rigscore v0.9.0
rigscore, security, ai, devtools, open-source
Changes: v0.8.0 â v0.9.0
5 features and 5 fixes. 10 changes total.
| Change | What it does |
|---|---|
| flip CTA default to opt-in via –cta | New capability |
| runtime tool description hashing via print-and-paste workflow | New capability |
| augment typosquat detection with MCP registry API | New capability |
| hash-pin MCP server shape to detect rug-pulls (CVE-2025-54136) | New capability |
| add instruction-effectiveness and skill-coherence checks | New capability |
| scope check to project (cwd) by default | Bug fix |
| extend homoglyph coverage to Mathematical/Fullwidth/Cherokee | Bug fix |
| scope version-pin check to package-position arg only | Bug fix |
| correctness bugs W3 (C3, C5, H2, H4) | Bug fix |
| repair broken GitHub Action and add meaningful CI self-scan gate | Bug fix |
Install
| |
No accounts, no telemetry, no network calls. MIT licensed.
Configuration details reflect a production environment at time of writing. Implementation specifics vary based on tooling versions, platform updates, and organizational requirements. Validate approaches against current documentation before deployment.