feat(security): harden mcp and action surfaces

.github/PULL_REQUEST_TEMPLATE.md

@@ -26,7 +26,7 @@
 - [ ] `trunk check --show-existing --all`
 - [ ] `make gitleaks`
 - [ ] `make cargo-audit`
-- [ ] `make fuzz-smoke`
+- [ ] `make fuzz-check`
 - [ ] `make release-snapshot` when release/build behavior changed
 
 ## Notes

.github/workflows/ci.yml

@@ -128,7 +128,7 @@ jobs:
         run: npm ci --ignore-scripts --no-audit
         working-directory: packages/npm
 
-      - name: Test npm launcher
+      - name: Test npm launcher and MCP Registry metadata
         run: npm test
         working-directory: packages/npm
 
@@ -158,11 +158,16 @@ jobs:
         run: npm ci --ignore-scripts --no-audit
         working-directory: site
 
+      - name: Set up Rust for docs contract tests
+        run: |
+          rustup toolchain install 1.85.0 --profile minimal
+          rustup default 1.85.0
+
       - name: Audit site dependencies
         run: npm audit --audit-level=moderate
         working-directory: site
 
-      - name: Check generated docs freshness
+      - name: Run documentation contract tests
         run: make docs-qa
 
       - name: Build documentation site

.github/workflows/pages.yml

@@ -34,11 +34,16 @@ jobs:
         run: npm ci --ignore-scripts --no-audit
         working-directory: site
 
+      - name: Set up Rust for docs contract tests
+        run: |
+          rustup toolchain install 1.85.0 --profile minimal
+          rustup default 1.85.0
+
       - name: Audit site dependencies
         run: npm audit --audit-level=moderate
         working-directory: site
 
-      - name: Check generated docs freshness
+      - name: Run documentation contract tests
         run: make docs-qa
 
       - name: Configure Pages

.github/workflows/release.yml

@@ -197,8 +197,8 @@ jobs:
             --generate-notes \
             --title "${REF_NAME}"
 
-  release-smoke:
-    name: Release smoke
+  release-verify:
+    name: Release verification
     runs-on: ubuntu-latest
     needs: publish
     permissions:
@@ -212,17 +212,17 @@ jobs:
       - name: Install Cosign
         uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
 
-      - name: Smoke published GitHub release artifacts
+      - name: Verify published GitHub release artifacts
         env:
           GH_TOKEN: ${{ github.token }}
           REF_NAME: ${{ github.ref_name }}
           GITHUB_REPOSITORY: ${{ github.repository }}
-        run: bash scripts/smoke-release-archive.sh "${REF_NAME}"
+        run: bash scripts/verify-release-archive.sh "${REF_NAME}"
 
   npm:
     name: NPM package
     runs-on: ubuntu-latest
-    needs: release-smoke
+    needs: release-verify
     if: ${{ vars.NPM_PUBLISH == 'true' }}
     environment: npm-publish
     permissions:

CHANGELOG.md

@@ -24,7 +24,7 @@ not be reused.
   provider-warning, policy, SARIF, TUI, Raycast, and HTML behavior.
 - Hardened release publishing with signed-tag verification, Windows-compatible
   builds for non-TUI commands, scoped archive uploads, and Cosign-backed release
-  smoke before npm publication.
+  verification before npm publication.
 
 ## v0.1.5
 
@@ -50,7 +50,7 @@ First stable Nightward release.
 - Added explicit local/online-capable provider execution support with opt-in
   provider gates.
 - Added release-gated GitHub artifacts with checksums, SBOMs, Cosign-signed
-  checksum bundles, release smoke checks, and npm trusted-publishing support for
+  checksum bundles, release archive verification, and npm trusted-publishing support for
   `@jsonbored/nightward`.
 - Added OpenSSF-oriented governance, security policy, threat model, DCO, CodeQL,
   Scorecard, coverage, and release snapshot gates.
@@ -62,5 +62,5 @@ Superseded prerelease attempts.
 - `v0.1.1` and `v0.1.2` were superseded before the final npm/install
   verification path was complete.
 - `v0.1.3` proved GitHub/npm publishing and provenance, but the npm launcher
-  symlink smoke gap was fixed in `v0.1.4`.
+  symlink verification gap was fixed in `v0.1.4`.
 - Use `v0.1.4` or newer.

