{"id":45871277,"url":"https://github.com/asamassekou10/ship-safe","last_synced_at":"2026-04-26T08:15:12.278Z","repository":{"id":336195069,"uuid":"1147803825","full_name":"asamassekou10/ship-safe","owner":"asamassekou10","description":"CLI security scanner built for the agentic era. Detects CI/CD misconfigs, agent permission risks, MCP tool injection, hardcoded secrets, and DMCA-flagged AI dependencies.","archived":false,"fork":false,"pushed_at":"2026-04-02T05:06:56.000Z","size":2029,"stargazers_count":307,"open_issues_count":0,"forks_count":38,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-04-02T05:46:51.791Z","etag":null,"topics":["cli","devscops","npm","owasp","secrets","security","security-tools","static-analysis"],"latest_commit_sha":null,"homepage":"https://www.shipsafecli.com","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/asamassekou10.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":["asamassekou10"]}},"created_at":"2026-02-02T08:19:37.000Z","updated_at":"2026-04-02T05:16:54.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/asamassekou10/ship-safe","commit_stats":null,"previous_names":["asamassekou10/ship-safe"],"tags_count":12,"template":false,"template_full_name":null,"purl":"pkg:github/asamassekou10/ship-safe","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asamassekou10%2Fship-safe","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asamassekou10%2Fship-safe/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asamassekou10%2Fship-safe/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asamassekou10%2Fship-safe/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/asamassekou10","download_url":"https://codeload.github.com/asamassekou10/ship-safe/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asamassekou10%2Fship-safe/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31305722,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T09:48:21.550Z","status":"ssl_error","status_checked_at":"2026-04-02T09:48:19.196Z","response_time":89,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","devscops","npm","owasp","secrets","security","security-tools","static-analysis"],"created_at":"2026-02-27T10:16:36.579Z","updated_at":"2026-04-02T11:41:11.992Z","avatar_url":"https://github.com/asamassekou10.png","language":"JavaScript","funding_links":["https://github.com/sponsors/asamassekou10"],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\".github/assets/logo%20ship%20safe.png\" alt=\"Ship Safe Logo\" width=\"180\" /\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\u003cstrong\u003eAI-powered application security platform for developers.\u003c/strong\u003e\u003c/p\u003e\n\u003cp align=\"center\"\u003e\u003ca href=\"https://shipsafecli.com\"\u003eshipsafecli.com\u003c/a\u003e\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://www.npmjs.com/package/ship-safe\"\u003e\u003cimg src=\"https://badge.fury.io/js/ship-safe.svg\" alt=\"npm version\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://www.npmjs.com/package/ship-safe\"\u003e\u003cimg src=\"https://img.shields.io/npm/dm/ship-safe.svg\" alt=\"npm downloads\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/asamassekou10/ship-safe/actions/workflows/ci.yml\"\u003e\u003cimg src=\"https://github.com/asamassekou10/ship-safe/actions/workflows/ci.yml/badge.svg\" alt=\"CI\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://nodejs.org\"\u003e\u003cimg src=\"https://img.shields.io/node/v/ship-safe\" alt=\"Node.js version\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://opensource.org/licenses/MIT\"\u003e\u003cimg src=\"https://img.shields.io/badge/License-MIT-yellow.svg\" alt=\"License: MIT\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/asamassekou10/ship-safe/stargazers\"\u003e\u003cimg src=\"https://img.shields.io/github/stars/asamassekou10/ship-safe?style=social\" alt=\"GitHub stars\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/sponsors/asamassekou10\"\u003e\u003cimg src=\"https://img.shields.io/badge/Sponsor-%E2%9D%A4-ea4aaa?logo=github\" alt=\"Sponsor\" /\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n---\n\n18 security agents. 80+ attack classes. One command.