chore: bump version to 0.31.0 + clean README (#12)

Bump version 0.30.0 → 0.31.0 across pyproject.toml, __init__.py,
Dockerfiles, integrations (ToolHive, MCP Registry, OpenClaw), tests.

Rewrite README: 873 → ~280 lines. Keep diagrams, comparison table,
and architecture overview. Move detailed docs to collapsible sections.
Update all counts: 427+ servers, 13 clients, privilege detection.
Fix pre-existing ruff issues in bump-version.py and test_prompt_scanner.py.

Co-authored-by: Wagdy Saad <andwgdysaad@gmail.com>

Author: msaad00

Dockerfile.sse

@@ -13,7 +13,7 @@
 
 FROM python:3.12-slim
 
-ARG VERSION=0.30.0
+ARG VERSION=0.31.0
 
 LABEL org.opencontainers.image.title="agent-bom MCP Server"
 LABEL org.opencontainers.image.description="AI supply chain security scanner — MCP server with streamable HTTP transport"

README.md

@@ -3,7 +3,7 @@
   "name": "io.github.msaad00/agent-bom",
   "description": "AI supply chain security scanner — CVE scanning, blast radius, policy enforcement, SBOM generation",
   "title": "agent-bom",
-  "version": "0.30.0",
+  "version": "0.31.0",
   "repository": {
     "url": "https://github.com/msaad00/agent-bom",
     "source": "github"
@@ -12,7 +12,7 @@
     {
       "registryType": "pypi",
       "identifier": "agent-bom",
-      "version": "0.30.0",
+      "version": "0.31.0",
       "transport": {
         "type": "stdio"
       },

integrations/mcp-registry/server.json

@@ -1,7 +1,7 @@
 ---
 name: agent-bom
 description: Scan AI agents and MCP servers for CVEs, generate SBOMs, map blast radius, enforce security policies
-version: 0.30.0
+version: 0.31.0
 metadata:
   openclaw:
     requires:
@@ -48,7 +48,7 @@ and tools are exposed if a package is compromised), generates SBOMs, and evaluat
 - Blast radius mapping: CVE → package → server → agent → credentials/tools
 - SBOM generation: CycloneDX 1.6, SPDX 3.0, SARIF 2.1.0
 - Policy-as-code engine for CI/CD security gates
-- Threat intelligence registry of 112+ known MCP servers with risk metadata
+- Threat intelligence registry of 427+ known MCP servers with risk metadata
 - Docker image scanning (requires `docker` binary, optional)
 
 ## Installation
@@ -71,7 +71,7 @@ pipx install agent-bom
 ### Verify installation
 ```bash
 agent-bom --version
-# Should print: agent-bom 0.30.0
+# Should print: agent-bom 0.31.0
 ```
 
 ### Verify source

integrations/openclaw/SKILL.md

@@ -1,6 +1,6 @@
 FROM python:3.12-slim
 
-ARG VERSION=0.30.0
+ARG VERSION=0.31.0
 
 LABEL maintainer="W S <34316639+msaad00@users.noreply.github.com>"
 LABEL description="agent-bom MCP Server: AI supply chain security scanning via MCP protocol"

integrations/toolhive/Dockerfile.mcp

@@ -3,15 +3,15 @@
   "name": "io.github.msaad00/agent-bom",
   "description": "AI supply chain security scanner — CVE scanning, blast radius analysis, policy enforcement, and SBOM generation for MCP servers and AI agents",
   "title": "agent-bom",
-  "version": "0.30.0",
+  "version": "0.31.0",
   "repository": {
     "url": "https://github.com/msaad00/agent-bom",
     "source": "github"
   },
   "packages": [
     {
       "registryType": "oci",
-      "identifier": "ghcr.io/msaad00/agent-bom:v0.30.0",
+      "identifier": "ghcr.io/msaad00/agent-bom:v0.31.0",
       "transport": {
         "type": "stdio"
       },
@@ -28,7 +28,7 @@
   "_meta": {
     "io.modelcontextprotocol.registry/publisher-provided": {
       "io.github.msaad00": {
-        "ghcr.io/msaad00/agent-bom:v0.30.0": {
+        "ghcr.io/msaad00/agent-bom:v0.31.0": {
           "tier": "Community",
           "status": "Active",
           "tags": [

integrations/toolhive/server.json

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "agent-bom"
-version = "0.30.0"
+version = "0.31.0"
 description = "AI Bill of Materials (AI-BOM) generator — CVE scanning, blast radius, enterprise remediation plans, OWASP LLM Top 10 + MITRE ATLAS + NIST AI RMF threat mapping, LLM-powered enrichment, OpenClaw discovery, MCP runtime introspection, and MCP registry for AI agents."
 readme = "README.md"
 license = {text = "Apache-2.0"}

pyproject.toml

@@ -78,7 +78,7 @@ def bump(new_version: str, *, dry_run: bool = False) -> int:
     print(f"\n{'Would update' if dry_run else 'Updated'} {changed} occurrence(s)")
 
     if not dry_run and changed > 0:
-        print(f"\nNext steps:")
+        print("\nNext steps:")
         print(f"  git add -A && git commit -m 'chore: bump version to {new_version}'")
         print(f"  git tag v{new_version}")
         print(f"  git push origin main v{new_version}")

scripts/bump-version.py

@@ -5,4 +5,4 @@
 try:
     __version__ = version("agent-bom")
 except PackageNotFoundError:
-    __version__ = "0.30.0"
+    __version__ = "0.31.0"

src/agent_bom/__init__.py

@@ -255,7 +255,7 @@ def empty_report():
 
 def test_version_sync():
     from agent_bom import __version__
-    assert __version__ == "0.30.0"
+    assert __version__ == "0.31.0"
 
 
 def test_report_version_matches():
@@ -2795,7 +2795,7 @@ def test_toolhive_server_json_valid():
     p = Path(__file__).parent.parent / "integrations" / "toolhive" / "server.json"
     data = _json.loads(p.read_text())
     assert data["name"] == "io.github.msaad00/agent-bom"
-    assert data["version"] == "0.30.0"
+    assert data["version"] == "0.31.0"
     assert "packages" in data
     assert data["packages"][0]["registryType"] == "oci"