v1.4.0 - MCP Trust Boundary Guard
Adds zero-execution MCP config scanning to Agentic Workflow Guard.\n\nPublished:\n- GitHub release: v1.4.0\n- npm package: https://www.npmjs.com/package/awguard/v/1.4.0\n- Install: npx awguard@1.4.0 .\n\nHighlights:\n- New AWG013 rule flags project MCP configs that start mutable packages, @latest specs, unpinned containers, or shell wrappers.\n- New AWG014 rule flags committed MCP tokens, API keys, passwords, bearer headers, and other auth material.\n- Discovers .mcp.json, .vscode/mcp.json, .cursor/mcp.json, Windsurf, Cline, Roo, and related MCP config files.\n- Adds MCP-aware remediation, migration, score, SARIF, docs, and examples.\n\nWhy it matters: existing MCP scanners often execute configured servers to inspect tools. AWGuard gives maintainers a GitHub-native first check for repo-provided MCP tool wiring without starting untrusted MCP commands.