agentsec-cli 0.1.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- agentsec/__init__.py +3 -0
- agentsec/baseline.py +60 -0
- agentsec/cli.py +84 -0
- agentsec/owasp.py +212 -0
- agentsec/parsers/__init__.py +5 -0
- agentsec/parsers/core.py +8 -0
- agentsec/parsers/json_parser.py +69 -0
- agentsec/parsers/toml_parser.py +28 -0
- agentsec/parsers/yaml_parser.py +28 -0
- agentsec/report.py +36 -0
- agentsec/rules/__init__.py +5 -0
- agentsec/rules/additional.py +227 -0
- agentsec/rules/base.py +108 -0
- agentsec/sarif.py +110 -0
- agentsec/scanner.py +119 -0
- agentsec_cli-0.1.0.dist-info/METADATA +161 -0
- agentsec_cli-0.1.0.dist-info/RECORD +21 -0
- agentsec_cli-0.1.0.dist-info/WHEEL +5 -0
- agentsec_cli-0.1.0.dist-info/entry_points.txt +2 -0
- agentsec_cli-0.1.0.dist-info/licenses/LICENSE +21 -0
- agentsec_cli-0.1.0.dist-info/top_level.txt +1 -0
|
@@ -0,0 +1,161 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: agentsec-cli
|
|
3
|
+
Version: 0.1.0
|
|
4
|
+
Summary: Static security scanner for AI coding agents and MCP configurations
|
|
5
|
+
Author-email: locface <locface@example.com>
|
|
6
|
+
License: MIT
|
|
7
|
+
Classifier: Development Status :: 3 - Alpha
|
|
8
|
+
Classifier: Intended Audience :: Developers
|
|
9
|
+
Classifier: License :: OSI Approved :: MIT License
|
|
10
|
+
Classifier: Programming Language :: Python :: 3
|
|
11
|
+
Classifier: Programming Language :: Python :: 3.10
|
|
12
|
+
Classifier: Programming Language :: Python :: 3.11
|
|
13
|
+
Classifier: Programming Language :: Python :: 3.12
|
|
14
|
+
Requires-Python: >=3.10
|
|
15
|
+
Description-Content-Type: text/markdown
|
|
16
|
+
License-File: LICENSE
|
|
17
|
+
Requires-Dist: click>=8.0.0
|
|
18
|
+
Requires-Dist: pyyaml>=6.0
|
|
19
|
+
Requires-Dist: toml>=0.10.2
|
|
20
|
+
Provides-Extra: dev
|
|
21
|
+
Requires-Dist: pytest>=7.0.0; extra == "dev"
|
|
22
|
+
Dynamic: license-file
|
|
23
|
+
|
|
24
|
+
# AgentSec
|
|
25
|
+
|
|
26
|
+
**Static security scanner for AI coding agents and MCP configurations.**
|
|
27
|
+
|
|
28
|
+
AgentSec finds dangerous permissions, prompt injection risks, secret exposure, and unsafe tool access in:
|
|
29
|
+
- **Cursor** agent configurations
|
|
30
|
+
- **Claude Desktop** MCP servers
|
|
31
|
+
- **Codex** / **Cline** / **Continue** agent setups
|
|
32
|
+
- **MCP** (Model Context Protocol) server manifests
|
|
33
|
+
- **Markdown** instruction files (CLAUDE.md, AGENTS.md, etc.)
|
|
34
|
+
|
|
35
|
+
## Features
|
|
36
|
+
|
|
37
|
+
- **40+ security rules** covering shell execution, filesystem access, network exfiltration, OAuth scopes, prompt injection, container escape risks, browser automation, and credential helper exposure
|
|
38
|
+
- **Supports JSON, YAML, TOML, Markdown, Cursor/Claude/Cline/Codex config files** — detects common AI-agent configs in multiple formats
|
|
39
|
+
- **SARIF output** for integration with GitHub CodeQL and other CI/CD tools
|
|
40
|
+
- **GitHub Action** ready (coming soon)
|
|
41
|
+
- **Zero dependencies on LLMs** — purely static analysis
|
|
42
|
+
|
|
43
|
+
## Installation
|
|
44
|
+
|
|
45
|
+
```bash
|
|
46
|
+
pip install agentsec
|
|
47
|
+
```
|
|
48
|
+
|
|
49
|
+
Or from source:
|
|
50
|
+
|
|
51
|
+
```bash
|
|
52
|
+
git clone https://github.com/locface/AgentSec.git
|
|
53
|
+
cd AgentSec
|
|
54
|
+
pip install -e .