\n\n**Ship Safe v6.4.0** is an AI-powered security platform that runs 18 specialized agents in parallel against your codebase, scanning for secrets, injection vulnerabilities, auth bypass, SSRF, supply chain attacks, Supabase RLS misconfigs, Docker/Terraform/Kubernetes misconfigs, CI/CD pipeline poisoning, LLM/agentic AI security, MCP server misuse, RAG poisoning, PII compliance, vibe coding patterns, exception handling, AI agent config security, and more. OWASP 2025 scoring with EPSS exploit probability. LLM-powered deep analysis verifies exploitability of critical findings. Secrets verification probes provider APIs to check if leaked keys are still active. Compliance mapping to SOC 2, ISO 27001, and NIST AI RMF. Built-in threat intelligence feed with offline-first IOC matching. CI integration with GitHub PR comments, threshold gating, and SARIF output.\n\n**v6.4.0 highlights:** MCP server scanning (`npx ship-safe scan-mcp`) vets tool manifests for prompt injection and credential harvesting before you connect. Detection support for openclaude and claw-code — the two most-starred Claude Code forks from the March 2026 source leak — with accurate config scanning based on their actual architectures. Four new CI/CD patterns flag AI agent danger modes in pipelines. Legal dataset corrected: claw-code reclassified as a clean-room rewrite, not a leaked-source derivative.\n\n[Documentation](https://shipsafecli.com/docs) | [Blog](https://shipsafecli.com/blog) | [Pricing](https://shipsafecli.com/pricing)\n\n---\n\n## Quick Start\n\n```bash\n# Full security audit — secrets + 18 agents + deps + remediation plan\nnpx ship-safe audit .\n\n# LLM-powered deep analysis (Anthropic, OpenAI, Google, Ollama)\nnpx ship-safe audit . --deep\n\n# Red team scan only (18 agents, 80+ attack classes)\nnpx ship-safe red-team .\n\n# Scan only changed files (fast pre-commit \u0026 PR scanning)\nnpx ship-safe diff\nnpx ship-safe diff --staged\n\n# Fun emoji security grade with shareable badge\nnpx ship-safe vibe-check .\n\n# Compare your score against industry averages\nnpx ship-safe benchmark .\n\n# Quick secret scan\nnpx ship-safe scan .\n\n# Security health score (0-100)\nnpx ship-safe score .\n\n# CI/CD pipeline mode — compact output, exit codes, PR comments\nnpx ship-safe ci .\nnpx ship-safe ci . --github-pr\n\n# Accept current findings, only report regressions\nnpx ship-safe baseline .\nnpx ship-safe audit . --baseline\n\n# Check if leaked secrets are still active\nnpx ship-safe audit . --verify\n\n# Environment diagnostics\nnpx ship-safe doctor\n\n# Install Claude Code hooks — real-time secret blocking + advisory scan\nnpx ship-safe hooks install\nnpx ship-safe hooks status\nnpx ship-safe hooks remove\n```\n\n---\n\n## The `audit` Command\n\nOne command that runs everything and generates a full report:\n\n```bash\nnpx ship-safe audit .\n```\n\n```\n════════════════════════════════════════════════════════════\n  Ship Safe v6.0 — Full Security Audit\n════════════════════════════════════════════════════════════\n\n  [Phase 1/4] Scanning for secrets...         ✔ 49 found\n  [Phase 2/4] Running 18 security agents...   ✔ 103 findings\n  [Phase 3/4] Auditing dependencies...        ✔ 44 CVEs\n  [Phase 4/4] Computing security score...     ✔ 25/100 F\n\n  Remediation Plan\n  ════════════════════════════════════════════════════════\n\n  🔴 CRITICAL — fix immediately\n  ────────────────────────────────────────────────────────\n   1. [SECRETS] Rotate Stripe Live Secret Key\n      .env:67 → Move to environment variable or secrets manager\n\n   2. [INJECTION] Unsafe pickle.loads()\n      backend/ai_processor.py:64 → Use JSON for untrusted data\n\n  🟠 HIGH — fix before deploy\n  ────────────────────────────────────────────────────────\n   3. [XSS] dangerouslySetInnerHTML without sanitization\n      frontend/src/utils/blogContentRenderer.jsx:50 → Add DOMPurify\n\n  ... 149 more items in the full report\n\n  📊 Full report: ship-safe-report.html\n```\n\n**What it runs:**\n1. **Secret scan** — 50+ patterns with entropy scoring (API keys, passwords, tokens)\n2. **18 security agents** — run in parallel with per-agent timeouts and framework-aware filtering (injection, auth, SSRF, supply chain, config, Supabase RLS, LLM, MCP, agentic AI, RAG, PII, vibe coding, exception handling, agent config, mobile, git history, CI/CD, API)\n3. **Dependency audit** — npm/pip/bundler CVE scanning with EPSS exploit probability scores\n4. **Secrets verification** — probes provider APIs (GitHub, Stripe, OpenAI, etc.) to check if leaked keys are still active\n5. **Deep analysis** — LLM-powered taint analysis verifies exploitability of critical/high findings (optional)\n6. **Score computation** — OWASP 2025 weighted scoring across 8 categories (0-100, A-F)\n7. **Context-aware confidence tuning** — downgrades findings in test files, docs, and comments\n8. **Compliance mapping** — maps findings to SOC 2 Type II, ISO 27001:2022, and NIST AI Risk Management Framework controls\n9. **Remediation plan** — prioritized fix list grouped by severity\n10. **Interactive HTML report** — standalone dark-themed report with severity filtering, search, collapsible findings, compliance summary, and click-to-copy ignore annotations\n\n**Flags:**\n- `--json` — structured JSON output (clean for piping)\n- `--sarif` — SARIF format for GitHub Code Scanning\n- `--csv` — CSV export for spreadsheets\n- `--md` — Markdown report\n- `--html [file]` — custom HTML report path (default: `ship-safe-report.html`)\n- `--compare` — show per-category score delta vs. last scan\n- `--timeout \u003cms\u003e` — per-agent timeout (default: 30s)\n- `--no-deps` — skip dependency audit\n- `--no-ai` — skip AI classification\n- `--no-cache` — force full rescan (ignore cached results)\n- `--baseline` — only show findings not in the baseline\n- `--pdf [file]` — generate PDF report (requires Chrome/Chromium)\n- `--deep` — LLM-powered taint analysis for critical/high findings\n- `--local` — use local Ollama model for deep analysis\n- `--model \u003cmodel\u003e` — LLM model to use for deep/AI analysis\n- `--provider \u003cname\u003e` — LLM provider: groq, together, mistral, deepseek, xai, perplexity, lmstudio\n- `--base-url \u003curl\u003e` — custom OpenAI-compatible base URL (e.g. LM Studio, vLLM)\n- `--budget \u003ccents\u003e` — max spend in cents for deep analysis (default: 50)\n- `--verify` — check if leaked secrets are still active (probes provider APIs)\n\n---\n\n## 18 Security Agents\n\n| Agent | Category | What It Detects |\n|-------|----------|-----------------|\n| **InjectionTester** | Code Vulns | SQL/NoSQL injection, command injection, code injection (eval), XSS, path traversal, XXE, ReDoS, prototype pollution, Python f-string SQL injection, Python subprocess shell injection |\n| **AuthBypassAgent** | Auth | JWT vulnerabilities (alg:none, weak secrets), cookie security, CSRF, OAuth misconfig, BOLA/IDOR, weak crypto, timing attacks, TLS bypass, Django `DEBUG = True`, Flask hardcoded secret keys |\n| **SSRFProber** | SSRF | User input in fetch/axios, cloud metadata endpoints, internal IPs, redirect following |\n| **SupplyChainAudit** | Supply Chain | Typosquatting (Levenshtein distance), git/URL dependencies, wildcard versions, suspicious install scripts, dependency confusion, lockfile integrity |\n| **ConfigAuditor** | Config | Dockerfile (running as root, :latest tags), Terraform (public S3/RDS, open SG, CloudFront HTTP, Lambda admin, S3 no versioning), Kubernetes (privileged containers, `:latest` tags, missing NetworkPolicy), CORS, CSP, Firebase, Nginx |\n| **SupabaseRLSAgent** | Auth | Supabase Row Level Security — `service_role` key in client code, `CREATE TABLE` without RLS, anon key inserts, unprotected storage operations |\n| **LLMRedTeam** | AI/LLM | OWASP LLM Top 10 — prompt injection, excessive agency, system prompt leakage, unbounded consumption, RAG poisoning |\n| **MCPSecurityAgent** | AI/LLM | MCP server security — unvalidated tool inputs, missing auth, excessive permissions, tool poisoning, typosquatting detection, over-permissioned tools, shadow config discovery |\n| **AgenticSecurityAgent** | AI/LLM | OWASP Agentic AI Top 10 — agent hijacking, privilege escalation, unsafe code execution, memory poisoning |\n| **RAGSecurityAgent** | AI/LLM | RAG pipeline security — unvalidated embeddings, context injection, document poisoning, vector DB access control |\n| **PIIComplianceAgent** | Compliance | PII detection — SSNs, credit cards, emails, phone numbers in source code, logs, and configs |\n| **VibeCodingAgent** | Code Vulns | AI-generated code patterns — no input validation, empty catch blocks, hardcoded secrets, disabled security features, TODO-auth patterns |\n| **ExceptionHandlerAgent** | Code Vulns | OWASP A10:2025 — empty catch blocks, unhandled promise rejections, missing React error boundaries, leaked stack traces, generic catch-all without rethrow |\n| **AgentConfigScanner** | AI/LLM | AI agent config security — prompt injection in .cursorrules/CLAUDE.md/AGENTS.md/.windsurfrules, malicious Claude Code hooks (CVE-2026), OpenClaw public