Local-first DLP engine and security layer for AI coding agents. Secures Copilot, Claude Code, Cursor, Windsurf, and any MCP-compatible agent.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for parthmeh123 from gravatar.com parthmeh123

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Proprietary
  • Author: SecureMind
  • Tags security , dlp , ai-agents , llm , copilot , claude-code , cursor , mcp , pii , credentials
  • Requires: Python >=3.11
  • Provides-Extra: ml , cloud , llm , ocr , pdf , dev , all
Classifiers
Report project as malware

Project description

securityagent-core

Shared DLP engine, security skills, and policy enforcement for AI coding agents. Used by SecurityAgent and AgnosticSecurity.

What's inside

Package What it does
endpoint_agent/ DLP engine — file blocking (60+ path patterns), confidence-scored content scanning (PII, credentials, semantic disclosure detection) with structural validators (Luhn, SSA rules, entropy) and context-aware scoring, data flow taint tracking (tags sensitive data at ingress, detects at egress via hash/n-gram/substring matching), tool call argument scanning (MCP/function call DLP + taint registry), behavioral monitoring (8-signal anomaly scoring), honeypot traps, credential scanning. LLM intent analysis with llama3.1:8b default + fallback chain. Notebook-aware .ipynb extraction. PDF extraction via 3-tier pipeline (PyMuPDF → Tesseract OCR → pypdf fallback) with encrypted PDF detection
skills/ Agent-agnostic MCP skills — secure_read, secure_exec, analyze_prompt, scan_output, check_policy, get_session_policy, audit_log
policy/ Policy engine — per-session least privilege, behavioral chain detection (11 attack patterns), audit trail with agent attribution. Obsidian vault integration via memory_bridge.py for cross-session policy context
obsidianMemory/ Obsidian vault — daily session logs, second-brain knowledge base, used by memory_bridge.py for persistent threat/policy tracking
plugin.py Standalone CLI entry point + validate_exec(), validate_prompt(), validate_output() pure functions

Install

pip install git+https://github.com/kaushikdharamshi/securityagent-core.git

# With optional dependencies
pip install "securityagent-core[cloud] @ git+https://github.com/kaushikdharamshi/securityagent-core.git"
pip install "securityagent-core[llm] @ git+https://github.com/kaushikdharamshi/securityagent-core.git"

Usage

Python SDK

from skills.adapters.python_sdk import SecurityAgentSDK

sdk = SecurityAgentSDK(agent_id="my-agent", agent_type="langchain")

# DLP-gated file read
result = sdk.secure_read("/path/to/file")

# Command validation
result = sdk.secure_exec("ls -la")

# Prompt intent analysis
result = sdk.analyze_prompt("Get me all customer SSNs")

MCP Server

python -m skills.adapters.mcp_server  # after pip install

Any MCP-compatible client (Claude Code, Copilot, custom agents) can connect via stdio JSON-RPC.

CLI

python -m plugin ~/.env                                    # File read gate
python -m plugin --exec "cat ~/.env"                       # Exec validation
python -m plugin --prompt "Get all passwords"              # Prompt analysis
python -m plugin --skill secure_read --params '{"path":"~/.env"}'  # Skills layer
python -m plugin --mcp-server                              # MCP server

Claude Code Integration

See integrations/claude_code/ for PreToolUse hook configuration.

Tests

pip install -e ".[dev]"
pytest

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for parthmeh123 from gravatar.com parthmeh123

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Proprietary
  • Author: SecureMind
  • Tags security , dlp , ai-agents , llm , copilot , claude-code , cursor , mcp , pii , credentials
  • Requires: Python >=3.11
  • Provides-Extra: ml , cloud , llm , ocr , pdf , dev , all
Classifiers

Release history Release notifications | RSS feed

This version

4.32.0

4.31.0

4.30.0

4.29.0

4.28.0

4.27.0

4.26.0

4.25.0

4.24.0

4.18.0

3.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

securityagent_core-4.32.0.tar.gz (194.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

securityagent_core-4.32.0-py3-none-any.whl (224.5 kB view details)

Uploaded Python 3

File details

Details for the file securityagent_core-4.32.0.tar.gz.

File metadata

  • Download URL: securityagent_core-4.32.0.tar.gz
  • Upload date:
  • Size: 194.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.11

File hashes

Hashes for securityagent_core-4.32.0.tar.gz
Algorithm Hash digest
SHA256 9d340a3bc00d56a3aa2df6f3928aa7c05487c65580ecd0118e2e367ee4f750b9
MD5 bb17ae78828bb93c5f7bb9c2d6ed717b
BLAKE2b-256 b99e8ffbe0dce4cfc12cebabf044bd7fc339d9af347b651d6457c1a8b9dab595

See more details on using hashes here.

File details

Details for the file securityagent_core-4.32.0-py3-none-any.whl.

File metadata

File hashes

Hashes for securityagent_core-4.32.0-py3-none-any.whl
Algorithm Hash digest
SHA256 9b916eec85161995988ca73fd2773df73b39d4bbc754b44bd49fdce55dd37a06
MD5 a59d07aa68388be5d0b21a64b6e5a72d
BLAKE2b-256 7bb58e8faf0014c731a482e2ccf89b1c9b47eb1c7d9aace2891062efd8981baf

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page