|
|
55
|
+
```
|
|
56
|
+
|
|
57
|
+
## Usage
|
|
58
|
+
|
|
59
|
+
### Basic scan
|
|
60
|
+
|
|
61
|
+
```bash
|
|
62
|
+
agentsec scan /path/to/your/project
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
### Output formats
|
|
66
|
+
|
|
67
|
+
```bash
|
|
68
|
+
agentsec scan . --format json # JSON output
|
|
69
|
+
agentsec scan . --format markdown # Markdown report
|
|
70
|
+
agentsec scan . --format sarif # SARIF (for CI/CD)
|
|
71
|
+
```
|
|
72
|
+
|
|
73
|
+
### Filter by severity
|
|
74
|
+
|
|
75
|
+
```bash
|
|
76
|
+
agentsec scan . --severity critical # only critical findings
|
|
77
|
+
```
|
|
78
|
+
|
|
79
|
+
### Include hidden files
|
|
80
|
+
|
|
81
|
+
```bash
|
|
82
|
+
agentsec scan . --include-hidden
|
|
83
|
+
```
|
|
84
|
+
|
|
85
|
+
## Examples
|
|
86
|
+
|
|
87
|
+
Scan a repository with MCP servers:
|
|
88
|
+
|
|
89
|
+
```bash
|
|
90
|
+
agentsec scan ~/projects/mcp-servers --format sarif > results.sarif
|
|
91
|
+
```
|
|
92
|
+
|
|
93
|
+
Scan your current directory for agent configs:
|
|
94
|
+
|
|
95
|
+
```bash
|
|
96
|
+
agentsec scan . --include-hidden --format markdown > report.md
|
|
97
|
+
```
|
|
98
|
+
|
|
99
|
+
## Rules
|
|
100
|
+
|
|
101
|
+
AgentSec includes rules for:
|
|
102
|
+
|
|
103
|
+
| Severity | Examples |
|
|
104
|
+
|----------|----------|
|
|
105
|
+
| **Critical** | MCP shell execution, filesystem write access, secret exposure, Docker socket access, privileged containers, host mounts, dynamic code execution |
|
|
106
|
+
| **High** | Broad path access, prompt injection, remote script install, communication write permissions, browser + local file access, wildcard tool allowlists |
|
|
107
|
+
| **Medium** | Unpinned dependencies, excessive autonomy, telemetry endpoints, missing input validation |
|
|
108
|
+
| **Low** | Missing policy file |
|
|
109
|
+
|
|
110
|
+
## Supported config files
|
|
111
|
+
|
|
112
|
+
AgentSec scans common AI-agent and MCP files, including:
|
|
113
|
+
|
|
114
|
+
- `mcp.json`, `mcp.yaml`, `mcp.yml`, `mcp.toml`, `mcp-config.json`
|
|
115
|
+
- `claude_desktop_config.json`, `CLAUDE.md`, `AGENTS.md`
|
|
116
|
+
- `.cursorrules`, `.cursor/rules/*`, `.clinerules`, `cline_mcp`, `codex.toml`
|
|
117
|
+
- `settings.json`, `package.json`, `requirements.txt`, `Dockerfile`, `docker-compose.yml`
|
|
118
|
+
|
|
119
|
+
See [`agentsec/rules/additional.py`](https://github.com/locface/AgentSec/blob/main/agentsec/rules/additional.py) for the complete list.
|
|
120
|
+
|
|
121
|
+
## CI/CD Integration
|
|
122
|
+
|
|
123
|
+
Add AgentSec to your GitHub workflow:
|
|
124
|
+
|
|
125
|
+
```yaml
|
|
126
|
+
- name: Run AgentSec
|
|
127
|
+
run: |
|
|
128
|
+
pip install agentsec
|
|
129
|
+
agentsec scan . --format sarif > results.sarif
|
|
130
|
+
|
|
131
|
+
- name: Upload SARIF to GitHub CodeQL
|
|
132
|
+
uses: github/codeql-action/upload-sarif@v3
|
|
133
|
+
with:
|
|
134
|
+
sarif_file: results.sarif
|
|
135
|
+
```
|
|
136
|
+
|
|
137
|
+
## Development
|
|
138
|
+
|
|
139
|
+
```bash
|
|
140
|
+
# Install dev dependencies
|
|
141
|
+
pip install -e .[dev]
|
|
142
|
+
|
|
143
|
+
# Run tests
|
|
144
|
+
pytest
|
|
145
|
+
|
|
146
|
+
# Build package
|
|
147
|
+
python -m build
|
|
148
|
+
```
|
|
149
|
+
|
|
150
|
+
## Documentation
|
|
151
|
+
|
|
152
|
+
- **[Landing Page](https://locface.github.io/AgentSec/)** — interactive demo, features, OWASP mapping, CI/CD setup
|
|
153
|
+
- **[Full Documentation](https://locface.github.io/AgentSec/docs/)** — installation, usage, rules reference, FAQ
