apisec-ai-surface 1.0.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (184) hide show
  1. apisec_ai_surface-1.0.0/.github/ISSUE_TEMPLATE/bug.yml +53 -0
  2. apisec_ai_surface-1.0.0/.github/ISSUE_TEMPLATE/config.yml +8 -0
  3. apisec_ai_surface-1.0.0/.github/ISSUE_TEMPLATE/false-negative.yml +44 -0
  4. apisec_ai_surface-1.0.0/.github/ISSUE_TEMPLATE/false-positive.yml +39 -0
  5. apisec_ai_surface-1.0.0/.github/ISSUE_TEMPLATE/feature-request.yml +23 -0
  6. apisec_ai_surface-1.0.0/.github/action/entry.py +547 -0
  7. apisec_ai_surface-1.0.0/.github/dependabot.yml +44 -0
  8. apisec_ai_surface-1.0.0/.github/pull_request_template.md +24 -0
  9. apisec_ai_surface-1.0.0/.github/workflows/example-pr-check.yml +28 -0
  10. apisec_ai_surface-1.0.0/.github/workflows/publish.yml +61 -0
  11. apisec_ai_surface-1.0.0/.github/workflows/security-scan.yml +59 -0
  12. apisec_ai_surface-1.0.0/.github/workflows/self-test.yml +31 -0
  13. apisec_ai_surface-1.0.0/.gitignore +64 -0
  14. apisec_ai_surface-1.0.0/CHANGELOG.md +171 -0
  15. apisec_ai_surface-1.0.0/CODE_OF_CONDUCT.md +25 -0
  16. apisec_ai_surface-1.0.0/CONTRIBUTING.md +52 -0
  17. apisec_ai_surface-1.0.0/Dockerfile +26 -0
  18. apisec_ai_surface-1.0.0/LICENSE +21 -0
  19. apisec_ai_surface-1.0.0/PKG-INFO +415 -0
  20. apisec_ai_surface-1.0.0/README.md +377 -0
  21. apisec_ai_surface-1.0.0/SECURITY.md +53 -0
  22. apisec_ai_surface-1.0.0/action.yml +51 -0
  23. apisec_ai_surface-1.0.0/docs/ARCHITECTURE.md +276 -0
  24. apisec_ai_surface-1.0.0/docs/CI_INTEGRATION.md +303 -0
  25. apisec_ai_surface-1.0.0/docs/COMPLIANCE.md +107 -0
  26. apisec_ai_surface-1.0.0/docs/DETECTORS.md +343 -0
  27. apisec_ai_surface-1.0.0/docs/LANGUAGE_SUPPORT.md +62 -0
  28. apisec_ai_surface-1.0.0/docs/PRIVACY.md +101 -0
  29. apisec_ai_surface-1.0.0/docs/SCHEMA_v1.md +146 -0
  30. apisec_ai_surface-1.0.0/docs/STATE_OF_AI_SURFACE.md +99 -0
  31. apisec_ai_surface-1.0.0/docs/images/overview-governance.png +0 -0
  32. apisec_ai_surface-1.0.0/docs/images/state-of-ai-surface.png +0 -0
  33. apisec_ai_surface-1.0.0/docs/images/surface-map.png +0 -0
  34. apisec_ai_surface-1.0.0/examples/README.md +53 -0
  35. apisec_ai_surface-1.0.0/examples/demo-app/.env.example +10 -0
  36. apisec_ai_surface-1.0.0/examples/demo-app/.mcp.json +13 -0
  37. apisec_ai_surface-1.0.0/examples/demo-app/README.md +42 -0
  38. apisec_ai_surface-1.0.0/examples/demo-app/deploy/bedrock.tf +12 -0
  39. apisec_ai_surface-1.0.0/examples/demo-app/deploy/vllm-embeddings.yaml +23 -0
  40. apisec_ai_surface-1.0.0/examples/demo-app/litellm.config.yaml +27 -0
  41. apisec_ai_surface-1.0.0/examples/demo-app/src/chat_agent.py +42 -0
  42. apisec_ai_surface-1.0.0/examples/demo-app/src/llm_service.py +42 -0
  43. apisec_ai_surface-1.0.0/examples/demo-app/src/orders_mcp_server.py +48 -0
  44. apisec_ai_surface-1.0.0/examples/demo-app/src/support_workflow.py +44 -0
  45. apisec_ai_surface-1.0.0/examples/integrations/circleci.yml +38 -0
