agent-lint-cli 0.1.0__tar.gz

agent_lint_cli-0.1.0/.gitignore

@@ -0,0 +1,210 @@
+# Claude
+Claude.md
+
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[codz]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py.cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+#   For a library or package, you might want to ignore these files since the code is
+#   intended to run in multiple environments; otherwise, check them in:
+# .python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# UV
+#   Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#uv.lock
+
+# poetry
+#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
+#poetry.lock
+#poetry.toml
+
+# pdm
+#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
+#   pdm recommends including project-wide configuration in pdm.toml, but excluding .pdm-python.
+#   https://pdm-project.org/en/latest/usage/project/#working-with-version-control
+#pdm.lock
+#pdm.toml
+.pdm-python
+.pdm-build/
+
+# pixi
+#   Similar to Pipfile.lock, it is generally recommended to include pixi.lock in version control.
+#pixi.lock
+#   Pixi creates a virtual environment in the .pixi directory, just like venv module creates one
+#   in the .venv directory. It is recommended not to include this directory in version control.
+.pixi
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.envrc
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/
+
+# PyCharm
+#  JetBrains specific template is maintained in a separate JetBrains.gitignore that can
+#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
+#  and can be added to the global gitignore or merged into this file.  For a more nuclear
+#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
+#.idea/
+
+# Abstra
+# Abstra is an AI-powered process automation framework.
+# Ignore directories containing user credentials, local state, and settings.
+# Learn more at https://abstra.io/docs
+.abstra/
+
+# Visual Studio Code
+#  Visual Studio Code specific template is maintained in a separate VisualStudioCode.gitignore 
+#  that can be found at https://github.com/github/gitignore/blob/main/Global/VisualStudioCode.gitignore
+#  and can be added to the global gitignore or merged into this file. However, if you prefer, 
+#  you could uncomment the following to ignore the entire vscode folder
+# .vscode/
+
+# Ruff stuff:
+.ruff_cache/
+
+# PyPI configuration file
+.pypirc
+
+# Cursor
+#  Cursor is an AI-powered code editor. `.cursorignore` specifies files/directories to
+#  exclude from AI features like autocomplete and code analysis. Recommended for sensitive data
+#  refer to https://docs.cursor.com/context/ignore-files
+.cursorignore
+.cursorindexingignore
+
+# Marimo
+marimo/_static/
+marimo/_lsp/
+__marimo__/

agent_lint_cli-0.1.0/.vscode/launch.json

@@ -0,0 +1,14 @@
+{
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "name": "agent-lint validate",
+            "type": "debugpy",
+            "request": "launch",
+            "module": "agent_lint.cli",
+            "args": ["validate", "http://localhost:8080"],
+            "console": "integratedTerminal",
+            "justMyCode": true
+        }
+    ]
+}

agent_lint_cli-0.1.0/PKG-INFO

@@ -0,0 +1,66 @@
+Metadata-Version: 2.4
+Name: agent-lint-cli
+Version: 0.1.0
+Summary: Quality and security platform for AI agents. Validate MCP servers, scan for vulnerabilities, ship reliable agents.
+Project-URL: Homepage, https://github.com/agent-lint/agent-lint
+Project-URL: Issues, https://github.com/agent-lint/agent-lint/issues
+Author: agent-lint contributors
+License-Expression: MIT
+Keywords: agents,ai,lint,mcp,security,validation
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Quality Assurance
+Requires-Python: >=3.11
+Requires-Dist: click>=8.0
+Requires-Dist: httpx>=0.27
+Requires-Dist: pydantic>=2.0
+Requires-Dist: rich>=13.0
+Provides-Extra: dev
+Requires-Dist: pytest-asyncio>=0.23; extra == 'dev'
+Requires-Dist: pytest>=8.0; extra == 'dev'
+Requires-Dist: respx>=0.22; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# agent-lint
+
+Quality and security platform for AI agents. Validate MCP servers, scan for vulnerabilities, ship reliable agents.
+
+## Install
+
+```bash
+pip install agent-lint
+```
+
+## Usage
+
+```bash
+agent-lint validate https://my-mcp-server.com
+```
+
+### Options
+
+```
+--format, -f     Output format: console, json, sarif (default: console)
+--fail-under     Fail if score below threshold (0-100)
+--fail-on-security  Fail if any security issues found
+--security-level    strict, standard, or permissive (default: standard)
+```
+
+### CI/CD Integration
+
+```bash
+# Exit non-zero on security issues
+agent-lint validate https://my-server.com --fail-on-security
+
+# Require minimum score
+agent-lint validate https://my-server.com --fail-under 80
+
+# SARIF output for GitHub Security tab
+agent-lint validate https://my-server.com -f sarif > results.sarif
+```

agent_lint_cli-0.1.0/README.md

@@ -0,0 +1,37 @@
+# agent-lint
+
+Quality and security platform for AI agents. Validate MCP servers, scan for vulnerabilities, ship reliable agents.
+
+## Install
+
+```bash
+pip install agent-lint
+```
+
+## Usage
+
+```bash
+agent-lint validate https://my-mcp-server.com
+```
+
+### Options
+
+```
+--format, -f     Output format: console, json, sarif (default: console)
+--fail-under     Fail if score below threshold (0-100)
+--fail-on-security  Fail if any security issues found
+--security-level    strict, standard, or permissive (default: standard)
+```
+
+### CI/CD Integration
+
+```bash
+# Exit non-zero on security issues
+agent-lint validate https://my-server.com --fail-on-security
+
+# Require minimum score
+agent-lint validate https://my-server.com --fail-under 80
+
+# SARIF output for GitHub Security tab
+agent-lint validate https://my-server.com -f sarif > results.sarif
+```

