coverme-security-scanner 3.3.0 → 3.6.0

package/commands/coverme.md

@@ -6,6 +6,16 @@ Run a comprehensive security assessment on this codebase and generate a professi
 
 You are a senior security architect and penetration tester performing a pre-production security audit. Run 7 parallel security agents to analyze this codebase comprehensively.
 
+### Step 0: Setup (Run First!)
+
+Before starting the scan, create the output directory:
+
+```bash
+mkdir -p .coverme
+```
+
+This prevents errors when saving the scan results.
+
 ### Step 1: Launch Parallel Agents
 
 Launch these 7 agents simultaneously using the Task tool:
@@ -295,12 +305,22 @@ After all agents complete, compile their findings into a JSON file with this enh
 }
 ```
 
-### Step 5: Generate PDF
+### Step 5: Save and Generate PDF
+
+**IMPORTANT: Write the JSON using the Write tool, NOT bash heredoc.**
+
+1. **Create the output directory first:**
+```bash
+mkdir -p .coverme
+```
 
-Save the JSON to `.coverme/scan.json` in the project root, then generate the PDF:
+2. **Use the Write tool to save `.coverme/scan.json`** with ALL findings from the agents.
+   Include everything: all codeEvidence, exploitability, blastRadius, businessImpact.
+   The more detail, the better the report.
 
+3. **Generate the PDF:**
 ```bash
-npx coverme-security-scanner .coverme/scan.json security-assessment-$(date +%Y-%m-%d).pdf && open security-assessment-$(date +%Y-%m-%d).pdf
+coverme .coverme/scan.json security-assessment-$(date +%Y-%m-%d).pdf && open security-assessment-$(date +%Y-%m-%d).pdf
 ```
 
 **IMPORTANT:** You MUST run this command to generate and open the PDF. Do not skip this step.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "coverme-security-scanner",
-  "version": "3.3.0",
+  "version": "3.6.0",
   "description": "AI-powered security assessment reports with beautiful PDF output",
   "type": "module",
   "bin": {