agentguardp 0.5.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- agentguardp-0.5.0/LICENSE +21 -0
- agentguardp-0.5.0/PKG-INFO +235 -0
- agentguardp-0.5.0/README.md +210 -0
- agentguardp-0.5.0/agentguard/__init__.py +9 -0
- agentguardp-0.5.0/agentguard/cli.py +222 -0
- agentguardp-0.5.0/agentguard/desktop.py +635 -0
- agentguardp-0.5.0/agentguard/gui.py +598 -0
- agentguardp-0.5.0/agentguard/license_gen.py +181 -0
- agentguardp-0.5.0/agentguard/license_public.pem +9 -0
- agentguardp-0.5.0/agentguard/license_verify.py +126 -0
- agentguardp-0.5.0/agentguard/pipeline.py +247 -0
- agentguardp-0.5.0/agentguard/reporter/__init__.py +1 -0
- agentguardp-0.5.0/agentguard/reporter/reporter.py +199 -0
- agentguardp-0.5.0/agentguard/rules/__init__.py +1 -0
- agentguardp-0.5.0/agentguard/rules/python_rules.py +450 -0
- agentguardp-0.5.0/agentguard/scanner/__init__.py +1 -0
- agentguardp-0.5.0/agentguard/scanner/bandit_adapter.py +70 -0
- agentguardp-0.5.0/agentguard/scanner/bandit_rules.py +53 -0
- agentguardp-0.5.0/agentguard/scanner/code_scanner.py +329 -0
- agentguardp-0.5.0/agentguard/scanner/llm_heuristic.py +688 -0
- agentguardp-0.5.0/agentguard/scanner/llm_review.py +257 -0
- agentguardp-0.5.0/agentguard/scanner/ml_filter.py +290 -0
- agentguardp-0.5.0/agentguard/xhls_security/__init__.py +3 -0
- agentguardp-0.5.0/agentguard/xhls_security/binary_sanitizer.py +296 -0
- agentguardp-0.5.0/agentguard/xhls_security/model_guard.py +453 -0
- agentguardp-0.5.0/agentguard/xhls_security/security_hardening.py +347 -0
- agentguardp-0.5.0/agentguard/xhls_security/semantic_gate.py +421 -0
- agentguardp-0.5.0/agentguardp.egg-info/PKG-INFO +235 -0
- agentguardp-0.5.0/agentguardp.egg-info/SOURCES.txt +38 -0
- agentguardp-0.5.0/agentguardp.egg-info/dependency_links.txt +1 -0
- agentguardp-0.5.0/agentguardp.egg-info/entry_points.txt +3 -0
- agentguardp-0.5.0/agentguardp.egg-info/requires.txt +6 -0
- agentguardp-0.5.0/agentguardp.egg-info/top_level.txt +2 -0
- agentguardp-0.5.0/fixer/__init__.py +3 -0
- agentguardp-0.5.0/fixer/code_fixer.py +380 -0
- agentguardp-0.5.0/fixer/fixtures/sample_bad.py +37 -0
- agentguardp-0.5.0/fixer/fixtures/sample_test.py +39 -0
- agentguardp-0.5.0/pyproject.toml +45 -0
- agentguardp-0.5.0/setup.cfg +4 -0
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2026 XHLS Team
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|
|
@@ -0,0 +1,235 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: agentguardp
|
|
3
|
+
Version: 0.5.0
|
|
4
|
+
Summary: AgentGuard — AI Code Security Scanner + Auto-Fixer
|
|
5
|
+
Author: XHLS Team
|
|
6
|
+
License: MIT
|
|
7
|
+
Project-URL: Homepage, https://agentguardp.com
|
|
8
|
+
Project-URL: Repository, https://github.com/difcn2026/agentguard
|
|
9
|
+
Project-URL: Bug Tracker, https://github.com/difcn2026/agentguard/issues
|
|
10
|
+
Project-URL: PyPI, https://pypi.org/project/agentguardp/
