npm - ship-safe - Versions diffs - 6.1.1 → 6.3.0 - Mend

ship-safe 6.1.1 → 6.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (49) hide show

package/README.md +748 -641
package/cli/agents/api-fuzzer.js +345 -345
package/cli/agents/auth-bypass-agent.js +348 -348
package/cli/agents/base-agent.js +272 -272
package/cli/agents/cicd-scanner.js +236 -201
package/cli/agents/config-auditor.js +521 -521
package/cli/agents/deep-analyzer.js +6 -2
package/cli/agents/git-history-scanner.js +170 -170
package/cli/agents/html-reporter.js +568 -568
package/cli/agents/index.js +85 -84
package/cli/agents/injection-tester.js +500 -500
package/cli/agents/legal-risk-agent.js +302 -0
package/cli/agents/llm-redteam.js +251 -251
package/cli/agents/mobile-scanner.js +231 -231
package/cli/agents/orchestrator.js +322 -322
package/cli/agents/pii-compliance-agent.js +301 -301
package/cli/agents/scoring-engine.js +248 -248
package/cli/agents/supabase-rls-agent.js +154 -154
package/cli/agents/supply-chain-agent.js +650 -507
package/cli/bin/ship-safe.js +464 -426
package/cli/commands/agent.js +608 -608
package/cli/commands/audit.js +1006 -980
package/cli/commands/baseline.js +193 -193
package/cli/commands/ci.js +342 -342
package/cli/commands/deps.js +516 -516
package/cli/commands/doctor.js +159 -159
package/cli/commands/fix.js +218 -218
package/cli/commands/hooks.js +268 -0
package/cli/commands/init.js +407 -407
package/cli/commands/legal.js +158 -0
package/cli/commands/mcp.js +304 -304
package/cli/commands/red-team.js +7 -1
package/cli/commands/remediate.js +798 -798
package/cli/commands/rotate.js +571 -571
package/cli/commands/scan.js +569 -569
package/cli/commands/score.js +449 -449
package/cli/commands/watch.js +281 -281
package/cli/hooks/patterns.js +313 -0
package/cli/hooks/post-tool-use.js +140 -0
package/cli/hooks/pre-tool-use.js +186 -0
package/cli/index.js +73 -69
package/cli/providers/llm-provider.js +397 -287
package/cli/utils/autofix-rules.js +74 -74
package/cli/utils/cache-manager.js +311 -311
package/cli/utils/output.js +230 -230
package/cli/utils/patterns.js +1121 -1121
package/cli/utils/pdf-generator.js +94 -94
package/package.json +69 -69
package/configs/supabase/rls-templates.sql +0 -242

package/cli/commands/agent.js CHANGED Viewed

@@ -1,608 +1,608 @@
-/**
- * Agent Command
- * =============
- *
- * AI-powered autonomous security audit.
- * Scans for secrets AND code vulnerabilities, classifies findings with Claude,
- * remediates confirmed secrets, and provides specific fix suggestions for
- * confirmed code vulnerabilities.
- *
- * USAGE:
- *   npx ship-safe agent [path]           Full AI-powered audit
- *   npx ship-safe agent . --dry-run      Preview without writing files
- *   npx ship-safe agent . --model sonnet Use a more capable model
- *
- * REQUIRES:
- *   ANTHROPIC_API_KEY in your environment or .env file.
- *   Falls back to pattern-only remediation if no key is found.
- *
- * FLOW:
- *   scan (secrets + vulns)
- *     → classify secrets (REAL/FP) → remediate confirmed secrets
- *     → classify vulns (REAL/FP + fix suggestion) → print fix table
- *     → re-scan to verify secrets clean
- */
-import fs from 'fs';
-import path from 'path';
-import fg from 'fast-glob';
-import chalk from 'chalk';
-import ora from 'ora';
-import {
-  SECRET_PATTERNS,
-  SECURITY_PATTERNS,
-  SKIP_DIRS,
-  SKIP_EXTENSIONS,
-  SKIP_FILENAMES,
-  TEST_FILE_PATTERNS,
-  MAX_FILE_SIZE
-} from '../utils/patterns.js';
-import { isHighEntropyMatch, getConfidence } from '../utils/entropy.js';
-import { remediateCommand } from './remediate.js';
-import * as output from '../utils/output.js';
-const DEFAULT_MODEL = 'claude-haiku-4-5-20251001';
-const ANTHROPIC_API_URL = 'https://api.anthropic.com/v1/messages';
-// =============================================================================
-// MAIN COMMAND
-// =============================================================================
-export async function agentCommand(targetPath = '.', options = {}) {
-  const absolutePath = path.resolve(targetPath);
-  if (!fs.existsSync(absolutePath)) {
-    output.error(`Path does not exist: ${absolutePath}`);
-    process.exit(1);
-  }
-  const model = options.model || DEFAULT_MODEL;
-  console.log();
-  output.header('Ship Safe — AI Security Agent');
-  console.log();
-  // ── 1. Load API key ────────────────────────────────────────────────────────
-  const apiKey = loadApiKey(absolutePath);
-  // ── 2. Scan (secrets + vulnerabilities) ────────────────────────────────────
-  const scanSpinner = ora({ text: 'Scanning for secrets and vulnerabilities...', color: 'cyan' }).start();
-  const allResults = await scanProject(absolutePath);
-  // Separate findings by category
-  const secretResults = [];
-  const vulnResults = [];
-  for (const { file, findings } of allResults) {
-    const secrets = findings.filter(f => f.category !== 'vulnerability');
-    const vulns = findings.filter(f => f.category === 'vulnerability');
-    if (secrets.length > 0) secretResults.push({ file, findings: secrets });
-    if (vulns.length > 0) vulnResults.push({ file, findings: vulns });
-  }
-  const secretCount = secretResults.reduce((n, r) => n + r.findings.length, 0);
-  const vulnCount = vulnResults.reduce((n, r) => n + r.findings.length, 0);
-  scanSpinner.stop();
-  // ── 3. Nothing found ───────────────────────────────────────────────────────
-  if (secretCount === 0 && vulnCount === 0) {
-    output.success('No secrets or vulnerabilities detected — your project is clean!');
-    console.log();
-    return;
-  }
-  if (secretCount > 0) {
-    console.log(chalk.red(`\n  Found ${secretCount} potential secret(s) in ${secretResults.length} file(s)`));
-  }
-  if (vulnCount > 0) {
