plugin-scanner 2.0.69__tar.gz → 2.0.70__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (333) hide show
  1. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/PKG-INFO +1 -1
  2. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/guard-api.ts +12 -0
  3. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/guard-types.ts +4 -0
  4. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/settings-workspace.tsx +223 -8
  5. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/pyproject.toml +1 -1
  6. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/pyproject.toml.bak +1 -1
  7. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/cli/commands.py +252 -77
  8. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/config.py +146 -0
  9. plugin_scanner-2.0.70/src/codex_plugin_scanner/guard/daemon/static/assets/guard-dashboard.js +9 -0
  10. plugin_scanner-2.0.70/src/codex_plugin_scanner/guard/daemon/static/assets/index.css +1 -0
  11. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/runtime/secret_file_requests.py +1 -0
  12. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/version.py +1 -1
  13. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_cli.py +131 -0
  14. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_config_paths.py +80 -0
  15. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_runtime.py +269 -1
  16. plugin_scanner-2.0.69/src/codex_plugin_scanner/guard/daemon/static/assets/guard-dashboard.js +0 -9
  17. plugin_scanner-2.0.69/src/codex_plugin_scanner/guard/daemon/static/assets/index.css +0 -1
  18. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.clusterfuzzlite/Dockerfile +0 -0
  19. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.clusterfuzzlite/build.sh +0 -0
  20. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.clusterfuzzlite/project.yaml +0 -0
  21. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.clusterfuzzlite/requirements-atheris.txt +0 -0
  22. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.dockerignore +0 -0
  23. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.github/CODEOWNERS +0 -0
  24. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.github/ISSUE_TEMPLATE/bug-report.yml +0 -0
  25. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.github/ISSUE_TEMPLATE/config.yml +0 -0
  26. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.github/ISSUE_TEMPLATE/feature-request.yml +0 -0
  27. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.github/dependabot.yml +0 -0
  28. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.github/workflows/ci.yml +0 -0
  29. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.github/workflows/codeql.yml +0 -0
  30. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.github/workflows/dependabot-uv-lock.yml +0 -0
  31. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.github/workflows/fuzz.yml +0 -0
  32. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.github/workflows/harness-smoke.yml +0 -0
  33. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.github/workflows/publish.yml +0 -0
  34. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.github/workflows/scorecard.yml +0 -0
  35. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.gitignore +0 -0
  36. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/.pre-commit-hooks.yaml +0 -0
  37. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/CONTRIBUTING.md +0 -0
  38. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/Dockerfile +0 -0
  39. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/LICENSE +0 -0
  40. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/README.md +0 -0
  41. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/SECURITY.md +0 -0
  42. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/index.html +0 -0
  43. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/package.json +0 -0
  44. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/pnpm-lock.yaml +0 -0
  45. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/public/apple-touch-icon.png +0 -0
  46. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/public/brand/Logo_Icon_Dark.png +0 -0
  47. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/public/brand/Logo_Whole.png +0 -0
  48. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/public/favicon-16x16.png +0 -0
  49. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/public/favicon-32x32.png +0 -0
  50. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/public/favicon.ico +0 -0
  51. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/app.tsx +0 -0
  52. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/approval-center-layout.tsx +0 -0
  53. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/approval-center-primitives.tsx +0 -0
  54. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/approval-center-utils.ts +0 -0
  55. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/fleet-workspace.tsx +0 -0
  56. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/guard-demo.ts +0 -0
  57. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/main.tsx +0 -0
  58. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/receipts-workspace.tsx +0 -0
  59. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/runtime-overview.tsx +0 -0
  60. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/styles.css +0 -0
  61. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/vite-env.d.ts +0 -0
  62. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/tsconfig.json +0 -0
  63. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/vite.config.ts +0 -0
  64. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/docker-requirements.txt +0 -0
  65. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/docs/guard/approval-audit.md +0 -0
  66. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/docs/guard/architecture.md +0 -0
  67. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/docs/guard/get-started.md +0 -0
  68. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/docs/guard/harness-support.md +0 -0
  69. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/docs/guard/local-vs-cloud.md +0 -0
  70. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/docs/guard/testing-matrix.md +0 -0
  71. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/docs/trust/mcp-trust-draft.md +0 -0
  72. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/docs/trust/plugin-trust-draft.md +0 -0
  73. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/docs/trust/skill-trust-local.md +0 -0
  74. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/fuzzers/manifest_fuzzer.py +0 -0
