fivosense 0.1.6 → 0.2.0

package/dist/rules/secrets.js

@@ -1,46 +1,294 @@
 /**
- * Secret detection - finds hardcoded API keys, tokens, passwords
- */
-/**
- * Common secret patterns
+ * FivoSense - AI Security Scanner
+ * Copyright (c) 2026 thevinsoni
+ * Licensed under the MIT License
+ * https://github.com/thevinsoni/sense
  */
 export const SECRET_PATTERNS = [
+    // === AI / ML ===
     {
-        pattern: /['"][A-Za-z0-9_]{32,}['"]/,
-        type: 'generic_token',
-        description: 'Generic API token (32+ chars)',
+        pattern: /['"]sk-proj-[A-Za-z0-9_-]{20,}['"]/,
+        type: 'openai_project_key',
+        description: 'OpenAI Project API key',
         severity: 'high',
     },
     {
-        pattern: /['"]sk-[A-Za-z0-9]{48}['"]/,
+        pattern: /['"]sk-[A-Za-z0-9]{20,}['"]/,
         type: 'openai_key',
         description: 'OpenAI API key',
         severity: 'high',
     },
+    {
+        pattern: /['"]sk-ant-[A-Za-z0-9_-]{20,}['"]/,
+        type: 'anthropic_key',
+        description: 'Anthropic Claude API key',
+        severity: 'high',
+    },
     {
         pattern: /['"]AIza[A-Za-z0-9_-]{35}['"]/,
         type: 'google_api_key',
         description: 'Google API key',
         severity: 'high',
     },
+    {
+        pattern: /['"]ya29\.[A-Za-z0-9_-]+['"]/,
+        type: 'google_oauth_token',
+        description: 'Google OAuth access token',
+        severity: 'high',
+    },
+    {
+        pattern: /['"][0-9]+-[A-Za-z0-9_]{32}\.apps\.googleusercontent\.com['"]/,
+        type: 'google_oauth_client_id',
+        description: 'Google OAuth client ID',
+        severity: 'high',
+    },
+    // === Cloud Providers ===
     {
         pattern: /['"]AKIA[A-Z0-9]{16}['"]/,
         type: 'aws_access_key',
         description: 'AWS Access Key ID',
         severity: 'high',
     },
+    {
+        pattern: /['"]ASIA[A-Z0-9]{16}['"]/,
+        type: 'aws_temp_key',
+        description: 'AWS Temporary Access Key',
+        severity: 'high',
+    },
+    {
+        pattern: /aws[_-]?secret[_-]?access[_-]?key\s*[:=]\s*['"][A-Za-z0-9/+=]{40}['"]/i,
+        type: 'aws_secret_key',
+        description: 'AWS Secret Access Key',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]arn:aws:[a-z0-9-]+:[a-z0-9-]*:[0-9]+:/,
+        type: 'aws_arn',
+        description: 'AWS ARN (resource identifier)',
+        severity: 'medium',
+    },
+    {
+        pattern: /AccountKey\s*=\s*[A-Za-z0-9+/=]{80,}/i,
+        type: 'azure_storage_key',
+        description: 'Azure Storage Account Key',
+        severity: 'high',
+    },
+    {
+        pattern: /['"][a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}['"]/,
+        type: 'azure_tenant_or_client',
+        description: 'Azure Tenant/Client UUID',
+        severity: 'medium',
+    },
+    {
+        pattern: /['"](?:AAAA)[A-Za-z0-9+/=]{40,}['"]/,
+        type: 'firebase_token',
+        description: 'Firebase authentication token',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]SG\.[A-Za-z0-9_-]{22}\.[A-Za-z0-9_-]{43}['"]/,
+        type: 'sendgrid_key',
+        description: 'SendGrid API key',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]service_account['"]\s*[:=]/i,
+        type: 'gcp_service_account',
+        description: 'GCP service account',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]type['"]\s*[:=]\s*['"]service_account['"]/i,
+        type: 'gcp_sa_json',
+        description: 'GCP service account JSON',
+        severity: 'high',
+    },
+    // === GitHub / Git ===
     {
         pattern: /['"]ghp_[A-Za-z0-9]{36}['"]/,
-        type: 'github_token',
-        description: 'GitHub Personal Access Token',
+        type: 'github_pat',
+        description: 'GitHub Personal Access Token (classic)',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]github_pat_[A-Za-z0-9_]{22,}['"]/,
+        type: 'github_fine_grained_pat',
+        description: 'GitHub Fine-Grained PAT',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]gho_[A-Za-z0-9]{36}['"]/,
+        type: 'github_oauth',
+        description: 'GitHub OAuth token',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]ghs_[A-Za-z0-9]{36}['"]/,
+        type: 'github_app_token',
+        description: 'GitHub App installation token',
         severity: 'high',
     },
+    {
+        pattern: /['"]ghr_[A-Za-z0-9]{36}['"]/,
+        type: 'github_refresh',
+        description: 'GitHub refresh token',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]glpat-[A-Za-z0-9_-]{20,}['"]/,
+        type: 'gitlab_pat',
+        description: 'GitLab Personal Access Token',
+        severity: 'high',
+    },
+    // === Communication ===
     {
         pattern: /['"]xox[baprs]-[A-Za-z0-9-]{10,}['"]/,
         type: 'slack_token',
         description: 'Slack Token',
         severity: 'high',
     },
+    {
+        pattern: /['"]https:\/\/hooks\.slack\.com\/services\/T[A-Z0-9]+\/B[A-Z0-9]+\/[A-Za-z0-9]+['"]/,
+        type: 'slack_webhook',
+        description: 'Slack Webhook URL',
+        severity: 'high',
+    },
+    {
+        pattern: /['"][0-9]+:AA[A-Za-z0-9_-]{30,}['"]/,
+        type: 'telegram_bot_token',
+        description: 'Telegram Bot Token',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]discord(app)?\.com\/api\/webhooks\/[0-9]+\/[A-Za-z0-9_-]+['"]/,
+        type: 'discord_webhook',