  46. apisec_ai_surface-1.0.0/examples/integrations/gitlab-ci.yml +38 -0
  47. apisec_ai_surface-1.0.0/examples/integrations/pre-commit-hook.sh +39 -0
  48. apisec_ai_surface-1.0.0/examples/sample-outputs/pr-comment.md +37 -0
  49. apisec_ai_surface-1.0.0/examples/sample-outputs/report.json +331 -0
  50. apisec_ai_surface-1.0.0/examples/sample-outputs/report.md +258 -0
  51. apisec_ai_surface-1.0.0/examples/sample-outputs/terminal.txt +103 -0
  52. apisec_ai_surface-1.0.0/examples/workflows/basic.yml +29 -0
  53. apisec_ai_surface-1.0.0/examples/workflows/custom-risk-threshold.yml +50 -0
  54. apisec_ai_surface-1.0.0/examples/workflows/fail-on-risk.yml +27 -0
  55. apisec_ai_surface-1.0.0/examples/workflows/scan-on-main.yml +41 -0
  56. apisec_ai_surface-1.0.0/fixtures/demo_report.json +1553 -0
  57. apisec_ai_surface-1.0.0/fixtures/generate_demo.py +286 -0
  58. apisec_ai_surface-1.0.0/fixtures/generate_sample.py +182 -0
  59. apisec_ai_surface-1.0.0/fixtures/sample_report.json +434 -0
  60. apisec_ai_surface-1.0.0/pyproject.toml +84 -0
  61. apisec_ai_surface-1.0.0/src/ai_surface/__init__.py +2 -0
  62. apisec_ai_surface-1.0.0/src/ai_surface/audits.py +110 -0
  63. apisec_ai_surface-1.0.0/src/ai_surface/cli.py +698 -0
  64. apisec_ai_surface-1.0.0/src/ai_surface/cross_promo.py +365 -0
  65. apisec_ai_surface-1.0.0/src/ai_surface/data/__init__.py +6 -0
  66. apisec_ai_surface-1.0.0/src/ai_surface/data/mcp/__init__.py +12 -0
  67. apisec_ai_surface-1.0.0/src/ai_surface/data/mcp/api_patterns.py +362 -0
  68. apisec_ai_surface-1.0.0/src/ai_surface/data/mcp/known_mcps.json +538 -0
  69. apisec_ai_surface-1.0.0/src/ai_surface/data/mcp/model_patterns.py +321 -0
  70. apisec_ai_surface-1.0.0/src/ai_surface/data/mcp/owasp_llm.py +54 -0
  71. apisec_ai_surface-1.0.0/src/ai_surface/data/mcp/registry.py +174 -0
  72. apisec_ai_surface-1.0.0/src/ai_surface/data/mcp/risk_definitions.py +185 -0
  73. apisec_ai_surface-1.0.0/src/ai_surface/data/mcp/secret_patterns.py +319 -0
  74. apisec_ai_surface-1.0.0/src/ai_surface/detectors/__init__.py +5 -0
  75. apisec_ai_surface-1.0.0/src/ai_surface/detectors/agent_frameworks.py +938 -0
  76. apisec_ai_surface-1.0.0/src/ai_surface/detectors/ai_infra.py +436 -0
  77. apisec_ai_surface-1.0.0/src/ai_surface/detectors/api_endpoints.py +595 -0
  78. apisec_ai_surface-1.0.0/src/ai_surface/detectors/env_keys.py +261 -0
  79. apisec_ai_surface-1.0.0/src/ai_surface/detectors/llm_sdks.py +426 -0
  80. apisec_ai_surface-1.0.0/src/ai_surface/detectors/mcp_audit.py +589 -0
  81. apisec_ai_surface-1.0.0/src/ai_surface/detectors/mcp_servers.py +420 -0
  82. apisec_ai_surface-1.0.0/src/ai_surface/detectors/model_gateways.py +256 -0
  83. apisec_ai_surface-1.0.0/src/ai_surface/detectors/vector_rag.py +235 -0
  84. apisec_ai_surface-1.0.0/src/ai_surface/diff.py +365 -0
  85. apisec_ai_surface-1.0.0/src/ai_surface/dispositions.py +64 -0