  75. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/requirements.txt +0 -0
  76. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/schemas/plugin-quality.v1.json +0 -0
  77. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/schemas/scan-result.v1.json +0 -0
  78. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/schemas/verify-result.v1.json +0 -0
  79. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/__init__.py +0 -0
  80. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/action_runner.py +0 -0
  81. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/argparse_utils.py +0 -0
  82. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/checks/__init__.py +0 -0
  83. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/checks/best_practices.py +0 -0
  84. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/checks/claude.py +0 -0
  85. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/checks/code_quality.py +0 -0
  86. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/checks/ecosystem_common.py +0 -0
  87. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/checks/gemini.py +0 -0
  88. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/checks/manifest.py +0 -0
  89. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/checks/manifest_support.py +0 -0
  90. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/checks/marketplace.py +0 -0
  91. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/checks/mcp_security.py +0 -0
  92. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/checks/opencode.py +0 -0
  93. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/checks/operational_security.py +0 -0
  94. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/checks/security.py +0 -0
  95. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/checks/skill_security.py +0 -0
  96. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/cli.py +0 -0
  97. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/cli_ui.py +0 -0
  98. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/config.py +0 -0
  99. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/ecosystems/__init__.py +0 -0
  100. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/ecosystems/base.py +0 -0
  101. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/ecosystems/claude.py +0 -0
  102. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/ecosystems/codex.py +0 -0
  103. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/ecosystems/detect.py +0 -0
  104. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/ecosystems/gemini.py +0 -0
  105. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/ecosystems/opencode.py +0 -0
  106. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/ecosystems/registry.py +0 -0
  107. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/ecosystems/types.py +0 -0
  108. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/github_reporting.py +0 -0
  109. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/__init__.py +0 -0
  110. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/adapters/__init__.py +0 -0
  111. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/adapters/antigravity.py +0 -0
  112. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/adapters/base.py +0 -0
  113. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/adapters/claude_code.py +0 -0
  114. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/adapters/codex.py +0 -0
  115. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/adapters/copilot.py +0 -0
  116. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/adapters/cursor.py +0 -0
  117. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/adapters/gemini.py +0 -0
  118. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/adapters/hermes.py +0 -0
  119. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/adapters/mcp_servers.py +0 -0
  120. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/adapters/opencode.py +0 -0
  121. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/adapters/opencode_artifacts.py +0 -0
  122. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/approvals.py +0 -0
  123. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/bridge/__init__.py +0 -0
  124. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/capabilities.py +0 -0
  125. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/cli/__init__.py +0 -0
  126. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/cli/approval_commands.py +0 -0
  127. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/cli/bootstrap.py +0 -0
  128. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/cli/connect_flow.py +0 -0
  129. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/cli/install_commands.py +0 -0
  130. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/cli/product.py +0 -0
  131. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/cli/prompt.py +0 -0
  132. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/cli/render.py +0 -0
  133. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/cli/update_commands.py +0 -0
  134. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/codex_config.py +0 -0
  135. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/consumer/__init__.py +0 -0
  136. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/consumer/service.py +0 -0
  137. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/daemon/__init__.py +0 -0
  138. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/daemon/client.py +0 -0
  139. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/daemon/manager.py +0 -0
  140. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/daemon/server.py +0 -0
  141. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/daemon/static/apple-touch-icon.png +0 -0
  142. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/daemon/static/brand/Logo_Icon_Dark.png +0 -0
  143. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/daemon/static/brand/Logo_Whole.png +0 -0
  144. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/daemon/static/favicon-16x16.png +0 -0
  145. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/daemon/static/favicon-32x32.png +0 -0
  146. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/daemon/static/favicon.ico +0 -0
  147. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/daemon/static/index.html +0 -0
  148. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/edge_events.py +0 -0
  149. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/incident.py +0 -0
  150. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/launcher.py +0 -0
