awguard 1.5.0 → 1.7.0

package/examples/vscode-extension/assets/problems-panel.svg

@@ -0,0 +1,23 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="920" height="430" viewBox="0 0 920 430" role="img" aria-labelledby="title desc">
+  <title id="title">AWGuard VS Code Problems panel capture</title>
+  <desc id="desc">A mocked VS Code Problems panel showing AWGuard diagnostics for AGENTS.md and an MCP config.</desc>
+  <rect width="920" height="430" fill="#f6f8fb"/>
+  <rect x="28" y="28" width="864" height="374" rx="8" fill="#ffffff" stroke="#d7dee8"/>
+  <rect x="28" y="28" width="864" height="42" rx="8" fill="#17212b"/>
+  <text x="50" y="55" font-family="Arial, sans-serif" font-size="15" fill="#ffffff" font-weight="700">AWGuard: Problems</text>
+  <rect x="50" y="92" width="820" height="44" rx="6" fill="#fff7ed" stroke="#fed7aa"/>
+  <circle cx="72" cy="114" r="8" fill="#b42318"/>
+  <text x="90" y="111" font-family="Arial, sans-serif" font-size="14" fill="#17212b" font-weight="700">AWG012 Agent instruction file weakens review or permission boundaries</text>
+  <text x="90" y="128" font-family="Arial, sans-serif" font-size="12" fill="#5f6b76">AGENTS.md:3 - persistent instruction bypasses approval checks</text>
+  <rect x="50" y="148" width="820" height="44" rx="6" fill="#fff7ed" stroke="#fed7aa"/>
+  <circle cx="72" cy="170" r="8" fill="#b42318"/>
+  <text x="90" y="167" font-family="Arial, sans-serif" font-size="14" fill="#17212b" font-weight="700">AWG014 MCP config hardcodes secrets or auth material</text>
+  <text x="90" y="184" font-family="Arial, sans-serif" font-size="12" fill="#5f6b76">.mcp.json:7 - move tokens into prompt input or managed secrets</text>
+  <rect x="50" y="204" width="820" height="44" rx="6" fill="#eef8ff" stroke="#bfdbfe"/>
+  <circle cx="72" cy="226" r="8" fill="#0f766e"/>
+  <text x="90" y="223" font-family="Arial, sans-serif" font-size="14" fill="#17212b" font-weight="700">AWGuard scan completed</text>
+  <text x="90" y="240" font-family="Arial, sans-serif" font-size="12" fill="#5f6b76">2 diagnostics published to the VS Code Problems panel</text>
+  <rect x="50" y="282" width="820" height="78" rx="6" fill="#0c1117"/>
+  <text x="72" y="312" font-family="Menlo, Consolas, monospace" font-size="13" fill="#9ae6b4">$ npx awguard@latest . --format json --fail-on none</text>
+  <text x="72" y="334" font-family="Menlo, Consolas, monospace" font-size="13" fill="#c9d1d9">Scanned 6 file(s). Findings: 2 total, highest severity: critical.</text>
+</svg>

