plugin-scanner 2.0.1__tar.gz → 2.0.3__tar.gz

{plugin_scanner-2.0.1 → plugin_scanner-2.0.3}/.github/workflows/publish.yml

@@ -20,7 +20,7 @@ permissions:
   id-token: write
 
 concurrency:
-  group: plugin-scanner-publish-${{ github.ref }}
+  group: hol-guard-publish-${{ github.ref }}
   cancel-in-progress: false
 
 jobs:
@@ -70,9 +70,15 @@ jobs:
         run: |
           sed -i "1,/^version = /{s/^version = .*/version = \"$VERSION\"/}" pyproject.toml
           sed -i "1,/^__version__ = /{s/^__version__ = .*/__version__ = \"$VERSION\"/}" src/codex_plugin_scanner/version.py
-      - name: Build primary package (plugin-scanner)
+      - name: Build primary package (hol-guard)
         run: uv run --no-sync python -m build
-      - name: Build legacy compatibility package (codex-plugin-scanner)
+      - name: Build compatibility package (plugin-scanner)
+        run: |
+          cp pyproject.toml pyproject.toml.bak
+          sed -i "1,/^name = /{s/^name = .*/name = \"plugin-scanner\"/}" pyproject.toml
+          uv run --no-sync python -m build
+          mv pyproject.toml.bak pyproject.toml
+      - name: Build compatibility package (codex-plugin-scanner)
         run: |
           cp pyproject.toml pyproject.toml.bak
           sed -i "1,/^name = /{s/^name = .*/name = \"codex-plugin-scanner\"/}" pyproject.toml
@@ -171,6 +177,10 @@ jobs:
           ${LOG}
 
           ### Installation
+          \`\`\`bash
+          uv tool install hol-guard==${VERSION}
+          \`\`\`
+
           \`\`\`bash
           uv tool install plugin-scanner==${VERSION}
           \`\`\`

{plugin_scanner-2.0.1 → plugin_scanner-2.0.3}/PKG-INFO

@@ -1,7 +1,7 @@
 Metadata-Version: 2.4
 Name: plugin-scanner
-Version: 2.0.1
-Summary: Security, operational-security, and publishability scanner for Codex, Claude, Gemini, and OpenCode plugin ecosystems.
+Version: 2.0.3
+Summary: Protect local AI harnesses with HOL Guard and run scanner checks for Codex, Claude, Cursor, Gemini, and OpenCode.
 Project-URL: Homepage, https://github.com/hashgraph-online/ai-plugin-scanner
 Project-URL: Repository, https://github.com/hashgraph-online/ai-plugin-scanner
 Project-URL: Issues, https://github.com/hashgraph-online/ai-plugin-scanner/issues
@@ -33,12 +33,12 @@ Requires-Dist: pytest>=7.0; extra == 'dev'
 Requires-Dist: ruff>=0.4.0; extra == 'dev'
 Description-Content-Type: text/markdown
 