  151. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/mcp_tool_calls.py +0 -0
  152. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/models.py +0 -0
  153. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/policy/__init__.py +0 -0
  154. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/policy/engine.py +0 -0
  155. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/protect.py +0 -0
  156. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/proxy/__init__.py +0 -0
  157. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/proxy/remote.py +0 -0
  158. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/proxy/runtime_mcp.py +0 -0
  159. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/proxy/stdio.py +0 -0
  160. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/receipts/__init__.py +0 -0
  161. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/receipts/manager.py +0 -0
  162. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/risk.py +0 -0
  163. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/runtime/__init__.py +0 -0
  164. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/runtime/runner.py +0 -0
  165. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/runtime/surface_server.py +0 -0
  166. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/schemas/__init__.py +0 -0
  167. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/schemas/consumer_mode.py +0 -0
  168. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/schemas/guard_event_v1.py +0 -0
  169. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/schemas/surface_server.py +0 -0
  170. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/shims.py +0 -0
  171. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/store.py +0 -0
  172. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/store_approvals.py +0 -0
  173. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/store_connect.py +0 -0
  174. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/guard/types.py +0 -0
  175. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/integrations/__init__.py +0 -0
  176. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/integrations/cisco_mcp_scanner.py +0 -0
  177. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/integrations/cisco_skill_scanner.py +0 -0
  178. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/lint_fixes.py +0 -0
  179. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/marketplace_support.py +0 -0
  180. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/models.py +0 -0
  181. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/path_support.py +0 -0
  182. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/policy.py +0 -0
  183. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/quality_artifact.py +0 -0
  184. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/repo_detect.py +0 -0
  185. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/reporting.py +0 -0
  186. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/rules/__init__.py +0 -0
  187. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/rules/registry.py +0 -0
  188. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/rules/specs.py +0 -0
  189. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/scanner.py +0 -0
  190. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/submission.py +0 -0
  191. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/suppressions.py +0 -0
  192. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/trust_domain_scoring.py +0 -0
  193. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/trust_helpers.py +0 -0
  194. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/trust_mcp_scoring.py +0 -0
  195. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/trust_models.py +0 -0
  196. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/trust_plugin_scoring.py +0 -0
  197. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/trust_scoring.py +0 -0
  198. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/trust_skill_scoring.py +0 -0
  199. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/trust_specs.py +0 -0
  200. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/src/codex_plugin_scanner/verification.py +0 -0
  201. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/__init__.py +0 -0
  202. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/conftest.py +0 -0
  203. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/__init__.py +0 -0
  204. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/bad-plugin/.codex-plugin/plugin.json +0 -0
  205. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/bad-plugin/.mcp.json +0 -0
  206. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/bad-plugin/secrets.js +0 -0
  207. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/claude-plugin-good/.claude-plugin/plugin.json +0 -0
  208. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/claude-plugin-good/LICENSE +0 -0
  209. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/claude-plugin-good/README.md +0 -0
  210. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/claude-plugin-good/SECURITY.md +0 -0
  211. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/claude-plugin-good/hooks/hooks.json +0 -0
  212. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/claude-plugin-good/skills/example/SKILL.md +0 -0
  213. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/code-quality-bad/evil.js +0 -0
  214. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/code-quality-bad/inject.js +0 -0
  215. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/gemini-extension-good/GEMINI.md +0 -0
  216. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/gemini-extension-good/LICENSE +0 -0
  217. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/gemini-extension-good/README.md +0 -0
  218. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/gemini-extension-good/SECURITY.md +0 -0
  219. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/gemini-extension-good/commands/hello.toml +0 -0
  220. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/gemini-extension-good/gemini-extension.json +0 -0
  221. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/good-plugin/.codex-plugin/plugin.json +0 -0
  222. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/good-plugin/.codexignore +0 -0
  223. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/good-plugin/LICENSE +0 -0
  224. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/good-plugin/README.md +0 -0
  225. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/good-plugin/SECURITY.md +0 -0