binding \u0026 malicious skills, openclaude profile file (`OPENAI_BASE_URL` over http://), claw-code config (`danger-full-access`, disabled sandbox, shell hooks, insecure MCP transports), encoded/obfuscated payloads, data exfiltration instructions, agent memory poisoning |\n| **MobileScanner** | Mobile | OWASP Mobile Top 10 2024 — insecure storage, WebView JS injection, HTTP endpoints, excessive permissions, debug mode |\n| **GitHistoryScanner** | Secrets | Leaked secrets in git commit history (checks if still active in working tree) |\n| **CICDScanner** | CI/CD | OWASP CI/CD Top 10 — pipeline poisoning, unpinned actions, secret logging, self-hosted runners, script injection, AI agent danger flags (`--dangerously-skip-permissions`, insecure provider URLs in CI) |\n| **APIFuzzer** | API | Routes without auth, missing input validation, mass assignment, unrestricted file upload, GraphQL introspection, debug endpoints, missing rate limiting, OpenAPI spec security issues |\n| **ReconAgent** | Recon | Attack surface discovery — frameworks, languages, auth patterns, databases, cloud providers, IaC, CI/CD pipelines |\n\n**Post-processors:** ScoringEngine (8-category weighted scoring), VerifierAgent (secrets liveness verification), DeepAnalyzer (LLM-powered taint analysis)\n\n---\n\n## All Commands\n\n### Core Audit Commands\n\n```bash\n# Full audit with remediation plan + HTML report\nnpx ship-safe audit .\n\n# Red team: 18 agents, 80+ attack classes\nnpx ship-safe red-team .\nnpx ship-safe red-team . --agents injection,auth    # Run specific agents\nnpx ship-safe red-team . --html report.html         # HTML report\nnpx ship-safe red-team . --json                     # JSON output\n\n# Secret scanner (pattern matching + entropy)\nnpx ship-safe scan .\nnpx ship-safe scan . --json          # JSON for CI\nnpx ship-safe scan . --sarif         # SARIF for GitHub\n\n# Security health score (0-100, A-F)\nnpx ship-safe score .\n\n# Dependency CVE audit\nnpx ship-safe deps .\nnpx ship-safe deps . --fix           # Auto-fix vulnerabilities\n```\n\n### AI-Powered Commands\n\n```bash\n# AI audit: scan + classify with Claude + auto-fix secrets\nnpx ship-safe agent .\n\n# Auto-fix hardcoded secrets: rewrite code + write .env\nnpx ship-safe remediate .\nnpx ship-safe remediate . --all    # Also fix agent findings (TLS, debug, XSS, etc.)\n\n# Revoke exposed keys — opens provider dashboards\nnpx ship-safe rotate .\n```\n\n### Baseline Management\n\n```bash\n# Accept current findings as baseline\nnpx ship-safe baseline .\n\n# Audit showing only new findings since baseline\nnpx ship-safe audit . --baseline\n\n# Show what changed since baseline\nnpx ship-safe baseline --diff\n\n# Remove baseline\nnpx ship-safe baseline --clear\n```\n\n### Diff Scanning\n\n```bash\n# Scan only changed files (fast pre-commit \u0026 PR scanning)\nnpx ship-safe diff                   # All uncommitted changes\nnpx ship-safe diff --staged          # Only staged changes\nnpx ship-safe diff HEAD~3            # Changes in last 3 commits\nnpx ship-safe diff --json            # JSON output\n```\n\n### Vibe Check \u0026 Benchmark\n\n```bash\n# Fun emoji security grade\nnpx ship-safe vibe-check .\nnpx ship-safe vibe-check . --badge   # Generate shields.io README badge\n\n# Compare your score against industry averages (OWASP, Synopsys, Snyk)\nnpx ship-safe benchmark .\nnpx ship-safe benchmark . --json     # JSON output\n```\n\n### CI/CD Pipeline\n\n```bash\n# CI mode — compact output, exit codes, threshold gating\nnpx ship-safe ci .\nnpx ship-safe ci . --threshold 80    # Custom passing score\nnpx ship-safe ci . --fail-on critical # Fail on severity\nnpx ship-safe ci . --sarif out.sarif  # SARIF for GitHub\nnpx ship-safe ci . --github-pr       # Post results as PR comment\n```\n\n### Deep Analysis \u0026 Verification\n\n```bash\n# LLM-powered deep analysis (Anthropic/OpenAI/Google/Ollama)\nnpx ship-safe audit . --deep\nnpx ship-safe audit . --deep --local               # Use local Ollama\nnpx ship-safe audit . --deep --budget 50           # Cap spend at 50 cents\n\n# Use any OpenAI-compatible provider for deep analysis\nnpx ship-safe audit . --deep --provider groq\nnpx ship-safe audit . --deep --provider together\nnpx ship-safe audit . --deep --provider mistral\nnpx ship-safe audit . --deep --provider deepseek\nnpx ship-safe audit . --deep --provider lmstudio   # Local LM Studio\nnpx ship-safe audit . --deep --provider xai\nnpx ship-safe audit . --deep --provider perplexity\nnpx ship-safe audit . --deep --base-url http://localhost:1234/v1 --model my-model  # Custom\n\n# Check if leaked secrets are still active\nnpx ship-safe audit . --verify\n```\n\n### Diagnostics\n\n```bash\n# Environment check — Node.js, git, npm, API keys, cache, version\nnpx ship-safe doctor\n```\n\n### Agent Security\n\n```bash\n# Focused OpenClaw security scan\nnpx ship-safe openclaw .