shellward 0.7.0 → 0.7.2

package/README.md

@@ -8,7 +8,7 @@
 
 [![npm](https://img.shields.io/npm/v/shellward?color=cb0000&label=npm)](https://www.npmjs.com/package/shellward)
 [![license](https://img.shields.io/badge/license-Apache--2.0-blue)](./LICENSE)
-[![tests](https://img.shields.io/badge/tests-273%20passing-brightgreen)](#performance)
+[![tests](https://img.shields.io/badge/tests-282%20passing-brightgreen)](#performance)
 [![deps](https://img.shields.io/badge/dependencies-0-brightgreen)](#performance)
 
 **🌐 官网: https://jnmetacode.github.io/shellward/**

package/dist/compliance/audit.d.ts

@@ -36,6 +36,10 @@ export interface ComplianceReport {
     generatedAt: string;
     /** 项目实测风险造成的扣分（仅项目体检路径）；0 表示纯控制项评分 */
     projectPenalty?: number;
+    /** 是否为静态扫描（未部署运行时）：此时多数控制项不可验证，得分不代表完整合规 */
+    staticScan?: boolean;
+    /** 项目扫描的文件总数（静态扫描路径） */
+    filesScanned?: number;
 }
 /** 采集真实环境事实（运行时调用；测试可绕过直接注入 EnvFacts） */
 export declare function gatherEnvFacts(): EnvFacts;

package/dist/compliance/audit.js

@@ -127,6 +127,8 @@ export function runProjectComplianceAudit(config, root) {
         report.grade = gradeOf(report.score);
         report.projectPenalty = penalty;
     }
+    report.staticScan = true;
+    report.filesScanned = scan.filesScanned;
     return { report, scan };
 }
 const FINDING_PENALTY = { critical: 8, high: 4, medium: 1 };

package/dist/compliance/html-report.js

@@ -40,23 +40,35 @@ export function renderHtmlReport(report, scan, locale, meta) {
     const when = report.generatedAt.slice(0, 19).replace('T', ' ');
     const S = [];
     // ===== 评分 Hero =====
+    // 诚实原则：静态扫描下多数控制项不可验证，不展示"优秀/A"式合规结论，
+    // 改以「风险发现数」为主指标，得分仅作"可观测项"的次要参考。
+    const findingsN = scan.findings.length;
+    const gradeLabel = report.staticScan ? t('可观测项', 'observable') : t(g.zh, g.en);
+    const verdict = report.staticScan
+        ? (findingsN === 0
+            ? { txt: t('未发现可观测风险', 'No observable risks'), c: '#16a34a', ic: '🟢' }
+            : { txt: t(`发现 ${findingsN} 项风险`, `${findingsN} risk(s) found`), c: '#dc2626', ic: '🔴' })
+        : { txt: t(g.zh, g.en), c: g.color, ic: '' };
     S.push(`
   <section class="hero">
     <div class="gauge" style="--p:${report.score};--c:${g.color}">
       <div class="gauge-in">
         <div class="gscore">${report.score}<small>/100</small></div>
-        <div class="ggrade" style="color:${g.color}">${esc(report.grade)} · ${t(g.zh, g.en)}</div>
+        <div class="ggrade" style="color:${g.color}">${esc(report.grade)} · ${esc(gradeLabel)}</div>
       </div>
     </div>
     <div class="hero-side">
+      <div class="verdict" style="--vc:${verdict.c}">${verdict.ic} ${esc(verdict.txt)}</div>
       <div class="stat-row">
         ${stat('pass', '🟢', t('合规', 'Pass'), report.passed)}
         ${stat('warn', '🟡', t('部分', 'Partial'), report.warned)}
         ${stat('fail', '🔴', t('不合规', 'Fail'), report.failed)}
-        ${stat('manual', '⚪', t('待确认', 'Review'), report.manual)}
+        ${stat('manual', '⚪', t('待核验', 'Review'), report.manual)}
       </div>
       ${report.projectPenalty ? `<div class="penalty">⚠ ${t('含项目实测风险扣分', 'Includes project-scan penalty')} <b>−${report.projectPenalty}</b></div>` : ''}
-      <p class="hero-note">${t('得分基于本次可静态观测的项目风险。⚪ 待确认项需把 ShellWard 部署为运行时防护或人工核验。', 'Score reflects statically-observable project risk. ⚪ items need runtime deployment or manual review.')}</p>
+      <p class="hero-note">${report.staticScan
+        ? t(`⚠ 本次为静态扫描：已检查 ${report.filesScanned ?? scan.filesScanned} 个文件，仅评估可观测风险。<b>${report.manual} 项合规控制项未验证</b>（需部署 ShellWard 运行时或人工核验）——本报告不构成完整合规结论，得分仅供参考。`, `⚠ Static scan: checked ${report.filesScanned ?? scan.filesScanned} files for observable risk only. <b>${report.manual} controls unverified</b> — not a complete compliance verdict.`)
+        : t('得分基于已部署运行时的合规评估。', 'Score based on deployed-runtime assessment.')}</p>
     </div>
   </section>`);
     // ===== 项目实测风险 =====
@@ -225,6 +237,7 @@ section,.reg{padding:0 36px}
 .gscore small{font-size:15px;font-weight:500;color:var(--faint)}
 .ggrade{font-size:14px;font-weight:700;margin-top:6px}
 .hero-side{flex:1;min-width:0}
+.verdict{font-size:17px;font-weight:800;color:var(--vc);margin:0 0 12px}
 .stat-row{display:grid;grid-template-columns:repeat(4,1fr);gap:10px}
 .stat{background:#fff;border:1px solid var(--line);border-radius:10px;padding:10px 12px;text-align:center}
 .stat .sn{font-size:22px;font-weight:800;line-height:1}

