AI Agent Code Review & Security Compliance Platform
Project description
AgentGuard ๐ด
AI Agent Code Review & Security Compliance Platform
Scans code generated by AI Agents for security vulnerabilities, backdoor patterns, and compliance issues.
Powered by XHLS security modules (model_guard, security_hardening, binary_sanitizer).
Quick Start
# Install
pip install agentguard
# Scan a project
agentguard scan ./my-project
# JSON output for CI/CD
agentguard scan ./my-project --format json
# SARIF for GitHub Code Scanning
agentguard scan ./my-project --format sarif --output report.sarif
Features
| Feature | Free | Pro ($29/mo) |
|---|---|---|
| CLI scanner | โ | โ |
| 25 security rules | โ | 50+ rules |
| 100 files/scan | โ | Unlimited |
| AST structural analysis | โ | โ |
| Secret/key leak detection | โ | โ |
| JSON/SARIF/Markdown output | โ | โ |
| Custom rules (plain English) | โ | โ |
| GitHub App PR comments | โ | โ |
| Model weight integrity check | โ | โ |
| Agent behavior logic audit | โ | โ |
What It Detects
- Code Injection: eval/exec/os.system misuse
- Deserialization: pickle.loads, yaml.load, marshal attacks
- Secrets: Hardcoded API keys, tokens, passwords, private keys
- Path Traversal: Unsanitized file paths
- SSRF: User-controlled URLs in HTTP requests
- Weak Crypto: MD5, SHA1, insecure random
- Agent-Specific: Prompt injection, tool auth gaps, infinite loops
Architecture
agentguard/
โโโ cli.py โ Entry point
โโโ scanner/
โ โโโ code_scanner.py โ Pattern + AST engine
โโโ rules/
โ โโโ python_rules.py โ 50 security rules (7 categories)
โโโ reporter/
โ โโโ reporter.py โ Terminal / JSON / SARIF / MD
โโโ xhls_security/ โ Vendored XHLS modules
โ โโโ model_guard.py โ Model integrity + backdoor
โ โโโ security_hardening.py โ RBAC + audit
โ โโโ binary_sanitizer.py โ Pickle/image safety
โโโ pyproject.toml
Roadmap
- v0.1 โ CLI + 50 rules + 4 output formats
- v0.2 โ GitHub App + PR review comments
- v0.3 โ Natural language custom rules
- v0.4 โ GitHub Marketplace listing
- v0.5 โ Model weight integrity scanner (model_guard wrapper)
- v1.0 โ Pro tier paywall + enterprise on-premise
License
MIT โ Free tier is and stays open source.
Built by XHLS Team 2026.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file difcn2027-0.1.0-py3-none-any.whl.
File metadata
- Download URL: difcn2027-0.1.0-py3-none-any.whl
- Upload date:
- Size: 36.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dde5bc2622b68077633b92fcaa5cbdb2c9c5f61a15db403a470faca988e3edde
|
|
| MD5 |
cc81000c747531b80a9f629855e1428a
|
|
| BLAKE2b-256 |
bb427d03d06a0f44443fc889af96374ec6260bf3ba713e704cf8a26ba0f0898f
|