JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 8
  • Score
    100M100P100Q81952F
  • License Apache-2.0

AEGIS Security Scanner — Governed Cyber Reasoning System

Package Exports

  • @raknor/aegis
  • @raknor/aegis/lib/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@raknor/aegis) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

AEGIS Security Scanner

AEGIS is a governed Cyber Reasoning System (CRS) that discovers vulnerabilities, proves exploitability, synthesizes patches, and deploys fixes -- all under the Equilateral governance architecture with cryptographic audit trails. This npm package downloads the platform-specific Rust binary and runs a full AST-based security scan across 14 languages.

Quick Start

# One-shot scan (no install required)
npx @raknor/aegis scan ./my-project

# Or install globally
npm install -g @raknor/aegis
aegis scan ./my-project

# JSON output for CI integration
aegis scan ./src --json

What's Included

Community Tier (free — no key required)

  • Full Rust AST engine — tree-sitter parsing across 14 languages (C, C++, Python, JS, TS, Java, Go, C#, Rust, HCL/Terraform, Bash, PHP, Kotlin, Swift)
  • 103 CWE patterns with cross-file taint analysis
  • First 50 findings shown (full count reported)
  • SARIF 2.1.0, HTML, and JSON output
  • Severity classification (Critical / High / Medium / Low)
  • CWE distribution summary
  • Compliance readiness traffic lights — visual pass/fail for FedRAMP High / Moderate, SOC 2 Type II, ISO 27001:2022, PCI-DSS v4.0, HIPAA, DORA (EU), NIST CSF 2.0, and CMMC Level 2
  • "PREVIEW" watermark on reports

Pro Tier

Everything in Community, plus:

  • Unlimited findings
  • CVSS 3.1 scoring with CISA KEV and EPSS enrichment
  • Auto-fix (14 CWEs) and auto-patch suggestions
  • STRIDE threat model, tech debt, bounded context, resource leaks
  • WAF rules (ModSecurity, AWS WAF, Cloudflare)
  • Secret detection (11 patterns), PII-in-logs, dependency accuracy audit
  • Delta scanning for CI/CD (--changed-only, --since)
  • Container audit, SELECT * analysis, financial consistency

Premium Tier

Everything in Pro, plus:

  • M&A due diligence report
  • White-label branding
  • FedRAMP Continuous Monitoring packages
  • Governed code transformation engine

Enterprise Tier

Everything in Premium, plus:

  • OSCAL 1.1.2 (SSP, AR, POA&M, Component Definition)
  • DORA Pillar I-V, ISO 27001, NIST CSF 2.0 evidence packages
  • VEX, SBOM (CycloneDX + SPDX), scoring, evidence bundles
  • IAM analysis, infrastructure discovery, IR playbooks
  • 12-framework compliance mapping
  • Self-hosted Docker for air-gapped / on-prem environments

Compliance Framework Readiness

Every scan produces a preview indicator for nine compliance frameworks, based on the severity and class of findings detected. Example output (ASCII bars with status):

  FedRAMP High      [███████████████░░░░░]  75%  BLOCKED
  FedRAMP Moderate  [███████████████░░░░░]  75%  BLOCKED
  SOC 2 Type II     [███████████████░░░░░]  75%  BLOCKED
  ISO 27001:2022    [███████████████░░░░░]  75%  BLOCKED
  PCI-DSS v4.0      [███████████████░░░░░]  75%  BLOCKED
  HIPAA             [███████████████░░░░░]  75%  BLOCKED
  DORA (EU)         [███████████████░░░░░]  75%  BLOCKED
  NIST CSF 2.0      [███████████████░░░░░]  75%  READY
  CMMC Level 2      [███████████████░░░░░]  75%  BLOCKED

Community tier uses the full Rust AST engine (not regex). The 50-finding cap limits displayed results — the total count is always reported. Upgrade to Pro or higher for unlimited findings, auto-fix, and compliance evidence generation.

Upgrade

For full capabilities, visit raknor.ai/pricing.

License

Apache-2.0 -- Pareidolia LLC (d/b/a Raknor AI)