\n\n# Auto-harden OpenClaw configs (0.0.0.0-\u003e127.0.0.1, add auth, ws-\u003ewss)\nnpx ship-safe openclaw . --fix\n\n# Red team: simulate ClawJacked, prompt injection, data exfil attacks\nnpx ship-safe openclaw . --red-team\n\n# CI preflight — exit non-zero on critical findings\nnpx ship-safe openclaw . --preflight\n\n# Scan a skill before installing it\nnpx ship-safe scan-skill https://clawhub.io/skills/some-skill\nnpx ship-safe scan-skill ./local-skill.json\nnpx ship-safe scan-skill --all              # Scan all skills from openclaw.json\n\n# Scan an MCP server's tool manifest before connecting\nnpx ship-safe scan-mcp https://your-mcp-server/\nnpx ship-safe scan-mcp ./local-manifest.json\nnpx ship-safe scan-mcp https://your-mcp-server/ --json\n\n# Legal risk audit — DMCA, leaked-source derivatives (openclaude, claw-code-js), IP disputes\nnpx ship-safe legal .\n\n# Generate hardened OpenClaw config\nnpx ship-safe init --openclaw\n\n# Generate Agent Bill of Materials (CycloneDX 1.5)\nnpx ship-safe abom .\n```\n\n#### openclaude and claw-code\n\nShip Safe detects security issues in both major Claude Code forks from the March 2026 source leak.\n\n**openclaude** (`@gitlawb/openclaude`) is a CLI tool that routes Claude Code's toolset through any OpenAI-compatible provider. Its only persistent file artifact is `.openclaude-profile.json`. Ship Safe flags:\n- `OPENAI_BASE_URL` using `http://` for non-localhost endpoints (unencrypted LLM traffic)\n- The profile file present in a project not covered by `.gitignore` (API key exposure risk)\n\n**claw-code** (`ultraworkers/claw-code`) is a clean-room Rust + Python rewrite of Claude Code's agent harness. Its config lives in `.claw.json`, `.claw/settings.json`, and `.claw/settings.local.json`. Ship Safe flags:\n- `permissionMode: danger-full-access` or `dangerouslySkipPermissions: true` (no confirmation on any tool call)\n- `sandbox.enabled: false` (filesystem isolation removed)\n- Hook commands containing shell execution or remote download patterns\n- MCP server connections over `ws://` or `http://` to non-localhost hosts\n\n### Threat Intelligence\n\n```bash\n# Update threat intel feed (ClawHavoc IOCs, malicious skills, config signatures)\nnpx ship-safe update-intel\n\n# Ships with offline-first seed data — no internet required for scanning\n```\n\n### OpenClaw GitHub Action\n\nDrop-in CI action that blocks PRs introducing agent config vulnerabilities:\n\n```yaml\n# .github/workflows/openclaw-security.yml\nname: OpenClaw Security Check\n\non: [pull_request]\n\npermissions:\n  contents: read\n\njobs:\n  openclaw:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n\n      - uses: asamassekou10/ship-safe/.github/actions/openclaw-check@main\n        with:\n          fail-on-critical: 'true'\n```\n\n**Inputs:**\n\n| Input | Default | Description |\n|-------|---------|-------------|\n| `path` | `.` | Path to scan |\n| `fail-on-critical` | `true` | Fail the check if critical findings are found |\n| `node-version` | `20` | Node.js version to use |\n\n**Outputs:**\n\n| Output | Description |\n|--------|-------------|\n| `findings` | Total number of findings detected |\n| `critical` | Number of critical findings |\n\nScans `openclaw.json`, `.cursorrules`, `CLAUDE.md`, Claude Code hooks, and MCP configs. Checks against the bundled threat intelligence database for known ClawHavoc IOCs.\n\n### Defensive Hooks\n\n```bash\n# Install Claude Code defensive hooks (blocks curl|bash, exfil domains, rm -rf /)\nnpx ship-safe guard --generate-hooks\n\n# Watch agent config files for drift (.cursorrules, CLAUDE.md, openclaw.json)\nnpx ship-safe watch . --configs\n```\n\n### Infrastructure Commands\n\n```bash\n# Continuous monitoring (watch files for changes)\nnpx ship-safe watch .\n\n# Generate CycloneDX SBOM\nnpx ship-safe sbom .