.shields.io/badge/site-live-0f766e)](https://mughal-baig.github.io/agentic-workflow-guard/)
 [![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)
 
+![Agentic Workflow Guard terminal demo](docs/assets/terminal-demo.svg)
+
 `agentic-workflow-guard` is a small, zero-dependency scanner for GitHub Actions workflows, persistent agent instruction files, and MCP configs used by AI coding agents, LLMs, or automated review bots.
 
 It looks for a new class of CI/CD risk: untrusted issue, pull request, comment, or branch text flowing into an AI agent prompt, then into write-capable tools, secrets, shell scripts, persistent instructions that weaken review boundaries, or MCP servers that expand agent authority.
@@ -42,6 +45,12 @@ Install from npm:
 npx awguard .
 ```
 
+Generate a starter config, GitHub Action, baseline command, and badge snippet:
+
+```bash
+npx awguard init
+```
+
 ## Use In GitHub Actions
 
 After you upload this repository to GitHub, users can add:
@@ -113,7 +122,9 @@ jobs:
 ## CLI
 
 ```bash
-awguard [path] [--config file] [--preset name] [--format text|json|markdown|github|sarif|graph|html|migration|score|badge|inventory] [--output file] [--baseline file] [--write-baseline file] [--fix-dry-run] [--fail-on none|low|medium|high|critical]
+awguard [path] [--config file] [--preset name] [--format text|json|markdown|github|sarif|graph|html|migration|score|badge|inventory|inventory-json] [--output file] [--baseline file] [--write-baseline file] [--fix-dry-run] [--fail-on none|low|medium|high|critical]
+awguard init
+awguard --compare previous.json current.json
 ```
 
 Examples:
@@ -125,6 +136,7 @@ node ./bin/awguard.js . --preset strict --format graph
 node ./bin/awguard.js . --format html --output awguard-report.html
 node ./bin/awguard.js . --format migration --output awguard-migration.md
 node ./bin/awguard.js . --format inventory
+node ./bin/awguard.js . --format inventory-json --output awguard-inventory.json
 node ./bin/awguard.js . --format score
 node ./bin/awguard.js . --format badge --output awguard-badge.json
 node ./bin/awguard.js . --fix-dry-run
@@ -132,6 +144,7 @@ node ./bin/awguard.js . --format markdown --fail-on medium
 node ./bin/awguard.js . --format sarif --output awguard.sarif --fail-on none
 node ./bin/awguard.js . --write-baseline awguard.baseline.json
 node ./bin/awguard.js . --baseline awguard.baseline.json --fail-on high
+node ./bin/awguard.js --compare old-awguard.json new-awguard.json
 node ./bin/awguard.js . --format github --fail-on high
 ```
 
@@ -252,6 +265,40 @@ node ./bin/awguard.js . --format inventory
 
 The inventory groups scanned files into GitHub Actions workflows, persistent agent context files, and MCP configs. It shows which surfaces exist, which rules fired, and what to review next. This is useful before a team enables new coding agents because it answers: "Where can agents read instructions, get tools, or act in CI?"
 
+For dashboards, use JSON:
+
+```bash
+node ./bin/awguard.js . --format inventory-json --output awguard-inventory.json
+```
+
+## Compare Reports
+
+Track newly introduced agentic risk across branches or releases:
+
+```bash
+node ./bin/awguard.js . --format json --output current-awguard.json
+node ./bin/awguard.js --compare previous-awguard.json current-awguard.json
+```
+
+The comparison report shows introduced findings, resolved findings, added scanned files, and removed scanned files.
+
+## Policy Mode
+
+Policy mode makes new agent surfaces visible during review. Add allowlists to `awguard.config.json`:
+
+```json
+{
+  "policy": {
+    "approvedFiles": ["AGENTS.md", ".github/workflows/*"],
+    "approvedMcpServers": ["github"],
+    "approvedMcpPackages": ["@modelcontextprotocol/server-github@1.2.3"],
+    "approvedMcpCommands": ["npx", "node"]
+  }
+}
+```
+
+Anything outside the policy is reported as `AWG015`.
+
 ## Agent Context Guard
 
 AWGuard also scans persistent agent instruction files:
@@ -327,6 +374,11 @@ If you omit rule ids, the suppression applies to all findings on the target line
 | AWG012 | High/Critical | Agent instruction files that weaken approval, permission, or secret boundaries |
 | AWG013 | High | MCP configs that start mutable packages, unpinned containers, or shell wrappers |
 | AWG014 | Critical | MCP configs that hardcode secrets, tokens, passwords, or auth headers |
+| AWG015 | Medium | Agentic surfaces, MCP servers, packages, or commands not approved by policy |
+
+## How It Compares
+
+See [docs/comparison.md](docs/comparison.md) for how AWGuard fits beside `zizmor`, `actionlint`, OpenSSF Scorecard, secret scanners, and MCP runtime scanners.
 
