Agent-native security audit SDK for Python
Project description
moyan-security-audit
Agent-native security audit SDK for Python — send source code to the Moyan audit engine and receive structured vulnerability reports with PMI trust scoring.
Installation
pip install moyan-security-audit
Requires Python >= 3.9.
Prerequisites
Set your API key via one of:
- Environment variable:
export MOYAN_API_KEY="your-api-key"
- Config file
~/.moyan/config.json:{ "apiKey": "your-api-key" }
If neither is set, the SDK raises RuntimeError with a descriptive message.
Usage
from moyan_audit import audit, AuditOptions
options = AuditOptions(
code="SELECT * FROM users WHERE id = " + user_id,
language="sql",
audit_level="L2",
timeout=30,
retries=2,
)
result = audit(options)
print(f"Audit ID: {result.audit_id}")
print(f"PMI Score: {result.pmi_score}")
print(f"Severity: {result.severity}")
print(f"Violations: {len(result.violations)}")
for v in result.violations:
print(f" [{v.rule_id}] {v.severity.upper()} — line {v.line}: {v.message}")
print(f"Recommendation: {result.recommendation}")
API Reference
audit(options: AuditOptions) -> AuditResult
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
code |
str |
Yes | — | Source code to audit |
language |
AuditLanguage |
Yes | — | sql / python / javascript / typescript / java / go / rust / solidity |
audit_level |
AuditLevel |
No | 'L1' |
L1 (quick scan), L2 (deep), L3 (full) |
timeout |
int |
No | 30 |
Request timeout in seconds |
retries |
int |
No | 2 |
Retry count with exponential backoff (1s, 2s, 4s, ...) |
AuditResult
| Field | Type | Description |
|---|---|---|
audit_id |
str |
Unique identifier for this audit run |
pmi_score |
float |
PMI trust score (0-100) |
severity |
Literal['pass', 'warn', 'fail'] |
Overall verdict |
violations |
list[AuditViolation] |
Detected rule violations |
recommendation |
str |
High-level remediation guidance |
AuditViolation
| Field | Type | Description |
|---|---|---|
rule_id |
str |
Rule identifier (e.g. SQLI-001) |
severity |
Literal['critical', 'high', 'medium', 'low', 'info'] |
Violation severity |
message |
str |
Human-readable description |
line |
int |
Source line number (1-based) |
snippet |
str |
Violating code snippet |
fix |
str |
Suggested remediation |
API Endpoint
POST https://api.sixu-ai.net.cn/api/v1/audit
Authorization: Bearer <MOYAN_API_KEY>
Content-Type: application/json
{ "code": "...", "language": "sql", "audit_level": "L2" }
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
No source distribution files available for this release.See tutorial on generating distribution archives.
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file moyan_security_audit-1.0.1-py3-none-any.whl.
File metadata
- Download URL: moyan_security_audit-1.0.1-py3-none-any.whl
- Upload date:
- Size: 5.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
6efc5f372ad2be5f80f80aafd7d38bb3154fc8c3463c8dd8febb13bb3fe63b9a
|
|
| MD5 |
43fb79d339373b49de9a9f1f0f26f6a8
|
|
| BLAKE2b-256 |
57e4ff9b39fa7a6d567c593b4ff7a7bf3840e1c473734ab0cad03bd6b8296649
|