-    console.log(chalk.yellow(`  Found ${vulnCount} code vulnerability/vulnerabilities in ${vulnResults.length} file(s)`));
-  }
-  console.log();
-  // ── 4. Fallback: no API key ────────────────────────────────────────────────
-  if (!apiKey) {
-    console.log(chalk.yellow('  ⚠  No ANTHROPIC_API_KEY found.')); // ship-safe-ignore — env var name in user-facing message, no key value
-    console.log(chalk.gray('     Set it in your environment or .env to enable AI classification.'));
-    if (secretCount > 0) {
-      console.log(chalk.gray('     Falling back to pattern-based remediation for secrets...\n'));
-      await remediateCommand(targetPath, { yes: true, dryRun: options.dryRun });
-    }
-    if (vulnCount > 0) {
-      console.log(chalk.gray('\n     Code vulnerabilities require manual review.'));
-      console.log(chalk.gray('     Run: ') + chalk.cyan('npx ship-safe scan .') + chalk.gray(' to see details.'));
-    }
-    return;
-  }
-  // ── 5. Classify secrets ────────────────────────────────────────────────────
-  if (secretCount > 0) {
-    const classifySpinner = ora({ text: `Classifying ${secretCount} secret(s) with ${model}...`, color: 'cyan' }).start();
-    let classifiedSecrets;
-    try {
-      classifiedSecrets = await classifyWithClaude(secretResults, absolutePath, apiKey, model);
-    } catch (err) {
-      classifySpinner.stop();
-      console.log(chalk.yellow(`  ⚠  Claude secret classification failed: ${err.message}`));
-      console.log(chalk.gray('     Treating all findings as real secrets (safe fallback).\n'));
-      classifiedSecrets = secretResults.map(({ file, findings }) => ({
-        file,
-        findings: findings.map(f => ({ ...f, classification: 'REAL', reason: 'Classification unavailable' }))
-      }));
-    }
-    classifySpinner.stop();
-    // ── 6. Print secret classification table ──────────────────────────────
-    printClassificationTable(classifiedSecrets, absolutePath);
-    const realSecretCount = classifiedSecrets.reduce(
-      (n, { findings }) => n + findings.filter(f => f.classification === 'REAL').length, 0
-    );
-    const fpCount = secretCount - realSecretCount;
-    console.log();
-    if (realSecretCount === 0) {
-      output.success(`Claude classified all ${secretCount} secret finding(s) as false positives — nothing to fix!`);
-      if (fpCount > 0) {
-        console.log(chalk.gray('  Tip: Add # ship-safe-ignore on those lines to suppress future warnings.'));
-      }
-    } else {
-      console.log(chalk.cyan(`  ${realSecretCount} confirmed secret(s) to remediate.${fpCount > 0 ? chalk.gray(` ${fpCount} false positive(s) skipped.`) : ''}`));
-      console.log();
-      // ── 7. Remediate confirmed secrets ──────────────────────────────────
-      if (options.dryRun) {
-        console.log(chalk.cyan('  Dry run — secrets not modified. Remove --dry-run to apply fixes.'));
-      } else {
-        await remediateCommand(targetPath, { yes: true });
-      }
-    }
-  }
-  // ── 8. Classify vulnerabilities ────────────────────────────────────────────
-  if (vulnCount > 0) {
-    console.log();
-    const vulnSpinner = ora({
-      text: `Analyzing ${vulnCount} vulnerability/vulnerabilities with ${model}...`,
-      color: 'cyan'
-    }).start();
-    let classifiedVulns;
-    try {
-      classifiedVulns = await classifyVulnsWithClaude(vulnResults, absolutePath, apiKey, model);
-    } catch (err) {
-      vulnSpinner.stop();
-      console.log(chalk.yellow(`  ⚠  Claude vulnerability analysis failed: ${err.message}`));
-      console.log(chalk.gray('     Showing raw findings without AI fix suggestions.\n'));
-      classifiedVulns = vulnResults.map(({ file, findings }) => ({
-        file,
-        findings: findings.map(f => ({ ...f, classification: 'REAL', reason: 'Analysis unavailable', fix: null }))
-      }));
-    }
-    vulnSpinner.stop();
-    // ── 9. Print vulnerability fix table ──────────────────────────────────
-    printVulnFixTable(classifiedVulns, absolutePath);
-  }
-  // ── 10. Verify secrets clean ───────────────────────────────────────────────
-  if (secretCount > 0 && !options.dryRun) {
-    console.log();
-    const verifySpinner = ora({ text: 'Re-scanning to verify secrets removed...', color: 'cyan' }).start();
-    const verifyResults = await scanProject(absolutePath);
-    const remainingSecrets = verifyResults.reduce(
-      (n, r) => n + r.findings.filter(f => f.category !== 'vulnerability').length, 0
-    );
-    verifySpinner.stop();
-    if (remainingSecrets === 0) {
-      output.success('Secrets verified clean — 0 remain in your codebase!');
-    } else {
-      output.warning(`${remainingSecrets} secret(s) still remain. Review them manually or run npx ship-safe scan .`);
-    }
-  }
-  // ── 11. Next steps ─────────────────────────────────────────────────────────
-  console.log();
-  console.log(chalk.yellow.bold('  Next steps:'));
-  let step = 1;
-  if (secretCount > 0) {
-    console.log(chalk.white(`  ${step++}.`) + chalk.gray(' Rotate any exposed keys:   ') + chalk.cyan('npx ship-safe rotate'));
-    console.log(chalk.white(`  ${step++}.`) + chalk.gray(' Commit the fixes:          ') + chalk.cyan('git add . && git commit -m "fix: remove hardcoded secrets"'));
-    console.log(chalk.white(`  ${step++}.`) + chalk.gray(' Fill in .env with fresh values from your providers'));
-  }
-  if (vulnCount > 0) {
-    console.log(chalk.white(`  ${step++}.`) + chalk.gray(' Apply the code fixes shown above, then re-run: ') + chalk.cyan('npx ship-safe agent .'));
-  }
-  console.log();
-}
-// =============================================================================
-// API KEY LOADING
-// =============================================================================
-/**
- * Load ANTHROPIC_API_KEY from environment or .env file.
- * Returns the key string or null if not found.
- */
-function loadApiKey(rootPath) {
-  if (process.env.ANTHROPIC_API_KEY) { // ship-safe-ignore — reading env var at runtime, no hardcoded key value
-    return process.env.ANTHROPIC_API_KEY; // ship-safe-ignore — returning env var value, not a hardcoded secret
-  }
-  const envPath = path.join(rootPath, '.env');
-  if (fs.existsSync(envPath)) {
-    try {
-      const lines = fs.readFileSync(envPath, 'utf-8').split('\n');
-      for (const line of lines) {
-        const trimmed = line.trim();
-        if (trimmed.startsWith('#') || !trimmed.includes('=')) continue;
-        const eqIdx = trimmed.indexOf('=');
-        const key = trimmed.slice(0, eqIdx).trim();
-        if (key === 'ANTHROPIC_API_KEY') { // ship-safe-ignore — parsing .env file to read user's own API key from their project
-          const val = trimmed.slice(eqIdx + 1).trim().replace(/^["']|["']$/g, '');
-          if (val) return val;
-        }
-      }
-    } catch {
-      // ignore read errors
-    }
-  }
-  return null;
-}
-// =============================================================================
-// PROJECT SCANNING (secrets + vulnerabilities)
-// =============================================================================
-async function scanProject(rootPath) {
-  const globIgnore = Array.from(SKIP_DIRS).map(dir => `**/${dir}/**`);
-  const allFiles = await fg('**/*', {
-    cwd: rootPath,
-    absolute: true,
-    onlyFiles: true,
-    ignore: globIgnore,
-    dot: true
-  });
-  const files = allFiles.filter(file => {
-    const ext = path.extname(file).toLowerCase();
-    if (SKIP_EXTENSIONS.has(ext)) return false;
-    if (SKIP_FILENAMES.has(path.basename(file))) return false;
-    const basename = path.basename(file);
-    if (basename.endsWith('.min.js') || basename.endsWith('.min.css')) return false;
-    if (TEST_FILE_PATTERNS.some(p => p.test(file))) return false;
-    try {
-      const stats = fs.statSync(file);
-      if (stats.size > MAX_FILE_SIZE) return false;
-    } catch {
-      return false;
-    }
-    return true;
-  });
-  const results = [];
-  for (const file of files) {
-    const findings = scanFile(file);
-    if (findings.length > 0) {
-      results.push({ file, findings });
-    }
-  }
-  return results;
-}
-function scanFile(filePath) {
-  const findings = [];
-  try {
-    const content = fs.readFileSync(filePath, 'utf-8');
-    const lines = content.split('\n');
-    for (let lineNum = 0; lineNum < lines.length; lineNum++) {
-      const line = lines[lineNum];
-      if (/ship-safe-ignore/i.test(line)) continue;
-      for (const pattern of [...SECRET_PATTERNS, ...SECURITY_PATTERNS]) {
-        pattern.pattern.lastIndex = 0;
-        let match;
-        while ((match = pattern.pattern.exec(line)) !== null) {
-          if (pattern.requiresEntropyCheck && !isHighEntropyMatch(match[0])) continue;
-          findings.push({
-            line: lineNum + 1,
-            column: match.index + 1,
-            matched: match[0],
-            patternName: pattern.name,
-            severity: pattern.severity,
-            confidence: getConfidence(pattern, match[0]),
-            description: pattern.description,
-            category: pattern.category || 'secret'
-          });
-        }
-      }
-    }
-  } catch {
-    // Skip unreadable files
-  }
-  // Deduplicate by (line, matched)
-  const seen = new Set();
-  return findings.filter(f => {
-    const key = `${f.line}:${f.matched}`;
-    if (seen.has(key)) return false;
-    seen.add(key);
-    return true;
-  });
-}
-// =============================================================================
-// CLAUDE CLASSIFICATION — SECRETS
-// =============================================================================
-async function classifyWithClaude(scanResults, rootPath, apiKey, model) {
-  const items = [];
-  for (const { file, findings } of scanResults) {
-    let lines = [];
-    try {
-      lines = fs.readFileSync(file, 'utf-8').split('\n');
-    } catch {
-      // include without context
-    }
-    for (const finding of findings) {
-      const startLine = Math.max(0, finding.line - 3);
-      const endLine = Math.min(lines.length - 1, finding.line + 1);
-      const context = lines.slice(startLine, endLine + 1).join('\n');
-      // Truncate matched value — don't send real secrets to the API
-      const matchedPrefix = finding.matched.length > 12
-        ? finding.matched.slice(0, 12) + '...'
-        : finding.matched;
-      items.push({
-        id: `${path.relative(rootPath, file)}:${finding.line}`,
-        file: path.relative(rootPath, file),
-        line: finding.line,
-        patternName: finding.patternName,
-        severity: finding.severity,
-        matchedPrefix,
-        codeContext: context
-      });
-    }
-  }
-  const prompt = `You are a security expert reviewing potential secret leaks in source code.
-For each finding below, classify it as REAL or FALSE_POSITIVE:
-- REAL: a genuine hardcoded secret, credential, or API key that should be moved to environment variables
-- FALSE_POSITIVE: a placeholder, example value, test fixture, documentation sample, or non-sensitive identifier
-Respond with a JSON array ONLY — no markdown, no explanation, just the JSON:
-[{"id":"<id>","classification":"REAL"|"FALSE_POSITIVE","reason":"<brief one-line reason>"}]
-Findings to classify:
-${JSON.stringify(items, null, 2)}`;
-  const response = await fetch(ANTHROPIC_API_URL, {
-    method: 'POST',
-    headers: {
-      'x-api-key': apiKey,
-      'anthropic-version': '2023-06-01',
-      'content-type': 'application/json',
-    },
-    body: JSON.stringify({
-      model,
-      max_tokens: 2048,
-      messages: [{ role: 'user', content: prompt }]
-    })
-  });
-  if (!response.ok) {
-    const body = await response.text();
-    throw new Error(`Anthropic API error ${response.status}: ${body.slice(0, 200)}`);
-  }
-  const data = await response.json();
-  const text = data.content?.[0]?.text || '[]';
-  const jsonText = text.replace(/^```(?:json)?\s*/i, '').replace(/\s*```\s*$/i, '').trim();
-  let classifications;
-  try {
-    classifications = JSON.parse(jsonText);
-  } catch {
-    throw new Error('Claude returned non-JSON response');
-  }
-  return scanResults.map(({ file, findings }) => ({
-    file,
-    findings: findings.map(f => {
-      const id = `${path.relative(rootPath, file)}:${f.line}`;
-      const cl = classifications.find(c => c.id === id);
-      return {
-        ...f,
-        classification: cl?.classification ?? 'REAL',
-        reason: cl?.reason ?? ''
-      };
-    })
-  }));
-}
-// =============================================================================
-// CLAUDE CLASSIFICATION — VULNERABILITIES
-// =============================================================================
-/**
- * Send vulnerability findings to Claude for classification + specific fix suggestions.
