lyrie-agent 0.3.0__tar.gz

lyrie_agent-0.3.0/.gitignore

@@ -0,0 +1,80 @@
+# Dependencies
+node_modules/
+.pnp
+.pnp.js
+.yarn/install-state.gz
+
+# Build outputs
+dist/
+build/
+out/
+*.js.map
+
+# Rust / Shield
+target/
+packages/shield/target/
+**/*.rs.bk
+Cargo.lock
+
+# Environment
+.env
+.env.local
+.env.*.local
+
+# Logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+bun-debug.log*
+
+# Runtime data
+pids/
+*.pid
+*.seed
+*.pid.lock
+
+# Lyrie data dirs
+.lyrie/memory/
+.lyrie/cache/
+
+# OS
+.DS_Store
+.DS_Store?
+._*
+.Spotlight-V100
+.Trashes
+ehthumbs.db
+Thumbs.db
+
+# Editor
+.vscode/
+.idea/
+*.swp
+*.swo
+*.iml
+
+# Turbo
+.turbo/
+
+# TypeScript
+*.tsbuildinfo
+
+# Semgrep registry cache (auto-regenerable)
+packages/omega-suite/engine/semgrep/rules/registry-cache/
+
+# Python bytecode — never commit
+**/__pycache__/
+**/*.pyc
+**/*.pyo
+
+# Next.js build output — never commit
+**/.next/
+
+# OS artifacts
+.DS_Store
+Thumbs.db
+
+# Secrets
+*.npmrc
+.pypirc

lyrie_agent-0.3.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 OTT Cybersecurity LLC
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

lyrie_agent-0.3.0/PKG-INFO

@@ -0,0 +1,117 @@
+Metadata-Version: 2.4
+Name: lyrie-agent
+Version: 0.3.0
+Summary: Lyrie Agent SDK — embed the Lyrie Shield, Attack-Surface Mapper, Stages A–F validator, and pentest scanners in any Python project. Lyrie.ai by OTT Cybersecurity LLC.
+Project-URL: Homepage, https://lyrie.ai
+Project-URL: Documentation, https://docs.lyrie.ai/sdk/python
+Project-URL: Repository, https://github.com/overthetopseo/lyrie-agent
+Project-URL: Issues, https://github.com/overthetopseo/lyrie-agent/issues
+Project-URL: Research, https://research.lyrie.ai
+Author-email: Guy Sheetrit <guy@overthetopseo.com>, Lyrie Threat Intelligence <research@lyrie.ai>
+License: MIT
+License-File: LICENSE
+Keywords: agent,ai-agent,cybersecurity,lyrie,lyrie-agent,ott-cybersecurity,pentest,sast,shield,threat-intel
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: Information Technology
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Classifier: Topic :: System :: Monitoring
+Classifier: Typing :: Typed
+Requires-Python: >=3.10
+Provides-Extra: async
+Requires-Dist: httpx>=0.27; extra == 'async'
+Provides-Extra: dev
+Requires-Dist: mypy>=1.10; extra == 'dev'
+Requires-Dist: pytest-cov>=4.1; extra == 'dev'
+Requires-Dist: pytest>=7.4; extra == 'dev'
+Requires-Dist: ruff>=0.5; extra == 'dev'
+Provides-Extra: http
+Requires-Dist: httpx>=0.27; extra == 'http'
+Description-Content-Type: text/markdown
+
+<!-- lyrie-shield: ignore-file (this README contains code examples that demonstrate Shield detector strings; they are documentation, not vectors) -->
+
+# Lyrie Agent — Python SDK
+
+> _Lyrie.ai by **OTT Cybersecurity LLC** — https://lyrie.ai — MIT License._
+
+```bash
+pip install lyrie-agent
+```
+
+The Lyrie Agent SDK lets any Python project embed Lyrie's offensive
