safety-agent-cli 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/commands/scan.d.ts +1 -0
  2. package/dist/commands/scan.js +100 -0
  3. package/dist/index.js +7 -0
  4. package/package.json +1 -1
package/dist/commands/scan.d.ts ADDED
@@ -0,0 +1 @@
1
+ export declare function scanCommand(args: string[]): Promise<void>;
package/dist/commands/scan.js ADDED
@@ -0,0 +1,100 @@
1
+ import { createClient } from "safety-agent";
2
+ function showHelp() {
3
+ console.log("Usage: superagent scan --repo <url> [options]");
4
+ console.log("");
5
+ console.log("Scan a repository for AI agent-targeted attacks like repo poisoning and prompt injection");
6
+ console.log("");
7
+ console.log("Options:");
8
+ console.log(" --help Show this help message");
9
+ console.log(" --repo <url> Repository URL to scan (required)");
10
+ console.log(" --branch <ref> Branch, tag, or commit to checkout");
11
+ console.log(" --model <id> Model to use (default: anthropic/claude-sonnet-4-5)");
12
+ console.log("");
13
+ console.log("Examples:");
14
+ console.log(" superagent scan --repo https://github.com/user/repo");
15
+ console.log(" superagent scan --repo https://github.com/user/repo --branch main");
16
+ console.log(" superagent scan --repo https://github.com/user/repo --model openai/gpt-4o");
17
+ }
18
+ export async function scanCommand(args) {
19
+ // Check for --help flag
20
+ if (args.includes("--help") || args.includes("-h")) {
21
+ showHelp();
22
+ process.exit(0);
23
+ }
24
+ // Parse --repo flag
25
+ let repo;
26
+ const repoFlagIndex = args.indexOf("--repo");
27
+ if (repoFlagIndex !== -1) {
28
+ repo = args[repoFlagIndex + 1];
29
+ if (!repo || repo.startsWith("--")) {
30
+ console.error("❌ ERROR: --repo flag requires a URL");
31
+ process.exit(1);
32
+ }
33
+ }
34
+ if (!repo) {
35
+ console.error("❌ ERROR: --repo flag is required");
36
+ console.error("");
37
+ showHelp();
38
+ process.exit(1);
39
+ }
40
+ // Parse --branch flag
41
+ let branch;
42
+ const branchFlagIndex = args.indexOf("--branch");
43
+ if (branchFlagIndex !== -1) {
44
+ branch = args[branchFlagIndex + 1];
45
+ if (!branch || branch.startsWith("--")) {
46
+ console.error("❌ ERROR: --branch flag requires a value");
47
+ process.exit(1);
48
+ }
49
+ }
50
+ // Parse --model flag
51
+ let model;
52
+ const modelFlagIndex = args.indexOf("--model");
53
+ if (modelFlagIndex !== -1) {
54
+ model = args[modelFlagIndex + 1];
55
+ if (!model || model.startsWith("--")) {
56
+ console.error("❌ ERROR: --model flag requires a value");
57
+ process.exit(1);
58
+ }
59
+ }
60
+ // Ensure API keys are available
61
+ if (!process.env.SUPERAGENT_API_KEY) {
62
+ console.error("❌ ERROR: SUPERAGENT_API_KEY environment variable not set");
63
+ process.exit(2);
64
+ }
65
+ if (!process.env.DAYTONA_API_KEY) {
66
+ console.error("❌ ERROR: DAYTONA_API_KEY environment variable not set");
67
+ console.error("The scan command requires a Daytona API key for sandbox execution.");
68
+ process.exit(2);
69
+ }
70
+ // Create client instance
71
+ const client = createClient({
72
+ apiKey: process.env.SUPERAGENT_API_KEY,
73
+ });
74
+ console.error(`🔍 Scanning repository: ${repo}`);
75
+ if (branch) {
76
+ console.error(` Branch: ${branch}`);
77
+ }
78
+ if (model) {
79
+ console.error(` Model: ${model}`);
80
+ }
81
+ console.error("");
82
+ try {
83
+ const result = await client.scan({
84
+ repo,
85
+ branch,
86
+ model: model,
87
+ });
88
+ // Output result as JSON
89
+ const output = {
90
+ result: result.result,
91
+ usage: result.usage,
92
+ };
93
+ console.log(JSON.stringify(output, null, 2));
94
+ process.exit(0);
95
+ }
96
+ catch (error) {
97
+ console.error(`❌ Scan failed: ${error.message}`);
98
+ process.exit(2);
99
+ }
100
+ }
package/dist/index.js CHANGED
@@ -1,6 +1,7 @@
1
1
  #!/usr/bin/env node
2
2
  import { guardCommand } from './commands/guard.js';
3
3
  import { redactCommand } from './commands/redact.js';
4
+ import { scanCommand } from './commands/scan.js';
4
5
  function showHelp() {
5
6
  console.log('Usage: superagent <command> [options]');
6
7
  console.log('');
@@ -9,6 +10,7 @@ function showHelp() {
9
10
  console.log('Commands:');
10
11
  console.log(' guard Analyze prompts for security threats');
11
12
  console.log(' redact Remove sensitive data from text');
13
+ console.log(' scan Scan repositories for AI agent-targeted attacks');
12
14
  console.log('');
13
15
  console.log('Options:');
14
16
  console.log(' --help Show help for a command');
@@ -16,8 +18,10 @@ function showHelp() {
16
18
  console.log('Examples:');
17
19
  console.log(' superagent guard --help');
18
20
  console.log(' superagent redact --help');
21
+ console.log(' superagent scan --help');
19
22
  console.log(' superagent guard "rm -rf /"');
20
23
  console.log(' superagent redact "My email is john@example.com"');
24
+ console.log(' superagent scan --repo https://github.com/user/repo');
21
25
  }
22
26
  const args = process.argv.slice(2);
23
27
  const command = args[0];
@@ -32,6 +36,9 @@ switch (command) {
32
36
  case 'redact':
33
37
  await redactCommand(args.slice(1));
34
38
  break;
39
+ case 'scan':
40
+ await scanCommand(args.slice(1));
41
+ break;
35
42
  default:
36
43
  console.error(`Unknown command: ${command}`);
37
44
  console.error('');
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "safety-agent-cli",
3
- "version": "0.1.0",
3
+ "version": "0.1.1",
4
4
  "description": "CLI for Superagent - validate prompts and tool calls for security",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",