Skip to main content

Agent-native security audit SDK for Python

Project description

moyan-security-audit

Agent-native security audit SDK for Python — send source code to the Moyan audit engine and receive structured vulnerability reports with PMI trust scoring.

Installation

pip install moyan-security-audit

Requires Python >= 3.9.

Prerequisites

Set your API key via one of:

  1. Environment variable:
    export MOYAN_API_KEY="your-api-key"
    
  2. Config file ~/.moyan/config.json:
    { "apiKey": "your-api-key" }
    

If neither is set, the SDK raises RuntimeError with a descriptive message.

Usage

from moyan_audit import audit, AuditOptions

options = AuditOptions(
    code="SELECT * FROM users WHERE id = " + user_id,
    language="sql",
    audit_level="L2",
    timeout=30,
    retries=2,
)

result = audit(options)

print(f"Audit ID: {result.audit_id}")
print(f"PMI Score: {result.pmi_score}")
print(f"Severity: {result.severity}")
print(f"Violations: {len(result.violations)}")
for v in result.violations:
    print(f"  [{v.rule_id}] {v.severity.upper()} — line {v.line}: {v.message}")
print(f"Recommendation: {result.recommendation}")

API Reference

audit(options: AuditOptions) -> AuditResult

Parameter Type Required Default Description
code str Yes Source code to audit
language AuditLanguage Yes sql / python / javascript / typescript / java / go / rust / solidity
audit_level AuditLevel No 'L1' L1 (quick scan), L2 (deep), L3 (full)
timeout int No 30 Request timeout in seconds
retries int No 2 Retry count with exponential backoff (1s, 2s, 4s, ...)

AuditResult

Field Type Description
audit_id str Unique identifier for this audit run
pmi_score float PMI trust score (0-100)
severity Literal['pass', 'warn', 'fail'] Overall verdict
violations list[AuditViolation] Detected rule violations
recommendation str High-level remediation guidance

AuditViolation

Field Type Description
rule_id str Rule identifier (e.g. SQLI-001)
severity Literal['critical', 'high', 'medium', 'low', 'info'] Violation severity
message str Human-readable description
line int Source line number (1-based)
snippet str Violating code snippet
fix str Suggested remediation

API Endpoint

POST https://sixu-ai.net.cn/api/v1/audit
Authorization: Bearer <MOYAN_API_KEY>
Content-Type: application/json

{ "code": "...", "language": "sql", "audit_level": "L2" }

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

moyan_security_audit-1.0.0.tar.gz (4.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

moyan_security_audit-1.0.0-py3-none-any.whl (5.9 kB view details)

Uploaded Python 3

File details

Details for the file moyan_security_audit-1.0.0.tar.gz.

File metadata

  • Download URL: moyan_security_audit-1.0.0.tar.gz
  • Upload date:
  • Size: 4.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.9

File hashes

Hashes for moyan_security_audit-1.0.0.tar.gz
Algorithm Hash digest
SHA256 9645b2fb5bf3dd9c4276d71c42d5d28e5b54f78c57c5c5af2e64c2d6615d26a1
MD5 de6727f28f86274f68e05fac7e522b42
BLAKE2b-256 43c86e8c27105c77d1ce05dcc254679d7e0160e6fd6b0ed3783fb4733f2da06e

See more details on using hashes here.

File details

Details for the file moyan_security_audit-1.0.0-py3-none-any.whl.

File metadata

File hashes

Hashes for moyan_security_audit-1.0.0-py3-none-any.whl
Algorithm Hash digest
SHA256 e8aa864b2132937110d2e6c5e7c59d53fdea0dc6f94ec1477fc8ad486d7459ed
MD5 94f04030db50c13ba77ae8b2ef383219
BLAKE2b-256 076bb3f424924f3b033e27c9913e325b20efafdfe23d7c29dc523f8c4885a5e8

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page