chore: npm best practices — files field + expanded README

README.md

@@ -1,41 +1,41 @@
 # @hailbytes/mcp-security-scanner
 
-> Scans Model Context Protocol (MCP) server configurations for common security issues.
+> Scans Model Context Protocol (MCP) server configurations for common security issues: overprivileged tools, missing auth, prompt injection surface, and unsafe defaults.
 
 [![npm version](https://img.shields.io/npm/v/%40hailbytes%2Fmcp-security-scanner.svg)](https://www.npmjs.com/package/%40hailbytes%2Fmcp-security-scanner)
 [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)
+[![Bundle Size](https://img.shields.io/bundlephobia/minzip/%40hailbytes%2Fmcp-security-scanner)](https://bundlephobia.com/package/@hailbytes/mcp-security-scanner)
 
 ---
 
-## Overview
+## What it does
 
-`@hailbytes/mcp-security-scanner` audits MCP server configurations and running endpoints for:
-
-- **Overprivileged tools** — tools granted broader permissions than their declared function requires
-- **Missing or weak authentication** — unauthenticated transports, missing token validation
-- **Prompt injection surface** — tool descriptions or output paths susceptible to injection
-- **Unsafe defaults** — insecure transport defaults, verbose error exposure, CORS wildcards
-
-> Part of HailBytes' MCP security research initiative. See [hailbytes.com/mcp](https://hailbytes.com/mcp) for our MCP server documentation.
+Audit MCP server configurations and endpoints for the most common AI security mistakes — overprivileged tools, missing authentication, prompt injection attack surface, and insecure transport defaults. Integrates into CI/CD as a gate or run on-demand via CLI.
 
 ---
 
-## Who Is This For
+## Install
 
-Security engineers, platform teams, and AI/LLM developers who build or operate MCP servers and want automated, continuous security checks integrated into their CI/CD pipelines.
+```bash
+npm install -g @hailbytes/mcp-security-scanner
+# or use directly via npx
+npx @hailbytes/mcp-security-scanner ./mcp-config.json
+```
 
 ---
 
-## API
+## Quick Start
 
 ### CLI
 
 ```bash
-npx @hailbytes/mcp-security-scanner <server-url-or-config>
-
-# Examples
+# Scan a local config file
 npx @hailbytes/mcp-security-scanner ./mcp-config.json
+
+# Scan a running MCP server endpoint
 npx @hailbytes/mcp-security-scanner https://my-mcp-server.example.com
+
+# Output SARIF for GitHub Code Scanning + fail on findings
 npx @hailbytes/mcp-security-scanner ./config.json --output=sarif --exit-code
 ```
 
@@ -44,29 +44,29 @@ npx @hailbytes/mcp-security-scanner ./config.json --output=sarif --exit-code
 ```ts
 import { scan } from "@hailbytes/mcp-security-scanner";
 
-const report: SecurityReport = await scan({
-  configPath: "./mcp-config.json",
-  // or serverUrl: "https://..."
-});
+const report = await scan({ configPath: "./mcp-config.json" });
 
-console.log(report.findings);   // Finding[]
-console.log(report.score);      // 0–100 risk score
-console.log(report.passed);     // boolean
+console.log(report.findings);  // Finding[] — individual security issues
+console.log(report.score);     // 0–100 risk score (lower = riskier)
+console.log(report.passed);    // boolean — use as CI gate
 ```
 
 ---
 
-## See Also
+## What It Checks
 
-- [@hailbytes/mcp-server-template](https://github.com/HailBytes/mcp-server-template) — production-ready MCP server scaffold
+- **Overprivileged tools** — tools granted broader permissions than their declared function requires
+- **Missing or weak authentication** — unauthenticated transports, missing token validation
+- **Prompt injection surface** — tool descriptions or output paths susceptible to injection
+- **Unsafe defaults** — insecure transport defaults, verbose error exposure, CORS wildcards
 
 ---
 
-## Links
+## See Also
+
+- [`@hailbytes/mcp-server-template`](https://github.com/HailBytes/mcp-server-template) — production-ready MCP server scaffold with auth built-in
+- [HailBytes MCP documentation](https://hailbytes.com/mcp)
 
-- [hailbytes.com](https://hailbytes.com)
-- [hailbytes.com/mcp](https://hailbytes.com/mcp) — MCP server documentation
-- [GitHub Issues](https://github.com/HailBytes/mcp-security-scanner/issues)
 ---
 
 *Part of the [HailBytes](https://hailbytes.com) open-source security toolkit.*

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hailbytes/mcp-security-scanner",
-  "version": "0.0.1",
+  "version": "1.0.1",
   "description": "Scans MCP server configurations for common security issues: overprivileged tools, missing auth, prompt injection surface, unsafe defaults.",
   "type": "module",
   "license": "MIT",
@@ -35,6 +35,11 @@
       "types": "./dist/index.d.ts"
     }
   },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
   "scripts": {
     "build": "tsc",
     "typecheck": "tsc --noEmit",