agentguardp 0.5.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (39) hide show
  1. agentguardp-0.5.0/LICENSE +21 -0
  2. agentguardp-0.5.0/PKG-INFO +235 -0
  3. agentguardp-0.5.0/README.md +210 -0
  4. agentguardp-0.5.0/agentguard/__init__.py +9 -0
  5. agentguardp-0.5.0/agentguard/cli.py +222 -0
  6. agentguardp-0.5.0/agentguard/desktop.py +635 -0
  7. agentguardp-0.5.0/agentguard/gui.py +598 -0
  8. agentguardp-0.5.0/agentguard/license_gen.py +181 -0
  9. agentguardp-0.5.0/agentguard/license_public.pem +9 -0
  10. agentguardp-0.5.0/agentguard/license_verify.py +126 -0
  11. agentguardp-0.5.0/agentguard/pipeline.py +247 -0
  12. agentguardp-0.5.0/agentguard/reporter/__init__.py +1 -0
  13. agentguardp-0.5.0/agentguard/reporter/reporter.py +199 -0
  14. agentguardp-0.5.0/agentguard/rules/__init__.py +1 -0
  15. agentguardp-0.5.0/agentguard/rules/python_rules.py +450 -0
  16. agentguardp-0.5.0/agentguard/scanner/__init__.py +1 -0
  17. agentguardp-0.5.0/agentguard/scanner/bandit_adapter.py +70 -0
  18. agentguardp-0.5.0/agentguard/scanner/bandit_rules.py +53 -0
  19. agentguardp-0.5.0/agentguard/scanner/code_scanner.py +329 -0
  20. agentguardp-0.5.0/agentguard/scanner/llm_heuristic.py +688 -0
  21. agentguardp-0.5.0/agentguard/scanner/llm_review.py +257 -0
  22. agentguardp-0.5.0/agentguard/scanner/ml_filter.py +290 -0
  23. agentguardp-0.5.0/agentguard/xhls_security/__init__.py +3 -0
  24. agentguardp-0.5.0/agentguard/xhls_security/binary_sanitizer.py +296 -0
  25. agentguardp-0.5.0/agentguard/xhls_security/model_guard.py +453 -0
  26. agentguardp-0.5.0/agentguard/xhls_security/security_hardening.py +347 -0
  27. agentguardp-0.5.0/agentguard/xhls_security/semantic_gate.py +421 -0
  28. agentguardp-0.5.0/agentguardp.egg-info/PKG-INFO +235 -0
  29. agentguardp-0.5.0/agentguardp.egg-info/SOURCES.txt +38 -0
  30. agentguardp-0.5.0/agentguardp.egg-info/dependency_links.txt +1 -0
  31. agentguardp-0.5.0/agentguardp.egg-info/entry_points.txt +3 -0
  32. agentguardp-0.5.0/agentguardp.egg-info/requires.txt +6 -0
  33. agentguardp-0.5.0/agentguardp.egg-info/top_level.txt +2 -0
  34. agentguardp-0.5.0/fixer/__init__.py +3 -0
  35. agentguardp-0.5.0/fixer/code_fixer.py +380 -0
  36. agentguardp-0.5.0/fixer/fixtures/sample_bad.py +37 -0
  37. agentguardp-0.5.0/fixer/fixtures/sample_test.py +39 -0
  38. agentguardp-0.5.0/pyproject.toml +45 -0
  39. agentguardp-0.5.0/setup.cfg +4 -0
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2026 XHLS Team
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
@@ -0,0 +1,235 @@
1
+ Metadata-Version: 2.4
2
+ Name: agentguardp
3
+ Version: 0.5.0
4
+ Summary: AgentGuard — AI Code Security Scanner + Auto-Fixer
5
+ Author: XHLS Team
6
+ License: MIT
7
+ Project-URL: Homepage, https://agentguardp.com
8
+ Project-URL: Repository, https://github.com/difcn2026/agentguard
9
+ Project-URL: Bug Tracker, https://github.com/difcn2026/agentguard/issues
10
+ Project-URL: PyPI, https://pypi.org/project/agentguardp/
11
+ Keywords: security,code-review,ai-agent,sast,llm,auto-fix
12
+ Classifier: Development Status :: 3 - Alpha
13
+ Classifier: Intended Audience :: Developers
14
+ Classifier: Topic :: Security
15
+ Classifier: Topic :: Software Development :: Quality Assurance
16
+ Requires-Python: >=3.10
17
+ Description-Content-Type: text/markdown
18
+ License-File: LICENSE
19
+ Requires-Dist: rich>=13.0
20
+ Requires-Dist: typer>=0.9
21
+ Provides-Extra: dev
22
+ Requires-Dist: pytest>=7.0; extra == "dev"
23
+ Requires-Dist: pytest-cov; extra == "dev"
24
+ Dynamic: license-file
25
+
26
+ # AgentGuard
27
+
28
+ **AI-powered code security scanner. Scan ? Review ? Fix in one command.**
29
+
30
+ 34 built-in rules + Bandit's 100+ engine. Local LLM review cuts false positives. One command: scan → review → fix.