 ## Example Finding
 
@@ -351,6 +403,10 @@ If you omit rule ids, the suppression applies to all findings on the target line
 - Rule packs for Claude Code, Codex, Gemini, Copilot, Aider, and custom agents.
 - Public vulnerable workflow lab with attack and fix walkthroughs.
 
+## Contributing And Security
+
+Contributions are welcome. Start with [CONTRIBUTING.md](CONTRIBUTING.md), and report sensitive security issues using [SECURITY.md](SECURITY.md).
+
 ## Research Backing
 
 See [docs/market-analysis.md](docs/market-analysis.md) for the demand analysis, gap, audience, and launch plan.

package/action.yml

@@ -7,7 +7,7 @@ inputs:
     required: false
     default: .
   format:
-    description: Output format: github, text, json, markdown, sarif, graph, html, migration, score, badge, or inventory.
+    description: Output format: github, text, json, markdown, sarif, graph, html, migration, score, badge, inventory, or inventory-json.
     required: false
     default: github
   fail-on:
@@ -15,7 +15,7 @@ inputs:
     required: false
     default: high
   output:
-    description: Optional file path for json, markdown, sarif, graph, html, migration, score, or badge output.
+    description: Optional file path for json, markdown, sarif, graph, html, migration, score, badge, inventory, or inventory-json output.
     required: false
     default: ''
   baseline:

package/docs/assets/terminal-demo.svg

@@ -0,0 +1,19 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="920" height="430" viewBox="0 0 920 430" role="img" aria-labelledby="title desc">
+  <title id="title">Agentic Workflow Guard terminal demo</title>
+  <desc id="desc">A terminal-style screenshot showing AWGuard inventory and MCP findings.</desc>
+  <rect width="920" height="430" rx="10" fill="#101820"/>
+  <rect x="0" y="0" width="920" height="42" rx="10" fill="#17242f"/>
+  <circle cx="24" cy="21" r="6" fill="#ff5f57"/>
+  <circle cx="44" cy="21" r="6" fill="#ffbd2e"/>
+  <circle cx="64" cy="21" r="6" fill="#28c840"/>
+  <text x="88" y="27" fill="#d8e6ee" font-family="Menlo, Consolas, monospace" font-size="14">awguard demo</text>
+  <text x="28" y="78" fill="#7dd3fc" font-family="Menlo, Consolas, monospace" font-size="16">$ npx awguard . --format inventory</text>
+  <text x="28" y="118" fill="#e7f4f2" font-family="Menlo, Consolas, monospace" font-size="16">Agentic Surface Inventory</text>
+  <text x="28" y="154" fill="#a7f3d0" font-family="Menlo, Consolas, monospace" font-size="14">✓ GitHub Actions workflows: 2 files, 0 findings</text>
+  <text x="28" y="184" fill="#fde68a" font-family="Menlo, Consolas, monospace" font-size="14">! Agent context files: 1 file, AWG012</text>
+  <text x="28" y="214" fill="#fca5a5" font-family="Menlo, Consolas, monospace" font-size="14">! MCP configs: 1 file, AWG013, AWG014</text>
+  <text x="28" y="260" fill="#7dd3fc" font-family="Menlo, Consolas, monospace" font-size="16">$ npx awguard examples/.mcp.json --fix-dry-run</text>
+  <text x="28" y="300" fill="#fca5a5" font-family="Menlo, Consolas, monospace" font-size="14">CRITICAL AWG014 MCP config hardcodes secrets or auth material</text>
+  <text x="28" y="330" fill="#fdba74" font-family="Menlo, Consolas, monospace" font-size="14">HIGH AWG013 MCP config starts mutable tool servers</text>
+  <text x="28" y="372" fill="#d8e6ee" font-family="Menlo, Consolas, monospace" font-size="14">Fix: pin tool packages, move credentials to prompts/env, and review policy drift.</text>
+</svg>