-# HOL Plugin Ecosystem Scanner
+# HOL Guard
 
-[![PyPI Version](https://img.shields.io/pypi/v/plugin-scanner.svg?logo=pypi&logoColor=white&cacheSeconds=300)](https://pypi.org/project/plugin-scanner/)
-[![Legacy Namespace](https://img.shields.io/badge/legacy-codex--plugin--scanner-6b7280?logo=pypi&logoColor=white)](https://pypi.org/project/codex-plugin-scanner/)
-[![Python Versions](https://img.shields.io/pypi/pyversions/plugin-scanner)](https://pypi.org/project/plugin-scanner/)
-[![PyPI Downloads](https://img.shields.io/pypi/dm/plugin-scanner)](https://pypistats.org/packages/plugin-scanner)
+[![PyPI Version](https://img.shields.io/pypi/v/hol-guard.svg?logo=pypi&logoColor=white&cacheSeconds=300)](https://pypi.org/project/hol-guard/)
+[![Legacy Namespace](https://img.shields.io/badge/legacy-plugin--scanner_and_codex--plugin--scanner-6b7280?logo=pypi&logoColor=white)](https://pypi.org/project/plugin-scanner/)
+[![Python Versions](https://img.shields.io/pypi/pyversions/hol-guard)](https://pypi.org/project/hol-guard/)
+[![PyPI Downloads](https://img.shields.io/pypi/dm/hol-guard)](https://pypistats.org/packages/hol-guard)
 [![CI](https://github.com/hashgraph-online/ai-plugin-scanner/actions/workflows/ci.yml/badge.svg)](https://github.com/hashgraph-online/ai-plugin-scanner/actions/workflows/ci.yml)
 [![Publish](https://github.com/hashgraph-online/ai-plugin-scanner/actions/workflows/publish.yml/badge.svg)](https://github.com/hashgraph-online/ai-plugin-scanner/actions/workflows/publish.yml)
 [![Container Image](https://img.shields.io/badge/ghcr-ai--plugin--scanner-2496ED?logo=docker&logoColor=white)](https://github.com/hashgraph-online/ai-plugin-scanner/pkgs/container/ai-plugin-scanner)
@@ -47,15 +47,56 @@ Description-Content-Type: text/markdown
 [![GitHub Stars](https://img.shields.io/github/stars/hashgraph-online/ai-plugin-scanner?style=social)](https://github.com/hashgraph-online/ai-plugin-scanner/stargazers)
 [![Lint: ruff](https://img.shields.io/badge/lint-ruff-D7FF64.svg)](https://github.com/astral-sh/ruff)
 
-| ![Hashgraph Online Logo](https://hol.org/brand/Logo_Whole_Dark.png) | **The default CI gate for AI agent plugin ecosystems**. Lint locally, verify in CI, and ship publish-ready bundles for manifests, skills, MCP, and marketplace metadata across Codex, Claude, Gemini, and OpenCode.<br><br>Use this after scaffolding and before publishing, review, or distribution.<br><br>[PyPI Package (`plugin-scanner`)](https://pypi.org/project/plugin-scanner/)<br>[Legacy Namespace (`codex-plugin-scanner`)](https://pypi.org/project/codex-plugin-scanner/)<br>[HOL Plugin Registry](https://hol.org/registry/plugins)<br>[HOL GitHub Organization](https://github.com/hashgraph-online)<br>[Report an Issue](https://github.com/hashgraph-online/ai-plugin-scanner/issues) |
+| ![Hashgraph Online Logo](https://hol.org/brand/Logo_Whole_Dark.png) | **Protect Codex, Claude Code, Cursor, Gemini, and OpenCode before local tools run.** HOL Guard watches the tools wired into your harness, shows you what changed, and records what you approved or blocked. The scanner commands stay available for teams that also want linting and CI checks for plugin, skill, MCP, and marketplace packages.<br><br>Start with `hol-guard` if you want local protection. Add the scanner commands later if you also publish or review packages in CI.<br><br>[PyPI Package (`hol-guard`)](https://pypi.org/project/hol-guard/)<br>[Legacy Namespace (`plugin-scanner`)](https://pypi.org/project/plugin-scanner/)<br>[Legacy Namespace (`codex-plugin-scanner`)](https://pypi.org/project/codex-plugin-scanner/)<br>[HOL Plugin Registry](https://hol.org/registry/plugins)<br>[HOL GitHub Organization](https://github.com/hashgraph-online)<br>[Report an Issue](https://github.com/hashgraph-online/ai-plugin-scanner/issues) |
 | :--- | :--- |
 