+        description: 'Discord Webhook URL',
+        severity: 'high',
+    },
+    // === Payment ===
+    {
+        pattern: /['"]sk_live_[A-Za-z0-9]{20,}['"]/,
+        type: 'stripe_secret_live',
+        description: 'Stripe Secret Key (LIVE)',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]sk_test_[A-Za-z0-9]{20,}['"]/,
+        type: 'stripe_secret_test',
+        description: 'Stripe Secret Key (test)',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]rk_live_[A-Za-z0-9]{20,}['"]/,
+        type: 'stripe_restricted_live',
+        description: 'Stripe Restricted Key (LIVE)',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]rk_test_[A-Za-z0-9]{20,}['"]/,
+        type: 'stripe_restricted_test',
+        description: 'Stripe Restricted Key (test)',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]sq0csp-[A-Za-z0-9_-]{22,}['"]/,
+        type: 'square_key',
+        description: 'Square OAuth secret',
+        severity: 'high',
+    },
+    // === SaaS / Dev Tools ===
+    {
+        pattern: /['"]npm_[A-Za-z0-9]{36}['"]/,
+        type: 'npm_token',
+        description: 'npm access token',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]pypi-[A-Za-z0-9_-]{50,}['"]/,
+        type: 'pypi_token',
+        description: 'PyPI API token',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]do_[a-zA-Z0-9]{64}['"]/,
+        type: 'digitalocean_token',
+        description: 'DigitalOcean API token',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]dop_v1_[a-f0-9]{64}['"]/,
+        type: 'doppler_token',
+        description: 'Doppler service token',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]NRAK-[A-Z0-9]{27}['"]/,
+        type: 'newrelic_key',
+        description: 'New Relic API key',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]shpat_[a-fA-F0-9]{32}['"]/,
+        type: 'shopify_key',
+        description: 'Shopify Private App Access Token',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]shpss_[a-fA-F0-9]{32}['"]/,
+        type: 'shopify_secret',
+        description: 'Shopify Shared Secret',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]Bearer\s+[A-Za-z0-9_-]{20,}['"]/,
+        type: 'bearer_token',
+        description: 'Bearer authentication token',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]Basic\s+[A-Za-z0-9+/=]{20,}['"]/,
+        type: 'basic_auth',
+        description: 'Basic authentication header',
+        severity: 'high',
+    },
+    // === Database Connection Strings ===
+    {
+        pattern: /['"]mongodb(\+srv)?:\/\/[^'"]+['"]/,
+        type: 'mongodb_uri',
+        description: 'MongoDB connection string',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]postgres(ql)?:\/\/[^'"]+['"]/,
+        type: 'postgres_uri',
+        description: 'PostgreSQL connection string',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]mysql:\/\/[^'"]+['"]/,
+        type: 'mysql_uri',
+        description: 'MySQL connection string',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]redis:\/\/[^'"]+['"]/,
+        type: 'redis_uri',
+        description: 'Redis connection string',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]amqps?:\/\/[^'"]+['"]/,
+        type: 'amqp_uri',
+        description: 'AMQP connection string',
+        severity: 'high',
+    },
+    {
+        pattern: /['"]jdbc:[^'"]+['"]/,
+        type: 'jdbc_uri',
+        description: 'JDBC connection string',
+        severity: 'high',
+    },
+    // === Generic Hardcoded Credentials ===
     {
         pattern: /password\s*[:=]\s*['"][^'"]+['"]/i,
         type: 'password',
@@ -59,15 +307,47 @@ export const SECRET_PATTERNS = [
         description: 'Hardcoded secret',
         severity: 'high',
     },
+    {
+        pattern: /token\s*[:=]\s*['"][^'"]{20,}['"]/i,
+        type: 'token',
+        description: 'Hardcoded token',
+        severity: 'high',
+    },
+    {
+        pattern: /private[_-]?key\s*[:=]\s*['"][^'"]+['"]/i,
+        type: 'private_key',
+        description: 'Hardcoded private key',
+        severity: 'high',
+    },
+    {
+        pattern: /access[_-]?key\s*[:=]\s*['"][^'"]+['"]/i,
+        type: 'access_key',
+        description: 'Hardcoded access key',
+        severity: 'high',
+    },
+    {
+        pattern: /auth[_-]?token\s*[:=]\s*['"][^'"]+['"]/i,
+        type: 'auth_token',
+        description: 'Hardcoded auth token',
+        severity: 'high',
+    },
+    {
+        pattern: /client[_-]?secret\s*[:=]\s*['"][^'"]+['"]/i,
+        type: 'client_secret',
+        description: 'Hardcoded client secret',
+        severity: 'high',
+    },
+    {
+        pattern: /['"][A-Za-z0-9_]{32,}['"]/,
+        type: 'generic_token',
+        description: 'Generic high-entropy token (32+ chars)',
+        severity: 'medium',
+    },
 ];
-/**
- * Detect secrets in code
- */
 export function detectSecrets(code) {
     const lines = code.split('\n');
     const matches = [];
     lines.forEach((line, index) => {
-        // Skip comments
         if (line.trim().startsWith('//') || line.trim().startsWith('*')) {
             return;
         }
@@ -86,9 +366,6 @@ export function detectSecrets(code) {
     });
     return matches;
 }
-/**
- * Check if specific line contains a secret
- */
 export function isSecretLine(line) {
     for (const pattern of SECRET_PATTERNS) {
         if (pattern.pattern.test(line)) {

