agentsec-cli 1.0.0__tar.gz → 1.0.1__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. agentsec_cli-1.0.1/PKG-INFO +137 -0
  2. agentsec_cli-1.0.1/README.md +109 -0
  3. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/__init__.py +1 -1
  4. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/sarif.py +1 -1
  5. agentsec_cli-1.0.1/agentsec_cli.egg-info/PKG-INFO +137 -0
  6. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/pyproject.toml +1 -1
  7. agentsec_cli-1.0.0/PKG-INFO +0 -399
  8. agentsec_cli-1.0.0/README.md +0 -371
  9. agentsec_cli-1.0.0/agentsec_cli.egg-info/PKG-INFO +0 -399
  10. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/CHANGELOG.md +0 -0
  11. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/CODE_OF_CONDUCT.md +0 -0
  12. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/CONTRIBUTING.md +0 -0
  13. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/LICENSE +0 -0
  14. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/MANIFEST.in +0 -0
  15. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/SECURITY.md +0 -0
  16. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/baseline.py +0 -0
  17. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/cli.py +0 -0
  18. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/owasp.py +0 -0
  19. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/parsers/__init__.py +0 -0
  20. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/parsers/core.py +0 -0
  21. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/parsers/json_parser.py +0 -0
  22. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/parsers/toml_parser.py +0 -0
  23. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/parsers/yaml_parser.py +0 -0
  24. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/report.py +0 -0
  25. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/rules/__init__.py +0 -0
  26. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/rules/additional.py +0 -0
  27. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/rules/base.py +0 -0
  28. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/scanner.py +0 -0
  29. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/utils/__init__.py +0 -0
  30. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec/utils/toml_compat.py +0 -0
  31. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec_cli.egg-info/SOURCES.txt +0 -0
  32. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec_cli.egg-info/dependency_links.txt +0 -0
  33. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec_cli.egg-info/entry_points.txt +0 -0
  34. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec_cli.egg-info/requires.txt +0 -0
  35. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/agentsec_cli.egg-info/top_level.txt +0 -0
  36. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/setup.cfg +0 -0
  37. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/tests/test_baseline.py +0 -0
  38. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/tests/test_compat.py +0 -0
  39. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/tests/test_owasp.py +0 -0
  40. {agentsec_cli-1.0.0 → agentsec_cli-1.0.1}/tests/test_scanner.py +0 -0
@@ -0,0 +1,137 @@
1
+ Metadata-Version: 2.4
2
+ Name: agentsec-cli
3
+ Version: 1.0.1
4
+ Summary: Static security scanner for AI coding agents and MCP configurations
5
+ Author: locface
6
+ License-Expression: MIT
7
+ Project-URL: homepage, https://locface.github.io/AgentSec/
8
+ Project-URL: repository, https://github.com/locface/AgentSec
9
+ Project-URL: documentation, https://locface.github.io/AgentSec/docs/
10
+ Project-URL: changelog, https://github.com/locface/AgentSec/blob/main/CHANGELOG.md
11
+ Classifier: Development Status :: 5 - Production/Stable
12
+ Classifier: Intended Audience :: Developers
13
+ Classifier: Programming Language :: Python :: 3
14
+ Classifier: Programming Language :: Python :: 3.10
15
+ Classifier: Programming Language :: Python :: 3.11
16
+ Classifier: Programming Language :: Python :: 3.12
17
+ Classifier: Programming Language :: Python :: 3.13
18
+ Requires-Python: >=3.10
19
+ Description-Content-Type: text/markdown
20
+ License-File: LICENSE
21
+ Requires-Dist: click<9,>=8.0.0
22
+ Requires-Dist: pyyaml<7,>=6.0
23
+ Requires-Dist: toml<1,>=0.10.2
24
+ Requires-Dist: tomli<3,>=2.0.1; python_version < "3.11"
25
+ Provides-Extra: dev
26
+ Requires-Dist: pytest>=7.0.0; extra == "dev"
27
+ Dynamic: license-file
28
+
29
+ <picture>
30
+ <source media="(prefers-color-scheme: dark)" srcset="https://raw.githubusercontent.com/locface/AgentSec/main/docs/images/agentsec-dark.svg">
31
+ <img alt="AgentSec" src="https://raw.githubusercontent.com/locface/AgentSec/main/docs/images/agentsec-light.svg">
32
+ </picture>
33
+
34
+ # AgentSec
35
+
36
+ **Static security scanner for AI coding agents and MCP configurations.**
37
+
38
+ [![PyPI](https://img.shields.io/pypi/v/agentsec-cli.svg)](https://pypi.org/project/agentsec-cli/)
39
+ [![Python](https://img.shields.io/pypi/pyversions/agentsec-cli.svg)](https://pypi.org/project/agentsec-cli/)
40
+ [![License](https://img.shields.io/github/license/locface/AgentSec)](LICENSE)
41
+ [![Tests](https://img.shields.io/github/actions/workflow/status/locface/AgentSec/agentsec.yml?label=tests)](https://github.com/locface/AgentSec/actions)
42
+
43
+ AI coding agents have access to your shell, filesystem, network, and secrets. Most agent configurations are never audited for security risks. AgentSec inspects MCP server manifests, Claude Desktop configs, Cursor rules, and agent instruction files for dangerous permissions, prompt injection risks, and secret exposure — with no LLM dependencies and no data leaving your machine.
