Developer-first AI safety checks: prompt-policy lint + secret scanning. Zero-dep CLI + GitHub Action + Claude Skill + Cursor Rule.
Project description
wrg-devguard
Developer-first AI safety checks: prompt-policy lint + secret scanning.
Zero-dependency Python CLI that scans a repository for two classes of issues before your PR lands:
- Leaked secrets — API keys, private keys, tokens, common credential formats in tracked files.
- Prompt-policy violations — deny-listed patterns in prompts, system messages, and AI-facing text assets (configurable via JSON policy).
Ships as:
- A Python package (
pip install wrg-devguard) - A GitHub Action (drop-in composite action for any repo)
- A Claude Code skill (
.claude/skills/wrg-devguard/) - A Cursor rule (
.cursor/rules/wrg-devguard.mdc)
No external dependencies in the core scanner (stdlib only). Optional [yaml]
extra for YAML policy files. Optional bandit subcommand for Python security
scanning.
Install
pip install wrg-devguard
For YAML policy support:
pip install "wrg-devguard[yaml]"
Quick start
# Run both checks and fail on any high-severity finding
wrg-devguard check --path . --fail-on error
# Scan only for leaked secrets
wrg-devguard scan-secrets --path .
# Lint AI-facing text assets against a policy
wrg-devguard lint-policy --path . --profile strict
# Emit a JSON report for CI
wrg-devguard check --path . --json-out wrg-devguard-report.json
GitHub Action
# .github/workflows/security.yml
name: security
on: [pull_request, push]
jobs:
wrg-devguard:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: yakuphanycl/wrg-devguard@v1
with:
profile: strict
fail-on: error
See action.yml for all inputs.
Claude Code skill
Drop the skill into your workspace:
mkdir -p .claude/skills/wrg-devguard
curl -L https://raw.githubusercontent.com/yakuphanycl/wrg-devguard/main/.claude/skills/wrg-devguard/SKILL.md \
-o .claude/skills/wrg-devguard/SKILL.md
Claude Code will surface the skill automatically when you ask things like "scan for secrets", "is this safe to commit", or "check for leaks".
Cursor rule
Drop the rule into your workspace:
mkdir -p .cursor/rules
curl -L https://raw.githubusercontent.com/yakuphanycl/wrg-devguard/main/.cursor/rules/wrg-devguard.mdc \
-o .cursor/rules/wrg-devguard.mdc
Cursor will apply the rule before suggesting any git commit command.
Policy file
Default lookup order:
--policy <path>argument if provided.wrg/policy.jsonat the repo root- Built-in defaults
Profiles:
default→ PR-friendly baseline (recommended for CI)strict→ stricter local/release audits (use--profile strict)
Place custom policies in .wrg/policy.json (JSON) or .wrg/policy.yaml
(requires [yaml] extra).
Commands
wrg-devguard profiles # list available profiles
wrg-devguard lint-policy --path . # policy lint only
wrg-devguard scan-secrets --path . # secret scan only
wrg-devguard check --path . # both, single JSON report
wrg-devguard check --path . --profile strict
wrg-devguard check --path . --json-out report.json
wrg-devguard check --path . --fail-on warning
wrg-devguard check --path . --allowlist .wrg/allowlist.json
wrg-devguard bandit --path src/ # optional: bandit wrapper
Exit codes
0— no findings above threshold1— findings at or above--fail-onthreshold2— configuration or input error
Why another secret scanner?
- Zero runtime deps — the core scanner is stdlib only, so
pip installis instant and works in any sandbox. - Policy lint in the same tool — most scanners only do secrets. We also catch prompt-policy violations (deny-listed patterns, hardcoded system prompts, PII in AI-facing text).
- AI-native UX — ships with a Claude skill and a Cursor rule so the scanner runs automatically inside your AI coding assistant, not just in CI.
- Stable JSON schema —
check --json-outemits a versioned schema that never breaks.
Development
git clone https://github.com/yakuphanycl/wrg-devguard.git
cd wrg-devguard
pip install -e ".[dev]"
pytest -q
License
MIT. See LICENSE.
Contributing
Issues and PRs welcome. For substantial changes, open an issue first to discuss scope.
Part of the WinstonRedGuard
ecosystem. The monorepo at apps/wrg_devguard/ is the canonical source; this
repo is a distribution mirror kept in sync on every release.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file wrg_devguard-0.1.0.tar.gz.
File metadata
- Download URL: wrg_devguard-0.1.0.tar.gz
- Upload date:
- Size: 15.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
491bb2ee30166e71bd3bcf4f57cee739fdc6b7e5e2697e5fd21a4927d18954b0
|
|
| MD5 |
a852f5b295c772839209bf3a682d6835
|
|
| BLAKE2b-256 |
08e433673e29efed7385ab256dbf82d097a2fc985995d5cec987ec894e763513
|
File details
Details for the file wrg_devguard-0.1.0-py3-none-any.whl.
File metadata
- Download URL: wrg_devguard-0.1.0-py3-none-any.whl
- Upload date:
- Size: 13.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
bfed331436567d26e0fbe8f50e380e0b582551bcacd88d810c9bf73d4576cb27
|
|
| MD5 |
83c39478aec41564528f3750e191743b
|
|
| BLAKE2b-256 |
b1ff7ed93c0b9e2fe36c67f81340fefa1893b6e3ec520cc93b1ae7f44f322415
|
