An open-source AI Security Engineer: maps your application, finds vulnerabilities, explains them, and proposes verified fixes.
Project description
Argus
An open-source AI Security Engineer. Point it at a codebase or a running application; it maps the system, runs layered security analysis, explains every finding the way a senior application-security engineer would, and — where possible — proposes and verifies a fix.
Argus is not just another scanner that prints a list. For each finding it tells you why it is a vulnerability, how an attacker would exploit it, the business impact, the likelihood and severity, the CWE/OWASP mapping, and concrete remediation — and it can generate a patch and check that the patch closes the issue.
Status: early alpha. The architecture and core pipeline are in place with a working CLI, five built-in scanners, a multi-provider AI layer, and five report formats. See the roadmap.
Highlights
- Understands the project first. Detects languages and frameworks and builds an architecture map — APIs, auth flows, datastores, third-party services, cloud, containers, CI/CD, and dependency manifests — before scanning.
- Layered analysis. Secret detection, dependency vulnerabilities — including
transitive dependencies from lock files across PyPI (
poetry.lock,Pipfile.lock), npm (package-lock.json,yarn.lock), Go (go.mod), Rust (Cargo.lock), Ruby (Gemfile.lock), and PHP (composer.lock), checked against the live OSV database — static code analysis (SAST), and infrastructure-as-code checks out of the box, extensible via plugins. - CI-native. Deterministic, reproducible output; baseline / diff-aware scanning so pull requests are gated only on newly introduced findings.
- Findings that teach. Every finding carries reasoning, taxonomy mappings, and remediation — not just a line number.
- Attack Simulation Mode. Instead of "this is vulnerable", Argus produces a safe, isolated walkthrough: how the flaw is discovered, a step-by-step (non-weaponized) exploit, the data at risk, the business impact, and how the fix blocks the attack — with a before/after comparison.
- Bring your own model. Offline heuristic provider by default (no key, no network); Anthropic and OpenAI for cloud models; Ollama for fully local models so source never leaves your environment.
- Plugin-based throughout. Scanners, reporters, and AI providers are plugins. Add a language or a report format without touching the core.
- CI-ready output. JSON, SARIF (GitHub Code Scanning), Markdown, HTML, and CSV.
Install
# From PyPI
pip install argus-appsec
# With cloud model support
pip install "argus-appsec[anthropic,openai]"
# With the AST data-flow tier (deeper Python taint analysis, via tree-sitter)
pip install "argus-appsec[ast]"
From source (for development):
git clone https://github.com/hasipfaruk/Argus
cd Argus
pip install -e ".[dev]"
Requires Python 3.10+. The command installed is argus.
Quick start
# Scan a local project and print a table
argus scan ./my-app
# Turn on the flagship features and write an HTML report
argus scan ./my-app --attack-sim --patches -f html -o report.html
# Scan a remote repository (shallow-cloned to a temp dir, then cleaned up)
argus scan https://github.com/org/repo
# Apply Argus's verified fixes to a branch and open a pull request
argus fix ./my-app --open-pr
# Use a local model so code stays on your machine
argus scan ./my-app --ai-provider ollama --ai-model llama3.1
# Machine-readable output for CI, failing the build on High+
argus scan ./my-app -f sarif -o results.sarif --fail-on high
Explore what's available:
argus scanners # list scanners
argus reporters # list report formats
argus providers # list AI providers and whether each is usable right now
argus init # write a starter .argus.yml
How it works
target ──▶ resolve ──▶ analyze ──▶ scan ──▶ enrich (agents) ──▶ report
(path/git/ (languages, (secrets, (reasoning, (json, sarif,
url) frameworks, deps, attack sim, markdown,
architecture) sast, iac) patches) html, csv)
The engine is synchronous and side-effect free apart from reading the target: it
returns a ScanResult and writes nothing. Reporting and any PR creation are
separate, explicit steps. See docs/architecture.md.
Configuration
Drop a .argus.yml in your project root (generate one with argus init):
min_severity: low
fail_on: high
attack_simulation: true
generate_patches: true
ai:
provider: ollama # heuristic | anthropic | openai | ollama
model: llama3.1
scanner_options:
secrets:
entropy_threshold: 4.2
Full reference: docs/configuration.md.
Extending Argus
Everything is a plugin. A minimal scanner:
from argus.core.plugin import Scanner, ScannerContext, scanner
from argus.core.models import Finding, Location, Severity
@scanner
class HelloScanner(Scanner):
name = "hello"
category = "example"
description = "Flags TODO comments as a demo."
def scan(self, ctx: ScannerContext):
for f in ctx.project.files():
for i, line in enumerate(f.lines(), 1):
if "TODO" in line:
yield Finding(
id=f"hello:todo:{i}", rule_id="hello.todo", scanner=self.name,
title="TODO left in code", description="A TODO marker.",
location=Location(path=f.rel_path, start_line=i),
severity=Severity.INFO,
)
Register it via the argus.plugins entry point in your package and it is picked
up automatically. Full guide: docs/plugins.md.
AI providers and data handling
| Provider | Location | Source leaves your machine? | Needs |
|---|---|---|---|
heuristic |
local | no | nothing (default) |
ollama |
local | no | a running Ollama server |
anthropic |
cloud | yes | ANTHROPIC_API_KEY + [anthropic] extra |
openai |
cloud | yes | OPENAI_API_KEY + [openai] extra |
If a requested provider is unavailable, Argus warns and falls back to heuristic
so a scan always completes.
