diff --git a/docs/tutorials/03-runtime-security-with-prooflayer.md b/docs/tutorials/03-runtime-security-with-prooflayer.md
index 9f530b6..913752a 100644
--- a/docs/tutorials/03-runtime-security-with-prooflayer.md
+++ b/docs/tutorials/03-runtime-security-with-prooflayer.md
@@ -22,7 +22,7 @@ ProofLayer Runtime Security acts as a transparent HTTP proxy between your MCP cl
 ## Step 1: Install ProofLayer
 
 ```bash
-pip install prooflayer-runtime
+pip install prooflayer-rules
 ```
 
 Verify the installation:
@@ -211,7 +211,7 @@ Each report includes the threat type, tool name, arguments, risk score, matched
 
 ## Configuration
 
-ProofLayer can be configured via a `prooflayer.yaml` file. See the [Configuration Reference](https://github.com/prooflayer/prooflayer-runtime/blob/main/docs/configuration.md) for details on:
+ProofLayer can be configured via a `prooflayer.yaml` file. See the [Configuration Reference](https://github.com/sinewaveai/prooflayer-rules/blob/main/docs/configuration.md) for details on:
 
 - Custom detection rules
 - Score thresholds (ALLOW/WARN/BLOCK/KILL)
diff --git a/docs/tutorials/demo-script.md b/docs/tutorials/demo-script.md
index 067d3e1..1a6ea2d 100644
--- a/docs/tutorials/demo-script.md
+++ b/docs/tutorials/demo-script.md
@@ -17,7 +17,7 @@ Step-by-step demo showing ProofLayer blocking three real-world attack scenarios
 ### 1. Install ProofLayer
 
 ```bash
-pip install prooflayer-runtime
+pip install prooflayer-rules
 ```
 
 ### 2. Start simple-mcp (backend on port 8081)