\n\n# Policy-as-code (enforce minimum score, fail on severity)\nnpx ship-safe policy init\n\n# Block git push if secrets found\nnpx ship-safe guard\n\n# Initialize security configs (.gitignore, headers)\nnpx ship-safe init\n\n# Launch-day security checklist\nnpx ship-safe checklist\n\n# MCP server for AI editors (Claude Desktop, Cursor, etc.)\nnpx ship-safe mcp\n```\n\n---\n\n## Claude Code Hooks\n\nInstall ship-safe as real-time Claude Code hooks — secrets are blocked **before** they ever touch disk:\n\n```bash\nnpx ship-safe hooks install\n```\n\nOnce installed, two hooks activate automatically on every Claude Code session:\n\n| Hook | Trigger | Behaviour |\n|------|---------|-----------|\n| **PreToolUse** | Write / Edit / MultiEdit / Bash | Blocks the write if critical secrets are detected; blocks dangerous Bash patterns (curl\\|bash, credential exfiltration, `rm -rf /`) |\n| **PostToolUse** | Write / Edit / MultiEdit | Scans the saved file and injects advisory findings (high-severity patterns, DB URLs with credentials) directly into Claude's context — never blocks |\n\nHook scripts are copied to `~/.ship-safe/hooks/` at install time — a stable, user-owned location that survives `npx` cache rotations.\n\n```bash\nnpx ship-safe hooks status   # Check installation\nnpx ship-safe hooks remove   # Uninstall\n```\n\n---\n\n## Claude Code Plugin\n\nUse Ship Safe directly inside Claude Code — no CLI needed:\n\n```bash\nclaude plugin add github:asamassekou10/ship-safe\n```\n\n| Command | Description |\n|---------|-------------|\n| `/ship-safe` | Full security audit — 18 agents, remediation plan, auto-fix |\n| `/ship-safe-scan` | Quick scan for leaked secrets |\n| `/ship-safe-score` | Security health score (0-100) |\n| `/ship-safe-deep` | LLM-powered deep taint analysis |\n| `/ship-safe-ci` | CI/CD pipeline setup guide |\n| `/ship-safe-hooks` | Install real-time Claude Code hooks (blocks secrets on write) |\n| `/ship-safe-baseline` | Accept current findings as baseline; report only regressions |\n| `/ship-safe-fix` | Auto-fix secrets and common vulnerabilities |\n| `/ship-safe-red-team` | Run full red-team audit and open HTML report |\n\nClaude interprets the results, explains findings in plain language, and can fix issues directly in your codebase.\n\n---\n\n## Incremental Scanning\n\nShip Safe caches file hashes and findings in `.ship-safe/context.json`. On subsequent runs, only changed files are re-scanned — unchanged files reuse cached results.\n\n```\n✔ [Phase 1/4] Secrets: 41 found (0 changed, 313 cached)\n```\n\n- **~40% faster** on repeated scans\n- **Auto-invalidation** — cache expires after 24 hours or when ship-safe updates\n- **`--no-cache`** — force a full rescan anytime\n\nThe cache is stored in `.ship-safe/` which is automatically excluded from scans.\n\n### LLM Response Caching\n\nWhen using AI classification (`--no-ai` to disable), results are cached in `.ship-safe/llm-cache.json` with a 7-day TTL. Repeated scans reuse cached classifications — reducing API costs significantly.\n\n---\n\n## Smart `.gitignore` Handling\n\nShip Safe respects your `.gitignore` for build output, caches, and vendor directories — but **always scans security-sensitive files** even if gitignored:\n\n| Skipped (gitignore respected) | Always scanned (gitignore overridden) |\n|-------------------------------|---------------------------------------|\n| `node_modules/`, `dist/`, `build/` | `.env`, `.env.local`, `.env.production` |\n| `*.log`, `*.pkl`, vendor dirs | `*.pem`, `*.key`, `*.p12` |\n| Cache directories, IDE files | `credentials.json`, `*.secret` |\n\nWhy? Files like `.env` are gitignored *because* they contain secrets — which is exactly what a security scanner should catch.\n\n---\n\n## Multi-LLM Support\n\nShip Safe supports any AI provider for deep analysis and classification:\n\n| Provider | Env Variable | Flag | Default Model |\n|----------|-------------|------|---------------|\n| **Anthropic** | `ANTHROPIC_API_KEY` | *(auto-detected)* | claude-haiku-4-5 |\n| **OpenAI** | `OPENAI_API_KEY` | *(auto-detected)* | gpt-4o-mini |\n| **Google** | `GOOGLE_AI_API_KEY` | *(auto-detected)* | gemini-2.0-flash |\n| **Ollama** | `OLLAMA_HOST` | `--local` | Local models |\n| **Groq** | `GROQ_API_KEY` | `--provider groq` | llama-3.3-70b-versatile |\n| **Together AI** | `TOGETHER_API_KEY` | `--provider together` | meta-llama/Llama-3-70b-chat-hf |\n| **Mistral** | `MISTRAL_API_KEY` | `--provider mistral` | mistral-small-latest |\n| **DeepSeek** | `DEEPSEEK_API_KEY` | `--provider deepseek` | deepseek-chat |\n| **xAI (Grok)** | `XAI_API_KEY` | `--provider xai` | grok-beta |\n| **Perplexity** | `PERPLEXITY_API_KEY` | `--provider perplexity` | llama-3.1-sonar-small-128k-online |\n| **LM Studio** | *(none)* | `--provider lmstudio` | Local server |\n| **Custom** | *(any)* | `--base-url \u003curl\u003e --model \u003cmodel\u003e` | Any OpenAI-compatible |\n\nAuto-detected from environment variables. Use `--provider \u003cname\u003e` to override. No API key required for scanning — AI is optional.