intercept-agent 0.2.0__tar.gz

intercept_agent-0.2.0/.gitignore

@@ -0,0 +1,250 @@
+# Custom
+.idea/
+.claude/
+.playwright-mcp/
+
+# Redis dump files
+*.rdb
+
+# UV lock file (each service manages its own dependencies)
+uv.lock
+
+# Local data directories (SQLite databases, cloned repos, reports, etc.)
+**/data/*.db
+**/data/*.db-journal
+**/data/*.db-wal
+**/data/*.db-shm
+**/data/clones/
+**/data/reports/
+
+# Playwright
+playwright-report/
+test-results/
+**/e2e/screenshots/*.png
+
+# Node.js / Next.js
+node_modules/
+.pnp
+.pnp.*
+.yarn/*
+!.yarn/patches
+!.yarn/plugins
+!.yarn/releases
+!.yarn/versions
+.next/
+out/
+*.tsbuildinfo
+next-env.d.ts
+.vercel
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+.pnpm-debug.log*
+
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[codz]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+/lib/
+/lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py.cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+#   For a library or package, you might want to ignore these files since the code is
+#   intended to run in multiple environments; otherwise, check them in:
+# .python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# UV
+#   Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#uv.lock
+
+# poetry
+#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
+#poetry.lock
+#poetry.toml
+
+# pdm
+#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
+#   pdm recommends including project-wide configuration in pdm.toml, but excluding .pdm-python.
+#   https://pdm-project.org/en/latest/usage/project/#working-with-version-control
+#pdm.lock
+#pdm.toml
+.pdm-python
+.pdm-build/
+
+# pixi
+#   Similar to Pipfile.lock, it is generally recommended to include pixi.lock in version control.
+#pixi.lock
+#   Pixi creates a virtual environment in the .pixi directory, just like venv module creates one
+#   in the .venv directory. It is recommended not to include this directory in version control.
+.pixi
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.envrc
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/
+
+# PyCharm
+#  JetBrains specific template is maintained in a separate JetBrains.gitignore that can
+#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
+#  and can be added to the global gitignore or merged into this file.  For a more nuclear
+#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
+#.idea/
+
+# Abstra
+# Abstra is an AI-powered process automation framework.
+# Ignore directories containing user credentials, local state, and settings.
+# Learn more at https://abstra.io/docs
+.abstra/
+
+# Visual Studio Code
+#  Visual Studio Code specific template is maintained in a separate VisualStudioCode.gitignore 
+#  that can be found at https://github.com/github/gitignore/blob/main/Global/VisualStudioCode.gitignore
+#  and can be added to the global gitignore or merged into this file. However, if you prefer, 
+#  you could uncomment the following to ignore the entire vscode folder
+# .vscode/
+
+# Ruff stuff:
+.ruff_cache/
+
+# PyPI configuration file
+.pypirc
+
+# Cursor
+#  Cursor is an AI-powered code editor. `.cursorignore` specifies files/directories to
+#  exclude from AI features like autocomplete and code analysis. Recommended for sensitive data
+#  refer to https://docs.cursor.com/context/ignore-files
+.cursorignore
+.cursorindexingignore
+
+# Marimo
+marimo/_static/
+marimo/_lsp/
+__marimo__/

intercept_agent-0.2.0/PKG-INFO

@@ -0,0 +1,9 @@
+Metadata-Version: 2.4
+Name: intercept-agent
+Version: 0.2.0
+Summary: Intercept Developer Posture Agent - collects developer environment data
+Requires-Python: >=3.12
+Requires-Dist: click>=8.1.0
+Requires-Dist: httpx>=0.28.0
+Requires-Dist: pydantic>=2.10.0
+Requires-Dist: pyyaml>=6.0.0

intercept_agent-0.2.0/VERSION

@@ -0,0 +1 @@
+0.2.0

intercept_agent-0.2.0/config/dev-docker.yaml

@@ -0,0 +1,21 @@
+app:
+  name: "Intercept Posture Agent"
+  debug: true
+  log_level: "INFO"
+
+api:
+  url: "http://api:8000"
+  timeout: 30
+  retries: 3
+
+collectors:
+  machine: true
+  ides: true
+  extensions: true
+  ai_tools: true
+  dev_tools: true
+  security: true
+  package_managers: true
+
+schedule:
+  interval_seconds: 3600