package/docs/comparison.md

@@ -0,0 +1,23 @@
+# Comparison
+
+AWGuard is intentionally narrow. It should sit beside general CI/CD and AI security tools, not replace them.
+
+| Tool | Main job | Where AWGuard differs |
+| --- | --- | --- |
+| `zizmor` | General GitHub Actions security analysis | AWGuard focuses on AI-agent prompt, tool, MCP, and repository instruction paths. |
+| `actionlint` | GitHub Actions syntax and workflow linting | AWGuard looks for agentic trust-boundary risk, not YAML correctness. |
+| OpenSSF Scorecard | Open-source project security posture | AWGuard gives an Agentic Workflow Injection score and agent surface inventory. |
+| MCP runtime scanners | Inspect live MCP servers and tool descriptions | AWGuard scans repository MCP configs without executing server commands. |
+| Secret scanners | Find committed secrets | AWGuard connects MCP/agent secret exposure to agent capabilities and remediation. |
+
+## Best Stack
+
+Use these together:
+
+```text
+actionlint -> workflow correctness
+zizmor -> broad GitHub Actions hardening
+OpenSSF Scorecard -> project posture
+secret scanning -> committed credentials
+AWGuard -> agentic workflow, context, and MCP trust boundaries
+```

package/docs/launch-plan.md

@@ -10,56 +10,64 @@ Short pitch:
 
 ## Star-Worthy Demo
 
-1. Show `examples/unsafe-agent.yml`.
-2. Run:
+1. Show the terminal demo image in `docs/assets/terminal-demo.svg`.
+2. Show `examples/unsafe-agent.yml`.
+3. Run:
 
    ```bash
    node ./bin/awguard.js examples/unsafe-agent.yml --format graph
    ```
 
-3. Show the generated Mermaid chain.
-4. Run:
+4. Show the generated Mermaid chain.
+5. Run:
 
    ```bash
    node ./bin/awguard.js examples/unsafe-agent.yml --fix-dry-run
    ```
 
-5. Show the safe remediation steps.
-6. Run:
+6. Show the safe remediation steps.
+7. Run:
 
    ```bash
    node ./bin/awguard.js examples/unsafe-agent.yml --format migration
    ```
 
-7. Show the migration from unsafe agent job to read-only proposal job plus safe outputs or an approved apply job.
-8. Run:
+8. Show the migration from unsafe agent job to read-only proposal job plus safe outputs or an approved apply job.
+9. Run:
 
    ```bash
    node ./bin/awguard.js . --format score
    ```
 
-9. Show the README badge and say: "Add an AWI risk badge to your repo before adding AI agents to CI."
-10. Run:
+10. Show the README badge and say: "Add an AWI risk badge to your repo before adding AI agents to CI."
+11. Run:
 
    ```bash
    node ./bin/awguard.js . --format inventory
    ```
 
-11. Show the surface map and say: "Before you secure agent workflows, find every place the repository gives agents instructions or tools."
-12. Show an unsafe `AGENTS.md` or `.github/copilot-instructions.md` line and run:
+12. Show the surface map and say: "Before you secure agent workflows, find every place the repository gives agents instructions or tools."
+13. Run:
+
+   ```bash
+   node ./bin/awguard.js init
+   ```
+
+14. Show the one-command setup guide.
+15. Show an unsafe `AGENTS.md` or `.github/copilot-instructions.md` line and run:
 
    ```bash
    node ./bin/awguard.js . --format text
    ```
 
-13. Explain that AWGuard scans both the workflow and the persistent agent instructions that shape agent behavior.
-14. Show an unsafe `.mcp.json` with `npx @modelcontextprotocol/server-github` and a committed token, then run:
+16. Explain that AWGuard scans both the workflow and the persistent agent instructions that shape agent behavior.
+17. Show an unsafe `.mcp.json` with `npx @modelcontextprotocol/server-github` and a committed token, then run:
 
    ```bash
    node ./bin/awguard.js examples/.mcp.json --format text
    ```
 
-15. Explain the new hook: "This scanner checks repo-provided MCP tool wiring without executing the MCP server."
+18. Explain the new hook: "This scanner checks repo-provided MCP tool wiring without executing the MCP server."
 