- * Unlike secrets, code context is NOT masked — the pattern itself is the finding.
- */
-async function classifyVulnsWithClaude(vulnResults, rootPath, apiKey, model) {
-  const items = [];
-  for (const { file, findings } of vulnResults) {
-    let lines = [];
-    try {
-      lines = fs.readFileSync(file, 'utf-8').split('\n');
-    } catch {
-      // include without context
-    }
-    for (const finding of findings) {
-      const startLine = Math.max(0, finding.line - 3);
-      const endLine = Math.min(lines.length - 1, finding.line + 1);
-      const context = lines.slice(startLine, endLine + 1).join('\n');
-      items.push({
-        id: `${path.relative(rootPath, file)}:${finding.line}`,
-        file: path.relative(rootPath, file),
-        line: finding.line,
-        type: finding.patternName,
-        severity: finding.severity,
-        codeContext: context  // Not masked — it's a code pattern, not a secret
-      });
-    }
-  }
-  const prompt = `You are a security expert reviewing code vulnerabilities.
-For each finding below, classify it and provide a specific fix if it's a real issue.
-- REAL: genuinely exploitable as written (user-controlled input reaches a dangerous sink)
-- FALSE_POSITIVE: safe in this context (static/hardcoded input, internal tool, test code, build script)
-For REAL findings: provide a concise, specific 1-line code fix showing what to change.
-For FALSE_POSITIVE: briefly explain why it's safe.
-Respond with a JSON array ONLY — no markdown, no explanation:
-[{"id":"<id>","classification":"REAL"|"FALSE_POSITIVE","reason":"<brief reason>","fix":"<specific fix code, or null>"}]
-Vulnerabilities to analyze:
-${JSON.stringify(items, null, 2)}`;
-  const response = await fetch(ANTHROPIC_API_URL, {
-    method: 'POST',
-    headers: {
-      'x-api-key': apiKey,
-      'anthropic-version': '2023-06-01',
-      'content-type': 'application/json',
-    },
-    body: JSON.stringify({
-      model,
-      max_tokens: 4096,
-      messages: [{ role: 'user', content: prompt }]
-    })
-  });
-  if (!response.ok) {
-    const body = await response.text();
-    throw new Error(`Anthropic API error ${response.status}: ${body.slice(0, 200)}`);
-  }
-  const data = await response.json();
-  const text = data.content?.[0]?.text || '[]';
-  const jsonText = text.replace(/^```(?:json)?\s*/i, '').replace(/\s*```\s*$/i, '').trim();
-  let classifications;
-  try {
-    classifications = JSON.parse(jsonText);
-  } catch {
-    throw new Error('Claude returned non-JSON response');
-  }
-  return vulnResults.map(({ file, findings }) => ({
-    file,
-    findings: findings.map(f => {
-      const id = `${path.relative(rootPath, file)}:${f.line}`;
-      const cl = classifications.find(c => c.id === id);
-      return {
-        ...f,
-        classification: cl?.classification ?? 'REAL',
-        reason: cl?.reason ?? '',
-        fix: cl?.fix ?? null
-      };
-    })
-  }));
-}
-// =============================================================================
-// OUTPUT
-// =============================================================================
-function printClassificationTable(classified, rootPath) {
-  const SEVERITY_COLOR = {
-    critical: chalk.red.bold,
-    high: chalk.yellow,
-    medium: chalk.blue
-  };
-  console.log(chalk.cyan('  Secret Classification'));
-  console.log(chalk.cyan('  ' + '─'.repeat(58)));
-  console.log();
-  for (const { file, findings } of classified) {
-    const relPath = path.relative(rootPath, file);
-    for (const f of findings) {
-      const isReal = f.classification === 'REAL';
-      const icon = isReal ? chalk.red('✗') : chalk.gray('~');
-      const label = isReal ? chalk.red('REAL') : chalk.gray('SKIP');
-      const sevColor = SEVERITY_COLOR[f.severity] || chalk.white;
-      const matchedShort = f.matched.length > 16 ? f.matched.slice(0, 16) + '…' : f.matched;
-      console.log(
-        `  ${icon}  ${label.padEnd(8)} ${chalk.white(`${relPath}:${f.line}`).padEnd(40)}  ` +
-        `${sevColor(f.patternName.padEnd(24))}  ` +
-        chalk.gray(matchedShort)
-      );
-      if (f.reason) {
-        console.log(chalk.gray(`            → ${f.reason}`));
-      }
-    }
-  }
-}
-function printVulnFixTable(classifiedVulns, rootPath) {
-  const SEVERITY_COLOR = {
-    critical: chalk.red.bold,
-    high: chalk.yellow,
-    medium: chalk.blue
-  };
-  const totalCount = classifiedVulns.reduce((n, { findings }) => n + findings.length, 0);
-  const realCount = classifiedVulns.reduce(
-    (n, { findings }) => n + findings.filter(f => f.classification === 'REAL').length, 0
-  );
-  const fpCount = totalCount - realCount;
-  console.log(chalk.yellow('  Code Vulnerability Analysis'));
-  console.log(chalk.yellow('  ' + '─'.repeat(58)));
-  console.log();
-  for (const { file, findings } of classifiedVulns) {
-    const relPath = path.relative(rootPath, file);
-    for (const f of findings) {
-      const isReal = f.classification === 'REAL';
-      const icon = isReal ? chalk.red('✗') : chalk.gray('~');
-      const label = isReal ? chalk.red('REAL') : chalk.gray('SKIP');
-      const sevColor = SEVERITY_COLOR[f.severity] || chalk.white;
-      const snippet = f.matched.length > 55 ? f.matched.slice(0, 55) + '…' : f.matched;
-      console.log(
-        `  ${icon}  ${label.padEnd(8)} ${chalk.white(`${relPath}:${f.line}`).padEnd(38)}  ` +
-        sevColor(`[${f.severity.toUpperCase()}]`)
-      );
-      console.log(chalk.gray(`            ${f.patternName}`));
-      console.log(chalk.gray('     Code:   ') + chalk.cyan(snippet));
-      if (f.reason) {
-        console.log(chalk.gray(`     Reason: ${f.reason}`));
-      }
-      if (isReal && f.fix) {
-        console.log(chalk.gray('     Fix:    ') + chalk.green(f.fix));
-      }
-      console.log();
-    }
-  }
-  if (realCount === 0) {
-    output.success(`Claude classified all ${totalCount} vulnerability/vulnerabilities as false positives!`);
-    console.log(chalk.gray('  Tip: Add # ship-safe-ignore on those lines to suppress future warnings.'));
-  } else {
-    console.log(chalk.yellow(`  ${realCount} real vulnerability/vulnerabilities require manual fixes.${fpCount > 0 ? chalk.gray(` ${fpCount} false positive(s) skipped.`) : ''}`));
-  }
-}
+/**
+ * Agent Command
+ * =============
+ *
+ * AI-powered autonomous security audit.
+ * Scans for secrets AND code vulnerabilities, classifies findings with Claude,
+ * remediates confirmed secrets, and provides specific fix suggestions for
+ * confirmed code vulnerabilities.
+ *
+ * USAGE:
+ *   npx ship-safe agent [path]           Full AI-powered audit
+ *   npx ship-safe agent . --dry-run      Preview without writing files
+ *   npx ship-safe agent . --model sonnet Use a more capable model
+ *
+ * REQUIRES:
+ *   ANTHROPIC_API_KEY in your environment or .env file.
+ *   Falls back to pattern-only remediation if no key is found.
+ *
+ * FLOW:
+ *   scan (secrets + vulns)
+ *     → classify secrets (REAL/FP) → remediate confirmed secrets
+ *     → classify vulns (REAL/FP + fix suggestion) → print fix table
+ *     → re-scan to verify secrets clean
+ */
+import fs from 'fs';
+import path from 'path';
+import fg from 'fast-glob';
+import chalk from 'chalk';
+import ora from 'ora';
+import {
+  SECRET_PATTERNS,
+  SECURITY_PATTERNS,
+  SKIP_DIRS,
+  SKIP_EXTENSIONS,
+  SKIP_FILENAMES,
+  TEST_FILE_PATTERNS,
+  MAX_FILE_SIZE
+} from '../utils/patterns.js';
+import { isHighEntropyMatch, getConfidence } from '../utils/entropy.js';
+import { remediateCommand } from './remediate.js';
+import * as output from '../utils/output.js';
+const DEFAULT_MODEL = 'claude-haiku-4-5-20251001';
+const ANTHROPIC_API_URL = 'https://api.anthropic.com/v1/messages';
+// =============================================================================
+// MAIN COMMAND
+// =============================================================================
+export async function agentCommand(targetPath = '.', options = {}) {
+  const absolutePath = path.resolve(targetPath);
+  if (!fs.existsSync(absolutePath)) {
+    output.error(`Path does not exist: ${absolutePath}`);
+    process.exit(1);
+  }
+  const model = options.model || DEFAULT_MODEL;
+  console.log();
+  output.header('Ship Safe — AI Security Agent');
+  console.log();
+  // ── 1. Load API key ────────────────────────────────────────────────────────
+  const apiKey = loadApiKey(absolutePath);
+  // ── 2. Scan (secrets + vulnerabilities) ────────────────────────────────────
+  const scanSpinner = ora({ text: 'Scanning for secrets and vulnerabilities...', color: 'cyan' }).start();
+  const allResults = await scanProject(absolutePath);
+  // Separate findings by category
+  const secretResults = [];
+  const vulnResults = [];
+  for (const { file, findings } of allResults) {
+    const secrets = findings.filter(f => f.category !== 'vulnerability');
+    const vulns = findings.filter(f => f.category === 'vulnerability');
+    if (secrets.length > 0) secretResults.push({ file, findings: secrets });
+    if (vulns.length > 0) vulnResults.push({ file, findings: vulns });
+  }
+  const secretCount = secretResults.reduce((n, r) => n + r.findings.length, 0);
+  const vulnCount = vulnResults.reduce((n, r) => n + r.findings.length, 0);
+  scanSpinner.stop();
+  // ── 3. Nothing found ───────────────────────────────────────────────────────
+  if (secretCount === 0 && vulnCount === 0) {
+    output.success('No secrets or vulnerabilities detected — your project is clean!');
+    console.log();
+    return;
+  }
+  if (secretCount > 0) {
+    console.log(chalk.red(`\n  Found ${secretCount} potential secret(s) in ${secretResults.length} file(s)`));
+  }
+  if (vulnCount > 0) {
+    console.log(chalk.yellow(`  Found ${vulnCount} code vulnerability/vulnerabilities in ${vulnResults.length} file(s)`));
+  }
+  console.log();
+  // ── 4. Fallback: no API key ────────────────────────────────────────────────
+  if (!apiKey) {
+    console.log(chalk.yellow('  ⚠  No ANTHROPIC_API_KEY found.')); // ship-safe-ignore — env var name in user-facing message, no key value
+    console.log(chalk.gray('     Set it in your environment or .env to enable AI classification.'));
+    if (secretCount > 0) {
+      console.log(chalk.gray('     Falling back to pattern-based remediation for secrets...\n'));
+      await remediateCommand(targetPath, { yes: true, dryRun: options.dryRun });
+    }
+    if (vulnCount > 0) {
+      console.log(chalk.gray('\n     Code vulnerabilities require manual review.'));
+      console.log(chalk.gray('     Run: ') + chalk.cyan('npx ship-safe scan .') + chalk.gray(' to see details.'));
+    }
+    return;
+  }
+  // ── 5. Classify secrets ────────────────────────────────────────────────────
+  if (secretCount > 0) {
+    const classifySpinner = ora({ text: `Classifying ${secretCount} secret(s) with ${model}...`, color: 'cyan' }).start();
+    let classifiedSecrets;
+    try {