intercept_agent-0.2.0/config/dev-local.yaml

@@ -0,0 +1,21 @@
+app:
+  name: "Intercept Posture Agent"
+  debug: true
+  log_level: "DEBUG"
+
+api:
+  url: "http://localhost:8000"
+  timeout: 30
+  retries: 3
+
+collectors:
+  machine: true
+  ides: true
+  extensions: true
+  ai_tools: true
+  dev_tools: true
+  security: true
+  package_managers: true
+
+schedule:
+  interval_seconds: 3600

intercept_agent-0.2.0/config/prod.yaml

@@ -0,0 +1,21 @@
+app:
+  name: "Intercept Posture Agent"
+  debug: false
+  log_level: "WARNING"
+
+api:
+  url: "http://api:8000"
+  timeout: 30
+  retries: 3
+
+collectors:
+  machine: true
+  ides: true
+  extensions: true
+  ai_tools: true
+  dev_tools: true
+  security: true
+  package_managers: true
+
+schedule:
+  interval_seconds: 3600

intercept_agent-0.2.0/config/test.yaml

@@ -0,0 +1,21 @@
+app:
+  name: "Intercept Posture Agent"
+  debug: false
+  log_level: "INFO"
+
+api:
+  url: "hhttps://intercept.test.hijacksecurity.com"
+  timeout: 10
+  retries: 1
+
+collectors:
+  machine: true
+  ides: true
+  extensions: true
+  ai_tools: true
+  dev_tools: true
+  security: true
+  package_managers: true
+
+schedule:
+  interval_seconds: 3600

intercept_agent-0.2.0/posture_agent/collectors/ai_tools.py

@@ -0,0 +1,79 @@
+"""AI tools collector."""
+
+from posture_agent.collectors.base import BaseCollector, CollectorResult
+from posture_agent.utils.shell import check_version, run_command
+
+
+# Known AI extension IDs across editors
+AI_EXTENSIONS = {
+    "github.copilot",
+    "github.copilot-chat",
+    "sourcegraph.cody-ai",
+    "continue.continue",
+    "amazonwebservices.amazon-q-vscode",
+    "saoudrizwan.claude-dev",
+    "cursor.cursor-ai",
+}
+
+# CLI-based AI tools: (name, binary, version_flag)
+AI_CLI_TOOLS = [
+    ("Claude Code", "claude", "--version"),
+    ("GitHub Copilot CLI", "github-copilot-cli", "--version"),
+    ("Aider", "aider", "--version"),
+    ("Open Interpreter", "interpreter", "--version"),
+]
+
+
+class AIToolsCollector(BaseCollector):
+    """Collects AI coding tool information."""
+
+    name = "ai_tools"
+
+    async def collect(self) -> CollectorResult:
+        errors: list[str] = []
+        ai_tools: list[dict[str, str]] = []
+
+        # Check CLI tools
+        for name, binary, version_flag in AI_CLI_TOOLS:
+            try:
+                which_result = await run_command("which", binary)
+                if which_result and which_result.strip():
+                    version = await check_version(binary, version_flag) or ""
+                    ai_tools.append({
+                        "name": name,
+                        "type": "cli",
+                        "binary": binary,
+                        "version": version,
+                    })
+            except Exception as e:
+                errors.append(f"{name}: {e}")
+
+        # Check VS Code/Cursor extensions for AI tools
+        for binary in ("code", "cursor"):
+            try:
+                which_result = await run_command("which", binary)
+                if not which_result or not which_result.strip():
+                    continue
+
+                result = await run_command(binary, "--list-extensions")
+                if not result:
+                    continue
+
+                installed_exts = {ext.strip().lower() for ext in result.strip().split("\n") if ext.strip()}
+                for ai_ext_id in AI_EXTENSIONS:
+                    if ai_ext_id.lower() in installed_exts:
+                        editor = "VS Code" if binary == "code" else "Cursor"
+                        ai_tools.append({
+                            "name": ai_ext_id,
+                            "type": "extension",
+                            "editor": editor,
+                            "version": "",
+                        })
+            except Exception as e:
+                errors.append(f"AI extensions ({binary}): {e}")
+
+        return CollectorResult(
+            collector=self.name,
+            data=ai_tools,
+            errors=errors,
+        )

