From af37d26e3febe4d853fe5c908fa16670c92a7beb Mon Sep 17 00:00:00 2001
From: Hisku <hiskias@stackone.com>
Date: Thu, 26 Mar 2026 09:08:31 +0000
Subject: [PATCH] fix: use absolute URLs for README images to fix npm display

Relative paths (assets/banner-*.svg, assets/demo-*.svg) resolve
correctly on GitHub but break on npm's markdown renderer which has
no base URL context. Replaced with raw.githubusercontent.com URLs.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 README.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index cbc266d..03ee952 100644
--- a/README.md
+++ b/README.md
@@ -1,8 +1,8 @@
 <div align="center">
 
   <picture>
-    <source media="(prefers-color-scheme: dark)" srcset="assets/banner-dark.svg" />
-    <img src="assets/banner-light.svg" alt="Defender by StackOne — Indirect prompt injection protection for MCP tool calls" width="800" />
+    <source media="(prefers-color-scheme: dark)" srcset="https://raw.githubusercontent.com/StackOneHQ/defender/main/assets/banner-dark.svg" />
+    <img src="https://raw.githubusercontent.com/StackOneHQ/defender/main/assets/banner-light.svg" alt="Defender by StackOne — Indirect prompt injection protection for MCP tool calls" width="800" />
   </picture>
 
   <p>
@@ -61,8 +61,8 @@ if (!result.allowed) {
 ## How It Works
 
 <picture>
-  <source media="(prefers-color-scheme: dark)" srcset="assets/demo-dark.svg" />
-  <img src="assets/demo-light.svg" alt="Defender flow: a poisoned email with an injection payload is intercepted by @stackone/defender and blocked before reaching the LLM, with riskLevel: critical and tier2Score: 0.97" width="900" />
+  <source media="(prefers-color-scheme: dark)" srcset="https://raw.githubusercontent.com/StackOneHQ/defender/main/assets/demo-dark.svg" />
+  <img src="https://raw.githubusercontent.com/StackOneHQ/defender/main/assets/demo-light.svg" alt="Defender flow: a poisoned email with an injection payload is intercepted by @stackone/defender and blocked before reaching the LLM, with riskLevel: critical and tier2Score: 0.97" width="900" />
 </picture>
 
 `defendToolResult()` runs a two-tier defense pipeline: