rafter-cli 0.8.2__tar.gz → 0.8.4__tar.gz

{rafter_cli-0.8.2 → rafter_cli-0.8.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: rafter-cli
-Version: 0.8.2
+Version: 0.8.4
 Summary: Rafter CLI — the default security agent for AI workflows. Free for individuals and open source.
 License: MIT
 Author: Rafter Team

{rafter_cli-0.8.2 → rafter_cli-0.8.4}/pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "rafter-cli"
-version = "0.8.2"
+version = "0.8.4"
 description = "Rafter CLI — the default security agent for AI workflows. Free for individuals and open source."
 authors = ["Rafter Team <hello@rafter.so>"]
 license = "MIT"

{rafter_cli-0.8.2 → rafter_cli-0.8.4}/rafter_cli/commands/agent.py

@@ -248,6 +248,7 @@ def _print_dry_run_plan(
     want_windsurf: bool,
     want_continue: bool,
     want_aider: bool,
+    want_hermes: bool,
     want_betterleaks: bool,
     risk_level: str,
 ) -> None:
@@ -355,6 +356,11 @@ def _print_dry_run_plan(
         W(root / "RAFTER.md", "rafter:start/end marker block")
         W(root / ".aider.conf.yml", "appends RAFTER.md to read: list; strips legacy mcp-server-command line")
 
+    if want_hermes:
+        print()
+        print("Hermes (--with-hermes):")
+        W(root / ".hermes" / "config.yaml", "mcp_servers.rafter entry merged into existing YAML")
+
     if want_openclaw:
         print()
         print("OpenClaw (--with-openclaw):")
@@ -987,6 +993,44 @@ def _install_aider_read(root: Path) -> bool:
     return True
 
 
+def _install_hermes_mcp(root: Path) -> bool:
+    """Install MCP server config for Hermes (<root>/.hermes/config.yaml).
+
+    Hermes uses a YAML config with an ``mcp_servers:`` block (snake_case,
+    unlike Cursor/Windsurf/Claude Code which use ``mcpServers`` camelCase).
+    Schema per server is ``{command, args, env}``. We use PyYAML (already
+    imported) to merge in the rafter entry while preserving any existing
+    servers.
+
+    Hooks (preToolUse/postToolUse equivalents) deferred to a follow-on bead
+    pending confirmation Hermes exposes a hook surface — landing MCP-only as
+    v0 mirrors how Gemini and Continue.dev were initially shipped (sable-gyw).
+    """
+    hermes_dir = root / ".hermes"
+    config_path = hermes_dir / "config.yaml"
+
+    hermes_dir.mkdir(parents=True, exist_ok=True)
+
+    config: dict[str, Any] = {}
+    if config_path.exists():
+        try:
+            loaded = yaml.safe_load(config_path.read_text())
+            if isinstance(loaded, dict):
+                config = loaded
+        except yaml.YAMLError:
+            rprint(fmt.warning("Existing Hermes config.yaml was not valid YAML, creating new one"))
+
+    mcp_servers = config.get("mcp_servers")
+    if not isinstance(mcp_servers, dict):
+        mcp_servers = {}
+        config["mcp_servers"] = mcp_servers
+    mcp_servers["rafter"] = {**_RAFTER_MCP_ENTRY}
+
+    config_path.write_text(yaml.safe_dump(config, sort_keys=False))
+    rprint(fmt.success(f"Installed Rafter MCP server to {config_path}"))
+    return True
+
+
 @agent_app.command()
 def init(
     risk_level: str = typer.Option("moderate", "--risk-level", help="minimal, moderate, or aggressive"),
@@ -999,6 +1043,7 @@ def init(
     with_cursor: bool = typer.Option(False, "--with-cursor", help="Install Cursor integration"),
     with_windsurf: bool = typer.Option(False, "--with-windsurf", help="Install Windsurf integration"),
     with_continue: bool = typer.Option(False, "--with-continue", help="Install Continue.dev integration"),
+    with_hermes: bool = typer.Option(False, "--with-hermes", help="Install Hermes integration"),
     all_integrations: bool = typer.Option(False, "--all", help="Install all detected integrations and download Betterleaks"),
     update: bool = typer.Option(False, "--update", help="Re-download betterleaks and reinstall integrations without resetting config"),
     local: bool = typer.Option(
@@ -1037,6 +1082,7 @@ def init(
     has_windsurf = scope == "user" and (home / ".codeium" / "windsurf").exists()
     has_continue_dev = scope == "user" and (home / ".continue").exists()
     has_aider = scope == "user" and (home / ".aider.conf.yml").exists()
+    has_hermes = scope == "user" and (home / ".hermes").exists()
 
