feat: "Background Check for AI Agents" v2.0.0

CHANGELOG.md

@@ -5,6 +5,44 @@ All notable changes to g0 will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.0.0] - 2026-03-31
+
+### g0 v2.0: Background Check for AI Agents
+
+g0 v2.0 establishes g0 as the open-source standard for AI agent due diligence — discover, assess, and test every agent before it ships.
+
+### Added
+- "Background Check for AI Agents" positioning — clear metaphor for what g0 does
+- MCP and OpenClaw commands promoted to first-class status
+- OpenClaw-focused daemon mode — real-time monitoring for malicious skills and MCP config drift
+- Remediation guidance inline on every terminal finding (`Fix:` line)
+- Standards mapping inline on every terminal finding (`Standards:` line)
+- Domain score breakdown in terminal output (12 domains with visual bars)
+- Security vs Hardening split scores
+- Guard0 Platform CTA on scan output for complete accountability
+
+### Changed
+- Scan output shows letter grade (A-F) with domain breakdown and finding details
+- Daemon refocused on OpenClaw/MCP monitoring (skill integrity, config drift, IOC detection)
+- Dynamic testing focused on core payload categories (prompt injection, jailbreak, data exfiltration, tool abuse, MCP attacks)
+- Endpoint scanning focused on MCP server configurations and AI tool discovery
+
+### Retained
+- SARIF 2.1.0 output on scan, test, and gate (`--sarif`)
+- Configurable gate thresholds (`--min-score`, `--min-grade`, `--no-critical`, `--no-high`)
+- All 1,180+ security rules across 12 domains
+- All 11 framework parsers
+- All OpenClaw and MCP scanning capabilities
+- OpenClaw daemon monitoring (skill drift, IOC detection)
+- 5-language support (Python, TypeScript, JavaScript, Java, Go)
+
+### Removed
+- HTML and compliance report export — available via [Guard0 Platform](https://guard0.ai/early-access)
+- CycloneDX/SBOM export format — available via [Guard0 Platform](https://guard0.ai/early-access)
+- Enterprise fleet management features (multi-machine coordination, behavioral baselines, correlation engine)
+- Advanced adaptive red team strategies — available via [Guard0 Platform](https://guard0.ai/early-access)
+- Platform auth and direct upload — scanning is offline-first; use [Guard0 Platform](https://guard0.ai/early-access) for cloud features
+
 ## [1.5.0] - 2026-03-11
 
 ### Fixed

docs/README.md

@@ -1,13 +1,13 @@
 # g0 Documentation
 
-Welcome to the g0 documentation. g0 is the control layer for AI agents — it discovers, assesses, tests, monitors, and governs your AI agent infrastructure across 12 security domains.
+Welcome to the g0 documentation. g0 runs background checks on your AI agents — discovering every component, assessing 1,180+ risk patterns across 12 domains, and adversarially testing behavior before you ship.
 
 ## By the Numbers
 
 | | | | |
 |:---:|:---:|:---:|:---:|
-| **1,180** | **4,000+** | **12** | **10** |
-| Security Rules | Adversarial Payloads | Security Domains | Framework Parsers |
+| **1,180+** | **1,200+** | **1,184+** | **11** |
+| Security Rules | Adversarial Payloads | Malicious Skill IOCs | Framework Parsers |
 | **10** | **5** | **25** | **20** |
 | Compliance Standards | Languages | Attack Categories | Encoding Mutators |
 

docs/api.md

@@ -27,11 +27,9 @@ import {
   calculateScore,
 
   // Reporters
-  reportTerminal,
   reportJson,
-  reportHtml,
   reportSarif,
-  reportComplianceHtml,
+  // reportHtml — available via Guard0 Platform
 } from '@guard0/g0';
 ```
 
@@ -283,17 +281,6 @@ console.log(json);
 reportJson(result, 'results.json');
 ```
 
-### `reportHtml`
-
-Generate a self-contained HTML report file.
-
-```typescript
-import { runScan, reportHtml } from '@guard0/g0';
-
-const result = await runScan({ targetPath: './my-agent' });
-reportHtml(result, 'report.html');
-```
-
 ### `reportSarif`
 
 Generate a SARIF 2.1.0 report for integration with GitHub Code Scanning, VS Code, and other SARIF-compatible tools.

docs/architecture.md

@@ -190,7 +190,7 @@ src/
   testing/              # Dynamic adversarial testing
   reporters/            # All output formatters
   standards/            # 10 standards mapping
-  platform/             # Guard0 Cloud integration
+  platform/             # Guard0 Platform integration
   daemon/               # Background monitoring
   remote/               # Git clone for remote scanning
   cli/                  # Commander.js CLI

docs/ci-cd.md

@@ -4,15 +4,15 @@ g0 integrates into your CI/CD pipeline to catch AI security issues before they r
 
 ## Quality Gate
 
-The `g0 gate` command is designed for CI — it exits with code 1 if the scan fails your thresholds:
+The `g0 gate` command is designed for CI — configurable thresholds with SARIF output:
 
 ```bash
-g0 gate .                           # Default: min score 70
+g0 gate .                           # Pass/fail (default: min-score 70)
 g0 gate . --min-score 80            # Custom score threshold
-g0 gate . --min-grade B             # Grade-based threshold
-g0 gate . --no-critical             # Fail on any critical finding
-g0 gate . --no-high                 # Fail on any high or critical finding
-g0 gate . --sarif results.sarif     # Also produce SARIF output
+g0 gate . --min-grade B             # Minimum grade
+g0 gate . --no-critical             # Fail on any critical findings
+g0 gate . --sarif results.sarif     # Also output SARIF for Code Scanning
+g0 gate . -o results.json           # Also save JSON results
 ```
 
 ## GitHub Actions
@@ -33,10 +33,11 @@ jobs:
           node-version: '20'
 
       - name: g0 Security Gate
-        run: npx @guard0/g0 gate . --min-score 70
+        run: npx @guard0/g0 gate .
+        # Exits 1 if critical or high findings detected
 ```
 
-### With SARIF Upload (GitHub Code Scanning)
+### With SARIF + GitHub Code Scanning
 
 ```yaml
 name: AI Agent Security
@@ -55,46 +56,10 @@ jobs:
         with:
           node-version: '20'
 
-      - name: g0 Security Assessment
+      - name: g0 Security Gate
         run: npx @guard0/g0 gate . --min-score 70 --sarif results.sarif
 
-      - name: Upload SARIF
-        uses: github/codeql-action/upload-sarif@v3
-        if: always()
-        with:
-          sarif_file: results.sarif
-```
-
-SARIF findings appear as annotations on pull requests and in the Security tab.
-
-### Full Assessment with Guard0 Cloud
-
-```yaml
-name: AI Agent Security
-on: [push, pull_request]
-
-permissions:
-  security-events: write
-  contents: read
-
-jobs:
-  security:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version: '20'
-
-      - name: g0 Security Assessment
-        env:
-          G0_API_KEY: ${{ secrets.G0_API_KEY }}
-        run: |
-          npx @guard0/g0 gate . --min-score 70 --sarif results.sarif
-          npx @guard0/g0 scan . --upload
-          npx @guard0/g0 inventory . --upload
-
-      - name: Upload SARIF
+      - name: Upload SARIF to GitHub
         uses: github/codeql-action/upload-sarif@v3
         if: always()
         with:
@@ -144,7 +109,7 @@ ai-security:
   image: node:20
   stage: test
   script:
-    - npx @guard0/g0 gate . --min-score 70 --sarif results.sarif
+    - npx @guard0/g0 gate . --min-score 70 --json
   artifacts:
     reports:
       sast: results.sarif
@@ -177,7 +142,7 @@ pipeline {
     stages {
         stage('AI Security') {
             steps {
-                sh 'npx @guard0/g0 gate . --min-score 70 --sarif results.sarif'
+                sh 'npx @guard0/g0 gate . --min-score 70 --json'
             }
             post {
                 always {
@@ -282,11 +247,11 @@ exclude_paths:
 ```
 PR opened
   ├── g0 gate (fast, blocks merge)
-  ├── g0 scan --sarif (annotations on PR)
+  ├── g0 scan --json(annotations on PR)
   └── g0 inventory --diff (component change detection)
 
 Merge to main
-  ├── g0 scan --upload (track history)
-  ├── g0 inventory --upload (track components)
+  ├── g0 scan (track history)
+  ├── g0 inventory (track components)
   └── g0 test --auto (dynamic testing in staging)
 ```