package/examples/vscode-extension/package.json

@@ -0,0 +1,68 @@
+{
+  "name": "awguard-vscode-poc",
+  "displayName": "AWGuard POC",
+  "description": "Run Agentic Workflow Guard from VS Code and show findings as diagnostics.",
+  "version": "0.0.1",
+  "publisher": "mughal-baig",
+  "license": "MIT",
+  "engines": {
+    "vscode": "^1.101.0"
+  },
+  "categories": [
+    "Linters",
+    "Other"
+  ],
+  "activationEvents": [
+    "onCommand:awguard.scanWorkspace"
+  ],
+  "main": "./src/extension.js",
+  "contributes": {
+    "commands": [
+      {
+        "command": "awguard.scanWorkspace",
+        "title": "AWGuard: Scan Workspace"
+      }
+    ],
+    "configuration": {
+      "title": "AWGuard",
+      "properties": {
+        "awguard.command": {
+          "type": "string",
+          "default": "npx",
+          "description": "Command used to run AWGuard."
+        },
+        "awguard.args": {
+          "type": "array",
+          "default": ["awguard@latest"],
+          "items": {
+            "type": "string"
+          },
+          "description": "Arguments prepended before the workspace path and output flags."
+        }
+      }
+    },
+    "problemMatchers": [
+      {
+        "name": "awguard",
+        "owner": "awguard",
+        "fileLocation": ["relative", "${workspaceFolder}"],
+        "pattern": [
+          {
+            "regexp": "^\\[(?:CRITICAL|HIGH|MEDIUM|LOW)\\] (AWG\\d+) (.*)$",
+            "severity": "warning",
+            "code": 1,
+            "message": 2
+          },
+          {
+            "regexp": "^\\s+(.+):(\\d+)$",
+            "file": 1,
+            "line": 2
+          }
+        ]
+      }
+    ]
+  },
+  "devDependencies": {
+    "@types/vscode": "^1.101.0"
+  }
+}

package/examples/vscode-extension/src/extension.js

@@ -0,0 +1,116 @@
+const cp = require('node:child_process');
+const path = require('node:path');
+const vscode = require('vscode');
+
+const severityMap = {
+  critical: vscode.DiagnosticSeverity.Error,
+  high: vscode.DiagnosticSeverity.Error,
+  medium: vscode.DiagnosticSeverity.Warning,
+  low: vscode.DiagnosticSeverity.Information
+};
+
+function activate(context) {
+  const output = vscode.window.createOutputChannel('AWGuard');
+  const diagnostics = vscode.languages.createDiagnosticCollection('awguard');
+
+  context.subscriptions.push(output, diagnostics);
+  context.subscriptions.push(
+    vscode.commands.registerCommand('awguard.scanWorkspace', async () => {
+      const folder = vscode.workspace.workspaceFolders?.[0];
+      if (!folder) {
+        vscode.window.showWarningMessage('Open a workspace before running AWGuard.');
+        return;
+      }
+
+      diagnostics.clear();
+      output.clear();
+      output.show(true);
+      output.appendLine(`Scanning ${folder.uri.fsPath}`);
+
+      try {
+        const report = await runAwguard(folder.uri.fsPath, output);
+        publishDiagnostics(report, folder.uri.fsPath, diagnostics);
+        vscode.window.showInformationMessage(`AWGuard found ${report.findings.length} finding(s).`);
+      } catch (error) {
+        vscode.window.showErrorMessage(`AWGuard scan failed: ${error.message}`);
+      }
+    })
+  );
+}
+
+function runAwguard(workspacePath, output) {
+  const config = vscode.workspace.getConfiguration('awguard');
+  const command = config.get('command', 'npx');
+  const configuredArgs = config.get('args', ['awguard@latest']);
+  const args = [...configuredArgs, workspacePath, '--format', 'json', '--fail-on', 'none'];
+  const executable = process.platform === 'win32' && command === 'npx' ? 'npx.cmd' : command;
+
+  return new Promise((resolve, reject) => {
+    const child = cp.spawn(executable, args, {
+      cwd: workspacePath,
+      shell: false,
+      windowsHide: true
+    });
+
+    let stdout = '';
+    let stderr = '';
+
+    child.stdout.on('data', (chunk) => {
+      stdout += chunk;
+      output.append(chunk.toString());
+    });
+
+    child.stderr.on('data', (chunk) => {
+      stderr += chunk;
+      output.append(chunk.toString());
+    });
+
+    child.on('error', reject);
+    child.on('close', (code) => {
+      if (code !== 0) {
+        reject(new Error(stderr.trim() || `awguard exited with code ${code}`));
+        return;
+      }
+
+      try {
+        resolve(JSON.parse(stdout));
+      } catch (error) {
+        reject(new Error(`could not parse AWGuard JSON output: ${error.message}`));
+      }
+    });
+  });
+}
+
+function publishDiagnostics(report, workspacePath, diagnostics) {
+  const byFile = new Map();
+
+  for (const finding of report.findings || []) {
+    const file = path.resolve(workspacePath, finding.file);
+    const uri = vscode.Uri.file(file);
+    const line = Math.max(0, (finding.line || 1) - 1);
+    const column = Math.max(0, (finding.column || 1) - 1);
+    const range = new vscode.Range(line, column, line, column + 1);
+    const diagnostic = new vscode.Diagnostic(
+      range,
+      `${finding.ruleId}: ${finding.title}\n${finding.message}\nFix: ${finding.suggestion}`,
+      severityMap[finding.severity] || vscode.DiagnosticSeverity.Warning
+    );
+    diagnostic.code = finding.ruleId;
+    diagnostic.source = 'AWGuard';
+
+    const existing = byFile.get(uri.toString()) || { uri, diagnostics: [] };
+    existing.diagnostics.push(diagnostic);
+    byFile.set(uri.toString(), existing);
+  }
+
+  for (const item of byFile.values()) {
+    diagnostics.set(item.uri, item.diagnostics);
+  }
+}
+
+function deactivate() {}
+
+module.exports = {
+  activate,
+  deactivate
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "awguard",
-  "version": "1.5.0",
+  "version": "1.7.0",
   "description": "Scan GitHub Actions workflows, agent instructions, and MCP configs for AI-agent injection and unsafe tool boundaries.",
   "type": "module",
   "homepage": "https://github.com/Mughal-Baig/agentic-workflow-guard#readme",
@@ -37,9 +37,11 @@
   },
   "files": [
     "action.yml",
+    "Dockerfile",
     "CHANGELOG.md",
     "bin",
     "src",
+    "schemas",
     "docs",
     "examples",
     "README.md",