     # Resolve opt-in flags. In --local scope, --all is restricted to platforms with
     # a project-local config story (claudeCode, codex, gemini, cursor).
@@ -1057,6 +1103,10 @@ def init(
     # Aider can install at --local scope (writes RAFTER.md + .aider.conf.yml
     # in cwd) since rf-du2o.
     want_aider = with_aider or all_integrations
+    # Hermes: MCP-only v0 (no hooks confirmed yet). User scope only — Hermes
+    # reads ~/.hermes/config.yaml; project-local install story isn't
+    # established. Excluded from --all in --local for the same reason (sable-gyw).
+    want_hermes = with_hermes or (all_integrations and not local)
     want_betterleaks = with_betterleaks or (all_integrations and not local)
 
     # Show detected environments
@@ -1077,6 +1127,8 @@ def init(
         detected.append("Continue.dev")
     if has_aider:
         detected.append("Aider")
+    if has_hermes:
+        detected.append("Hermes")
 
     if detected:
         rprint(fmt.info(f"Detected environments: {', '.join(detected)}"))
@@ -1102,6 +1154,8 @@ def init(
             rprint(fmt.warning("Continue.dev requested but not detected (~/.continue not found)"))
         if want_aider and not has_aider:
             rprint(fmt.warning("Aider requested but not detected (~/.aider.conf.yml not found)"))
+        if want_hermes and not has_hermes:
+            rprint(fmt.warning("Hermes requested but not detected (~/.hermes not found)"))
 
     # --dry-run: print every file path the command would touch, then exit
     # before any filesystem write happens (rf-hrtd). Built from the same
@@ -1118,6 +1172,7 @@ def init(
             want_windsurf=want_windsurf and (has_windsurf or local),
             want_continue=want_continue and (has_continue_dev or local),
             want_aider=want_aider and (has_aider or local),
+            want_hermes=want_hermes and has_hermes,
             want_betterleaks=want_betterleaks,
             risk_level=risk_level,
         )
@@ -1312,6 +1367,18 @@ def init(
         except Exception as e:
             rprint(fmt.error(f"Failed to install Aider integration: {e}"))
 
+    # Install Hermes integration if opted in (sable-gyw).
+    # User scope only — Hermes reads ~/.hermes/config.yaml. MCP-only v0;
+    # hooks deferred pending confirmation Hermes exposes a hook surface.
+    hermes_ok = False
+    if want_hermes and has_hermes:
+        try:
+            hermes_ok = _install_hermes_mcp(root)
+            if hermes_ok:
+                manager.set("agent.environments.hermes.enabled", True)
+        except Exception as e:
+            rprint(fmt.error(f"Failed to install Hermes integration: {e}"))
+
     # Install global instruction files for platforms that support them
     _install_global_instructions(
         claude_code=claude_code_ok,
@@ -1327,7 +1394,7 @@ def init(
     rprint(fmt.success("Agent security initialized!"))
     rprint()
 
-    any_integration = openclaw_ok or claude_code_ok or codex_ok or gemini_ok or cursor_ok or windsurf_ok or continue_ok or aider_ok
+    any_integration = openclaw_ok or claude_code_ok or codex_ok or gemini_ok or cursor_ok or windsurf_ok or continue_ok or aider_ok or hermes_ok
 
     if any_integration:
         rprint("Next steps:")
@@ -1372,6 +1439,8 @@ def init(
             rprint("  rafter agent init --with-continue        # Continue.dev only")
         if has_aider:
             rprint("  rafter agent init --with-aider           # Aider only")
+        if has_hermes:
+            rprint("  rafter agent init --with-hermes          # Hermes only")
     else:
         rprint("No agent environments detected. Install an agent tool and re-run with --with-<tool>.")
 