 ## Release Checklist
 

package/docs/market-analysis.md

@@ -211,7 +211,9 @@ Agentic Workflow Guard now supports:
 
 - `--format inventory` for a surface map grouped by workflows, agent context files, and MCP configs.
 - scanning `.github/agents/*.md`, `.github/prompts/*.prompt.md`, and `.github/skills/**/SKILL.md` as persistent agent context.
-- a roadmap that moves toward policy mode, agent capability SBOMs, trend reports, and adoption generators.
+- `awguard init` for adoption snippets, `--format inventory-json` for dashboards, and `--compare` for trend reports.
+- first policy allowlists for approved files, MCP servers, MCP packages, and MCP commands.
+- a roadmap that moves toward agent capability SBOMs, richer policy ownership, and hosted monitoring.
 
 This widens the project while preserving its niche: AWGuard remains a zero-execution repository scanner for agentic risk, not a broad runtime agent firewall.
 

package/docs/marketplace-listing.md

@@ -0,0 +1,40 @@
+# GitHub Marketplace Listing Draft
+
+## Name
+
+Agentic Workflow Guard
+
+## Short Description
+
+Scan GitHub Actions, agent instruction files, and MCP configs for AI-agent injection risk.
+
+## Categories
+
+- Security
+- Code quality
+- Utilities
+
+## Full Description
+
+Agentic Workflow Guard finds where untrusted GitHub issue, pull request, comment, branch, or artifact text can steer AI agents inside CI.
+
+It scans:
+
+- GitHub Actions workflows;
+- persistent agent instruction files such as `AGENTS.md`, Copilot instructions, custom agents, prompts, and skills;
+- MCP configs such as `.mcp.json`, `.vscode/mcp.json`, Cursor, Windsurf, Cline, and Roo config files.
+
+Outputs include GitHub annotations, SARIF for code scanning, attack graphs, migration plans, AWI scorecards, badges, and agentic surface inventory reports.
+
+## Example
+
+```yaml
+- uses: Mughal-Baig/agentic-workflow-guard@v0
+  with:
+    preset: strict
+    fail-on: high
+```
+
+## Suggested Release Note
+
+Use this Action before adding AI agents, custom prompts, or MCP tools to a repository.

package/docs/roadmap.md

@@ -54,15 +54,19 @@ Current research points:
 
 ### Now
 
-- Ship `--format inventory`.
-- Expand `AWG012` coverage to Copilot custom agents, prompts, and skills.
-- Document the widened project roadmap.
+- Shipped `--format inventory`.
+- Shipped `--format inventory-json`.
+- Shipped `awguard init`.
+- Shipped `--compare previous.json current.json`.
+- Shipped first policy allowlists with `AWG015`.
+- Expanded `AWG012` coverage to Copilot custom agents, prompts, and skills.
+- Added Docker, GitLab CI, pre-commit, VS Code task, Marketplace, comparison, visual demo, and vulnerable lab assets.
 
 ### Next
 
-- Add policy mode for MCP server allowlists and approved agent context files.
-- Add a setup generator for the GitHub Action, config, baseline, and README badge.
-- Add JSON inventory output for downstream dashboards.
+- Add agent capability SBOM export for prompts, tools, MCP servers, permissions, and write paths.
+- Add safer patch previews for common workflow permission fixes.
+- Add richer policy ownership fields for approved file owners and review cadence.
 