Fixing, not just finding
argus fix closes the loop: it scans a repository, applies the fixes it can
verify locally to a fresh branch, commits them, and (with --open-pr) opens a
pull request.
argus fix ./my-app --dry-run # preview the changes, write nothing
argus fix ./my-app # apply fixes to a branch and commit locally
argus fix ./my-app --open-pr # also push and open a PR (needs GITHUB_TOKEN)
Only deterministic, self-verified fixes are applied by default (e.g. unsafe
yaml.load → yaml.safe_load, weak hashes → SHA-256, shell=True removal,
debug=True → debug=False). See docs/fixing.md.
Roadmap
Implemented: project analysis, secrets/dependency/SAST/IaC scanners, live OSV
vulnerability data, multi-provider AI enrichment, Attack Simulation Mode,
deterministic patch generation with self-verification, automated fix branches
and pull requests (argus fix), baseline / diff-aware scanning, and
JSON/SARIF/Markdown/HTML/CSV reporting.
In progress: AST-based data-flow scanning — a tree-sitter taint analyzer for
Python ships today (pip install "argus-appsec[ast]"); more languages next.
Planned: dynamic analysis (DAST) for deployed URLs, the web dashboard (trends, timelines, collaboration), and richer compliance rule packs.
Known limitations
Argus is an early-stage tool and honest about what it does not yet do — a security scanner you can't trust is worse than none:
- Static analysis only. It reads code; it does not run your app or test a live URL (no DAST yet).
- Deepest for Python and JavaScript/TypeScript. Other languages are detected and covered by the secrets, dependency, and IaC scanners, but have limited code-level (SAST) rules so far.
- Code scanning has blind spots. The default regex tier catches common
patterns; the optional AST tier (
[ast], Python) follows multi-hop data flows. But cross-file and cross-function flows can still be missed. Treat a clean result as "no known issues found," not a proof of safety. - Dependency coverage depends on OSV. Offline, it falls back to a small bundled advisory seed (PyPI/npm) and will say so.
Treat Argus as a strong, fast first line of defense — not a replacement for a manual security review of critical code.
Contributing
Contributions are welcome from everyone. The flow is the standard one:
- Fork this repository.
- Create a branch and make your change (with tests).
- Open a pull request — the template will guide you, and CI runs tests and lint automatically.
Scanners, language support, compliance rules, and report formats are especially welcome — the plugin model means most additions never touch the core. See CONTRIBUTING.md for setup and standards, and CODE_OF_CONDUCT.md for community guidelines.
License
Apache-2.0. See LICENSE.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file argus_appsec-0.6.0.tar.gz.
File metadata
- Download URL: argus_appsec-0.6.0.tar.gz
- Upload date:
- Size: 108.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
53e2b52f8e3dea61823acd8e2069d87f7ec2ea16208f13bc137e7f30031c17c8
|
|
| MD5 |
eb8cb42728586dacf7ca597c2f316f7c
|
|
| BLAKE2b-256 |
35f2951e2aec4c428e4f53f4d548781189c98bb87e8c1ebcaa162be26bc81bce
|
Provenance
The following attestation bundles were made for argus_appsec-0.6.0.tar.gz:
Publisher:
publish.yml on hasipfaruk/Argus
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
argus_appsec-0.6.0.tar.gz -
Subject digest:
53e2b52f8e3dea61823acd8e2069d87f7ec2ea16208f13bc137e7f30031c17c8 - Sigstore transparency entry: 2071912208
- Sigstore integration time:
-
Permalink:
hasipfaruk/Argus@5534b2017286d9a090d83493601a8817a7817f1b -
Branch / Tag:
refs/tags/v0.6.0 - Owner: https://github.com/hasipfaruk
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@5534b2017286d9a090d83493601a8817a7817f1b -
Trigger Event:
release
-
Statement type:
File details
Details for the file argus_appsec-0.6.0-py3-none-any.whl.
File metadata
- Download URL: argus_appsec-0.6.0-py3-none-any.whl
- Upload date:
- Size: 100.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9806dd463349894411c176cbaaa17fc5ee23564a7c71bd5816bbebba6b1fe881
|
|
| MD5 |
7b187ea80bc54d692703f80ea5282b73
|
|
| BLAKE2b-256 |
f30fb8aea89ed4f36cfcb077722a87c51e850ccb5df16b1ea64b3f6885fa98f3
|
Provenance
The following attestation bundles were made for argus_appsec-0.6.0-py3-none-any.whl:
Publisher:
publish.yml on hasipfaruk/Argus
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
argus_appsec-0.6.0-py3-none-any.whl -
Subject digest:
9806dd463349894411c176cbaaa17fc5ee23564a7c71bd5816bbebba6b1fe881 - Sigstore transparency entry: 2071912222
- Sigstore integration time:
-
Permalink:
hasipfaruk/Argus@5534b2017286d9a090d83493601a8817a7817f1b -
Branch / Tag:
refs/tags/v0.6.0 - Owner: https://github.com/hasipfaruk
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@5534b2017286d9a090d83493601a8817a7817f1b -
Trigger Event:
release
-
Statement type: