agent-audit-kit 0.3.26__tar.gz → 0.3.41__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (665) hide show
  1. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/badge-ox-coverage.yml +1 -1
  2. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/ci.yml +1 -1
  3. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/codeql.yml +1 -1
  4. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/coverage-page.yml +1 -1
  5. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/cve-watcher.yml +1 -1
  6. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/docker-nightly.yml +1 -1
  7. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/mcp-security-index.yml +1 -1
  8. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/release.yml +5 -5
  9. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/scorecard.yml +1 -1
  10. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/self-scan.yml +19 -4
  11. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/sync-repo-metadata.yml +1 -1
  12. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/sync-rule-count.yml +1 -1
  13. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/CHANGELOG.md +767 -0
  14. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/CLAUDE.md +10 -10
  15. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/PKG-INFO +32 -27
  16. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/README.md +31 -26
  17. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/ROADMAP_2026.md +4 -4
  18. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/SECURITY.md +1 -1
  19. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/action.yml +1 -1
  20. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/__init__.py +3 -3
  21. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/cli.py +2 -1
  22. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/engine.py +11 -0
  23. agent_audit_kit-0.3.41/agent_audit_kit/output/compliance.py +467 -0
  24. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/output/pdf_report.py +20 -0
  25. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/rules/builtin.py +504 -21
  26. agent_audit_kit-0.3.41/agent_audit_kit/scanners/argv_toctou.py +309 -0
  27. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/crewai_rce_chain.py +46 -4
  28. agent_audit_kit-0.3.41/agent_audit_kit/scanners/llm_sql_rce.py +359 -0
  29. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/mcp_config.py +153 -0
  30. agent_audit_kit-0.3.41/agent_audit_kit/scanners/mcp_env_placeholder_exfil.py +137 -0
  31. agent_audit_kit-0.3.41/agent_audit_kit/scanners/mcp_http_noauth_server.py +291 -0
  32. agent_audit_kit-0.3.41/agent_audit_kit/scanners/mcp_noauth_default.py +284 -0
  33. agent_audit_kit-0.3.41/agent_audit_kit/scanners/mcp_stdio_launcher.py +209 -0
  34. agent_audit_kit-0.3.41/agent_audit_kit/scanners/mcp_toolgate_asymmetry.py +246 -0
  35. agent_audit_kit-0.3.41/agent_audit_kit/scanners/mcp_tunnel.py +508 -0
  36. agent_audit_kit-0.3.41/agent_audit_kit/scanners/sandbox_self_disable.py +225 -0
  37. agent_audit_kit-0.3.41/agent_audit_kit/scanners/shared_resource_authz.py +249 -0
  38. agent_audit_kit-0.3.41/agent_audit_kit/scanners/skill_untrusted_exec_path.py +312 -0
  39. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/stdio_injection.py +5 -2
  40. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/tool_poisoning.py +86 -4
  41. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/typescript_pattern_scan.py +30 -0
  42. agent_audit_kit-0.3.41/benchmarks/results-2026-06-13.json +155 -0
  43. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/RELEASING.md +1 -1
  44. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/ci-cd.md +2 -2
  45. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/comparison.md +2 -2
  46. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/comparisons.md +7 -7
  47. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/getting-started.md +2 -2
  48. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/index.md +2 -2
  49. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/launch/hn.md +4 -4
  50. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/launch/reddit.md +6 -6
  51. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/launch/x-thread.md +7 -6
  52. agent_audit_kit-0.3.41/docs/owasp-agentic-coverage.md +18 -0
  53. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/presets/mcp-ox-2026-04.md +1 -1
  54. agent_audit_kit-0.3.41/docs/research-log.md +103 -0
  55. agent_audit_kit-0.3.41/docs/rules.md +32 -0
  56. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/ci-integration/github-actions-sarif.yml +1 -1
  57. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/launch/awesome-list-prs/awesome-opensource-security.md +2 -2
  58. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/launch/awesome-list-prs/awesome-security.md +3 -3
  59. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/launch/blog-50-mcp-servers.md +2 -2
  60. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/launch/owasp-outreach.md +4 -4
  61. agent_audit_kit-0.3.41/launch/state-of-mcp-security-2026.md +205 -0
  62. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/public/owasp-agentic-coverage.json +189 -12
  63. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/pyproject.toml +1 -1
  64. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/rules.json +358 -14
  65. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/site/coverage/index.html +2 -2
  66. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/clean_mcp.json +1 -0
  67. agent_audit_kit-0.3.41/tests/test_argv_toctou.py +181 -0
  68. agent_audit_kit-0.3.41/tests/test_crewai_nvd_and_evasion.py +124 -0
  69. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_flowise.py +15 -1
  70. agent_audit_kit-0.3.41/tests/test_llm_sql_rce.py +223 -0
  71. agent_audit_kit-0.3.41/tests/test_mcp_attestation.py +246 -0
  72. agent_audit_kit-0.3.41/tests/test_mcp_env_placeholder_exfil.py +139 -0
  73. agent_audit_kit-0.3.41/tests/test_mcp_http_noauth_server.py +325 -0
  74. agent_audit_kit-0.3.41/tests/test_mcp_noauth_default.py +179 -0
  75. agent_audit_kit-0.3.41/tests/test_mcp_stdio_launcher.py +155 -0
  76. agent_audit_kit-0.3.41/tests/test_mcp_toolgate_asymmetry.py +202 -0
  77. agent_audit_kit-0.3.41/tests/test_mcp_tunnel.py +454 -0
  78. agent_audit_kit-0.3.41/tests/test_nsa_mcp_csi.py +328 -0
  79. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_phase5.py +1 -1
  80. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_rule_count_sync.py +54 -0
  81. agent_audit_kit-0.3.41/tests/test_sandbox_self_disable.py +232 -0
  82. agent_audit_kit-0.3.41/tests/test_shared_resource_authz.py +208 -0
  83. agent_audit_kit-0.3.41/tests/test_skill_untrusted_exec_path.py +177 -0
  84. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_tool_poisoning.py +192 -0
  85. agent_audit_kit-0.3.41/tests/test_typescript_pattern_scan_sql.py +142 -0
  86. agent_audit_kit-0.3.26/agent_audit_kit/output/compliance.py +0 -217
  87. agent_audit_kit-0.3.26/docs/owasp-agentic-coverage.md +0 -18
  88. agent_audit_kit-0.3.26/docs/research-log.md +0 -57
  89. agent_audit_kit-0.3.26/docs/rules.md +0 -30
  90. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.agent-audit-kit.yml +0 -0
  91. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.claude/auto-memory/config.json +0 -0
  92. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.editorconfig +0 -0
  93. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/FUNDING.yml +0 -0
  94. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/ISSUE_TEMPLATE/bug_report.md +0 -0
  95. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/ISSUE_TEMPLATE/feature_request.md +0 -0
  96. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/PULL_REQUEST_TEMPLATE.md +0 -0
  97. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/dependabot.yml +0 -0
  98. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.gitignore +0 -0
  99. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.pre-commit-config.yaml +0 -0
  100. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.pre-commit-hooks.yaml +0 -0
  101. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/CHANGELOG.cves.md +0 -0
  102. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/CLAUDE_PROMPT.md +0 -0
  103. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/CODE_OF_CONDUCT.md +0 -0
  104. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/CONTRIBUTING.md +0 -0
  105. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/DEEP_ANALYSIS.md +0 -0
  106. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/Dockerfile +0 -0
  107. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/LICENSE +0 -0
  108. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/advisories.py +0 -0
  109. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/autofix/__init__.py +0 -0
  110. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/autofix/langgraph_toolnode.py +0 -0
  111. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/bundle.py +0 -0
  112. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/checks/__init__.py +0 -0
  113. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/checks/economic_drift.py +0 -0
  114. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/checks/openclaw.py +0 -0
  115. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/cli_modules/__init__.py +0 -0
  116. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/cli_modules/rule_lint.py +0 -0
  117. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/corpus/__init__.py +0 -0
  118. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/corpus/manifest.py +0 -0
  119. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/coverage.py +0 -0
  120. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/data/aivss-v08-defaults.json +0 -0
  121. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/data/fhi_universal_suffixes.txt +0 -0
  122. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/data/ipi_wild_payloads_2026_04.json +0 -0
  123. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/data/ox-cve-manifest.json +0 -0
  124. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/data/prisma-airs-aak-map.json +0 -0
  125. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/data/prisma-airs-catalog.json +0 -0
  126. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/data/toxic_flow_pairs.yml +0 -0
  127. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/data/vuln_db.json +0 -0
  128. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/diff.py +0 -0
  129. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/discovery.py +0 -0
  130. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/feeds/__init__.py +0 -0
  131. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/fix.py +0 -0
  132. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/ide/__init__.py +0 -0
  133. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/ide/lsp_diag.py +0 -0
  134. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/integrations/__init__.py +0 -0
  135. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/integrations/notify.py +0 -0
  136. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/llm_scan.py +0 -0
  137. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/models.py +0 -0
  138. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/output/__init__.py +0 -0
  139. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/output/aicm.py +0 -0
  140. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/output/console.py +0 -0
  141. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/output/json_report.py +0 -0
  142. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/output/owasp_report.py +0 -0
  143. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/output/pr_summary.py +0 -0
  144. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/output/sarif.py +0 -0
  145. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/output/sbom.py +0 -0
  146. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/parity/__init__.py +0 -0
  147. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/pinning.py +0 -0
  148. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/presets/__init__.py +0 -0
  149. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/presets/mcp-ox-2026-04.yaml +0 -0
  150. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/proxy/__init__.py +0 -0
  151. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/proxy/interceptor.py +0 -0
  152. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/remediation/__init__.py +0 -0
  153. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/remediation/engine.py +0 -0
  154. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/rules/__init__.py +0 -0
  155. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/sanitizers/__init__.py +0 -0
  156. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/sanitizers/crewai.py +0 -0
  157. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/sanitizers/deepseek.py +0 -0
  158. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/sarif/__init__.py +0 -0
  159. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/sarif/diff.py +0 -0
  160. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/__init__.py +0 -0
  161. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/_helpers.py +0 -0
  162. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/a2a_protocol.py +0 -0
  163. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/agent_config.py +0 -0
  164. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/agent_harness_shared_state.py +0 -0
  165. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/deepseek_v4_tool_injection.py +0 -0
  166. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/dns_rebind.py +0 -0
  167. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/docsgpt_transport_flip.py +0 -0
  168. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/eu_ai_act_art15_locale.py +0 -0
  169. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/gha_hardening.py +0 -0
  170. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/gpt_researcher_transport_flip.py +0 -0
  171. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/healthcare_ai.py +0 -0
  172. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/hook_injection.py +0 -0
  173. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/hook_rce.py +0 -0
  174. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/india_pii.py +0 -0
  175. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/ipi_wild_corpus.py +0 -0
  176. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/langchain_prompt_loader.py +0 -0
  177. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/langchain_vuln.py +0 -0
  178. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/langgraph_toolnode.py +0 -0
  179. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/legal_compliance.py +0 -0
  180. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/log_injection.py +0 -0
  181. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/log_token_leak.py +0 -0
  182. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/marketplace_manifest.py +0 -0
  183. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/mcp_atlassian.py +0 -0
  184. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/mcp_auth_patterns.py +0 -0
  185. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/mcp_fhi.py +0 -0
  186. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/mcp_inspector_cve.py +0 -0
  187. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/mcp_marketplace_fetch.py +0 -0
  188. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/mcp_middleware.py +0 -0
  189. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/mcp_sampling_capability.py +0 -0
  190. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/mcp_sdk_hardening.py +0 -0
  191. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/mcp_server_auth.py +0 -0
  192. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/mcp_stateless_migration.py +0 -0
  193. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/mcp_stdio_params.py +0 -0
  194. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/mcp_tasks.py +0 -0
  195. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/mcp_tool_unsafe_eval.py +0 -0
  196. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/metis_pomdp.py +0 -0
  197. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/neo4j_cve.py +0 -0
  198. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/oauth_misconfig.py +0 -0
  199. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/oauth_surface.py +0 -0
  200. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/openapi_smells.py +0 -0
  201. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/openclaw_privesc.py +0 -0
  202. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/pin_drift.py +0 -0
  203. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/project_deal_drift.py +0 -0
  204. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/prtitle_ipi.py +0 -0
  205. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/routines.py +0 -0
  206. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/rust_pattern_scan.py +0 -0
  207. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/rust_scan.py +0 -0
  208. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/secret_exposure.py +0 -0
  209. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/skill_lifecycle_attribution.py +0 -0
  210. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/skill_poisoning.py +0 -0
  211. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/social_agent_hijack.py +0 -0
  212. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/splunk_mcp_config.py +0 -0
  213. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/ssrf_patterns.py +0 -0
  214. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/ssrf_redirect.py +0 -0
  215. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/ssrf_toctou.py +0 -0
  216. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/stainless_lineage.py +0 -0
  217. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/state_privacy.py +0 -0
  218. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/supply_chain.py +0 -0
  219. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/taint_analysis.py +0 -0
  220. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/toxic_flow.py +0 -0
  221. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/transport_limits.py +0 -0
  222. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/transport_security.py +0 -0
  223. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/trust_boundary.py +0 -0
  224. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scanners/typescript_scan.py +0 -0
  225. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scoring/__init__.py +0 -0
  226. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scoring/aivss.py +0 -0
  227. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/scoring/aivss_schema.py +0 -0
  228. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/translators/__init__.py +0 -0
  229. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/translators/pipelock.py +0 -0
  230. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/translators/prisma_airs.py +0 -0
  231. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/verification.py +0 -0
  232. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/vuln_db.py +0 -0
  233. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/agent_audit_kit/watch.py +0 -0
  234. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/benchmarks/README.md +0 -0
  235. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/benchmarks/crawler.py +0 -0
  236. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/benchmarks/index_builder.py +0 -0
  237. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/benchmarks/run_benchmark.sh +0 -0
  238. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/benchmarks/sample_configs/sample_01_clean.json +0 -0
  239. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/benchmarks/sample_configs/sample_02_secrets.json +0 -0
  240. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/benchmarks/sample_configs/sample_03_no_auth.json +0 -0
  241. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/benchmarks/sample_configs/sample_04_shell_injection.json +0 -0
  242. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/benchmarks/sample_configs/sample_05_mixed.json +0 -0
  243. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/benchmarks/sources.py +0 -0
  244. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/ci/gitlab/agent-audit-kit.gitlab-ci.yml +0 -0
  245. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/CNAME +0 -0
  246. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/azure-pipelines.md +0 -0
