seamshield 0.1.1 → 0.1.3

package/README.md

@@ -1,32 +1,43 @@
 # SeamShield
 
-SeamShield is the security layer for AI-built JavaScript and TypeScript apps. It scans for the predictable flaws that vibecoded projects ship: committed secrets, client-exposed server keys, client-only auth, open platform rules, unsafe agent config, and dependency supply-chain risks.
+Local security scanner for AI-built JavaScript and TypeScript apps.
 
-The current product surface is:
-
-- `npx seamshield scan` - CLI scanner with table, JSON, and SARIF output.
-- `npx seamshield fix-plan` - writes agent-ready remediation prompts.
-- `npx seamshield agent-context` - writes SeamShield instructions for Claude Code or Cursor.
-- `npx seamshield guard install` / `guard check` - Claude Code PreToolUse guard for insecure edits and commands.
+SeamShield finds common flaws that AI-generated apps often ship: committed secrets, client-exposed server keys, client-only auth, open platform rules, unsafe agent config, and dependency supply-chain risks.
 
 ## Install
 
 ```bash
-npm install -g seamshield
-# or
 npx seamshield scan .
 ```
 
+Or install globally:
+
+```bash
+npm install -g seamshield
+seamshield scan .
+```
+
 Requires Node.js 20 or newer.
 
+## Commands
+
+```bash
+seamshield scan .
+seamshield fix-plan .
+seamshield agent-context . --claude
+seamshield agent-context . --cursor
+seamshield guard install .
+seamshield guard check
+```
+
 ## Scan
 
 ```bash
-npx seamshield scan .
-npx seamshield scan . --format json
-npx seamshield scan . --format sarif
-npx seamshield scan . --fail-on high
-npx seamshield scan . --offline
+seamshield scan .
+seamshield scan . --format json
+seamshield scan . --format sarif
+seamshield scan . --fail-on high
+seamshield scan . --offline
 ```
 
 Exit codes:
@@ -37,24 +48,19 @@ Exit codes:
 
 `--offline` disables npm registry and OSV checks. Static rules still run.
 
-## Fix Plan
+## Fix Plans
 
 ```bash
-npx seamshield fix-plan .
+seamshield fix-plan .
 ```
 
-This writes `.seamshield/fix-plan.json` with:
-
-- the finding list,
-- redacted evidence,
-- per-finding `agent_prompt` text,
-- one combined `agent_markdown` block for Claude Code, Cursor, or another coding agent.
+Writes `.seamshield/fix-plan.json` with redacted findings and agent-ready remediation prompts.
 
 ## Agent Context
 
 ```bash
-npx seamshield agent-context . --claude
-npx seamshield agent-context . --cursor
+seamshield agent-context . --claude
+seamshield agent-context . --cursor
 ```
 
 Claude writes or updates `CLAUDE.md`. Cursor writes `.cursor/rules/seamshield.mdc`.
@@ -62,14 +68,14 @@ Claude writes or updates `CLAUDE.md`. Cursor writes `.cursor/rules/seamshield.md
 ## Claude Code Guard
 
 ```bash
-npx seamshield guard install .
+seamshield guard install .
 ```
 
-The guard installs a Claude Code `PreToolUse` hook for `Write`, `Edit`, `MultiEdit`, and `Bash`.
+Installs a Claude Code `PreToolUse` hook for `Write`, `Edit`, `MultiEdit`, and `Bash`.
 
-It denies block-severity edits such as hardcoded provider keys, service-role keys, private keys, committed dotenv files, open Firebase rules, or RLS disablement. Bash checks deny obvious dangerous commands such as `git add .env*`, `curl ... | sh`, and installs of npm packages that do not resolve.
+The guard denies block-severity edits such as hardcoded provider keys, service-role keys, private keys, committed dotenv files, open Firebase rules, or RLS disablement. Bash checks deny obvious dangerous commands such as `git add .env*`, `curl ... | sh`, and installs of npm packages that do not resolve.
 
-Guard behavior is fail-open: if the hook errors, it allows the tool call and appends diagnostics to `.seamshield/guard.log`. CI/release gates should stay fail-closed.
+Guard behavior is fail-open: if the hook errors, it allows the tool call and appends diagnostics to `.seamshield/guard.log`.
 
 ## Configuration
 
@@ -92,36 +98,21 @@ const fixtureKey = "sk_live_test_fixture_only";
 
 ## Privacy
 
-SeamShield v0.x runs locally. Static scanning does not transmit source code. Network dependency checks send package names and versions to the npm registry and OSV only; use `--offline` to disable them. Secret evidence is redacted before findings, JSON, SARIF, and fix plans are emitted.
-
-## Rule Coverage
-
-The rule pack covers:
+SeamShield runs locally. Static scanning does not transmit source code.
 
-- secrets and client exposure,
-- Next.js auth footguns,
-- Supabase, Convex, and Firebase platform mistakes,
-- dependency lockfile, pinning, hallucinated-package, and OSV vulnerability checks,
-- agent config secrets and overbroad permissions.
+Network dependency checks send package names and versions to the npm registry and OSV. Use `--offline` to disable those checks.
 
-Rules map back to the SeamShield framework files under `seamshield-final-framework/` and `AI_AGENT_DROP_IN.md`.
-
-## Development
-
-```bash
-pnpm install
-pnpm build
-pnpm test
-pnpm typecheck
-```
+Secret evidence is redacted before findings, JSON, SARIF, and fix plans are emitted.
 
