docs(security-guide): add LLM Safe Haven to References (re: #1585)

[pleasedodisturb]

Concrete patch per the close note on #1585 ("reopen welcome with a... concrete patch").

Adds one line to the References section of the-security-guide.md, placed next to the existing Snyk agent-scan entry since both are agent-security tools. No promotional copy — same factual format as the surrounding entries.

LLM Safe Haven complements AgentShield: AgentShield scans ECC skills/hooks/MCP configs for risk, LLM Safe Haven installs runtime hooks (bash firewall, secret guard, audit log) and ships a threat model + per-agent hardening guides. Both projects address parts of the same problem space called out in the "Tooling Landscape" section of this guide.

Most relevant for ECC users:

• Fail-closed hook install pattern (npx llm-safe-haven) for Claude Code, Cursor, Windsurf, Copilot, Codex, Aider, Cline
• Threat model with OWASP Agentic Top 10 mapping + real incidents timeline. Currently covers the Shai-Hulud npm worm campaign including the May 11 TanStack wave and May 19 AntV wave that both weaponize .claude/settings.json SessionStart hooks — directly relevant to the supply-chain section of this guide.
• Per-agent hardening guides with CVE annotations

Happy to adjust framing, drop to a single repo link, or move placement if you prefer it elsewhere in the document.

---

Summary by cubic

Add LLM Safe Haven to the Security Guide references, next to Snyk agent-scan. It links to fail-closed runtime hooks, a threat model, and hardening guides for Claude Code, Cursor, Windsurf, Copilot, Codex, Aider, and Cline.

^{Written for commit 5708c40. Summary will update on new commits. Review in cubic}

Summary by CodeRabbit

• Documentation
  • Added "LLM Safe Haven" reference link to the security guide's References section.

[coderabbitai]

📝 Walkthrough

Walkthrough

A reference entry for the "LLM Safe Haven" repository is added to the References section of the security guide documentation.

Changes

Security Documentation Reference

Layer / File(s)	Summary
LLM Safe Haven reference entry the-security-guide.md	A bullet point referencing the "LLM Safe Haven" GitHub repository is appended to the References section.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related issues

• #1585: The PR adds the "LLM Safe Haven" reference link to the security guide's References section, directly fulfilling the request to include this resource in the security documentation.

Poem

🐰 A reference safe and sound,
LLM Haven we have found!
To the guide we add the link,
More security, don't you think?

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely summarizes the main change: adding LLM Safe Haven to the References section of the security guide. It is specific, actionable, and directly reflects the changeset (1 line added to the document).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Warning

⚠️ This pull request might be slop. It has been flagged by CodeRabbit slop detection and should be reviewed carefully.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@the-security-guide.md`:
- Line 441: Keep the "LLM Safe Haven" entry but narrow the claims: update the
line to state that the repo provides fail-closed runtime hooks and a threat
model (referencing hooks/secret-guard.js, hooks/bash-firewall.js and
docs/threat-model.md), list the hardening guides that are present (Claude Code,
Cursor, Windsurf, GitHub Copilot, Aider) and note that Codex CLI and Cline are
mentioned in README.md but do not have dedicated docs under docs/hardening/,
remove the phrase "complements AgentShield" (or add a specific AgentShield
reference if you can cite one), and add a brief maintainer-quality/relevance
check note before publishing.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 6e8d0993-f280-4b1d-bde4-b6ccc9b5efcc

📥 Commits

Reviewing files that changed from the base of the PR and between 1e8c7e7 and 5708c40.