@@ -1424,6 +1493,68 @@ def _scan_file(file_path: str, engine: str, custom_patterns=None) -> list[ScanRe
         return [r] if r.matches else []
 
 
+def _path_matches_exclude_pattern(rel_path: str, pattern: str) -> bool:
+    """Mirror of Node ``pathMatchesExcludePattern`` (sable-yz0).
+
+    Rules (any one matches → exclude):
+      1. Exact match: ``rel_path == pattern``.
+      2. Directory-prefix: ``rel_path`` starts with ``pattern + "/"``.
+         Trailing ``/`` on the pattern is ignored.
+      3. Dir-name anywhere: any segment of ``rel_path`` equals ``pattern``.
+         Preserves the RegexScanner walker's existing dir-name behavior.
+      4. Glob: if pattern has ``* ? [``, use fnmatch with auto-anchor
+         (try ``pattern`` and ``**/pattern``) — mirrors Node ``matchGlob``.
+    """
+    import fnmatch as _fnmatch
+    rel = rel_path.replace("\\", "/")
+    p = pattern.replace("\\", "/").rstrip("/")
+    if not p:
+        return False
+    if rel == p:
+        return True
+    if rel.startswith(p + "/"):
+        return True
+    if p in rel.split("/"):
+        return True
+    if any(c in p for c in "*?["):
+        if _fnmatch.fnmatch(rel, p):
+            return True
+        if not p.startswith("/") and not p.startswith("**"):
+            if _fnmatch.fnmatch(rel, "**/" + p) or _fnmatch.fnmatch(rel, "*/" + p):
+                return True
+    return False
+
+
+def _apply_exclude_paths(
+    results: list[ScanResult],
+    exclude_paths: list[str] | None,
+    scan_root: str,
+) -> list[ScanResult]:
+    """Strip findings whose path matches any ``scan.exclude_paths`` entry.
+
+    Chokepoint that fixes sable-yz0 across both scan engines AND the staged
+    / diff modes. See the Node ``applyExcludePaths`` docstring for the full
+    rationale — both engines previously bypassed the policy on the
+    happy-path, and the existing walker-level filter only matched
+    directory NAMES, missing every multi-segment path users wrote.
+    """
+    if not exclude_paths:
+        return results
+    root = os.path.abspath(scan_root).replace("\\", "/")
+    kept: list[ScanResult] = []
+    for r in results:
+        abs_p = os.path.abspath(r.file).replace("\\", "/")
+        if abs_p == root:
+            rel = ""
+        elif abs_p.startswith(root + "/"):
+            rel = abs_p[len(root) + 1 :]
+        else:
+            rel = abs_p
+        if not any(_path_matches_exclude_pattern(rel, pat) for pat in exclude_paths):
+            kept.append(r)
+    return kept
+
+
 def _scan_directory(
     dir_path: str,
     engine: str,
@@ -1442,13 +1573,15 @@ def _scan_directory(
         try:
             bl = BetterleaksScanner()
             results = bl.scan_directory(dir_path, use_git=history)
-            return [ScanResult(file=r.file, matches=r.matches) for r in results]
+            results = [ScanResult(file=r.file, matches=r.matches) for r in results]
         except Exception:
             scanner = RegexScanner(custom)
-            return scanner.scan_directory(dir_path, exclude_paths=exclude, respect_gitignore=respect_gitignore)
+            results = scanner.scan_directory(dir_path, exclude_paths=exclude, respect_gitignore=respect_gitignore)
     else:
         scanner = RegexScanner(custom)
-        return scanner.scan_directory(dir_path, exclude_paths=exclude, respect_gitignore=respect_gitignore)
+        results = scanner.scan_directory(dir_path, exclude_paths=exclude, respect_gitignore=respect_gitignore)
+    # sable-yz0 — post-filter chokepoint. See _apply_exclude_paths docstring.
+    return _apply_exclude_paths(results, exclude, dir_path)
 
 
 def _output_scan_results(
@@ -2449,6 +2582,34 @@ def _check_aider() -> _CheckResult:
     return _CheckResult(name, True, f"RAFTER.md + read: entry in {conf}")
 
