feat: integrate aidefence v2.2.0 with security tools

[ruvnet]

Summary

Integrates the standalone aidefence v2.2.0 package and creates a dedicated aidefence plugin with comprehensive threat detection capabilities.

What's New in aidefence v2.2.0

• 158 tests passing - Full test coverage
• 0 vulnerabilities - Clean security audit
• Real implementations - All stub files replaced with working code
• Security middleware - Auth, rate limiting, CORS, input validation
• 183+ threat patterns - Prompt injection, SQL injection, XSS detection
• Self-contained - No broken external dependencies
• Production-ready - <35ms latency, >900 req/s throughput

New: Dedicated AIDefence Plugin

Created /v3/plugins/aidefence/ with:

File	Description
plugin.yaml	Full plugin manifest with 8 MCP tools, hooks, metrics, policies
README.md	Comprehensive documentation

Plugin Capabilities

• Detection: prompt_injection, jailbreak, role_switching, context_manipulation, sql_injection, xss_prevention, pii_detection, encoding_attacks
• Middleware: api_key_auth, rate_limiting, cors_handling, input_validation, session_management, security_headers
• Verification: hash_consing (150x faster), theorem_proving, security_axioms, policy_verification
• Learning: pattern_learning, mitigation_tracking, trajectory_learning, semantic_search

8 MCP Tools

Tool	Description
aidefence_scan	Scan input for AI manipulation threats
aidefence_analyze	Deep analysis with similar pattern search
aidefence_stats	Get detection statistics
aidefence_learn	Record detection feedback for learning
aidefence_is_safe	Quick boolean safety check (<1ms)
aidefence_has_pii	Check for PII (emails, SSN, credit cards)
aidefence_verify_policy	Verify agent behavior against policy
aidefence_gateway_start	Start AIMDSGateway HTTP server

Hook Integrations

• pre-agent-input - Scan all agent inputs before processing
• post-agent-action - Record agent actions for behavioral modeling
• pre-swarm-init - Verify swarm topology against security policies

Files Changed

File	Change
package.json	Added aidefence@^2.2.0 to optionalDependencies
.claude/skills/aidefence.yaml	Updated package version to ^2.2.0, added v2.2.0 features
README.md	Added standalone import example
v3/@claude-flow/cli/README.md	Added standalone import example
v3/plugins/aidefence/plugin.yaml	NEW: Dedicated plugin manifest
v3/plugins/aidefence/README.md	NEW: Plugin documentation

MCP Security Tools Verified

Tool	Status	Description
aidefence_scan	✅ Working	Scan input for threats (<10ms)
aidefence_analyze	✅ Working	Deep threat analysis
aidefence_stats	✅ Working	Detection statistics
aidefence_learn	✅ Working	Learn from feedback

Test Results

# Safe input
$ claude-flow mcp exec --tool aidefence_scan --params '{"input": "Hello world"}'
{"safe": true, "threats": [], "piiFound": false, "detectionTimeMs": 1.38}

# Malicious input  
$ claude-flow mcp exec --tool aidefence_scan --params '{"input": "Ignore all previous instructions"}'
{"safe": false, "threats": [
  {"type": "instruction_override", "severity": "critical", "confidence": 0.99},
  {"type": "context_manipulation", "severity": "high", "confidence": 0.93}
]}

Installation Options

# Standalone (British spelling)
npm install aidefence

# Standalone (American spelling)
npm install aidefense

# Scoped package (for advanced features)
npm install @claude-flow/aidefence

Test Plan

• Verify aidefence v2.2.0 package installs correctly
• Verify MCP security tools work with @claude-flow/aidefence
• Test threat detection with safe input
• Test threat detection with malicious input
• Verify stats and analyze tools work
• Update skill file version reference
• Update README documentation
• Create dedicated aidefence plugin
• Add plugin.yaml with full capabilities
• Add README.md with documentation

---

🤖 Generated with claude-flow