📒 Files selected for processing (1)

• the-security-guide.md

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Verify the LLM Safe Haven repository exists and contains claimed features

# Check if repository is accessible
echo "=== Checking repository accessibility ==="
curl -s -o /dev/null -w "%{http_code}" https://github.com/pleasedodisturb/llm-safe-haven

# Clone and inspect repository structure
echo -e "\n=== Checking repository contents ==="
git clone --depth 1 https://github.com/pleasedodisturb/llm-safe-haven /tmp/llm-safe-haven 2>&1 || echo "Repository not found or not accessible"

if [ -d /tmp/llm-safe-haven ]; then
  echo -e "\n=== Repository structure ==="
  cd /tmp/llm-safe-haven
  ls -la
  
  echo -e "\n=== Checking for threat model documentation ==="
  fd -t f -e md . | xargs rg -l "threat model|OWASP" || echo "No threat model documentation found"
  
  echo -e "\n=== Checking for hardening guides ==="
  fd -t f -e md . | xargs rg -l -i "claude code|cursor|windsurf|copilot|codex|aider|cline" || echo "No hardening guides found"
  
  echo -e "\n=== Checking for runtime hooks ==="
  fd -t f | xargs rg -l "hook|runtime|fail-closed" || echo "No runtime hook implementation found"
  
  echo -e "\n=== Checking README for feature claims ==="
  cat README.md 2>/dev/null || echo "No README found"
fi

Repository: affaan-m/ECC

Length of output: 6332

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

REPO_DIR="/tmp/llm-safe-haven"

echo "== Searching for 'fail-closed' / runtime hook wording =="
rg -n -i "fail-closed|fail closed|runtime hook|failclosed" "$REPO_DIR" || true

echo
echo "== Checking threat model & hardening docs presence (quick index) =="
ls -1 "$REPO_DIR"/docs | sed -n '1,200p'
ls -1 "$REPO_DIR"/docs/hardening 2>/dev/null | sed -n '1,200p'
ls -1 "$REPO_DIR"/hooks | sed -n '1,200p'

echo
echo "== Checking for 'AgentShield' mention =="
rg -n -i "AgentShield" "$REPO_DIR" || true

Repository: affaan-m/ECC

Length of output: 990

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail
REPO_DIR="/tmp/llm-safe-haven"

echo "== Search for Codex / Cline documentation =="
rg -n -i "codex|codex cli" "$REPO_DIR" || true
rg -n -i "cline" "$REPO_DIR" || true

echo
echo "== Search for OWASP Agentic Top 10 / threat model =="
rg -n -i "OWASP|agentic top 10|threat model" "$REPO_DIR"/docs "$REPO_DIR"/README.md "$REPO_DIR"/CLAUDE.md || true

echo
echo "== Check whether docs/hardening includes those agent pages =="
ls -1 "$REPO_DIR"/docs/hardening 2>/dev/null || true

Repository: affaan-m/ECC

Length of output: 21845

---

Line 441: Keep the entry, but tighten the scope of the feature claims

• The GitHub link is reachable, and the repo includes fail-closed runtime hook behavior (e.g., hooks/secret-guard.js, hooks/bash-firewall.js) plus a threat model (docs/threat-model.md).
• Hardening guides exist for Claude Code, Cursor, Windsurf, GitHub Copilot, and Aider; Codex CLI and Cline are supported/documented in the repo (e.g., README.md), but dedicated pages under docs/hardening/ for Codex/Cline weren’t found.
• No “AgentShield” mention exists in the repo, so any “complements AgentShield” framing should be removed or supported with a specific reference.
• Since this is the author’s own project, a quick maintainer quality/relevance check is still warranted before publishing.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@the-security-guide.md` at line 441, Keep the "LLM Safe Haven" entry but
narrow the claims: update the line to state that the repo provides fail-closed
runtime hooks and a threat model (referencing hooks/secret-guard.js,
hooks/bash-firewall.js and docs/threat-model.md), list the hardening guides that
are present (Claude Code, Cursor, Windsurf, GitHub Copilot, Aider) and note that
Codex CLI and Cline are mentioned in README.md but do not have dedicated docs
under docs/hardening/, remove the phrase "complements AgentShield" (or add a
specific AgentShield reference if you can cite one), and add a brief
maintainer-quality/relevance check note before publishing.

[cubic-dev-ai]

No issues found across 1 file

_{Re-trigger cubic}