44
+
45
+ All findings map to [OWASP Top 10 for LLM Applications](https://genai.owasp.org/) (LLM01–LLM10) and the [OWASP Agentic Security Top 10](https://owasp.org/) (AG01–AG10).
46
+
47
+ ## Features
48
+
49
+ - 41 security rules covering shell execution, filesystem access, network exfiltration, OAuth scopes, prompt injection, container escape, and credential exposure
50
+ - OWASP LLM + Agentic mapping on every finding
51
+ - 4 output formats: terminal, JSON, Markdown, SARIF v2.1.0
52
+ - CI/CD gating with `--fail-on` (exit code 1 at severity threshold)
53
+ - Baseline comparison for regression tracking
54
+ - Automatic detection of JSON, YAML, TOML, and Markdown configs
55
+ - Zero runtime dependencies beyond the Python standard library
56
+
57
+ ## Installation
58
+
59
+ ```bash
60
+ pip install agentsec-cli
61
+ ```
62
+
63
+ Requires Python 3.10 or later.
64
+
65
+ ## Quick Start
66
+
67
+ ```bash
68
+ # Scan a project
69
+ agentsec scan /path/to/project
70
+
71
+ # Generate SARIF for CI/CD
72
+ agentsec scan . --format sarif > results.sarif
73
+
74
+ # Gate CI on critical findings
75
+ agentsec scan . --fail-on critical
76
+
77
+ # Baseline comparison
78
+ agentsec scan . --update-baseline baseline.json
79
+ agentsec scan . --baseline baseline.json
80
+
81
+ # OWASP mapping
82
+ agentsec scan . --show-owasp
83
+ ```
84
+
85
+ Example output:
86
+
87
+ ```text
88
+ Scanning /home/user/dev/mcp-project...
89
+
90
+ [CRITICAL] MCP shell execution
91
+ File: claude_desktop_config.json
92
+ Server: shell-server
93
+ Description: MCP server can execute shell commands
94
+ Recommendation: Require explicit approval or remove shell access.
95
+
96
+ [CRITICAL] MCP filesystem write access
97
+ File: claude_desktop_config.json
98
+ Server: filesystem
99
+ Description: MCP server has filesystem write access
100
+ Recommendation: Restrict filesystem access to read-only or specific directories.
101
+
102
+ Total findings: 4 · Critical: 3 · High: 0 · Medium: 1 · Low: 0
103
+ ```
104
+
105
+ ### Output Formats
106
+
107
+ - **terminal** (default) — human-readable with severity coloring
108
+ - **json** — machine-parseable JSON array of findings
109
+ - **markdown** — formatted report suitable for commit comments
110
+ - **sarif** — SARIF v2.1.0, compatible with GitHub CodeQL
111
+
112
+ ### Supported Config Files
113
+
114
+ AgentSec automatically detects and scans these file types:
115
+
116
+ - MCP servers: `mcp.json`, `mcp.yaml`, `mcp.toml`
117
+ - Claude Desktop: `claude_desktop_config.json`
118
+ - Cursor: `.cursorrules`, `.cursor/rules/*`
119
+ - Codex / Cline: `codex.toml`, `.clinerules`
120
+ - Agent instructions: `AGENTS.md`, `CLAUDE.md`
121
+ - Infrastructure: `Dockerfile`, `package.json`
122
+
123
+ ## Documentation
124
+
125
+ Full documentation: [https://locface.github.io/AgentSec/docs/](https://locface.github.io/AgentSec/docs/)
126
+
127
+ ## Contributing
128
+
129
+ See [CONTRIBUTING.md](CONTRIBUTING.md) for development setup, testing, and pull request workflow.