package/schemas/awguard.badge.schema.json

@@ -0,0 +1,25 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://raw.githubusercontent.com/Mughal-Baig/agentic-workflow-guard/main/schemas/awguard.badge.schema.json",
+  "title": "Agentic Workflow Guard Shields badge endpoint",
+  "type": "object",
+  "additionalProperties": true,
+  "required": ["schemaVersion", "label", "message", "color"],
+  "properties": {
+    "schemaVersion": {
+      "const": 1
+    },
+    "label": {
+      "type": "string"
+    },
+    "message": {
+      "type": "string"
+    },
+    "color": {
+      "type": "string"
+    },
+    "namedLogo": {
+      "type": "string"
+    }
+  }
+}

package/schemas/awguard.baseline.schema.json

@@ -0,0 +1,40 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://raw.githubusercontent.com/Mughal-Baig/agentic-workflow-guard/main/schemas/awguard.baseline.schema.json",
+  "title": "Agentic Workflow Guard baseline",
+  "type": "object",
+  "additionalProperties": false,
+  "required": ["version", "findings"],
+  "properties": {
+    "version": {
+      "const": 1
+    },
+    "findings": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "additionalProperties": false,
+        "required": ["fingerprint", "ruleId", "file", "line", "title"],
+        "properties": {
+          "fingerprint": {
+            "type": "string"
+          },
+          "ruleId": {
+            "type": "string",
+            "pattern": "^AWG[0-9]{3}$"
+          },
+          "file": {
+            "type": "string"
+          },
+          "line": {
+            "type": "integer",
+            "minimum": 1
+          },
+          "title": {
+            "type": "string"
+          }
+        }
+      }
+    }
+  }
+}

