project-shield 1.0.0

package/package.json

@@ -0,0 +1,52 @@
+{
+  "name": "project-shield",
+  "version": "1.0.0",
+  "description": "Security scanner for AI coders and MCP users — detects API keys, secrets, and PII",
+  "main": "dist/index.js",
+  "bin": {
+    "project-shield": "dist/index.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "typecheck": "tsc --noEmit",
+    "lint": "eslint src/",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "gate": "npm run typecheck && npm run lint && npm run test && npm run build",
+    "prepublishOnly": "npm run gate"
+  },
+  "files": [
+    "dist/",
+    "rules/"
+  ],
+  "keywords": [
+    "security",
+    "scanner",
+    "secrets",
+    "pii",
+    "mcp",
+    "injection",
+    "prompt-injection",
+    "ai-security",
+    "claude",
+    "llm"
+  ],
+  "author": "",
+  "license": "MIT",
+  "type": "commonjs",
+  "dependencies": {
+    "chalk": "^5.6.2",
+    "commander": "^14.0.3",
+    "glob": "^13.0.3",
+    "pdfkit": "^0.17.2"
+  },
+  "devDependencies": {
+    "@types/node": "^25.2.3",
+    "@types/pdfkit": "^0.17.5",
+    "@typescript-eslint/eslint-plugin": "^8.55.0",
+    "@typescript-eslint/parser": "^8.55.0",
+    "eslint": "^9.39.2",
+    "typescript": "^5.9.3",
+    "vitest": "^4.0.18"
+  }
+}