package/dist/compliance/report.js

@@ -31,21 +31,39 @@ export function renderComplianceReport(report, locale) {
     const bar = scoreBar(report.score);
     L.push(zh ? '## 总评' : '## Overall');
     L.push('');
-    L.push(`**${zh ? '合规得分' : 'Score'}: ${report.score}/100　${gradeBadge(report.grade)}**`);
-    L.push('');
-    L.push('```');
-    L.push(`${bar}  ${report.score}/100  [${report.grade}]`);
-    L.push('```');
+    // 诚实原则：静态扫描下不报"优秀/A"式合规结论，以风险发现数为主指标
+    if (report.staticScan) {
+        const fn = report.failed + (report.projectPenalty ? 1 : 0);
+        L.push(zh
+            ? `**项目实测风险: ${report.failed === 0 && !report.projectPenalty ? '🟢 未发现可观测风险' : '🔴 发现风险，详见下方'}**`
+            : `**Observable risk: ${report.failed === 0 && !report.projectPenalty ? '🟢 none found' : '🔴 see below'}**`);
+        L.push('');
+        L.push(`${bar}  ${report.score}/100 ${zh ? '（可观测合规项，仅供参考）' : '(observable controls only)'}`);
+        void fn;
+    }
+    else {
+        L.push(`**${zh ? '合规得分' : 'Score'}: ${report.score}/100　${gradeBadge(report.grade)}**`);
+        L.push('');
+        L.push('```');
+        L.push(`${bar}  ${report.score}/100  [${report.grade}]`);
+        L.push('```');
+    }
     L.push('');
     L.push(zh
-        ? `🟢 合规 ${report.passed} ｜ 🟡 部分 ${report.warned} ｜ 🔴 不合规 ${report.failed} ｜ ⚪ 待确认 ${report.manual}　(共 ${report.total} 项)`
-        : `🟢 Pass ${report.passed} ｜ 🟡 Partial ${report.warned} ｜ 🔴 Fail ${report.failed} ｜ ⚪ Manual ${report.manual}　(${report.total} controls)`);
+        ? `🟢 合规 ${report.passed} ｜ 🟡 部分 ${report.warned} ｜ 🔴 不合规 ${report.failed} ｜ ⚪ 待核验 ${report.manual}　(共 ${report.total} 项)`
+        : `🟢 Pass ${report.passed} ｜ 🟡 Partial ${report.warned} ｜ 🔴 Fail ${report.failed} ｜ ⚪ Review ${report.manual}　(${report.total} controls)`);
     if (report.projectPenalty && report.projectPenalty > 0) {
         L.push('');
         L.push(zh
             ? `> 含项目实测风险扣分 **-${report.projectPenalty}**（见下方「项目实测风险」）`
             : `> Includes **-${report.projectPenalty}** from project scan findings (see Project Scan Findings)`);
     }
+    if (report.staticScan) {
+        L.push('');
+        L.push(zh
+            ? `> ⚠ 本次为静态扫描：已检查 ${report.filesScanned ?? '?'} 个文件，仅评估可观测风险；**${report.manual} 项合规控制项未验证**（需部署 ShellWard 运行时或人工核验）。本报告不构成完整合规结论。`
+            : `> ⚠ Static scan: ${report.filesScanned ?? '?'} files checked; **${report.manual} controls unverified**. Not a complete compliance verdict.`);
+    }
     L.push('');
     // ===== 优先整改（fail 项，按严重度） =====
     const fails = report.results

