@framers/agentos-skills-registry 0.6.0 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: code-safety
|
|
3
|
+
version: '1.0.0'
|
|
4
|
+
description: Scan LLM-generated code for security vulnerabilities using language-aware pattern rules
|
|
5
|
+
author: Frame.dev
|
|
6
|
+
namespace: wunderland
|
|
7
|
+
category: security
|
|
8
|
+
tags: [guardrails, code-safety, security, injection, xss, owasp, static-analysis]
|
|
9
|
+
requires_tools: [scan_code]
|
|
10
|
+
metadata:
|
|
11
|
+
agentos:
|
|
12
|
+
emoji: "\U0001F6E1"
|
|
13
|
+
---
|
|
14
|
+
|
|
15
|
+
# Code Safety Scanner
|
|
16
|
+
|
|
17
|
+
A guardrail automatically scans code in your responses for security
|
|
18
|
+
vulnerabilities. You also have a tool for on-demand code scanning.
|
|
19
|
+
|
|
20
|
+
## When to Use scan_code
|
|
21
|
+
|
|
22
|
+
- Before writing code to files via write_file or create_file
|
|
23
|
+
- Before executing code via shell_execute
|
|
24
|
+
- When reviewing user-submitted code for security issues
|
|
25
|
+
- Before presenting code examples that handle user input
|
|
26
|
+
|
|
27
|
+
## What It Detects
|
|
28
|
+
|
|
29
|
+
- **Injection**: eval(), exec(), os.system(), command injection
|
|
30
|
+
- **SQL Injection**: string concatenation in SQL queries
|
|
31
|
+
- **XSS**: innerHTML, document.write, dangerouslySetInnerHTML
|
|
32
|
+
- **Path Traversal**: unsanitized ../ in file paths
|
|
33
|
+
- **Hardcoded Secrets**: API keys, passwords, tokens in code
|
|
34
|
+
- **Weak Crypto**: MD5/SHA1 for passwords, Math.random for security
|
|
35
|
+
- **Insecure Deserialization**: pickle.loads, yaml.load without SafeLoader
|
|
36
|
+
- **SSRF**: unvalidated URL construction from user input
|
|
37
|
+
|
|
38
|
+
## Constraints
|
|
39
|
+
|
|
40
|
+
- Regex-based detection — may have false positives on safe code patterns
|
|
41
|
+
- Language detection from code fence tags or heuristics
|
|
42
|
+
- Does not perform deep AST analysis
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: grounding-guard
|
|
3
|
+
version: '1.0.0'
|
|
4
|
+
description: Verify response faithfulness against RAG source documents using NLI entailment and LLM-as-judge
|
|
5
|
+
author: Frame.dev
|
|
6
|
+
namespace: wunderland
|
|
7
|
+
category: security
|
|
8
|
+
tags: [guardrails, hallucination, grounding, faithfulness, nli, rag, fact-checking]
|
|
9
|
+
requires_tools: [check_grounding]
|
|
10
|
+
metadata:
|
|
11
|
+
agentos:
|
|
12
|
+
emoji: "\U0001F50D"
|
|
13
|
+
---
|
|
14
|
+
|
|
15
|
+
# Grounding Guard
|
|
16
|
+
|
|
17
|
+
A guardrail automatically verifies that your responses are faithful to
|
|
18
|
+
the source documents retrieved via RAG. Claims in your output are checked
|
|
19
|
+
against the retrieved sources using NLI entailment detection.
|
|
20
|
+
|
|
21
|
+
## When to Use check_grounding
|
|
22
|
+
|
|
23
|
+
- Before presenting synthesized answers from multiple RAG sources
|
|
24
|
+
- To verify that summarized content faithfully represents the originals
|
|
25
|
+
- When combining information from multiple documents
|
|
26
|
+
|
|
27
|
+
## What It Checks
|
|
28
|
+
|
|
29
|
+
- **Supported**: claim is entailed by at least one source document
|
|
30
|
+
- **Contradicted**: claim directly contradicts a source document
|
|
31
|
+
- **Unverifiable**: claim cannot be found in any source (potential hallucination)
|
|
32
|
+
|
|
33
|
+
## Constraints
|
|
34
|
+
|
|
35
|
+
- Only runs when RAG sources are available (no sources → no verification)
|
|
36
|
+
- NLI model (~40MB) loads lazily on first grounding check
|
|
37
|
+
- LLM escalation for ambiguous claims adds ~150-500ms (only when configured)
|
|
38
|
+
- Best for factual/informational responses; less useful for creative/opinion content
|