|
|
11
|
+
Keywords: security,code-review,ai-agent,sast,llm,auto-fix
|
|
12
|
+
Classifier: Development Status :: 3 - Alpha
|
|
13
|
+
Classifier: Intended Audience :: Developers
|
|
14
|
+
Classifier: Topic :: Security
|
|
15
|
+
Classifier: Topic :: Software Development :: Quality Assurance
|
|
16
|
+
Requires-Python: >=3.10
|
|
17
|
+
Description-Content-Type: text/markdown
|
|
18
|
+
License-File: LICENSE
|
|
19
|
+
Requires-Dist: rich>=13.0
|
|
20
|
+
Requires-Dist: typer>=0.9
|
|
21
|
+
Provides-Extra: dev
|
|
22
|
+
Requires-Dist: pytest>=7.0; extra == "dev"
|
|
23
|
+
Requires-Dist: pytest-cov; extra == "dev"
|
|
24
|
+
Dynamic: license-file
|
|
25
|
+
|
|
26
|
+
# AgentGuard
|
|
27
|
+
|
|
28
|
+
**AI-powered code security scanner. Scan ? Review ? Fix in one command.**
|
|
29
|
+
|
|
30
|
+
34 built-in rules + Bandit's 100+ engine. Local LLM review cuts false positives. One command: scan → review → fix.
|
|
31
|
+
|
|
32
|
+
> *Pipeline decisions backed by 10 peer-reviewed papers. Not guessing. Not vibes. → [Read why](docs/paper-driven-architecture.md)*
|
|
33
|
+
|
|
34
|
+
[](https://pypi.org/project/agentguardp/)
|
|
35
|
+
[](LICENSE)
|
|
36
|
+
[](https://www.python.org/)
|
|
37
|
+
|
|
38
|
+
---
|
|
39
|
+
|
|
40
|
+
## Why AgentGuard
|
|
41
|
+
|
|
42
|
+
SAST tools flood you with false positives and leave you to fix everything by hand. AgentGuard is different:
|
|
43
|
+
|
|
44
|
+
| | Bandit | Semgrep | **AgentGuard** |
|
|
45
|
+
|---|---|---|---|
|
|
46
|
+
| Python rules | 100+ | Multi-lang | **34 + Bandit 100+** |
|
|
47
|
+
| FP filtering | ❌ | ❌ | **ML + LLM review** |
|
|
48
|
+
| Auto-fix | ❌ | ❌ | **✅ Pipeline** |
|
|
49
|
+
| Local LLM | ❌ | ❌ | **✅ DeepSeek** |
|
|
50
|
+
| Desktop GUI | ❌ | ❌ | **✅ Dark theme** |
|
|
51
|
+
| Pricing | Free | Free/$40 | **Free + Pro $29/mo** |
|
|
52
|
+
|
|
53
|
+
---
|
|
54
|
+
|
|
55
|
+
## Quick Start
|
|
56
|
+
|
|
57
|
+
```bash
|
|
58
|
+
# Install
|
|
59
|
+
pip install agentguardp
|
|
60
|
+
|
|
61
|
+
# Scan a project
|
|
62
|
+
agentguard scan ./my-project
|
|
63
|
+
|
|
64
|
+
# Full pipeline: scan → review → fix
|
|
65
|
+
agentguard pipeline ./src --bandit --ds --mode safe --write
|
|
66
|
+
|
|
67
|
+
# JSON output for CI/CD
|
|
68
|
+
agentguard scan ./src --format json -o report.json
|
|
69
|
+
|
|
70
|
+
# Desktop GUI
|
|
71
|
+
agentguard serve
|
|
72
|
+
# Open http://127.0.0.1:1099
|
|
73
|
+
```
|
|
74
|
+
|
|
75
|
+
|
|
76
|
+
|
|
77
|
+
|
|
78
|
+
---
|
|
79
|
+
|
|
80
|
+
## Windows Desktop App
|
|
81
|
+
|
|
82
|
+
Download the latest AgentGuard.exe from GitHub Releases: https://github.com/difcn2026/agentguard/releases
|
|
83
|
+
|
|
84
|
+
**Windows SmartScreen warning?** This is normal for unsigned apps. Click **More info** then **Run anyway**. The exe is built with PyInstaller. SHA256 checksum on the Release page.
|
|
85
|
+
|
|
86
|
+
---
|
|
87
|
+
|
|
88
|
+
## Windows Desktop App
|
|
89
|
+
|
|
90
|
+
Download the latest AgentGuard.exe from [GitHub Releases](https://github.com/difcn2026/agentguard/releases).
|
|
91
|
+
|
|
92
|
+
> **Windows SmartScreen warning?** This is normal for unsigned apps. Click **More info** then **Run anyway**.
|
|
93
|
+
> The exe is built with PyInstaller and verified by SHA256 checksum (see Release page).
|
|
94
|
+
>
|
|
95
|
+
> If Windows Defender flags it, submit the file to Microsoft Security Intelligence for review.
|
|
96
|
+
|
|
97
|
+
|
|
98
|
+
---
|
|
99
|
+
|
|
100
|
+
## Pipeline
|
|
101
|
+
|
|
102
|
+
```
|
|
103
|
+
34 rules + Bandit 100+
|
|
104
|
+
↓
|
|
105
|
+
ML filter ← Hardcoded literal detection, confidence threshold
|
|
106
|
+
↓
|
|
107
|
+
DS Review ← Local LLM classifies TP/FP per finding
|
|
108
|
+
↓
|
|
109
|
+
Auto-fix ← 10 of 17 rule types, safe mode default
|
|
110
|
+
↓
|
|
111
|
+
Clean report
|
|
112
|
+
```
|
|
113
|
+
|
|
114
|
+
One command:
|
|
115
|
+
```bash
|
|
116
|
+
agentguard pipeline ./src --bandit --ds --mode safe
|
|
117
|
+
```
|
|
118
|
+
|
|
119
|
+
---
|
|
120
|
+
|
|
121
|
+
## What It Detects
|
|
122
|
+
|
|
123
|
+
- **Code Injection**: `eval()`, `exec()`, `os.system()`, `subprocess` shell=True
|
|
124
|
+
- **Deserialization**: `pickle.loads()`, `yaml.load()`, `marshal.loads()`
|
|
125
|
+
- **Secrets**: Hardcoded API keys, tokens, passwords, private keys
|
|
126
|
+
- **Path Traversal**: Unsanitized file paths, directory traversal
|
|
127
|
+
- **SSRF**: User-controlled URLs in HTTP requests
|
|
128
|
+
- **Weak Crypto**: MD5, SHA1, ECB mode, insecure ciphers, weak random
|
|
129
|
+
- **XML Attacks**: External entity injection, XPath injection, bomb expansion
|
|
130
|
+
- **Insecure Protocols**: HTTP for sensitive data, FTP, Telnet
|
|
131
|
+
|
|
132
|
+
---
|
|
133
|
+
|
|
134
|
+
## Tiers
|
|
135
|
+
|
|
136
|
+
| | Free | Pro ($29/mo) |
|
|
137
|
+
|---|---|---|
|
|
138
|
+
| 34 built-in rules | ✅ | ✅ |
|
|
139
|
+
| Bandit 100+ rules | ✅ | ✅ |
|
|
140
|
+
| ML false-positive filter | ✅ | ✅ |
|
|
141
|
+
| LLM (DS) review | — | ✅ |
|
|
142
|
+
| Pipeline auto-fix | — | ✅ |
|
|
143
|
+
| Desktop GUI | ✅ | ✅ |
|
|
144
|
+
| SARIF / JSON / MD output | ✅ | ✅ |
|
|
145
|
+
| Files per scan | 100 | Unlimited |
|
|
146
|
+
|
|
147
|
+
> 🚀 **PH Launch**: $149/year (first 100, code `PH2025`)
|
|
148
|
+
|
|
149
|
+
---
|
|
150
|
+
|
|
151
|
+
## [Labs] Preview
|
|
152
|
+
|
|
153
|
+
We're testing an LLM confirmation agent that reviews SAST findings and confirms or rejects them with higher precision than ML alone. Currently in preview — swallowed_exception detector passes 3/3 on our test suite (confidence 0.95+). Full multi-agent pipeline coming in a future release.