package/dist/web/scan-server.js

@@ -14,15 +14,15 @@
 //   - 并发上限，防滥用
 import { createServer } from 'http';
 import { spawn } from 'child_process';
-import { mkdtempSync, rmSync, existsSync, statSync } from 'fs';
+import { mkdtempSync, rmSync, existsSync, statSync, mkdirSync, writeFileSync } from 'fs';
 import { tmpdir } from 'os';
-import { join, resolve } from 'path';
+import { join, resolve, dirname, normalize, isAbsolute } from 'path';
 import { runProjectComplianceAudit } from '../compliance/audit.js';
 import { renderHtmlReport } from '../compliance/html-report.js';
 import { DEFAULT_CONFIG, resolveLocale } from '../types.js';
 const REPO_RE = /^https:\/\/(github\.com|gitlab\.com|gitee\.com|bitbucket\.org)\/[A-Za-z0-9_.-]+\/[A-Za-z0-9_.-]+?(?:\.git)?\/?$/;
-const CLONE_TIMEOUT_MS = 30_000;
-const MAX_CONCURRENT = 2;
+const CLONE_TIMEOUT_MS = 60_000;
+const MAX_CONCURRENT = 4;
 /** 校验仓库 URL：仅允许白名单代码托管域名，拒绝带凭据/异常字符 */
 export function validateRepoUrl(input) {
     const url = (input || '').trim();
@@ -44,6 +44,14 @@ export function startWebServer(opts) {
             if (u.pathname === '/' || u.pathname === '') {
                 return send(res, 200, 'text/html', formPage(!!opts.local));
             }
+            // 本地客户端：选文件夹上传（仅本地模式；数据只到 localhost、不出本机）
+            if (u.pathname === '/scan-files' && req.method === 'POST') {
+                if (!opts.local)
+                    return send(res, 403, 'text/html', errorPage('公网模式不支持上传；请用「公开仓库 URL」。'));
+                if (active >= MAX_CONCURRENT)
+                    return send(res, 503, 'text/html', errorPage('服务繁忙，请稍后再试'));
+                return await handleUpload(req, res, locale, () => { active++; }, () => { active--; });
+            }
             if (u.pathname === '/scan') {
                 if (active >= MAX_CONCURRENT) {
                     return send(res, 503, 'text/html', errorPage('服务繁忙，请稍后再试（并发上限）'));
@@ -93,7 +101,9 @@ async function handleRepo(res, repo, locale, inc, dec) {
         send(res, 200, 'text/html', renderHtmlReport(report, scan, locale, { root: v.url }));
     }
     catch (e) {
-        send(res, 502, 'text/html', errorPage('克隆/扫描失败：' + esc(e?.message || String(e)) + '。请确认是可公开访问的仓库。'));
+        const msg = esc(e?.message || String(e));
+        send(res, 502, 'text/html', errorPage(`克隆/扫描失败：${msg}。<br><br>可能原因：仓库过大（克隆超时 60s）、私有仓库、或地址有误。<br>` +
+            `<b>大仓库 / 私有代码请用本地客户端</b>（选文件夹、不上传）：<code>npx shellward web --local</code>，或命令行 <code>npx shellward scan</code>。`));
     }
     finally {
         dec();
@@ -117,6 +127,72 @@ async function handleLocal(res, path, locale, inc, dec) {
         dec();
     }
 }
+const MAX_UPLOAD_BYTES = 16 * 1024 * 1024; // 16MB JSON 上限
+/** 本地上传：客户端把选中的文件夹读成 {path,content}[] 发来，写入临时目录后扫描 */
+async function handleUpload(req, res, locale, inc, dec) {
+    let body = '';
+    let size = 0;
+    let aborted = false;
+    await new Promise((resolveBody) => {
+        req.on('data', (c) => {
+            size += c.length;
+            if (size > MAX_UPLOAD_BYTES) {
+                aborted = true;
+                req.destroy();
+                resolveBody();
+                return;
+            }
+            body += c.toString('utf8');
+        });
+        req.on('end', () => resolveBody());
+        req.on('error', () => { aborted = true; resolveBody(); });
+    });
+    if (aborted)
+        return send(res, 413, 'text/html', errorPage('内容过大或读取失败（上限 16MB）。大项目请用本地 CLI：npx shellward scan'));
+    let payload;
+    try {
+        payload = JSON.parse(body);
+    }
+    catch {
+        return send(res, 400, 'text/html', errorPage('上传数据格式错误'));
+    }
+    const files = Array.isArray(payload.files) ? payload.files : [];
+    if (files.length === 0)
+        return send(res, 400, 'text/html', errorPage('未选择任何文件'));
+    const dir = mkdtempSync(join(tmpdir(), 'sw-up-'));
+    inc();
+    try {
+        for (const f of files) {
+            if (!f || typeof f.path !== 'string' || typeof f.content !== 'string')
+                continue;
+            // 路径安全：去掉绝对路径/.. 逃逸，落在临时目录内
+            const rel = normalize(f.path).replace(/^(\.\.(\/|\\|$))+/, '');
+            if (isAbsolute(rel) || rel.includes('..'))
+                continue;
+            const dest = join(dir, rel);
+            if (!dest.startsWith(dir))
+                continue;
+            try {
+                mkdirSync(dirname(dest), { recursive: true });
+                writeFileSync(dest, f.content);
+            }
+            catch { /* skip */ }
+        }
+        const { report, scan } = runProjectComplianceAudit(DEFAULT_CONFIG, dir);
+        const rootName = typeof payload.root === 'string' && payload.root ? payload.root : '(uploaded folder)';
+        send(res, 200, 'text/html', renderHtmlReport(report, scan, locale, { root: rootName }));
+    }
+    catch (e) {
+        send(res, 500, 'text/html', errorPage('扫描失败：' + esc(e?.message || String(e))));
+    }
+    finally {
+        dec();
+        try {
+            rmSync(dir, { recursive: true, force: true });
+        }
+        catch { /* ignore */ }
+    }
+}
 /** 浅克隆公开仓库到临时目录（不鉴权、超时、不执行任何仓库代码） */
 function cloneRepo(url, dir) {
     return new Promise((res, rej) => {
@@ -139,26 +215,65 @@ function send(res, code, type, body) {
     res.end(body);
 }
 function formPage(local) {
-    const field = local
-        ? `<label>本地项目路径</label>
-       <input name="path" placeholder="/Users/you/your-ai-project" autofocus>
-       <p class="hint">本地模式：代码不上传、不出本机（客户端体验）。</p>`