31
+
32
+ > *Pipeline decisions backed by 10 peer-reviewed papers. Not guessing. Not vibes. → [Read why](docs/paper-driven-architecture.md)*
33
+
34
+ [![PyPI](https://img.shields.io/pypi/v/agentguardp)](https://pypi.org/project/agentguardp/)
35
+ [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
36
+ [![Python 3.10+](https://img.shields.io/badge/python-3.10%2B-blue)](https://www.python.org/)
37
+
38
+ ---
39
+
40
+ ## Why AgentGuard
41
+
42
+ SAST tools flood you with false positives and leave you to fix everything by hand. AgentGuard is different:
43
+
44
+ | | Bandit | Semgrep | **AgentGuard** |
45
+ |---|---|---|---|
46
+ | Python rules | 100+ | Multi-lang | **34 + Bandit 100+** |
47
+ | FP filtering | ❌ | ❌ | **ML + LLM review** |
48
+ | Auto-fix | ❌ | ❌ | **✅ Pipeline** |
49
+ | Local LLM | ❌ | ❌ | **✅ DeepSeek** |
50
+ | Desktop GUI | ❌ | ❌ | **✅ Dark theme** |
51
+ | Pricing | Free | Free/$40 | **Free + Pro $29/mo** |
52
+
53
+ ---
54
+
55
+ ## Quick Start
56
+
57
+ ```bash
58
+ # Install
59
+ pip install agentguardp
60
+
61
+ # Scan a project
62
+ agentguard scan ./my-project
63
+
64
+ # Full pipeline: scan → review → fix
65
+ agentguard pipeline ./src --bandit --ds --mode safe --write
66
+
67
+ # JSON output for CI/CD
68
+ agentguard scan ./src --format json -o report.json
69
+
70
+ # Desktop GUI
71
+ agentguard serve
72
+ # Open http://127.0.0.1:1099
73
+ ```
74
+
75
+
76
+
77
+
78
+ ---
79
+
80
+ ## Windows Desktop App
81
+
82
+ Download the latest AgentGuard.exe from GitHub Releases: https://github.com/difcn2026/agentguard/releases
83
+
84
+ **Windows SmartScreen warning?** This is normal for unsigned apps. Click **More info** then **Run anyway**. The exe is built with PyInstaller. SHA256 checksum on the Release page.
85
+
86
+ ---
87
+
88
+ ## Windows Desktop App
89
+
90
+ Download the latest AgentGuard.exe from [GitHub Releases](https://github.com/difcn2026/agentguard/releases).
91
+
92
+ > **Windows SmartScreen warning?** This is normal for unsigned apps. Click **More info** then **Run anyway**.
93
+ > The exe is built with PyInstaller and verified by SHA256 checksum (see Release page).
94
+ >
95
+ > If Windows Defender flags it, submit the file to Microsoft Security Intelligence for review.
96
+
97
+
98
+ ---
99
+
100
+ ## Pipeline
101
+
102
+ ```
103
+ 34 rules + Bandit 100+
104
+
105
+ ML filter ← Hardcoded literal detection, confidence threshold
106
+
107
+ DS Review ← Local LLM classifies TP/FP per finding
108
+
109
+ Auto-fix ← 10 of 17 rule types, safe mode default
110
+
111
+ Clean report
112
+ ```
113
+
114
+ One command:
115
+ ```bash
116
+ agentguard pipeline ./src --bandit --ds --mode safe
117
+ ```
118
+
119
+ ---
120
+
121
+ ## What It Detects
122
+
123
+ - **Code Injection**: `eval()`, `exec()`, `os.system()`, `subprocess` shell=True
124
+ - **Deserialization**: `pickle.loads()`, `yaml.load()`, `marshal.loads()`
125
+ - **Secrets**: Hardcoded API keys, tokens, passwords, private keys
126
+ - **Path Traversal**: Unsanitized file paths, directory traversal
127
+ - **SSRF**: User-controlled URLs in HTTP requests
128
+ - **Weak Crypto**: MD5, SHA1, ECB mode, insecure ciphers, weak random
129
+ - **XML Attacks**: External entity injection, XPath injection, bomb expansion
130
+ - **Insecure Protocols**: HTTP for sensitive data, FTP, Telnet
131
+
132
+ ---
133
+
134
+ ## Tiers
135
+
136
+ | | Free | Pro ($29/mo) |
137
+ |---|---|---|
138
+ | 34 built-in rules | ✅ | ✅ |
139
+ | Bandit 100+ rules | ✅ | ✅ |
140
+ | ML false-positive filter | ✅ | ✅ |
141
+ | LLM (DS) review | — | ✅ |
142
+ | Pipeline auto-fix | — | ✅ |
143
+ | Desktop GUI | ✅ | ✅ |
144
+ | SARIF / JSON / MD output | ✅ | ✅ |
145
+ | Files per scan | 100 | Unlimited |
146
+
147
+ > 🚀 **PH Launch**: $149/year (first 100, code `PH2025`)
148
+
149
+ ---
150
+
151
+ ## [Labs] Preview
152
+
153
+ We're testing an LLM confirmation agent that reviews SAST findings and confirms or rejects them with higher precision than ML alone. Currently in preview — swallowed_exception detector passes 3/3 on our test suite (confidence 0.95+). Full multi-agent pipeline coming in a future release.
154
+
155
+ ```bash
156
+ # Enable [Labs] experimental features
157
+ agentguard pipeline ./src --bandit --ds --labs
158
+ ```
159
+
160
+ ---
161
+
162
+ ## Architecture
163
+
164
+ ```
165
+ agentguard/
166
+ ├── cli.py ← CLI (scan/pipeline/fix/serve)
167
+ ├── gui.py ← Desktop GUI (dark theme, port 1099)
168
+ ├── desktop.py ← Web-based GUI server
169
+ ├── pipeline.py ← scan → review → fix pipeline
170
+ ├── scanner/
171
+ │ ├── code_scanner.py ← Pattern + AST engine (34 rules)
172
+ │ ├── bandit_adapter.py ← Bandit 100+ rules integration
173
+ │ ├── bandit_rules.py ← Bandit rule ID mapping
174
+ │ ├── ml_filter.py ← Literal detection FP filter
175
+ │ ├── llm_review.py ← DS LLM TP/FP classification
176
+ │ └── llm_heuristic.py ← Multi-agent LLM (Labs preview)
177
+ ├── rules/
178
+ │ └── python_rules.py ← 34 security rules (7 categories)
179
+ ├── reporter/
180
+ │ └── reporter.py ← Terminal/JSON/SARIF/Markdown
181
+ ├── fixer/
182
+ │ └── code_fixer.py ← Auto-fix engine (10/17 rules)
183
+ └── docs/
184
+ ├── marketing/ ← Landing copy, pricing, launch kit
185
+ ├── spec/ ← Technical specs
186
+ └── eval/ ← DS evaluation reports
187
+ ```
188
+
189
+ ---
190
+
191
+ ## Local-First
192
+
193
+ Everything runs on your machine:
194
+
195
+ - **DS LLM** at `127.0.0.1:57321` — code never leaves your network
196
+ - **License server** can be self-hosted
197
+ - **Zero telemetry**. We don't know you exist.
198
+
199
+ ---
200
+
201
+ ## Links
202
+
203
+ - 📦 [PyPI](https://pypi.org/project/agentguardp/)
204
+ - 📖 [Docs](docs/)
205
+ - 🧪 [Test Suite](tests/)
206
+
207
+ ---
208
+
209
+ MIT License. Built by XHLS Team, 2026.