 
+def _check_hermes() -> _CheckResult:
+    """Check if Hermes integration is healthy (sable-gyw).
+
+    Hermes uses ~/.hermes/config.yaml with a snake_case ``mcp_servers:`` block
+    (MCP-only v0 — no hook surface confirmed yet).
+    """
+    name = "Hermes"
+    home = Path.home()
+    hermes_dir = home / ".hermes"
+
+    if not hermes_dir.exists():
+        return _CheckResult(name, False, "Not detected — run 'rafter agent init --with-hermes' to enable", optional=True)
+
+    config_path = hermes_dir / "config.yaml"
+    if not config_path.exists():
+        return _CheckResult(name, False, f"Config not found: {config_path} — run 'rafter agent init --with-hermes'", optional=True)
+
+    try:
+        loaded = yaml.safe_load(config_path.read_text()) or {}
+    except (OSError, yaml.YAMLError) as e:
+        return _CheckResult(name, False, f"Cannot read config: {e}", optional=True)
+
+    servers = loaded.get("mcp_servers") if isinstance(loaded, dict) else None
+    if not (isinstance(servers, dict) and servers.get("rafter")):
+        return _CheckResult(name, False, "Rafter MCP server not configured — run 'rafter agent init --with-hermes'", optional=True)
+    return _CheckResult(name, True, "MCP server configured")
+
+
 def _probe_claude_code() -> _CheckResult:
     """Runtime probe of the Claude Code hook integration (rf-65zg).
 
@@ -2549,6 +2710,7 @@ def verify(
         _check_windsurf(),
         _check_continue_dev(),
         _check_aider(),
+        _check_hermes(),
     ]
 
     if probe:
@@ -2882,18 +3044,24 @@ def update_betterleaks(
 # ── agent status ─────────────────────────────────────────────────────────
 
 @agent_app.command("status")
-def status():
+def status(
+    json_output: bool = typer.Option(False, "--json", help="Output status as JSON"),
+):
     """Show agent security status dashboard."""
     from ..core.config_schema import get_audit_log_path, get_rafter_dir
 
     rafter_dir = get_rafter_dir()
     audit_path = get_audit_log_path()
+    config_path = rafter_dir / "config.json"
+
+    if json_output:
+        print(json.dumps(_agent_status_json(config_path, audit_path), indent=2))
+        return
 
     print("Rafter Agent Status")
     print("=" * 50)
 
     # --- Config ---
-    config_path = rafter_dir / "config.json"
     if config_path.exists():
         try:
             cfg = ConfigManager().load()
@@ -2946,11 +3114,18 @@ def status():
     print(f"PostToolUse:  {posttool_status}")
 
     # --- OpenClaw skill ---
-    skill_path = Path.home() / ".openclaw" / "skills" / "rafter-security.md"
-    if skill_path.exists():
-        print(f"OpenClaw:     skill installed ({skill_path})")
-    elif (Path.home() / ".openclaw").exists():
-        print("OpenClaw:     detected but skill missing — run: rafter agent init --with-openclaw")
+    # rf-zgwj moved the skill to the canonical ClawHub workspace path
+    # (~/.openclaw/workspace/skills/rafter-security/SKILL.md) and strips the
+    # legacy flat file. Detect via SkillManager so this matches `agent verify`
+    # and the installer — checking the legacy path here is a false negative.
+    skill_manager = SkillManager()
+    if skill_manager.is_rafter_skill_installed():
+        print(f"OpenClaw:     skill installed ({skill_manager.get_rafter_skill_path()})")
+    elif skill_manager.is_openclaw_installed():
+        if skill_manager.has_legacy_rafter_skill():
+            print(f"OpenClaw:     legacy skill at {skill_manager.get_legacy_rafter_skill_path()} (not loaded) — run: rafter agent init --with-openclaw to migrate")
+        else:
+            print("OpenClaw:     detected but skill missing — run: rafter agent init --with-openclaw")
     else:
         print("OpenClaw:     not detected (optional)")
 
@@ -2971,6 +3146,7 @@ def status():
         {"name": "Cursor", "flag": "--with-cursor", "config_dir": home / ".cursor", "config_file": home / ".cursor" / "mcp.json", "needle": "rafter"},
         {"name": "Windsurf", "flag": "--with-windsurf", "config_dir": home / ".codeium" / "windsurf", "config_file": home / ".codeium" / "windsurf" / "mcp_config.json", "needle": "rafter"},
         {"name": "Continue.dev", "flag": "--with-continue", "config_dir": home / ".continue", "config_file": home / ".continue" / "config.json", "needle": "rafter"},
+        {"name": "Hermes", "flag": "--with-hermes", "config_dir": home / ".hermes", "config_file": home / ".hermes" / "config.yaml", "needle": "rafter"},
     ]
 
     for agent in mcp_agents:
@@ -3030,6 +3206,96 @@ def status():
     print()
 
