npm - hackmyagent - Versions diffs - 0.7.2 → 0.8.1 - Mend

hackmyagent 0.7.2 → 0.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (393) hide show

package/LICENSE +191 -0
package/README.md +172 -261
package/dist/abgr/controls.d.ts +35 -0
package/dist/abgr/controls.d.ts.map +1 -0
package/dist/abgr/controls.js +1058 -0
package/dist/abgr/controls.js.map +1 -0
package/dist/abgr/detector.d.ts +45 -0
package/dist/abgr/detector.d.ts.map +1 -0
package/dist/abgr/detector.js +175 -0
package/dist/abgr/detector.js.map +1 -0
package/dist/abgr/index.d.ts +24 -0
package/dist/abgr/index.d.ts.map +1 -0
package/dist/abgr/index.js +50 -0
package/dist/abgr/index.js.map +1 -0
package/dist/abgr/scorer.d.ts +36 -0
package/dist/abgr/scorer.d.ts.map +1 -0
package/dist/abgr/scorer.js +205 -0
package/dist/abgr/scorer.js.map +1 -0
package/dist/abgr/templates.d.ts +35 -0
package/dist/abgr/templates.d.ts.map +1 -0
package/dist/abgr/templates.js +668 -0
package/dist/abgr/templates.js.map +1 -0
package/dist/abgr/tier.d.ts +27 -0
package/dist/abgr/tier.d.ts.map +1 -0
package/dist/abgr/tier.js +115 -0
package/dist/abgr/tier.js.map +1 -0
package/dist/abgr/types.d.ts +59 -0
package/dist/abgr/types.d.ts.map +1 -0
package/dist/abgr/types.js +10 -0
package/dist/abgr/types.js.map +1 -0
package/dist/agent-scan/checks.d.ts +6 -0
package/dist/agent-scan/checks.d.ts.map +1 -0
package/dist/agent-scan/checks.js +93 -0
package/dist/agent-scan/checks.js.map +1 -0
package/dist/agent-scan/index.d.ts +10 -0
package/dist/agent-scan/index.d.ts.map +1 -0
package/dist/agent-scan/index.js +16 -0
package/dist/agent-scan/index.js.map +1 -0
package/dist/agent-scan/scanner.d.ts +31 -0
package/dist/agent-scan/scanner.d.ts.map +1 -0
package/dist/agent-scan/scanner.js +484 -0
package/dist/agent-scan/scanner.js.map +1 -0
package/dist/agent-scan/types.d.ts +63 -0
package/dist/agent-scan/types.d.ts.map +1 -0
package/dist/agent-scan/types.js +10 -0
package/dist/agent-scan/types.js.map +1 -0
package/dist/arp/cli/index.d.ts +3 -0
package/dist/arp/cli/index.d.ts.map +1 -0
package/dist/arp/cli/index.js +225 -0
package/dist/arp/cli/index.js.map +1 -0
package/dist/arp/config/loader.d.ts +8 -0
package/dist/arp/config/loader.d.ts.map +1 -0
package/dist/arp/config/loader.js +102 -0
package/dist/arp/config/loader.js.map +1 -0
package/dist/arp/enforcement/kill-switch.d.ts +22 -0
package/dist/arp/enforcement/kill-switch.d.ts.map +1 -0
package/dist/arp/enforcement/kill-switch.js +122 -0
package/dist/arp/enforcement/kill-switch.js.map +1 -0
package/dist/arp/engine/event-engine.d.ts +29 -0
package/dist/arp/engine/event-engine.d.ts.map +1 -0
package/dist/arp/engine/event-engine.js +233 -0
package/dist/arp/engine/event-engine.js.map +1 -0
package/dist/arp/index.d.ts +81 -0
package/dist/arp/index.d.ts.map +1 -0
package/dist/arp/index.js +239 -0
package/dist/arp/index.js.map +1 -0
package/dist/arp/intelligence/adapters.d.ts +45 -0
package/dist/arp/intelligence/adapters.d.ts.map +1 -0
package/dist/arp/intelligence/adapters.js +222 -0
package/dist/arp/intelligence/adapters.js.map +1 -0
package/dist/arp/intelligence/anomaly.d.ts +32 -0
package/dist/arp/intelligence/anomaly.d.ts.map +1 -0
package/dist/arp/intelligence/anomaly.js +80 -0
package/dist/arp/intelligence/anomaly.js.map +1 -0
package/dist/arp/intelligence/budget.d.ts +33 -0
package/dist/arp/intelligence/budget.d.ts.map +1 -0
package/dist/arp/intelligence/budget.js +150 -0
package/dist/arp/intelligence/budget.js.map +1 -0
package/dist/arp/intelligence/coordinator.d.ts +43 -0
package/dist/arp/intelligence/coordinator.d.ts.map +1 -0
package/dist/arp/intelligence/coordinator.js +301 -0
package/dist/arp/intelligence/coordinator.js.map +1 -0
package/dist/arp/interceptors/a2a-protocol.d.ts +29 -0
package/dist/arp/interceptors/a2a-protocol.d.ts.map +1 -0
package/dist/arp/interceptors/a2a-protocol.js +111 -0
package/dist/arp/interceptors/a2a-protocol.js.map +1 -0
package/dist/arp/interceptors/filesystem.d.ts +33 -0
package/dist/arp/interceptors/filesystem.d.ts.map +1 -0
package/dist/arp/interceptors/filesystem.js +199 -0
package/dist/arp/interceptors/filesystem.js.map +1 -0
package/dist/arp/interceptors/mcp-protocol.d.ts +25 -0
package/dist/arp/interceptors/mcp-protocol.d.ts.map +1 -0
package/dist/arp/interceptors/mcp-protocol.js +126 -0
package/dist/arp/interceptors/mcp-protocol.js.map +1 -0
package/dist/arp/interceptors/network.d.ts +26 -0
package/dist/arp/interceptors/network.d.ts.map +1 -0
package/dist/arp/interceptors/network.js +146 -0
package/dist/arp/interceptors/network.js.map +1 -0
package/dist/arp/interceptors/process.d.ts +26 -0
package/dist/arp/interceptors/process.d.ts.map +1 -0
package/dist/arp/interceptors/process.js +157 -0
package/dist/arp/interceptors/process.js.map +1 -0
package/dist/arp/interceptors/prompt.d.ts +29 -0
package/dist/arp/interceptors/prompt.d.ts.map +1 -0
package/dist/arp/interceptors/prompt.js +82 -0
package/dist/arp/interceptors/prompt.js.map +1 -0
package/dist/arp/license/index.d.ts +59 -0
package/dist/arp/license/index.d.ts.map +1 -0
package/dist/arp/license/index.js +78 -0
package/dist/arp/license/index.js.map +1 -0
package/dist/arp/monitors/filesystem.d.ts +21 -0
package/dist/arp/monitors/filesystem.d.ts.map +1 -0
package/dist/arp/monitors/filesystem.js +141 -0
package/dist/arp/monitors/filesystem.js.map +1 -0
package/dist/arp/monitors/network.d.ts +32 -0
package/dist/arp/monitors/network.d.ts.map +1 -0
package/dist/arp/monitors/network.js +301 -0
package/dist/arp/monitors/network.js.map +1 -0
package/dist/arp/monitors/process.d.ts +24 -0
package/dist/arp/monitors/process.d.ts.map +1 -0
package/dist/arp/monitors/process.js +205 -0
package/dist/arp/monitors/process.js.map +1 -0
package/dist/arp/patterns/ai-threats.d.ts +48 -0
package/dist/arp/patterns/ai-threats.d.ts.map +1 -0
package/dist/arp/patterns/ai-threats.js +215 -0
package/dist/arp/patterns/ai-threats.js.map +1 -0
package/dist/arp/proxy/forward.d.ts +23 -0
package/dist/arp/proxy/forward.d.ts.map +1 -0
package/dist/arp/proxy/forward.js +152 -0
package/dist/arp/proxy/forward.js.map +1 -0
package/dist/arp/proxy/server.d.ts +45 -0
package/dist/arp/proxy/server.d.ts.map +1 -0
package/dist/arp/proxy/server.js +331 -0
package/dist/arp/proxy/server.js.map +1 -0
package/dist/arp/reporting/local-log.d.ts +22 -0
package/dist/arp/reporting/local-log.d.ts.map +1 -0
package/dist/arp/reporting/local-log.js +116 -0
package/dist/arp/reporting/local-log.js.map +1 -0
package/dist/arp/types.d.ts +230 -0
package/dist/arp/types.d.ts.map +1 -0
package/dist/arp/types.js +4 -0
package/dist/arp/types.js.map +1 -0
package/dist/attack/custom-payloads.d.ts +11 -0
package/dist/attack/custom-payloads.d.ts.map +1 -0
package/dist/attack/custom-payloads.js +108 -0
package/dist/attack/custom-payloads.js.map +1 -0
package/dist/attack/fail-policy.d.ts +16 -0
package/dist/attack/fail-policy.d.ts.map +1 -0
package/dist/attack/fail-policy.js +36 -0
package/dist/attack/fail-policy.js.map +1 -0
package/dist/attack/index.d.ts +12 -0
package/dist/attack/index.d.ts.map +1 -0
package/dist/attack/index.js +30 -0
package/dist/attack/index.js.map +1 -0
package/dist/attack/payloads/a2a-attacks.d.ts +12 -0
package/dist/attack/payloads/a2a-attacks.d.ts.map +1 -0
package/dist/attack/payloads/a2a-attacks.js +221 -0
package/dist/attack/payloads/a2a-attacks.js.map +1 -0
package/dist/attack/payloads/capability-abuse.d.ts +8 -0
package/dist/attack/payloads/capability-abuse.d.ts.map +1 -0
package/dist/attack/payloads/capability-abuse.js +222 -0
package/dist/attack/payloads/capability-abuse.js.map +1 -0
package/dist/attack/payloads/context-manipulation.d.ts +8 -0
package/dist/attack/payloads/context-manipulation.d.ts.map +1 -0
package/dist/attack/payloads/context-manipulation.js +217 -0
package/dist/attack/payloads/context-manipulation.js.map +1 -0
package/dist/attack/payloads/data-exfiltration.d.ts +8 -0
package/dist/attack/payloads/data-exfiltration.d.ts.map +1 -0
package/dist/attack/payloads/data-exfiltration.js +249 -0
package/dist/attack/payloads/data-exfiltration.js.map +1 -0
package/dist/attack/payloads/index.d.ts +29 -0
package/dist/attack/payloads/index.d.ts.map +1 -0
package/dist/attack/payloads/index.js +76 -0
package/dist/attack/payloads/index.js.map +1 -0
package/dist/attack/payloads/jailbreak.d.ts +8 -0
package/dist/attack/payloads/jailbreak.d.ts.map +1 -0
package/dist/attack/payloads/jailbreak.js +265 -0
package/dist/attack/payloads/jailbreak.js.map +1 -0
package/dist/attack/payloads/mcp-exploitation.d.ts +12 -0
package/dist/attack/payloads/mcp-exploitation.d.ts.map +1 -0
package/dist/attack/payloads/mcp-exploitation.js +221 -0
package/dist/attack/payloads/mcp-exploitation.js.map +1 -0
package/dist/attack/payloads/prompt-injection.d.ts +8 -0
package/dist/attack/payloads/prompt-injection.d.ts.map +1 -0
package/dist/attack/payloads/prompt-injection.js +262 -0
package/dist/attack/payloads/prompt-injection.js.map +1 -0
package/dist/attack/scanner.d.ts +84 -0
package/dist/attack/scanner.d.ts.map +1 -0
package/dist/attack/scanner.js +509 -0
package/dist/attack/scanner.js.map +1 -0
package/dist/attack/types.d.ts +153 -0
package/dist/attack/types.d.ts.map +1 -0
package/dist/attack/types.js +46 -0
package/dist/attack/types.js.map +1 -0
package/dist/benchmarks/index.d.ts +16 -0
package/dist/benchmarks/index.d.ts.map +1 -0
package/dist/benchmarks/index.js +27 -0
package/dist/benchmarks/index.js.map +1 -0
package/dist/benchmarks/oasb-1.d.ts +112 -0
package/dist/benchmarks/oasb-1.d.ts.map +1 -0
package/dist/benchmarks/oasb-1.js +1124 -0
package/dist/benchmarks/oasb-1.js.map +1 -0
package/dist/checker/check-skill.d.ts +48 -0
package/dist/checker/check-skill.d.ts.map +1 -0
package/dist/checker/check-skill.js +105 -0
package/dist/checker/check-skill.js.map +1 -0
package/dist/checker/index.d.ts +12 -0
package/dist/checker/index.d.ts.map +1 -0
package/dist/checker/index.js +16 -0
package/dist/checker/index.js.map +1 -0
package/dist/checker/permission-analyzer.d.ts +12 -0
package/dist/checker/permission-analyzer.d.ts.map +1 -0
package/dist/checker/permission-analyzer.js +84 -0
package/dist/checker/permission-analyzer.js.map +1 -0
package/dist/checker/publisher-verifier.d.ts +34 -0
package/dist/checker/publisher-verifier.d.ts.map +1 -0
package/dist/checker/publisher-verifier.js +121 -0
package/dist/checker/publisher-verifier.js.map +1 -0
package/dist/checker/skill-identifier.d.ts +14 -0
package/dist/checker/skill-identifier.d.ts.map +1 -0
package/dist/checker/skill-identifier.js +55 -0
package/dist/checker/skill-identifier.js.map +1 -0
package/dist/cli.d.ts +7 -0
package/dist/cli.d.ts.map +1 -0
package/dist/cli.js +3534 -0
package/dist/cli.js.map +1 -0
package/dist/hardening/index.d.ts +7 -0
package/dist/hardening/index.d.ts.map +1 -0
package/dist/hardening/index.js +9 -0
package/dist/hardening/index.js.map +1 -0
package/dist/hardening/llm-checks.d.ts +18 -0
package/dist/hardening/llm-checks.d.ts.map +1 -0
package/dist/hardening/llm-checks.js +434 -0
package/dist/hardening/llm-checks.js.map +1 -0
package/dist/hardening/mcp-tool-enum.d.ts +45 -0
package/dist/hardening/mcp-tool-enum.d.ts.map +1 -0
package/dist/hardening/mcp-tool-enum.js +315 -0
package/dist/hardening/mcp-tool-enum.js.map +1 -0
package/dist/hardening/scanner.d.ts +147 -0
package/dist/hardening/scanner.d.ts.map +1 -0
package/dist/hardening/scanner.js +5445 -0
package/dist/hardening/scanner.js.map +1 -0
package/dist/hardening/security-check.d.ts +85 -0
package/dist/hardening/security-check.d.ts.map +1 -0
package/dist/hardening/security-check.js +6 -0
package/dist/hardening/security-check.js.map +1 -0
package/dist/hardening/shell-checks.d.ts +21 -0
package/dist/hardening/shell-checks.d.ts.map +1 -0
package/dist/hardening/shell-checks.js +236 -0
package/dist/hardening/shell-checks.js.map +1 -0
package/dist/index.d.ts +38 -4
package/dist/index.d.ts.map +1 -1
package/dist/index.js +91 -3525
package/dist/index.js.map +1 -1
package/dist/mcp-server.js +10 -10
package/dist/mcp-server.js.map +1 -1
package/dist/oasb/config/dvaa-targets.d.ts +13 -0
package/dist/oasb/config/dvaa-targets.d.ts.map +1 -0
package/dist/oasb/config/dvaa-targets.js +89 -0
package/dist/oasb/config/dvaa-targets.js.map +1 -0
package/dist/oasb/harness/arp-wrapper.d.ts +29 -0
package/dist/oasb/harness/arp-wrapper.d.ts.map +1 -0
package/dist/oasb/harness/arp-wrapper.js +134 -0
package/dist/oasb/harness/arp-wrapper.js.map +1 -0
package/dist/oasb/harness/dvaa-client.d.ts +46 -0
package/dist/oasb/harness/dvaa-client.d.ts.map +1 -0
package/dist/oasb/harness/dvaa-client.js +98 -0
package/dist/oasb/harness/dvaa-client.js.map +1 -0
package/dist/oasb/harness/dvaa-manager.d.ts +17 -0
package/dist/oasb/harness/dvaa-manager.d.ts.map +1 -0
package/dist/oasb/harness/dvaa-manager.js +132 -0
package/dist/oasb/harness/dvaa-manager.js.map +1 -0
package/dist/oasb/harness/event-collector.d.ts +33 -0
package/dist/oasb/harness/event-collector.d.ts.map +1 -0
package/dist/oasb/harness/event-collector.js +86 -0
package/dist/oasb/harness/event-collector.js.map +1 -0
package/dist/oasb/harness/metrics.d.ts +14 -0
package/dist/oasb/harness/metrics.d.ts.map +1 -0
package/dist/oasb/harness/metrics.js +56 -0
package/dist/oasb/harness/metrics.js.map +1 -0
package/dist/oasb/harness/mock-llm-adapter.d.ts +34 -0
package/dist/oasb/harness/mock-llm-adapter.d.ts.map +1 -0
package/dist/oasb/harness/mock-llm-adapter.js +69 -0
package/dist/oasb/harness/mock-llm-adapter.js.map +1 -0
package/dist/oasb/harness/types.d.ts +74 -0
package/dist/oasb/harness/types.d.ts.map +1 -0
package/dist/oasb/harness/types.js +3 -0
package/dist/oasb/harness/types.js.map +1 -0
package/dist/plugins/core.d.ts +109 -0
package/dist/plugins/core.d.ts.map +1 -0
package/dist/plugins/core.js +30 -0
package/dist/plugins/core.js.map +1 -0
package/dist/plugins/credvault.d.ts +22 -0
package/dist/plugins/credvault.d.ts.map +1 -0
package/dist/plugins/credvault.js +374 -0
package/dist/plugins/credvault.js.map +1 -0
package/dist/plugins/signcrypt.d.ts +27 -0
package/dist/plugins/signcrypt.d.ts.map +1 -0
package/dist/plugins/signcrypt.js +317 -0
package/dist/plugins/signcrypt.js.map +1 -0
package/dist/plugins/skillguard.d.ts +25 -0
package/dist/plugins/skillguard.d.ts.map +1 -0
package/dist/plugins/skillguard.js +346 -0
package/dist/plugins/skillguard.js.map +1 -0
package/dist/registry/client.d.ts +125 -0
package/dist/registry/client.d.ts.map +1 -0
package/dist/registry/client.js +308 -0
package/dist/registry/client.js.map +1 -0
package/dist/registry/contribution.d.ts +178 -0
package/dist/registry/contribution.d.ts.map +1 -0
package/dist/registry/contribution.js +272 -0
package/dist/registry/contribution.js.map +1 -0
package/dist/registry/index.d.ts +3 -0
package/dist/registry/index.d.ts.map +1 -0
package/dist/registry/index.js +10 -0
package/dist/registry/index.js.map +1 -0
package/dist/scanner/external-scanner.d.ts +13 -0
package/dist/scanner/external-scanner.d.ts.map +1 -0
package/dist/scanner/external-scanner.js +299 -0
package/dist/scanner/external-scanner.js.map +1 -0
package/dist/scanner/index.d.ts +6 -0
package/dist/scanner/index.d.ts.map +1 -0
package/dist/scanner/index.js +9 -0
package/dist/scanner/index.js.map +1 -0
package/dist/scanner/types.d.ts +32 -0
package/dist/scanner/types.d.ts.map +1 -0
package/dist/scanner/types.js +6 -0
package/dist/scanner/types.js.map +1 -0
package/dist/semantic/deep-scan.d.ts +13 -0
package/dist/semantic/deep-scan.d.ts.map +1 -0
package/dist/semantic/deep-scan.js +63 -0
package/dist/semantic/deep-scan.js.map +1 -0
package/dist/semantic/index.d.ts +17 -0
package/dist/semantic/index.d.ts.map +1 -0
package/dist/semantic/index.js +39 -0
package/dist/semantic/index.js.map +1 -0
package/dist/semantic/integration/cost-estimator.d.ts +17 -0
package/dist/semantic/integration/cost-estimator.d.ts.map +1 -0
package/dist/semantic/integration/cost-estimator.js +54 -0
package/dist/semantic/integration/cost-estimator.js.map +1 -0
package/dist/semantic/integration/finding-adapter.d.ts +34 -0
package/dist/semantic/integration/finding-adapter.d.ts.map +1 -0
package/dist/semantic/integration/finding-adapter.js +41 -0
package/dist/semantic/integration/finding-adapter.js.map +1 -0
package/dist/semantic/integration/oasb-upgrader.d.ts +20 -0
package/dist/semantic/integration/oasb-upgrader.d.ts.map +1 -0
package/dist/semantic/integration/oasb-upgrader.js +47 -0
package/dist/semantic/integration/oasb-upgrader.js.map +1 -0
package/dist/semantic/llm/budget.d.ts +50 -0
package/dist/semantic/llm/budget.d.ts.map +1 -0
package/dist/semantic/llm/budget.js +139 -0
package/dist/semantic/llm/budget.js.map +1 -0
package/dist/semantic/llm/cache.d.ts +36 -0
package/dist/semantic/llm/cache.d.ts.map +1 -0
package/dist/semantic/llm/cache.js +103 -0
package/dist/semantic/llm/cache.js.map +1 -0
package/dist/semantic/llm/client.d.ts +49 -0
package/dist/semantic/llm/client.d.ts.map +1 -0
package/dist/semantic/llm/client.js +64 -0
package/dist/semantic/llm/client.js.map +1 -0
package/dist/semantic/llm/index.d.ts +33 -0
package/dist/semantic/llm/index.d.ts.map +1 -0
package/dist/semantic/llm/index.js +129 -0
package/dist/semantic/llm/index.js.map +1 -0
package/dist/semantic/llm/prompts.d.ts +30 -0
package/dist/semantic/llm/prompts.d.ts.map +1 -0
package/dist/semantic/llm/prompts.js +120 -0
package/dist/semantic/llm/prompts.js.map +1 -0
package/dist/semantic/structural/credential-context.d.ts +14 -0
package/dist/semantic/structural/credential-context.d.ts.map +1 -0
package/dist/semantic/structural/credential-context.js +295 -0
package/dist/semantic/structural/credential-context.js.map +1 -0
package/dist/semantic/structural/index.d.ts +28 -0
package/dist/semantic/structural/index.d.ts.map +1 -0
package/dist/semantic/structural/index.js +138 -0
package/dist/semantic/structural/index.js.map +1 -0
package/dist/semantic/structural/instruction.d.ts +19 -0
package/dist/semantic/structural/instruction.d.ts.map +1 -0
package/dist/semantic/structural/instruction.js +167 -0
package/dist/semantic/structural/instruction.js.map +1 -0
package/dist/semantic/structural/mcp-config.d.ts +22 -0
package/dist/semantic/structural/mcp-config.d.ts.map +1 -0
package/dist/semantic/structural/mcp-config.js +294 -0
package/dist/semantic/structural/mcp-config.js.map +1 -0
package/dist/semantic/structural/permission-model.d.ts +16 -0
package/dist/semantic/structural/permission-model.d.ts.map +1 -0
package/dist/semantic/structural/permission-model.js +121 -0
package/dist/semantic/structural/permission-model.js.map +1 -0
package/dist/semantic/types.d.ts +122 -0
package/dist/semantic/types.d.ts.map +1 -0
package/dist/semantic/types.js +10 -0
package/dist/semantic/types.js.map +1 -0
package/package.json +25 -14

package/README.md CHANGED Viewed

@@ -1,60 +1,59 @@
-> **[OpenA2A](https://github.com/opena2a-org/opena2a)**: [AIM](https://github.com/opena2a-org/agent-identity-management) · [HackMyAgent](https://github.com/opena2a-org/hackmyagent) · [OASB](https://github.com/opena2a-org/oasb) · [ARP](https://github.com/opena2a-org/arp) · [Secretless](https://github.com/opena2a-org/secretless-ai) · [DVAA](https://github.com/opena2a-org/damn-vulnerable-ai-agent)
+> **[OpenA2A](https://github.com/opena2a-org)**: [CLI](https://github.com/opena2a-org/opena2a) · [Secretless](https://github.com/opena2a-org/secretless-ai) · [AIM](https://github.com/opena2a-org/agent-identity-management) · [Browser Guard](https://github.com/opena2a-org/AI-BrowserGuard) · [DVAA](https://github.com/opena2a-org/damn-vulnerable-ai-agent) · [Registry](https://registry.opena2a.org)
 # HackMyAgent
 [![npm version](https://img.shields.io/npm/v/hackmyagent.svg)](https://www.npmjs.com/package/hackmyagent)
 [![License: Apache-2.0](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
-[![Tests](https://img.shields.io/badge/tests-611%20passing-brightgreen)](https://github.com/opena2a-org/hackmyagent)
+[![Tests](https://img.shields.io/badge/tests-765%20passing-brightgreen)](https://github.com/opena2a-org/hackmyagent)
 **Find it. Break it. Fix it.**
-The hacker's toolkit for AI agents. 147 security checks, 55 attack payloads, auto-fix with rollback, and OASB benchmark compliance. Scans Claude Code, Cursor, VS Code, and any MCP server setup for credential leaks, misconfigurations, prompt injection vectors, supply chain risks, and more.
+AI agents execute arbitrary code with your permissions. HackMyAgent finds what can go wrong before an attacker does.
-[Website](https://hackmyagent.com) | [OpenA2A](https://opena2a.org) | [Security Checks Reference](docs/SECURITY_CHECKS.md)
+Security scanner and red-team toolkit for AI agents. 147 security checks across 30 categories, 55 adversarial attack payloads, auto-fix with rollback, and OASB-1 compliance benchmarking -- all in a single package.
+Scans Claude Code, Cursor, VS Code, and any MCP server setup.
+[Website](https://hackmyagent.com) | [Security Checks Reference](docs/SECURITY_CHECKS.md) | [OpenA2A CLI](https://github.com/opena2a-org/opena2a)
 ---
 ## Quick Start
 ```bash
-npx hackmyagent secure              # scan current directory (147 checks)
-npx hackmyagent secure --fix        # auto-fix what it finds
-npx hackmyagent fix-all --with-aim  # add agent identity + audit logging
+npx hackmyagent secure                # 147-check security scan
+npx hackmyagent secure --fix          # auto-fix issues (backups created automatically)
+npx hackmyagent attack --local        # red-team with 55 adversarial payloads
+npx hackmyagent secure -b oasb-1      # OASB-1 compliance benchmark
 ```
-No config files required. Works out of the box.
+No config files. No setup. Works out of the box on any AI agent project.