+      classifiedSecrets = await classifyWithClaude(secretResults, absolutePath, apiKey, model);
+    } catch (err) {
+      classifySpinner.stop();
+      console.log(chalk.yellow(`  ⚠  Claude secret classification failed: ${err.message}`));
+      console.log(chalk.gray('     Treating all findings as real secrets (safe fallback).\n'));
+      classifiedSecrets = secretResults.map(({ file, findings }) => ({
+        file,
+        findings: findings.map(f => ({ ...f, classification: 'REAL', reason: 'Classification unavailable' }))
+      }));
+    }
+    classifySpinner.stop();
+    // ── 6. Print secret classification table ──────────────────────────────
+    printClassificationTable(classifiedSecrets, absolutePath);
+    const realSecretCount = classifiedSecrets.reduce(
+      (n, { findings }) => n + findings.filter(f => f.classification === 'REAL').length, 0
+    );
+    const fpCount = secretCount - realSecretCount;
+    console.log();
+    if (realSecretCount === 0) {
+      output.success(`Claude classified all ${secretCount} secret finding(s) as false positives — nothing to fix!`);
+      if (fpCount > 0) {
+        console.log(chalk.gray('  Tip: Add # ship-safe-ignore on those lines to suppress future warnings.'));
+      }
+    } else {
+      console.log(chalk.cyan(`  ${realSecretCount} confirmed secret(s) to remediate.${fpCount > 0 ? chalk.gray(` ${fpCount} false positive(s) skipped.`) : ''}`));
+      console.log();
+      // ── 7. Remediate confirmed secrets ──────────────────────────────────
+      if (options.dryRun) {
+        console.log(chalk.cyan('  Dry run — secrets not modified. Remove --dry-run to apply fixes.'));
+      } else {
+        await remediateCommand(targetPath, { yes: true });
+      }
+    }
+  }
+  // ── 8. Classify vulnerabilities ────────────────────────────────────────────
+  if (vulnCount > 0) {
+    console.log();
+    const vulnSpinner = ora({
+      text: `Analyzing ${vulnCount} vulnerability/vulnerabilities with ${model}...`,
+      color: 'cyan'
+    }).start();
+    let classifiedVulns;
+    try {
+      classifiedVulns = await classifyVulnsWithClaude(vulnResults, absolutePath, apiKey, model);
+    } catch (err) {
+      vulnSpinner.stop();
+      console.log(chalk.yellow(`  ⚠  Claude vulnerability analysis failed: ${err.message}`));
+      console.log(chalk.gray('     Showing raw findings without AI fix suggestions.\n'));
+      classifiedVulns = vulnResults.map(({ file, findings }) => ({
+        file,
+        findings: findings.map(f => ({ ...f, classification: 'REAL', reason: 'Analysis unavailable', fix: null }))
+      }));
+    }
+    vulnSpinner.stop();
+    // ── 9. Print vulnerability fix table ──────────────────────────────────
+    printVulnFixTable(classifiedVulns, absolutePath);
+  }
+  // ── 10. Verify secrets clean ───────────────────────────────────────────────
+  if (secretCount > 0 && !options.dryRun) {
+    console.log();
+    const verifySpinner = ora({ text: 'Re-scanning to verify secrets removed...', color: 'cyan' }).start();
+    const verifyResults = await scanProject(absolutePath);
+    const remainingSecrets = verifyResults.reduce(
+      (n, r) => n + r.findings.filter(f => f.category !== 'vulnerability').length, 0
+    );
+    verifySpinner.stop();
+    if (remainingSecrets === 0) {
+      output.success('Secrets verified clean — 0 remain in your codebase!');
+    } else {
+      output.warning(`${remainingSecrets} secret(s) still remain. Review them manually or run npx ship-safe scan .`);
+    }
+  }
+  // ── 11. Next steps ─────────────────────────────────────────────────────────
+  console.log();
+  console.log(chalk.yellow.bold('  Next steps:'));
+  let step = 1;
+  if (secretCount > 0) {
+    console.log(chalk.white(`  ${step++}.`) + chalk.gray(' Rotate any exposed keys:   ') + chalk.cyan('npx ship-safe rotate'));
+    console.log(chalk.white(`  ${step++}.`) + chalk.gray(' Commit the fixes:          ') + chalk.cyan('git add . && git commit -m "fix: remove hardcoded secrets"'));
+    console.log(chalk.white(`  ${step++}.`) + chalk.gray(' Fill in .env with fresh values from your providers'));
+  }
+  if (vulnCount > 0) {
+    console.log(chalk.white(`  ${step++}.`) + chalk.gray(' Apply the code fixes shown above, then re-run: ') + chalk.cyan('npx ship-safe agent .'));
+  }
+  console.log();
+}
+// =============================================================================
+// API KEY LOADING
+// =============================================================================
+/**
+ * Load ANTHROPIC_API_KEY from environment or .env file.
+ * Returns the key string or null if not found.