  226. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/good-plugin/assets/icon.svg +0 -0
  227. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/good-plugin/assets/logo.svg +0 -0
  228. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/good-plugin/assets/screenshot.svg +0 -0
  229. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/good-plugin/skills/example/SKILL.md +0 -0
  230. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/guard-codex-malicious-mcp/.codex/config.toml +0 -0
  231. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/hermes-plugin-evil/config.yaml +0 -0
  232. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/hermes-plugin-evil/mcp_servers.json +0 -0
  233. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/hermes-plugin-evil/skills/security/malicious/SKILL.md +0 -0
  234. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/hermes-plugin-evil/skills/stealth/sneaky/SKILL.md +0 -0
  235. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/hermes-plugin-evil/skills/stealth/sneaky/references/api-setup.md +0 -0
  236. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/hermes-plugin-evil/skills/stealth/sneaky/scripts/deploy.sh +0 -0
  237. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/hermes-plugin-evil/skills/utils/benign/SKILL.md +0 -0
  238. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/malformed-json/.codex-plugin/plugin.json +0 -0
  239. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/malicious-skill-plugin/.codex-plugin/plugin.json +0 -0
  240. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/malicious-skill-plugin/.codexignore +0 -0
  241. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/malicious-skill-plugin/LICENSE +0 -0
  242. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/malicious-skill-plugin/README.md +0 -0
  243. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/malicious-skill-plugin/SECURITY.md +0 -0
  244. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/malicious-skill-plugin/skills/leaky-skill/SKILL.md +0 -0
  245. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/mcp-canary-server.py +0 -0
  246. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/minimal-plugin/.codex-plugin/plugin.json +0 -0
  247. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/missing-fields/.codex-plugin/plugin.json +0 -0
  248. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/mit-license/LICENSE +0 -0
  249. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-ecosystem-repo/codex-plugin/.codex-plugin/plugin.json +0 -0
  250. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-ecosystem-repo/codex-plugin/LICENSE +0 -0
  251. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-ecosystem-repo/codex-plugin/README.md +0 -0
  252. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-ecosystem-repo/codex-plugin/SECURITY.md +0 -0
  253. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-ecosystem-repo/gemini-ext/README.md +0 -0
  254. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-ecosystem-repo/gemini-ext/gemini-extension.json +0 -0
  255. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-plugin-repo/.agents/plugins/marketplace.json +0 -0
  256. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-plugin-repo/plugins/alpha-plugin/.codex-plugin/plugin.json +0 -0
  257. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-plugin-repo/plugins/alpha-plugin/.codexignore +0 -0
  258. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-plugin-repo/plugins/alpha-plugin/LICENSE +0 -0
  259. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-plugin-repo/plugins/alpha-plugin/README.md +0 -0
  260. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-plugin-repo/plugins/alpha-plugin/SECURITY.md +0 -0
  261. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-plugin-repo/plugins/alpha-plugin/skills/example/SKILL.md +0 -0
  262. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-plugin-repo/plugins/beta-plugin/.codex-plugin/plugin.json +0 -0
  263. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/multi-plugin-repo/plugins/beta-plugin/skills/example/SKILL.md +0 -0
  264. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/no-version/.codex-plugin/plugin.json +0 -0
  265. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/opencode-good/.opencode/commands/hello.md +0 -0
  266. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/opencode-good/.opencode/plugins/example.ts +0 -0
  267. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/opencode-good/LICENSE +0 -0
  268. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/opencode-good/README.md +0 -0
  269. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/opencode-good/SECURITY.md +0 -0
  270. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/opencode-good/opencode.jsonc +0 -0
  271. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/skills-missing-dir/.codex-plugin/plugin.json +0 -0
  272. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/skills-no-frontmatter/.codex-plugin/plugin.json +0 -0
  273. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/skills-no-frontmatter/skills/bad-skill/SKILL.md +0 -0
  274. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/with-marketplace/.codex-plugin/plugin.json +0 -0
  275. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/with-marketplace/marketplace-broken.json +0 -0
  276. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/fixtures/with-marketplace/marketplace.json +0 -0
  277. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test-trust-scoring.py +0 -0
  278. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test-trust-specs.py +0 -0
  279. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_action_runner.py +0 -0
  280. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_best_practices.py +0 -0
  281. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_cisco_install_surfaces.py +0 -0
  282. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_cli.py +0 -0
  283. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_code_quality.py +0 -0
  284. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_config.py +0 -0
  285. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_coverage_remaining.py +0 -0
  286. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_ecosystems.py +0 -0
  287. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_edge_cases.py +0 -0
  288. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_final_coverage.py +0 -0
  289. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_approvals.py +0 -0
  290. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_bootstrap.py +0 -0
  291. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_capabilities.py +0 -0
  292. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_claude_adapter.py +0 -0
  293. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_codex_e2e.py +0 -0
  294. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_codex_install.py +0 -0
  295. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_codex_proxy.py +0 -0
  296. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_connect_flow.py +0 -0
  297. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_consumer_mode.py +0 -0
  298. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_copilot_adapter.py +0 -0
  299. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_copilot_proxy.py +0 -0
  300. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_daemon_manager.py +0 -0
  301. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_event_schema_v1.py +0 -0
  302. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_events.py +0 -0
  303. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_launch_env.py +0 -0
  304. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_opencode_proxy.py +0 -0
  305. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_product_flow.py +0 -0
  306. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_protect.py +0 -0
  307. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_render.py +0 -0
  308. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_risk.py +0 -0
  309. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_store_migrations.py +0 -0
  310. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_surface_server.py +0 -0
  311. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_guard_verdicts.py +0 -0
  312. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_hermes_adapter.py +0 -0
  313. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_integration.py +0 -0
  314. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_lint_fixes.py +0 -0
  315. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_live_cisco_smoke.py +0 -0
  316. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_manifest.py +0 -0
  317. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_marketplace.py +0 -0
  318. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_mcp_security.py +0 -0
  319. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_operational_security.py +0 -0
  320. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_policy.py +0 -0
  321. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_quality_artifact.py +0 -0
  322. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_rule_registry.py +0 -0
  323. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_scanner.py +0 -0
  324. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_schema_contracts.py +0 -0
  325. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_security.py +0 -0
  326. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_security_ops.py +0 -0
  327. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_skill_security.py +0 -0
  328. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_submission.py +0 -0
  329. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_trust_scoring.py +0 -0
  330. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_trust_specs.py +0 -0
  331. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_verification.py +0 -0
  332. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/tests/test_versioning.py +0 -0
  333. {plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/uv.lock +0 -0
{plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: plugin-scanner
3
- Version: 2.0.69
3
+ Version: 2.0.70
4
4
  Summary: Lint, verify, and gate plugin ecosystems for maintainers, CI, and publish workflows.
5
5
  Project-URL: Homepage, https://github.com/hashgraph-online/ai-plugin-scanner
6
6
  Project-URL: Repository, https://github.com/hashgraph-online/ai-plugin-scanner
{plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/guard-api.ts RENAMED
@@ -128,11 +128,23 @@ export async function fetchSettings(): Promise<GuardSettingsPayload> {
128
128
  config_path: "~/.hol-guard/config.toml",
129
129
  settings: {
130
130
  mode: "prompt",
131
+ security_level: "balanced",
131
132
  default_action: "warn",
132
133
  unknown_publisher_action: "review",
133
134
  changed_hash_action: "require-reapproval",
134
135
  new_network_domain_action: "warn",
135
136
  subprocess_action: "warn",
137
+ risk_actions: {
138
+ local_secret_read: "require-reapproval",
139
+ credential_exfiltration: "require-reapproval",
140
+ destructive_shell: "require-reapproval",
141
+ encoded_execution: "require-reapproval",
142
+ network_egress: "warn"
143
+ },
144
+ risk_action_overrides: {},
145
+ harness_risk_actions: {
146
+ codex: {}
147
+ },
136
148
  approval_wait_timeout_seconds: 120,
137
149
  approval_surface_policy: "auto-open-once",
138
150
  telemetry: false,
{plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/guard-types.ts RENAMED
@@ -136,11 +136,15 @@ export type GuardInventoryItem = {
136
136
 
137
137
  export type GuardSettings = {
138
138
  mode: "observe" | "prompt" | "enforce";
139
+ security_level: "balanced" | "strict" | "custom";
139
140
  default_action: string;
140
141
  unknown_publisher_action: string;
141
142
  changed_hash_action: string;
142
143
  new_network_domain_action: string;
143
144
  subprocess_action: string;
145
+ risk_actions: Record<string, string>;
146
+ risk_action_overrides: Record<string, string>;
147
+ harness_risk_actions: Record<string, Record<string, string>>;
144
148
  approval_wait_timeout_seconds: number;
145
149
  approval_surface_policy: string;
146
150
  telemetry: boolean;
{plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/dashboard/src/settings-workspace.tsx RENAMED
@@ -30,6 +30,100 @@ const surfacePolicyOptions = [
30
30
  { value: "native-only", label: "Harness prompt only" }
31
31
  ];
32
32
 
33
+ const securityLevels = [
34
+ {
35
+ value: "balanced",
36
+ label: "Balanced",
37
+ description: "Ask before secret access, hidden execution, exfiltration, and destructive actions."
38
+ },
39
+ {
40
+ value: "strict",
41
+ label: "Strict",
42
+ description: "Ask more often, including new network destinations."
43
+ },
44
+ {
45
+ value: "custom",
46
+ label: "Custom",
47
+ description: "Use the exact choices below for this machine and connected apps."
48
+ }
49
+ ] as const;
50
+
51
+ const riskControls = [
52
+ {
53
+ key: "local_secret_read",
54
+ label: "Local secrets",
55
+ description: "Files such as .env, .npmrc, .netrc, SSH keys, and cloud credentials."