Makefile

@@ -13,7 +13,7 @@ CARGO_AUDIT_VERSION ?= 0.22.1
 CARGO_DENY_VERSION ?= 0.19.4
 CARGO_LLVM_COV_VERSION ?= 0.8.5
 
-.PHONY: doctor install-dev-tools test test-fast test-security test-ux test-release test-local test-prepush test-release-install fmt clippy cargo-test cargo-nextest cargo-doc cargo-audit cargo-deny cargo-llvm-cov coverage-check fuzz-smoke test-junit trunk-check trunk-fix trunk-flaky-validate ci-scripts-test gitleaks raycast-install raycast-test raycast-test-junit raycast-audit raycast-lint raycast-build raycast-store-check raycast-verify npm-package-install npm-package-test npm-package-audit npm-package-pack npm-package-verify docs-reference docs-reference-check docs-freshness docs-qa demo-ids-check site-install site-audit site-build site-verify demo-assets tui-media release-snapshot verify build install-local clean-reports
+.PHONY: doctor install-dev-tools test test-fast test-security test-ux test-release test-local test-prepush test-release-install fmt clippy cargo-test cargo-nextest cargo-doc cargo-audit cargo-deny cargo-llvm-cov coverage-check fuzz-check test-junit trunk-check trunk-fix trunk-flaky-validate ci-scripts-test gitleaks raycast-install raycast-test raycast-test-junit raycast-audit raycast-lint raycast-build raycast-store-check raycast-verify npm-package-install npm-package-test npm-package-audit npm-package-pack npm-package-verify docs-reference docs-reference-check docs-qa site-install site-test site-audit site-build site-verify demo-assets tui-media release-snapshot verify build install-local clean-reports
 
 doctor:
 	bash scripts/dev-doctor.sh
@@ -70,8 +70,8 @@ cargo-llvm-cov:
 coverage-check: cargo-llvm-cov
 	@if [ -f "$(REPORTS_DIR)/coverage.txt" ]; then python3 -c 'import pathlib,re,sys; text=pathlib.Path("$(REPORTS_DIR)/coverage.txt").read_text(); nums=[float(x) for x in re.findall(r"([0-9]+(?:\.[0-9]+)?)%", text)]; pct=nums[-1] if nums else 100.0; threshold=float("$(COVERAGE_THRESHOLD)"); print(f"coverage {pct:.1f}% / threshold {threshold:.1f}%"); sys.exit(0 if pct >= threshold else 1)'; fi
 
-fuzz-smoke:
-	@PATH="$(RUST_PATH)"; if command -v cargo-fuzz >/dev/null 2>&1; then cargo fuzz run mcp_config_formats -- -runs=256 && cargo fuzz run redaction_urls_headers -- -runs=256 && cargo fuzz run filesystem_boundaries -- -runs=128; else echo "cargo-fuzz not installed; skipping fuzz smoke"; fi
+fuzz-check:
+	@PATH="$(RUST_PATH)"; if command -v cargo-fuzz >/dev/null 2>&1; then cargo fuzz run mcp_config_formats -- -runs=256 && cargo fuzz run redaction_urls_headers -- -runs=256 && cargo fuzz run filesystem_boundaries -- -runs=128; else echo "cargo-fuzz not installed; skipping fuzz check"; fi
 
 test-junit: clean-reports cargo-test raycast-install
 	mkdir -p $(REPORTS_DIR)/junit
@@ -134,6 +134,9 @@ npm-package-verify: npm-package-install npm-package-test npm-package-audit npm-p
 site-install:
 	cd $(SITE_DIR) && npm ci --ignore-scripts --no-audit
 
+site-test:
+	cd $(SITE_DIR) && npm test
+
 site-audit:
 	cd $(SITE_DIR) && npm audit --audit-level=moderate
 
@@ -146,15 +149,9 @@ docs-reference:
 docs-reference-check:
 	node scripts/generate-reference-docs.mjs --check
 
-docs-freshness:
-	node scripts/check-docs-freshness.mjs
-
-docs-qa: docs-reference-check docs-freshness demo-ids-check
-
-demo-ids-check:
-	node scripts/check-demo-ids.mjs
+docs-qa: docs-reference-check site-test
 
-site-verify: docs-qa site-install site-audit site-build
+site-verify: site-install docs-qa site-audit site-build
 
 demo-assets:
 	node scripts/generate-demo-assets.mjs