intercept_agent-0.2.0/posture_agent/collectors/base.py

@@ -0,0 +1,24 @@
+"""Base collector interface."""
+
+from abc import ABC, abstractmethod
+from typing import Any
+
+from pydantic import BaseModel
+
+
+class CollectorResult(BaseModel):
+    """Result from a collector."""
+    collector: str
+    data: Any
+    errors: list[str] = []
+
+
+class BaseCollector(ABC):
+    """Base class for all collectors."""
+
+    name: str = "base"
+
+    @abstractmethod
+    async def collect(self) -> CollectorResult:
+        """Collect data and return a result."""
+        ...

intercept_agent-0.2.0/posture_agent/collectors/dev_tools.py

@@ -0,0 +1,59 @@
+"""Developer tools collector."""
+
+import os
+
+from posture_agent.collectors.base import BaseCollector, CollectorResult
+from posture_agent.utils.shell import check_version, run_command
+
+
+# Tool definitions: (name, binary, version_flag)
+DEV_TOOL_DEFINITIONS = [
+    ("Git", "git", "--version"),
+    ("Docker", "docker", "--version"),
+    ("Node.js", "node", "--version"),
+    ("Python", "python3", "--version"),
+    ("Go", "go", "version"),
+    ("Rust", "rustc", "--version"),
+    ("Ruby", "ruby", "--version"),
+    ("Java", "java", "--version"),
+    ("Swift", "swift", "--version"),
+    ("Make", "make", "--version"),
+    ("CMake", "cmake", "--version"),
+    ("Terraform", "terraform", "--version"),
+    ("kubectl", "kubectl", "version --client"),
+    ("Helm", "helm", "version --short"),
+    ("AWS CLI", "aws", "--version"),
+    ("gcloud", "gcloud", "--version"),
+    ("Azure CLI", "az", "--version"),
+]
+
+
+class DevToolsCollector(BaseCollector):
+    """Collects installed developer tools."""
+
+    name = "dev_tools"
+
+    async def collect(self) -> CollectorResult:
+        errors: list[str] = []
+        tools: list[dict[str, str]] = []
+
+        for name, binary, version_flag in DEV_TOOL_DEFINITIONS:
+            try:
+                which_result = await run_command("which", binary)
+                if which_result and which_result.strip():
+                    version = await check_version(binary, version_flag) or ""
+                    path = os.path.realpath(which_result.strip())
+                    tools.append({
+                        "name": name,
+                        "binary": binary,
+                        "version": version,
+                        "path": path,
+                    })
+            except Exception as e:
+                errors.append(f"{name}: {e}")
+
+        return CollectorResult(
+            collector=self.name,
+            data=tools,
+            errors=errors,
+        )