  86. apisec_ai_surface-1.0.0/src/ai_surface/frameworks.py +152 -0
  87. apisec_ai_surface-1.0.0/src/ai_surface/observability.py +224 -0
  88. apisec_ai_surface-1.0.0/src/ai_surface/orchestrator.py +213 -0
  89. apisec_ai_surface-1.0.0/src/ai_surface/oversight.py +172 -0
  90. apisec_ai_surface-1.0.0/src/ai_surface/pii.py +145 -0
  91. apisec_ai_surface-1.0.0/src/ai_surface/repo.py +118 -0
  92. apisec_ai_surface-1.0.0/src/ai_surface/reporters/__init__.py +1 -0
  93. apisec_ai_surface-1.0.0/src/ai_surface/reporters/cyclonedx_reporter.py +153 -0
  94. apisec_ai_surface-1.0.0/src/ai_surface/reporters/json_reporter.py +61 -0
  95. apisec_ai_surface-1.0.0/src/ai_surface/reporters/markdown_reporter.py +336 -0
  96. apisec_ai_surface-1.0.0/src/ai_surface/reporters/sarif_reporter.py +125 -0
  97. apisec_ai_surface-1.0.0/src/ai_surface/reporters/terminal_reporter.py +384 -0
  98. apisec_ai_surface-1.0.0/src/ai_surface/types.py +389 -0
  99. apisec_ai_surface-1.0.0/src/ai_surface/ui/README.md +118 -0
  100. apisec_ai_surface-1.0.0/src/ai_surface/ui/ai-bom.json +1339 -0
  101. apisec_ai_surface-1.0.0/src/ai_surface/ui/app.js +1581 -0
  102. apisec_ai_surface-1.0.0/src/ai_surface/ui/index.html +27 -0
  103. apisec_ai_surface-1.0.0/src/ai_surface/ui/report.json +1553 -0
  104. apisec_ai_surface-1.0.0/src/ai_surface/ui/styles.css +902 -0
  105. apisec_ai_surface-1.0.0/src/ai_surface/ui_server.py +198 -0
  106. apisec_ai_surface-1.0.0/src/ai_surface/utils/__init__.py +4 -0
  107. apisec_ai_surface-1.0.0/src/ai_surface/utils/markdown_safety.py +76 -0
  108. apisec_ai_surface-1.0.0/src/ai_surface/utils/specs.py +317 -0
  109. apisec_ai_surface-1.0.0/src/ai_surface/utils/walk.py +291 -0
  110. apisec_ai_surface-1.0.0/tests/__init__.py +0 -0
  111. apisec_ai_surface-1.0.0/tests/fixtures/agents/anthropic_tools.py +10 -0
  112. apisec_ai_surface-1.0.0/tests/fixtures/agents/clean.py +9 -0
  113. apisec_ai_surface-1.0.0/tests/fixtures/agents/crewai_research.py +16 -0
  114. apisec_ai_surface-1.0.0/tests/fixtures/agents/langchain_refund.py +19 -0
  115. apisec_ai_surface-1.0.0/tests/fixtures/agents/strands_param_hydration.py +39 -0
  116. apisec_ai_surface-1.0.0/tests/fixtures/ai_infra/clean/foo.py +2 -0
  117. apisec_ai_surface-1.0.0/tests/fixtures/ai_infra/compose_ollama/docker-compose.yml +9 -0
  118. apisec_ai_surface-1.0.0/tests/fixtures/ai_infra/dockerfile_serve/Dockerfile +5 -0
  119. apisec_ai_surface-1.0.0/tests/fixtures/ai_infra/dockerfile_vllm/Dockerfile +4 -0
  120. apisec_ai_surface-1.0.0/tests/fixtures/ai_infra/helm_vllm/values.yaml +7 -0
  121. apisec_ai_surface-1.0.0/tests/fixtures/ai_infra/k8s_clean/deployment.yaml +12 -0
  122. apisec_ai_surface-1.0.0/tests/fixtures/ai_infra/k8s_ollama/deployment.yaml +20 -0
  123. apisec_ai_surface-1.0.0/tests/fixtures/ai_infra/terraform_bedrock/main.tf +6 -0
  124. apisec_ai_surface-1.0.0/tests/fixtures/api_endpoints/express/routes.js +12 -0
  125. apisec_ai_surface-1.0.0/tests/fixtures/api_endpoints/fastapi/main.py +25 -0
  126. apisec_ai_surface-1.0.0/tests/fixtures/api_endpoints/spec/openapi.yaml +35 -0
  127. apisec_ai_surface-1.0.0/tests/fixtures/e2e_app/.mcp.json +11 -0
  128. apisec_ai_surface-1.0.0/tests/fixtures/e2e_app/app/main.py +12 -0
  129. apisec_ai_surface-1.0.0/tests/fixtures/e2e_app/openapi.yaml +18 -0
  130. apisec_ai_surface-1.0.0/tests/fixtures/env_keys/clean/.env +5 -0
  131. apisec_ai_surface-1.0.0/tests/fixtures/env_keys/with_export/.envrc +2 -0
  132. apisec_ai_surface-1.0.0/tests/fixtures/env_keys/with_keys/.env +9 -0
  133. apisec_ai_surface-1.0.0/tests/fixtures/env_keys/with_keys/.env.production +4 -0
  134. apisec_ai_surface-1.0.0/tests/fixtures/gateways/clean/foo.py +8 -0
  135. apisec_ai_surface-1.0.0/tests/fixtures/gateways/litellm_proxy/config.yaml +21 -0
  136. apisec_ai_surface-1.0.0/tests/fixtures/gateways/portkey_python/app.py +12 -0
  137. apisec_ai_surface-1.0.0/tests/fixtures/golden_app/.env +1 -0
  138. apisec_ai_surface-1.0.0/tests/fixtures/golden_app/.mcp.json +6 -0
  139. apisec_ai_surface-1.0.0/tests/fixtures/golden_app/api.py +8 -0
  140. apisec_ai_surface-1.0.0/tests/fixtures/golden_app/assistant.ts +12 -0
  141. apisec_ai_surface-1.0.0/tests/fixtures/golden_app/knowledge.py +9 -0
  142. apisec_ai_surface-1.0.0/tests/fixtures/golden_app/prompts.py +6 -0
  143. apisec_ai_surface-1.0.0/tests/fixtures/golden_app/support_agent.py +25 -0
  144. apisec_ai_surface-1.0.0/tests/fixtures/llm_sdks/anthropic_py/agent.py +14 -0
  145. apisec_ai_surface-1.0.0/tests/fixtures/llm_sdks/anthropic_ts/client.ts +13 -0
  146. apisec_ai_surface-1.0.0/tests/fixtures/llm_sdks/clean/utils.py +12 -0
  147. apisec_ai_surface-1.0.0/tests/fixtures/llm_sdks/openai_py/summarize.py +14 -0
  148. apisec_ai_surface-1.0.0/tests/fixtures/mcp/empty/README.txt +2 -0
  149. apisec_ai_surface-1.0.0/tests/fixtures/mcp/empty/regular_app.py +6 -0
  150. apisec_ai_surface-1.0.0/tests/fixtures/mcp/with_config/mcp.json +14 -0
  151. apisec_ai_surface-1.0.0/tests/fixtures/mcp/with_source/mcp_orders_server.py +32 -0
  152. apisec_ai_surface-1.0.0/tests/test_agent_frameworks.py +442 -0
  153. apisec_ai_surface-1.0.0/tests/test_ai_infra.py +276 -0
  154. apisec_ai_surface-1.0.0/tests/test_api_endpoints.py +172 -0
  155. apisec_ai_surface-1.0.0/tests/test_audits.py +54 -0
  156. apisec_ai_surface-1.0.0/tests/test_cli.py +390 -0
  157. apisec_ai_surface-1.0.0/tests/test_cross_promo.py +190 -0
  158. apisec_ai_surface-1.0.0/tests/test_cross_promo_bridges.py +75 -0
  159. apisec_ai_surface-1.0.0/tests/test_cyclonedx.py +98 -0
  160. apisec_ai_surface-1.0.0/tests/test_diff.py +292 -0
  161. apisec_ai_surface-1.0.0/tests/test_dispositions.py +66 -0
  162. apisec_ai_surface-1.0.0/tests/test_e2e.py +101 -0
  163. apisec_ai_surface-1.0.0/tests/test_edge_cases.py +242 -0
  164. apisec_ai_surface-1.0.0/tests/test_env_keys.py +265 -0
  165. apisec_ai_surface-1.0.0/tests/test_frameworks.py +79 -0
  166. apisec_ai_surface-1.0.0/tests/test_gate.py +92 -0
  167. apisec_ai_surface-1.0.0/tests/test_golden_app.py +78 -0
  168. apisec_ai_surface-1.0.0/tests/test_llm_sdks.py +197 -0
  169. apisec_ai_surface-1.0.0/tests/test_markdown_safety.py +113 -0
  170. apisec_ai_surface-1.0.0/tests/test_mcp_audit.py +251 -0
  171. apisec_ai_surface-1.0.0/tests/test_mcp_reach.py +22 -0
  172. apisec_ai_surface-1.0.0/tests/test_mcp_servers.py +179 -0
  173. apisec_ai_surface-1.0.0/tests/test_model_gateways.py +139 -0
  174. apisec_ai_surface-1.0.0/tests/test_observability.py +165 -0
  175. apisec_ai_surface-1.0.0/tests/test_orchestrator.py +91 -0
  176. apisec_ai_surface-1.0.0/tests/test_oversight.py +105 -0
  177. apisec_ai_surface-1.0.0/tests/test_pii.py +78 -0
  178. apisec_ai_surface-1.0.0/tests/test_redos.py +70 -0
  179. apisec_ai_surface-1.0.0/tests/test_repo_scan.py +86 -0
  180. apisec_ai_surface-1.0.0/tests/test_reporters.py +370 -0
  181. apisec_ai_surface-1.0.0/tests/test_sarif.py +66 -0
  182. apisec_ai_surface-1.0.0/tests/test_ui_server.py +46 -0
  183. apisec_ai_surface-1.0.0/tests/test_vector_rag.py +98 -0
  184. apisec_ai_surface-1.0.0/tests/test_walk.py +159 -0
apisec_ai_surface-1.0.0/.github/ISSUE_TEMPLATE/bug.yml ADDED
@@ -0,0 +1,53 @@
1
+ name: Bug report
2
+ description: ai-surface crashed, produced invalid output, or behaved unexpectedly
3
+ title: "[bug] "
4
+ labels: ["bug"]
5
+ body:
6
+ - type: textarea
7
+ id: what-happened
8
+ attributes:
9
+ label: What happened
10
+ description: Describe the behavior you saw.
11
+ validations:
12
+ required: true
13
+ - type: textarea
14
+ id: what-expected
15
+ attributes:
16
+ label: What you expected
17
+ validations:
18
+ required: true
19
+ - type: textarea
20
+ id: reproduce
21
+ attributes:
22
+ label: How to reproduce
23
+ description: Steps, ideally a minimal example. Include the exact command line.
24
+ render: bash
25
+ validations:
26
+ required: true
27
+ - type: textarea
28
+ id: error-output
29
+ attributes:
30
+ label: Error output (if any)
31
+ description: Run with `-v` for verbose mode if relevant.
32
+ render: text
33
+ - type: input
34
+ id: version
35
+ attributes:
36
+ label: ai-surface version
37
+ placeholder: "v0.5.0"
38
+ validations:
39
+ required: true
40
+ - type: input
41
+ id: python-version
42
+ attributes:
43
+ label: Python version
44
+ placeholder: "3.11.5"
45
+ validations:
46
+ required: true
47
+ - type: input
48
+ id: os
49
+ attributes:
50
+ label: Operating system
51
+ placeholder: "macOS 14.5 / Ubuntu 22.04 / Windows 11"
52
+ validations:
53
+ required: true
apisec_ai_surface-1.0.0/.github/ISSUE_TEMPLATE/config.yml ADDED
@@ -0,0 +1,8 @@
1
+ blank_issues_enabled: false
2
+ contact_links:
3
+ - name: Security vulnerability
4
+ url: https://github.com/apisec-inc/AI-Surface/security/policy
5
+ about: For security issues, please follow our SECURITY.md policy rather than filing a public issue.
