Autonomous Security for the AI Agent Era
| Project | Description | Status |
|---|---|---|
| AgentGuard | AI agent SAST — 22 rules, 88% precision, OWASP ASI | |
| MCP Scanner | MCP server security — 12 checks, SARIF | |
| AgentGuard App | GitHub App — automated PR scanning | |
| VS Code Extension | Inline security diagnostics | |
| Benchmark Suite | 56 samples validating all 22 rules | |
| CI Demo | Live CI/CD with 8 Code Scanning alerts |
- 951 CONFIRMED findings across 7 AI agent frameworks
- 88% independently verified precision (44 TP / 6 FP)
- 22 detection rules — CWE mapped, CVSS scored
- 3 GitHub Security Advisories (LangChain CVSS 10.0)
- 2 AutoGen security issues (active technical discussion)
- 139 tests — Python 3.10, 3.11, 3.12
- CWE-1188 (CVSS 10.0) — LangChain ShellToolMiddleware insecure default
- AutoGen #7917 — Unrestricted Tool Execution
- AutoGen #7918 — Credential Exposure via Agent Logging
- Sovereign Security Audit 2026 — Full methodology and results
- Security Specification — Formal standard for AI agent code security
LGPL v3. No VC. No sales team. Just engineers solving real problems.