agent_lint_cli-0.1.0/pyproject.toml

@@ -0,0 +1,53 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "agent-lint-cli"
+version = "0.1.0"
+description = "Quality and security platform for AI agents. Validate MCP servers, scan for vulnerabilities, ship reliable agents."
+readme = "README.md"
+license = "MIT"
+requires-python = ">=3.11"
+authors = [
+    { name = "agent-lint contributors" },
+]
+keywords = ["mcp", "ai", "agents", "security", "validation", "lint"]
+classifiers = [
+    "Development Status :: 3 - Alpha",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Programming Language :: Python :: 3.13",
+    "Topic :: Software Development :: Quality Assurance",
+    "Topic :: Security",
+]
+dependencies = [
+    "click>=8.0",
+    "httpx>=0.27",
+    "pydantic>=2.0",
+    "rich>=13.0",
+]
+
+[project.optional-dependencies]
+dev = [
+    "pytest>=8.0",
+    "pytest-asyncio>=0.23",
+    "respx>=0.22",
+]
+
+[project.scripts]
+agent-lint = "agent_lint.cli:cli"
+
+[project.urls]
+Homepage = "https://github.com/agent-lint/agent-lint"
+Issues = "https://github.com/agent-lint/agent-lint/issues"
+
+[tool.hatch.build.targets.wheel]
+packages = ["src/agent_lint"]
+
+[tool.pytest.ini_options]
+asyncio_mode = "auto"
+testpaths = ["tests"]

agent_lint_cli-0.1.0/src/agent_lint/__init__.py

@@ -0,0 +1,3 @@
+"""agent-lint: Quality and security platform for AI agents."""
+
+__version__ = "0.1.0"

agent_lint_cli-0.1.0/src/agent_lint/cli.py

@@ -0,0 +1,71 @@
+"""CLI entry point for agent-lint."""
+
+from __future__ import annotations
+
+import asyncio
+
+import click
+
+from agent_lint import __version__
+from agent_lint.core.reporter import ConsoleReporter, JsonReporter, SarifReporter
+from agent_lint.protocols.mcp.validator import MCPValidator
+
+
+@click.group()
+@click.version_option(version=__version__)
+def cli() -> None:
+    """agent-lint: Quality and security tools for AI agents."""
+
+
+@cli.command()
+@click.argument("url")
+@click.option(
+    "--format", "-f",
+    "output_format",
+    type=click.Choice(["console", "json", "sarif"]),
+    default="console",
+    help="Output format",
+)
+@click.option(
+    "--fail-under",
+    type=int,
+    default=0,
+    help="Fail if overall score is below this threshold (0-100)",
+)
+@click.option(
+    "--fail-on-security",
+    is_flag=True,
+    help="Exit with error if any security issues are found",
+)
+@click.option(
+    "--security-level",
+    type=click.Choice(["strict", "standard", "permissive", "none"]),
+    default="standard",
+    help="Security check strictness level",
+)
+def validate(
+    url: str,
+    output_format: str,
+    fail_under: int,
+    fail_on_security: bool,
+    security_level: str,
+) -> None:
+    """Validate an MCP server for quality and security issues."""
+    validator = MCPValidator(security_level=security_level)
+    report = asyncio.run(validator.validate(url))
+
+    reporters = {
+        "console": ConsoleReporter(),
+        "json": JsonReporter(),
+        "sarif": SarifReporter(),
+    }
+    reporters[output_format].output(report)
+
+    if fail_on_security and report.has_security_issues:
+        raise SystemExit(1)
+    if report.score < fail_under:
+        raise SystemExit(1)
+
+
+if __name__ == "__main__":
+    cli()

agent_lint_cli-0.1.0/src/agent_lint/core/checks.py

@@ -0,0 +1,75 @@
+"""Core check result types and validation report."""
+
+from __future__ import annotations
+
+from dataclasses import dataclass, field
+from enum import Enum
+
+
+class Severity(Enum):
+    CRITICAL = "critical"
+    HIGH = "high"
+    MEDIUM = "medium"
+    LOW = "low"
+    INFO = "info"
+
+
+@dataclass
+class CheckResult:
+    name: str
+    passed: bool
+    message: str
+    severity: Severity
+    category: str  # "security", "quality", "performance", "schema"
+    recommendation: str | None = None
+
+
+@dataclass
+class ValidationReport:
+    """Aggregated results from all validation checks."""
+
+    server_url: str
+    results: list[CheckResult] = field(default_factory=list)
+
+    def add(self, result: CheckResult) -> None:
+        self.results.append(result)
+
+    def add_all(self, results: list[CheckResult]) -> None:
+        self.results.extend(results)
+
+    @property
+    def passed(self) -> list[CheckResult]:
+        return [r for r in self.results if r.passed]
+
+    @property
+    def failed(self) -> list[CheckResult]:
+        return [r for r in self.results if not r.passed]
+
+    @property
+    def has_security_issues(self) -> bool:
+        return any(r.category == "security" and not r.passed for r in self.results)
+
+    def _category_score(self, category: str) -> int:
+        """Score for a category as percentage of passed checks (0-100)."""
+        cat_results = [r for r in self.results if r.category == category]
+        if not cat_results:
+            return 100
+        passed = sum(1 for r in cat_results if r.passed)
+        return int(passed / len(cat_results) * 100)
+
+    @property
+    def security_score(self) -> int:
+        return self._category_score("security")
+
+    @property
+    def quality_score(self) -> int:
+        return self._category_score("quality")
+
+    @property
+    def score(self) -> int:
+        """Overall score: weighted average of all categories."""
+        categories = {r.category for r in self.results}
+        if not categories:
+            return 100
+        scores = [self._category_score(c) for c in categories]
+        return int(sum(scores) / len(scores))