-        : `<label>公开仓库地址</label>
-       <input name="repo" placeholder="https://github.com/owner/repo" autofocus>
-       <p class="hint">仅支持公开仓库（GitHub / GitLab / Gitee / Bitbucket）。<b>私有/敏感代码请用本地 CLI</b>：<code>npx shellward scan</code>（不上传）。</p>`;
+    const urlForm = `
+      <form action="/scan" method="get" onsubmit="var b=this.querySelector('button');b.disabled=true;b.textContent='扫描中…（大仓库需 10–60 秒，请勿重复点击）';">
+        <label>${local ? '② ' : ''}公开仓库地址</label>
+        <input name="repo" placeholder="https://github.com/owner/repo"${local ? '' : ' autofocus'}>
+        <button type="submit">${local ? '体检该仓库 →' : '开始体检 →'}</button>
+        <p class="hint">仅支持公开仓库（GitHub / GitLab / Gitee / Bitbucket）。大仓库可能超时——${local ? '此时改用上方「选择文件夹」更稳。' : '<b>大仓库 / 私有代码请用本地客户端或 CLI</b>：<code>npx shellward web --local</code> / <code>npx shellward scan</code>（不上传）。'}</p>
+      </form>`;
+    const uploadForm = local ? `
+      <form id="dirform">
+        <label>① 选择本地项目文件夹（推荐）</label>
+        <input type="file" id="dir" webkitdirectory directory multiple>
+        <button id="dbtn" type="submit">开始体检 →</button>
+        <p class="hint">📂 直接选你的项目文件夹，无需敲路径。文件仅发送到<b>本机的本地服务</b>处理，<b>不经过任何外部服务器、不出本机</b>。</p>
+      </form>
+      <div class="or">— 或 —</div>` : '';
     return page('ShellWard 合规体检', `
     <div class="hero">
       <div class="logo">🛡️ Shell<span>Ward</span> 合规网关</div>
       <h1>AI 应用合规体检</h1>
-      <p class="sub">${local ? '填本地路径' : '贴公开仓库链接'}，30 秒查出数据出境 / 硬编码密钥 / 个人信息暴露等中国合规红线。</p>
-      <form action="/scan" method="get">
-        ${field}
-        <button type="submit">开始体检 →</button>
-      </form>
+      <p class="sub">${local ? '选项目文件夹或贴公开仓库链接' : '贴公开仓库链接'}，30 秒查出数据出境 / 硬编码密钥 / 个人信息暴露等中国合规红线。</p>
+      ${uploadForm}
+      ${urlForm}
       <p class="foot">网安法 2026 · PIPL · 等保2.0 · 数据出境 · AI标识 ｜ 零依赖 · 开源 ·
         <a href="https://github.com/jnMetaCode/shellward">GitHub ⭐</a></p>
-    </div>`);
+    </div>
+    ${local ? UPLOAD_SCRIPT : ''}`);
 }
+// 客户端：读取所选文件夹 → 过滤(跳过 node_modules 等、仅文本/配置、限大小) → POST 到本机服务
+const UPLOAD_SCRIPT = `<script>
+(function(){
+  var SKIP=/(^|\\/)(node_modules|\\.git|dist|build|\\.next|out|vendor|coverage|\\.venv|venv|__pycache__|target|\\.cache)(\\/|$)/;
+  var EXT=/\\.(ts|tsx|js|jsx|mjs|cjs|py|go|rb|java|php|rs|json|yaml|yml|toml|ini|conf|sh|txt|csv)$/i;
+  var ENV=/(^|\\/)\\.env(\\.|$)/; var DEP=/^(package\\.json|requirements\\.txt|pyproject\\.toml|go\\.mod)$/;
+  var form=document.getElementById('dirform'); if(!form) return;
+  form.addEventListener('submit', async function(e){
+    e.preventDefault();
+    var inp=document.getElementById('dir'), btn=document.getElementById('dbtn');
+    if(!inp.files||!inp.files.length){alert('请先选择项目文件夹');return;}
+    btn.disabled=true; btn.textContent='读取中…';
+    var picked=[], total=0, root='';
+    for(var i=0;i<inp.files.length;i++){
+      var f=inp.files[i], rel=f.webkitRelativePath||f.name; if(!root)root=rel.split('/')[0];
+      if(SKIP.test(rel)) continue;
+      var base=rel.split('/').pop();
+      if(!(EXT.test(rel)||ENV.test(rel)||DEP.test(base))) continue;
+      if(f.size>524288) continue;
+      if(picked.length>=3000||total>8388608) break;
+      total+=f.size; picked.push(f);
+    }
+    if(!picked.length){alert('未找到可扫描的源码/配置文件');btn.disabled=false;btn.textContent='开始体检 →';return;}
+    btn.textContent='扫描中… ('+picked.length+' 个文件)';
+    var out=[]; for(var j=0;j<picked.length;j++){ try{ out.push({path:picked[j].webkitRelativePath||picked[j].name, content:await picked[j].text()}); }catch(_){} }
+    try{
+      var resp=await fetch('/scan-files',{method:'POST',headers:{'Content-Type':'application/json'},body:JSON.stringify({root:root,files:out})});
+      var html=await resp.text(); document.open(); document.write(html); document.close();
+    }catch(err){ alert('扫描失败: '+err); btn.disabled=false; btn.textContent='开始体检 →'; }
+  });
+})();
+</script>`;
 function errorPage(msg) {
     return page('出错了', `<div class="hero"><div class="logo">🛡️ Shell<span>Ward</span></div>
     <h1>⚠️ 无法完成</h1><p class="sub">${esc(msg)}</p>
@@ -182,8 +297,11 @@ input{padding:14px 16px;border:1px solid #cbd5e1;border-radius:10px;font-size:16
 input:focus{outline:none;border-color:#cb0000;box-shadow:0 0 0 3px rgba(203,0,0,.12)}
 .hint{font-size:12.5px;color:#64748b;margin:2px 0 6px}
 .hint code{background:#f1f5f9;padding:1px 6px;border-radius:5px}
+input[type=file]{padding:12px;background:#f8fafc;cursor:pointer}
 button{background:#cb0000;color:#fff;border:0;border-radius:10px;padding:14px;font-size:16px;
 font-weight:700;cursor:pointer;margin-top:4px}button:hover{background:#a80000}
+button:disabled{background:#94a3b8;cursor:default}
+form{margin:0 0 14px}.or{text-align:center;color:#94a3b8;font-size:13px;margin:6px 0 14px}
 .foot{margin:24px 0 0;font-size:12.5px;color:#94a3b8}.foot a,.back{color:#cb0000;text-decoration:none}
 .back{font-weight:600}
 </style></head><body>${body}</body></html>`;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "shellward",
-  "version": "0.7.0",
+  "version": "0.7.2",
   "mcpName": "io.github.jnMetaCode/shellward",
   "description": "AI agent security & MCP security middleware — prompt injection detection, AI firewall, runtime guardrails & data-loss prevention for LLM tool calls. 8-layer defense against data exfiltration & dangerous commands. Zero dependencies. SDK + OpenClaw plugin. Supports LangChain, AutoGPT, Claude Code, Cursor, OpenAI Agents, Hermes Agent.",
   "keywords": [

package/src/compliance/audit.ts

@@ -57,6 +57,10 @@ export interface ComplianceReport {
   generatedAt: string
   /** 项目实测风险造成的扣分（仅项目体检路径）；0 表示纯控制项评分 */
   projectPenalty?: number
+  /** 是否为静态扫描（未部署运行时）：此时多数控制项不可验证，得分不代表完整合规 */
+  staticScan?: boolean
+  /** 项目扫描的文件总数（静态扫描路径） */
+  filesScanned?: number
 }
 
 /** 层能力映射：控制项 id → 必须启用的层（全部启用才 pass，部分启用 warn，全关 fail） */
@@ -191,6 +195,8 @@ export function runProjectComplianceAudit(config: ShellWardConfig, root: string)
     report.grade = gradeOf(report.score)
     report.projectPenalty = penalty
   }
+  report.staticScan = true
+  report.filesScanned = scan.filesScanned
 
   return { report, scan }
 }

package/src/compliance/html-report.ts

@@ -60,25 +60,37 @@ export function renderHtmlReport(
   const S: string[] = []
 
   // ===== 评分 Hero =====
+  // 诚实原则：静态扫描下多数控制项不可验证，不展示"优秀/A"式合规结论，
+  // 改以「风险发现数」为主指标，得分仅作"可观测项"的次要参考。
+  const findingsN = scan.findings.length
+  const gradeLabel = report.staticScan ? t('可观测项', 'observable') : t(g.zh, g.en)
+  const verdict = report.staticScan
+    ? (findingsN === 0
+        ? { txt: t('未发现可观测风险', 'No observable risks'), c: '#16a34a', ic: '🟢' }
+        : { txt: t(`发现 ${findingsN} 项风险`, `${findingsN} risk(s) found`), c: '#dc2626', ic: '🔴' })
+    : { txt: t(g.zh, g.en), c: g.color, ic: '' }
+
   S.push(`
   <section class="hero">
     <div class="gauge" style="--p:${report.score};--c:${g.color}">
       <div class="gauge-in">
         <div class="gscore">${report.score}<small>/100</small></div>
-        <div class="ggrade" style="color:${g.color}">${esc(report.grade)} · ${t(g.zh, g.en)}</div>
+        <div class="ggrade" style="color:${g.color}">${esc(report.grade)} · ${esc(gradeLabel)}</div>
       </div>
     </div>
     <div class="hero-side">
+      <div class="verdict" style="--vc:${verdict.c}">${verdict.ic} ${esc(verdict.txt)}</div>
       <div class="stat-row">
         ${stat('pass', '🟢', t('合规', 'Pass'), report.passed)}
         ${stat('warn', '🟡', t('部分', 'Partial'), report.warned)}
         ${stat('fail', '🔴', t('不合规', 'Fail'), report.failed)}
-        ${stat('manual', '⚪', t('待确认', 'Review'), report.manual)}
+        ${stat('manual', '⚪', t('待核验', 'Review'), report.manual)}
       </div>
       ${report.projectPenalty ? `<div class="penalty">⚠ ${t('含项目实测风险扣分', 'Includes project-scan penalty')} <b>−${report.projectPenalty}</b></div>` : ''}
-      <p class="hero-note">${t(
-        '得分基于本次可静态观测的项目风险。⚪ 待确认项需把 ShellWard 部署为运行时防护或人工核验。',
-        'Score reflects statically-observable project risk. ⚪ items need runtime deployment or manual review.')}</p>
+      <p class="hero-note">${report.staticScan
+        ? t(`⚠ 本次为静态扫描：已检查 ${report.filesScanned ?? scan.filesScanned} 个文件，仅评估可观测风险。<b>${report.manual} 项合规控制项未验证</b>（需部署 ShellWard 运行时或人工核验）——本报告不构成完整合规结论，得分仅供参考。`,
+            `⚠ Static scan: checked ${report.filesScanned ?? scan.filesScanned} files for observable risk only. <b>${report.manual} controls unverified</b> — not a complete compliance verdict.`)
+        : t('得分基于已部署运行时的合规评估。', 'Score based on deployed-runtime assessment.')}</p>
     </div>
   </section>`)
 
