ship-safe 8.0.0 → 9.0.0

package/cli/agents/orchestrator.js

@@ -234,9 +234,19 @@ export class Orchestrator {
           allFindings = await analyzer.analyze(allFindings, { rootPath: absolutePath, recon });
           const stats = analyzer.getStats();
           if (deepSpinner) {
-            deepSpinner.succeed(chalk.green(
-              `Deep analysis: ${stats.analyzedCount} findings analyzed (${stats.spentCents}c spent)`
-            ));
+            if (stats.multiTier) {
+              const tierNote = stats.tier3Count > 0
+                ? `, ${stats.tier3Count} escalated to Opus`
+                : stats.tier2Count > 0 ? `, ${stats.tier2Count} via Sonnet` : '';
+              const skipNote = stats.skippedCount > 0 ? `, ${stats.skippedCount} triaged away` : '';
+              deepSpinner.succeed(chalk.green(
+                `Deep analysis (Haiku→Sonnet→Opus): ${stats.analyzedCount} analyzed${tierNote}${skipNote} (${stats.spentCents}¢)`
+              ));
+            } else {
+              deepSpinner.succeed(chalk.green(
+                `Deep analysis: ${stats.analyzedCount} findings analyzed (${stats.spentCents}¢)`
+              ));
+            }
           }
         } catch (err) {
           if (deepSpinner) deepSpinner.fail(chalk.yellow(`Deep analysis failed: ${err.message}`));

package/cli/bin/ship-safe.js

@@ -125,6 +125,8 @@ program
   .option('--headers', 'Only copy security headers config')
   .option('--agents', 'Only add security rules to AI agent instruction files (CLAUDE.md, .cursor/rules/, .windsurfrules, copilot-instructions.md)')
   .option('--openclaw', 'Generate a hardened openclaw.json template')
+  .option('--hermes', 'Bootstrap Hermes Agent security config (allowlist, integrity hashes, CI)')
+  .option('--from <url>', 'Fetch a pre-built Hermes config bundle from a setup URL (used with --hermes)')
   .action(initCommand);
 
 // -----------------------------------------------------------------------------
@@ -231,6 +233,8 @@ program
   .option('--include-legal', 'Also run the legal risk scan (DMCA, leaked source, IP disputes)')
   .option('--agentic [iterations]', 'Agentic scan→fix→verify loop (default: 3 iterations, target score: 75)', (v) => v ? parseInt(v) : true)
   .option('--agentic-target <score>', 'Target security score for agentic loop (default: 75)', parseInt)
+  .option('--hermes-only', 'Run only Hermes-relevant agents (llm + supply-chain categories) for fast CI')
+  .option('--fail-below <threshold>', 'Exit 1 if score is below threshold (number or "baseline")')
   .option('-v, --verbose', 'Verbose output')
   .action(auditCommand);
 

package/cli/commands/audit.js

@@ -190,6 +190,15 @@ export async function auditCommand(targetPath = '.', options = {}) {
 
   // ── Phase 2: Agent Scan ───────────────────────────────────────────────────
   const orchestrator = await buildOrchestratorAsync(absolutePath, { quiet: true });
+
+  // --hermes-only: filter to llm + supply-chain category agents only
+  if (options.hermesOnly && orchestrator.agents) {
+    const hermesCategories = new Set(['llm', 'supply-chain']);
+    orchestrator.agents = orchestrator.agents.filter(a =>
+      hermesCategories.has(a.category) || hermesCategories.has(a.constructor?.category)
+    );
+  }
+
   const registeredAgentCount = orchestrator.agents?.length || 15;
   const agentSpinner = machineOutput ? null : ora({ text: chalk.white(`[Phase 2/4] Running ${registeredAgentCount} security agents...`), color: 'cyan' }).start();
   let agentFindings = [];
@@ -567,7 +576,30 @@ export async function auditCommand(targetPath = '.', options = {}) {
     }
   }
 