 
+def _agent_status_json(config_path: Path, audit_path: Path) -> dict[str, Any]:
+    return {
+        "installed": config_path.exists(),
+        "version": __version__,
+        "agents_detected": _detect_agent_platforms(),
+        "hooks_installed": _detect_git_hooks(),
+        "betterleaks_available": _betterleaks_available(),
+        "config_path": _format_home_path(config_path),
+        "audit_log_path": _format_home_path(audit_path),
+    }
+
+
+def _detect_agent_platforms() -> list[str]:
+    home = Path.home()
+    candidates = [
+        ("claude-code", home / ".claude"),
+        ("openclaw", home / ".openclaw"),
+        ("codex", home / ".codex"),
+        ("gemini", home / ".gemini"),
+        ("cursor", home / ".cursor"),
+        ("windsurf", home / ".codeium" / "windsurf"),
+        ("continue", home / ".continue"),
+        ("aider", home / ".aider.conf.yml"),
+        ("hermes", home / ".hermes"),
+    ]
+    return [name for name, path in candidates if path.exists()]
+
+
+def _detect_git_hooks() -> list[str]:
+    hooks: set[str] = set()
+    specs = [
+        ("pre-commit", "Rafter Security Pre-Commit Hook"),
+        ("pre-push", "Rafter Security Pre-Push Hook"),
+    ]
+    home = Path.home()
+
+    for hook_name, marker in specs:
+        if _file_contains(home / ".rafter" / "git-hooks" / hook_name, marker):
+            hooks.add(hook_name)
+
+    try:
+        git_dir = subprocess.run(
+            ["git", "rev-parse", "--git-dir"],
+            capture_output=True,
+            text=True,
+            timeout=5,
+            check=True,
+        ).stdout.strip()
+        hooks_dir = Path(git_dir).resolve() / "hooks"
+        for hook_name, marker in specs:
+            if _file_contains(hooks_dir / hook_name, marker):
+                hooks.add(hook_name)
+    except Exception:
+        pass
+
+    return sorted(hooks)
+
+
+def _betterleaks_available() -> bool:
+    bm = BinaryManager()
+    if shutil.which("betterleaks"):
+        try:
+            result = subprocess.run(
+                ["betterleaks", "version"],
+                capture_output=True,
+                text=True,
+                timeout=5,
+            )
+            if result.returncode == 0:
+                return True
+        except Exception:
+            pass
+    return bm.get_betterleaks_path().exists() or bool(bm.find_legacy_gitleaks())
+
+
+def _file_contains(path: Path, needle: str) -> bool:
+    try:
+        return needle in path.read_text(encoding="utf-8")
+    except Exception:
+        return False
+
+
+def _format_home_path(path: Path) -> str:
+    home = Path.home()
+    try:
+        return f"~/{path.relative_to(home).as_posix()}"
+    except ValueError:
+        return str(path)
+
+
 # ── baseline ─────────────────────────────────────────────────────────
 
 _BASELINE_PATH = Path.home() / ".rafter" / "baseline.json"

{rafter_cli-0.8.2 → rafter_cli-0.8.4}/rafter_cli/commands/agent_components.py

@@ -839,6 +839,62 @@ def _continue_mcp() -> ComponentSpec:
     )
 