 ---
-## Table of Contents
-- [Installation](#installation)
-- [Commands](#commands)
-  - [secure](#hackmyagent-secure) — local agent hardening (147 checks)
-  - [fix-all](#hackmyagent-fix-all) — run all OpenA2A security plugins
-  - [check](#hackmyagent-check) — verify a skill before installing
-  - [scan](#hackmyagent-scan) — scan external infrastructure
-  - [attack](#hackmyagent-attack) — red team with adversarial payloads
-  - [secure --benchmark](#hackmyagent-secure---benchmark) — OASB-1 compliance benchmark
-  - [secure-openclaw](#hackmyagent-secure-openclaw) — OpenClaw-specific scanning
-  - [rollback](#hackmyagent-rollback) — undo auto-fix changes
-- [Plugin Architecture](#plugin-architecture)
-- [CI/CD Integration](#cicd-integration)
-- [Exit Codes](#exit-codes)
-- [Contributing](#contributing)
+## What It Scans
+| Platform | What HackMyAgent detects |
+|----------|--------------------------|
+| **Claude Code** | CLAUDE.md misconfigurations, skill permissions, MCP server exposure |
+| **Cursor** | .cursor/ rules, MCP server configs, overly permissive settings |
+| **VS Code** | .vscode/mcp.json configurations, extension risks |
+| **Any MCP setup** | Transport security, tool boundaries, auth weaknesses |
+All platforms are scanned automatically — no flags needed.
 ---
 ## Installation
 ```bash
-# Run directly (no install needed)
+# Run directly (no install)
 npx hackmyagent secure
 # Install globally
 npm install -g hackmyagent
-# Add to project devDependencies
+# Add to devDependencies
 npm install --save-dev hackmyagent
 ```
@@ -66,17 +65,16 @@ npm install --save-dev hackmyagent
 ### `hackmyagent secure`
-Scan and harden your local agent setup. 147 checks across 30 categories with auto-remediation.
+Run 147 security checks across 30 categories. The primary command most users need.
 ```bash
-hackmyagent secure                            # basic scan
+hackmyagent secure                            # scan current directory
 hackmyagent secure ./my-project               # scan specific directory
 hackmyagent secure --fix                      # auto-fix issues
 hackmyagent secure --fix --dry-run            # preview fixes before applying
 hackmyagent secure --ignore CRED-001,GIT-002  # skip specific checks
 hackmyagent secure --json                     # JSON output for CI/CD
 hackmyagent secure --verbose                  # show all checks including passed
-hackmyagent secure --no-color                 # disable colored output
 ```
 <details>
@@ -120,8 +118,6 @@ hackmyagent secure --no-color                 # disable colored output
 <details>
 <summary>Auto-fix capabilities</summary>
-**General (`hackmyagent secure --fix`):**
 | Check | Issue | Auto-fix |
 |-------|-------|----------|
 | CRED-001 | Exposed API keys | Replace with env var reference |
@@ -130,106 +126,32 @@ hackmyagent secure --no-color                 # disable colored output
 | PERM-001 | Overly permissive files | Set restrictive permissions |
 | MCP-001 | Root filesystem access | Scope to project directory |
 | NET-001 | Bound to 0.0.0.0 | Bind to 127.0.0.1 |
-**OpenClaw (`hackmyagent secure-openclaw --fix`):**
-| Check | Issue | Auto-fix |
-|-------|-------|----------|
-| GATEWAY-001 | Bound to 0.0.0.0 | Bind to 127.0.0.1 |
+| GATEWAY-001 | Gateway bound to 0.0.0.0 | Bind to 127.0.0.1 |
 | GATEWAY-003 | Plaintext token | Replace with `${OPENCLAW_AUTH_TOKEN}` |
 | GATEWAY-004 | Approvals disabled | Enable approvals |
 | GATEWAY-005 | Sandbox disabled | Enable sandbox |
-Use `--dry-run` first to preview changes. Backups are created automatically in `.hackmyagent-backup/`.
+Use `--dry-run` to preview changes. Backups are created in `.hackmyagent-backup/`.
 </details>
 ---
-### `hackmyagent fix-all`
-Run all OpenA2A security plugins in sequence: scan, fix, report.
-```bash
-hackmyagent fix-all                     # scan and fix current directory
-hackmyagent fix-all ./my-agent          # target specific directory
-hackmyagent fix-all --dry-run           # preview without applying
-hackmyagent fix-all --scan-only         # scan only, no fixes
-hackmyagent fix-all --json              # JSON output for CI
-hackmyagent fix-all --with-aim          # enable AIM identity + audit logging
-hackmyagent fix-all -v                  # verbose output
-```
-**Plugin execution order:**
-| # | Plugin | What it does |
-|---|--------|--------------|
-| 1 | **SkillGuard** | Hash pinning, tamper detection, dangerous pattern scanning (reverse shells, exfil, prompt injection) |
-| 2 | **SignCrypt** | Ed25519 signing of SKILL.md and HEARTBEAT.md, SHA-256 hash pinning, signature verification |
-| 3 | **CredVault** | Credential detection (10 patterns), env var replacement, AES-256-GCM encrypted store |
-**`--with-aim` adds:**
-- Ed25519 identity generation for the agent
-- Cryptographic audit log at `.opena2a/aim/audit.jsonl`
-- Capability policy enforcement via `policy.yaml`
-- 8-factor trust scoring
----
-### `hackmyagent check`
-Verify a skill before installing it.
-```bash
-hackmyagent check @publisher/skill-name
-hackmyagent check @publisher/skill --json
-hackmyagent check @publisher/skill --offline    # skip DNS verification
-```
-Checks: publisher identity (DNS TXT), permissions requested, revocation status.
----
-### `hackmyagent scan`
-Scan external infrastructure for exposed AI agent endpoints.
-```bash
-hackmyagent scan example.com
-hackmyagent scan 192.168.1.100 -p 3000,8080
-hackmyagent scan example.com --json
-```
-Detects: exposed MCP SSE/tools endpoints, public configs, API keys in responses, debug interfaces.
-Scoring: A (90-100), B (80-89), C (70-79), D (60-69), F (<60).
-> Only scan systems you own or have written authorization to test.
----
 ### `hackmyagent attack`
-Red team your AI agent with 55 adversarial payloads across 5 categories.
+Red-team your AI agent with 55 adversarial payloads across 5 attack categories.