-  process.exit(scoreResult.score >= 75 ? 0 : 1);
+  // ── Exit code logic ─────────────────────────────────────────────────────
+  let threshold = 75;
+  if (options.failBelow !== undefined) {
+    if (options.failBelow === 'baseline') {
+      // Read baseline score from .ship-safe/hermes-baseline.json
+      const baselinePath = path.join(absolutePath, '.ship-safe', 'hermes-baseline.json');
+      try {
+        const baseline = JSON.parse(fs.readFileSync(baselinePath, 'utf-8'));
+        threshold = baseline.score || 0;
+        if (!machineOutput) {
+          console.log(chalk.gray(`  Baseline threshold: ${threshold}/100 (from ${baselinePath})`));
+        }
+      } catch {
+        if (!machineOutput) {
+          console.log(chalk.yellow(`  Warning: could not read baseline — using score 0 as threshold`));
+        }
+        threshold = 0;
+      }
+    } else {
+      threshold = parseInt(options.failBelow, 10) || 75;
+    }
+  }
+
+  process.exit(scoreResult.score >= threshold ? 0 : 1);
 }
 
 /**

package/cli/commands/init.js

@@ -55,6 +55,11 @@ export async function initCommand(options = {}) {
     return handleOpenClawInit(targetDir, options.force, results);
   }
 
+  // Handle --hermes --from <url>
+  if (options.hermes) {
+    return handleHermesInit(targetDir, options);
+  }
+
   const hasSpecificFlag = options.gitignore || options.headers || options.agents;
   const copyGitignore = hasSpecificFlag ? !!options.gitignore : true;
   const copyHeaders   = hasSpecificFlag ? !!options.headers   : true;
@@ -301,6 +306,105 @@ async function handleAgentFiles(targetDir, force, results) {
   }
 }
 
+// =============================================================================
+// HERMES AGENT INIT
+// =============================================================================
+
+async function handleHermesInit(targetDir, options) {
+  const fromUrl = options.from;
+
+  if (!fromUrl) {
+    console.error(chalk.red('\nError: --hermes requires --from <setup-url>'));
+    console.error(chalk.gray('  Generate a setup URL at: https://shipsafecli.com/app/deploy'));
+    console.error(chalk.gray('  Then run: npx ship-safe init --hermes --from <url>\n'));
+    process.exit(1);
+  }
+
+  // Validate the URL is from a trusted origin
+  let parsed;
+  try {
+    parsed = new URL(fromUrl);
+  } catch {
+    console.error(chalk.red('\nError: Invalid URL: ' + fromUrl + '\n'));
+    process.exit(1);
+  }
+
+  const TRUSTED_HOSTS = ['shipsafecli.com', 'www.shipsafecli.com', 'localhost', '127.0.0.1'];
+  if (!TRUSTED_HOSTS.includes(parsed.hostname)) {
+    console.error(chalk.red('\nError: Setup URL must be from shipsafecli.com (got: ' + parsed.hostname + ')'));
+    console.error(chalk.gray('  Only URLs generated by the Ship Safe webapp are trusted.\n'));
+    process.exit(1);
+  }
+
+  console.log();
+  output.header('Hermes Agent Security Setup');
+  console.log();
+  console.log(chalk.gray('Fetching config from:'), chalk.cyan(fromUrl));
+  console.log();
+
+  // Fetch the config bundle
+  let data;
+  try {
+    const { default: fetch } = await import('node-fetch').catch(() => ({ default: globalThis.fetch }));
+    const res = await fetch(fromUrl, { headers: { 'Accept': 'application/json' } });
+    if (!res.ok) {
+      const body = await res.json().catch(() => ({}));
+      throw new Error(body.error ?? `HTTP ${res.status}`);
+    }
+    data = await res.json();
+  } catch (err) {
+    console.error(chalk.red('\nFailed to fetch setup config: ' + err.message + '\n'));
+    process.exit(1);
+  }
+
+  if (!data.files || !Array.isArray(data.files) || data.files.length === 0) {
+    console.error(chalk.red('\nInvalid config bundle — no files returned.\n'));
+    process.exit(1);
+  }
+
+  // Write each file
+  const written = [];
+  const skipped = [];
+
+  for (const { path: filePath, content } of data.files) {
+    // Sanitize path — no traversal
+    const normalized = path.normalize(filePath).replace(/^(\.\.(\/|\\|$))+/, '');
+    const absPath = path.join(targetDir, normalized);
+
+    if (fs.existsSync(absPath) && !options.force) {
+      skipped.push(normalized);
+      continue;
+    }
+
+    const dir = path.dirname(absPath);
+    if (!fs.existsSync(dir)) {
+      fs.mkdirSync(dir, { recursive: true });
+    }
+    fs.writeFileSync(absPath, content, 'utf-8');
+    written.push(normalized);
+  }
+
+  // Print results
+  console.log(chalk.green.bold('Files written:'));
+  for (const f of written) {
+    console.log(chalk.green(`  ✔ ${f}`));
+  }
+  if (skipped.length > 0) {
+    console.log();
+    console.log(chalk.yellow.bold('Skipped (already exist — use -f to overwrite):'));
+    for (const f of skipped) {
+      console.log(chalk.yellow(`  → ${f}`));
+    }
+  }
+
+  console.log();
+  console.log(chalk.cyan.bold('Next steps:'));
+  console.log(chalk.white('  1.') + ' Populate your baseline:    ' + chalk.cyan('npx ship-safe audit .'));
+  console.log(chalk.white('  2.') + ' Auto-fix findings:         ' + chalk.cyan('npx ship-safe audit . --agentic 3 --agentic-target 80'));
+  console.log(chalk.white('  3.') + ' Commit everything and push — CI runs on every PR.');
+  console.log();
+}
+
 // =============================================================================
 // OPENCLAW HARDENED CONFIG
 // =============================================================================