intercept_agent-0.2.0/posture_agent/collectors/extensions.py

@@ -0,0 +1,144 @@
+"""IDE extension collector."""
+
+import json
+import re
+import zipfile
+from pathlib import Path
+
+from posture_agent.collectors.base import BaseCollector, CollectorResult
+from posture_agent.utils.shell import run_command
+
+# Map binary name to extensions directory
+_EXT_DIRS = {
+    "code": Path.home() / ".vscode" / "extensions",
+    "cursor": Path.home() / ".cursor" / "extensions",
+}
+
+
+class ExtensionCollector(BaseCollector):
+    """Collects IDE extension information."""
+
+    name = "extensions"
+
+    async def collect(self) -> CollectorResult:
+        errors: list[str] = []
+        extensions: dict[str, list[dict[str, str]]] = {}
+
+        # VS Code extensions
+        try:
+            vscode_exts = await self._collect_vscode_extensions("code")
+            if vscode_exts:
+                extensions["vscode"] = vscode_exts
+        except Exception as e:
+            errors.append(f"VS Code extensions: {e}")
+
+        # Cursor extensions
+        try:
+            cursor_exts = await self._collect_vscode_extensions("cursor")
+            if cursor_exts:
+                extensions["cursor"] = cursor_exts
+        except Exception as e:
+            errors.append(f"Cursor extensions: {e}")
+
+        # JetBrains plugins
+        try:
+            jetbrains_plugins = await self._collect_jetbrains_plugins()
+            if jetbrains_plugins:
+                extensions["jetbrains"] = jetbrains_plugins
+        except Exception as e:
+            errors.append(f"JetBrains plugins: {e}")
+
+        return CollectorResult(
+            collector=self.name,
+            data=extensions,
+            errors=errors,
+        )
+
+    async def _collect_vscode_extensions(self, binary: str) -> list[dict[str, str]]:
+        """Collect extensions for VS Code or Cursor via CLI or filesystem."""
+        # Try CLI first
+        which_result = await run_command("which", binary)
+        if which_result and which_result.strip():
+            result = await run_command(binary, "--list-extensions", "--show-versions")
+            if result:
+                exts = []
+                for line in result.strip().split("\n"):
+                    line = line.strip()
+                    if not line:
+                        continue
+                    if "@" in line:
+                        ext_id, version = line.rsplit("@", 1)
+                        exts.append({"id": ext_id, "version": version})
+                    else:
+                        exts.append({"id": line, "version": ""})
+                return exts
+
+        # Fall back to reading extensions directory
+        ext_dir = _EXT_DIRS.get(binary)
+        if not ext_dir or not ext_dir.exists():
+            return []
+
+        exts = []
+        for entry in ext_dir.iterdir():
+            if not entry.is_dir():
+                continue
+            pkg_json = entry / "package.json"
+            if not pkg_json.exists():
+                continue
+            try:
+                data = json.loads(pkg_json.read_text(encoding="utf-8", errors="replace"))
+                publisher = data.get("publisher", "")
+                name = data.get("name", "")
+                version = data.get("version", "")
+                if publisher and name:
+                    exts.append({"id": f"{publisher}.{name}", "version": version})
+            except (json.JSONDecodeError, OSError):
+                continue
+        # Deduplicate (multiple versions may be installed)
+        seen: dict[str, str] = {}
+        for ext in exts:
+            ext_id = ext["id"].lower()
+            if ext_id not in seen or ext["version"] > seen[ext_id]:
+                seen[ext_id] = ext["version"]
+        return [{"id": ext_id, "version": ver} for ext_id, ver in sorted(seen.items())]
+
+    async def _collect_jetbrains_plugins(self) -> list[dict[str, str]]:
+        """Collect JetBrains IDE plugins from filesystem."""
+        plugins: list[dict[str, str]] = []
+        jetbrains_dir = Path.home() / "Library" / "Application Support" / "JetBrains"
+        if not jetbrains_dir.exists():
+            return plugins
+
+        for ide_dir in jetbrains_dir.iterdir():
+            if not ide_dir.is_dir():
+                continue
+            plugins_dir = ide_dir / "plugins"
+            if plugins_dir.exists():
+                for plugin_dir in plugins_dir.iterdir():
+                    if plugin_dir.is_dir():
+                        version = self._get_jetbrains_plugin_version(plugin_dir)
+                        plugins.append({
+                            "id": plugin_dir.name,
+                            "ide": ide_dir.name,
+                            "version": version,
+                        })
+        return plugins
+
+    def _get_jetbrains_plugin_version(self, plugin_dir: Path) -> str:
+        """Extract version from a JetBrains plugin's JAR META-INF/plugin.xml."""
+        lib_dir = plugin_dir / "lib"
+        if not lib_dir.exists():
+            return ""
+
+        for jar_path in lib_dir.glob("*.jar"):
+            try:
+                with zipfile.ZipFile(jar_path) as zf:
+                    if "META-INF/plugin.xml" not in zf.namelist():
+                        continue
+                    plugin_xml = zf.read("META-INF/plugin.xml").decode("utf-8", errors="replace")
+                    match = re.search(r"<version>([^<]+)</version>", plugin_xml)
+                    if match:
+                        return match.group(1)
+            except (zipfile.BadZipFile, OSError, KeyError):
+                continue
+        return ""