|
|
154
|
+
|
|
155
|
+
```bash
|
|
156
|
+
# Enable [Labs] experimental features
|
|
157
|
+
agentguard pipeline ./src --bandit --ds --labs
|
|
158
|
+
```
|
|
159
|
+
|
|
160
|
+
---
|
|
161
|
+
|
|
162
|
+
## Architecture
|
|
163
|
+
|
|
164
|
+
```
|
|
165
|
+
agentguard/
|
|
166
|
+
├── cli.py ← CLI (scan/pipeline/fix/serve)
|
|
167
|
+
├── gui.py ← Desktop GUI (dark theme, port 1099)
|
|
168
|
+
├── desktop.py ← Web-based GUI server
|
|
169
|
+
├── pipeline.py ← scan → review → fix pipeline
|
|
170
|
+
├── scanner/
|
|
171
|
+
│ ├── code_scanner.py ← Pattern + AST engine (34 rules)
|
|
172
|
+
│ ├── bandit_adapter.py ← Bandit 100+ rules integration
|
|
173
|
+
│ ├── bandit_rules.py ← Bandit rule ID mapping
|
|
174
|
+
│ ├── ml_filter.py ← Literal detection FP filter
|
|
175
|
+
│ ├── llm_review.py ← DS LLM TP/FP classification
|
|
176
|
+
│ └── llm_heuristic.py ← Multi-agent LLM (Labs preview)
|
|
177
|
+
├── rules/
|
|
178
|
+
│ └── python_rules.py ← 34 security rules (7 categories)
|
|
179
|
+
├── reporter/
|
|
180
|
+
│ └── reporter.py ← Terminal/JSON/SARIF/Markdown
|
|
181
|
+
├── fixer/
|
|
182
|
+
│ └── code_fixer.py ← Auto-fix engine (10/17 rules)
|
|
183
|
+
└── docs/
|
|
184
|
+
├── marketing/ ← Landing copy, pricing, launch kit
|
|
185
|
+
├── spec/ ← Technical specs
|
|
186
|
+
└── eval/ ← DS evaluation reports
|
|
187
|
+
```
|
|
188
|
+
|
|
189
|
+
---
|
|
190
|
+
|
|
191
|
+
## Local-First
|
|
192
|
+
|
|
193
|
+
Everything runs on your machine:
|
|
194
|
+
|
|
195
|
+
- **DS LLM** at `127.0.0.1:57321` — code never leaves your network
|
|
196
|
+
- **License server** can be self-hosted
|
|
197
|
+
- **Zero telemetry**. We don't know you exist.
|
|
198
|
+
|
|
199
|
+
---
|
|
200
|
+
|
|
201
|
+
## Links
|
|
202
|
+
|
|
203
|
+
- 📦 [PyPI](https://pypi.org/project/agentguardp/)
|
|
204
|
+
- 📖 [Docs](docs/)
|
|
205
|
+
- 🧪 [Test Suite](tests/)
|
|
206
|
+
|
|
207
|
+
---
|
|
208
|
+
|
|
209
|
+
MIT License. Built by XHLS Team, 2026.
|
|
210
|
+
|
|
211
|
+
---
|
|
212
|
+
|
|
213
|
+
## Research Foundation
|
|
214
|
+
|
|
215
|
+
Every major architecture decision is backed by peer-reviewed research — 15 papers and counting. Not opinions. Not guesses.