 
+def _hermes_mcp() -> ComponentSpec:
+    """Hermes MCP server entry (~/.hermes/config.yaml).
+
+    Hermes uses a YAML config with a snake_case ``mcp_servers:`` block (unlike
+    the camelCase ``mcpServers`` of Cursor/Windsurf/Claude Code). MCP-only v0 —
+    hooks deferred pending confirmation Hermes exposes a hook surface (sable-gyw).
+    """
+    home = Path.home()
+    detect_dir = home / ".hermes"
+    config_path = detect_dir / "config.yaml"
+
+    def read_yaml() -> dict[str, Any]:
+        if not config_path.exists():
+            return {}
+        try:
+            loaded = yaml.safe_load(config_path.read_text())
+        except (OSError, yaml.YAMLError):
+            return {}
+        return loaded if isinstance(loaded, dict) else {}
+
+    def is_installed() -> bool:
+        servers = read_yaml().get("mcp_servers")
+        return isinstance(servers, dict) and bool(servers.get("rafter"))
+
+    def install() -> None:
+        detect_dir.mkdir(parents=True, exist_ok=True)
+        cfg = read_yaml()
+        servers = cfg.get("mcp_servers")
+        if not isinstance(servers, dict):
+            servers = {}
+            cfg["mcp_servers"] = servers
+        servers["rafter"] = dict(RAFTER_MCP_ENTRY)
+        config_path.write_text(yaml.safe_dump(cfg))
+
+    def uninstall() -> None:
+        if not config_path.exists():
+            return
+        cfg = read_yaml()
+        servers = cfg.get("mcp_servers")
+        if isinstance(servers, dict) and "rafter" in servers:
+            del servers["rafter"]
+            config_path.write_text(yaml.safe_dump(cfg))
+
+    return ComponentSpec(
+        id="hermes.mcp",
+        platform="hermes",
+        kind="mcp",
+        description="Hermes MCP server entry (~/.hermes/config.yaml)",
+        detect_dir=detect_dir,
+        path=config_path,
+        is_installed=is_installed,
+        install=install,
+        uninstall=uninstall,
+    )
+
+
 _AIDER_LEGACY_MCP_BLOCK_RE = re.compile(
     r"\n?#\s*Rafter security MCP server\s*\nmcp-server-command:\s*rafter\s+mcp\s+serve\s*\n?",
 )
@@ -997,6 +1053,7 @@ def get_registry() -> list[ComponentSpec]:
             _continue_rules(),
             _continue_mcp(),
             _aider_read(),
+            _hermes_mcp(),
             _openclaw_skill(),
         ]
     return _REGISTRY

{rafter_cli-0.8.2 → rafter_cli-0.8.4}/rafter_cli/commands/scan.py

@@ -107,6 +107,7 @@ def scan_local(
         _output_sarif,
         _watch_and_scan,
         _apply_baseline,
+        _apply_exclude_paths,
         _load_baseline_entries,
     )
     from ..core.config_manager import ConfigManager
@@ -164,6 +165,9 @@ def scan_local(
             resolved = os.path.join(repo_root, f)
             if os.path.isfile(resolved):
                 all_results.extend(_scan_file(resolved, eng, custom_patterns))
+        # sable-yz0 — honor scan.exclude_paths in --diff mode too.
+        exclude = scan_cfg.exclude_paths if scan_cfg else None
+        all_results = _apply_exclude_paths(all_results, exclude, repo_root)
         filtered = _apply_baseline(all_results, baseline_entries)
         _output_scan_results(filtered, json_output, quiet, f"files changed since {diff}", format=format, suppressions=suppressions)
         return
@@ -201,6 +205,9 @@ def scan_local(
             resolved = os.path.join(repo_root, f)
             if os.path.isfile(resolved):
                 all_results.extend(_scan_file(resolved, eng, custom_patterns))
+        # sable-yz0 — honor scan.exclude_paths in --staged mode too.
+        exclude = scan_cfg.exclude_paths if scan_cfg else None
+        all_results = _apply_exclude_paths(all_results, exclude, repo_root)
         filtered = _apply_baseline(all_results, baseline_entries)
         _output_scan_results(filtered, json_output, quiet, "staged files", format=format, suppressions=suppressions)
         return

{rafter_cli-0.8.2 → rafter_cli-0.8.4}/rafter_cli/core/policy_loader.py

@@ -9,20 +9,41 @@ from pathlib import Path
 from ..utils.git import get_git_root
 
 
+#: Policy file candidates, in precedence order (sable-c1c).
+#:
+#: The cloud scanner (rafter-backend) reads ``.rafter/config.yml`` (subdir
+#: + ``config.yml``), while the CLI canonical is ``.rafter.yml``. The CLI
+#: reads both indefinitely so customers writing either shape get the same
+#: behavior locally. Canonical dotfile takes precedence; backend file is
+#: the fallback. Schema compatibility (top-level ``exclude_paths`` /
+#: ``custom_patterns`` vs nested ``scan.*``) is handled in ``_map_policy``.
+POLICY_FILE_CANDIDATES: list[Path] = [
+    Path(".rafter.yml"),
+    Path(".rafter.yaml"),
+    Path(".rafter") / "config.yml",
+    Path(".rafter") / "config.yaml",
+]
+
+# Back-compat alias for code outside this module that imported the previous
+# constant. Resolves to the canonical-dotfile names only (subset).
 POLICY_FILENAMES = [".rafter.yml", ".rafter.yaml"]
 _KNOWN_DOC_KEYS = {"id", "path", "url", "description", "tags", "cache"}
 