@@ -263,6 +275,7 @@ section,.reg{padding:0 36px}
 .gscore small{font-size:15px;font-weight:500;color:var(--faint)}
 .ggrade{font-size:14px;font-weight:700;margin-top:6px}
 .hero-side{flex:1;min-width:0}
+.verdict{font-size:17px;font-weight:800;color:var(--vc);margin:0 0 12px}
 .stat-row{display:grid;grid-template-columns:repeat(4,1fr);gap:10px}
 .stat{background:#fff;border:1px solid var(--line);border-radius:10px;padding:10px 12px;text-align:center}
 .stat .sn{font-size:22px;font-weight:800;line-height:1}

package/src/compliance/report.ts

@@ -41,21 +41,38 @@ export function renderComplianceReport(report: ComplianceReport, locale: 'zh' |
   const bar = scoreBar(report.score)
   L.push(zh ? '## 总评' : '## Overall')
   L.push('')
-  L.push(`**${zh ? '合规得分' : 'Score'}: ${report.score}/100　${gradeBadge(report.grade)}**`)
-  L.push('')
-  L.push('```')
-  L.push(`${bar}  ${report.score}/100  [${report.grade}]`)
-  L.push('```')
+  // 诚实原则：静态扫描下不报"优秀/A"式合规结论，以风险发现数为主指标
+  if (report.staticScan) {
+    const fn = report.failed + (report.projectPenalty ? 1 : 0)
+    L.push(zh
+      ? `**项目实测风险: ${report.failed === 0 && !report.projectPenalty ? '🟢 未发现可观测风险' : '🔴 发现风险，详见下方'}**`
+      : `**Observable risk: ${report.failed === 0 && !report.projectPenalty ? '🟢 none found' : '🔴 see below'}**`)
+    L.push('')
+    L.push(`${bar}  ${report.score}/100 ${zh ? '（可观测合规项，仅供参考）' : '(observable controls only)'}`)
+    void fn
+  } else {
+    L.push(`**${zh ? '合规得分' : 'Score'}: ${report.score}/100　${gradeBadge(report.grade)}**`)
+    L.push('')
+    L.push('```')
+    L.push(`${bar}  ${report.score}/100  [${report.grade}]`)
+    L.push('```')
+  }
   L.push('')
   L.push(zh
-    ? `🟢 合规 ${report.passed} ｜ 🟡 部分 ${report.warned} ｜ 🔴 不合规 ${report.failed} ｜ ⚪ 待确认 ${report.manual}　(共 ${report.total} 项)`
-    : `🟢 Pass ${report.passed} ｜ 🟡 Partial ${report.warned} ｜ 🔴 Fail ${report.failed} ｜ ⚪ Manual ${report.manual}　(${report.total} controls)`)
+    ? `🟢 合规 ${report.passed} ｜ 🟡 部分 ${report.warned} ｜ 🔴 不合规 ${report.failed} ｜ ⚪ 待核验 ${report.manual}　(共 ${report.total} 项)`
+    : `🟢 Pass ${report.passed} ｜ 🟡 Partial ${report.warned} ｜ 🔴 Fail ${report.failed} ｜ ⚪ Review ${report.manual}　(${report.total} controls)`)
   if (report.projectPenalty && report.projectPenalty > 0) {
     L.push('')
     L.push(zh
       ? `> 含项目实测风险扣分 **-${report.projectPenalty}**（见下方「项目实测风险」）`
       : `> Includes **-${report.projectPenalty}** from project scan findings (see Project Scan Findings)`)
   }
+  if (report.staticScan) {
+    L.push('')
+    L.push(zh
+      ? `> ⚠ 本次为静态扫描：已检查 ${report.filesScanned ?? '?'} 个文件，仅评估可观测风险；**${report.manual} 项合规控制项未验证**（需部署 ShellWard 运行时或人工核验）。本报告不构成完整合规结论。`
+      : `> ⚠ Static scan: ${report.filesScanned ?? '?'} files checked; **${report.manual} controls unverified**. Not a complete compliance verdict.`)
+  }
   L.push('')
 
   // ===== 优先整改（fail 项，按严重度） =====

package/src/web/scan-server.ts

@@ -15,16 +15,16 @@
 
 import { createServer } from 'http'
 import { spawn } from 'child_process'
-import { mkdtempSync, rmSync, existsSync, statSync } from 'fs'
+import { mkdtempSync, rmSync, existsSync, statSync, mkdirSync, writeFileSync } from 'fs'
 import { tmpdir } from 'os'
-import { join, resolve } from 'path'
+import { join, resolve, dirname, normalize, isAbsolute } from 'path'
 import { runProjectComplianceAudit } from '../compliance/audit.js'
 import { renderHtmlReport } from '../compliance/html-report.js'
 import { DEFAULT_CONFIG, resolveLocale } from '../types.js'
 
 const REPO_RE = /^https:\/\/(github\.com|gitlab\.com|gitee\.com|bitbucket\.org)\/[A-Za-z0-9_.-]+\/[A-Za-z0-9_.-]+?(?:\.git)?\/?$/
-const CLONE_TIMEOUT_MS = 30_000
-const MAX_CONCURRENT = 2
+const CLONE_TIMEOUT_MS = 60_000
+const MAX_CONCURRENT = 4
 
