Local-first DLP engine and security layer for AI coding agents. Secures Copilot, Claude Code, Cursor, Windsurf, and any MCP-compatible agent.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for parthmeh123 from gravatar.com parthmeh123

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Proprietary
  • Author: SecureMind
  • Tags security , dlp , ai-agents , llm , copilot , claude-code , cursor , mcp , pii , credentials
  • Requires: Python >=3.11
  • Provides-Extra: ml , cloud , llm , ocr , pdf , dev , all
Classifiers
Report project as malware

Project description

securityagent-core

Shared DLP engine, security skills, and policy enforcement for AI coding agents. Used by SecurityAgent and AgnosticSecurity.

What's inside

Package What it does
endpoint_agent/ DLP engine — file blocking (60+ path patterns), confidence-scored content scanning (PII, credentials, semantic disclosure detection) with structural validators (Luhn, SSA rules, entropy) and context-aware scoring, data flow taint tracking (tags sensitive data at ingress, detects at egress via hash/n-gram/substring matching), tool call argument scanning (MCP/function call DLP + taint registry), behavioral monitoring (8-signal anomaly scoring), honeypot traps, credential scanning. LLM intent analysis with llama3.1:8b default + fallback chain. Notebook-aware .ipynb extraction. PDF extraction via 3-tier pipeline (PyMuPDF → Tesseract OCR → pypdf fallback) with encrypted PDF detection
skills/ Agent-agnostic MCP skills — secure_read, secure_exec, analyze_prompt, scan_output, check_policy, get_session_policy, audit_log
policy/ Policy engine — per-session least privilege, behavioral chain detection (11 attack patterns), audit trail with agent attribution. Obsidian vault integration via memory_bridge.py for cross-session policy context
obsidianMemory/ Obsidian vault — daily session logs, second-brain knowledge base, used by memory_bridge.py for persistent threat/policy tracking
plugin.py Standalone CLI entry point + validate_exec(), validate_prompt(), validate_output() pure functions

Install

pip install git+https://github.com/kaushikdharamshi/securityagent-core.git

# With optional dependencies
pip install "securityagent-core[cloud] @ git+https://github.com/kaushikdharamshi/securityagent-core.git"
pip install "securityagent-core[llm] @ git+https://github.com/kaushikdharamshi/securityagent-core.git"

Usage

Python SDK

from skills.adapters.python_sdk import SecurityAgentSDK

sdk = SecurityAgentSDK(agent_id="my-agent", agent_type="langchain")

# DLP-gated file read
result = sdk.secure_read("/path/to/file")

# Command validation
result = sdk.secure_exec("ls -la")

# Prompt intent analysis
result = sdk.analyze_prompt("Get me all customer SSNs")

MCP Server

python -m skills.adapters.mcp_server  # after pip install

Any MCP-compatible client (Claude Code, Copilot, custom agents) can connect via stdio JSON-RPC.

CLI

python -m plugin ~/.env                                    # File read gate
python -m plugin --exec "cat ~/.env"                       # Exec validation
python -m plugin --prompt "Get all passwords"              # Prompt analysis
python -m plugin --skill secure_read --params '{"path":"~/.env"}'  # Skills layer
python -m plugin --mcp-server                              # MCP server

Claude Code Integration

See integrations/claude_code/ for PreToolUse hook configuration.

Tests

pip install -e ".[dev]"
pytest

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for parthmeh123 from gravatar.com parthmeh123

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Proprietary
  • Author: SecureMind
  • Tags security , dlp , ai-agents , llm , copilot , claude-code , cursor , mcp , pii , credentials
  • Requires: Python >=3.11
  • Provides-Extra: ml , cloud , llm , ocr , pdf , dev , all
Classifiers

Release history Release notifications | RSS feed

4.32.0

4.31.0

4.30.0

This version

4.29.0

4.28.0

4.27.0

4.26.0

4.25.0

4.24.0

4.18.0

3.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

securityagent_core-4.29.0.tar.gz (194.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

securityagent_core-4.29.0-py3-none-any.whl (224.5 kB view details)

Uploaded Python 3

File details

Details for the file securityagent_core-4.29.0.tar.gz.

File metadata

  • Download URL: securityagent_core-4.29.0.tar.gz
  • Upload date:
  • Size: 194.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.11

File hashes

Hashes for securityagent_core-4.29.0.tar.gz
Algorithm Hash digest
SHA256 974d8645bdc5c76a28f68557a008b4b1579b11b07f395b46df9f88b20464f4ad
MD5 8a43acb3cd92b863b9cb55ee997c4071
BLAKE2b-256 9a54b622e64cf10130cb726748545061295717e479468308e8cdaebe435c805b

See more details on using hashes here.

File details

Details for the file securityagent_core-4.29.0-py3-none-any.whl.

File metadata

File hashes

Hashes for securityagent_core-4.29.0-py3-none-any.whl
Algorithm Hash digest
SHA256 23b6294a00051e23761aed9e3eb3623ebe0bd5b412ea4b90ad79ee5df820659f
MD5 7b8f328006f191a4398c4be04bd85eaa
BLAKE2b-256 ea3c0b3589f1617ceb86c8a7136132bdca48f6b5e48c20f7a340fa275ece663f

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page