A lightweight OS-level supply chain attack guard for Python

These details have not been verified by PyPI

Project links

License
- OSI Approved :: MIT License
Operating System
- OS Independent
Programming Language
- Python :: 3
Topic
- Security

Project description

chain_guard

🛡 Features

Import Interception: Blocks unauthorized access to sensitive environment variables (e.g., AWS_SECRET_ACCESS_KEY, DATABASE_URL) during package initialization.
File System Guard: Prevents third-party packages from reading sensitive files like ~/.ssh/id_rsa or ~/.aws/credentials.
OS-level Telemetry & Execution Prevention: Uses Python's native Audit Hooks (PEP 578) to actively block remote code execution (os.system, subprocess) and reverse shell network connections (socket.connect) at the moment a suspicious package is imported.

Запуск

python3 -m venv venv

source venv/bin/activate

pip install -e .

установка тестовых пакетов

pip install -e test_package/clean_pkg

pip install -e test_package/malware_pkg

pip install -e test_package/sheep_package #имеет зависимость от 'вредоносного' wolf_package

Project details

These details have not been verified by PyPI

Project links

License
- OSI Approved :: MIT License
Operating System
- OS Independent
Programming Language
- Python :: 3
Topic
- Security

Release history Release notifications | RSS feed

0.2.0

May 11, 2026

0.1.2

May 11, 2026

0.1.1

May 10, 2026

This version

0.1.0

May 10, 2026

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

supply_chain_guard-0.1.0.tar.gz (4.2 kB view details)

Uploaded May 10, 2026 Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

The dropdown lists show the available interpreters, ABIs, and platforms. Enable javascript to be able to filter the list of wheel files.

supply_chain_guard-0.1.0-py3-none-any.whl (4.5 kB view details)

Uploaded May 10, 2026 Python 3

File details

Details for the file supply_chain_guard-0.1.0.tar.gz.

File metadata

Download URL: supply_chain_guard-0.1.0.tar.gz
Upload date: May 10, 2026
Size: 4.2 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/6.2.0 CPython/3.9.6

File hashes

Hashes for supply_chain_guard-0.1.0.tar.gz
Algorithm	Hash digest
SHA256	`9142bb0d7c0dacc376a48ccc9b401d00e6a0ba932157c964f67f5199995217de`
MD5	`3132cc3638917e23061a5edd636ad3c4`
BLAKE2b-256	`f27851b6d496d6042a9a1cd36934cffe8e431ca76ac60e001509e972ac86f9af`

See more details on using hashes here.

File details

Details for the file supply_chain_guard-0.1.0-py3-none-any.whl.

File metadata

Download URL: supply_chain_guard-0.1.0-py3-none-any.whl
Upload date: May 10, 2026
Size: 4.5 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/6.2.0 CPython/3.9.6

File hashes

Hashes for supply_chain_guard-0.1.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`f6917961a7a10d8f8c2457fd67da65a583bf68d8a6993812a56a395545048bca`
MD5	`b65186423439fe65683163b792281d0e`
BLAKE2b-256	`67b35a59ba502bdc29d2d27228a824edeca12d763e782e97db1799fafd0be381`

See more details on using hashes here.

supply-chain-guard 0.1.0

Navigation

Verified details

Maintainers

Meta

Unverified details

Project links

Meta

Classifiers

Project description

chain_guard

🛡 Features

Project details

Verified details

Maintainers

Meta

Unverified details

Project links

Meta

Classifiers

Release history Release notifications | RSS feed

Download files

Source Distribution

Built Distribution

File details

File metadata

File hashes

File details

File metadata

File hashes