|
|
216
|
+
|
|
217
|
+
| # | Paper | Insight | Impact |
|
|
218
|
+
|---|-------|---------|--------|
|
|
219
|
+
| 1 | QASecClaw | Multi-agent LLM > single prompt, F2 +23% | 5-Agent division |
|
|
220
|
+
| 2 | SAST-Genius | LLM-generated findings → FP explosion | Labs not shipped |
|
|
221
|
+
| 3 | Local LLM Bug Detection | Sliding window 20% overlap | Cross-function detection |
|
|
222
|
+
| 4 | LLM4PFA | Path feasibility cuts 72-96% FPs | DS Review phase |
|
|
223
|
+
| 5 | SecureFixAgent | Auto-fix needs self-validation | 10/17 safe mode |
|
|
224
|
+
| 6 | Prompt vs FT | Fine-tuning > prompt engineering | Long-term FT roadmap |
|
|
225
|
+
| 7 | AdaTaint | Neural-symbolic taint reasoning | Rule adaptation |
|
|
226
|
+
| 8 | AgenticSCR | Agentic AI pre-commit +153% accuracy | Labs direction validated |
|
|
227
|
+
| 9 | Small LM CWE | Local SLMs ~99% CWE accuracy | Local-first validated |
|
|
228
|
+
| 10 | LLMs in Vuln Analysis | LLMs across full security lifecycle | Architecture validated |
|
|
229
|
+
| 11 | PatchIsland | Agent ensemble repairs 91% vulns | Multi-agent auto-fix |
|
|
230
|
+
| 12 | Vul-R2 | Reasoning LLM for vuln repair | FT dataset roadmap |
|
|
231
|
+
| 13 | The Code Whisperer | AST+CFG+PDG+LLM alignment | Next-gen detection engine |
|
|
232
|
+
| 14 | AutoSafeCoder | SAST+Fuzzing multi-agent | Runtime vuln roadmap |
|
|
233
|
+
| 15 | JitVul Benchmark | 879 CVEs, ReAct > pure LLM | Standardized evaluation |
|
|
234
|
+
|
|
235
|
+
> Full paper-driven architecture: [`docs/paper-driven-architecture.md`](docs/paper-driven-architecture.md) | DS Round 3 review: [`docs/eval/ds-round3-review-20260620.md`](docs/eval/ds-round3-review-20260620.md)
|
|
@@ -0,0 +1,210 @@
|
|
|
1
|
+
# AgentGuard
|
|
2
|
+
|
|
3
|
+
**AI-powered code security scanner. Scan ? Review ? Fix in one command.**
|
|
4
|
+
|
|
5
|
+
34 built-in rules + Bandit's 100+ engine. Local LLM review cuts false positives. One command: scan → review → fix.
|
|
6
|
+
|
|
7
|
+
> *Pipeline decisions backed by 10 peer-reviewed papers. Not guessing. Not vibes. → [Read why](docs/paper-driven-architecture.md)*
|
|
8
|
+
|
|
9
|
+
[](https://pypi.org/project/agentguardp/)
|
|
10
|
+
[](LICENSE)
|
|
11
|
+
[](https://www.python.org/)
|
|
12
|
+
|
|
13
|
+
---
|
|
14
|
+
|
|
15
|
+
## Why AgentGuard
|
|
16
|
+
|
|
17
|
+
SAST tools flood you with false positives and leave you to fix everything by hand. AgentGuard is different:
|
|
18
|
+
|
|
19
|
+
| | Bandit | Semgrep | **AgentGuard** |
|
|
20
|
+
|---|---|---|---|
|
|
21
|
+
| Python rules | 100+ | Multi-lang | **34 + Bandit 100+** |
|
|
22
|
+
| FP filtering | ❌ | ❌ | **ML + LLM review** |
|
|
23
|
+
| Auto-fix | ❌ | ❌ | **✅ Pipeline** |
|
|
24
|
+
| Local LLM | ❌ | ❌ | **✅ DeepSeek** |
|
|
25
|
+