-## Start In 30 Seconds
+## Protect A Harness In 60 Seconds
 
 ```bash
-# Local preflight
-pipx run plugin-scanner lint .
-pipx run plugin-scanner verify .
+# See what Guard found on this machine
+pipx run hol-guard start
+
+# Install Guard in front of Codex
+pipx run hol-guard install codex
+
+# Record the current tool state once
+pipx run hol-guard run codex --dry-run
+
+# Launch through Guard after that
+pipx run hol-guard run codex
+
+# Check what Guard approved or blocked
+pipx run hol-guard receipts
+```
+
+How Guard works:
+
+1. find the harnesses on your machine
+2. install a Guard launcher in front of the one you use
+3. record the current tool state once
+4. let Guard stop and review new or changed tools before launch
+5. check receipts locally
+6. connect sync later only if you want shared history
+
+Start here if you are trying to stay safe inside a harness:
+
+- `hol-guard start` shows the first steps
+- `hol-guard status` shows what Guard is watching now
+- `hol-guard install <harness>` creates the launcher
+- `hol-guard run <harness> --dry-run` records the current state
+- `hol-guard run <harness>` reviews changes before launch
+- `hol-guard diff <harness>` shows what changed
+- `hol-guard receipts` shows local history
+
+See [docs/guard/get-started.md](docs/guard/get-started.md) for the full local flow.
+
+## Use The Scanner In CI
+
+```bash
+# Install the package once, then use the scanner commands in your shell
+pipx install hol-guard
+plugin-scanner lint .
+plugin-scanner verify .
 ```
 
 ```yaml
@@ -70,18 +111,30 @@ pipx run plugin-scanner verify .
 
 If your repository uses a Codex marketplace root like `.agents/plugins/marketplace.json`, keep `plugin_dir: "."`. The scanner will discover local `./plugins/...` entries automatically, scan each local plugin manifest, and skip remote marketplace entries instead of treating the repo root as a single plugin.
 
-## Use After `$plugin-creator`
+## Start With Guard, Add CI Later
 
-`plugin-scanner` is designed as the quality gate between plugin creation and distribution:
+If you use Codex, Claude Code, Cursor, Gemini, or OpenCode every day, start with Guard.
+
+- Guard is the part that protects your local harness before tools run.
+- It helps when a new MCP server appears, when a tool changes after you trusted it, or when you want a receipt for what was approved or blocked.
+
+If you publish plugins, skills, or marketplace packages, add the scanner in CI too.
+
+- The scanner checks manifests, metadata, runtime surfaces, and policy rules before a release or CI gate passes.
+- It is the publishing and repo review side of this package, not the first thing a local Guard user needs to learn.
+
+## Use Scanner After `$plugin-creator`
+
+If you are building and shipping packages, the scanner fits after `$plugin-creator`:
 
 1. Scaffold with `$plugin-creator`.
 2. Run `lint` locally to catch structure, metadata, and security issues early.
 3. Run `verify` in CI to block regressions and enforce quality policy.
 4. Ship or submit with confidence, backed by scanner artifacts and trust signals.
 
-The score remains available as a trust and triage signal, but the primary workflow is **preflight + CI gating + publish readiness**.
+The score stays available as a trust and triage signal, but the day-to-day workflow is simple: check locally, verify in CI, then release.
 
-## Trust Score Provenance
+## How Trust Scoring Works
 
 The scanner now emits explicit trust provenance alongside the quality grade:
 
@@ -111,21 +164,23 @@ pytest -q
 ## Install
 
 ```bash
-pip install plugin-scanner
+pip install hol-guard
 ```
 
 Cisco-backed skill scanning is optional:
 
 ```bash
-pip install "plugin-scanner[cisco]"
+pip install "hol-guard[cisco]"
 ```
 
 The `cisco` extra installs the published `cisco-ai-skill-scanner` package from PyPI so the scanner remains publishable on PyPI and the optional Cisco analysis path works with standard package metadata.
 
-You can also run the scanner without a local install:
+You can also install once and use both Guard and scanner commands:
 
