project-shield 1.1.5 → 1.1.6

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 ShovelMaker91
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -7,6 +7,16 @@ Detects leaked API keys, PII, insecure MCP configs, and prompt injection — in
 [![npm version](https://img.shields.io/npm/v/project-shield)](https://www.npmjs.com/package/project-shield)
 [![license](https://img.shields.io/npm/l/project-shield)](LICENSE)
 
+### Key Features
+
+- **7 detection engines** in one CLI — secrets, PII, MCP config, prompt injection, scoring, fix-it, evidence
+- **Multi-layer detection** — 3-layer secrets (regex + entropy + context), 2-layer PII (regex + checksum), 2-layer injection (keyword + structural)
+- **Security grade scoring** (A-F) with automatic badge lock on critical findings
+- **Fix-it guides** — actionable remediation with code examples, not just warnings
+- **Evidence Pack** — compliance-ready PDF + JSON reports with integrity seals (SHA-256 + UUID)
+- **MCP-native** — purpose-built for AI agent configs (Claude, Cursor, Windsurf)
+- **Lightweight** — 4 dependencies, runs offline, CI/CD ready
+
 ```bash
 npx project-shield scan ./my-project
 ```
@@ -14,7 +24,7 @@ npx project-shield scan ./my-project
 ```
 Tier: Free (0/5 scans)
 
-Project Shield v1.0.0
+Project Shield v1.1.6
 Ruleset: v1.0.0 (SHA-256: f408a4fd...)
 Scanning: 47 files (3 excluded)
 
@@ -362,6 +372,16 @@ MIT
 
 API 키 유출, 개인정보, MCP 설정 보안 취약점, 프롬프트 인젝션을 한 번에 탐지합니다.
 
+### 주요 특징
+
+- **7개 탐지 엔진** 올인원 — 시크릿, PII, MCP 설정, 프롬프트 인젝션, 스코어링, Fix-it, Evidence
+- **다중 레이어 탐지** — 시크릿 3중 (정규식 + 엔트로피 + 컨텍스트), PII 2중 (정규식 + 체크섬), 인젝션 2중 (키워드 + 구조)
+- **보안 등급 스코어** (A-F) — Critical 발견 시 자동 뱃지 잠금
+- **Fix-it 가이드** — 경고만 하지 않고, 코드 예제와 함께 수정 방법 제시
+- **Evidence Pack** — 컴플라이언스용 PDF + JSON 리포트, 무결성 봉인 (SHA-256 + UUID)
+- **MCP 네이티브** — AI 에이전트 설정 전용 (Claude, Cursor, Windsurf)
+- **경량** — 의존성 4개, 오프라인 실행 가능, CI/CD 즉시 연동
+
 ```bash
 npx project-shield scan ./my-project
 ```

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "project-shield",
-  "version": "1.1.5",
+  "version": "1.1.6",
   "description": "Security scanner for AI coders and MCP users — detects API keys, secrets, and PII",
   "main": "dist/index.js",
   "bin": {
@@ -17,7 +17,8 @@
   },
   "files": [
     "dist/",
-    "rules/"
+    "rules/",
+    "LICENSE"
   ],
   "keywords": [
     "security",
@@ -31,8 +32,16 @@
     "claude",
     "llm"
   ],
-  "author": "",
+  "author": "ShovelMaker91",
   "license": "MIT",
+  "homepage": "https://github.com/Whitening-Sinabro/project-shield#readme",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/Whitening-Sinabro/project-shield.git"
+  },
+  "bugs": {
+    "url": "https://github.com/Whitening-Sinabro/project-shield/issues"
+  },
   "type": "commonjs",
   "dependencies": {
     "chalk": "^5.6.2",