Skip to main content

Anti-vibe coding and security agent

Project description

AntiShlop Security Agent

AI-powered security agent for code files.

Installation

pip install antishlop-cli

Setup

Set your OpenAI API key:

# Option 1: Environment variable
export OPENAI_API_KEY=your_api_key_here

# Option 2: .env file
echo "OPENAI_API_KEY=your_api_key_here" > .env

# Option 3: Interactive setup (will prompt automatically)
antishlop path/to/file.py

Usage

# Analyze a single file
antishlop file.py

# Analyze a directory
antishlop /path/to/project

# Save detailed report to JSON
antishlop file.py -o report.json

# Quiet mode (minimal output)
antishlop file.py -q

What It Does

  • Detects 200+ security vulnerability patterns across 23 analyzer categories
  • Uses GPT-4.1 with specialized security analysis tools
  • Shows real-time token usage during analysis
  • Supports file-by-file or directory analysis
  • Automatic deeper analysis when issues are found
  • Vector database context from your entire codebase
  • Documentation recommendations with potential fixes (not guaranteed)

Supported Languages

Python • JavaScript • TypeScript • Java • Go • Ruby • PHP • C/C++ • C# • Rust • Swift • Kotlin • Scala

Features

Core Security Analyzers (15)

  • OWASP Top 10 - Injection flaws, broken access control, misconfigurations
  • Secrets Detection - API keys, passwords, tokens, certificates
  • Dependency Scanning - Known CVEs, supply chain attacks
  • Authentication - Auth bypass, privilege escalation, JWT flaws
  • Input Validation - SQL injection, XSS, command injection
  • Cryptography - Weak algorithms, key management issues
  • Data Security - PII exposure, encryption gaps
  • Configuration - Security headers, CORS, CSP issues
  • Business Logic - Race conditions, workflow bypasses
  • Error Handling - Stack traces, debug info leaks
  • Code Quality - Dead code with secrets, commented credentials
  • Infrastructure - Docker, K8s, cloud misconfigurations
  • API Security - Rate limiting, endpoint enumeration
  • Filesystem - Path traversal, permission issues
  • Concurrency - Race conditions, deadlocks

Advanced Security Analyzers (8) - NEW in v1.1.0

  • Speculative Execution - Spectre, Meltdown, cache timing attacks
  • Quantum-Safe Crypto - Post-quantum readiness, PQC migration
  • AI/ML Security - Prompt injection, model attacks, LLM vulnerabilities
  • Supply Chain - Dependency confusion, build pipeline security
  • Cloud Misconfig - IAM permissions, S3 buckets, secrets in cloud
  • TOCTTOU - Advanced race conditions, atomicity violations
  • IoT/Firmware - Unsigned firmware, embedded credentials
  • Business Logic Abuse - Financial exploits, transaction abuse

UI & Reporting

  • Interactive Setup: Automatically prompts for API key if not found
  • Beautiful UI: Animated progress, colored output, professional styling
  • Graceful Exit: Ctrl+C exits cleanly without error messages
  • Context Aware: Uses vector database to understand code relationships
  • JSON Export: Machine-readable reports for CI/CD integration
  • Documentation Links: Provides potential fixes and resources (not guaranteed)

Requirements

  • Python 3.8+
  • OpenAI API key

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

antishlop_cli-1.1.1.tar.gz (34.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

antishlop_cli-1.1.1-py3-none-any.whl (36.2 kB view details)

Uploaded Python 3

File details

Details for the file antishlop_cli-1.1.1.tar.gz.

File metadata

  • Download URL: antishlop_cli-1.1.1.tar.gz
  • Upload date:
  • Size: 34.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.12.11

File hashes

Hashes for antishlop_cli-1.1.1.tar.gz
Algorithm Hash digest
SHA256 aaeee1c0dbf99600a6f7fa60371d4537683de56c5a592c0faebc1fd27a732917
MD5 ce8a69dc2406a34bf42baf52e8f55e15
BLAKE2b-256 5e626bbf553582e2d7d4a6dfcfaa5057e5e7026ef7947a0450f99ce601eb816d

See more details on using hashes here.

File details

Details for the file antishlop_cli-1.1.1-py3-none-any.whl.

File metadata

  • Download URL: antishlop_cli-1.1.1-py3-none-any.whl
  • Upload date:
  • Size: 36.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.12.11

File hashes

Hashes for antishlop_cli-1.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 824fc186d22973c0489d1467bddfd645d1f123935e1ce3896fdd1a7c86701f35
MD5 dc97c31c100927dc5e77556d04c1864c
BLAKE2b-256 114aa7c2312817d5b10ef532a0b40cba28b8c5022fab84110885eece26859530

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page