| Desktop GUI | ❌ | ❌ | **✅ Dark theme** |
|
|
26
|
+
| Pricing | Free | Free/$40 | **Free + Pro $29/mo** |
|
|
27
|
+
|
|
28
|
+
---
|
|
29
|
+
|
|
30
|
+
## Quick Start
|
|
31
|
+
|
|
32
|
+
```bash
|
|
33
|
+
# Install
|
|
34
|
+
pip install agentguardp
|
|
35
|
+
|
|
36
|
+
# Scan a project
|
|
37
|
+
agentguard scan ./my-project
|
|
38
|
+
|
|
39
|
+
# Full pipeline: scan → review → fix
|
|
40
|
+
agentguard pipeline ./src --bandit --ds --mode safe --write
|
|
41
|
+
|
|
42
|
+
# JSON output for CI/CD
|
|
43
|
+
agentguard scan ./src --format json -o report.json
|
|
44
|
+
|
|
45
|
+
# Desktop GUI
|
|
46
|
+
agentguard serve
|
|
47
|
+
# Open http://127.0.0.1:1099
|
|
48
|
+
```
|
|
49
|
+
|
|
50
|
+
|
|
51
|
+
|
|
52
|
+
|
|
53
|
+
---
|
|
54
|
+
|
|
55
|
+
## Windows Desktop App
|
|
56
|
+
|
|
57
|
+
Download the latest AgentGuard.exe from GitHub Releases: https://github.com/difcn2026/agentguard/releases
|
|
58
|
+
|
|
59
|
+
**Windows SmartScreen warning?** This is normal for unsigned apps. Click **More info** then **Run anyway**. The exe is built with PyInstaller. SHA256 checksum on the Release page.
|
|
60
|
+
|
|
61
|
+
---
|
|
62
|
+
|
|
63
|
+
## Windows Desktop App
|
|
64
|
+
|
|
65
|
+
Download the latest AgentGuard.exe from [GitHub Releases](https://github.com/difcn2026/agentguard/releases).
|
|
66
|
+
|
|
67
|
+
> **Windows SmartScreen warning?** This is normal for unsigned apps. Click **More info** then **Run anyway**.
|
|
68
|
+
> The exe is built with PyInstaller and verified by SHA256 checksum (see Release page).
|
|
69
|
+
>
|
|
70
|
+
> If Windows Defender flags it, submit the file to Microsoft Security Intelligence for review.
|
|
71
|
+
|
|
72
|
+
|
|
73
|
+
---
|
|
74
|
+
|
|
75
|
+
## Pipeline
|
|
76
|
+
|
|
77
|
+
```
|
|
78
|
+
34 rules + Bandit 100+
|
|
79
|
+
↓
|
|
80
|
+
ML filter ← Hardcoded literal detection, confidence threshold
|
|
81
|
+
↓
|
|
82
|
+
DS Review ← Local LLM classifies TP/FP per finding
|
|
83
|
+
↓
|
|
84
|
+
Auto-fix ← 10 of 17 rule types, safe mode default
|
|
85
|
+
↓
|
|
86
|
+
Clean report
|
|
87
|
+
```
|
|
88
|
+
|
|
89
|
+
One command:
|
|
90
|
+
```bash
|
|
91
|
+
agentguard pipeline ./src --bandit --ds --mode safe
|
|
92
|
+
```
|
|
93
|
+
|
|
94
|
+
---
|
|
95
|
+
|
|
96
|
+
## What It Detects
|
|
97
|
+
|
|
98
|
+
- **Code Injection**: `eval()`, `exec()`, `os.system()`, `subprocess` shell=True
|
|
99
|
+
- **Deserialization**: `pickle.loads()`, `yaml.load()`, `marshal.loads()`
|
|
100
|
+
- **Secrets**: Hardcoded API keys, tokens, passwords, private keys
|
|
101
|
+
- **Path Traversal**: Unsanitized file paths, directory traversal
|
|
102
|
+
- **SSRF**: User-controlled URLs in HTTP requests
|
|
103
|
+
- **Weak Crypto**: MD5, SHA1, ECB mode, insecure ciphers, weak random
|
|
104
|
+