210
+
211
+ ---
212
+
213
+ ## Research Foundation
214
+
215
+ Every major architecture decision is backed by peer-reviewed research — 15 papers and counting. Not opinions. Not guesses.
216
+
217
+ | # | Paper | Insight | Impact |
218
+ |---|-------|---------|--------|
219
+ | 1 | QASecClaw | Multi-agent LLM > single prompt, F2 +23% | 5-Agent division |
220
+ | 2 | SAST-Genius | LLM-generated findings → FP explosion | Labs not shipped |
221
+ | 3 | Local LLM Bug Detection | Sliding window 20% overlap | Cross-function detection |
222
+ | 4 | LLM4PFA | Path feasibility cuts 72-96% FPs | DS Review phase |
223
+ | 5 | SecureFixAgent | Auto-fix needs self-validation | 10/17 safe mode |
224
+ | 6 | Prompt vs FT | Fine-tuning > prompt engineering | Long-term FT roadmap |
225
+ | 7 | AdaTaint | Neural-symbolic taint reasoning | Rule adaptation |
226
+ | 8 | AgenticSCR | Agentic AI pre-commit +153% accuracy | Labs direction validated |
227
+ | 9 | Small LM CWE | Local SLMs ~99% CWE accuracy | Local-first validated |
228
+ | 10 | LLMs in Vuln Analysis | LLMs across full security lifecycle | Architecture validated |
229
+ | 11 | PatchIsland | Agent ensemble repairs 91% vulns | Multi-agent auto-fix |
230
+ | 12 | Vul-R2 | Reasoning LLM for vuln repair | FT dataset roadmap |
231
+ | 13 | The Code Whisperer | AST+CFG+PDG+LLM alignment | Next-gen detection engine |
232
+ | 14 | AutoSafeCoder | SAST+Fuzzing multi-agent | Runtime vuln roadmap |
233
+ | 15 | JitVul Benchmark | 879 CVEs, ReAct > pure LLM | Standardized evaluation |
234
+
235
+ > Full paper-driven architecture: [`docs/paper-driven-architecture.md`](docs/paper-driven-architecture.md) | DS Round 3 review: [`docs/eval/ds-round3-review-20260620.md`](docs/eval/ds-round3-review-20260620.md)
@@ -0,0 +1,210 @@
1
+ # AgentGuard
2
+
3
+ **AI-powered code security scanner. Scan ? Review ? Fix in one command.**
4
+
5
+ 34 built-in rules + Bandit's 100+ engine. Local LLM review cuts false positives. One command: scan → review → fix.
6
+
7
+ > *Pipeline decisions backed by 10 peer-reviewed papers. Not guessing. Not vibes. → [Read why](docs/paper-driven-architecture.md)*
8
+
9
+ [![PyPI](https://img.shields.io/pypi/v/agentguardp)](https://pypi.org/project/agentguardp/)
10
+ [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
11
+ [![Python 3.10+](https://img.shields.io/badge/python-3.10%2B-blue)](https://www.python.org/)
12
+
13
+ ---
14
+
15
+ ## Why AgentGuard
16
+
17
+ SAST tools flood you with false positives and leave you to fix everything by hand. AgentGuard is different:
18
+
19
+ | | Bandit | Semgrep | **AgentGuard** |
20
+ |---|---|---|---|
21
+ | Python rules | 100+ | Multi-lang | **34 + Bandit 100+** |
22
+ | FP filtering | ❌ | ❌ | **ML + LLM review** |
23
+ | Auto-fix | ❌ | ❌ | **✅ Pipeline** |
24
+ | Local LLM | ❌ | ❌ | **✅ DeepSeek** |
25
+ | Desktop GUI | ❌ | ❌ | **✅ Dark theme** |
26
+ | Pricing | Free | Free/$40 | **Free + Pro $29/mo** |
27
+
28
+ ---
29
+
30
+ ## Quick Start
31
+
32
+ ```bash
33
+ # Install
34
+ pip install agentguardp
35
+
36
+ # Scan a project
37
+ agentguard scan ./my-project
38
+
39
+ # Full pipeline: scan → review → fix
40
+ agentguard pipeline ./src --bandit --ds --mode safe --write
41
+
42
+ # JSON output for CI/CD
43
+ agentguard scan ./src --format json -o report.json
44
+
45
+ # Desktop GUI
46
+ agentguard serve
47
+ # Open http://127.0.0.1:1099
48
+ ```
49
+
50
+
51
+
52
+
53
+ ---
54
+
55
+ ## Windows Desktop App
56
+
57
+ Download the latest AgentGuard.exe from GitHub Releases: https://github.com/difcn2026/agentguard/releases
58
+
59
+ **Windows SmartScreen warning?** This is normal for unsigned apps. Click **More info** then **Run anyway**. The exe is built with PyInstaller. SHA256 checksum on the Release page.