 ```bash
 hackmyagent attack --local                                    # local simulation
-hackmyagent attack --local --system-prompt "You are helpful"  # with custom prompt
+hackmyagent attack --local --system-prompt "You are helpful"  # with custom system prompt
 hackmyagent attack https://api.example.com/v1/chat            # test live endpoint
 hackmyagent attack --local --category prompt-injection         # single category
-hackmyagent attack --local --intensity aggressive              # full suite
+hackmyagent attack --local --intensity aggressive              # full payload suite
 hackmyagent attack --local -f sarif -o results.sarif           # SARIF output
 hackmyagent attack https://api.example.com --fail-on-vulnerable medium  # CI gate
-hackmyagent attack https://api.example.com --api-format anthropic       # Anthropic API
-hackmyagent attack https://api.example.com --model gpt-4o              # specify model
-hackmyagent attack https://api.example.com -H "Authorization: Bearer tk" # custom header
-hackmyagent attack --local --timeout 5000 --delay 500                   # timing controls
-hackmyagent attack --local --stop-on-success                            # stop at first hit
+hackmyagent attack https://api.example.com --api-format anthropic       # Anthropic API format
 ```
-<details>
-<summary>Attack categories and custom payloads</summary>
 | Category | Payloads | Description |
 |----------|----------|-------------|
 | `prompt-injection` | 12 | Manipulate agent behavior via injected instructions |
@@ -238,9 +160,14 @@ hackmyagent attack --local --stop-on-success                            # stop a
 | `capability-abuse` | 10 | Misuse agent tools for unintended actions |
 | `context-manipulation` | 10 | Poison agent context or memory |
-Intensity: `passive` (observation only), `active` (default), `aggressive` (full suite).
+Intensity levels: `passive` (observation only), `active` (default), `aggressive` (full suite).
+Output formats: `text`, `json`, `sarif` (GitHub Security tab), `html`.
+<details>
+<summary>Custom payloads</summary>
-**Custom payloads:** Create a JSON file and pass with `--payload-file custom.json`:
+Create a JSON file and pass with `--payload-file custom.json`:
 ```json
 {
@@ -263,26 +190,25 @@ Only `id` and `payload` are required.
 </details>
-Output formats: `text`, `json`, `sarif` (GitHub Security tab), `html`.
+> Only test systems you own or have written authorization to test.
 ---
-### `hackmyagent secure --benchmark`
+### `hackmyagent secure -b oasb-1`
-Run the [OASB-1](https://oasb.ai/oasb-1) (Open Agent Security Benchmark) — 46 controls across 10 categories.
+Run the [OASB-1](https://oasb.ai/oasb-1) (Open Agent Security Benchmark) — 46 controls across 10 categories with three maturity levels.
 ```bash
 hackmyagent secure -b oasb-1              # L1 baseline (26 controls)
 hackmyagent secure -b oasb-1 -l L2        # L2 standard (44 controls)
 hackmyagent secure -b oasb-1 -l L3        # L3 hardened (46 controls)
-hackmyagent secure -b oasb-1 -c "Input Security"     # filter to one category
-hackmyagent secure -b oasb-1 -v           # verbose (every control)
+hackmyagent secure -b oasb-1 -c "Input Security"     # filter by category
 hackmyagent secure -b oasb-1 -f html -o report.html  # HTML report
 hackmyagent secure -b oasb-1 --fail-below 70          # CI gate
 ```
 <details>
-<summary>OASB-1 categories and maturity levels</summary>
+<summary>OASB-1 categories</summary>
 | # | Category | Controls |
 |---|----------|----------|
@@ -307,144 +233,86 @@ Output formats: `text`, `json`, `sarif`, `html`, `asp` (Agent Security Profile).
 ---
-### `hackmyagent secure-openclaw`
+### `hackmyagent fix-all`
-47 specialized checks for OpenClaw/Moltbot installations.
+Run all security plugins in sequence: credential vault, file signing, skill guard. Applies fixes and generates a report.
 ```bash
-hackmyagent secure-openclaw                    # scan default location
-hackmyagent secure-openclaw ~/.moltbot         # specific directory
-hackmyagent secure-openclaw --fix              # auto-fix gateway configs
-hackmyagent secure-openclaw --fix --dry-run    # preview fixes
-hackmyagent secure-openclaw --json             # JSON output
+hackmyagent fix-all                     # scan and fix
+hackmyagent fix-all ./my-agent          # target specific directory
+hackmyagent fix-all --dry-run           # preview without modifying
+hackmyagent fix-all --scan-only         # scan only, no fixes
+hackmyagent fix-all --with-aim          # add agent identity + audit logging
+hackmyagent fix-all --json              # JSON output
 ```
-Detects: CVE-2026-25253, ClawHavoc IOCs, reverse shells, credential exfiltration, gateway misconfigs, disabled sandbox.
+**Plugins run in order:**
+| Plugin | What it does |
+|--------|--------------|
+| **SkillGuard** | Hash pinning, tamper detection, dangerous pattern scanning (reverse shells, exfiltration, prompt injection) |
+| **SignCrypt** | Ed25519 signing of SKILL.md and HEARTBEAT.md, SHA-256 hash pinning, signature verification |
+| **CredVault** | Credential detection (10 patterns), env var replacement, AES-256-GCM encrypted store |
-See [SECURITY_CHECKS.md](docs/SECURITY_CHECKS.md#openclaw-security-checks) for full documentation.
+**`--with-aim` adds:** Ed25519 agent identity, cryptographic audit log, capability policy enforcement, 8-factor trust scoring.
 ---
-### `hackmyagent rollback`
+### `hackmyagent check`
-Undo auto-fix changes. Backups are created automatically in `.hackmyagent-backup/`.
+Verify a skill's publisher identity and permissions before installing it.
 ```bash
-hackmyagent rollback                # rollback current directory
-hackmyagent rollback ./my-project   # rollback specific directory
+hackmyagent check @publisher/skill-name
+hackmyagent check @publisher/skill --json
+hackmyagent check @publisher/skill --offline    # skip DNS verification
 ```
----
-## Plugin Architecture
-HackMyAgent uses a modular plugin system built on [`@opena2a/plugin-core`](packages/plugin-core). Each plugin implements `scan()` to detect issues and `fix()` to remediate them.
-### Packages
+Checks: publisher identity (DNS TXT), permissions requested, revocation status.
-| Package | npm | Description |
-|---------|-----|-------------|
-| [`@opena2a/plugin-core`](packages/plugin-core) | — | Plugin interface, registry, shared types |
-| [`@opena2a/aim-core`](packages/aim-core) | — | Ed25519 identity, audit logging, capability policy, trust scoring |
-| [`@opena2a/credvault-openclaw`](packages/credvault-openclaw) | — | Credential scanning (10 patterns), env var replacement, AES-256-GCM store |
-| [`@opena2a/signcrypt-openclaw`](packages/signcrypt-openclaw) | — | Ed25519 file signing, SHA-256 hash pinning, signature verification |
-| [`@opena2a/skillguard-openclaw`](packages/skillguard-openclaw) | — | Permission pinning, tamper detection, dangerous pattern scanning |
+---
-### Writing a Plugin
+### `hackmyagent scan`
-```typescript
-import type {
-  OpenA2APlugin,
-  PluginMetadata,
-  PluginStatus,
-  Finding,
-  Remediation,
-  FixOptions,
-  PluginInitOptions,
-} from '@opena2a/plugin-core';
-export const metadata: PluginMetadata = {
-  packageName: '@my-org/my-plugin',
-  displayName: 'My Plugin',
-  description: 'Detects and fixes X',
-  version: '1.0.0',
-  findings: ['MY-001', 'MY-002'],
-  scoreImprovement: 10,
-};
+Scan external infrastructure for exposed AI agent endpoints.