 
 def find_policy_file() -> Path | None:
-    """Walk from cwd up to git root looking for a policy file."""
+    """Walk from cwd up to git root looking for a policy file.
+
+    Returns the first candidate that exists, in the precedence order
+    declared by ``POLICY_FILE_CANDIDATES``.
+    """
     cwd = Path.cwd()
     root = get_git_root()
     stop = Path(root) if root else cwd.anchor and Path(cwd.anchor)
 
     current = cwd
     while True:
-        for name in POLICY_FILENAMES:
-            candidate = current / name
+        for candidate_rel in POLICY_FILE_CANDIDATES:
+            candidate = current / candidate_rel
             if candidate.exists():
                 return candidate
         parent = current.parent
@@ -85,6 +106,22 @@ def _map_policy(raw: dict) -> dict:
                 for p in scan["custom_patterns"]
             ]
 
+    # sable-c1c — backend flat-shape compat. rafter-backend reads
+    # exclude_paths / custom_patterns at the top level (no `scan:` nesting),
+    # so customers writing the backend shape get the same behavior locally.
+    # Nested form takes precedence if both are present in the same file.
+    if "scan" not in policy or not policy["scan"].get("exclude_paths"):
+        if isinstance(raw.get("exclude_paths"), list):
+            policy.setdefault("scan", {})
+            policy["scan"]["exclude_paths"] = raw["exclude_paths"]
+    if "scan" not in policy or not policy["scan"].get("custom_patterns"):
+        if isinstance(raw.get("custom_patterns"), list):
+            policy.setdefault("scan", {})
+            policy["scan"]["custom_patterns"] = [
+                {"name": p.get("name", ""), "regex": p.get("regex", ""), "severity": p.get("severity", "high")}
+                for p in raw["custom_patterns"]
+            ]
+
     ignore = raw.get("ignore")
     if isinstance(ignore, list):
         rules: list[dict] = []
@@ -179,7 +216,11 @@ def _derive_doc_id(source: str, kind: str) -> str:
     return hashlib.sha256(source.encode("utf-8")).hexdigest()[:8]
 
 
-_VALID_TOP_LEVEL_KEYS = {"version", "risk_level", "command_policy", "scan", "ignore", "audit", "docs"}
+_VALID_TOP_LEVEL_KEYS = {
+    "version", "risk_level", "command_policy", "scan", "ignore", "audit", "docs",
+    # sable-c1c — backend flat-shape compat keys.
+    "exclude_paths", "custom_patterns",
+}
 _VALID_RISK_LEVELS = {"minimal", "moderate", "aggressive"}
 _VALID_COMMAND_MODES = {"allow-all", "approve-dangerous", "deny-list"}
 _VALID_LOG_LEVELS = {"debug", "info", "warn", "error"}

{rafter_cli-0.8.2 → rafter_cli-0.8.4}/rafter_cli/resources/rafter-security-skill.md

@@ -1,7 +1,7 @@
 ---
 name: rafter-security
 description: Security toolkit for AI workflows. Use when scanning code or repos for vulnerabilities, auditing third-party skills/MCPs/agent configs before installing, evaluating shell commands before running them, or generating secure design questions for new features. Provides `rafter run` (remote SAST + SCA, needs RAFTER_API_KEY), `rafter secrets` (offline secrets-only), `rafter agent exec --dry-run` (command-risk classification), and `rafter skill review`.
-version: 0.8.2
+version: 0.8.4
 homepage: https://rafter.so
 metadata:
   openclaw:

{rafter_cli-0.8.2 → rafter_cli-0.8.4}/rafter_cli/resources/skills/rafter/SKILL.md

@@ -114,5 +114,5 @@ export RAFTER_API_KEY="..."        # or put it in .env
 
 Without a key, only `rafter secrets` works — that's secret-hygiene, not code review. If security matters for the task, flag the missing key to the user rather than silently accepting the narrower scan.
 