60
+
61
+ ---
62
+
63
+ ## Windows Desktop App
64
+
65
+ Download the latest AgentGuard.exe from [GitHub Releases](https://github.com/difcn2026/agentguard/releases).
66
+
67
+ > **Windows SmartScreen warning?** This is normal for unsigned apps. Click **More info** then **Run anyway**.
68
+ > The exe is built with PyInstaller and verified by SHA256 checksum (see Release page).
69
+ >
70
+ > If Windows Defender flags it, submit the file to Microsoft Security Intelligence for review.
71
+
72
+
73
+ ---
74
+
75
+ ## Pipeline
76
+
77
+ ```
78
+ 34 rules + Bandit 100+
79
+
80
+ ML filter ← Hardcoded literal detection, confidence threshold
81
+
82
+ DS Review ← Local LLM classifies TP/FP per finding
83
+
84
+ Auto-fix ← 10 of 17 rule types, safe mode default
85
+
86
+ Clean report
87
+ ```
88
+
89
+ One command:
90
+ ```bash
91
+ agentguard pipeline ./src --bandit --ds --mode safe
92
+ ```
93
+
94
+ ---
95
+
96
+ ## What It Detects
97
+
98
+ - **Code Injection**: `eval()`, `exec()`, `os.system()`, `subprocess` shell=True
99
+ - **Deserialization**: `pickle.loads()`, `yaml.load()`, `marshal.loads()`
100
+ - **Secrets**: Hardcoded API keys, tokens, passwords, private keys
101
+ - **Path Traversal**: Unsanitized file paths, directory traversal
102
+ - **SSRF**: User-controlled URLs in HTTP requests
103
+ - **Weak Crypto**: MD5, SHA1, ECB mode, insecure ciphers, weak random
104
+ - **XML Attacks**: External entity injection, XPath injection, bomb expansion
105
+ - **Insecure Protocols**: HTTP for sensitive data, FTP, Telnet
106
+
107
+ ---
108
+
109
+ ## Tiers
110
+
111
+ | | Free | Pro ($29/mo) |
112
+ |---|---|---|
113
+ | 34 built-in rules | ✅ | ✅ |
114
+ | Bandit 100+ rules | ✅ | ✅ |
115
+ | ML false-positive filter | ✅ | ✅ |
116
+ | LLM (DS) review | — | ✅ |
117
+ | Pipeline auto-fix | — | ✅ |
118
+ | Desktop GUI | ✅ | ✅ |
119
+ | SARIF / JSON / MD output | ✅ | ✅ |
120
+ | Files per scan | 100 | Unlimited |
121
+
122
+ > 🚀 **PH Launch**: $149/year (first 100, code `PH2025`)
123
+
124
+ ---
125
+
126
+ ## [Labs] Preview
127
+
128
+ We're testing an LLM confirmation agent that reviews SAST findings and confirms or rejects them with higher precision than ML alone. Currently in preview — swallowed_exception detector passes 3/3 on our test suite (confidence 0.95+). Full multi-agent pipeline coming in a future release.
129
+
130
+ ```bash
131
+ # Enable [Labs] experimental features
132
+ agentguard pipeline ./src --bandit --ds --labs
133
+ ```
134
+
135
+ ---
136
+
137
+ ## Architecture
138
+
139
+ ```
140
+ agentguard/
141
+ ├── cli.py ← CLI (scan/pipeline/fix/serve)
142
+ ├── gui.py ← Desktop GUI (dark theme, port 1099)
143
+ ├── desktop.py ← Web-based GUI server
144
+ ├── pipeline.py ← scan → review → fix pipeline
145
+ ├── scanner/
146
+ │ ├── code_scanner.py ← Pattern + AST engine (34 rules)
147
+ │ ├── bandit_adapter.py ← Bandit 100+ rules integration
148
+ │ ├── bandit_rules.py ← Bandit rule ID mapping
149
+ │ ├── ml_filter.py ← Literal detection FP filter
150
+ │ ├── llm_review.py ← DS LLM TP/FP classification
151
+ │ └── llm_heuristic.py ← Multi-agent LLM (Labs preview)
152
+ ├── rules/
153
+ │ └── python_rules.py ← 34 security rules (7 categories)
154
+ ├── reporter/
155
+ │ └── reporter.py ← Terminal/JSON/SARIF/Markdown
156
+ ├── fixer/
157
+ │ └── code_fixer.py ← Auto-fix engine (10/17 rules)
158
+ └── docs/
159
+ ├── marketing/ ← Landing copy, pricing, launch kit
160
+ ├── spec/ ← Technical specs
161
+ └── eval/ ← DS evaluation reports
162
+ ```
163
+
164
+ ---
165
+
166
+ ## Local-First
167
+
168
+ Everything runs on your machine:
169
+
170
+ - **DS LLM** at `127.0.0.1:57321` — code never leaves your network
171
+ - **License server** can be self-hosted
172
+ - **Zero telemetry**. We don't know you exist.
173
+
174
+ ---
175
+
176
+ ## Links
177
+
178
+ - 📦 [PyPI](https://pypi.org/project/agentguardp/)
179
+ - 📖 [Docs](docs/)
180
+ - 🧪 [Test Suite](tests/)
181
+
182
+ ---
183
+
184
+ MIT License. Built by XHLS Team, 2026.
185
+
186
+ ---
187
+
188
+ ## Research Foundation
189
+
190
+ Every major architecture decision is backed by peer-reviewed research — 15 papers and counting. Not opinions. Not guesses.
191
+
192
+ | # | Paper | Insight | Impact |
193
+ |---|-------|---------|--------|
194
+ | 1 | QASecClaw | Multi-agent LLM > single prompt, F2 +23% | 5-Agent division |
195
+ | 2 | SAST-Genius | LLM-generated findings → FP explosion | Labs not shipped |
196
+ | 3 | Local LLM Bug Detection | Sliding window 20% overlap | Cross-function detection |
197
+ | 4 | LLM4PFA | Path feasibility cuts 72-96% FPs | DS Review phase |
198
+ | 5 | SecureFixAgent | Auto-fix needs self-validation | 10/17 safe mode |
199
+ | 6 | Prompt vs FT | Fine-tuning > prompt engineering | Long-term FT roadmap |
200
+ | 7 | AdaTaint | Neural-symbolic taint reasoning | Rule adaptation |
201
+ | 8 | AgenticSCR | Agentic AI pre-commit +153% accuracy | Labs direction validated |
202
+ | 9 | Small LM CWE | Local SLMs ~99% CWE accuracy | Local-first validated |
203
+ | 10 | LLMs in Vuln Analysis | LLMs across full security lifecycle | Architecture validated |
204
+ | 11 | PatchIsland | Agent ensemble repairs 91% vulns | Multi-agent auto-fix |
205
+ | 12 | Vul-R2 | Reasoning LLM for vuln repair | FT dataset roadmap |
206
+ | 13 | The Code Whisperer | AST+CFG+PDG+LLM alignment | Next-gen detection engine |
207
+ | 14 | AutoSafeCoder | SAST+Fuzzing multi-agent | Runtime vuln roadmap |
208
+ | 15 | JitVul Benchmark | 879 CVEs, ReAct > pure LLM | Standardized evaluation |
209
+
210
+ > Full paper-driven architecture: [`docs/paper-driven-architecture.md`](docs/paper-driven-architecture.md) | DS Round 3 review: [`docs/eval/ds-round3-review-20260620.md`](docs/eval/ds-round3-review-20260620.md)
@@ -0,0 +1,9 @@
1
+ """
2
+ AgentGuard v0.1 — AI Agent Code Review & Security Compliance Platform
3
+ =====================================================================
4
+
5
+ Powered by XHLS security modules: model_guard + security_hardening + binary_sanitizer.
6
+ """
7
+
8
+ __version__ = "0.5.0"
9
+ __author__ = "XHLS / Xiaohei"