 ### Later
 

package/docs/site/index.html

@@ -0,0 +1,251 @@
+<!doctype html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <meta
+      name="description"
+      content="Agentic Workflow Guard maps AI-agent workflow, instruction, and MCP trust boundaries in repositories."
+    >
+    <title>Agentic Workflow Guard</title>
+    <style>
+      :root {
+        color-scheme: light;
+        --ink: #17212b;
+        --muted: #5f6e7b;
+        --line: #d9e1e8;
+        --paper: #f7fafc;
+        --panel: #ffffff;
+        --accent: #0f766e;
+        --accent-strong: #134e4a;
+      }
+
+      * {
+        box-sizing: border-box;
+      }
+
+      body {
+        margin: 0;
+        background: var(--paper);
+        color: var(--ink);
+        font-family:
+          Inter, ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif;
+        line-height: 1.55;
+      }
+
+      a {
+        color: var(--accent-strong);
+      }
+
+      .hero {
+        border-bottom: 1px solid var(--line);
+        background: var(--panel);
+      }
+
+      .wrap {
+        width: min(1120px, calc(100% - 40px));
+        margin: 0 auto;
+      }
+
+      .hero .wrap {
+        display: grid;
+        grid-template-columns: minmax(0, 1.05fr) minmax(320px, 0.95fr);
+        gap: 44px;
+        align-items: center;
+        min-height: 86vh;
+        padding: 64px 0 40px;
+      }
+
+      .eyebrow {
+        margin: 0 0 14px;
+        color: var(--accent);
+        font-size: 0.78rem;
+        font-weight: 750;
+        letter-spacing: 0;
+        text-transform: uppercase;
+      }
+
+      h1 {
+        margin: 0;
+        max-width: 820px;
+        font-size: clamp(2.45rem, 7vw, 5.6rem);
+        line-height: 0.96;
+        letter-spacing: 0;
+      }
+
+      .lead {
+        max-width: 680px;
+        margin: 24px 0 0;
+        color: var(--muted);
+        font-size: 1.18rem;
+      }
+
+      .actions {
+        display: flex;
+        flex-wrap: wrap;
+        gap: 12px;
+        margin-top: 30px;
+      }
+
+      .button {
+        display: inline-flex;
+        min-height: 44px;
+        align-items: center;
+        justify-content: center;
+        border: 1px solid var(--line);
+        border-radius: 8px;
+        padding: 10px 15px;
+        background: var(--panel);
+        color: var(--ink);
+        font-weight: 720;
+        text-decoration: none;
+      }
+
+      .button.primary {
+        border-color: var(--accent);
+        background: var(--accent);
+        color: #ffffff;
+      }
+
+      .terminal {
+        width: 100%;
+        border: 1px solid var(--line);
+        border-radius: 8px;
+        background: #0c1117;
+        box-shadow: 0 18px 45px rgb(23 33 43 / 12%);
+      }
+
+      section {
+        padding: 46px 0;
+      }
+
+      h2 {
+        margin: 0 0 18px;
+        font-size: 1.35rem;
+        letter-spacing: 0;
+      }
+
+      .grid {
+        display: grid;
+        grid-template-columns: repeat(3, minmax(0, 1fr));
+        gap: 16px;
+      }
+
+      .item {
+        min-height: 144px;
+        border: 1px solid var(--line);
+        border-radius: 8px;
+        padding: 18px;
+        background: var(--panel);
+      }
+
+      .item h3 {
+        margin: 0 0 8px;
+        font-size: 1rem;
+      }
+
+      .item p {
+        margin: 0;
+        color: var(--muted);
+      }
+
+      code {
+        border: 1px solid var(--line);
+        border-radius: 6px;
+        padding: 2px 5px;
+        background: #eef4f8;
+        font-size: 0.9em;
+      }
+
+      footer {
+        border-top: 1px solid var(--line);
+        padding: 24px 0 34px;
+        color: var(--muted);
+      }
+
+      @media (max-width: 850px) {
+        .hero .wrap {
+          grid-template-columns: 1fr;
+          gap: 30px;
+          min-height: auto;
+          padding-top: 46px;
+        }
+
+        .grid {
+          grid-template-columns: 1fr;
+        }
+      }
+    </style>
+  </head>
+  <body>
+    <main>
+      <header class="hero">
+        <div class="wrap">
+          <div>
+            <p class="eyebrow">AI workflow security scanner</p>
+            <h1>Agentic Workflow Guard</h1>
+            <p class="lead">
+              Map every place a repository gives AI agents instructions, tools, secrets, or write power,
+              then turn that map into findings, reports, and safer pull request checks.
+            </p>
+            <div class="actions">
+              <a class="button primary" href="https://github.com/Mughal-Baig/agentic-workflow-guard">GitHub</a>
+              <a class="button" href="https://www.npmjs.com/package/awguard">npm</a>
+              <a class="button" href="https://github.com/Mughal-Baig/agentic-workflow-guard/blob/main/docs/comparison.md">Comparison</a>
+            </div>
+          </div>
+          <img
+            class="terminal"
+            src="assets/terminal-demo.svg"
+            alt="AWGuard terminal demo showing inventory, score, migration, and graph reports"
+          >
+        </div>
+      </header>
+
+      <section>
+        <div class="wrap">
+          <h2>What It Scans</h2>
+          <div class="grid">
+            <article class="item">
+              <h3>Agent Instructions</h3>
+              <p>Finds AGENTS.md, Copilot instructions, custom agents, prompts, and reusable skills.</p>
+            </article>
+            <article class="item">
+              <h3>Automation Paths</h3>
+              <p>Reviews GitHub Actions and other workflow files for unsafe agent execution boundaries.</p>
+            </article>
+            <article class="item">
+              <h3>MCP Trust</h3>
+              <p>Flags unapproved MCP servers, package launches, command tools, and environment exposure.</p>
+            </article>
+          </div>
+        </div>
+      </section>
+
+      <section>
+        <div class="wrap">
+          <h2>Reports Built For Adoption</h2>
+          <div class="grid">
+            <article class="item">
+              <h3>Inventory</h3>
+              <p><code>--format inventory</code> and <code>inventory-json</code> explain the agentic surface.</p>
+            </article>
+            <article class="item">
+              <h3>Risk Score</h3>
+              <p><code>--format score</code> gives teams a compact AWI score they can track over time.</p>
+            </article>
+            <article class="item">
+              <h3>Compare</h3>
+              <p><code>--compare old.json new.json</code> shows introduced and resolved findings between scans.</p>
+            </article>
+          </div>
+        </div>
+      </section>
+    </main>
+    <footer>
+      <div class="wrap">
+        Released as open source. Start with <code>npx awguard@latest init</code>.
+      </div>
+    </footer>
+  </body>
+</html>