56
+ },
57
+ {
58
+ key: "credential_exfiltration",
59
+ label: "Credential sharing",
60
+ description: "Commands or scripts that appear to send keys, tokens, or credentials away."
61
+ },
62
+ {
63
+ key: "destructive_shell",
64
+ label: "Destructive commands",
65
+ description: "Shell actions that delete, overwrite, or rewrite local files."
66
+ },
67
+ {
68
+ key: "encoded_execution",
69
+ label: "Hidden scripts",
70
+ description: "Encoded, encrypted, or decoded-and-run command payloads."
71
+ },
72
+ {
73
+ key: "network_egress",
74
+ label: "New network destinations",
75
+ description: "Outbound connections Guard has not seen in this context."
76
+ }
77
+ ] as const;
78
+
79
+ type RiskKey = (typeof riskControls)[number]["key"];
80
+
81
+ const riskProfileActions: Record<"balanced" | "strict" | "custom", Record<RiskKey, string>> = {
82
+ balanced: {
83
+ local_secret_read: "require-reapproval",
84
+ credential_exfiltration: "require-reapproval",
85
+ destructive_shell: "require-reapproval",
86
+ encoded_execution: "require-reapproval",
87
+ network_egress: "warn"
88
+ },
89
+ strict: {
90
+ local_secret_read: "require-reapproval",
91
+ credential_exfiltration: "require-reapproval",
92
+ destructive_shell: "require-reapproval",
93
+ encoded_execution: "require-reapproval",
94
+ network_egress: "require-reapproval"
95
+ },
96
+ custom: {
97
+ local_secret_read: "require-reapproval",
98
+ credential_exfiltration: "require-reapproval",
99
+ destructive_shell: "require-reapproval",
100
+ encoded_execution: "require-reapproval",
101
+ network_egress: "warn"
102
+ }
103
+ };
104
+
105
+ function normalizeSettingsPayload(payload: GuardSettingsPayload): GuardSettingsPayload {
106
+ return {
107
+ ...payload,
108
+ settings: normalizeGuardSettings(payload.settings)
109
+ };
110
+ }
111
+
112
+ function normalizeGuardSettings(settings: GuardSettings): GuardSettings {
113
+ const defaults = riskProfileActions[settings.security_level];
114
+ const explicitOverrides = settings.risk_action_overrides ?? {};
115
+ const effectiveRiskActions = riskControls.reduce<Record<RiskKey, string>>((actions, risk) => {
116
+ actions[risk.key] = settings.risk_actions?.[risk.key] ?? explicitOverrides[risk.key] ?? defaults[risk.key];
117
+ return actions;
118
+ }, {} as Record<RiskKey, string>);
119
+ return {
120
+ ...settings,
121
+ risk_actions: effectiveRiskActions,
122
+ risk_action_overrides: explicitOverrides,
123
+ harness_risk_actions: settings.harness_risk_actions ?? {}
124
+ };
125
+ }
126
+
33
127
  export function SettingsWorkspace() {
34
128
  const [state, setState] = useState<SettingsState>({ kind: "loading" });
35
129
  const [draft, setDraft] = useState<GuardSettings | null>(null);
@@ -41,8 +135,9 @@ export function SettingsWorkspace() {
41
135
  fetchSettings()
42
136
  .then((payload) => {
43
137
  if (!cancelled) {
44
- setState({ kind: "ready", payload });
45
- setDraft(payload.settings);
138
+ const normalizedPayload = normalizeSettingsPayload(payload);
139
+ setState({ kind: "ready", payload: normalizedPayload });
140
+ setDraft(normalizedPayload.settings);
46
141
  }
47
142
  })
48
143
  .catch((error: unknown) => {
@@ -66,6 +161,63 @@ export function SettingsWorkspace() {
66
161
  []
67
162
  );
68
163
 
164