 ```bash
-pipx run plugin-scanner ./my-plugin
+pipx install hol-guard
+hol-guard start
+plugin-scanner ./my-plugin
 ```
 
 Container-first environments can use the published image instead:
@@ -140,8 +195,16 @@ docker run --rm \
 Backward compatibility remains available for teams still pinned to the historical package namespace:
 
 ```bash
+pip install plugin-scanner
 pip install codex-plugin-scanner
-pipx run codex-plugin-scanner verify .
+```
+
+Compatibility command names also stay available:
+
+```bash
+plugin-guard start
+plugin-scanner verify .
+codex-plugin-scanner verify .
 ```
 
 ## Ecosystem Support
@@ -155,11 +218,11 @@ pipx run codex-plugin-scanner verify .
 
 Use `--ecosystem auto` (default) to scan all detected packages in a repository, or select a single ecosystem explicitly.
 
-## What The Scanner Covers
+## What The Scanner Checks
 
 `plugin-scanner` supports a full quality suite:
 
-- `scan` for full-surface security and publishability analysis
+- `scan` for full-surface security and release analysis
 - `lint` for rule-oriented authoring feedback
 - `verify` for runtime and install-surface readiness checks
 - `submit` for artifact-backed submission gating

{plugin_scanner-2.0.1 → plugin_scanner-2.0.3}/README.md

@@ -1,9 +1,9 @@
-# HOL Plugin Ecosystem Scanner
+# HOL Guard
 
-[![PyPI Version](https://img.shields.io/pypi/v/plugin-scanner.svg?logo=pypi&logoColor=white&cacheSeconds=300)](https://pypi.org/project/plugin-scanner/)
-[![Legacy Namespace](https://img.shields.io/badge/legacy-codex--plugin--scanner-6b7280?logo=pypi&logoColor=white)](https://pypi.org/project/codex-plugin-scanner/)
-[![Python Versions](https://img.shields.io/pypi/pyversions/plugin-scanner)](https://pypi.org/project/plugin-scanner/)
-[![PyPI Downloads](https://img.shields.io/pypi/dm/plugin-scanner)](https://pypistats.org/packages/plugin-scanner)
+[![PyPI Version](https://img.shields.io/pypi/v/hol-guard.svg?logo=pypi&logoColor=white&cacheSeconds=300)](https://pypi.org/project/hol-guard/)
+[![Legacy Namespace](https://img.shields.io/badge/legacy-plugin--scanner_and_codex--plugin--scanner-6b7280?logo=pypi&logoColor=white)](https://pypi.org/project/plugin-scanner/)
+[![Python Versions](https://img.shields.io/pypi/pyversions/hol-guard)](https://pypi.org/project/hol-guard/)
+[![PyPI Downloads](https://img.shields.io/pypi/dm/hol-guard)](https://pypistats.org/packages/hol-guard)
 [![CI](https://github.com/hashgraph-online/ai-plugin-scanner/actions/workflows/ci.yml/badge.svg)](https://github.com/hashgraph-online/ai-plugin-scanner/actions/workflows/ci.yml)
 [![Publish](https://github.com/hashgraph-online/ai-plugin-scanner/actions/workflows/publish.yml/badge.svg)](https://github.com/hashgraph-online/ai-plugin-scanner/actions/workflows/publish.yml)
 [![Container Image](https://img.shields.io/badge/ghcr-ai--plugin--scanner-2496ED?logo=docker&logoColor=white)](https://github.com/hashgraph-online/ai-plugin-scanner/pkgs/container/ai-plugin-scanner)
@@ -12,15 +12,56 @@
 [![GitHub Stars](https://img.shields.io/github/stars/hashgraph-online/ai-plugin-scanner?style=social)](https://github.com/hashgraph-online/ai-plugin-scanner/stargazers)
 [![Lint: ruff](https://img.shields.io/badge/lint-ruff-D7FF64.svg)](https://github.com/astral-sh/ruff)
 
-| ![Hashgraph Online Logo](https://hol.org/brand/Logo_Whole_Dark.png) | **The default CI gate for AI agent plugin ecosystems**. Lint locally, verify in CI, and ship publish-ready bundles for manifests, skills, MCP, and marketplace metadata across Codex, Claude, Gemini, and OpenCode.<br><br>Use this after scaffolding and before publishing, review, or distribution.<br><br>[PyPI Package (`plugin-scanner`)](https://pypi.org/project/plugin-scanner/)<br>[Legacy Namespace (`codex-plugin-scanner`)](https://pypi.org/project/codex-plugin-scanner/)<br>[HOL Plugin Registry](https://hol.org/registry/plugins)<br>[HOL GitHub Organization](https://github.com/hashgraph-online)<br>[Report an Issue](https://github.com/hashgraph-online/ai-plugin-scanner/issues) |
+| ![Hashgraph Online Logo](https://hol.org/brand/Logo_Whole_Dark.png) | **Protect Codex, Claude Code, Cursor, Gemini, and OpenCode before local tools run.** HOL Guard watches the tools wired into your harness, shows you what changed, and records what you approved or blocked. The scanner commands stay available for teams that also want linting and CI checks for plugin, skill, MCP, and marketplace packages.<br><br>Start with `hol-guard` if you want local protection. Add the scanner commands later if you also publish or review packages in CI.<br><br>[PyPI Package (`hol-guard`)](https://pypi.org/project/hol-guard/)<br>[Legacy Namespace (`plugin-scanner`)](https://pypi.org/project/plugin-scanner/)<br>[Legacy Namespace (`codex-plugin-scanner`)](https://pypi.org/project/codex-plugin-scanner/)<br>[HOL Plugin Registry](https://hol.org/registry/plugins)<br>[HOL GitHub Organization](https://github.com/hashgraph-online)<br>[Report an Issue](https://github.com/hashgraph-online/ai-plugin-scanner/issues) |
 | :--- | :--- |
 
-## Start In 30 Seconds
+## Protect A Harness In 60 Seconds
 