- **XML Attacks**: External entity injection, XPath injection, bomb expansion
|
|
105
|
+
- **Insecure Protocols**: HTTP for sensitive data, FTP, Telnet
|
|
106
|
+
|
|
107
|
+
---
|
|
108
|
+
|
|
109
|
+
## Tiers
|
|
110
|
+
|
|
111
|
+
| | Free | Pro ($29/mo) |
|
|
112
|
+
|---|---|---|
|
|
113
|
+
| 34 built-in rules | ✅ | ✅ |
|
|
114
|
+
| Bandit 100+ rules | ✅ | ✅ |
|
|
115
|
+
| ML false-positive filter | ✅ | ✅ |
|
|
116
|
+
| LLM (DS) review | — | ✅ |
|
|
117
|
+
| Pipeline auto-fix | — | ✅ |
|
|
118
|
+
| Desktop GUI | ✅ | ✅ |
|
|
119
|
+
| SARIF / JSON / MD output | ✅ | ✅ |
|
|
120
|
+
| Files per scan | 100 | Unlimited |
|
|
121
|
+
|
|
122
|
+
> 🚀 **PH Launch**: $149/year (first 100, code `PH2025`)
|
|
123
|
+
|
|
124
|
+
---
|
|
125
|
+
|
|
126
|
+
## [Labs] Preview
|
|
127
|
+
|
|
128
|
+
We're testing an LLM confirmation agent that reviews SAST findings and confirms or rejects them with higher precision than ML alone. Currently in preview — swallowed_exception detector passes 3/3 on our test suite (confidence 0.95+). Full multi-agent pipeline coming in a future release.
|
|
129
|
+
|
|
130
|
+
```bash
|
|
131
|
+
# Enable [Labs] experimental features
|
|
132
|
+
agentguard pipeline ./src --bandit --ds --labs
|
|
133
|
+
```
|
|
134
|
+
|
|
135
|
+
---
|
|
136
|
+
|
|
137
|
+
## Architecture
|
|
138
|
+
|
|
139
|
+
```
|
|
140
|
+
agentguard/
|
|
141
|
+
├── cli.py ← CLI (scan/pipeline/fix/serve)
|
|
142
|
+
├── gui.py ← Desktop GUI (dark theme, port 1099)
|
|
143
|
+
├── desktop.py ← Web-based GUI server
|
|
144
|
+
├── pipeline.py ← scan → review → fix pipeline
|
|
145
|
+
├── scanner/
|
|
146
|
+
│ ├── code_scanner.py ← Pattern + AST engine (34 rules)
|
|
147
|
+
│ ├── bandit_adapter.py ← Bandit 100+ rules integration
|
|
148
|
+
│ ├── bandit_rules.py ← Bandit rule ID mapping
|
|
149
|
+
│ ├── ml_filter.py ← Literal detection FP filter
|
|
150
|
+
│ ├── llm_review.py ← DS LLM TP/FP classification
|
|
151
|
+
│ └── llm_heuristic.py ← Multi-agent LLM (Labs preview)
|
|
152
|
+
├── rules/
|
|
153
|
+
│ └── python_rules.py ← 34 security rules (7 categories)
|
|
154
|
+
├── reporter/
|
|
155
|
+
│ └── reporter.py ← Terminal/JSON/SARIF/Markdown
|
|
156
|
+
├── fixer/
|
|
157
|
+
│ └── code_fixer.py ← Auto-fix engine (10/17 rules)
|
|
158
|
+
└── docs/
|
|
159
|
+
├── marketing/ ← Landing copy, pricing, launch kit
|
|
160
|
+
├── spec/ ← Technical specs
|
|
161
|
+
└── eval/ ← DS evaluation reports
|
|
162
|
+
```
|
|
163
|
+
|
|
164
|
+
---
|
|
165
|
+
|
|
166
|
+
## Local-First
|
|
167
|
+
|
|
168
|
+
Everything runs on your machine:
|
|
169
|
+
|
|
170
|
+
- **DS LLM** at `127.0.0.1:57321` — code never leaves your network
|
|
171
|
+
- **License server** can be self-hosted
|
|
172
|
+
- **Zero telemetry**. We don't know you exist.
