shellward 0.6.4 → 0.6.6

package/README.md

@@ -8,9 +8,11 @@
 
 [![npm](https://img.shields.io/npm/v/shellward?color=cb0000&label=npm)](https://www.npmjs.com/package/shellward)
 [![license](https://img.shields.io/badge/license-Apache--2.0-blue)](./LICENSE)
-[![tests](https://img.shields.io/badge/tests-251%20passing-brightgreen)](#performance)
+[![tests](https://img.shields.io/badge/tests-262%20passing-brightgreen)](#performance)
 [![deps](https://img.shields.io/badge/dependencies-0-brightgreen)](#performance)
 
+**🌐 Website: https://jnmetacode.github.io/shellward/**
+
 [English](#demo) | [中文](#中文)
 
 ## 30-Second Compliance Scan

package/dist/cli.js

@@ -95,8 +95,8 @@ function runScan(args) {
                 body,
                 '',
                 zh
-                    ? '💡 这是只读扫描，未上传任何数据。要在运行时自动拦截风险，把 ShellWard 作为 MCP/插件接入你的 AI Agent。'
-                    : '💡 Read-only scan, nothing uploaded. To block these risks at runtime, integrate ShellWard as an MCP server/plugin in your AI agent.',
+                    ? '💡 只读扫描、不上传任何数据。得分仅反映本次可静态观测的项目风险；⚪ 待确认项需把 ShellWard 作为 MCP/插件部署为运行时防护，或人工核验后才能满足。'
+                    : '💡 Read-only scan, nothing uploaded. The score reflects only statically-observable project risk; ⚪ items require deploying ShellWard as a runtime guard (MCP/plugin) or manual review.',
             ];
             process.stdout.write(out.join('\n') + '\n');
         }

package/dist/compliance/audit.d.ts

@@ -39,12 +39,21 @@ export interface ComplianceReport {
 }
 /** 采集真实环境事实（运行时调用；测试可绕过直接注入 EnvFacts） */
 export declare function gatherEnvFacts(): EnvFacts;
+export interface AuditOptions {
+    /**
+     * ShellWard 是否作为运行时防护已部署。
+     * - true（默认）：MCP / 插件上下文，能力层确实在运行，如实评估
+     * - false：CLI 静态扫描，未部署运行时 —— 能力/审计类控制项标为顾问态，不虚报"已启用"
+     */
+    deployed?: boolean;
+}
 /**
  * 运行合规体检。
  * @param config ShellWard 当前配置
  * @param facts  环境事实；不传则从真实环境采集
+ * @param opts   评估上下文（是否已部署运行时）
  */
-export declare function runComplianceAudit(config: ShellWardConfig, facts?: EnvFacts): ComplianceReport;
+export declare function runComplianceAudit(config: ShellWardConfig, facts?: EnvFacts, opts?: AuditOptions): ComplianceReport;
 export interface ProjectComplianceResult {
     report: ComplianceReport;
     scan: ProjectScanResult;

package/dist/compliance/audit.js

@@ -67,10 +67,12 @@ function extractTs(line) {
  * 运行合规体检。
  * @param config ShellWard 当前配置
  * @param facts  环境事实；不传则从真实环境采集
+ * @param opts   评估上下文（是否已部署运行时）
  */
-export function runComplianceAudit(config, facts) {
+export function runComplianceAudit(config, facts, opts) {
     const env = facts ?? gatherEnvFacts();
-    const results = COMPLIANCE_CONTROLS.map(c => checkControl(c, config, env));
+    const deployed = opts?.deployed ?? true;
+    const results = COMPLIANCE_CONTROLS.map(c => checkControl(c, config, env, deployed));
     let passed = 0, warned = 0, failed = 0, manual = 0;
     for (const r of results) {
         if (r.status === 'pass')
@@ -116,7 +118,8 @@ export function runProjectComplianceAudit(config, root) {
             provider_en: f.provider_en,
         });
     }
-    const report = runComplianceAudit(config, env);
+    // CLI 静态扫描：未部署运行时 → 能力/审计类不虚报"已启用"，只如实评估项目证据
+    const report = runComplianceAudit(config, env, { deployed: false });
     // 发现驱动评分：项目实测风险按严重度扣分（封顶 40），使分数反映"你的真实风险"
     const penalty = computeProjectPenalty(scan);
     if (penalty > 0) {
@@ -134,7 +137,11 @@ function computeProjectPenalty(scan) {
         p += FINDING_PENALTY[f.severity];
     return Math.min(MAX_PROJECT_PENALTY, p);
 }
-function checkControl(c, config, env) {
+function checkControl(c, config, env, deployed) {
+    // 静态扫描（未部署运行时）下，能力层/审计日志类控制项无法验证 —— 标为顾问态，绝不虚报"已合规"
+    if (!deployed && (c.method === 'capability' || c.method === 'config' || c.method === 'audit')) {
+        return mk(c, 'manual', `ShellWard 运行时可提供此防护；当前为静态扫描、未部署，无法验证。整改：${c.remediation_zh}`, `Provided by ShellWard runtime; not verifiable in a static scan. ${c.remediation_en}`);
+    }
     switch (c.method) {
         case 'capability': return checkCapability(c, config);
         case 'config': return checkConfig(c, config);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "shellward",
-  "version": "0.6.4",
+  "version": "0.6.6",
   "mcpName": "io.github.jnMetaCode/shellward",
   "description": "AI agent security & MCP security middleware — prompt injection detection, AI firewall, runtime guardrails & data-loss prevention for LLM tool calls. 8-layer defense against data exfiltration & dangerous commands. Zero dependencies. SDK + OpenClaw plugin. Supports LangChain, AutoGPT, Claude Code, Cursor, OpenAI Agents, Hermes Agent.",
   "keywords": [

package/src/cli.ts

@@ -103,8 +103,8 @@ function runScan(args: string[]) {
         body,
         '',
         zh
-          ? '💡 这是只读扫描，未上传任何数据。要在运行时自动拦截风险，把 ShellWard 作为 MCP/插件接入你的 AI Agent。'
-          : '💡 Read-only scan, nothing uploaded. To block these risks at runtime, integrate ShellWard as an MCP server/plugin in your AI agent.',
+          ? '💡 只读扫描、不上传任何数据。得分仅反映本次可静态观测的项目风险；⚪ 待确认项需把 ShellWard 作为 MCP/插件部署为运行时防护，或人工核验后才能满足。'
+          : '💡 Read-only scan, nothing uploaded. The score reflects only statically-observable project risk; ⚪ items require deploying ShellWard as a runtime guard (MCP/plugin) or manual review.',
       ]
       process.stdout.write(out.join('\n') + '\n')
     }

package/src/compliance/audit.ts

@@ -113,14 +113,25 @@ function extractTs(line: string): string | undefined {
   return m?.[1]
 }
 
+export interface AuditOptions {
+  /**
+   * ShellWard 是否作为运行时防护已部署。
+   * - true（默认）：MCP / 插件上下文，能力层确实在运行，如实评估
+   * - false：CLI 静态扫描，未部署运行时 —— 能力/审计类控制项标为顾问态，不虚报"已启用"
+   */
+  deployed?: boolean
+}
+
 /**
  * 运行合规体检。
  * @param config ShellWard 当前配置
  * @param facts  环境事实；不传则从真实环境采集
+ * @param opts   评估上下文（是否已部署运行时）
  */
-export function runComplianceAudit(config: ShellWardConfig, facts?: EnvFacts): ComplianceReport {
+export function runComplianceAudit(config: ShellWardConfig, facts?: EnvFacts, opts?: AuditOptions): ComplianceReport {
   const env = facts ?? gatherEnvFacts()
-  const results: ControlResult[] = COMPLIANCE_CONTROLS.map(c => checkControl(c, config, env))
+  const deployed = opts?.deployed ?? true
+  const results: ControlResult[] = COMPLIANCE_CONTROLS.map(c => checkControl(c, config, env, deployed))
 
   let passed = 0, warned = 0, failed = 0, manual = 0
   for (const r of results) {
@@ -170,7 +181,8 @@ export function runProjectComplianceAudit(config: ShellWardConfig, root: string)
     })
   }
 
-  const report = runComplianceAudit(config, env)
+  // CLI 静态扫描：未部署运行时 → 能力/审计类不虚报"已启用"，只如实评估项目证据
+  const report = runComplianceAudit(config, env, { deployed: false })
 
   // 发现驱动评分：项目实测风险按严重度扣分（封顶 40），使分数反映"你的真实风险"
   const penalty = computeProjectPenalty(scan)
@@ -192,7 +204,13 @@ function computeProjectPenalty(scan: ProjectScanResult): number {
   return Math.min(MAX_PROJECT_PENALTY, p)
 }
 
-function checkControl(c: ComplianceControl, config: ShellWardConfig, env: EnvFacts): ControlResult {
+function checkControl(c: ComplianceControl, config: ShellWardConfig, env: EnvFacts, deployed: boolean): ControlResult {
+  // 静态扫描（未部署运行时）下，能力层/审计日志类控制项无法验证 —— 标为顾问态，绝不虚报"已合规"
+  if (!deployed && (c.method === 'capability' || c.method === 'config' || c.method === 'audit')) {
+    return mk(c, 'manual',
+      `ShellWard 运行时可提供此防护；当前为静态扫描、未部署，无法验证。整改：${c.remediation_zh}`,
+      `Provided by ShellWard runtime; not verifiable in a static scan. ${c.remediation_en}`)
+  }
   switch (c.method) {
     case 'capability': return checkCapability(c, config)
     case 'config':     return checkConfig(c, config)