@framers/agentos-skills-registry 0.5.0 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: code-safety
|
|
3
|
+
version: '1.0.0'
|
|
4
|
+
description: Scan LLM-generated code for security vulnerabilities using language-aware pattern rules
|
|
5
|
+
author: Frame.dev
|
|
6
|
+
namespace: wunderland
|
|
7
|
+
category: security
|
|
8
|
+
tags: [guardrails, code-safety, security, injection, xss, owasp, static-analysis]
|
|
9
|
+
requires_tools: [scan_code]
|
|
10
|
+
metadata:
|
|
11
|
+
agentos:
|
|
12
|
+
emoji: "\U0001F6E1"
|
|
13
|
+
---
|
|
14
|
+
|
|
15
|
+
# Code Safety Scanner
|
|
16
|
+
|
|
17
|
+
A guardrail automatically scans code in your responses for security
|
|
18
|
+
vulnerabilities. You also have a tool for on-demand code scanning.
|
|
19
|
+
|
|
20
|
+
## When to Use scan_code
|
|
21
|
+
|
|
22
|
+
- Before writing code to files via write_file or create_file
|
|
23
|
+
- Before executing code via shell_execute
|
|
24
|
+
- When reviewing user-submitted code for security issues
|
|
25
|
+
- Before presenting code examples that handle user input
|
|
26
|
+
|
|
27
|
+
## What It Detects
|
|
28
|
+
|
|
29
|
+
- **Injection**: eval(), exec(), os.system(), command injection
|
|
30
|
+
- **SQL Injection**: string concatenation in SQL queries
|
|
31
|
+
- **XSS**: innerHTML, document.write, dangerouslySetInnerHTML
|
|
32
|
+
- **Path Traversal**: unsanitized ../ in file paths
|
|
33
|
+
- **Hardcoded Secrets**: API keys, passwords, tokens in code
|
|
34
|
+
- **Weak Crypto**: MD5/SHA1 for passwords, Math.random for security
|
|
35
|
+
- **Insecure Deserialization**: pickle.loads, yaml.load without SafeLoader
|
|
36
|
+
- **SSRF**: unvalidated URL construction from user input
|
|
37
|
+
|
|
38
|
+
## Constraints
|
|
39
|
+
|
|
40
|
+
- Regex-based detection — may have false positives on safe code patterns
|
|
41
|
+
- Language detection from code fence tags or heuristics
|
|
42
|
+
- Does not perform deep AST analysis
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: topicality
|
|
3
|
+
version: '1.0.0'
|
|
4
|
+
description: Enforce allowed and forbidden conversation topics using semantic embedding similarity with session-aware drift detection
|
|
5
|
+
author: Frame.dev
|
|
6
|
+
namespace: wunderland
|
|
7
|
+
category: security
|
|
8
|
+
tags: [guardrails, topics, topicality, off-topic, embeddings, drift-detection]
|
|
9
|
+
requires_tools: [check_topic]
|
|
10
|
+
metadata:
|
|
11
|
+
agentos:
|
|
12
|
+
emoji: "\U0001F3AF"
|
|
13
|
+
---
|
|
14
|
+
|
|
15
|
+
# Topicality
|
|
16
|
+
|
|
17
|
+
A guardrail automatically enforces conversation topic boundaries. Messages
|
|
18
|
+
matching forbidden topics are blocked. Messages outside allowed topics are
|
|
19
|
+
flagged. Gradual off-topic drift across multiple turns is detected.
|
|
20
|
+
|
|
21
|
+
## When to Use check_topic
|
|
22
|
+
|
|
23
|
+
- To verify if RAG retrieval results are relevant to allowed topics
|
|
24
|
+
- Before presenting user-submitted content to the agent
|
|
25
|
+
- In content moderation workflows
|
|
26
|
+
|
|
27
|
+
## What It Enforces
|
|
28
|
+
|
|
29
|
+
- **Allowed topics**: messages must be semantically related to at least one allowed topic
|
|
30
|
+
- **Forbidden topics**: messages matching a forbidden topic are blocked
|
|
31
|
+
- **Drift detection**: gradual off-topic steering across multiple turns is caught
|
|
32
|
+
|
|
33
|
+
## Constraints
|
|
34
|
+
|
|
35
|
+
- Requires an embedding provider (OpenAI, etc.) to be configured
|
|
36
|
+
- Topic embeddings are computed lazily on first evaluation
|
|
37
|
+
- Drift detection tracks per-session state (cleaned up after 1 hour of inactivity)
|