Security scanner for AI agent dependencies. One command to know if your AI stack is safe.
Project description
agent-security
Know if your AI dependencies are safe. One command.
pip install agent-security
agent-security scan requirements.txt
Scans all your AI agent dependencies against Nerq's trust database of 204,000+ agents. Checks for CVEs, license issues, maintenance status, and overall trust score.
Output
agent-security scan: requirements.txt
Scanned 12 dependencies
OK langchain: Trust 88 (A), MIT
OK openai: Trust 91 (A+), MIT
!! some-agent: Trust 48 (C), 1 CVE(s), no license
!! risky-tool: Trust 29 (D), 2 CVE(s), AGPL
Summary: 10 trusted, 1 warning(s), 1 critical
Run 'agent-security fix requirements.txt' for improvement recommendations.
Commands
scan
agent-security scan requirements.txt
agent-security scan package.json
agent-security scan pyproject.toml
agent-security scan requirements.txt --ci # exits 1 if critical issues
fix
agent-security fix requirements.txt
Shows specific recommendations for each problematic dependency:
- Alternative packages with higher trust scores
- CVE details and update suggestions
check
agent-security check langchain
agent-security check auto-gpt
Check trust for a single package.
badge
agent-security badge my-project
Generates markdown for a Nerq trust badge to add to your README.
ci
agent-security ci
Outputs a ready-to-use GitHub Action YAML for automated trust checking on every PR.
Supported files
requirements.txt— Python dependenciespackage.json— Node.js dependenciespyproject.toml— Python project dependencies
How it works
agent-security calls the Nerq API for each dependency. Every package is scored on:
- Security — Known CVEs and vulnerability history
- Maintenance — Update frequency, issue response time
- Popularity — Stars, downloads, community size
- License — SPDX compliance, commercial friendliness
- Ecosystem — Framework compatibility, integration quality
No API key required. Free to use.
CI Integration
Add to .github/workflows/trust-check.yml:
name: Agent Security Check
on: [push, pull_request]
jobs:
trust-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: '3.11'
- run: pip install agent-security
- run: agent-security scan requirements.txt --ci
License
MIT
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file agent_security-1.0.0.tar.gz.
File metadata
- Download URL: agent_security-1.0.0.tar.gz
- Upload date:
- Size: 6.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f91e695ca929fcefd7323477d95de4afb0262be6c0185c8b05ed093105e12aca
|
|
| MD5 |
7445bc06e97a728c9c1e76ed993991c3
|
|
| BLAKE2b-256 |
9b8e199fc87995fd9823337a5f488d724af4561611a90f7291d1ea6163d432bf
|
File details
Details for the file agent_security-1.0.0-py3-none-any.whl.
File metadata
- Download URL: agent_security-1.0.0-py3-none-any.whl
- Upload date:
- Size: 8.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9365c80b325c42e38dcb30a62956328d9ff238af9a0a8f8e14dc02530e8feea6
|
|
| MD5 |
204807ad4063e4086909ec3d3c7b7beb
|
|
| BLAKE2b-256 |
e4da3036eb7af9b36ccd67a24a7e6b69caecd905a7b622196f6f50338ea6038d
|
