vigile-scan 3.0.0 → 3.0.1

package/README.md

@@ -11,7 +11,7 @@
 npx vigile-scan
 ```
 
-That's it. No install, no config. Vigile discovers your MCP server configurations and agent skill files, scans them against 54 detection rules, and gives you a trust score for each one.
+That's it. No install, no config. Vigile discovers your MCP server configurations and agent skill files, scans them against 59 detection rules, and gives you a trust score for each one.
 
 ## What It Detects
 
@@ -25,7 +25,7 @@ That's it. No install, no config. Vigile discovers your MCP server configuration
 | OB-001–004 | Obfuscation | Base64 content, zero-width Unicode, hex-encoded strings, Unicode escapes |
 | EV/AR/CM | Inline Checks | Sensitive env vars, security bypass flags, sensitive directory args, auto-install (npx -y), typosquatting |
 
-### Agent Skill Threats (27 patterns)
+### Agent Skill Threats (32 patterns)
 
 | ID | Category | What It Catches |
 |----|----------|-----------------|
@@ -35,6 +35,7 @@ That's it. No install, no config. Vigile discovers your MCP server configuration
 | SK-030–033 | Safety Bypass | Confirmation bypass, safety feature disable, force flags, root/sudo escalation |
 | SK-040–043 | Persistence Abuse | Startup file modification, memory file tampering, cron jobs, git hook injection |
 | SK-050–053 | Data Exfiltration | Credential harvesting, URL-based exfiltration, filesystem enumeration, env var dumping |
+| SK-060–064 | Location Guard | GPS spoofing, location-aware triggers, geo-targeting attacks, location-based access control bypass |
 
 ## Platforms
 
@@ -160,15 +161,15 @@ When you run `--sentinel`, Vigile intercepts outbound network traffic from your
 - **DNS tunneling** — data exfiltration hidden in DNS queries
 - **Unexpected destinations** — connections to IPs/domains outside the expected set
 
-Sentinel is available on Pro ($29/mo) and Pro+ ($99/mo) plans. Free users can run static scans with no limits.
+Sentinel is available on Pro ($30/mo) and Pro+ ($100/mo) plans. Free users can run static scans with no limits.
 
 ## Pricing
 
 | Tier | Price | Highlights |
 |------|-------|------------|
 | Free | $0/forever | Unlimited CLI scans, 50 API scans/month, registry browsing |
-| Pro | $29/mo | Sentinel monitoring (5 min, 3 servers), 1,000 API scans |
-| Pro+ | $99/mo | Sentinel (30 min, 10 servers), DNS tunneling & C2 detection, alerts |
+| Pro | $30/mo | Sentinel monitoring (5 min, 3 servers), 1,000 API scans |
+| Pro+ | $100/mo | Sentinel (30 min, 10 servers), DNS tunneling & C2 detection, alerts |
 
 ## Links
 

package/dist/index.js

@@ -31,7 +31,7 @@ var require_package = __commonJS({
   "package.json"(exports2, module2) {
     module2.exports = {
       name: "vigile-scan",
-      version: "3.0.0",
+      version: "3.0.1",
       description: "Security scanner for AI agent tools \u2014 detect tool poisoning, permission abuse, and supply chain attacks in MCP servers and agent skills",
       main: "dist/index.js",
       bin: {
@@ -52,7 +52,10 @@ var require_package = __commonJS({
         test: "vitest run",
         "test:watch": "vitest",
         "test:coverage": "vitest run --coverage",
-        prepublishOnly: "npm run build"
+        "audit:check": "npm audit --omit=dev --audit-level=moderate",
+        "audit:all": "npm audit --audit-level=moderate",
+        preversion: "npm run build && npm test && npm run audit:check",
+        prepublishOnly: "npm run build && npm test && npm run audit:check"
       },
       keywords: [
         "mcp",
@@ -94,9 +97,12 @@ var require_package = __commonJS({
         ora: "^8.1.0"
       },
       devDependencies: {
+        "@eslint/js": "^10.0.1",
         "@types/node": "^20.11.0",
+        eslint: "^10.0.3",
         tsup: "^8.0.0",
         typescript: "^5.4.0",
+        "typescript-eslint": "^8.56.1",
         vitest: "^2.0.0"
       }
     };
@@ -720,6 +726,7 @@ var OBFUSCATION_PATTERNS = [
     category: "obfuscation",
     severity: "high",
     title: "Zero-width characters detected",
+    // eslint-disable-next-line no-misleading-character-class -- intentional: detecting zero-width unicode
     pattern: /[\u200B\u200C\u200D\uFEFF\u2060\u2061\u2062\u2063\u2064]/,
     description: "Tool description contains invisible zero-width Unicode characters that may hide content.",
     recommendation: "Strip zero-width characters and inspect the resulting text."
@@ -1073,6 +1080,7 @@ var INSTRUCTION_INJECTION_PATTERNS = [
     category: "instruction-injection",
     severity: "medium",
     title: "Invisible unicode directives",
+    // eslint-disable-next-line no-misleading-character-class -- intentional: detecting invisible unicode clusters
     pattern: /[\u200B\u200C\u200D\uFEFF\u2060-\u2064\u00AD]{3,}/,
     description: "Skill file contains clusters of invisible Unicode characters that may hide instructions from visual review.",
     recommendation: "Strip invisible characters and inspect the resulting content."
@@ -1399,7 +1407,7 @@ function analyzeStructure(skill) {
   let codeMatch;
   while ((codeMatch = codeBlockPattern.exec(content)) !== null) {
     const codeBlock = codeMatch[1];
-    if (/rm\s+-rf\s+[\/~]|rm\s+-rf\s+\$\{?HOME/.test(codeBlock)) {
+    if (/rm\s+-rf\s+[/~]|rm\s+-rf\s+\$\{?HOME/.test(codeBlock)) {
       findings.push({
         id: "SK-061",
         category: "permission-abuse",
@@ -3681,6 +3689,7 @@ var SECRET_PATTERNS = [
     provider: "cryptographic",
     severity: "critical",
     pattern: /-----BEGIN PGP PRIVATE KEY BLOCK-----/,
+    // nosemgrep: detected-pgp-private-key-block — this is a detection pattern, not an actual key
     description: "PGP/GPG private key embedded in source.",
     recommendation: "Remove and revoke the key at your keyserver."
   },
@@ -5213,7 +5222,7 @@ async function runScan(options) {
     if (options.output) {
       await (0, import_promises5.writeFile)(options.output, jsonOutput);
     } else {
-      await new Promise((resolve, reject) => {
+      await new Promise((resolve, _reject) => {
         const ok = process.stdout.write(jsonOutput + "\n");
         if (ok) resolve();
         else process.stdout.once("drain", resolve);