package/dist/rules/secrets.js.map

@@ -1 +1 @@
-{"version":3,"file":"secrets.js","sourceRoot":"","sources":["../../src/rules/secrets.ts"],"names":[],"mappings":"AAAA;;GAEG;AASH;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAoB;IAC9C;QACE,OAAO,EAAE,2BAA2B;QACpC,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,+BAA+B;QAC5C,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,4BAA4B;QACrC,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,gBAAgB;QAC7B,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,+BAA+B;QACxC,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,gBAAgB;QAC7B,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,0BAA0B;QACnC,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,mBAAmB;QAChC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,6BAA6B;QACtC,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,8BAA8B;QAC3C,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,sCAAsC;QAC/C,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,aAAa;QAC1B,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,mCAAmC;QAC5C,IAAI,EAAE,UAAU;QAChB,WAAW,EAAE,oBAAoB;QACjC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,sCAAsC;QAC/C,IAAI,EAAE,SAAS;QACf,WAAW,EAAE,mBAAmB;QAChC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,iCAAiC;QAC1C,IAAI,EAAE,QAAQ;QACd,WAAW,EAAE,kBAAkB;QAC/B,QAAQ,EAAE,MAAM;KACjB;CACF,CAAC;AAUF;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,IAAY;IACxC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,OAAO,GAAkB,EAAE,CAAC;IAElC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,gBAAgB;QAChB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAChE,OAAO;QACT,CAAC;QAED,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;YACtC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC1C,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,OAAO,CAAC,IAAI;oBAClB,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,QAAQ,EAAE,OAAO,CAAC,QAAQ;oBAC1B,IAAI,EAAE,KAAK,GAAG,CAAC;oBACf,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;iBACzC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,IAAY;IACvC,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;QACtC,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/B,OAAO,OAAO,CAAC;QACjB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}
+{"version":3,"file":"secrets.js","sourceRoot":"","sources":["../../src/rules/secrets.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAcH,MAAM,CAAC,MAAM,eAAe,GAAoB;IAC9C,kBAAkB;IAClB;QACE,OAAO,EAAE,oCAAoC;QAC7C,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,wBAAwB;QACrC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,6BAA6B;QACtC,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,gBAAgB;QAC7B,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,mCAAmC;QAC5C,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,0BAA0B;QACvC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,+BAA+B;QACxC,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,gBAAgB;QAC7B,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,8BAA8B;QACvC,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,2BAA2B;QACxC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,+DAA+D;QACxE,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,wBAAwB;QACrC,QAAQ,EAAE,MAAM;KACjB;IAED,0BAA0B;IAC1B;QACE,OAAO,EAAE,0BAA0B;QACnC,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,mBAAmB;QAChC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,0BAA0B;QACnC,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,0BAA0B;QACvC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,wEAAwE;QACjF,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,uBAAuB;QACpC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,2CAA2C;QACpD,IAAI,EAAE,SAAS;QACf,WAAW,EAAE,+BAA+B;QAC5C,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,OAAO,EAAE,uCAAuC;QAChD,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,2BAA2B;QACxC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,sEAAsE;QAC/E,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,0BAA0B;QACvC,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,OAAO,EAAE,qCAAqC;QAC9C,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,+BAA+B;QAC5C,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,kDAAkD;QAC3D,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,kBAAkB;QAC/B,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,iCAAiC;QAC1C,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,qBAAqB;QAClC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,gDAAgD;QACzD,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,0BAA0B;QACvC,QAAQ,EAAE,MAAM;KACjB;IAED,uBAAuB;IACvB;QACE,OAAO,EAAE,6BAA6B;QACtC,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,wCAAwC;QACrD,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,sCAAsC;QAC/C,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,yBAAyB;QACtC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,6BAA6B;QACtC,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,oBAAoB;QACjC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,6BAA6B;QACtC,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,+BAA+B;QAC5C,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,6BAA6B;QACtC,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,sBAAsB;QACnC