package/rules/v1.0.0.json

@@ -0,0 +1,248 @@
+{
+  "version": "1.0.0",
+  "sha256": "f408a4fd6101780424087ef8e3de8f4759fc857144e1d88bd273ab6305cfb8bd",
+  "secrets": {
+    "patterns": [
+      {
+        "id": "aws_access_key",
+        "name": "AWS Access Key",
+        "regex": "AKIA[0-9A-Z]{16}",
+        "description": "AWS Access Key detected"
+      },
+      {
+        "id": "aws_secret_key",
+        "name": "AWS Secret Key",
+        "regex": "[A-Za-z0-9/+=]{40}",
+        "description": "AWS Secret Key detected"
+      },
+      {
+        "id": "stripe_live",
+        "name": "Stripe Live Key",
+        "regex": "sk_live_[0-9a-zA-Z]{24,}",
+        "description": "Stripe Live Key detected",
+        "severity_override": "critical"
+      },
+      {
+        "id": "stripe_test",
+        "name": "Stripe Test Key",
+        "regex": "sk_test_[0-9a-zA-Z]{24,}",
+        "description": "Stripe Test Key detected",
+        "severity_override": "warning"
+      },
+      {
+        "id": "openai_key",
+        "name": "OpenAI API Key",
+        "regex": "sk-[a-zA-Z0-9]{20,}",
+        "description": "OpenAI API Key detected"
+      },
+      {
+        "id": "github_pat",
+        "name": "GitHub Personal Access Token",
+        "regex": "ghp_[0-9a-zA-Z]{36}",
+        "description": "GitHub PAT detected"
+      },
+      {
+        "id": "github_oauth",
+        "name": "GitHub OAuth Token",
+        "regex": "gho_[0-9a-zA-Z]{36}",
+        "description": "GitHub OAuth Token detected"
+      },
+      {
+        "id": "slack_token",
+        "name": "Slack Token",
+        "regex": "xoxb-[0-9]{10,13}-[0-9]{10,13}-[a-zA-Z0-9]{24}",
+        "description": "Slack Bot Token detected"
+      },
+      {
+        "id": "google_api_key",
+        "name": "Google API Key",
+        "regex": "AIza[0-9A-Za-z_-]{35}",
+        "description": "Google API Key detected"
+      },
+      {
+        "id": "private_key",
+        "name": "Private Key",
+        "regex": "-----BEGIN (RSA |EC |OPENSSH )?PRIVATE KEY-----",
+        "description": "Private Key detected",
+        "severity_override": "critical"
+      }
+    ],
+    "entropy_threshold": 4.5,
+    "context_keywords": [
+      "key",
+      "secret",
+      "token",
+      "password",
+      "passwd",
+      "credential",
+      "api_key",
+      "apikey",
+      "access_token",
+      "auth_token",
+      "private_key",
+      "client_secret"
+    ]
+  },
+  "pii": {
+    "patterns": [
+      {
+        "id": "korean_rrn_hyphen",
+        "name": "Korean RRN (with hyphen)",
+        "regex": "\\d{6}-[1-4]\\d{6}",
+        "description": "Korean Resident Registration Number detected",
+        "locale": "kr",
+        "has_checksum": true
+      },
+      {
+        "id": "korean_rrn_no_hyphen",
+        "name": "Korean RRN (no hyphen)",
+        "regex": "\\d{6}[1-4]\\d{6}",
+        "description": "Korean Resident Registration Number detected (no hyphen)",
+        "locale": "kr",
+        "has_checksum": true
+      },
+      {
+        "id": "korean_phone",
+        "name": "Korean Phone Number",
+        "regex": "01[016789]-\\d{3,4}-\\d{4}",
+        "description": "Korean phone number detected",
+        "locale": "kr",
+        "has_checksum": false
+      },
+      {
+        "id": "korean_business_number",
+        "name": "Korean Business Registration Number",
+        "regex": "\\d{3}-\\d{2}-\\d{5}",
+        "description": "Korean Business Registration Number detected",
+        "locale": "kr",
+        "has_checksum": true
+      },
+      {
+        "id": "korean_passport",
+        "name": "Korean Passport Number",
+        "regex": "[A-Z]{1,2}\\d{7}",
+        "description": "Korean Passport Number detected",
+        "locale": "kr",
+        "has_checksum": false
+      },
+      {
+        "id": "email",
+        "name": "Email Address",
+        "regex": "[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}",
+        "description": "Email address detected",
+        "locale": "kr",
+        "has_checksum": false
+      },
+      {
+        "id": "us_ssn",
+        "name": "US Social Security Number",
+        "regex": "\\d{3}-\\d{2}-\\d{4}",
+        "description": "US SSN detected",
+        "locale": "global",
+        "has_checksum": false
+      },
+      {
+        "id": "credit_card",
+        "name": "Credit Card Number",
+        "regex": "\\d{4}[\\s-]?\\d{4}[\\s-]?\\d{4}[\\s-]?\\d{4}",
+        "description": "Credit card number detected",
+        "locale": "global",
+        "has_checksum": true
+      }
+    ]
+  },
+  "mcp": {
+    "config_files": [
+      "mcp.json",
+      "mcp-config.json",
+      "claude_desktop_config.json",
+      ".mcp.yaml",
+      ".mcp.yml"
+    ],
+    "auth_fields": [
+      "auth",
+      "authentication",
+      "oauth",
+      "apiKey",
+      "api_key",
+      "bearer",
+      "token",
+      "credentials"
+    ],
+    "dangerous_tool_keywords": [
+      "exec",
+      "eval",
+      "system",
+      "shell",
+      "spawn",
+      "child_process",
+      "rm",
+      "delete",
+      "drop"
+    ],
+    "permission_patterns": [
+      {
+        "id": "root_fs",
+        "name": "Root filesystem",
+        "type": "permission_pattern",
+        "values": [
+          "/",
+          "C:\\"
+        ],
+        "description": "Root filesystem access"
+      },
+      {
+        "id": "wildcard_network",
+        "name": "Wildcard network",
+        "type": "permission_pattern",
+        "values": [
+          "*",
+          "0.0.0.0"
+        ],
+        "description": "Wildcard network access"
+      },
+      {
+        "id": "privileged_mode",
+        "name": "Privileged mode",
+        "type": "permission_pattern",
+        "values": [
+          "privileged",
+          "--privileged"
+        ],
+        "description": "Docker privileged mode"
+      }
+    ],
+    "logging_fields": [
+      "logging",
+      "audit",
+      "log_level",
+      "logLevel",
+      "stderr",
+      "stdout",
+      "log"
+    ]
+  },
+  "injection": {
+    "direct_patterns": [
+      { "id": "inj_ignore_prev", "name": "Ignore Previous Instructions", "regex": "(?:ignore|disregard)\\s+(?:all\\s+)?(?:previous|prior|above)\\s+(?:instructions|prompts|context)", "type": "direct", "description": "Direct instruction override attempt" },
+      { "id": "inj_forget_all", "name": "Forget Everything", "regex": "forget\\s+(?:everything|all|previous)", "type": "direct", "description": "Memory wipe attempt" },
+      { "id": "inj_you_are_now", "name": "Identity Override", "regex": "you\\s+are\\s+now\\s+", "type": "direct", "description": "Identity override attempt" },
+      { "id": "inj_new_instructions", "name": "New Instructions", "regex": "new\\s+instructions\\s*:", "type": "direct", "description": "New instruction injection" },
+      { "id": "inj_system_prompt", "name": "System Prompt Override", "regex": "system\\s+prompt\\s*:", "type": "direct", "description": "System prompt override attempt" },
+      { "id": "inj_important_override", "name": "Important Override", "regex": "IMPORTANT\\s*:\\s*override", "type": "direct", "description": "Priority override attempt" }
+    ],
+    "indirect_patterns": [
+      { "id": "inj_when_user", "name": "Conditional Redirect", "regex": "when\\s+(?:the\\s+)?user\\s+asks?.*(?:instead|do|say)", "type": "indirect", "description": "Conditional behavior redirect" },
+      { "id": "inj_always_include", "name": "Always Include", "regex": "always\\s+include\\s+the\\s+following", "type": "indirect", "description": "Forced inclusion directive" },
+      { "id": "inj_before_responding", "name": "Pre-response Hook", "regex": "before\\s+responding\\s*,?\\s*first", "type": "indirect", "description": "Pre-response injection" },
+      { "id": "inj_do_not_tell", "name": "Secrecy Directive", "regex": "do\\s+not\\s+tell\\s+the\\s+user", "type": "indirect", "description": "Information suppression" },
+      { "id": "inj_secretly", "name": "Covert Action", "regex": "\\bsecretly\\b", "type": "indirect", "description": "Covert action directive" }
+    ],
+    "structural": {
+      "html_comment_regex": "<!--[\\s\\S]*?-->",
+      "markdown_comment_regex": "\\[//\\]:\\s*#\\s*\\(.*?\\)",
+      "zero_width_chars": ["\\u200B", "\\u200C", "\\u200D", "\\uFEFF", "\\u2060"],
+      "tool_length_multiplier": 5
+    }
+  }
+}