|
|
154
|
+
|
|
155
|
+
## License
|
|
156
|
+
|
|
157
|
+
MIT © 2026 locface
|
|
158
|
+
|
|
159
|
+
## Status
|
|
160
|
+
|
|
161
|
+
**Alpha** — under active development. Contributions welcome!
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
agentsec/__init__.py,sha256=FHAqLNU8sxnbp4kblsUM0oJ6eTlgBmRyiitPmKtgcw4,101
|
|
2
|
+
agentsec/baseline.py,sha256=3o6IUMuyVezgsrhxfpAwi_3jTIzq0trD4SkkLVptDRM,1844
|
|
3
|
+
agentsec/cli.py,sha256=1ytxTKQICmfc7pbikx2FOpGGAF22DJsAo3qk2suH27Y,4056
|
|
4
|
+
agentsec/owasp.py,sha256=UynIrWGIwsDqiGgya_7Zc2sr2UqUf4D9yOtOlzMbBUM,8438
|
|
5
|
+
agentsec/report.py,sha256=hD_AHQpQUO52z7pl4bX3KDdA2YJIWcPZewS-9r8vSak,1615
|
|
6
|
+
agentsec/sarif.py,sha256=KgdjLyVX9Vc_e3IgWzapRD9iPGpf-MVE-7LCp2L5ADA,3688
|
|
7
|
+
agentsec/scanner.py,sha256=oP5d2-nZxVHSKEzenMUI1a2h-_58LXR-bsTV2hIlNBw,5310
|
|
8
|
+
agentsec/parsers/__init__.py,sha256=PjzT2Eh7dMNKB-PRFkn2BhKZtF9TA3N6Bxe8fcvgiwc,89
|
|
9
|
+
agentsec/parsers/core.py,sha256=P26psKAPBw-gQryUMML98tFYaJ-EUTdsdbUUE7A8ND8,210
|
|
10
|
+
agentsec/parsers/json_parser.py,sha256=698AIBHgzqAWU9MAI4aZfhiWypdGeCfN7sXU4TN9VkE,3007
|
|
11
|
+
agentsec/parsers/toml_parser.py,sha256=a588P8VDFvuKOlc0jU3MYulFFx7HEP0APROMJ7UU-z0,1011
|
|
12
|
+
agentsec/parsers/yaml_parser.py,sha256=rCZAFWc0kYl3-_cfHIVxAYk_sLlOREtKpESnCw1bHFs,987
|
|
13
|
+
agentsec/rules/__init__.py,sha256=SfLPIcx-L1FZIYYCGlw1JSL35YQadgiDy3L5JSZtk3o,105
|
|
14
|
+
agentsec/rules/additional.py,sha256=XRjXxunPP8rUZw71ZDZ9NCjbE_VNhDITp6v9L4cVFnM,13076
|
|
15
|
+
agentsec/rules/base.py,sha256=UjpgoK_FeL6fskrskM3FG9gPj24udib4MjycGP6gsaU,4812
|
|
16
|
+
agentsec_cli-0.1.0.dist-info/licenses/LICENSE,sha256=bt_LAfJPwg4u0zIdf9InKyUfv8ElnUa78MVKbIUiw7I,1064
|
|
17
|
+
agentsec_cli-0.1.0.dist-info/METADATA,sha256=SkR4L53ktFBfI3oF2CN4gDpFo3lX8ksNIhp_s6CV5jg,4463
|
|
18
|
+
agentsec_cli-0.1.0.dist-info/WHEEL,sha256=aeYiig01lYGDzBgS8HxWXOg3uV61G9ijOsup-k9o1sk,91
|
|
19
|
+
agentsec_cli-0.1.0.dist-info/entry_points.txt,sha256=wWeADoDpLlxjO2L-QQB442BAA32zuwFvL0XC7ze9mu8,46
|
|
20
|
+
agentsec_cli-0.1.0.dist-info/top_level.txt,sha256=8ta4DdPLaAds-o8VoEZ7-u1xaGcscNFUtNf_6yZYQnU,9
|
|
21
|
+
agentsec_cli-0.1.0.dist-info/RECORD,,
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2026 locface
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
agentsec
|