package/schemas/awguard.comparison.schema.json

@@ -0,0 +1,146 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://raw.githubusercontent.com/Mughal-Baig/agentic-workflow-guard/main/schemas/awguard.comparison.schema.json",
+  "title": "Agentic Workflow Guard comparison report",
+  "type": "object",
+  "additionalProperties": false,
+  "required": [
+    "summary",
+    "introducedFindings",
+    "resolvedFindings",
+    "addedFiles",
+    "removedFiles",
+    "addedSurfaces",
+    "removedSurfaces"
+  ],
+  "properties": {
+    "summary": {
+      "type": "object",
+      "additionalProperties": false,
+      "required": [
+        "previousFindings",
+        "currentFindings",
+        "introducedFindings",
+        "resolvedFindings",
+        "unchangedFindings",
+        "addedFiles",
+        "removedFiles",
+        "addedSurfaces",
+        "removedSurfaces"
+      ],
+      "properties": {
+        "previousFindings": {
+          "$ref": "#/$defs/count"
+        },
+        "currentFindings": {
+          "$ref": "#/$defs/count"
+        },
+        "introducedFindings": {
+          "$ref": "#/$defs/count"
+        },
+        "resolvedFindings": {
+          "$ref": "#/$defs/count"
+        },
+        "unchangedFindings": {
+          "$ref": "#/$defs/count"
+        },
+        "addedFiles": {
+          "$ref": "#/$defs/count"
+        },
+        "removedFiles": {
+          "$ref": "#/$defs/count"
+        },
+        "addedSurfaces": {
+          "$ref": "#/$defs/count"
+        },
+        "removedSurfaces": {
+          "$ref": "#/$defs/count"
+        }
+      }
+    },
+    "introducedFindings": {
+      "type": "array",
+      "items": {
+        "$ref": "#/$defs/finding"
+      }
+    },
+    "resolvedFindings": {
+      "type": "array",
+      "items": {
+        "$ref": "#/$defs/finding"
+      }
+    },
+    "addedFiles": {
+      "$ref": "#/$defs/fileList"
+    },
+    "removedFiles": {
+      "$ref": "#/$defs/fileList"
+    },
+    "addedSurfaces": {
+      "$ref": "#/$defs/surfaceList"
+    },
+    "removedSurfaces": {
+      "$ref": "#/$defs/surfaceList"
+    }
+  },
+  "$defs": {
+    "count": {
+      "type": "integer",
+      "minimum": 0
+    },
+    "fileList": {
+      "type": "array",
+      "items": {
+        "type": "string"
+      }
+    },
+    "surfaceList": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "additionalProperties": false,
+        "required": ["surface", "label", "files"],
+        "properties": {
+          "surface": {
+            "type": "string",
+            "enum": ["github-workflow", "agent-context", "mcp-config", "other"]
+          },
+          "label": {
+            "type": "string"
+          },
+          "files": {
+            "$ref": "#/$defs/fileList"
+          }
+        }
+      }
+    },
+    "finding": {
+      "type": "object",
+      "additionalProperties": true,
+      "required": ["ruleId", "severity", "file", "line", "title"],
+      "properties": {
+        "ruleId": {
+          "type": "string",
+          "pattern": "^AWG[0-9]{3}$"
+        },
+        "severity": {
+          "type": "string",
+          "enum": ["low", "medium", "high", "critical"]
+        },
+        "file": {
+          "type": "string"
+        },
+        "line": {
+          "type": "integer",
+          "minimum": 1
+        },
+        "title": {
+          "type": "string"
+        },
+        "fingerprint": {
+          "type": "string"
+        }
+      }
+    }
+  }
+}

