HackerTrans
トップ新着トレンドコメント過去質問紹介求人

dchitimalla1

2 カルマ登録 5 か月前

投稿

Show HN: AI Agent Audit for Free

github.com
1 ポイント·投稿者 dchitimalla1·昨日·0 コメント

NPM Agent Audit

npmjs.com
2 ポイント·投稿者 dchitimalla1·5 日前·0 コメント

ProofLayer Rules – runtime security, red-team evals for LangGraph

github.com
3 ポイント·投稿者 dchitimalla1·30 日前·2 コメント

Free coding interview practice using patterns

feetscode.com
4 ポイント·投稿者 dchitimalla1·先月·1 コメント

[untitled]

1 ポイント·投稿者 dchitimalla1·5 か月前·0 コメント

コメント

dchitimalla1
·30 日前·議論
Appreciate it, what are you using langchain agents for?
dchitimalla1
·30 日前·議論
[dead]
dchitimalla1
·5 か月前·議論
AI coding agents are writing more of our code, but they're also introducing new attack surfaces: prompt injection hidden in codebases, hallucinated package names that attackers register as malware, and data exfiltration through manipulated agents.

Our MCP server that sits between your AI agent and your codebase, scanning in real-time via the Model Context Protocol. v2.0 adds tree-sitter AST analysis for 12 languages with graceful fallback to regex when dependencies aren't installed.

Key features: - 275+ security rules (SQL injection, XSS, secrets, command injection) - Detects prompt injection attacks targeting AI agents - Catches hallucinated packages across 7 ecosystems (4.3M+ packages indexed) - Works with Claude Desktop, Claude Code, Cursor, Windsurf, Cline - Zero config: npx agent-security-scanner-mcp init claude-code

The interesting technical bit: we use bloom filters for package verification (keeps the npm package under 3MB while indexing millions of packages) and taint analysis to track user input flowing to dangerous sinks.

MIT licensed, free to use.