 export interface WebServerOptions {
   port: number
@@ -52,6 +52,12 @@ export function startWebServer(opts: WebServerOptions): void {
       if (u.pathname === '/' || u.pathname === '') {
         return send(res, 200, 'text/html', formPage(!!opts.local))
       }
+      // 本地客户端：选文件夹上传（仅本地模式；数据只到 localhost、不出本机）
+      if (u.pathname === '/scan-files' && req.method === 'POST') {
+        if (!opts.local) return send(res, 403, 'text/html', errorPage('公网模式不支持上传；请用「公开仓库 URL」。'))
+        if (active >= MAX_CONCURRENT) return send(res, 503, 'text/html', errorPage('服务繁忙，请稍后再试'))
+        return await handleUpload(req, res, locale, () => { active++ }, () => { active-- })
+      }
       if (u.pathname === '/scan') {
         if (active >= MAX_CONCURRENT) {
           return send(res, 503, 'text/html', errorPage('服务繁忙，请稍后再试（并发上限）'))
@@ -99,7 +105,10 @@ async function handleRepo(res: any, repo: string, locale: 'zh' | 'en', inc: () =
     const { report, scan } = runProjectComplianceAudit(DEFAULT_CONFIG, dir)
     send(res, 200, 'text/html', renderHtmlReport(report, scan, locale, { root: v.url }))
   } catch (e: any) {
-    send(res, 502, 'text/html', errorPage('克隆/扫描失败：' + esc(e?.message || String(e)) + '。请确认是可公开访问的仓库。'))
+    const msg = esc(e?.message || String(e))
+    send(res, 502, 'text/html', errorPage(
+      `克隆/扫描失败：${msg}。<br><br>可能原因：仓库过大（克隆超时 60s）、私有仓库、或地址有误。<br>` +
+      `<b>大仓库 / 私有代码请用本地客户端</b>（选文件夹、不上传）：<code>npx shellward web --local</code>，或命令行 <code>npx shellward scan</code>。`))
   } finally {
     dec()
     try { rmSync(dir, { recursive: true, force: true }) } catch { /* ignore */ }
@@ -120,6 +129,52 @@ async function handleLocal(res: any, path: string, locale: 'zh' | 'en', inc: ()
   }
 }
 
+const MAX_UPLOAD_BYTES = 16 * 1024 * 1024 // 16MB JSON 上限
+
+/** 本地上传：客户端把选中的文件夹读成 {path,content}[] 发来，写入临时目录后扫描 */
+async function handleUpload(req: any, res: any, locale: 'zh' | 'en', inc: () => void, dec: () => void) {
+  let body = ''
+  let size = 0
+  let aborted = false
+  await new Promise<void>((resolveBody) => {
+    req.on('data', (c: Buffer) => {
+      size += c.length
+      if (size > MAX_UPLOAD_BYTES) { aborted = true; req.destroy(); resolveBody(); return }
+      body += c.toString('utf8')
+    })
+    req.on('end', () => resolveBody())
+    req.on('error', () => { aborted = true; resolveBody() })
+  })
+  if (aborted) return send(res, 413, 'text/html', errorPage('内容过大或读取失败（上限 16MB）。大项目请用本地 CLI：npx shellward scan'))
+
+  let payload: { root?: string; files?: { path: string; content: string }[] }
+  try { payload = JSON.parse(body) } catch { return send(res, 400, 'text/html', errorPage('上传数据格式错误')) }
+  const files = Array.isArray(payload.files) ? payload.files : []
+  if (files.length === 0) return send(res, 400, 'text/html', errorPage('未选择任何文件'))
+
+  const dir = mkdtempSync(join(tmpdir(), 'sw-up-'))
+  inc()
+  try {
+    for (const f of files) {
+      if (!f || typeof f.path !== 'string' || typeof f.content !== 'string') continue
+      // 路径安全：去掉绝对路径/.. 逃逸，落在临时目录内
+      const rel = normalize(f.path).replace(/^(\.\.(\/|\\|$))+/, '')
+      if (isAbsolute(rel) || rel.includes('..')) continue
+      const dest = join(dir, rel)
+      if (!dest.startsWith(dir)) continue
+      try { mkdirSync(dirname(dest), { recursive: true }); writeFileSync(dest, f.content) } catch { /* skip */ }
+    }
+    const { report, scan } = runProjectComplianceAudit(DEFAULT_CONFIG, dir)
+    const rootName = typeof payload.root === 'string' && payload.root ? payload.root : '(uploaded folder)'
+    send(res, 200, 'text/html', renderHtmlReport(report, scan, locale, { root: rootName }))
+  } catch (e: any) {
+    send(res, 500, 'text/html', errorPage('扫描失败：' + esc(e?.message || String(e))))
+  } finally {
+    dec()
+    try { rmSync(dir, { recursive: true, force: true }) } catch { /* ignore */ }
+  }
+}
+
 /** 浅克隆公开仓库到临时目录（不鉴权、超时、不执行任何仓库代码） */
 function cloneRepo(url: string, dir: string): Promise<void> {
   return new Promise((res, rej) => {
@@ -144,27 +199,69 @@ function send(res: any, code: number, type: string, body: string) {
 }
 