package/schemas/awguard.config.schema.json

@@ -0,0 +1,167 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://raw.githubusercontent.com/Mughal-Baig/agentic-workflow-guard/main/schemas/awguard.config.schema.json",
+  "title": "Agentic Workflow Guard configuration",
+  "description": "Configuration for AWGuard rule severities, presets, suppression policy, and reviewed agentic surface allowlists.",
+  "type": "object",
+  "additionalProperties": false,
+  "properties": {
+    "$schema": {
+      "type": "string"
+    },
+    "extends": {
+      "description": "Built-in preset name or list of preset names to merge before local settings.",
+      "oneOf": [
+        {
+          "$ref": "#/$defs/preset"
+        },
+        {
+          "type": "array",
+          "items": {
+            "$ref": "#/$defs/preset"
+          },
+          "uniqueItems": true
+        }
+      ]
+    },
+    "rules": {
+      "type": "object",
+      "description": "Rule severity overrides. Use \"off\" to disable a rule.",
+      "additionalProperties": false,
+      "patternProperties": {
+        "^AWG(00[1-9]|01[0-9])$": {
+          "oneOf": [
+            {
+              "$ref": "#/$defs/ruleSeverity"
+            },
+            {
+              "type": "object",
+              "additionalProperties": false,
+              "required": ["severity"],
+              "properties": {
+                "severity": {
+                  "$ref": "#/$defs/ruleSeverity"
+                }
+              }
+            }
+          ]
+        }
+      }
+    },
+    "suppressions": {
+      "type": "object",
+      "additionalProperties": false,
+      "properties": {
+        "allow": {
+          "type": "boolean",
+          "description": "Set false to report every awguard-disable comment as invalid."
+        },
+        "allowedRules": {
+          "type": "array",
+          "description": "Optional list of rule IDs that may be suppressed inline.",
+          "items": {
+            "$ref": "#/$defs/ruleId"
+          },
+          "uniqueItems": true
+        },
+        "minimumReasonLength": {
+          "type": "integer",
+          "minimum": 1,
+          "description": "Minimum characters required after the suppression reason separator."
+        }
+      }
+    },
+    "scan": {
+      "type": "object",
+      "additionalProperties": false,
+      "properties": {
+        "include": {
+          "$ref": "#/$defs/stringList",
+          "description": "Optional glob-style file patterns that narrow discovered AWGuard scan files."
+        },
+        "exclude": {
+          "$ref": "#/$defs/stringList",
+          "description": "Optional glob-style file patterns removed from discovered AWGuard scan files."
+        },
+        "maxFiles": {
+          "type": "integer",
+          "minimum": 1,
+          "description": "Optional cap on the number of discovered scan files."
+        },
+        "maxFileBytes": {
+          "type": "integer",
+          "minimum": 1,
+          "description": "Optional cap on the byte size of each scanned file."
+        }
+      }
+    },
+    "policy": {
+      "type": "object",
+      "additionalProperties": false,
+      "properties": {
+        "approvedFiles": {
+          "$ref": "#/$defs/stringList",
+          "description": "Reviewed workflow, instruction, prompt, skill, and MCP config files. Glob-style * suffixes are supported by AWGuard."
+        },
+        "approvedMcpServers": {
+          "$ref": "#/$defs/stringList",
+          "description": "Reviewed MCP server names."
+        },
+        "approvedMcpPackages": {
+          "$ref": "#/$defs/stringList",
+          "description": "Reviewed MCP package or container specs, preferably pinned to exact versions or digests."
+        },
+        "approvedMcpPackageScopes": {
+          "$ref": "#/$defs/stringList",
+          "description": "Reviewed npm package scopes or prefixes for optional offline MCP package reputation checks, for example @modelcontextprotocol/."
+        },
+        "approvedMcpCommands": {
+          "$ref": "#/$defs/stringList",
+          "description": "Reviewed MCP launch commands such as node, npx, uvx, or docker."
+        }
+      }
+    }
+  },
+  "$defs": {
+    "preset": {
+      "type": "string",
+      "enum": ["strict", "claude-code", "codex", "aider", "triage-bot"]
+    },
+    "ruleId": {
+      "type": "string",
+      "enum": [
+        "AWG001",
+        "AWG002",
+        "AWG003",
+        "AWG004",
+        "AWG005",
+        "AWG006",
+        "AWG007",
+        "AWG008",
+        "AWG009",
+        "AWG010",
+        "AWG011",
+        "AWG012",
+        "AWG013",
+        "AWG014",
+        "AWG015",
+        "AWG016",
+        "AWG017",
+        "AWG018",
+        "AWG019"
+      ]
+    },
+    "ruleSeverity": {
+      "type": "string",
+      "enum": ["off", "low", "medium", "high", "critical"]
+    },
+    "stringList": {
+      "type": "array",
+      "items": {
+        "type": "string",
+        "minLength": 1
+      },
+      "uniqueItems": true
+    }
+  }
+}