package/examples/.gitlab-ci.yml

@@ -0,0 +1,6 @@
+awguard:
+  image: node:20
+  stage: test
+  script:
+    - npx awguard@latest . --format inventory
+    - npx awguard@latest . --fail-on high

package/examples/.vscode/tasks.json

@@ -0,0 +1,17 @@
+{
+  "version": "2.0.0",
+  "tasks": [
+    {
+      "label": "awguard inventory",
+      "type": "shell",
+      "command": "npx awguard@latest . --format inventory",
+      "problemMatcher": []
+    },
+    {
+      "label": "awguard scan",
+      "type": "shell",
+      "command": "npx awguard@latest . --fail-on high",
+      "problemMatcher": []
+    }
+  ]
+}

package/examples/README.md

@@ -7,6 +7,8 @@
 - `.github/copilot-instructions.md`: demonstrates risky persistent agent instruction guidance.
 - `.mcp.json`: demonstrates mutable MCP server packages and committed MCP credentials.
 - `awguard.config.example.json`: sample config with a strict preset and overrides.
+- `lab/`: vulnerable and fixed mini-repositories for demos.
+- `.gitlab-ci.yml`, `pre-commit-config.yaml`, `.vscode/tasks.json`: adoption examples for other workflows.
 
 Try:
 
@@ -15,9 +17,11 @@ node ../bin/awguard.js unsafe-agent.yml --format graph
 node ../bin/awguard.js unsafe-agent.yml --format html --output awguard-report.html
 node ../bin/awguard.js unsafe-agent.yml --format migration
 node ../bin/awguard.js . --format inventory
+node ../bin/awguard.js . --format inventory-json
 node ../bin/awguard.js unsafe-agent.yml --format score
 node ../bin/awguard.js safe-agent.yml --format badge
 node ../bin/awguard.js .mcp.json --format text
 node ../bin/awguard.js . --format text
+node ../bin/awguard.js init
 node ../bin/awguard.js unsafe-agent.yml --fix-dry-run
 ```

package/examples/awguard.config.example.json

@@ -10,5 +10,11 @@
   "suppressions": {
     "allowedRules": ["AWG001", "AWG002"],
     "minimumReasonLength": 20
+  },
+  "policy": {
+    "approvedFiles": ["AGENTS.md", ".github/workflows/*"],
+    "approvedMcpServers": ["github"],
+    "approvedMcpPackages": ["@modelcontextprotocol/server-github@1.2.3"],
+    "approvedMcpCommands": ["npx", "node"]
   }
 }