\n\n---\n\n## Scoring System\n\nStarts at 100. Each finding deducts points by severity and category, weighted by confidence level (high: 100%, medium: 60%, low: 30%) to reduce noise from heuristic patterns.\n\n**8 Categories** (with weight caps):\n\n| Category | Weight | Critical | High | Medium | Cap |\n|----------|--------|----------|------|--------|-----|\n| Secrets | 15% | -25 | -15 | -5 | -15 |\n| Code Vulnerabilities | 15% | -20 | -10 | -3 | -15 |\n| Dependencies | 13% | -20 | -10 | -5 | -13 |\n| Auth \u0026 Access Control | 15% | -20 | -10 | -3 | -15 |\n| Configuration | 8% | -15 | -8 | -3 | -8 |\n| Supply Chain | 12% | -15 | -8 | -3 | -12 |\n| API Security | 10% | -15 | -8 | -3 | -10 |\n| AI/LLM Security | 12% | -15 | -8 | -3 | -12 |\n\n*Weights aligned with OWASP Top 10 2025 risk rankings.*\n\n**Grades:** A (90-100), B (75-89), C (60-74), D (40-59), F (0-39)\n\n**Exit codes:** `0` for A/B (\u003e= 75), `1` for C/D/F — use in CI to fail builds.\n\n---\n\n## Policy-as-Code\n\nCreate `.ship-safe.policy.json` to enforce team-wide security standards:\n\n```bash\nnpx ship-safe policy init\n```\n\n```json\n{\n  \"minimumScore\": 70,\n  \"failOn\": \"critical\",\n  \"requiredScans\": [\"secrets\", \"injection\", \"deps\", \"auth\"],\n  \"ignoreRules\": [],\n  \"customSeverityOverrides\": {},\n  \"maxAge\": { \"criticalCVE\": \"7d\", \"highCVE\": \"30d\", \"mediumCVE\": \"90d\" }\n}\n```\n\n---\n\n## CI/CD Integration\n\nThe dedicated `ci` command is optimized for pipelines — compact output, exit codes, threshold-based gating:\n\n```bash\n# Basic CI — fail if score \u003c 75\nnpx ship-safe ci .\n\n# Strict — fail on any critical finding\nnpx ship-safe ci . --fail-on critical\n\n# Custom threshold + SARIF for GitHub Security tab\nnpx ship-safe ci . --threshold 80 --sarif results.sarif\n\n# Only check new findings (not in baseline)\nnpx ship-safe ci . --baseline\n```\n\n**GitHub Actions example:**\n\n```yaml\n# .github/workflows/security.yml\nname: Security Audit\n\non: [push, pull_request]\n\njobs:\n  security:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n\n      - name: Security gate\n        run: npx ship-safe ci . --threshold 75 --sarif results.sarif --github-pr\n\n      - uses: github/codeql-action/upload-sarif@v3\n        if: always()\n        with:\n          sarif_file: results.sarif\n```\n\n**Export formats:** `--json`, `--sarif`, `--csv`, `--md`, `--html`, `--pdf`\n\n---\n\n## Suppress False Positives\n\n**Inline:** Add `# ship-safe-ignore` comment on a line:\n```python\npassword = get_password()  # ship-safe-ignore\n```\n\n**File-level:** Create `.ship-safeignore` (gitignore syntax):\n```gitignore\n# Exclude test fixtures\ntests/fixtures/\n*.test.js\n\n# Exclude documentation with code examples\ndocs/\n```\n\n---\n\n## OWASP Coverage\n\n| Standard | Coverage |\n|----------|----------|\n| **OWASP Top 10 Web 2025** | A01-A10: Broken Access Control, Cryptographic Failures, Injection, Insecure Design, Security Misconfiguration, Vulnerable Components, Auth Failures, Data Integrity, Logging Failures, SSRF |\n| **OWASP Top 10 Mobile 2024** | M1-M10: Improper Credential Usage, Inadequate Supply Chain, Insecure Auth, Insufficient Validation, Insecure Communication, Inadequate Privacy, Binary Protections, Security Misconfiguration, Insecure Data Storage, Insufficient Cryptography |\n| **OWASP LLM Top 10 2025** | LLM01-LLM10: Prompt Injection, Sensitive Info Disclosure, Supply Chain, Data Poisoning, Improper Output Handling, Excessive Agency, System Prompt Leakage, Vector/Embedding Weaknesses, Misinformation, Unbounded Consumption |\n| **OWASP CI/CD Top 10** | CICD-SEC-1 to 10: Insufficient Flow Control, Identity Management, Dependency Chain Abuse, Poisoned Pipeline Execution, Insufficient PBAC, Credential Hygiene, Insecure System Config, Ungoverned Usage, Improper Artifact Integrity, Insufficient Logging |\n| **OWASP Agentic AI Top 10** | ASI01-ASI10: Agent Hijacking, Tool Misuse, Privilege Escalation, Unsafe Code Execution, Memory Poisoning, Identity Spoofing, Excessive Autonomy, Logging Gaps, Supply Chain Attacks, Cascading Hallucination |\n\n---\n\n## What's Inside\n\n### [`/configs`](./configs)\nDrop-in security configs for Next.js, Supabase, and Firebase.\n\n### [`/snippets`](./snippets)\nCopy-paste security patterns: rate limiting, JWT, CORS, input validation.\n\n### [`/ai-defense`](./ai-defense)\nLLM security: prompt injection detection, cost protection, system prompt hardening.\n\n### [`/checklists`](./checklists)\nManual security audits: launch-day checklist, framework-specific guides.\n\n---\n\n## Add a Security Badge to Your README\n\nShow the world your project is secure. After running `npx ship-safe audit .` or `npx ship-safe vibe-check . --badge`, add one of these to your README:\n\n```markdown\n\u003c!-- Replace GRADE and COLOR with your results --\u003e\n[![Ship Safe](https://img.shields.io/badge/Ship_Safe-A+-22c55e)](https://shipsafecli.com)\n```\n\n| Grade | Badge |\n|-------|-------|\n| A+ | `[![Ship Safe](https://img.shields.io/badge/Ship_Safe-A+-22c55e)](https://shipsafecli.com)` |\n| A | `[![Ship Safe](https://img.shields.io/badge/Ship_Safe-A-22c55e)](https://shipsafecli.com)` |\n| B | `[![Ship Safe](https://img.shields.io/badge/Ship_Safe-B-06b6d4)](https://shipsafecli.com)` |\n| C | `[![Ship Safe](https://img.shields.io/badge/Ship_Safe-C-eab308)](https://shipsafecli.com)` |\n| D | `[![Ship Safe](https://img.shields.io/badge/Ship_Safe-D-ef4444)](https://shipsafecli.com)` |\n| F | `[![Ship Safe](https://img.shields.io/badge/Ship_Safe-F-dc2626)](https://shipsafecli.com)` |\n\n---\n\n## Supply Chain Hardening\n\nShip Safe practices what it preaches. Our own supply chain is hardened against the [2026 Trivy/CanisterWorm attack chain](https://shipsafecli.com/blog/supply-chain-attacks-2026-how-we-hardened-ship-safe):\n\n| Defense | What It Blocks |\n|---------|---------------|\n| All GitHub Actions pinned to full commit SHAs | Tag repointing (Trivy-style) |\n| `permissions: contents: read` in CI | Excessive token scope |\n| `npm ci --ignore-scripts` in all pipelines | CanisterWorm postinstall propagation |\n| OIDC trusted publishing with provenance | Stolen npm token publishing |\n| CODEOWNERS on `action.yml`, `.github/`, `package.json` | Unauthorized changes to critical paths |\n| Strict `files` allowlist in package.json | Accidental inclusion of secrets/configs |\n| Self-scanning with ship-safe in CI | Malicious code injection |\n| 5 direct dependencies | Minimal transitive attack surface |\n\nVerify provenance on any Ship Safe release:\n\n```bash\nnpm audit signatures\n```\n\n---\n\n## Contributing\n\n1. Fork the repo\n2. Add your security pattern, agent, or config\n3. Include comments explaining *why* it matters\n4. Open a PR\n\nSee [CONTRIBUTING.md](./CONTRIBUTING.md) for guidelines.\n\n---\n\n## Security Standards Reference\n\n- [OWASP Top 10 Web 2025](https://owasp.org/Top10/)\n- [OWASP Top 10 Mobile 2024](https://owasp.org/www-project-mobile-top-10/)\n- [OWASP LLM Top 10 2025](https://genai.owasp.org/llm-top-10/)\n- [OWASP API Security Top 10 2023](https://owasp.org/API-Security/)\n- [OWASP CI/CD Top 10](https://owasp.org/www-project-top-10-ci-cd-security-risks/)\n- [OWASP Agentic AI Top 10](https://owasp.org/www-project-agentic-ai-top-10/)\n\n---\n\n## Sponsors\n\nShip Safe is MIT-licensed and free forever. If it saves you time or helps you ship more securely, consider sponsoring — it helps keep the project maintained and growing.\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/sponsors/asamassekou10\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/Sponsor%20Ship%20Safe-%E2%9D%A4-ea4aaa?style=for-the-badge\u0026logo=github\" alt=\"Sponsor Ship Safe\" /\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\n---\n\n## License\n\nMIT - Use it, share it, secure your stuff.\n\n---\n\n## Star History\n\n[![Star History Chart](https://api.star-history.com/svg?repos=asamassekou10/ship-safe\u0026type=Date)](https://star-history.com/#asamassekou10/ship-safe\u0026Date)\n\n---\n\n**Ship fast. Ship safe.** — [shipsafecli.com](https://shipsafecli.com)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fasamassekou10%2Fship-safe","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fasamassekou10%2Fship-safe","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fasamassekou10%2Fship-safe/lists"}