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,kCAAkC;QAC3C,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,8BAA8B;QAC3C,QAAQ,EAAE,MAAM;KACjB;IAED,wBAAwB;IACxB;QACE,OAAO,EAAE,sCAAsC;QAC/C,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,aAAa;QAC1B,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,qFAAqF;QAC9F,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,mBAAmB;QAChC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,qCAAqC;QAC9C,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,oBAAoB;QACjC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,mEAAmE;QAC5E,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,qBAAqB;QAClC,QAAQ,EAAE,MAAM;KACjB;IAED,kBAAkB;IAClB;QACE,OAAO,EAAE,kCAAkC;QAC3C,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,0BAA0B;QACvC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,kCAAkC;QAC3C,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,0BAA0B;QACvC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,kCAAkC;QAC3C,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,8BAA8B;QAC3C,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,kCAAkC;QAC3C,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,8BAA8B;QAC3C,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,mCAAmC;QAC5C,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,qBAAqB;QAClC,QAAQ,EAAE,MAAM;KACjB;IAED,2BAA2B;IAC3B;QACE,OAAO,EAAE,6BAA6B;QACtC,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,kBAAkB;QAC/B,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,iCAAiC;QAC1C,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,gBAAgB;QAC7B,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,4BAA4B;QACrC,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,wBAAwB;QACrC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,6BAA6B;QACtC,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,uBAAuB;QACpC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,2BAA2B;QACpC,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,mBAAmB;QAChC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,+BAA+B;QACxC,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,kCAAkC;QAC/C,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,+BAA+B;QACxC,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,uBAAuB;QACpC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,qCAAqC;QAC9C,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,6BAA6B;QAC1C,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,qCAAqC;QAC9C,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,6BAA6B;QAC1C,QAAQ,EAAE,MAAM;KACjB;IAED,sCAAsC;IACtC;QACE,OAAO,EAAE,oCAAoC;QAC7C,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,2BAA2B;QACxC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,kCAAkC;QAC3C,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,8BAA8B;QAC3C,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,0BAA0B;QACnC,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,yBAAyB;QACtC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,0BAA0B;QACnC,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,yBAAyB;QACtC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,2BAA2B;QACpC,IAAI,EAAE,UAAU;QAChB,WAAW,EAAE,wBAAwB;QACrC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,qBAAqB;QAC9B,IAAI,EAAE,UAAU;QAChB,WAAW,EAAE,wBAAwB;QACrC,QAAQ,EAAE,MAAM;KACjB;IAED,wCAAwC;IACxC;QACE,OAAO,EAAE,mCAAmC;QAC5C,IAAI,EAAE,UAAU;QAChB,WAAW,EAAE,oBAAoB;QACjC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,sCAAsC;QAC/C,IAAI,EAAE,SAAS;QACf,WAAW,EAAE,mBAAmB;QAChC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,iCAAiC;QAC1C,IAAI,EAAE,QAAQ;QACd,WAAW,EAAE,kBAAkB;QAC/B,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,oCAAoC;QAC7C,IAAI,EAAE,OAAO;QACb,WAAW,EAAE,iBAAiB;QAC9B,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,0CAA0C;QACnD,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,uBAAuB;QACpC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,yCAAyC;QAClD,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,sBAAsB;QACnC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,yCAAyC;QAClD,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,sBAAsB;QACnC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,4CAA4C;QACrD,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,yBAAyB;QACtC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,2BAA2B;QACpC,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,wCAAwC;QACrD,QAAQ,EAAE,QAAQ;KACnB;CACF,CAAC;AAUF,MAAM,UAAU,aAAa,CAAC,IAAY;IACxC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,OAAO,GAAkB,EAAE,CAAC;IAElC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAChE,OAAO;QACT,CAAC;QAED,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;YACtC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC1C,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,OAAO,CAAC,IAAI;oBAClB,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,QAAQ,EAAE,OAAO,CAAC,QAAQ;oBAC1B,IAAI,EAAE,KAAK,GAAG,CAAC;oBACf,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;iBACzC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,IAAY;IACvC,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;QACtC,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/B,OAAO,OAAO,CAAC;QACjB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}

