npm - infynon - Versions diffs - 0.2.0-beta.6.6 → 0.2.0-beta.7 - Mend

infynon 0.2.0-beta.6.6 → 0.2.0-beta.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/README.md +63 -9
package/package.json +6 -3

package/README.md CHANGED Viewed

@@ -2,7 +2,7 @@
 **🔥 Stop installing vulnerable dependencies blindly**
-A security-first CLI: pre-install CVE scanner for 14 ecosystems + reverse proxy WAF for your backend.
+A security-first CLI: pre-install CVE scanner for 14 ecosystems + reverse proxy WAF + node-based API flow tester with security probes.
 [![npm](https://img.shields.io/npm/v/infynon?style=flat-square&logo=npm)](https://www.npmjs.com/package/infynon)
 [![License: MIT](https://img.shields.io/badge/license-MIT-blue?style=flat-square)](https://github.com/d4rkNinja/infynon-cli/blob/main/LICENSE)
@@ -10,6 +10,7 @@ A security-first CLI: pre-install CVE scanner for 14 ecosystems + reverse proxy
 > ⚠️ AI installs packages. You don't verify them. That's the risk.
 > **INFYNON fixes that — blocks threats before they reach your system.**
+> Use `--agent` for structured JSON output when running inside AI agents or CI pipelines.
 ---
@@ -33,7 +34,7 @@ npm uninstall -g infynon
 ## What is INFYNON?
-A single binary with two modes:
+A single binary with three modes:
 ### 1. `infynon pkg` — Package Security
@@ -58,15 +59,54 @@ infynon pkg fix --auto
 infynon pkg audit
 # CI / non-interactive flags (no prompts)
-infynon pkg npm install express --strict high      # fail build on critical/high
+infynon pkg npm install express --strict high      # fail build on critical/high (exit 3)
 infynon pkg npm install express --auto-fix         # auto-upgrade to safe versions
 infynon pkg npm install express --skip-vulnerable  # skip bad packages silently
 infynon pkg npm install express --yes              # install everything (audit-only CI)
+# AI agent mode — structured JSON output for AI tools and CI parsers
+infynon pkg scan --agent                           # JSON: status/vulnerabilities/summary
+infynon pkg npm install express --agent --strict high   # JSON: installed/blocked/vulns
+infynon pkg uv add fastapi --agent --auto-fix      # any ecosystem, machine-readable
 ```
 **Ecosystems:** npm · yarn · pnpm · bun · pip · uv · poetry · cargo · go · gem · composer · nuget · hex · pub
-### 2. `infynon` — Network Firewall
+### 2. `infynon weave` — API Flow Testing
+Test your entire API as a connected flow. Model endpoints as a directed graph — authentication tokens and extracted values thread automatically between nodes.
+```bash
+# Set your API base URL once
+infynon weave env set BASE_URL http://localhost:8001
+# Create nodes from natural language
+infynon weave node create --ai "POST /auth/login with email and password, extracts token"
+infynon weave node create --ai "POST /orders — creates order, extracts order_id"
+# Wire into a flow and run
+infynon weave flow create "checkout" --ai "login then create order"
+infynon weave flow run checkout
+# Run security probes (auth bypass, rate limit, SQL injection)
+infynon weave ai probe checkout
+# Open the 10-tab TUI dashboard
+infynon weave tui
+```
+**Runtime prompt inputs** — pause and ask for OTPs, passwords, and dynamic values mid-flow, with 4 types:
+```bash
+infynon weave node prompt verify-otp add otp_code --label "OTP Code" --secret
+infynon weave node prompt create-order add env --type select --options "staging,production,dev"
+infynon weave node prompt confirm-delete add confirm --type boolean --default false
+```
+**CI ready** — use `--default` values or `--set KEY=val` for fully non-interactive runs.
+---
+### 3. `infynon` — Network Firewall
 A reverse proxy WAF with a real-time TUI dashboard. Sits between the internet and your backend.
@@ -93,16 +133,18 @@ infynon logs --verdict block
 ## How It Works (Package Security)
-1. You (or an AI tool) runs `infynon pkg npm install express`
-2. INFYNON resolves the full dependency tree
-3. Queries **OSV.dev** for known CVEs across all packages
-4. Presents an interactive decision for any vulnerable package — block, skip, or install a fixed version
-5. Only approved packages get installed
+1. You (or an AI agent) runs `infynon pkg npm install express`
+2. INFYNON resolves the latest version and queries **OSV.dev** for CVEs
+3. With `--agent`: emits JSON + structured exit code — AI agents parse and react
+4. With `--strict high`: blocks installation if critical/high CVEs are found (exit `3`)
+5. With `--auto-fix`: silently upgrades to the nearest safe version
+6. Only approved packages get installed
 ---
 ## More Commands
+### Package Security
 | Command | Description |
 |---------|-------------|
 | `infynon pkg scan` | Scan lock files for CVEs |
@@ -118,6 +160,18 @@ infynon logs --verdict block
 | `infynon pkg migrate <from> <to>` | Migrate between package managers |
 | `infynon pkg eagle-eye setup` | Set up scheduled CVE monitoring with email alerts |
+### API Flow Testing (Weave)
+| Command | Description |
+|---------|-------------|
+| `infynon weave node create --ai "..."` | Create a node from a natural language description |
+| `infynon weave flow create "name" --ai "..."` | Build a flow from description |
+| `infynon weave flow run <id>` | Run a flow with live step output |
+| `infynon weave flow run <id> --set key=val` | Pre-seed context vars (skip prompts) |
+| `infynon weave ai probe <id>` | Run auth bypass / rate limit / SQLi security probes |
+| `infynon weave ai explain <id>` | Diagnose the last failed run |
+| `infynon weave validate` | Validate all nodes and flows |
+| `infynon weave tui` | Open 10-tab TUI dashboard |
 ---
 ## Full Documentation

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "infynon",
-  "version": "0.2.0-beta.6.6",
-  "description": "Universal package security manager & network firewall — intercepts installs across npm, pip, cargo, go, gem and more with 3-layer CVE verification, plus a real-time reverse proxy WAF with TUI dashboard",
+  "version": "0.2.0-beta.7",
+  "description": "Universal package security manager, network WAF, and API flow tester — intercepts installs across 14 ecosystems with CVE verification, reverse proxy WAF with TUI, and node-based API integration testing with security probes.",
   "bin": {
     "infynon": "./run.js",
     "infynon-pkg": "./run.js"
@@ -26,7 +26,10 @@
     "waf",
     "cve",
     "pentest",
-    "supply-chain"
+    "supply-chain",
+    "api-testing",
+    "integration-testing",
+    "security-probes"
   ],
   "author": "d4rkNinja",
   "license": "MIT",