130
+
131
+ ## Security
132
+
133
+ Report vulnerabilities privately. See [SECURITY.md](SECURITY.md) for our disclosure policy.
134
+
135
+ ## License
136
+
137
+ MIT — see [LICENSE](LICENSE).
@@ -0,0 +1,109 @@
1
+ <picture>
2
+ <source media="(prefers-color-scheme: dark)" srcset="https://raw.githubusercontent.com/locface/AgentSec/main/docs/images/agentsec-dark.svg">
3
+ <img alt="AgentSec" src="https://raw.githubusercontent.com/locface/AgentSec/main/docs/images/agentsec-light.svg">
4
+ </picture>
5
+
6
+ # AgentSec
7
+
8
+ **Static security scanner for AI coding agents and MCP configurations.**
9
+
10
+ [![PyPI](https://img.shields.io/pypi/v/agentsec-cli.svg)](https://pypi.org/project/agentsec-cli/)
11
+ [![Python](https://img.shields.io/pypi/pyversions/agentsec-cli.svg)](https://pypi.org/project/agentsec-cli/)
12
+ [![License](https://img.shields.io/github/license/locface/AgentSec)](LICENSE)
13
+ [![Tests](https://img.shields.io/github/actions/workflow/status/locface/AgentSec/agentsec.yml?label=tests)](https://github.com/locface/AgentSec/actions)
14
+
15
+ AI coding agents have access to your shell, filesystem, network, and secrets. Most agent configurations are never audited for security risks. AgentSec inspects MCP server manifests, Claude Desktop configs, Cursor rules, and agent instruction files for dangerous permissions, prompt injection risks, and secret exposure — with no LLM dependencies and no data leaving your machine.
16
+
17
+ All findings map to [OWASP Top 10 for LLM Applications](https://genai.owasp.org/) (LLM01–LLM10) and the [OWASP Agentic Security Top 10](https://owasp.org/) (AG01–AG10).
18
+
19
+ ## Features
20
+
21
+ - 41 security rules covering shell execution, filesystem access, network exfiltration, OAuth scopes, prompt injection, container escape, and credential exposure
22
+ - OWASP LLM + Agentic mapping on every finding
23
+ - 4 output formats: terminal, JSON, Markdown, SARIF v2.1.0
24
+ - CI/CD gating with `--fail-on` (exit code 1 at severity threshold)
25
+ - Baseline comparison for regression tracking
26
+ - Automatic detection of JSON, YAML, TOML, and Markdown configs
27
+ - Zero runtime dependencies beyond the Python standard library
28
+
29
+ ## Installation
30
+
31
+ ```bash
32
+ pip install agentsec-cli
33
+ ```
34
+
35
+ Requires Python 3.10 or later.
36
+
37
+ ## Quick Start
38
+
39
+ ```bash
40
+ # Scan a project
41
+ agentsec scan /path/to/project
42
+
43
+ # Generate SARIF for CI/CD
44
+ agentsec scan . --format sarif > results.sarif
45
+
46
+ # Gate CI on critical findings
47
+ agentsec scan . --fail-on critical
48
+
49
+ # Baseline comparison
50
+ agentsec scan . --update-baseline baseline.json
51
+ agentsec scan . --baseline baseline.json
52
+
53
+ # OWASP mapping
54
+ agentsec scan . --show-owasp
55
+ ```
56
+
57
+ Example output:
58
+
59
+ ```text
60
+ Scanning /home/user/dev/mcp-project...
61
+
62
+ [CRITICAL] MCP shell execution
63
+ File: claude_desktop_config.json
64
+ Server: shell-server
65
+ Description: MCP server can execute shell commands
66
+ Recommendation: Require explicit approval or remove shell access.
67
+
68
+ [CRITICAL] MCP filesystem write access
69
+ File: claude_desktop_config.json
70
+ Server: filesystem
71
+ Description: MCP server has filesystem write access
72
+ Recommendation: Restrict filesystem access to read-only or specific directories.
73
+
74
+ Total findings: 4 · Critical: 3 · High: 0 · Medium: 1 · Low: 0
75
+ ```
76
+
77
+ ### Output Formats
78
+
79
+ - **terminal** (default) — human-readable with severity coloring
80
+ - **json** — machine-parseable JSON array of findings
81
+ - **markdown** — formatted report suitable for commit comments
82
+ - **sarif** — SARIF v2.1.0, compatible with GitHub CodeQL
83
+
84
+ ### Supported Config Files
85
+
86
+ AgentSec automatically detects and scans these file types:
87
+
88
+ - MCP servers: `mcp.json`, `mcp.yaml`, `mcp.toml`
89
+ - Claude Desktop: `claude_desktop_config.json`
90
+ - Cursor: `.cursorrules`, `.cursor/rules/*`
91
+ - Codex / Cline: `codex.toml`, `.clinerules`
92
+ - Agent instructions: `AGENTS.md`, `CLAUDE.md`
93
+ - Infrastructure: `Dockerfile`, `package.json`
94
+
95
+ ## Documentation
96
+
97
+ Full documentation: [https://locface.github.io/AgentSec/docs/](https://locface.github.io/AgentSec/docs/)
98
+
99
+ ## Contributing
100
+
101
+ See [CONTRIBUTING.md](CONTRIBUTING.md) for development setup, testing, and pull request workflow.
102
+
103
+ ## Security
104
+
105
+ Report vulnerabilities privately. See [SECURITY.md](SECURITY.md) for our disclosure policy.
106
+
107
+ ## License
108
+
109
+ MIT — see [LICENSE](LICENSE).
@@ -1,3 +1,3 @@
1
1
  """AgentSec: Static security scanner for AI coding agents and MCP configs."""
2
2
 
3
- __version__ = "1.0.0"
3
+ __version__ = "1.0.1"
@@ -90,7 +90,7 @@ def generate_sarif(findings: List[Dict[str, Any]], repo_root: str = ".") -> Dict
90
90
  "organization": "AgentSec",
91
91
  "informationUri": "https://github.com/locface/AgentSec",
92
92
  "rules": list(rules.values()),
93
- "version": "1.0.0"
93
+ "version": "1.0.1"
94
94
  }
95
95
  },
96
96
  "results": results,
@@ -0,0 +1,137 @@
1
+ Metadata-Version: 2.4
2
+ Name: agentsec-cli
3
+ Version: 1.0.1
4
+ Summary: Static security scanner for AI coding agents and MCP configurations
5
+ Author: locface
6
+ License-Expression: MIT
7
+ Project-URL: homepage, https://locface.github.io/AgentSec/
8
+ Project-URL: repository, https://github.com/locface/AgentSec
9
+ Project-URL: documentation, https://locface.github.io/AgentSec/docs/
10
+ Project-URL: changelog, https://github.com/locface/AgentSec/blob/main/CHANGELOG.md
11
+ Classifier: Development Status :: 5 - Production/Stable
12
+ Classifier: Intended Audience :: Developers
13
+ Classifier: Programming Language :: Python :: 3
14
+ Classifier: Programming Language :: Python :: 3.10
15
+ Classifier: Programming Language :: Python :: 3.11
16
+ Classifier: Programming Language :: Python :: 3.12
17
+ Classifier: Programming Language :: Python :: 3.13
18
+ Requires-Python: >=3.10
19
+ Description-Content-Type: text/markdown
20
+ License-File: LICENSE
21
+ Requires-Dist: click<9,>=8.0.0
22
+ Requires-Dist: pyyaml<7,>=6.0
23
+ Requires-Dist: toml<1,>=0.10.2
24
+ Requires-Dist: tomli<3,>=2.0.1; python_version < "3.11"
25
+ Provides-Extra: dev
26
+ Requires-Dist: pytest>=7.0.0; extra == "dev"
27
+ Dynamic: license-file
28
+
29
+ <picture>
30
+ <source media="(prefers-color-scheme: dark)" srcset="https://raw.githubusercontent.com/locface/AgentSec/main/docs/images/agentsec-dark.svg">
31
+ <img alt="AgentSec" src="https://raw.githubusercontent.com/locface/AgentSec/main/docs/images/agentsec-light.svg">
32
+ </picture>
33
+
34
+ # AgentSec
35
+
36
+ **Static security scanner for AI coding agents and MCP configurations.**
37
+
38
+ [![PyPI](https://img.shields.io/pypi/v/agentsec-cli.svg)](https://pypi.org/project/agentsec-cli/)
39
+ [![Python](https://img.shields.io/pypi/pyversions/agentsec-cli.svg)](https://pypi.org/project/agentsec-cli/)
40
+ [![License](https://img.shields.io/github/license/locface/AgentSec)](LICENSE)
41
+ [![Tests](https://img.shields.io/github/actions/workflow/status/locface/AgentSec/agentsec.yml?label=tests)](https://github.com/locface/AgentSec/actions)
42
+
43
+ AI coding agents have access to your shell, filesystem, network, and secrets. Most agent configurations are never audited for security risks. AgentSec inspects MCP server manifests, Claude Desktop configs, Cursor rules, and agent instruction files for dangerous permissions, prompt injection risks, and secret exposure — with no LLM dependencies and no data leaving your machine.