|
|
173
|
+
|
|
174
|
+
---
|
|
175
|
+
|
|
176
|
+
## Links
|
|
177
|
+
|
|
178
|
+
- 📦 [PyPI](https://pypi.org/project/agentguardp/)
|
|
179
|
+
- 📖 [Docs](docs/)
|
|
180
|
+
- 🧪 [Test Suite](tests/)
|
|
181
|
+
|
|
182
|
+
---
|
|
183
|
+
|
|
184
|
+
MIT License. Built by XHLS Team, 2026.
|
|
185
|
+
|
|
186
|
+
---
|
|
187
|
+
|
|
188
|
+
## Research Foundation
|
|
189
|
+
|
|
190
|
+
Every major architecture decision is backed by peer-reviewed research — 15 papers and counting. Not opinions. Not guesses.
|
|
191
|
+
|
|
192
|
+
| # | Paper | Insight | Impact |
|
|
193
|
+
|---|-------|---------|--------|
|
|
194
|
+
| 1 | QASecClaw | Multi-agent LLM > single prompt, F2 +23% | 5-Agent division |
|
|
195
|
+
| 2 | SAST-Genius | LLM-generated findings → FP explosion | Labs not shipped |
|
|
196
|
+
| 3 | Local LLM Bug Detection | Sliding window 20% overlap | Cross-function detection |
|
|
197
|
+
| 4 | LLM4PFA | Path feasibility cuts 72-96% FPs | DS Review phase |
|
|
198
|
+
| 5 | SecureFixAgent | Auto-fix needs self-validation | 10/17 safe mode |
|
|
199
|
+
| 6 | Prompt vs FT | Fine-tuning > prompt engineering | Long-term FT roadmap |
|
|
200
|
+
| 7 | AdaTaint | Neural-symbolic taint reasoning | Rule adaptation |
|
|
201
|
+
| 8 | AgenticSCR | Agentic AI pre-commit +153% accuracy | Labs direction validated |
|
|
202
|
+
| 9 | Small LM CWE | Local SLMs ~99% CWE accuracy | Local-first validated |
|
|
203
|
+
| 10 | LLMs in Vuln Analysis | LLMs across full security lifecycle | Architecture validated |
|
|
204
|
+
| 11 | PatchIsland | Agent ensemble repairs 91% vulns | Multi-agent auto-fix |
|
|
205
|
+
| 12 | Vul-R2 | Reasoning LLM for vuln repair | FT dataset roadmap |
|
|
206
|
+
| 13 | The Code Whisperer | AST+CFG+PDG+LLM alignment | Next-gen detection engine |
|
|
207
|
+
| 14 | AutoSafeCoder | SAST+Fuzzing multi-agent | Runtime vuln roadmap |
|
|
208
|
+
| 15 | JitVul Benchmark | 879 CVEs, ReAct > pure LLM | Standardized evaluation |
|
|
209
|
+
|
|
210
|
+
> Full paper-driven architecture: [`docs/paper-driven-architecture.md`](docs/paper-driven-architecture.md) | DS Round 3 review: [`docs/eval/ds-round3-review-20260620.md`](docs/eval/ds-round3-review-20260620.md)
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
"""
|
|
2
|
+
AgentGuard v0.1 — AI Agent Code Review & Security Compliance Platform
|
|
3
|
+
=====================================================================
|
|
4
|
+
|
|
5
|
+
Powered by XHLS security modules: model_guard + security_hardening + binary_sanitizer.
|
|
6
|
+
"""
|
|
7
|
+
|
|
8
|
+
__version__ = "0.5.0"
|
|
9
|
+
__author__ = "XHLS / Xiaohei"
|