 function formPage(local: boolean): string {
-  const field = local
-    ? `<label>本地项目路径</label>
-       <input name="path" placeholder="/Users/you/your-ai-project" autofocus>
-       <p class="hint">本地模式：代码不上传、不出本机（客户端体验）。</p>`
-    : `<label>公开仓库地址</label>
-       <input name="repo" placeholder="https://github.com/owner/repo" autofocus>
-       <p class="hint">仅支持公开仓库（GitHub / GitLab / Gitee / Bitbucket）。<b>私有/敏感代码请用本地 CLI</b>：<code>npx shellward scan</code>（不上传）。</p>`
+  const urlForm = `
+      <form action="/scan" method="get" onsubmit="var b=this.querySelector('button');b.disabled=true;b.textContent='扫描中…（大仓库需 10–60 秒，请勿重复点击）';">
+        <label>${local ? '② ' : ''}公开仓库地址</label>
+        <input name="repo" placeholder="https://github.com/owner/repo"${local ? '' : ' autofocus'}>
+        <button type="submit">${local ? '体检该仓库 →' : '开始体检 →'}</button>
+        <p class="hint">仅支持公开仓库（GitHub / GitLab / Gitee / Bitbucket）。大仓库可能超时——${local ? '此时改用上方「选择文件夹」更稳。' : '<b>大仓库 / 私有代码请用本地客户端或 CLI</b>：<code>npx shellward web --local</code> / <code>npx shellward scan</code>（不上传）。'}</p>
+      </form>`
+
+  const uploadForm = local ? `
+      <form id="dirform">
+        <label>① 选择本地项目文件夹（推荐）</label>
+        <input type="file" id="dir" webkitdirectory directory multiple>
+        <button id="dbtn" type="submit">开始体检 →</button>
+        <p class="hint">📂 直接选你的项目文件夹，无需敲路径。文件仅发送到<b>本机的本地服务</b>处理，<b>不经过任何外部服务器、不出本机</b>。</p>
+      </form>
+      <div class="or">— 或 —</div>` : ''
+
   return page('ShellWard 合规体检', `
     <div class="hero">
       <div class="logo">🛡️ Shell<span>Ward</span> 合规网关</div>
       <h1>AI 应用合规体检</h1>
-      <p class="sub">${local ? '填本地路径' : '贴公开仓库链接'}，30 秒查出数据出境 / 硬编码密钥 / 个人信息暴露等中国合规红线。</p>
-      <form action="/scan" method="get">
-        ${field}
-        <button type="submit">开始体检 →</button>
-      </form>
+      <p class="sub">${local ? '选项目文件夹或贴公开仓库链接' : '贴公开仓库链接'}，30 秒查出数据出境 / 硬编码密钥 / 个人信息暴露等中国合规红线。</p>
+      ${uploadForm}
+      ${urlForm}
       <p class="foot">网安法 2026 · PIPL · 等保2.0 · 数据出境 · AI标识 ｜ 零依赖 · 开源 ·
         <a href="https://github.com/jnMetaCode/shellward">GitHub ⭐</a></p>
-    </div>`)
+    </div>
+    ${local ? UPLOAD_SCRIPT : ''}`)
 }
 
+// 客户端：读取所选文件夹 → 过滤(跳过 node_modules 等、仅文本/配置、限大小) → POST 到本机服务
+const UPLOAD_SCRIPT = `<script>
+(function(){
+  var SKIP=/(^|\\/)(node_modules|\\.git|dist|build|\\.next|out|vendor|coverage|\\.venv|venv|__pycache__|target|\\.cache)(\\/|$)/;
+  var EXT=/\\.(ts|tsx|js|jsx|mjs|cjs|py|go|rb|java|php|rs|json|yaml|yml|toml|ini|conf|sh|txt|csv)$/i;
+  var ENV=/(^|\\/)\\.env(\\.|$)/; var DEP=/^(package\\.json|requirements\\.txt|pyproject\\.toml|go\\.mod)$/;
+  var form=document.getElementById('dirform'); if(!form) return;
+  form.addEventListener('submit', async function(e){
+    e.preventDefault();
+    var inp=document.getElementById('dir'), btn=document.getElementById('dbtn');
+    if(!inp.files||!inp.files.length){alert('请先选择项目文件夹');return;}
+    btn.disabled=true; btn.textContent='读取中…';
+    var picked=[], total=0, root='';
+    for(var i=0;i<inp.files.length;i++){
+      var f=inp.files[i], rel=f.webkitRelativePath||f.name; if(!root)root=rel.split('/')[0];
+      if(SKIP.test(rel)) continue;
+      var base=rel.split('/').pop();
+      if(!(EXT.test(rel)||ENV.test(rel)||DEP.test(base))) continue;
+      if(f.size>524288) continue;
+      if(picked.length>=3000||total>8388608) break;
+      total+=f.size; picked.push(f);
+    }
+    if(!picked.length){alert('未找到可扫描的源码/配置文件');btn.disabled=false;btn.textContent='开始体检 →';return;}
+    btn.textContent='扫描中… ('+picked.length+' 个文件)';
+    var out=[]; for(var j=0;j<picked.length;j++){ try{ out.push({path:picked[j].webkitRelativePath||picked[j].name, content:await picked[j].text()}); }catch(_){} }
+    try{
+      var resp=await fetch('/scan-files',{method:'POST',headers:{'Content-Type':'application/json'},body:JSON.stringify({root:root,files:out})});
+      var html=await resp.text(); document.open(); document.write(html); document.close();
+    }catch(err){ alert('扫描失败: '+err); btn.disabled=false; btn.textContent='开始体检 →'; }
+  });
+})();
+</script>`
+
 function errorPage(msg: string): string {
   return page('出错了', `<div class="hero"><div class="logo">🛡️ Shell<span>Ward</span></div>
     <h1>⚠️ 无法完成</h1><p class="sub">${esc(msg)}</p>
@@ -189,8 +286,11 @@ input{padding:14px 16px;border:1px solid #cbd5e1;border-radius:10px;font-size:16
 input:focus{outline:none;border-color:#cb0000;box-shadow:0 0 0 3px rgba(203,0,0,.12)}
 .hint{font-size:12.5px;color:#64748b;margin:2px 0 6px}
 .hint code{background:#f1f5f9;padding:1px 6px;border-radius:5px}
+input[type=file]{padding:12px;background:#f8fafc;cursor:pointer}
 button{background:#cb0000;color:#fff;border:0;border-radius:10px;padding:14px;font-size:16px;
 font-weight:700;cursor:pointer;margin-top:4px}button:hover{background:#a80000}
+button:disabled{background:#94a3b8;cursor:default}
+form{margin:0 0 14px}.or{text-align:center;color:#94a3b8;font-size:13px;margin:6px 0 14px}
 .foot{margin:24px 0 0;font-size:12.5px;color:#94a3b8}.foot a,.back{color:#cb0000;text-decoration:none}
 .back{font-weight:600}
 </style></head><body>${body}</body></html>`