Aipatch Security Scanner

2.0.2

• MCP abilities now default to only aipatch/audit-site enabled; additional abilities can be enabled from Settings.
• Fixed remediation rename_file path handling so destination paths can be new files (without requiring the destination to already exist).
• Updated aipatch/start-file-scan ability to actually support the root input with strict validation inside WordPress root.
• Hardened file enumeration by disabling symlink traversal and skipping symlink entries.
• Added runtime and batch budgets to synchronous file scan execution to prevent unbounded scans.

2.0.1

• Major architecture overhaul: modular audit engine with interface/registry/engine pattern.
• 36 security checks (up from 12) across 8 categories including malware surface and access control.
• Weighted logarithmic scoring engine with per-area risk posture breakdown.
• Heuristic malware file scanner with 27 signatures and Shannon entropy check.
• Async job system for batch file scanning on shared hosting.
• File integrity baseline with origin detection (core, plugin, theme, upload).
• Persistent findings store with deduplication, automatic resolution, and dismissal tracking.
• Vulnerability intelligence caching layer with decorator pattern.
• One-click remediation engine with full rollback support (6 action types).
• 23 MCP abilities via WordPress Abilities API for AI agent integration.
• WordPress core integrity verification against official api.wordpress.org checksums.
• Multi-layer scoring engine (content 55%, context 25%, integrity 20%) with 11 malware family classification.
• 7 new database tables (9 total) for jobs, findings, baselines, scan results, vulnerability cache, and remediations.
• New audit checks: cookie security, backup files, phpinfo exposure, CORS, uploads index, login URL, database credentials.
• Hardening: added author scanning protection.
• Path traversal protection for all file operations.

1.0.1

• Updated version metadata and packaging adjustments for WordPress.org review.

1.0.0

• Initial release.
• Security dashboard with risk score.
• Local security scanner with 12 checks.
• Hardening module with 4 toggleable rules.
• Built-in vulnerability database.
• Security event logging.
• WordPress Site Health integration.
• REST API for plugin operations.
• Automatic scans via WP-Cron.