package/mcp/index.js

@@ -1,4 +1,11 @@
 #!/usr/bin/env node
+/**
+ * FivoSense MCP Server
+ * Copyright (c) 2026 thevinsoni
+ * Licensed under the MIT License
+ * https://github.com/thevinsoni/sense
+ */
+
 /**
  * FivoSense MCP Server
  * 

package/mcp/package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "fivosense-mcp",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "fivosense-mcp",
-      "version": "0.1.0",
+      "version": "0.1.1",
       "license": "MIT",
       "dependencies": {
         "@modelcontextprotocol/sdk": "^0.5.0",

package/mcp/package.json

@@ -1,6 +1,6 @@
 {
   "name": "fivosense-mcp",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "MCP server for FivoSense security scanner",
   "type": "module",
   "main": "index.js",
@@ -10,12 +10,29 @@
   "scripts": {
     "start": "node index.js"
   },
-  "keywords": ["mcp", "security", "fivosense", "ai-agent"],
-  "author": "Fivo Sense Contributors",
+  "keywords": [
+    "mcp",
+    "security",
+    "fivosense",
+    "ai-agent",
+    "claude",
+    "gpt",
+    "vulnerability-scanner"
+  ],
+  "author": "thevinsoni",
   "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/thevinsoni/sense.git",
+    "directory": "mcp"
+  },
+  "bugs": {
+    "url": "https://github.com/thevinsoni/sense/issues"
+  },
+  "homepage": "https://github.com/thevinsoni/sense#readme",
   "dependencies": {
     "@modelcontextprotocol/sdk": "^0.5.0",
-    "fivosense": "^0.1.5"
+    "fivosense": "^0.1.6"
   },
   "engines": {
     "node": ">=20.0.0"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "fivosense",
-  "version": "0.1.6",
+  "version": "0.2.0",
   "description": "Neuro-symbolic AI security plugin with taint-trace proof generation",
   "main": "dist/index.js",
   "type": "module",
@@ -25,16 +25,16 @@
     "vscode-extension",
     "code-scanner"
   ],
-  "author": "Fivo Sense Contributors",
+  "author": "thevinsoni",
   "license": "MIT",
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/itsvinsoni/sense.git"
+    "url": "git+https://github.com/thevinsoni/sense.git"
   },
   "bugs": {
-    "url": "https://github.com/itsvinsoni/sense/issues"
+    "url": "https://github.com/thevinsoni/sense/issues"
   },
-  "homepage": "https://github.com/itsvinsoni/sense#readme",
+  "homepage": "https://github.com/thevinsoni/sense#readme",
   "devDependencies": {
     "@types/babel__core": "^7.20.5",
     "@types/babel__traverse": "^7.20.6",