 ```bash
-# Local preflight
-pipx run plugin-scanner lint .
-pipx run plugin-scanner verify .
+# See what Guard found on this machine
+pipx run hol-guard start
+
+# Install Guard in front of Codex
+pipx run hol-guard install codex
+
+# Record the current tool state once
+pipx run hol-guard run codex --dry-run
+
+# Launch through Guard after that
+pipx run hol-guard run codex
+
+# Check what Guard approved or blocked
+pipx run hol-guard receipts
+```
+
+How Guard works:
+
+1. find the harnesses on your machine
+2. install a Guard launcher in front of the one you use
+3. record the current tool state once
+4. let Guard stop and review new or changed tools before launch
+5. check receipts locally
+6. connect sync later only if you want shared history
+
+Start here if you are trying to stay safe inside a harness:
+
+- `hol-guard start` shows the first steps
+- `hol-guard status` shows what Guard is watching now
+- `hol-guard install <harness>` creates the launcher
+- `hol-guard run <harness> --dry-run` records the current state
+- `hol-guard run <harness>` reviews changes before launch
+- `hol-guard diff <harness>` shows what changed
+- `hol-guard receipts` shows local history
+
+See [docs/guard/get-started.md](docs/guard/get-started.md) for the full local flow.
+
+## Use The Scanner In CI
+
+```bash
+# Install the package once, then use the scanner commands in your shell
+pipx install hol-guard
+plugin-scanner lint .
+plugin-scanner verify .
 ```
 
 ```yaml
@@ -35,18 +76,30 @@ pipx run plugin-scanner verify .
 
 If your repository uses a Codex marketplace root like `.agents/plugins/marketplace.json`, keep `plugin_dir: "."`. The scanner will discover local `./plugins/...` entries automatically, scan each local plugin manifest, and skip remote marketplace entries instead of treating the repo root as a single plugin.
 
-## Use After `$plugin-creator`
+## Start With Guard, Add CI Later
 
-`plugin-scanner` is designed as the quality gate between plugin creation and distribution:
+If you use Codex, Claude Code, Cursor, Gemini, or OpenCode every day, start with Guard.
+
+- Guard is the part that protects your local harness before tools run.
+- It helps when a new MCP server appears, when a tool changes after you trusted it, or when you want a receipt for what was approved or blocked.
+
+If you publish plugins, skills, or marketplace packages, add the scanner in CI too.
+
+- The scanner checks manifests, metadata, runtime surfaces, and policy rules before a release or CI gate passes.
+- It is the publishing and repo review side of this package, not the first thing a local Guard user needs to learn.
+
+## Use Scanner After `$plugin-creator`
+
+If you are building and shipping packages, the scanner fits after `$plugin-creator`:
 
 1. Scaffold with `$plugin-creator`.
 2. Run `lint` locally to catch structure, metadata, and security issues early.
 3. Run `verify` in CI to block regressions and enforce quality policy.
 4. Ship or submit with confidence, backed by scanner artifacts and trust signals.
 
-The score remains available as a trust and triage signal, but the primary workflow is **preflight + CI gating + publish readiness**.
+The score stays available as a trust and triage signal, but the day-to-day workflow is simple: check locally, verify in CI, then release.
 
-## Trust Score Provenance
+## How Trust Scoring Works
 
 The scanner now emits explicit trust provenance alongside the quality grade:
 
@@ -76,21 +129,23 @@ pytest -q
 ## Install
 
 ```bash
-pip install plugin-scanner
+pip install hol-guard
 ```
 
 Cisco-backed skill scanning is optional:
 
 ```bash
-pip install "plugin-scanner[cisco]"
+pip install "hol-guard[cisco]"
 ```
 
 The `cisco` extra installs the published `cisco-ai-skill-scanner` package from PyPI so the scanner remains publishable on PyPI and the optional Cisco analysis path works with standard package metadata.
 
-You can also run the scanner without a local install:
+You can also install once and use both Guard and scanner commands:
 
 ```bash
-pipx run plugin-scanner ./my-plugin
+pipx install hol-guard
+hol-guard start
+plugin-scanner ./my-plugin
 ```
 
 Container-first environments can use the published image instead:
@@ -105,8 +160,16 @@ docker run --rm \
 Backward compatibility remains available for teams still pinned to the historical package namespace:
 
 ```bash
+pip install plugin-scanner
 pip install codex-plugin-scanner
-pipx run codex-plugin-scanner verify .
+```
+
+Compatibility command names also stay available:
+
+```bash
+plugin-guard start
+plugin-scanner verify .
+codex-plugin-scanner verify .
 ```
 
 ## Ecosystem Support
@@ -120,11 +183,11 @@ pipx run codex-plugin-scanner verify .
 
 Use `--ecosystem auto` (default) to scan all detected packages in a repository, or select a single ecosystem explicitly.
 
-## What The Scanner Covers
+## What The Scanner Checks
 
 `plugin-scanner` supports a full quality suite:
 
-- `scan` for full-surface security and publishability analysis
+- `scan` for full-surface security and release analysis
 - `lint` for rule-oriented authoring feedback
 - `verify` for runtime and install-surface readiness checks
 - `submit` for artifact-backed submission gating

{plugin_scanner-2.0.1 → plugin_scanner-2.0.3}/docs/guard/architecture.md

@@ -1,10 +1,11 @@
 # Guard Architecture
 
-Guard lives inside `codex_plugin_scanner` and uses the existing scan engine as its trust and evidence core.
+Guard lives inside `codex_plugin_scanner` and is the local product surface for harness protection. The existing scan engine remains the trust and evidence core, but the user workflow starts with local harness installs and launch interception rather than CI.
 
