Metadata-Version: 2.4
Name: agentguard2027
Version: 0.2.1
Summary: AgentGuard — AI Agent Code Review & Security Compliance Platform
Author: XHLS Team
License: MIT
Keywords: security,code-review,ai-agent,sast,llm
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Quality Assurance
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: license-pool.json
License-File: license_private.pem
License-File: license_public.pem
Requires-Dist: rich>=13.0
Requires-Dist: typer>=0.9
Provides-Extra: dev
Requires-Dist: pytest>=7.0; extra == "dev"
Requires-Dist: pytest-cov; extra == "dev"
Dynamic: license-file

# AgentGuard 🔴

**AI Agent Code Review & Security Compliance Platform**

Scans code generated by AI Agents for security vulnerabilities, backdoor patterns, and compliance issues.

Powered by XHLS security modules (model_guard, security_hardening, binary_sanitizer).

---

## Quick Start

```bash
# Install
pip install agentguard

# Scan a project
agentguard scan ./my-project

# JSON output for CI/CD
agentguard scan ./my-project --format json

# SARIF for GitHub Code Scanning
agentguard scan ./my-project --format sarif --output report.sarif
```

---

## Features

| Feature | Free | Pro ($29/mo) |
|---------|:----:|:------------:|
| CLI scanner | ✅ | ✅ |
| 25 security rules | ✅ | 50+ rules |
| 100 files/scan | ✅ | Unlimited |
| AST structural analysis | ✅ | ✅ |
| Secret/key leak detection | ✅ | ✅ |
| JSON/SARIF/Markdown output | ✅ | ✅ |
| Custom rules (plain English) | ❌ | ✅ |
| GitHub App PR comments | ❌ | ✅ |
| Model weight integrity check | ❌ | ✅ |
| Agent behavior logic audit | ❌ | ✅ |

---

## What It Detects

- **Code Injection**: eval/exec/os.system misuse
- **Deserialization**: pickle.loads, yaml.load, marshal attacks
- **Secrets**: Hardcoded API keys, tokens, passwords, private keys
- **Path Traversal**: Unsanitized file paths
- **SSRF**: User-controlled URLs in HTTP requests
- **Weak Crypto**: MD5, SHA1, insecure random
- **Agent-Specific**: Prompt injection, tool auth gaps, infinite loops

---

## Architecture

```
agentguard/
├── cli.py                 ← Entry point
├── scanner/
│   └── code_scanner.py    ← Pattern + AST engine
├── rules/
│   └── python_rules.py    ← 50 security rules (7 categories)
├── reporter/
│   └── reporter.py        ← Terminal / JSON / SARIF / MD
├── xhls_security/         ← Vendored XHLS modules
│   ├── model_guard.py     ← Model integrity + backdoor
│   ├── security_hardening.py ← RBAC + audit
│   └── binary_sanitizer.py   ← Pickle/image safety
└── pyproject.toml
```

---

## Roadmap

- [x] v0.1 — CLI + 50 rules + 4 output formats
- [ ] v0.2 — GitHub App + PR review comments
- [ ] v0.3 — Natural language custom rules
- [ ] v0.4 — GitHub Marketplace listing
- [ ] v0.5 — Model weight integrity scanner (model_guard wrapper)
- [ ] v1.0 — Pro tier paywall + enterprise on-premise

---

## License

MIT — Free tier is and stays open source.

Built by XHLS Team 2026.