package/src/ai/client.ts

@@ -1,3 +1,10 @@
+/**
+ * FivoSense - AI Security Scanner
+ * Copyright (c) 2026 thevinsoni
+ * Licensed under the MIT License
+ * https://github.com/thevinsoni/sense
+ */
+
 /**
  * AI Client - BYOK (Bring Your Own Key) support for multiple AI providers
  */

package/src/ai/judge.ts

@@ -1,3 +1,10 @@
+/**
+ * FivoSense - AI Security Scanner
+ * Copyright (c) 2026 thevinsoni
+ * Licensed under the MIT License
+ * https://github.com/thevinsoni/sense
+ */
+
 /**
  * AI Path Judge - Uses host AI to determine exploitability
  */

package/src/cli/index.ts

@@ -1,4 +1,10 @@
-#!/usr/bin/env node
+/**
+ * FivoSense CLI
+ * Copyright (c) 2026 thevinsoni
+ * Licensed under the MIT License
+ * https://github.com/thevinsoni/sense
+ */
+
 /**
  * FivoSense CLI
  */

package/src/core/orchestrator.ts

@@ -1,3 +1,10 @@
+/**
+ * FivoSense - AI Security Scanner
+ * Copyright (c) 2026 thevinsoni
+ * Licensed under the MIT License
+ * https://github.com/thevinsoni/sense
+ */
+
 /**
  * Orchestrator - Coordinates analysis pipeline and flow control
  */

package/src/core/scope.ts

@@ -1,3 +1,10 @@
+/**
+ * FivoSense - AI Security Scanner
+ * Copyright (c) 2026 thevinsoni
+ * Licensed under the MIT License
+ * https://github.com/thevinsoni/sense
+ */
+
 /**
  * Scope Management - Track and filter relevant code changes
  */

package/src/editors/vscode.ts

@@ -1,3 +1,10 @@
+/**
+ * FivoSense - AI Security Scanner
+ * Copyright (c) 2026 thevinsoni
+ * Licensed under the MIT License
+ * https://github.com/thevinsoni/sense
+ */
+
 /**
  * VS Code Extension Adapter
  * Integrates FivoSense with VS Code

package/src/engine/adversary.ts

@@ -1,3 +1,10 @@
+/**
+ * FivoSense - AI Security Scanner
+ * Copyright (c) 2026 thevinsoni
+ * Licensed under the MIT License
+ * https://github.com/thevinsoni/sense
+ */
+
 /**
  * Adversarial Verification - AI attacker proves exploitability
  */

package/src/engine/graph.ts

@@ -1,3 +1,10 @@
+/**
+ * FivoSense - AI Security Scanner
+ * Copyright (c) 2026 thevinsoni
+ * Licensed under the MIT License
+ * https://github.com/thevinsoni/sense
+ */
+
 /**
  * FivoCore Graph Builder
  */

package/src/engine/poc.ts

@@ -1,3 +1,10 @@
+/**
+ * FivoSense - AI Security Scanner
+ * Copyright (c) 2026 thevinsoni
+ * Licensed under the MIT License
+ * https://github.com/thevinsoni/sense
+ */
+
 /**
  * PoC Generator - Generate proof-of-concept exploits
  */

package/src/engine/reach.ts

@@ -1,3 +1,10 @@
+/**
+ * FivoSense - AI Security Scanner
+ * Copyright (c) 2026 thevinsoni
+ * Licensed under the MIT License
+ * https://github.com/thevinsoni/sense
+ */
+
 /**
  * Reachability Analysis - Filters code to only entry-point reachable paths
  * This reduces analysis surface by ~97% (OpenAnt research)