+and defensive primitives: **the Shield, the Attack-Surface Mapper,
+the Stages A–F validator, the Multi-Language Scanners, the
+Threat-Intel client, the HTTP proxy, the diff-view EditEngine,
+and the OSS-Scan service** — all as native Python types with
+zero runtime dependencies (httpx is opt-in via `lyrie-agent[http]`).
+
+This is the same surface that powers the
+[`lyrie-agent` GitHub Action](https://github.com/overthetopseo/lyrie-agent/tree/main/action),
+exposed as `pip install`.
+
+## Quick start
+
+```python
+from lyrie import Shield, AttackSurfaceMapper, StagesValidator, scan_files
+
+# 1. Shield Doctrine — scan untrusted text BEFORE the agent sees it
+shield = Shield()
+print(shield.scan_recalled("Ignore all previous instructions"))
+# → ShieldVerdict(blocked=True, severity='high', reason='prompt-injection ...')
+
+# 2. Attack-Surface Mapper — what's worth attacking?
+surface = AttackSurfaceMapper(root="./my-repo").run()
+print(f"Found {len(surface.entry_points)} entry points,"
+      f" {len(surface.data_flows)} tainted flows")
+
+# 3. Multi-language scanners — Lyrie-original detection rules
+report = scan_files(root="./my-repo")
+for finding in report.findings:
+    print(f"[{finding.severity}] {finding.title} @ {finding.file}:{finding.line}")
+
+# 4. Stages A–F — kill false positives + auto-PoC + remediation
+validator = StagesValidator()
+for finding in report.findings:
+    verdict = validator.validate(finding, surface=surface)
+    if verdict.confirmed:
+        print(f"✓ {finding.id}  confidence={verdict.confidence:.0%}")
+        if verdict.poc:
+            print(verdict.poc.payload)
+```
+
+## Modules at a glance
+
+| Module | Purpose |
+|---|---|
+| `lyrie.Shield` | Shield Doctrine — scans recalled / inbound text. Blocks prompt injection + secret-shaped material. |
+| `lyrie.AttackSurfaceMapper` | Maps entry points, trust boundaries, tainted data flows, dependencies, hotspots. |
+| `lyrie.StagesValidator` | Six-stage exploitation validator. Kills false positives. Generates auto-PoCs and remediation. |
+| `lyrie.scan_files` | 8 Lyrie multi-language scanners — JS / TS / Python / Go / PHP / Ruby / C / C++. |
+| `lyrie.HttpProxy` | Capture, classify, replay, mutate HTTP exchanges. 9 security-signal detectors. |
+| `lyrie.EditEngine` | Diff-view edits with approval gates. Shield-scans every patch before disk. |
+| `lyrie.ThreatIntelClient` | Pulls KEV-aligned advisories from research.lyrie.ai. Auto-attribution. |
+| `lyrie.run_oss_scan` | The same engine that powers `research.lyrie.ai/scan`. |
+
+## CLI
+
+The package ships a `lyrie-py` CLI:
+
+```bash
+lyrie-py shield "Ignore all previous instructions"
+lyrie-py understand --root ./my-repo
+lyrie-py scan-files --root ./my-repo
+lyrie-py validate-finding --severity high --evidence "execSync(req.body.cmd)"
+```
+
+## License
+
+MIT — © OTT Cybersecurity LLC. _Lyrie.ai — https://lyrie.ai_