+ const handleSecurityLevelChange = useCallback((securityLevel: GuardSettings["security_level"]) => {
165
+ setDraft((value) => {
166
+ if (value === null) return value;
167
+ if (securityLevel === "custom") {
168
+ return { ...value, security_level: securityLevel };
169
+ }
170
+ return {
171
+ ...value,
172
+ security_level: securityLevel,
173
+ risk_actions: riskProfileActions[securityLevel],
174
+ risk_action_overrides: {},
175
+ harness_risk_actions: {}
176
+ };
177
+ });
178
+ setSavedMessage(null);
179
+ }, []);
180
+
181
+ const handleRiskActionChange = useCallback(
182
+ (riskKey: string) => (event: ChangeEvent<HTMLSelectElement>) => {
183
+ setDraft((value) => {
184
+ if (value === null) return value;
185
+ return {
186
+ ...value,
187
+ security_level: "custom",
188
+ risk_actions: {
189
+ ...value.risk_actions,
190
+ [riskKey]: event.target.value
191
+ },
192
+ risk_action_overrides: {
193
+ ...value.risk_action_overrides,
194
+ [riskKey]: event.target.value
195
+ }
196
+ };
197
+ });
198
+ setSavedMessage(null);
199
+ },
200
+ []
201
+ );
202
+
203
+ const handleCodexSecretReadChange = useCallback((event: ChangeEvent<HTMLSelectElement>) => {
204
+ setDraft((value) => {
205
+ if (value === null) return value;
206
+ return {
207
+ ...value,
208
+ security_level: "custom",
209
+ harness_risk_actions: {
210
+ ...value.harness_risk_actions,
211
+ codex: {
212
+ ...(value.harness_risk_actions.codex ?? {}),
213
+ local_secret_read: event.target.value
214
+ }
215
+ }
216
+ };
217
+ });
218
+ setSavedMessage(null);
219
+ }, []);
220
+
69
221
  const handleTimeoutChange = useCallback((event: ChangeEvent<HTMLInputElement>) => {
70
222
  const nextValue = Number.parseInt(event.target.value, 10);
71
223
  setDraft((value) => value === null ? value : { ...value, approval_wait_timeout_seconds: Number.isNaN(nextValue) ? 0 : nextValue });
@@ -90,9 +242,13 @@ export function SettingsWorkspace() {
90
242
  setSaving(true);
91
243
  setSavedMessage(null);
92
244
  try {
93
- const payload = await updateSettings(draft);
94
- setState({ kind: "ready", payload });
95
- setDraft(payload.settings);
245
+ const payload = await updateSettings({
246
+ ...draft,
247
+ risk_actions: draft.security_level === "custom" ? draft.risk_actions : draft.risk_action_overrides
248
+ });
249
+ const normalizedPayload = normalizeSettingsPayload(payload);
250
+ setState({ kind: "ready", payload: normalizedPayload });
251
+ setDraft(normalizedPayload.settings);
96
252
  setSavedMessage("Settings saved. New Guard checks use these values immediately.");
97
253
  } catch (error) {
98
254
  setSavedMessage(error instanceof Error ? error.message : "Unable to save settings.");
@@ -130,10 +286,10 @@ export function SettingsWorkspace() {
130
286
  </div>
131
287
  <SectionLabel>Settings</SectionLabel>
132
288
  <h1 className="mt-2 text-3xl font-semibold tracking-tight text-brand-dark">
133
- Tune how HOL Guard pauses risky actions.
289
+ Choose how protective HOL Guard should be.
134
290
  </h1>
135
291
  <p className="mt-3 max-w-2xl text-sm leading-6 text-brand-dark/70">
136
- These are the same local controls exposed by the CLI config. Use them when you want Guard to ask more often, run quietly, or wait longer for approval decisions.
292
+ Start with a simple security level, then tune exact risk types when a trusted app needs more room to work.
137
293
  </p>
138
294
  </div>
139
295
  <div className="rounded-[1.65rem] border border-white/80 bg-white/80 p-4 shadow-[0_16px_40px_rgba(63,65,116,0.10)] backdrop-blur">
@@ -148,6 +304,27 @@ export function SettingsWorkspace() {
148
304
 
149
305
  <section className="grid gap-6 lg:grid-cols-[minmax(0,1fr)_320px]">
150
306
  <div className="space-y-6">
307
+ <div className="rounded-[1.75rem] border border-slate-200/70 bg-white/80 p-5 shadow-sm">
308
+ <SectionLabel>Security level</SectionLabel>
309
+ <div className="mt-4 grid gap-3 md:grid-cols-3">
310
+ {securityLevels.map((level) => (
311
+ <button
312
+ key={level.value}
313
+ type="button"
314
+ onClick={() => handleSecurityLevelChange(level.value)}
315
+ className={`min-h-32 rounded-[1.5rem] border p-4 text-left transition-all duration-150 ${
316
+ draft.security_level === level.value
317
+ ? "border-brand-blue/35 bg-brand-blue/[0.07] shadow-[0_12px_32px_rgba(85,153,254,0.14)]"
318
+ : "border-transparent bg-surface-1/80 hover:bg-white"
319
+ }`}
320
+ >
321
+ <span className="text-base font-semibold text-brand-dark">{level.label}</span>
322
+ <span className="mt-2 block text-sm leading-6 text-muted-foreground">{level.description}</span>
323
+ </button>
324
+ ))}
325
+ </div>
326
+ </div>
327
+
151
328
  <div className="rounded-[1.75rem] border border-slate-200/70 bg-white/80 p-5 shadow-sm">
152
329
  <SectionLabel>Protection mode</SectionLabel>
153
330
  <div className="mt-4 grid gap-3 sm:grid-cols-3">
@@ -174,7 +351,45 @@ export function SettingsWorkspace() {
174
351
  </div>
175
352
 
176
353
  <div className="rounded-[1.75rem] border border-slate-200/70 bg-white/80 p-5 shadow-sm">
177
- <SectionLabel>Default decisions</SectionLabel>
354
+ <SectionLabel>Risk choices</SectionLabel>
355
+ <div className="mt-4 divide-y divide-slate-200/70 overflow-hidden rounded-[1.35rem] border border-slate-200/70 bg-white">
356
+ {riskControls.map((risk) => (
357
+ <div key={risk.key} className="grid gap-3 px-4 py-4 md:grid-cols-[minmax(0,1fr)_220px] md:items-center">
358
+ <div>
359
+ <p className="text-sm font-semibold text-brand-dark">{risk.label}</p>
360
+ <p className="mt-1 text-sm leading-6 text-muted-foreground">{risk.description}</p>
361
+ </div>
362
+ <SettingSelect
363
+ label="Guard should"
364
+ value={draft.risk_actions[risk.key] ?? "require-reapproval"}
365
+ options={actionOptions}
366
+ onChange={handleRiskActionChange(risk.key)}
367
+ />
368
+ </div>
369
+ ))}
370
+ </div>
371
+ </div>
372
+
373
+ <div className="rounded-[1.75rem] border border-slate-200/70 bg-white/80 p-5 shadow-sm">
374
+ <SectionLabel>Codex override</SectionLabel>
375
+ <div className="mt-4 grid gap-4 md:grid-cols-[minmax(0,1fr)_260px] md:items-center">
376
+ <div>
377
+ <p className="text-sm font-semibold text-brand-dark">Codex reading local secret files</p>
378
+ <p className="mt-1 text-sm leading-6 text-muted-foreground">
379
+ Use this only for trusted projects where Codex should be allowed to open files such as .env or .npmrc.
380
+ </p>
381
+ </div>
382
+ <SettingSelect
383
+ label="Codex should"
384
+ value={draft.harness_risk_actions.codex?.local_secret_read ?? draft.risk_actions.local_secret_read ?? "require-reapproval"}
385
+ options={actionOptions}
386
+ onChange={handleCodexSecretReadChange}
387
+ />
388
+ </div>
389
+ </div>
390
+
391
+ <div className="rounded-[1.75rem] border border-slate-200/70 bg-white/80 p-5 shadow-sm">
392
+ <SectionLabel>Advanced defaults</SectionLabel>
178
393
  <div className="mt-4 grid gap-4 md:grid-cols-2">
179
394
  <SettingSelect label="New action" value={draft.default_action} options={actionOptions} onChange={handleStringChange("default_action")} />
180
395
  <SettingSelect label="Unknown source" value={draft.unknown_publisher_action} options={actionOptions} onChange={handleStringChange("unknown_publisher_action")} />
{plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/pyproject.toml RENAMED
@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
4
4
 
5
5
  [project]
6
6
  name = "plugin-scanner"
7
- version = "2.0.69"
7
+ version = "2.0.70"
8
8
  description = "Lint, verify, and gate plugin ecosystems for maintainers, CI, and publish workflows."
9
9
  readme = "README.md"
10
10
  license = "Apache-2.0"
{plugin_scanner-2.0.69 → plugin_scanner-2.0.70}/pyproject.toml.bak RENAMED
@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
4
4
 
5
5
  [project]
6
6
  name = "hol-guard"
7
- version = "2.0.69"
7
+ version = "2.0.70"
8
8
  description = "Protect local AI harnesses with HOL Guard and run scanner checks for Codex, Claude, Cursor, Gemini, and OpenCode."
9
9
  readme = "README.md"
10
10
  license = "Apache-2.0"