package/cli/commands/mcp.js

@@ -24,6 +24,9 @@
  *   scan_secrets    - Scan a directory for leaked secrets
  *   get_checklist   - Return the launch-day security checklist
  *   analyze_file    - Analyze a single file for security issues
+ *   scan_repo       - Run a full multi-agent security scan on a repo
+ *   get_findings    - Read findings from a saved ship-safe report file
+ *   suppress_finding - Add a ship-safe-ignore comment to suppress a finding
  *
  * PROTOCOL:
  *   JSON-RPC 2.0 over stdio (MCP spec: https://modelcontextprotocol.io)
@@ -34,6 +37,10 @@ import path from 'path';
 import fg from 'fast-glob';
 import { SECRET_PATTERNS, SKIP_DIRS, SKIP_EXTENSIONS, SKIP_FILENAMES, TEST_FILE_PATTERNS, MAX_FILE_SIZE } from '../utils/patterns.js';
 import { isHighEntropyMatch } from '../utils/entropy.js';
+import { buildOrchestrator } from '../agents/index.js';
+import { ScoringEngine } from '../agents/scoring-engine.js';
+import { autoDetectProvider } from '../providers/llm-provider.js';
+import { DeepAnalyzer } from '../agents/deep-analyzer.js';
 
 // =============================================================================
 // MCP TOOL DEFINITIONS
@@ -80,6 +87,74 @@ const TOOLS = [
       required: ['path'],
     },
   },
+  {
+    name: 'scan_repo',
+    description: 'Run a full multi-agent security scan on a repository or directory. Runs all 20+ ship-safe security agents (injection, auth bypass, secrets, supply chain, LLM security, etc.) and returns a structured findings report with severity ratings and remediation advice. Use this when the user asks to audit, scan, or check the security of their project.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        path: {
+          type: 'string',
+          description: 'The directory path to scan. Use "." for current directory.',
+        },
+        agents: {
+          type: 'array',
+          items: { type: 'string' },
+          description: 'Specific agent names to run (optional). Omit to run all agents.',
+        },
+        llm: {
+          type: 'boolean',
+          description: 'Enable LLM-powered deep analysis for critical/high findings (default: false). Requires ANTHROPIC_API_KEY or similar env var.',
+        },
+        outputFile: {
+          type: 'string',
+          description: 'Optional path to save the JSON report for later retrieval with get_findings.',
+        },
+      },
+      required: ['path'],
+    },
+  },
+  {
+    name: 'get_findings',
+    description: 'Read and return findings from a ship-safe JSON report file previously saved by scan_repo or the ship-safe CLI (npx ship-safe audit --json). Useful for reviewing or referencing a prior scan without re-running it.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        reportPath: {
+          type: 'string',
+          description: 'Path to the ship-safe JSON report file (e.g. ship-safe-report.json).',
+        },
+        severity: {
+          type: 'string',
+          enum: ['critical', 'high', 'medium', 'low'],
+          description: 'Filter findings by minimum severity (optional).',
+        },
+      },
+      required: ['reportPath'],
+    },
+  },
+  {
+    name: 'suppress_finding',
+    description: 'Add a ship-safe-ignore comment to a specific line in a file to suppress a false-positive security finding. The comment tells ship-safe\'s scanner to skip that line in future scans. Always explain why the suppression is safe.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        file: {
+          type: 'string',
+          description: 'Path to the file containing the false-positive finding.',
+        },
+        line: {
+          type: 'number',
+          description: 'Line number of the finding to suppress (1-indexed).',
+        },
+        reason: {
+          type: 'string',
+          description: 'Brief explanation of why this finding is a false positive (appended to the ignore comment).',
+        },
+      },
+      required: ['file', 'line', 'reason'],
+    },
+  },
 ];
 
 // =============================================================================
@@ -163,6 +238,192 @@ async function analyzeFile({ path: filePath }) {
   };
 }
 
+async function scanRepo({ path: targetPath, agents: agentFilter, llm = false, outputFile }) {
+  const rootPath = path.resolve(targetPath);
+
+  if (!fs.existsSync(rootPath)) {
+    return { error: `Path does not exist: ${rootPath}` };
+  }
+
+  // MCP communicates over stdout as JSON-RPC. Suppress all console output during
+  // the scan so spinner text and log lines don't pollute the transport stream.
+  const noop = () => {};
+  const savedLog   = console.log;
+  const savedWarn  = console.warn;
+  const savedError = console.error;
+  const savedInfo  = console.info;
+  console.log = console.warn = console.error = console.info = noop;
+
+  try {
+    const orchestrator = buildOrchestrator();
+    const context = { rootPath };
+
+    // Run all agents (quiet:true suppresses ora spinners; console is already nulled)
+    const { findings, recon } = await orchestrator.runAll(rootPath, {
+      agents: agentFilter,
+      timeout: 30000,
+      concurrency: 6,
+      quiet: true,
+    });
+
+    // Optional: LLM deep analysis
+    let deepStats = null;
+    if (llm) {
+      const provider = autoDetectProvider(rootPath, {});
+      if (provider) {
+        const analyzer = new DeepAnalyzer({ provider, budgetCents: 50, verbose: false });
+        await analyzer.analyze(findings, { rootPath, recon });
+        deepStats = analyzer.getStats();
+      }
+    }
+
+    // Score
+    const scorer = new ScoringEngine();
+    const { score, grade } = scorer.score(findings);
+
+    const SEV_ORDER = ['critical', 'high', 'medium', 'low'];
+    const bySeverity = {};
+    for (const sev of SEV_ORDER) {
+      bySeverity[sev] = findings.filter(f => f.severity === sev).length;
+    }
+
+    const report = {
+      scannedAt: new Date().toISOString(),
+      rootPath,
+      score,
+      grade,
+      totalFindings: findings.length,
+      bySeverity,
+      findings: findings.map(f => ({
+        title:         f.title,
+        severity:      f.severity,
+        category:      f.category,
+        rule:          f.rule,
+        file:          f.file ? path.relative(rootPath, f.file) : null,
+        line:          f.line,
+        description:   f.description,
+        remediation:   f.remediation,
+        confidence:    f.confidence,
+        ...(f.deepAnalysis ? { deepAnalysis: f.deepAnalysis } : {}),
+      })),
+      ...(deepStats ? { deepAnalysis: deepStats } : {}),
+      summary: `Score: ${score}/100 (${grade}) — ${findings.length} finding(s): ${bySeverity.critical} critical, ${bySeverity.high} high, ${bySeverity.medium} medium, ${bySeverity.low} low.`,
+    };
+
+    if (outputFile) {
+      const outPath = path.resolve(outputFile);
+      fs.writeFileSync(outPath, JSON.stringify(report, null, 2), 'utf-8');
+      report.savedTo = outPath;
+    }
+
+    return report;
+  } catch (err) {
+    return { error: `Scan failed: ${err.message}` };
+  } finally {
+    // Always restore console so other tool calls are not affected
+    console.log   = savedLog;
+    console.warn  = savedWarn;
+    console.error = savedError;
+    console.info  = savedInfo;
+  }
+}
+
+function getFindings({ reportPath, severity }) {
+  const absPath = path.resolve(reportPath);
+
+  if (!fs.existsSync(absPath)) {
+    return { error: `Report file not found: ${absPath}` };
+  }
+
+  let report;
+  try {