6
+ - name: Question or discussion
7
+ url: https://github.com/apisec-inc/AI-Surface/discussions
8
+ about: Use Discussions for open-ended questions or design conversations.
apisec_ai_surface-1.0.0/.github/ISSUE_TEMPLATE/false-negative.yml ADDED
@@ -0,0 +1,44 @@
1
+ name: False negative
2
+ description: A real AI surface exists in code that ai-surface did NOT find
3
+ title: "[missed surface] "
4
+ labels: ["false-negative"]
5
+ body:
6
+ - type: markdown
7
+ attributes:
8
+ value: |
9
+ Thanks for reporting. Coverage gaps drive a lot of our roadmap.
10
+ - type: dropdown
11
+ id: category
12
+ attributes:
13
+ label: Surface category
14
+ options:
15
+ - LLM SDK call site
16
+ - Agent framework
17
+ - MCP server
18
+ - AI provider env key
19
+ - Model gateway / AI infra
20
+ - Other (please specify in description)
21
+ validations:
22
+ required: true
23
+ - type: textarea
24
+ id: code-snippet
25
+ attributes:
26
+ label: Source code that wasn't detected
27
+ description: Paste the smallest snippet that should have produced a finding.
28
+ render: python
29
+ validations:
30
+ required: true
31
+ - type: textarea
32
+ id: expected-finding
33
+ attributes:
34
+ label: What you expected ai-surface to report
35
+ description: e.g., framework name, tool inventory, risk indicators expected.
36
+ validations:
37
+ required: true
38
+ - type: input
39
+ id: version
40
+ attributes:
41
+ label: ai-surface version
42
+ placeholder: "v0.5.0"
43
+ validations:
44
+ required: true
apisec_ai_surface-1.0.0/.github/ISSUE_TEMPLATE/false-positive.yml ADDED
@@ -0,0 +1,39 @@
1
+ name: False positive
2
+ description: ai-surface flagged something that isn't actually an AI surface
3
+ title: "[false positive] "
4
+ labels: ["false-positive"]
5
+ body:
6
+ - type: markdown
7
+ attributes:
8
+ value: |
9
+ Thanks for reporting. Minimal reproducers are gold — please include the smallest possible code snippet that causes the false flag.
10
+ - type: textarea
11
+ id: code-snippet
12
+ attributes:
13
+ label: Code that triggered the false finding
14
+ description: Paste the source code (sanitized of any actual secrets).
15
+ render: python
16
+ validations:
17
+ required: true
18
+ - type: textarea
19
+ id: ai-surface-output
20
+ attributes:
21
+ label: What ai-surface reported
22
+ description: Output of `ai-surface scan .` or relevant section. Use `--output json` if helpful.
23
+ render: text
24
+ validations:
25
+ required: true
26
+ - type: textarea
27
+ id: expected
28
+ attributes:
29
+ label: What you expected
30
+ description: Why this code shouldn't have produced a finding.
31
+ validations:
32
+ required: true
33
+ - type: input
34
+ id: version
35
+ attributes:
36
+ label: ai-surface version
37
+ placeholder: "v0.5.0"
38
+ validations:
39
+ required: true
apisec_ai_surface-1.0.0/.github/ISSUE_TEMPLATE/feature-request.yml ADDED
@@ -0,0 +1,23 @@
1
+ name: Feature request
2
+ description: Suggest a new detector, output format, or capability
3
+ title: "[feature] "
4
+ labels: ["enhancement"]
5
+ body:
6
+ - type: textarea
7
+ id: what
8
+ attributes:
9
+ label: What you want
10
+ description: Describe the capability or change.
11
+ validations:
12
+ required: true
13
+ - type: textarea
14
+ id: why
15
+ attributes:
16
+ label: Why it matters
17
+ description: What use case does this unlock? What pain does it remove?
18
+ validations:
19
+ required: true
20
+ - type: textarea
21
+ id: alternatives
22
+ attributes:
23
+ label: Workarounds you tried (if any)