44
+
45
+ All findings map to [OWASP Top 10 for LLM Applications](https://genai.owasp.org/) (LLM01–LLM10) and the [OWASP Agentic Security Top 10](https://owasp.org/) (AG01–AG10).
46
+
47
+ ## Features
48
+
49
+ - 41 security rules covering shell execution, filesystem access, network exfiltration, OAuth scopes, prompt injection, container escape, and credential exposure
50
+ - OWASP LLM + Agentic mapping on every finding
51
+ - 4 output formats: terminal, JSON, Markdown, SARIF v2.1.0
52
+ - CI/CD gating with `--fail-on` (exit code 1 at severity threshold)
53
+ - Baseline comparison for regression tracking
54
+ - Automatic detection of JSON, YAML, TOML, and Markdown configs
55
+ - Zero runtime dependencies beyond the Python standard library
56
+
57
+ ## Installation
58
+
59
+ ```bash
60
+ pip install agentsec-cli
61
+ ```
62
+
63
+ Requires Python 3.10 or later.
64
+
65
+ ## Quick Start
66
+
67
+ ```bash
68
+ # Scan a project
69
+ agentsec scan /path/to/project
70
+
71
+ # Generate SARIF for CI/CD
72
+ agentsec scan . --format sarif > results.sarif
73
+
74
+ # Gate CI on critical findings
75
+ agentsec scan . --fail-on critical
76
+
77
+ # Baseline comparison
78
+ agentsec scan . --update-baseline baseline.json
79
+ agentsec scan . --baseline baseline.json
80
+
81
+ # OWASP mapping
82
+ agentsec scan . --show-owasp
83
+ ```
84
+
85
+ Example output:
86
+
87
+ ```text
88
+ Scanning /home/user/dev/mcp-project...
89
+
90
+ [CRITICAL] MCP shell execution
91
+ File: claude_desktop_config.json
92
+ Server: shell-server
93
+ Description: MCP server can execute shell commands
94
+ Recommendation: Require explicit approval or remove shell access.
95
+
96
+ [CRITICAL] MCP filesystem write access
97
+ File: claude_desktop_config.json
98
+ Server: filesystem
99
+ Description: MCP server has filesystem write access
100
+ Recommendation: Restrict filesystem access to read-only or specific directories.
101
+
102
+ Total findings: 4 · Critical: 3 · High: 0 · Medium: 1 · Low: 0
103
+ ```
104
+
105
+ ### Output Formats
106
+
107
+ - **terminal** (default) — human-readable with severity coloring
108
+ - **json** — machine-parseable JSON array of findings
109
+ - **markdown** — formatted report suitable for commit comments
110
+ - **sarif** — SARIF v2.1.0, compatible with GitHub CodeQL
111
+
112
+ ### Supported Config Files
113
+
114
+ AgentSec automatically detects and scans these file types:
115
+
116
+ - MCP servers: `mcp.json`, `mcp.yaml`, `mcp.toml`
117
+ - Claude Desktop: `claude_desktop_config.json`
118
+ - Cursor: `.cursorrules`, `.cursor/rules/*`
119
+ - Codex / Cline: `codex.toml`, `.clinerules`
120
+ - Agent instructions: `AGENTS.md`, `CLAUDE.md`
121
+ - Infrastructure: `Dockerfile`, `package.json`
122
+
123
+ ## Documentation
124
+
125
+ Full documentation: [https://locface.github.io/AgentSec/docs/](https://locface.github.io/AgentSec/docs/)
126
+
127
+ ## Contributing
128
+
129
+ See [CONTRIBUTING.md](CONTRIBUTING.md) for development setup, testing, and pull request workflow.
130
+
131
+ ## Security
132
+
133
+ Report vulnerabilities privately. See [SECURITY.md](SECURITY.md) for our disclosure policy.
134
+
135
+ ## License
136
+
137
+ MIT — see [LICENSE](LICENSE).
@@ -1,6 +1,6 @@
1
1
  [project]
2
2
  name = "agentsec-cli"
3
- version = "1.0.0"
3
+ version = "1.0.1"
4
4
  description = "Static security scanner for AI coding agents and MCP configurations"
5
5
  readme = "README.md"
6
6
  authors = [{name = "locface"}]