diff --git a/.claude/settings.local.json b/.claude/settings.local.json
index 4c37eff..d77597f 100644
--- a/.claude/settings.local.json
+++ b/.claude/settings.local.json
@@ -11,7 +11,11 @@
       "Bash(npm run test)",
       "Bash(npm run build)",
       "Bash(node --input-type=module -e \"import {signWebhook, verifyWebhook} from ''./dist/index.js''; const ts = Math.floor\\(Date.now\\(\\)/1000\\); const r = signWebhook\\({secret:''s'',payload:''p'',timestamp:ts,nonce:''n''}\\); console.log\\(''ESM sign:'', r\\); const v = await verifyWebhook\\({secret:''s'',payload:''p'',signature:r.signature,timestamp:ts,nonce:''n''}\\); console.log\\(''ESM verify:'', v\\);\")",
-      "Bash(npm pack:*)"
+      "Bash(npm pack:*)",
+      "Bash(gh repo view:*)",
+      "Bash(winget install:*)",
+      "Bash(\"C:\\\\Program Files\\\\GitHub CLI\\\\gh.exe\" auth status)",
+      "Bash(\"C:\\\\Program Files\\\\GitHub CLI\\\\gh.exe\" api:*)"
     ]
   }
 }
diff --git a/README.md b/README.md
index e2d5520..77a0ff8 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,9 @@
 # webhook-hmac-kit
 
+[![npm version](https://img.shields.io/npm/v/webhook-hmac-kit)](https://www.npmjs.com/package/webhook-hmac-kit)
+[![npm downloads](https://img.shields.io/npm/dw/webhook-hmac-kit)](https://www.npmjs.com/package/webhook-hmac-kit)
+[![license](https://img.shields.io/npm/l/webhook-hmac-kit)](https://github.com/JosephDoUrden/webhook-hmac-kit/blob/main/LICENSE)
+
 Lightweight, production-ready toolkit for signing and verifying webhook requests using HMAC-SHA256.  
 Implements a Stripe-style security model with timestamp validation and replay protection.