 The runtime is split into:
 
 - `guard/adapters`: harness discovery for Codex, Claude Code, Cursor, Gemini, and OpenCode
+- `guard/shims`: local launcher shims that route harness launches through Guard
 - `guard/consumer`: orchestration for detection, policy evaluation, and consumer-mode scan output
 - `guard/policy`: local action resolution for allow, review, warn, and block decisions
 - `guard/receipts`: receipt creation for first use and changed-artifact events
@@ -21,4 +22,12 @@ Guard evaluates local artifacts in this order:
 5. Record a receipt and optional diff
 6. Launch the harness only if the effective action is not `block`
 
-Wrapper mode is the default implementation strategy in this phase. Config mutation is limited to the Claude Code hook helper, where Guard can add and remove its own hook entry in workspace-local settings.
+The local product loop is:
+
+1. `hol-guard start` detects supported harnesses and suggests the next step
+2. `hol-guard install <harness>` creates a local launcher shim
+3. `hol-guard run <harness>` evaluates changes before the harness launches
+4. `hol-guard receipts` and `hol-guard status` let users inspect local decisions
+5. `hol-guard login` and `hol-guard sync` stay optional
+
+Wrapper mode is still the core execution strategy in this phase. Config mutation is limited to the Claude Code hook helper, where Guard can add and remove its own hook entry in workspace-local settings.

plugin_scanner-2.0.3/docs/guard/get-started.md

@@ -0,0 +1,82 @@
+# Guard Get Started
+
+Guard ships as the `hol-guard` package and command.
+The scanner commands stay available in the same install for CI and package checks.
+
+Use it when you want to protect a harness before local MCP servers, skills, hooks, or plugin surfaces run.
+
+## The everyday flow
+
+1. See what Guard found:
+
+   ```bash
+   hol-guard start
+   ```
+
+2. Install Guard in front of the harness you use most:
+
+   ```bash
+   hol-guard install codex
+   ```
+
+3. Run one dry pass so Guard records the current state:
+
+   ```bash
+   hol-guard run codex --dry-run
+   ```
+
+4. Launch through Guard after that. Guard will stop and ask if a tool is new or changed:
+
+   ```bash
+   hol-guard run codex
+   ```
+
+5. Review changes when Guard blocks or asks for another look:
+
+   ```bash
+   hol-guard diff codex
+   hol-guard allow codex --scope artifact --artifact-id codex:project:workspace_skill
+   hol-guard deny codex --scope artifact --artifact-id codex:project:workspace_skill
+   ```
+
+6. Check receipts and current status:
+
+   ```bash
+   hol-guard receipts
+   hol-guard status
+   ```
+
+7. Sign in later only if you want shared history:
+
+   ```bash
+   hol-guard login --sync-url <url> --token <token>
+   hol-guard sync
+   ```
+
+## What `install` does
+
+`guard install <harness>` creates a local launcher shim under Guard’s home directory:
+
+- macOS/Linux: `~/.config/.ai-plugin-scanner-guard/bin/guard-<harness>`
+- Windows: `~/.config/.ai-plugin-scanner-guard/bin/guard-<harness>.cmd`
+
+Claude Code also gets Guard hook entries in `.claude/settings.local.json` when you install from a workspace.
+
+## First-party canaries
+
+Use these local repos to prove Guard against real first-party surfaces:
+
+- `hashnet-mcp-js` for a real MCP server harness target
+- `registry-broker-skills` for a real skills registry fixture during scan and trust checks
+
+Suggested local validation:
+
+```bash
+hol-guard detect codex --json
+hol-guard install codex
+hol-guard status
+hol-guard run codex --dry-run
+hol-guard receipts
+```
+
+For a real Codex canary, point `~/.codex/config.toml` or `<workspace>/.codex/config.toml` at a local `hashnet-mcp` command, then repeat the Guard loop above.

{plugin_scanner-2.0.1 → plugin_scanner-2.0.3}/docs/guard/local-vs-cloud.md

@@ -1,6 +1,6 @@
-# Local vs Cloud
+# Works Locally First
 
-Guard is local-first.
+Guard works on your machine before you sign in anywhere.
 
 Local features available without sign-in:
 
@@ -19,4 +19,4 @@ Optional cloud features:
 - billing and entitlements
 - shared team policy
 
-The local runtime does not require any hosted service. `guard login` and `guard sync` exist to layer optional cloud features on top of the local product, not to unlock the core safety workflow.
+The local runtime does not require any hosted service. `hol-guard login` and `hol-guard sync` add optional cloud features later. They do not unlock the core safety workflow.

{plugin_scanner-2.0.1 → plugin_scanner-2.0.3}/docs/guard/testing-matrix.md

@@ -3,20 +3,30 @@
 Automated coverage in this phase includes:
 
 - Guard CLI behavior tests for detect, scan, run, diff, receipts, install, uninstall, login, and sync
+- Guard product-flow tests for `hol-guard start`, `hol-guard status`, and launcher shim creation
 - SQLite persistence through real command execution in temporary homes and workspaces
 - consumer-mode JSON contract generation against scanner fixtures
 - local HTTP sync against a live in-process server instead of mocked transport
 
 Manual verification should include:
 
-- `guard detect codex --json`
-- `guard detect cursor --json`
-- `guard detect gemini --json`
-- `guard detect opencode --json`
-- `guard run codex --dry-run --default-action allow --json`
+- `hol-guard start`
+- `hol-guard status`
+- `hol-guard detect codex --json`
+- `hol-guard detect cursor --json`
+- `hol-guard detect gemini --json`
+- `hol-guard detect opencode --json`
+- `hol-guard install codex`
+- `hol-guard run codex --dry-run --default-action allow --json`
+- `hol-guard receipts`
 - `codex mcp list`
 - `cursor-agent mcp list`
 - `gemini --help`
 - `opencode --help`
 
+First-party canaries for local manual validation:
+
+- a local `hashnet-mcp-js` checkout wired into Codex, Cursor, or Claude Code config
+- a local `registry-broker-skills` checkout for scanner fixtures and trust review
+
 Claude Code smoke tests remain conditional on the local `claude` binary being available.

{plugin_scanner-2.0.1 → plugin_scanner-2.0.3}/pyproject.toml

@@ -4,8 +4,8 @@ build-backend = "hatchling.build"
 
 [project]
 name = "plugin-scanner"
-version = "2.0.1"
-description = "Security, operational-security, and publishability scanner for Codex, Claude, Gemini, and OpenCode plugin ecosystems."
+version = "2.0.3"
+description = "Protect local AI harnesses with HOL Guard and run scanner checks for Codex, Claude, Cursor, Gemini, and OpenCode."
 readme = "README.md"
 license = "Apache-2.0"
 requires-python = ">=3.10"
@@ -49,7 +49,9 @@ publish = [
 ]
 
 [project.scripts]
+hol-guard = "codex_plugin_scanner.cli:main"
 plugin-scanner = "codex_plugin_scanner.cli:main"
+plugin-guard = "codex_plugin_scanner.cli:main"
 codex-plugin-scanner = "codex_plugin_scanner.cli:main"
 plugin-ecosystem-scanner = "codex_plugin_scanner.cli:main"
 
@@ -66,6 +68,15 @@ extend-exclude = ["tests/test-trust-scoring.py", "tests/test-trust-specs.py"]
 [tool.hatch.build.targets.wheel]
 packages = ["src/codex_plugin_scanner"]
 
+[tool.hatch.build]
+exclude = [
+    ".guard-e2e/**",
+    ".guard-e2e-prod/**",
+    ".guard-e2e-prod2/**",
+    ".guard-prod-venv/**",
+    ".guard-prod-venv-fresh/**",
+]
+
 [tool.ruff.lint]
 select = ["E", "F", "W", "I", "N", "UP", "B", "A", "SIM", "RUF"]