Skip to main content

AI Agent Code Review & Security Compliance Platform

Project description

AgentGuard ๐Ÿ”ด

AI Agent Code Review & Security Compliance Platform

Scans code generated by AI Agents for security vulnerabilities, backdoor patterns, and compliance issues.

Powered by XHLS security modules (model_guard, security_hardening, binary_sanitizer).


Quick Start

# Install
pip install agentguard

# Scan a project
agentguard scan ./my-project

# JSON output for CI/CD
agentguard scan ./my-project --format json

# SARIF for GitHub Code Scanning
agentguard scan ./my-project --format sarif --output report.sarif

Features

Feature Free Pro ($29/mo)
CLI scanner โœ… โœ…
25 security rules โœ… 50+ rules
100 files/scan โœ… Unlimited
AST structural analysis โœ… โœ…
Secret/key leak detection โœ… โœ…
JSON/SARIF/Markdown output โœ… โœ…
Custom rules (plain English) โŒ โœ…
GitHub App PR comments โŒ โœ…
Model weight integrity check โŒ โœ…
Agent behavior logic audit โŒ โœ…

What It Detects

  • Code Injection: eval/exec/os.system misuse
  • Deserialization: pickle.loads, yaml.load, marshal attacks
  • Secrets: Hardcoded API keys, tokens, passwords, private keys
  • Path Traversal: Unsanitized file paths
  • SSRF: User-controlled URLs in HTTP requests
  • Weak Crypto: MD5, SHA1, insecure random
  • Agent-Specific: Prompt injection, tool auth gaps, infinite loops

Architecture

agentguard/
โ”œโ”€โ”€ cli.py                 โ† Entry point
โ”œโ”€โ”€ scanner/
โ”‚   โ””โ”€โ”€ code_scanner.py    โ† Pattern + AST engine
โ”œโ”€โ”€ rules/
โ”‚   โ””โ”€โ”€ python_rules.py    โ† 50 security rules (7 categories)
โ”œโ”€โ”€ reporter/
โ”‚   โ””โ”€โ”€ reporter.py        โ† Terminal / JSON / SARIF / MD
โ”œโ”€โ”€ xhls_security/         โ† Vendored XHLS modules
โ”‚   โ”œโ”€โ”€ model_guard.py     โ† Model integrity + backdoor
โ”‚   โ”œโ”€โ”€ security_hardening.py โ† RBAC + audit
โ”‚   โ””โ”€โ”€ binary_sanitizer.py   โ† Pickle/image safety
โ””โ”€โ”€ pyproject.toml

Roadmap

  • v0.1 โ€” CLI + 50 rules + 4 output formats
  • v0.2 โ€” GitHub App + PR review comments
  • v0.3 โ€” Natural language custom rules
  • v0.4 โ€” GitHub Marketplace listing
  • v0.5 โ€” Model weight integrity scanner (model_guard wrapper)
  • v1.0 โ€” Pro tier paywall + enterprise on-premise

License

MIT โ€” Free tier is and stays open source.

Built by XHLS Team 2026.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

difcn2027-0.1.0-py3-none-any.whl (36.5 kB view details)

Uploaded Python 3

File details

Details for the file difcn2027-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: difcn2027-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 36.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.9

File hashes

Hashes for difcn2027-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 dde5bc2622b68077633b92fcaa5cbdb2c9c5f61a15db403a470faca988e3edde
MD5 cc81000c747531b80a9f629855e1428a
BLAKE2b-256 bb427d03d06a0f44443fc889af96374ec6260bf3ba713e704cf8a26ba0f0898f

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page