  247. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/blog/state-of-mcp-security-template.md +0 -0
  248. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/circleci.md +0 -0
  249. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/comparison-gitlab-agentic-sast.md +0 -0
  250. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/disclosure-policy.md +0 -0
  251. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/gitlab-ci.md +0 -0
  252. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/launch/CHECKLIST.md +0 -0
  253. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/launch/github-verified-creator-application.md +0 -0
  254. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/launch/owasp-reference-tool-submission.md +0 -0
  255. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/launch/press.md +0 -0
  256. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/launch/release-notes-v0.3.0.md +0 -0
  257. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/metrics.md +0 -0
  258. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/notes/adjudicator-pattern.md +0 -0
  259. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/owasp-mapping.md +0 -0
  260. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/plans/2026-04-21-v0.3.3-design.md +0 -0
  261. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/roadmap/ox-mcp-2026-05-01-batch.md +0 -0
  262. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/rule-schema.md +0 -0
  263. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/rules/AAK-AZURE-MCP-001.md +0 -0
  264. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/rules/AAK-AZURE-MCP-NOAUTH-001.md +0 -0
  265. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/rules/AAK-LANGCHAIN-SSRF-REDIR-001.md +0 -0
  266. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/rules/AAK-LMDEPLOY-VL-SSRF-001.md +0 -0
  267. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/rules/AAK-MCP-MARKETPLACE-CONFIG-FETCH-001.md +0 -0
  268. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/rules/AAK-MCP-STDIO-CMD-INJ-001.md +0 -0
  269. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/rules/AAK-MCP-STDIO-CMD-INJ-002.md +0 -0
  270. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/rules/AAK-MCP-STDIO-CMD-INJ-003.md +0 -0
  271. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/rules/AAK-MCP-STDIO-CMD-INJ-004.md +0 -0
  272. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/rules/AAK-SPLUNK-MCP-TOKEN-LEAK-001.md +0 -0
  273. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/rules/AAK-SSRF-TOCTOU-001.md +0 -0
  274. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/rules/AAK-TOXICFLOW-001.md +0 -0
  275. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/rules/index.md +0 -0
  276. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/docs/spec/sarif-runtime-context.md +0 -0
  277. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/editors/zed/README.md +0 -0
  278. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/editors/zed/extension.toml +0 -0
  279. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/entrypoint.sh +0 -0
  280. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/README.md +0 -0
  281. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/case-studies/damn-vulnerable-mcp/README.md +0 -0
  282. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/case-studies/damn-vulnerable-mcp/configs/dvmcp-inspired.mcp.json +0 -0
  283. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/case-studies/damn-vulnerable-mcp/configs/dvmcp-settings.json +0 -0
  284. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/case-studies/damn-vulnerable-mcp/scan-results.json +0 -0
  285. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/case-studies/damn-vulnerable-mcp/scan-results.sarif +0 -0
  286. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/ci-integration/README.md +0 -0
  287. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/ci-integration/docker-one-liner.sh +0 -0
  288. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/ci-integration/gitlab-ci-scan.yml +0 -0
  289. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/ci-integration/pre-commit-config.yaml +0 -0
  290. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/run-all-examples.sh +0 -0
  291. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/01-no-auth-remote/.mcp.json +0 -0
  292. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/01-no-auth-remote/expected-findings.json +0 -0
  293. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/02-shell-injection/.mcp.json +0 -0
  294. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/02-shell-injection/expected-findings.json +0 -0
  295. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/03-hardcoded-secrets/.gitignore +0 -0
  296. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/03-hardcoded-secrets/.mcp.json +0 -0
  297. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/03-hardcoded-secrets/expected-findings.json +0 -0
  298. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/04-hook-exfiltration/.claude/settings.json +0 -0
  299. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/04-hook-exfiltration/expected-findings.json +0 -0
  300. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/05-trust-boundary-violations/.claude/settings.json +0 -0
  301. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/05-trust-boundary-violations/.mcp.json +0 -0
  302. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/05-trust-boundary-violations/expected-findings.json +0 -0
  303. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/06-tool-poisoning/.mcp.json +0 -0
  304. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/06-tool-poisoning/expected-findings.json +0 -0
  305. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/07-tainted-tool-function/expected-findings.json +0 -0
  306. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/07-tainted-tool-function/server.py +0 -0
  307. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/08-transport-insecurity/.mcp.json +0 -0
  308. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/08-transport-insecurity/expected-findings.json +0 -0
  309. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/09-a2a-insecure-agent/agent-card.json +0 -0
  310. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/09-a2a-insecure-agent/expected-findings.json +0 -0
  311. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/10-supply-chain-risks/.mcp.json +0 -0
  312. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/10-supply-chain-risks/expected-findings.json +0 -0
  313. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/10-supply-chain-risks/package.json +0 -0
  314. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/11-legal-compliance/expected-findings.json +0 -0
  315. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/11-legal-compliance/package.json +0 -0
  316. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/11-legal-compliance/subproject/package.json +0 -0
  317. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/examples/vulnerable-configs/README.md +0 -0
  318. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/launch/MARKET-RESEARCH-2026-04-12.md +0 -0
  319. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/launch/demo.cast +0 -0
  320. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/mkdocs.yml +0 -0
  321. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/public/badges/ox-coverage.json +0 -0
  322. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/public/corpora/manifest.json +0 -0
  323. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/releases/v0.3.10.md +0 -0
  324. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/releases/v0.3.5.md +0 -0
  325. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/releases/v0.3.6.md +0 -0
  326. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/releases/v0.3.7.md +0 -0
  327. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/releases/v0.3.8.md +0 -0
  328. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/releases/v0.3.9.md +0 -0
  329. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/requirements-lock.txt +0 -0
  330. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/schema/ox-cve-manifest.schema.json +0 -0
  331. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/scripts/backfill_cve_property.py +0 -0
  332. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/scripts/build_coverage_page.py +0 -0
  333. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/scripts/close_duplicate_cve_issues.py +0 -0
  334. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/scripts/cve_watcher.py +0 -0
  335. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/scripts/gen_owasp_coverage.py +0 -0
  336. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/scripts/generate_lockfile.py +0 -0
  337. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/scripts/install-pre-commit.sh +0 -0
  338. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/scripts/sync_repo_metadata.py +0 -0
  339. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/scripts/sync_rule_count.py +0 -0
  340. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/scripts/sync_scanner_count.py +0 -0
  341. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/scripts/watch_csa_mcp_baseline.py +0 -0
  342. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/site/coverage/ox.json +0 -0
  343. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/site/coverage/prisma-airs.json +0 -0
  344. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/conftest.py +0 -0
  345. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/LICENSES.md +0 -0
  346. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/clean_settings.json +0 -0
  347. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/crewai/safe/full_chain.py +0 -0
  348. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/crewai/vulnerable/full_chain.py +0 -0
  349. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/a2a_2026/vulnerable_card.json +0 -0
  350. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/comment-and-control-2026-04-25/patched/review_agent.py +0 -0
  351. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/comment-and-control-2026-04-25/vulnerable/review_agent.py +0 -0
  352. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2025-65720-gpt-researcher/config-safe-rejected/.mcp.json +0 -0
  353. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2025-65720-gpt-researcher/config-unsafe/.mcp.json +0 -0
  354. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2025-65720-gpt-researcher/pin-vulnerable-git/package.json +0 -0
  355. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2025-65720-gpt-researcher/pin-vulnerable-pypi/requirements.txt +0 -0
  356. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2025-66335/patched/requirements.txt +0 -0
  357. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2025-66335/vulnerable/requirements.txt +0 -0
  358. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-20205/patched-splunk-pin/requirements.txt +0 -0
  359. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-20205/redacted-token-log/server.py +0 -0
  360. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-20205/vulnerable-splunk-pin/requirements.txt +0 -0
  361. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-20205/vulnerable-token-log/server.py +0 -0
  362. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-20205-config/patched-yaml/splunk-mcp.yaml +0 -0
  363. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-20205-config/vulnerable-inputs/inputs.conf +0 -0
  364. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-20205-config/vulnerable-yaml/splunk-mcp.yaml +0 -0
  365. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-23744-mcp-inspector/vendored-fork/vendor/mcpjam-inspector/server.ts +0 -0
  366. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-26015-docsgpt/config-safe-no-override/.mcp.json +0 -0
  367. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-26015-docsgpt/config-safe-rejected/.mcp.json +0 -0
  368. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-26015-docsgpt/config-unsafe/.mcp.json +0 -0
  369. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-26015-docsgpt/pin-safe/package.json +0 -0
  370. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-26015-docsgpt/pin-vulnerable/package.json +0 -0
  371. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-26015-docsgpt/pin-vulnerable-git/package.json +0 -0
  372. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-26030-semantic-kernel/pin-safe/requirements.txt +0 -0
  373. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-26030-semantic-kernel/pin-safe-floor/requirements.txt +0 -0
  374. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-26030-semantic-kernel/pin-vulnerable/requirements.txt +0 -0
  375. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-27825-atlassian/patched-pin/requirements.txt +0 -0
  376. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-27825-atlassian/vulnerable/agent.py +0 -0
  377. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-30615/patched/py_argv_allowlist.py +0 -0
  378. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-30615/vulnerable/py_os_system_stdin.py +0 -0
  379. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-30615/vulnerable/py_subprocess_shell.py +0 -0
  380. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-30615/vulnerable/ts_execa_shell.ts +0 -0
  381. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-30623-litellm/patched/requirements-floor.txt +0 -0
  382. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-30623-litellm/patched/requirements.txt +0 -0
  383. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-30623-litellm/vulnerable/requirements.txt +0 -0
  384. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-32211/patched-with-auth/.mcp.json +0 -0
  385. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-32211/vulnerable-no-auth/.mcp.json +0 -0
  386. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-32211-server/pyproject.toml +0 -0
  387. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-32211-server/server.py +0 -0
  388. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-33032/patched/router.go +0 -0
  389. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-33032/vulnerable/router.go +0 -0
  390. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-33032/vulnerable/server.py +0 -0
  391. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-33032/vulnerable/server.ts +0 -0
  392. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-33626/patched-pin/requirements.txt +0 -0
  393. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-33626/vulnerable/pipeline.py +0 -0
  394. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-39313/length-capped/http.ts +0 -0
  395. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-39313/patched/package.json +0 -0
  396. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-39313/vulnerable/http.ts +0 -0
  397. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-39313/vulnerable/package.json +0 -0
  398. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-40068-claudecode/pin-safe/package.json +0 -0
  399. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-40068-claudecode/pin-vulnerable/package.json +0 -0
  400. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-40933/vulnerable/flow.json +0 -0
  401. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-41481/patched-no-redirect/server.py +0 -0
  402. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-41481/patched-pin/requirements.txt +0 -0
  403. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-41481/vulnerable-pin/requirements.txt +0 -0
  404. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-41481/vulnerable-redirect/server.py +0 -0
  405. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-41488/patched-pin/requirements.txt +0 -0
  406. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-41488/patched-pinned/server.py +0 -0
  407. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-41488/vulnerable-pin/requirements.txt +0 -0
  408. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-41488/vulnerable-toctou/server.py +0 -0
  409. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-44717-mcp-calculate-server/pin-safe/requirements.txt +0 -0
  410. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-44717-mcp-calculate-server/pin-safe-floor/requirements.txt +0 -0
  411. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-44717-mcp-calculate-server/pin-vulnerable/requirements.txt +0 -0
  412. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-7061-chatgpt-mcp/safe/package.json +0 -0
  413. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-7061-chatgpt-mcp/vulnerable-git/package.json +0 -0
  414. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-7061-chatgpt-mcp/vulnerable-shorthand/package.json +0 -0
  415. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-7591-astro-mcp/source-safe/no_import.ts +0 -0
  416. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-7591-astro-mcp/source-safe/parametrized.ts +0 -0
  417. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-7591-astro-mcp/source-safe/tagged_template.ts +0 -0
  418. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-7591-astro-mcp/source-unsafe/index.ts +0 -0
  419. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/cve-2026-7591-astro-mcp/vulnerable/package.json +0 -0
  420. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/dns-rebind-sdk-class/apollo-patched/package.json +0 -0
  421. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/dns-rebind-sdk-class/apollo-vulnerable/package.json +0 -0
  422. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/dns-rebind-sdk-class/java-patched/pom.xml +0 -0
  423. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/dns-rebind-sdk-class/java-vulnerable/pom.xml +0 -0
  424. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/dns-rebind-sdk-class/python-patched/requirements.txt +0 -0
  425. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/dns-rebind-sdk-class/python-pattern-guarded/requirements.txt +0 -0
  426. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/dns-rebind-sdk-class/python-pattern-guarded/server.py +0 -0
  427. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/dns-rebind-sdk-class/python-pattern-unguarded/requirements.txt +0 -0
  428. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/dns-rebind-sdk-class/python-pattern-unguarded/server.py +0 -0
  429. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/dns-rebind-sdk-class/python-vulnerable/requirements.txt +0 -0
  430. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/healthcare_ai/safe_skill.md +0 -0
  431. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/healthcare_ai/vulnerable_skill.md +0 -0
  432. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/hook_rce/safe_settings.json +0 -0
  433. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/hook_rce/vulnerable_settings.json +0 -0
  434. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/india_pii/safe.txt +0 -0
  435. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/india_pii/vulnerable.txt +0 -0
  436. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/langchain/safe_requirements.txt +0 -0
  437. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/langchain/vulnerable_prompt.py +0 -0
  438. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/langchain/vulnerable_requirements.txt +0 -0
  439. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/marketplace/safe.json +0 -0
  440. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/marketplace/vulnerable.json +0 -0
  441. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/mcp_auth/safe_server.py +0 -0
  442. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/mcp_auth/vulnerable_server.py +0 -0
  443. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/oauth/safe.py +0 -0
  444. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/oauth/vulnerable.py +0 -0
  445. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/ox-mcp-stdio-class/patched_java.java +0 -0
  446. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/ox-mcp-stdio-class/patched_py.py +0 -0
  447. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/ox-mcp-stdio-class/patched_rust.rs +0 -0
  448. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/ox-mcp-stdio-class/patched_ts.ts +0 -0
  449. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/ox-mcp-stdio-class/vulnerable_java.java +0 -0
  450. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/ox-mcp-stdio-class/vulnerable_py.py +0 -0
  451. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/ox-mcp-stdio-class/vulnerable_rust.rs +0 -0
  452. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/ox-mcp-stdio-class/vulnerable_ts.ts +0 -0
  453. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/routines/safe.json +0 -0
  454. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/routines/vulnerable.json +0 -0
  455. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/skills/safe.md +0 -0
  456. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/skills/vulnerable.md +0 -0
  457. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/ssrf/safe.py +0 -0
  458. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/ssrf/vulnerable.py +0 -0
  459. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/state_privacy/safe_privacy.md +0 -0
  460. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/state_privacy/vulnerable_privacy.md +0 -0
  461. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/tasks/safe.py +0 -0
  462. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/cves/tasks/vulnerable.py +0 -0
  463. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/deepseek/safe/agent.py +0 -0
  464. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/deepseek/vulnerable/agent.py +0 -0
  465. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/env_with_secrets +0 -0
  466. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/eu_ai_act_art15_locale/documented_risk/.agent-audit-kit.yml +0 -0
  467. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/eu_ai_act_art15_locale/documented_risk/agent.yaml +0 -0
  468. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/eu_ai_act_art15_locale/multilingual_en_only/agent.yaml +0 -0
  469. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/eu_ai_act_art15_locale/multilingual_en_only/evals/welcome.en.yaml +0 -0
  470. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/eu_ai_act_art15_locale/multilingual_internal_only/agent.yaml +0 -0
  471. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/eu_ai_act_art15_locale/multilingual_with_coverage/agent.yaml +0 -0
  472. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/eu_ai_act_art15_locale/multilingual_with_coverage/evals/welcome.de.yaml +0 -0
  473. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/eu_ai_act_art15_locale/multilingual_with_coverage/evals/welcome.en.yaml +0 -0
  474. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/eu_ai_act_art15_locale/multilingual_with_coverage/evals/welcome.fr.yaml +0 -0
  475. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/eu_ai_act_art15_locale/single_locale/agent.yaml +0 -0
  476. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/harness_shared_state/safe_multi_agent.py +0 -0
  477. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/harness_shared_state/unsafe_multi_agent.py +0 -0
  478. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ipi-wild-2026-04-24/poisoned_template.md +0 -0
  479. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/mcp-fhi/clean/server.py +0 -0
  480. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/mcp-fhi/vulnerable/server.py +0 -0
  481. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ox-mcp-2026-04-15/documented-risk/.agent-audit-kit.yml +0 -0
  482. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ox-mcp-2026-04-15/documented-risk/requirements.txt +0 -0
  483. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ox-mcp-2026-04-15/documented-risk/server.py +0 -0
  484. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ox-mcp-2026-04-15/python/sanitized/requirements.txt +0 -0
  485. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ox-mcp-2026-04-15/python/sanitized/server.py +0 -0
  486. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ox-mcp-2026-04-15/python/vulnerable/requirements.txt +0 -0
  487. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ox-mcp-2026-04-15/python/vulnerable/server.py +0 -0
  488. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ox-mcp-2026-04-15/typescript/sanitized/package.json +0 -0
  489. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ox-mcp-2026-04-15/typescript/sanitized/server.ts +0 -0
  490. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ox-mcp-2026-04-15/typescript/vulnerable/package.json +0 -0
  491. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ox-mcp-2026-04-15/typescript/vulnerable/server.ts +0 -0
  492. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ox-mcp-marketplace-fetch/patched.py +0 -0
  493. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ox-mcp-marketplace-fetch/vulnerable.py +0 -0
  494. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/ox-mcp-marketplace-fetch/vulnerable.ts +0 -0
  495. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/incidents/vercel-2026-04-19/app.yaml +0 -0
  496. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/langchain_prompt_loader/constant_safe.py +0 -0
  497. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/langchain_prompt_loader/user_path_unsafe.py +0 -0
  498. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/langchain_prompt_loader/validated_safe.py +0 -0
  499. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/langgraph/safe/graph.py +0 -0
  500. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/langgraph/vulnerable/graph.py +0 -0
  501. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_sampling/clean_python/requirements.txt +0 -0
  502. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_sampling/clean_python/server.py +0 -0
  503. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_sampling/config_clean/.mcp.json +0 -0
  504. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_sampling/config_vulnerable/.mcp.json +0 -0
  505. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_sampling/documented_risk/.agent-audit-kit.yml +0 -0
  506. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_sampling/documented_risk/requirements.txt +0 -0
  507. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_sampling/documented_risk/server.py +0 -0
  508. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_sampling/vulnerable_python/requirements.txt +0 -0
  509. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_sampling/vulnerable_python/server.py +0 -0
  510. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_sampling/vulnerable_typescript/package.json +0 -0
  511. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_sampling/vulnerable_typescript/server.ts +0 -0
  512. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/clean_py/requirements.txt +0 -0
  513. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/clean_py/server.py +0 -0
  514. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/documented_risk/.agent-audit-kit.yml +0 -0
  515. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/documented_risk/requirements.txt +0 -0
  516. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/documented_risk/server.py +0 -0
  517. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/vulnerable_001_py/requirements.txt +0 -0
  518. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/vulnerable_001_py/server.py +0 -0
  519. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/vulnerable_001_ts/package.json +0 -0
  520. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/vulnerable_001_ts/server.ts +0 -0
  521. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/vulnerable_002_py/client.py +0 -0
  522. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/vulnerable_002_py/requirements.txt +0 -0
  523. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/vulnerable_003_k8s/service.yaml +0 -0
  524. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/vulnerable_003_nginx/nginx.conf +0 -0
  525. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/vulnerable_003_store_py/handlers.py +0 -0
  526. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/vulnerable_003_store_py/requirements.txt +0 -0
  527. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/vulnerable_004_client/client.py +0 -0
  528. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_stateless/vulnerable_004_client/requirements.txt +0 -0
  529. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_tool_unsafe_eval/eval_safe.py +0 -0
  530. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_tool_unsafe_eval/eval_unsafe.py +0 -0
  531. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/mcp_tool_unsafe_eval/no_tool_decorator.py +0 -0
  532. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/metis_pomdp/refusal_refeed_safe.py +0 -0
  533. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/metis_pomdp/refusal_refeed_unsafe.py +0 -0
  534. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/metis_pomdp/scoring_sink_unsafe.py +0 -0
  535. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/openapi_smells/clean.openapi.yaml +0 -0
  536. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/openapi_smells/smelly.openapi.yaml +0 -0
  537. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/openclaw/role_default_admin_unsafe.py +0 -0
  538. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/openclaw/role_explicit_safe.py +0 -0
  539. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/package_with_risks.json +0 -0
  540. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/pipelock/policy_invalid.yaml +0 -0
  541. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/pipelock/policy_minimal.yaml +0 -0
  542. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/pipelock/policy_with_parity.yaml +0 -0
  543. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/project_deal/safe/pricer.py +0 -0
  544. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/project_deal/vulnerable/pricer.py +0 -0
  545. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/skill_lifecycle/safe_skill.py +0 -0
  546. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/skill_lifecycle/unsafe_skill.py +0 -0
  547. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/social_agents/tiktok_human_in_loop.py +0 -0
  548. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/social_agents/tiktok_unsafe.py +0 -0
  549. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/stainless_lineage/config_root/stainless.yml +0 -0
  550. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/stainless_lineage/generated_python_sdk/client.py +0 -0
  551. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/stainless_lineage/generated_typescript_sdk/client.ts +0 -0
  552. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/stainless_lineage/handwritten/server.py +0 -0
  553. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/vulnerable_hooks.json +0 -0
  554. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/vulnerable_mcp.json +0 -0
  555. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/fixtures/vulnerable_settings.json +0 -0
  556. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_a2a_2026.py +0 -0
  557. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_a2a_protocol.py +0 -0
  558. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_action.py +0 -0
  559. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_agent_config.py +0 -0
  560. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_aicm.py +0 -0
  561. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_anthropic_sdk_hardening.py +0 -0
  562. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cli.py +0 -0
  563. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_compliance_output.py +0 -0
  564. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_compliance_v2.py +0 -0
  565. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_csa_baseline_watcher.py +0 -0
  566. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_2025_66335.py +0 -0
  567. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_2025_66414_python_sdk.py +0 -0
  568. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_2026_20205_config.py +0 -0
  569. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_2026_20205_splunk.py +0 -0
  570. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_2026_32211.py +0 -0
  571. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_2026_32211_server.py +0 -0
  572. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_2026_33626.py +0 -0
  573. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_2026_35568_java.py +0 -0
  574. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_2026_35577_apollo.py +0 -0
  575. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_2026_39313.py +0 -0
  576. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_2026_40576_excel.py +0 -0
  577. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_2026_40608_next_ai_draw.py +0 -0
  578. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_2026_41481.py +0 -0
  579. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_2026_41488.py +0 -0
  580. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_fix_and_watch_and_advisories.py +0 -0
  581. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cve_watcher_dedup.py +0 -0
  582. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cves_2026.py +0 -0
  583. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_cyclonedx_aibom.py +0 -0
  584. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_diff.py +0 -0
  585. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_discovery.py +0 -0
  586. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_engine.py +0 -0
  587. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_engine_ignore_paths.py +0 -0
  588. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_eu_ai_act_art15_locale.py +0 -0
  589. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_examples.py +0 -0
  590. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_fix.py +0 -0
  591. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_gha_immutable.py +0 -0
  592. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_healthcare_ai_and_state_privacy.py +0 -0
  593. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_hook_injection.py +0 -0
  594. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_index_builder.py +0 -0
  595. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_india_pii.py +0 -0
  596. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_integrations_notify.py +0 -0
  597. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_legal_compliance.py +0 -0
  598. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_llm_scan.py +0 -0
  599. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_llm_scan_mod.py +0 -0
  600. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_marketplace_manifest.py +0 -0
  601. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_marketplace_sources.py +0 -0
  602. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_mcp_config.py +0 -0
  603. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_mcp_marketplace_fetch.py +0 -0
  604. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_mcp_sampling_capability.py +0 -0
  605. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_mcp_stateless_migration.py +0 -0
  606. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_mcp_stdio_cmd_inj_java.py +0 -0
  607. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_mcp_stdio_cmd_inj_python.py +0 -0
  608. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_mcp_stdio_cmd_inj_rust.py +0 -0
  609. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_mcp_stdio_cmd_inj_typescript.py +0 -0
  610. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_mcpwn.py +0 -0
  611. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_oauth_surface.py +0 -0
  612. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_owasp_agentic_coverage.py +0 -0
  613. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_owasp_public_json.py +0 -0
  614. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_owasp_report.py +0 -0
  615. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_owasp_report_output.py +0 -0
  616. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_parity_region_drift.py +0 -0
  617. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_phase3.py +0 -0
  618. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_pin_drift.py +0 -0
  619. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_pinning.py +0 -0
  620. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_pinning_mod.py +0 -0
  621. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_pr_summary.py +0 -0
  622. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_preset_mcp_ox_2026_04.py +0 -0
  623. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_proxy.py +0 -0
  624. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_repo_metadata_sync.py +0 -0
  625. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_sarif_fingerprints.py +0 -0
  626. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_sarif_github_upload.py +0 -0
  627. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_sarif_output.py +0 -0
  628. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_scoring.py +0 -0
  629. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_secret_exposure.py +0 -0
  630. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_skill_poisoning.py +0 -0
  631. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_stdio_injection.py +0 -0
  632. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_supply_chain.py +0 -0
  633. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_taint_analysis.py +0 -0
  634. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_toxic_flow.py +0 -0
  635. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_transport_security.py +0 -0
  636. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_trust_boundary.py +0 -0
  637. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_10_features.py +0 -0
  638. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_10_rules.py +0 -0
  639. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_11_rules.py +0 -0
  640. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_13_rules.py +0 -0
  641. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_14_rules.py +0 -0
  642. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_15_rules.py +0 -0
  643. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_16_rules.py +0 -0
  644. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_17_rules.py +0 -0
  645. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_18_rules.py +0 -0
  646. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_19_rules.py +0 -0
  647. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_1_cve_rules.py +0 -0
  648. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_20_rules.py +0 -0
  649. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_21_rules.py +0 -0
  650. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_22_rules.py +0 -0
  651. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_8_features.py +0 -0
  652. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_8_rules.py +0 -0
  653. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_9_features.py +0 -0
  654. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_9_features_p1.py +0 -0
  655. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_v0_3_9_rules.py +0 -0
  656. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_verification.py +0 -0
  657. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_verification_mod.py +0 -0
  658. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/tests/test_vuln_db.py +0 -0
  659. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/vscode-extension/.vscodeignore +0 -0
  660. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/vscode-extension/CLAUDE.md +0 -0
  661. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/vscode-extension/README.md +0 -0
  662. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/vscode-extension/package.json +0 -0
  663. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/vscode-extension/src/extension.ts +0 -0
  664. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/vscode-extension/src/sarifReader.ts +0 -0
  665. {agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/vscode-extension/tsconfig.json +0 -0
{agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/badge-ox-coverage.yml RENAMED
@@ -16,7 +16,7 @@ jobs:
16
16
  publish-badge:
17
17
  runs-on: ubuntu-latest
18
18
  steps:
19
- - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
19
+ - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
20
20
  - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
21
21
  with:
22
22
  python-version: "3.12"
{agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/ci.yml RENAMED
@@ -14,7 +14,7 @@ jobs:
14
14
  python-version: ["3.9", "3.10", "3.11", "3.12"]
15
15
 
16
16
  steps:
17
- - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
17
+ - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
18
18
 
19
19
  - name: Set up Python ${{ matrix.python-version }}
20
20
  uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
{agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/codeql.yml RENAMED
@@ -24,7 +24,7 @@ jobs:
24
24
 
25
25
  steps:
26
26
  - name: Checkout repository
27
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
27
+ uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
28
28
 
29
29
  - name: Initialize CodeQL
30
30
  uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
{agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/coverage-page.yml RENAMED
@@ -21,7 +21,7 @@ jobs:
21
21
  build-and-publish:
22
22
  runs-on: ubuntu-latest
23
23
  steps:
24
- - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
24
+ - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
25
25
  - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
26
26
  with:
27
27
  python-version: "3.12"
{agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/cve-watcher.yml RENAMED
@@ -18,7 +18,7 @@ jobs:
18
18
  watch:
19
19
  runs-on: ubuntu-latest
20
20
  steps:
21
- - uses: actions/checkout@v6.0.2
21
+ - uses: actions/checkout@v7.0.0
22
22
 
23
23
  - name: Set up Python
24
24
  uses: actions/setup-python@v6.2.0
{agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/docker-nightly.yml RENAMED
@@ -18,7 +18,7 @@ jobs:
18
18
  rebuild:
19
19
  runs-on: ubuntu-latest
20
20
  steps:
21
- - uses: actions/checkout@v6.0.2
21
+ - uses: actions/checkout@v7.0.0
22
22
 
23
23
  - name: Set up Docker Buildx
24
24
  uses: docker/setup-buildx-action@v4
{agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/mcp-security-index.yml RENAMED
@@ -22,7 +22,7 @@ jobs:
22
22
  snapshot:
23
23
  runs-on: ubuntu-latest
24
24
  steps:
25
- - uses: actions/checkout@v6.0.2
25
+ - uses: actions/checkout@v7.0.0
26
26
  with:
27
27
  fetch-depth: 0
28
28
 
{agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/release.yml RENAMED
@@ -50,7 +50,7 @@ jobs:
50
50
  permissions:
51
51
  id-token: write
52
52
  steps:
53
- - uses: actions/checkout@v6.0.2
53
+ - uses: actions/checkout@v7.0.0
54
54
 
55
55
  - name: Set up Python
56
56
  uses: actions/setup-python@v6.2.0
@@ -79,7 +79,7 @@ jobs:
79
79
  id-token: write
80
80
  attestations: write
81
81
  steps:
82
- - uses: actions/checkout@v6.0.2
82
+ - uses: actions/checkout@v7.0.0
83
83
 
84
84
  - name: Set up Docker Buildx
85
85
  uses: docker/setup-buildx-action@v4
@@ -146,7 +146,7 @@ jobs:
146
146
  id-token: write
147
147
  contents: read
148
148
  steps:
149
- - uses: actions/checkout@v6.0.2
149
+ - uses: actions/checkout@v7.0.0
150
150
 
151
151
  - name: Set up Python
152
152
  uses: actions/setup-python@v6.2.0
@@ -168,7 +168,7 @@ jobs:
168
168
  agent-audit-kit sbom . --format spdx --output sbom.spdx.json
169
169
 
170
170
  - name: Sigstore keyless sign
171
- uses: sigstore/gh-action-sigstore-python@v3.3.0
171
+ uses: sigstore/gh-action-sigstore-python@v3.4.0
172
172
  with:
173
173
  inputs: |
174
174
  rules.json
@@ -207,7 +207,7 @@ jobs:
207
207
  permissions:
208
208
  contents: write
209
209
  steps:
210
- - uses: actions/checkout@v6.0.2
210
+ - uses: actions/checkout@v7.0.0
211
211
 
212
212
  - name: Download signed artifacts
213
213
  uses: actions/download-artifact@v8
{agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/scorecard.yml RENAMED
@@ -19,7 +19,7 @@ jobs:
19
19
 
20
20
  steps:
21
21
  - name: Checkout repository
22
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
22
+ uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
23
23
  with:
24
24
  persist-credentials: false
25
25
 
{agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/self-scan.yml RENAMED
@@ -36,7 +36,7 @@ jobs:
36
36
  name: Self-scan (default ruleset, fail on critical)
37
37
  runs-on: ubuntu-latest
38
38
  steps:
39
- - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
39
+ - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
40
40
  - name: AgentAuditKit MCP Security Scan
41
41
  uses: ./ # local action — exercises this PR's Dockerfile + entrypoint, not the published v0.3.6
42
42
  with:
@@ -64,7 +64,22 @@ jobs:
64
64
  # - agent_audit_kit/data threat-corpus data files — payload
65
65
  # regexes / FHI suffix tokens are
66
66
  # literally the patterns rules match.
67
- ignore-paths: 'tests,benchmarks,examples,docs,CLAUDE.md,rules.json,agent_audit_kit/rules/builtin.py,agent_audit_kit/data'
67
+ # - agent_audit_kit/scanners/mcp_env_placeholder_exfil.py
68
+ # scanner whose docstring + MCP-context
69
+ # gate regex embed the ${VAR}/process.env
70
+ # sink it detects — self-FP on
71
+ # AAK-MCP-ENV-PLACEHOLDER-EXFIL-001.
72
+ # - agent_audit_kit/scanners/llm_sql_rce.py
73
+ # scanner whose docstring + privilege-arm
74
+ # regexes embed `COPY ... FROM PROGRAM` /
75
+ # `xp_cmdshell` + LLM context — self-FP on
76
+ # AAK-LLM-SQL-RCE-001.
77
+ # - agent_audit_kit/scanners/mcp_http_noauth_server.py
78
+ # scanner whose docstring + bind/CORS/
79
+ # inspector regexes embed `0.0.0.0` /
80
+ # `cors()` / `--host` markers — self-FP on
81
+ # AAK-MCP-HTTP-NOAUTH-SERVER-001.
82
+ ignore-paths: 'tests,benchmarks,examples,docs,CLAUDE.md,rules.json,agent_audit_kit/rules/builtin.py,agent_audit_kit/data,agent_audit_kit/scanners/mcp_env_placeholder_exfil.py,agent_audit_kit/scanners/llm_sql_rce.py,agent_audit_kit/scanners/mcp_http_noauth_server.py'
68
83
  comment-on-pr: 'true'
69
84
  fingerprint-strategy: 'auto'
70
85
 
@@ -72,7 +87,7 @@ jobs:
72
87
  name: Self-scan (--preset mcp-ox-2026-04)
73
88
  runs-on: ubuntu-latest
74
89
  steps:
75
- - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
90
+ - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
76
91
  - name: AgentAuditKit MCP Security Scan (OX preset)
77
92
  uses: ./ # local action — exercises this PR's Dockerfile + entrypoint, not the published v0.3.6
78
93
  with:
@@ -81,7 +96,7 @@ jobs:
81
96
  fail-on: 'critical'
82
97
  format: 'sarif'
83
98
  upload-sarif: 'false' # avoid double-upload colliding with default-scan
84
- ignore-paths: 'tests,benchmarks,examples,docs,CLAUDE.md,rules.json,agent_audit_kit/rules/builtin.py,agent_audit_kit/data'
99
+ ignore-paths: 'tests,benchmarks,examples,docs,CLAUDE.md,rules.json,agent_audit_kit/rules/builtin.py,agent_audit_kit/data,agent_audit_kit/scanners/mcp_env_placeholder_exfil.py,agent_audit_kit/scanners/llm_sql_rce.py,agent_audit_kit/scanners/mcp_http_noauth_server.py'
85
100
  preset: 'mcp-ox-2026-04'
86
101
  comment-on-pr: 'false' # default-scan already posts the sticky comment
87
102
  fingerprint-strategy: 'auto'
{agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/sync-repo-metadata.yml RENAMED
@@ -13,7 +13,7 @@ jobs:
13
13
  permissions:
14
14
  contents: write
15
15
  steps:
16
- - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
16
+ - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
17
17
  with:
18
18
  fetch-depth: 0
19
19
  token: ${{ secrets.METADATA_SYNC_TOKEN || secrets.GITHUB_TOKEN }}
{agent_audit_kit-0.3.26 → agent_audit_kit-0.3.41}/.github/workflows/sync-rule-count.yml RENAMED
@@ -25,7 +25,7 @@ jobs:
25
25
  runs-on: ubuntu-latest
26
26
  if: github.actor != 'github-actions[bot]'
27
27
  steps:
28
- - uses: actions/checkout@v6.0.2
28
+ - uses: actions/checkout@v7.0.0
29
29
  with:
30
30
  fetch-depth: 0
31
31
  token: ${{ secrets.GITHUB_TOKEN }}