-## Strengthen the Project
-Not wired in yet? `rafter agent install-hook` (pre-commit), `rafter ci init` (CI workflow), `.rafter.yml` (policy). Per-platform setup: `rafter brief setup/<platform>`.
+## Setup
+Not installed? `npm i -g @rafter-security/cli` (Node) or `pip install rafter-cli` (Python). `npx` form is `npx @rafter-security/cli` — the bare `npx rafter-cli` resolves to an unrelated package. Inside Cursor's sandbox or any session where writing `~/.rafter` triggers a prompt, prefer `rafter agent init --local --with-<platform>` — writes `./.rafter/` + `./.<platform>/` instead of `$HOME`. Not wired yet? `rafter agent install-hook` (pre-commit), `rafter ci init` (CI), `.rafter.yml` (policy). Per-platform: `rafter brief setup/<platform>`.

{rafter_cli-0.8.2 → rafter_cli-0.8.4}/rafter_cli/scanners/secret_patterns.py

@@ -88,6 +88,13 @@ DEFAULT_SECRET_PATTERNS: list[Pattern] = [
         severity="critical",
         description="Twilio API Key detected",
     ),
+    # HashiCorp Vault
+    Pattern(
+        name="HashiCorp Vault Token",
+        regex=r"hvs\.[a-zA-Z0-9_-]{90,}",
+        severity="critical",
+        description="HashiCorp Vault service token detected",
+    ),
     # Generic
     Pattern(
         name="Generic API Key",

rafter_cli-0.8.4/rafter_cli/utils/skill_manager.py

@@ -0,0 +1,45 @@
+"""Skill manager for OpenClaw integration — Python port of Node skill-manager.ts."""
+from __future__ import annotations
+
+from pathlib import Path
+
+
+class SkillManager:
+    """Manage OpenClaw skill installation and detection.
+
+    OpenClaw auto-discovers ClawHub-shaped skills from
+    ``<workspace>/skills/<skill>/SKILL.md`` (default workspace
+    ``~/.openclaw/workspace/``). rafter ≤ 0.7.7 wrote a loose
+    ``~/.openclaw/skills/<name>.md`` file that OpenClaw never read; the canonical
+    path was adopted in rf-zgwj. Detection here must match the installer and
+    ``agent verify`` — checking the legacy path is a false negative.
+    """
+
+    def get_openclaw_root(self) -> Path:
+        return Path.home() / ".openclaw"
+
+    def get_openclaw_skills_dir(self) -> Path:
+        return self.get_openclaw_root() / "workspace" / "skills"
+
+    def get_rafter_skill_dir(self) -> Path:
+        return self.get_openclaw_skills_dir() / "rafter-security"
+
+    def get_rafter_skill_path(self) -> Path:
+        return self.get_rafter_skill_dir() / "SKILL.md"
+
+    def get_legacy_rafter_skill_path(self) -> Path:
+        """Legacy install path used by rafter ≤ 0.7.7. Removed on reinstall."""
+        return self.get_openclaw_root() / "skills" / "rafter-security.md"
+
+    def is_openclaw_installed(self) -> bool:
+        """Detect the platform root (~/.openclaw). A fresh OpenClaw install has
+        no workspace skills dir yet, so checking the skills dir gives a
+        false-negative until at least one skill is written."""
+        return self.get_openclaw_root().exists()
+
+    def has_legacy_rafter_skill(self) -> bool:
+        """True when the rafter ≤ 0.7.7 flat file is present (migration note)."""
+        return self.get_legacy_rafter_skill_path().exists()
+
+    def is_rafter_skill_installed(self) -> bool:
+        return self.get_rafter_skill_path().exists()

rafter_cli-0.8.2/rafter_cli/utils/skill_manager.py

@@ -1,22 +0,0 @@
-"""Skill manager for OpenClaw integration — Python port of Node skill-manager.ts."""
-from __future__ import annotations
-
-import importlib.resources
-import re
-from pathlib import Path
-
-
-class SkillManager:
-    """Manage OpenClaw skill installation and detection."""
-
-    def get_openclaw_skills_dir(self) -> Path:
-        return Path.home() / ".openclaw" / "skills"
-
-    def get_rafter_skill_path(self) -> Path:
-        return self.get_openclaw_skills_dir() / "rafter-security.md"
-
-    def is_openclaw_installed(self) -> bool:
-        return self.get_openclaw_skills_dir().exists()
-
-    def is_rafter_skill_installed(self) -> bool:
-        return self.get_rafter_skill_path().exists()