-export class MyPlugin implements OpenA2APlugin {
-  readonly metadata = metadata;
+```bash
+hackmyagent scan example.com
+hackmyagent scan 192.168.1.100 -p 3000,8080
+hackmyagent scan example.com --json
+```
-  async init(options?: PluginInitOptions): Promise<void> {
-    // Access AIM Core for identity-aware audit logging:
-    // const aimCore = options?.aimCore;
-  }
+Detects: exposed MCP SSE/tools endpoints, public configs, API keys in responses, debug interfaces.
-  async scan(agentDir: string): Promise<Finding[]> {
-    // Scan the agent directory and return findings
-    return [
-      {
-        id: 'MY-001',
-        title: 'Insecure widget detected',
-        description: 'Widget at config.json line 12 uses plaintext.',
-        severity: 'high',        // critical | high | medium | low
-        filePath: 'config.json',
-        line: 12,
-        autoFixable: true,
-      },
-    ];
-  }
+Scoring: A (90-100), B (80-89), C (70-79), D (60-69), F (<60).
-  async fix(agentDir: string, options?: FixOptions): Promise<Remediation[]> {
-    if (options?.dryRun) {
-      // Return what would be fixed without modifying files
-      return [{ findingId: 'MY-001', description: 'Would encrypt widget', filesModified: ['config.json'], rollbackAvailable: false }];
-    }
+> Only scan systems you own or have written authorization to test.
-    // Apply fixes and return what was changed
-    return [{ findingId: 'MY-001', description: 'Encrypted widget', filesModified: ['config.json'], rollbackAvailable: false }];
-  }
+---
-  async status(): Promise<PluginStatus> {
-    return { name: metadata.displayName, version: metadata.version, active: true, findingsCount: 0 };
-  }
+### `hackmyagent rollback`
-  async uninstall(): Promise<void> {}
-}
+Undo auto-fix changes. Backups are created automatically by `secure --fix` and `fix-all`.
-export function createPlugin(): MyPlugin {
-  return new MyPlugin();
-}
+```bash
+hackmyagent rollback                # rollback current directory
+hackmyagent rollback ./my-project   # rollback specific directory
 ```
-Register the plugin in `@opena2a/plugin-core`:
-```typescript
-import { registerPlugin } from '@opena2a/plugin-core';
-import { createPlugin, metadata } from '@my-org/my-plugin';
-registerPlugin({
-  metadata,
-  create: createPlugin,
-});
-```
+---
-### Trust Score
+### `hackmyagent secure-openclaw`
-AIM Core provides an 8-factor weighted trust score (0.0 to 1.0) for each agent:
+47 specialized checks for OpenClaw/Moltbot installations.
-| Factor | Weight | What it measures |
-|--------|--------|------------------|
-| `identity` | 0.20 | Ed25519 keypair exists and is valid |
-| `capabilities` | 0.15 | Capabilities declared and pinned |
-| `secretsManaged` | 0.15 | No hardcoded credentials |
-| `auditLog` | 0.10 | Audit trail active |
-| `configSigned` | 0.10 | Configuration integrity verified |
-| `skillsVerified` | 0.10 | Skills cryptographically signed |
-| `networkControlled` | 0.10 | Network access restricted |
-| `heartbeatMonitored` | 0.10 | Heartbeat monitoring active |
+```bash
+hackmyagent secure-openclaw                    # scan default location
+hackmyagent secure-openclaw ~/.moltbot         # specific directory
+hackmyagent secure-openclaw --fix              # auto-fix gateway configs
+hackmyagent secure-openclaw --fix --dry-run    # preview fixes
+```
-Use `--with-aim` in `fix-all` to generate trust scores.
+Detects: CVE-2026-25253, ClawHavoc IOCs, reverse shells, credential exfiltration, gateway misconfigs, disabled sandbox.
 ---
@@ -463,7 +331,7 @@ jobs:
       - uses: actions/setup-node@v4
         with: { node-version: '20' }
       - run: npx hackmyagent secure --json > security-report.json
-      - run: npx hackmyagent fix-all --scan-only --json > plugin-report.json
+      - run: npx hackmyagent secure -b oasb-1 --fail-below 70
       - uses: actions/upload-artifact@v4
         with: { name: security-reports, path: '*.json' }
 ```
@@ -484,7 +352,7 @@ jobs:
 npx hackmyagent secure --ignore LOG-001,RATE-001
 ```
-### JSON Piping
+### JSON Output
 ```bash
 # Filter critical findings
@@ -498,22 +366,80 @@ hackmyagent secure --json | jq '[.findings[].id | split("-")[0]] | group_by(.) |
 ## Exit Codes
-| Code | Meaning | Commands |
-|------|---------|----------|
-| `0` | Clean — no critical/high issues | All commands |
-| `1` | Critical or high severity issues remain after scan/fix | `secure`, `fix-all`, `attack` |
-| `2` | Incomplete scan — one or more plugins failed to run | `fix-all` |
+| Code | Meaning |
+|------|---------|
+| `0` | Clean — no critical/high issues |
+| `1` | Critical or high severity issues found |
+| `2` | Incomplete scan — one or more plugins failed |
+---
+## What's Included
+HackMyAgent consolidates several OpenA2A security modules into a single package:
+| Module | Description | Previously |
+|--------|-------------|------------|
+| Security scanner | 147 checks across 30 categories | hackmyagent-core |
+| Attack simulation | 55 adversarial payloads, 5 categories | standalone |
+| CredVault plugin | Credential detection + AES-256-GCM vault | @opena2a/credvault |
+| SignCrypt plugin | Ed25519 signing + SHA-256 hash pinning | @opena2a/signcrypt |
+| SkillGuard plugin | Permission pinning + tamper detection | @opena2a/skillguard |
+| OASB benchmark | 46 controls, 3 maturity levels | @opena2a/oasb |
+| ARP integration | Agent Runtime Protection hooks | @opena2a/arp |
+| Semantic engine | Semantic analysis for finding deduplication | @opena2a/semantic-engine |
+### Subpath Exports
+For programmatic use, the package exposes subpath exports:
+```typescript
+import { HardeningScanner } from 'hackmyagent';           // Scanner engine
+import { registerPlugin } from 'hackmyagent/plugins';      // Plugin API
+import { SemanticEngine } from 'hackmyagent/semantic';      // Semantic analysis
+import { ARPMonitor } from 'hackmyagent/arp';               // Runtime protection
+import { OASBHarness } from 'hackmyagent/oasb';             // Benchmark harness
+```
 ---
-## Supported Platforms
+## Writing Plugins
+HackMyAgent supports custom security plugins. Each plugin implements `scan()` and `fix()` methods.
+```typescript
+import type { OpenA2APlugin, Finding, Remediation, FixOptions } from 'hackmyagent/plugins';
+export class MyPlugin implements OpenA2APlugin {
+  readonly metadata = {
+    packageName: '@my-org/my-plugin',
+    displayName: 'My Plugin',
+    description: 'Detects and fixes X',
+    version: '1.0.0',
+    findings: ['MY-001'],
+    scoreImprovement: 10,
+  };
-| Platform | What HackMyAgent scans |
-|----------|------------------------|
-| **Claude Code** | CLAUDE.md, skills, MCP server configs |
-| **Cursor** | .cursor/ rules, MCP configurations |
-| **VS Code** | .vscode/mcp.json configurations |
-| **Generic MCP** | Any MCP server setup |
+  async scan(agentDir: string): Promise<Finding[]> {
+    return [{
+      id: 'MY-001',
+      title: 'Insecure widget',
+      description: 'Widget uses plaintext.',
+      severity: 'high',
+      filePath: 'config.json',
+      line: 12,
+      autoFixable: true,
+    }];
+  }
+  async fix(agentDir: string, options?: FixOptions): Promise<Remediation[]> {
+    if (options?.dryRun) return [{ findingId: 'MY-001', description: 'Would encrypt widget', filesModified: ['config.json'], rollbackAvailable: false }];
+    return [{ findingId: 'MY-001', description: 'Encrypted widget', filesModified: ['config.json'], rollbackAvailable: false }];
+  }
+}
+```
+See the [full plugin API documentation](docs/PLUGIN_API.md) for details.
 ---
@@ -533,22 +459,8 @@ Contributions welcome. See [CONTRIBUTING.md](CONTRIBUTING.md).
 git clone https://github.com/opena2a-org/hackmyagent.git
 cd hackmyagent
 npm install
-npx turbo build     # build all 8 packages
-npx turbo test      # run 611 tests
-```
-### Monorepo Structure
-```
-packages/
-  cli/                      # CLI entry point (hackmyagent command)
-  core/                     # Scanner engine (147 checks)
-  aim-core/                 # Ed25519 identity, audit, policy, trust
-  plugin-core/              # Plugin interface and registry
-  credvault-openclaw/       # Credential scanner plugin
-  signcrypt-openclaw/       # Signing and hash pinning plugin
-  skillguard-openclaw/      # Permission and pattern scanner plugin
-  semantic-engine/          # Semantic analysis engine for deep scanning
+npm run build
+npm test              # 765 tests
 ```
 ---
@@ -563,9 +475,8 @@ Apache-2.0
 | Project | Description | Install |
 |---------|-------------|---------|
-| [**AIM**](https://github.com/opena2a-org/agent-identity-management) | Agent Identity Management -- identity and access control for AI agents | `pip install aim-sdk` |
-| [**HackMyAgent**](https://github.com/opena2a-org/hackmyagent) | Security scanner -- 147 checks, attack mode, auto-fix | `npx hackmyagent secure` |
-| [**OASB**](https://github.com/opena2a-org/oasb) | Open Agent Security Benchmark -- 182 attack scenarios | `npm install @opena2a/oasb` |
-| [**ARP**](https://github.com/opena2a-org/arp) | Agent Runtime Protection -- process, network, filesystem monitoring | `npm install @opena2a/arp` |
+| [**OpenA2A CLI**](https://github.com/opena2a-org/opena2a) | Unified security CLI -- scan, protect, guard, runtime, shield | `npx opena2a` |
 | [**Secretless AI**](https://github.com/opena2a-org/secretless-ai) | Keep credentials out of AI context windows | `npx secretless-ai init` |
-| [**DVAA**](https://github.com/opena2a-org/damn-vulnerable-ai-agent) | Damn Vulnerable AI Agent -- security training and red-teaming | `docker pull opena2a/dvaa` |
+| [**AIM**](https://github.com/opena2a-org/agent-identity-management) | Agent Identity Management -- identity and access control for AI agents | Self-hosted |
+| [**AI Browser Guard**](https://github.com/opena2a-org/AI-BrowserGuard) | Detect and control AI agents in the browser | Chrome Web Store |
+| [**DVAA**](https://github.com/opena2a-org/damn-vulnerable-ai-agent) | Damn Vulnerable AI Agent -- security training target | `docker pull opena2a/dvaa` |

package/dist/abgr/controls.d.ts ADDED Viewed

@@ -0,0 +1,35 @@
+/**
+ * OASB v2 Behavioral Governance Controls
+ *
+ * All 68 controls across domains 7-14 of the Open Agent Security Benchmark.
+ * Each control defines keyword groups for pattern-based detection.
+ */
+import type { AgentTier, GovernanceControl, GovernanceDomain, GovernanceSeverity } from './types';
+/**
+ * All 68 governance controls across domains 7-14.
+ */
+export declare const ALL_GOVERNANCE_CONTROLS: GovernanceControl[];
+/**
+ * Domain metadata for display/reporting.
+ */
+export declare const DOMAIN_METADATA: Record<GovernanceDomain, {
+    number: number;
+    name: string;
+}>;
+/**
+ * Get all controls for a specific domain.
+ */
+export declare function getControlsByDomain(domain: GovernanceDomain): GovernanceControl[];
+/**
+ * Get a specific control by ID.
+ */
+export declare function getControlById(id: string): GovernanceControl | undefined;
+/**
+ * Get controls applicable to a specific agent tier.
+ */
+export declare function getControlsForTier(tier: AgentTier): GovernanceControl[];
+/**
+ * Get controls by severity.
+ */
+export declare function getControlsBySeverity(severity: GovernanceSeverity): GovernanceControl[];
+//# sourceMappingURL=controls.d.ts.map

package/dist/abgr/controls.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"controls.d.ts","sourceRoot":"","sources":["../../src/abgr/controls.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAC;AAq/BlG;;GAEG;AACH,eAAO,MAAM,uBAAuB,EAAE,iBAAiB,EAStD,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,eAAe,EAAE,MAAM,CAAC,gBAAgB,EAAE;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,CAStF,CAAC;AAEF;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,gBAAgB,GAAG,iBAAiB,EAAE,CAEjF;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,EAAE,EAAE,MAAM,GAAG,iBAAiB,GAAG,SAAS,CAExE;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,SAAS,GAAG,iBAAiB,EAAE,CAEvE;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,kBAAkB,GAAG,iBAAiB,EAAE,CAEvF"}