-
Notifications
You must be signed in to change notification settings - Fork 187
Releases: affaan-m/agentshield
AgentShield v1.4.0 β AI Agent Security Scanner
AgentShield v1.4.0
AI agent security scanner. 102+ rules across 5 categories. Scans Claude Code, Codex, Cursor, and OpenCode configurations for vulnerabilities.
Quick Start
GitHub Action (CI):
- uses: affaan-m/agentshield@v1.4.0
CLI:
npx ecc-agentshield scan
Drop-in workflow: Copy examples/agentshield-workflow.yml to .github/workflows/ in any repo.
What's New in v1.4.0
- False positive fix β deny rules and PreToolUse block hooks no longer flagged as threats
- CVE database β 25+ known MCP vulnerabilities with detection patterns
- MCP tool poisoning detection β 5 new rules for tool description injection
- Watch mode β continuous scanning with config drift detection
- Runtime monitoring β PreToolUse hook for real-time tool call interception
- Supply chain verification β npm package metadata checks for MCP servers
- PR security gate β baseline comparison with inline annotations
- Org-wide policy enforcement β
.agentshield/policy.jsonfor team security baselines - CLAUDE.md permission check β flags world-writable config files
Stats
- 1,609 tests passing
- 102+ security rules
- A-F grading with 0-100 numeric score
- Formats: terminal, JSON, markdown, HTML
Links
Assets 2
AgentShield v1.3.0 β Deep Scan: 5 Analysis Layers, 120+ Rules, 1280 Tests
What's New in v1.3.0
AgentShield now goes beyond static analysis. The new --deep flag runs 5 analysis layers in a single command.
GitHub Action (NEW)
AgentShield is now available as a GitHub Action! Add security scanning to any CI/CD pipeline:
- uses: affaan-m/agentshield@v1 with: min-severity: medium fail-on-findings: true
Features: inline PR annotations, job summary markdown report, configurable severity filter, 4 outputs (score, grade, total-findings, critical-count).
Analysis Engines
- 102+ static security rules across 5 categories
- Injection testing with attack corpus
- Sandbox execution for hooks
- Taint analysis for data flow tracking
- Three-agent Opus adversarial pipeline (Attacker/Defender/Auditor)
- Self-contained
dist/action.js(242KB, no external dependencies)
Quick Start
# CLI npx ecc-agentshield scan # GitHub Action uses: affaan-m/agentshield@v1 # Deep scan with Opus pipeline npx ecc-agentshield scan --deep --opus
Stats
- 102+ rules, 1282 tests
- Grading: A-F with 0-100 numeric score
- Supports: Claude Code, Cursor, OpenCode, Codex CLI, Windsurf
Assets 2
AgentShield v1.2.0 - 102 Rules, 912 Tests
AgentShield v1.2.0
What's New
- 102 security rules (up from 56 in v1.0.0)
- 912 tests with comprehensive coverage
- GitHub Action available at
affaan-m/agentshield@v1
New Rule Categories Since v1.0.0
- Clipboard hijacking & log tampering detection
- Auto-approve & timeout manipulation prevention
- Reflection & output manipulation blocking
- Container escape & package install monitoring
- DNS exfiltration & firewall modification detection
- SSH key manipulation & background process detection
- Identity impersonation & crypto mining prevention
- Filesystem destruction & webhook abuse blocking
- CORS bypass & privileged port detection
- Sensitive file access & permissions escalation
3-Agent Adversarial Pipeline (--opus)
Run with npx ecc-agentshield --opus for the full adversarial pipeline:
- Attacker agent generates sophisticated prompts
- Defender agent tests rule detection
- Judge agent evaluates results
Installation
npx ecc-agentshield scan ./path/to/config
GitHub Action
- uses: affaan-m/agentshield@v1 with: scan-path: '.' fail-on-critical: true
Full Changelog: v1.0.0...v1.2.0
Assets 2
AgentShield v1.0.0
Initial release - Security auditor for AI agent configurations. Features: 16 static analysis rules, Opus 4.6 adversarial pipeline, 3 output formats, auto-fix, GitHub Action, npx support. Built at the Claude Code Hackathon.