+ */
+function loadApiKey(rootPath) {
+  if (process.env.ANTHROPIC_API_KEY) { // ship-safe-ignore — reading env var at runtime, no hardcoded key value
+    return process.env.ANTHROPIC_API_KEY; // ship-safe-ignore — returning env var value, not a hardcoded secret
+  }
+  const envPath = path.join(rootPath, '.env');
+  if (fs.existsSync(envPath)) {
+    try {
+      const lines = fs.readFileSync(envPath, 'utf-8').split('\n');
+      for (const line of lines) {
+        const trimmed = line.trim();
+        if (trimmed.startsWith('#') || !trimmed.includes('=')) continue;
+        const eqIdx = trimmed.indexOf('=');
+        const key = trimmed.slice(0, eqIdx).trim();
+        if (key === 'ANTHROPIC_API_KEY') { // ship-safe-ignore — parsing .env file to read user's own API key from their project
+          const val = trimmed.slice(eqIdx + 1).trim().replace(/^["']|["']$/g, '');
+          if (val) return val;
+        }
+      }
+    } catch {
+      // ignore read errors
+    }
+  }
+  return null;
+}
+// =============================================================================
+// PROJECT SCANNING (secrets + vulnerabilities)
+// =============================================================================
+async function scanProject(rootPath) {
+  const globIgnore = Array.from(SKIP_DIRS).map(dir => `**/${dir}/**`);
+  const allFiles = await fg('**/*', {
+    cwd: rootPath,
+    absolute: true,
+    onlyFiles: true,
+    ignore: globIgnore,
+    dot: true
+  });
+  const files = allFiles.filter(file => {
+    const ext = path.extname(file).toLowerCase();
+    if (SKIP_EXTENSIONS.has(ext)) return false;
+    if (SKIP_FILENAMES.has(path.basename(file))) return false;
+    const basename = path.basename(file);
+    if (basename.endsWith('.min.js') || basename.endsWith('.min.css')) return false;
+    if (TEST_FILE_PATTERNS.some(p => p.test(file))) return false;
+    try {
+      const stats = fs.statSync(file);
+      if (stats.size > MAX_FILE_SIZE) return false;
+    } catch {
+      return false;
+    }
+    return true;
+  });
+  const results = [];
+  for (const file of files) {
+    const findings = scanFile(file);
+    if (findings.length > 0) {
+      results.push({ file, findings });
+    }
+  }
+  return results;
+}
+function scanFile(filePath) {
+  const findings = [];
+  try {
+    const content = fs.readFileSync(filePath, 'utf-8');
+    const lines = content.split('\n');
+    for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+      const line = lines[lineNum];
+      if (/ship-safe-ignore/i.test(line)) continue;
+      for (const pattern of [...SECRET_PATTERNS, ...SECURITY_PATTERNS]) {
+        pattern.pattern.lastIndex = 0;
+        let match;
+        while ((match = pattern.pattern.exec(line)) !== null) {
+          if (pattern.requiresEntropyCheck && !isHighEntropyMatch(match[0])) continue;
+          findings.push({
+            line: lineNum + 1,
+            column: match.index + 1,
+            matched: match[0],
+            patternName: pattern.name,
+            severity: pattern.severity,
+            confidence: getConfidence(pattern, match[0]),
+            description: pattern.description,
+            category: pattern.category || 'secret'
+          });
+        }
+      }
+    }
+  } catch {
+    // Skip unreadable files
+  }
+  // Deduplicate by (line, matched)
+  const seen = new Set();
+  return findings.filter(f => {
+    const key = `${f.line}:${f.matched}`;
+    if (seen.has(key)) return false;
+    seen.add(key);
+    return true;
+  });
+}
+// =============================================================================
+// CLAUDE CLASSIFICATION — SECRETS
+// =============================================================================
+async function classifyWithClaude(scanResults, rootPath, apiKey, model) {
+  const items = [];
+  for (const { file, findings } of scanResults) {
+    let lines = [];
+    try {
+      lines = fs.readFileSync(file, 'utf-8').split('\n');
+    } catch {
+      // include without context
+    }
+    for (const finding of findings) {
+      const startLine = Math.max(0, finding.line - 3);
+      const endLine = Math.min(lines.length - 1, finding.line + 1);
+      const context = lines.slice(startLine, endLine + 1).join('\n');
+      // Truncate matched value — don't send real secrets to the API
+      const matchedPrefix = finding.matched.length > 12
+        ? finding.matched.slice(0, 12) + '...'
+        : finding.matched;
+      items.push({
+        id: `${path.relative(rootPath, file)}:${finding.line}`,
+        file: path.relative(rootPath, file),
+        line: finding.line,
+        patternName: finding.patternName,
+        severity: finding.severity,
+        matchedPrefix,
+        codeContext: context
+      });
+    }
+  }
+  const prompt = `You are a security expert reviewing potential secret leaks in source code.
+For each finding below, classify it as REAL or FALSE_POSITIVE:
+- REAL: a genuine hardcoded secret, credential, or API key that should be moved to environment variables
+- FALSE_POSITIVE: a placeholder, example value, test fixture, documentation sample, or non-sensitive identifier
+Respond with a JSON array ONLY — no markdown, no explanation, just the JSON:
+[{"id":"<id>","classification":"REAL"|"FALSE_POSITIVE","reason":"<brief one-line reason>"}]
+Findings to classify:
+${JSON.stringify(items, null, 2)}`;
+  const response = await fetch(ANTHROPIC_API_URL, {
+    method: 'POST',
+    headers: {
+      'x-api-key': apiKey,
+      'anthropic-version': '2023-06-01',
+      'content-type': 'application/json',
+    },
+    body: JSON.stringify({
+      model,
+      max_tokens: 2048,
+      messages: [{ role: 'user', content: prompt }]
+    })
+  });
+  if (!response.ok) {
+    const body = await response.text();
+    throw new Error(`Anthropic API error ${response.status}: ${body.slice(0, 200)}`);
+  }
+  const data = await response.json();
+  const text = data.content?.[0]?.text || '[]';
+  const jsonText = text.replace(/^```(?:json)?\s*/i, '').replace(/\s*```\s*$/i, '').trim();
+  let classifications;
+  try {
+    classifications = JSON.parse(jsonText);
+  } catch {
+    throw new Error('Claude returned non-JSON response');
+  }
+  return scanResults.map(({ file, findings }) => ({
+    file,
+    findings: findings.map(f => {
+      const id = `${path.relative(rootPath, file)}:${f.line}`;
+      const cl = classifications.find(c => c.id === id);
+      return {
+        ...f,
+        classification: cl?.classification ?? 'REAL',
+        reason: cl?.reason ?? ''
+      };
+    })
+  }));
+}
+// =============================================================================
+// CLAUDE CLASSIFICATION — VULNERABILITIES
+// =============================================================================
+/**
+ * Send vulnerability findings to Claude for classification + specific fix suggestions.
+ * Unlike secrets, code context is NOT masked — the pattern itself is the finding.
+ */
+async function classifyVulnsWithClaude(vulnResults, rootPath, apiKey, model) {
+  const items = [];
+  for (const { file, findings } of vulnResults) {
+    let lines = [];
+    try {
+      lines = fs.readFileSync(file, 'utf-8').split('\n');
+    } catch {
+      // include without context
+    }
+    for (const finding of findings) {
+      const startLine = Math.max(0, finding.line - 3);
+      const endLine = Math.min(lines.length - 1, finding.line + 1);
+      const context = lines.slice(startLine, endLine + 1).join('\n');
+      items.push({
+        id: `${path.relative(rootPath, file)}:${finding.line}`,
+        file: path.relative(rootPath, file),
+        line: finding.line,
+        type: finding.patternName,
+        severity: finding.severity,
+        codeContext: context  // Not masked — it's a code pattern, not a secret
+      });
+    }
+  }
+  const prompt = `You are a security expert reviewing code vulnerabilities.
+For each finding below, classify it and provide a specific fix if it's a real issue.
+- REAL: genuinely exploitable as written (user-controlled input reaches a dangerous sink)
+- FALSE_POSITIVE: safe in this context (static/hardcoded input, internal tool, test code, build script)
+For REAL findings: provide a concise, specific 1-line code fix showing what to change.
+For FALSE_POSITIVE: briefly explain why it's safe.
+Respond with a JSON array ONLY — no markdown, no explanation:
+[{"id":"<id>","classification":"REAL"|"FALSE_POSITIVE","reason":"<brief reason>","fix":"<specific fix code, or null>"}]
+Vulnerabilities to analyze:
+${JSON.stringify(items, null, 2)}`;
+  const response = await fetch(ANTHROPIC_API_URL, {
+    method: 'POST',
+    headers: {
+      'x-api-key': apiKey,
+      'anthropic-version': '2023-06-01',
+      'content-type': 'application/json',
+    },
+    body: JSON.stringify({
+      model,
+      max_tokens: 4096,
+      messages: [{ role: 'user', content: prompt }]
+    })
+  });
+  if (!response.ok) {
+    const body = await response.text();
+    throw new Error(`Anthropic API error ${response.status}: ${body.slice(0, 200)}`);
+  }
+  const data = await response.json();
+  const text = data.content?.[0]?.text || '[]';
+  const jsonText = text.replace(/^```(?:json)?\s*/i, '').replace(/\s*```\s*$/i, '').trim();
+  let classifications;
+  try {
+    classifications = JSON.parse(jsonText);
+  } catch {
+    throw new Error('Claude returned non-JSON response');
+  }
+  return vulnResults.map(({ file, findings }) => ({
+    file,
+    findings: findings.map(f => {
+      const id = `${path.relative(rootPath, file)}:${f.line}`;
+      const cl = classifications.find(c => c.id === id);
+      return {
+        ...f,
+        classification: cl?.classification ?? 'REAL',
+        reason: cl?.reason ?? '',
+        fix: cl?.fix ?? null
+      };
+    })
+  }));
+}
+// =============================================================================
+// OUTPUT
+// =============================================================================
+function printClassificationTable(classified, rootPath) {
+  const SEVERITY_COLOR = {
+    critical: chalk.red.bold,
+    high: chalk.yellow,
+    medium: chalk.blue
+  };
+  console.log(chalk.cyan('  Secret Classification'));
+  console.log(chalk.cyan('  ' + '─'.repeat(58)));
+  console.log();
+  for (const { file, findings } of classified) {
+    const relPath = path.relative(rootPath, file);
+    for (const f of findings) {
+      const isReal = f.classification === 'REAL';
+      const icon = isReal ? chalk.red('✗') : chalk.gray('~');
+      const label = isReal ? chalk.red('REAL') : chalk.gray('SKIP');
+      const sevColor = SEVERITY_COLOR[f.severity] || chalk.white;
+      const matchedShort = f.matched.length > 16 ? f.matched.slice(0, 16) + '…' : f.matched;
+      console.log(
+        `  ${icon}  ${label.padEnd(8)} ${chalk.white(`${relPath}:${f.line}`).padEnd(40)}  ` +
+        `${sevColor(f.patternName.padEnd(24))}  ` +
+        chalk.gray(matchedShort)
+      );
+      if (f.reason) {
+        console.log(chalk.gray(`            → ${f.reason}`));
+      }
+    }
+  }
+}
+function printVulnFixTable(classifiedVulns, rootPath) {
+  const SEVERITY_COLOR = {
+    critical: chalk.red.bold,
+    high: chalk.yellow,
+    medium: chalk.blue
+  };
+  const totalCount = classifiedVulns.reduce((n, { findings }) => n + findings.length, 0);
+  const realCount = classifiedVulns.reduce(
+    (n, { findings }) => n + findings.filter(f => f.classification === 'REAL').length, 0
+  );
+  const fpCount = totalCount - realCount;
+  console.log(chalk.yellow('  Code Vulnerability Analysis'));
+  console.log(chalk.yellow('  ' + '─'.repeat(58)));
+  console.log();
+  for (const { file, findings } of classifiedVulns) {
+    const relPath = path.relative(rootPath, file);
+    for (const f of findings) {
+      const isReal = f.classification === 'REAL';
+      const icon = isReal ? chalk.red('✗') : chalk.gray('~');
+      const label = isReal ? chalk.red('REAL') : chalk.gray('SKIP');
+      const sevColor = SEVERITY_COLOR[f.severity] || chalk.white;
+      const snippet = f.matched.length > 55 ? f.matched.slice(0, 55) + '…' : f.matched;
+      console.log(
+        `  ${icon}  ${label.padEnd(8)} ${chalk.white(`${relPath}:${f.line}`).padEnd(38)}  ` +
+        sevColor(`[${f.severity.toUpperCase()}]`)
+      );
+      console.log(chalk.gray(`            ${f.patternName}`));
+      console.log(chalk.gray('     Code:   ') + chalk.cyan(snippet));
+      if (f.reason) {
+        console.log(chalk.gray(`     Reason: ${f.reason}`));
+      }
+      if (isReal && f.fix) {
+        console.log(chalk.gray('     Fix:    ') + chalk.green(f.fix));
+      }
+      console.log();
+    }
+  }
+  if (realCount === 0) {
+    output.success(`Claude classified all ${totalCount} vulnerability/vulnerabilities as false positives!`);
+    console.log(chalk.gray('  Tip: Add # ship-safe-ignore on those lines to suppress future warnings.'));
+  } else {
+    console.log(chalk.yellow(`  ${realCount} real vulnerability/vulnerabilities require manual fixes.${fpCount > 0 ? chalk.gray(` ${fpCount} false positive(s) skipped.`) : ''}`));
+  }
+}