+    report = JSON.parse(fs.readFileSync(absPath, 'utf-8'));
+  } catch (err) {
+    return { error: `Failed to parse report: ${err.message}` };
+  }
+
+  const findings = report.findings ?? [];
+  const SEV_RANK = { critical: 4, high: 3, medium: 2, low: 1 };
+  const filtered = severity
+    ? findings.filter(f => (SEV_RANK[f.severity] ?? 0) >= (SEV_RANK[severity] ?? 0))
+    : findings;
+
+  return {
+    reportPath:    absPath,
+    scannedAt:     report.scannedAt,
+    score:         report.score,
+    grade:         report.grade,
+    totalFindings: filtered.length,
+    bySeverity:    report.bySeverity,
+    findings:      filtered,
+    summary:       report.summary,
+    ...(severity ? { filter: `severity >= ${severity}` } : {}),
+  };
+}
+
+function suppressFinding({ file, line, reason }) {
+  const absPath = path.resolve(file);
+
+  if (!fs.existsSync(absPath)) {
+    return { error: `File not found: ${absPath}` };
+  }
+
+  let content;
+  try {
+    content = fs.readFileSync(absPath, 'utf-8');
+  } catch (err) {
+    return { error: `Cannot read file: ${err.message}` };
+  }
+
+  const lines = content.split('\n');
+  const lineIdx = line - 1; // Convert to 0-indexed
+
+  if (lineIdx < 0 || lineIdx >= lines.length) {
+    return { error: `Line ${line} is out of range (file has ${lines.length} lines)` };
+  }
+
+  const targetLine = lines[lineIdx];
+
+  // Already suppressed?
+  if (/ship-safe-ignore/i.test(targetLine)) {
+    return { alreadySuppressed: true, file: absPath, line, message: 'Line already has a ship-safe-ignore comment.' };
+  }
+
+  // Detect indentation and comment style
+  const indent = targetLine.match(/^(\s*)/)?.[1] ?? '';
+  const isJs   = /\.(js|ts|jsx|tsx|mjs|cjs|java|c|cpp|cs|go|rs|swift|kt)$/.test(file);
+  const isPy   = /\.py$/.test(file);
+  const isRb   = /\.rb$/.test(file);
+  const isHtml = /\.(html?|vue|svelte)$/.test(file);
+
+  let ignoreComment;
+  if (isHtml) {
+    ignoreComment = `${indent}<!-- ship-safe-ignore — ${reason} -->`;
+  } else if (isPy || isRb) {
+    ignoreComment = `${indent}# ship-safe-ignore — ${reason}`;
+  } else {
+    ignoreComment = `${indent}// ship-safe-ignore — ${reason}`;
+  }
+
+  // Insert ignore comment on the line BEFORE the finding
+  lines.splice(lineIdx, 0, ignoreComment);
+
+  try {
+    fs.writeFileSync(absPath, lines.join('\n'), 'utf-8');
+  } catch (err) {
+    return { error: `Cannot write file: ${err.message}` };
+  }
+
+  return {
+    suppressed:    true,
+    file:          absPath,
+    originalLine:  line,
+    insertedLine:  line, // The ignore comment is now on this line, original moved to line+1
+    comment:       ignoreComment,
+    message:       `Added ship-safe-ignore comment before line ${line} in ${path.basename(file)}.`,
+  };
+}
+
 // =============================================================================
 // SCAN UTILITIES (shared with scan command)
 // =============================================================================
@@ -283,6 +544,15 @@ async function handleRequest(request) {
           case 'analyze_file':
             result = await analyzeFile(args);
             break;
+          case 'scan_repo':
+            result = await scanRepo(args);
+            break;
+          case 'get_findings':
+            result = getFindings(args);
+            break;
+          case 'suppress_finding':
+            result = suppressFinding(args);
+            break;
           default:
             return respondError(-32601, `Unknown tool: ${name}`);
         }