-Before publishing:
+## Public Rule Coverage
 
-1. Revoke any exposed npm token and mint a fresh token.
-2. Run `pnpm build`, `pnpm test`, and `pnpm typecheck`.
-3. Verify `node packages/cli/dist/index.js scan examples/vulnerable-next-app --offline`.
-4. Publish from `packages/cli` after confirming package contents with `npm pack --dry-run`.
+- Secrets and client exposure
+- Next.js auth footguns
+- Supabase, Convex, and Firebase platform mistakes
+- Dependency lockfile, pinning, hallucinated-package, and OSV vulnerability checks
+- Agent config secrets and overbroad permissions
 
-## Framework
+## Links
 
-The original SeamShield framework remains in `seamshield-final-framework/`: Runtime, Artifact, Update, and Evidence planes; OPA policies; schemas; validators; and adoption guidance.
+- Repository: https://github.com/KaraboGerald/SeamShield
+- Issues: https://github.com/KaraboGerald/SeamShield/issues

package/dist/index.js

@@ -99,7 +99,7 @@ var require_picocolors = __commonJS({
 });
 
 // src/index.ts
-import { spawnSync as spawnSync2 } from "child_process";
+import { spawnSync as spawnSync3 } from "child_process";
 import { existsSync as existsSync2, mkdirSync, mkdtempSync, readFileSync as readFileSync6, rmSync, writeFileSync } from "fs";
 import { tmpdir } from "os";
 import { dirname as dirname3, join as join7, resolve as resolve2 } from "path";
@@ -141,6 +141,7 @@ import { dirname as dirname2, join as join4 } from "path";
 import { existsSync } from "fs";
 import { dirname as dirname22, join as join5 } from "path";
 import { readdirSync as readdirSync2, readFileSync as readFileSync4, statSync } from "fs";
+import { spawnSync as spawnSync2 } from "child_process";
 import { join as join6, relative as relative2 } from "path";
 import { z as z3 } from "zod";
 var ConfigSchema = z.object({
@@ -713,6 +714,8 @@ var SKIP_DIRS = /* @__PURE__ */ new Set([
 ]);
 var MAX_FILE_BYTES = 1e6;
 function walk(root) {
+  const gitFiles = gitTrackedAndUnignoredFiles(root);
+  if (gitFiles) return gitFiles;
   const files = [];
   const visit = (dir) => {
     let entries;
@@ -743,6 +746,15 @@ function walk(root) {
   visit(root);
   return files;
 }
+function gitTrackedAndUnignoredFiles(root) {
+  const result = spawnSync2(
+    "git",
+    ["-C", root, "ls-files", "--cached", "--others", "--exclude-standard"],
+    { encoding: "utf8", timeout: 1500 }
+  );
+  if (result.error || result.status !== 0 || typeof result.stdout !== "string") return null;
+  return result.stdout.split("\n").filter(Boolean).filter((rel) => !rel.split("/").some((part) => SKIP_DIRS.has(part))).filter((rel) => rel !== ".claude/worktrees" && !rel.includes("/.claude/worktrees/")).filter((rel) => rel !== ".worktrees" && !rel.startsWith(".worktrees/")).map((rel) => ({ abs: join6(root, rel), rel }));
+}
 var FileCache = class {
   cache = /* @__PURE__ */ new Map();
   read(abs) {
@@ -1013,7 +1025,7 @@ function bashDecision(command) {
     const name = command.match(/npm\s+(?:i|install|add)\s+(@?[\w.-]+\/?[\w.-]*)/)?.[1];
     if (name) {
       const encoded = name.startsWith("@") ? name.replace("/", "%2F") : name;
-      const res = spawnSync2("curl", ["-fsSI", `https://registry.npmjs.org/${encoded}`], {
+      const res = spawnSync3("curl", ["-fsSI", `https://registry.npmjs.org/${encoded}`], {
         encoding: "utf8",
         timeout: 750
       });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "seamshield",
-  "version": "0.1.1",
+  "version": "0.1.3",
   "description": "Security scanner for AI-generated apps: finds the flaws vibecoded projects predictably ship",
   "type": "module",
   "license": "MIT",
@@ -42,7 +42,7 @@
     "node": ">=20"
   },
   "scripts": {
-    "build": "tsup src/index.ts --format esm --clean && tsc -p tsconfig.build.json && rm -rf rules schemas && cp -R ../rules/rules ../rules/schemas . && cp ../../README.md README.md",
+    "build": "tsup src/index.ts --format esm --clean && tsc -p tsconfig.build.json && rm -rf rules schemas && cp -R ../rules/rules ../rules/schemas .",
     "prepack": "pnpm run build",
     "test": "vitest run"
   },

package/rules/ss-client-next-public-secret.yaml

@@ -19,9 +19,15 @@ check:
       - ".cjs"
     basenames:
       - ".env*"
+  exclude:
+    dirs:
+      - "scripts"
+      - "test"
+      - "tests"
+      - "__tests__"
   patterns:
     - name: next-public-secret-name
-      regex: "NEXT_PUBLIC_[A-Z0-9_]*(?:SECRET|SERVICE_ROLE|PRIVATE|PASSWORD|ADMIN)[A-Z0-9_]*"
+      regex: "(?:^\\s*|process\\.env\\.|import\\.meta\\.env\\.)(NEXT_PUBLIC_[A-Z0-9_]*(?:SECRET|SERVICE_ROLE|PRIVATE|PASSWORD|ADMIN)[A-Z0-9_]*)"
 fix:
   summary: Rename the variable to drop the NEXT_PUBLIC_ prefix and read it only on the server.
   agent_prompt: >