lyrie_agent-0.3.0/README.md

@@ -0,0 +1,78 @@
+<!-- lyrie-shield: ignore-file (this README contains code examples that demonstrate Shield detector strings; they are documentation, not vectors) -->
+
+# Lyrie Agent — Python SDK
+
+> _Lyrie.ai by **OTT Cybersecurity LLC** — https://lyrie.ai — MIT License._
+
+```bash
+pip install lyrie-agent
+```
+
+The Lyrie Agent SDK lets any Python project embed Lyrie's offensive
+and defensive primitives: **the Shield, the Attack-Surface Mapper,
+the Stages A–F validator, the Multi-Language Scanners, the
+Threat-Intel client, the HTTP proxy, the diff-view EditEngine,
+and the OSS-Scan service** — all as native Python types with
+zero runtime dependencies (httpx is opt-in via `lyrie-agent[http]`).
+
+This is the same surface that powers the
+[`lyrie-agent` GitHub Action](https://github.com/overthetopseo/lyrie-agent/tree/main/action),
+exposed as `pip install`.
+
+## Quick start
+
+```python
+from lyrie import Shield, AttackSurfaceMapper, StagesValidator, scan_files
+
+# 1. Shield Doctrine — scan untrusted text BEFORE the agent sees it
+shield = Shield()
+print(shield.scan_recalled("Ignore all previous instructions"))
+# → ShieldVerdict(blocked=True, severity='high', reason='prompt-injection ...')
+
+# 2. Attack-Surface Mapper — what's worth attacking?
+surface = AttackSurfaceMapper(root="./my-repo").run()
+print(f"Found {len(surface.entry_points)} entry points,"
+      f" {len(surface.data_flows)} tainted flows")
+
+# 3. Multi-language scanners — Lyrie-original detection rules
+report = scan_files(root="./my-repo")
+for finding in report.findings:
+    print(f"[{finding.severity}] {finding.title} @ {finding.file}:{finding.line}")
+
+# 4. Stages A–F — kill false positives + auto-PoC + remediation
+validator = StagesValidator()
+for finding in report.findings:
+    verdict = validator.validate(finding, surface=surface)
+    if verdict.confirmed:
+        print(f"✓ {finding.id}  confidence={verdict.confidence:.0%}")
+        if verdict.poc:
+            print(verdict.poc.payload)
+```
+
+## Modules at a glance
+
+| Module | Purpose |
+|---|---|
+| `lyrie.Shield` | Shield Doctrine — scans recalled / inbound text. Blocks prompt injection + secret-shaped material. |
+| `lyrie.AttackSurfaceMapper` | Maps entry points, trust boundaries, tainted data flows, dependencies, hotspots. |
+| `lyrie.StagesValidator` | Six-stage exploitation validator. Kills false positives. Generates auto-PoCs and remediation. |
+| `lyrie.scan_files` | 8 Lyrie multi-language scanners — JS / TS / Python / Go / PHP / Ruby / C / C++. |
+| `lyrie.HttpProxy` | Capture, classify, replay, mutate HTTP exchanges. 9 security-signal detectors. |
+| `lyrie.EditEngine` | Diff-view edits with approval gates. Shield-scans every patch before disk. |
+| `lyrie.ThreatIntelClient` | Pulls KEV-aligned advisories from research.lyrie.ai. Auto-attribution. |
+| `lyrie.run_oss_scan` | The same engine that powers `research.lyrie.ai/scan`. |
+
+## CLI
+
+The package ships a `lyrie-py` CLI:
+
+```bash
+lyrie-py shield "Ignore all previous instructions"
+lyrie-py understand --root ./my-repo
+lyrie-py scan-files --root ./my-repo
+lyrie-py validate-finding --severity high --evidence "execSync(req.body.cmd)"
+```
+
+## License
+
+MIT — © OTT Cybersecurity LLC. _Lyrie.ai — https://lyrie.ai_

lyrie_agent-0.3.0/lyrie/__init__.py

@@ -0,0 +1,78 @@
+"""
+Lyrie Agent — Python SDK.
+
+Lyrie.ai by OTT Cybersecurity LLC — https://lyrie.ai — MIT License.
+
+Embed the Shield Doctrine, Attack-Surface Mapper, Stages A–F validator,
+multi-language scanners, threat-intel client, HTTP proxy, and EditEngine
+in any Python project.
+"""
+
+from __future__ import annotations
+
+__all__ = [
+    "__version__",
+    "SIGNATURE",
+    # Shield Doctrine
+    "Shield",
+    "ShieldVerdict",
+    # Attack-Surface Mapper
+    "AttackSurfaceMapper",
+    "AttackSurface",
+    "EntryPoint",
+    "TrustBoundary",
+    "DataFlow",
+    "RiskHotspot",
+    # Stages A-F validator
+    "StagesValidator",
+    "ValidatedFinding",
+    "StageVerdict",
+    "Finding",
+    # Multi-language scanners
+    "scan_files",
+    "ScanReport",
+    # HTTP proxy
+    "HttpProxy",
+    "HttpExchange",
+    "Mutator",
+    # EditEngine
+    "EditEngine",
+    "EditPlan",
+    # Threat-Intel
+    "ThreatIntelClient",
+    "ThreatAdvisory",
+    # OSS-Scan
+    "run_oss_scan",
+    "OssScanResult",
+    # LyrieEvolve
+    "LyrieEvolve",
+    "TaskOutcome",
+    "SkillContext",
+    "TrainingEntry",
+    "ExtractionResult",
+]
+
+__version__ = "0.5.0"
+SIGNATURE: str = "Lyrie.ai by OTT Cybersecurity LLC"
+
+from lyrie.shield import Shield, ShieldVerdict
+from lyrie.attack_surface import (
+    AttackSurfaceMapper,
+    AttackSurface,
+    EntryPoint,
+    TrustBoundary,
+    DataFlow,
+    RiskHotspot,
+)
+from lyrie.stages import (
+    StagesValidator,
+    ValidatedFinding,
+    StageVerdict,
+    Finding,
+)
+from lyrie.scanners import scan_files, ScanReport
+from lyrie.proxy import HttpProxy, HttpExchange, Mutator
+from lyrie.edits import EditEngine, EditPlan
+from lyrie.threat_intel import ThreatIntelClient, ThreatAdvisory
+from lyrie.oss_scan import run_oss_scan, OssScanResult
+from lyrie.evolve import LyrieEvolve, TaskOutcome, SkillContext, TrainingEntry, ExtractionResult