{"id":50745525,"url":"https://github.com/edycutjong/vetoblast","last_synced_at":"2026-06-10T20:30:36.221Z","repository":{"id":360111189,"uuid":"1248738069","full_name":"edycutjong/vetoblast","owner":"edycutjong","description":"🛡️ Zero-Trust AI Agent Terminal Proxy and Runtime Guard protecting developer credentials and workspaces.","archived":false,"fork":false,"pushed_at":"2026-05-25T04:24:26.000Z","size":4555,"stargazers_count":0,"open_issues_count":8,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-25T04:26:45.312Z","etag":null,"topics":["ai-agents","deberta","nextjs","react","sandbox","security","tailwind","zero-trust"],"latest_commit_sha":null,"homepage":"https://vetoblast.edycu.dev","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/edycutjong.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-05-25T02:17:53.000Z","updated_at":"2026-05-25T04:24:29.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/edycutjong/vetoblast","commit_stats":null,"previous_names":["edycutjong/vetoblast"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/edycutjong/vetoblast","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edycutjong%2Fvetoblast","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edycutjong%2Fvetoblast/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edycutjong%2Fvetoblast/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edycutjong%2Fvetoblast/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/edycutjong","download_url":"https://codeload.github.com/edycutjong/vetoblast/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edycutjong%2Fvetoblast/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34170162,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-10T02:00:07.152Z","response_time":89,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-agents","deberta","nextjs","react","sandbox","security","tailwind","zero-trust"],"created_at":"2026-06-10T20:30:35.109Z","updated_at":"2026-06-10T20:30:36.214Z","avatar_url":"https://github.com/edycutjong.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n  \u003cimg src=\"public/icon.svg\" alt=\"VetoBlast icon\" width=\"120\" height=\"120\"\u003e\n  \u003ch1\u003eVetoBlast 🛡️\u003c/h1\u003e\n  \u003cp\u003e\u003cem\u003eZero-trust runtime proxy that intercepts AI agent commands, redacts secrets, and vetoes destructive executions\u003c/em\u003e\u003c/p\u003e\n  \u003cimg src=\"docs/readme-hero.png\" alt=\"VetoBlast\" width=\"100%\"\u003e\n\n  \u003cbr/\u003e\n\n  [![Live Demo](https://img.shields.io/badge/🚀_Live-Demo-ef4444?style=for-the-badge)](https://vetoblast.edycu.dev)\n  [![Pitch Deck](https://img.shields.io/badge/📊_Pitch-Deck-10b981?style=for-the-badge)](https://vetoblast.edycu.dev/pitch.html)\n  [![YouTube Demo](https://img.shields.io/badge/▶_YouTube-Demo-FF0000?style=for-the-badge\u0026logo=youtube\u0026logoColor=white)](https://youtu.be/2yhqErPzRI8)\n  [![Tests](https://img.shields.io/badge/✅_Tests-51_passing-22c55e?style=for-the-badge)](#-testing--ci)\n  [![Built for UOE](https://img.shields.io/badge/UOE-Summer_of_Code_2026-8b5cf6?style=for-the-badge)](https://uoe-summer-of-code.devpost.com/)\n\n  \u003cbr/\u003e\n\n  ![Next.js](https://img.shields.io/badge/Next.js_16-black?style=flat\u0026logo=next.js)\n  ![TypeScript](https://img.shields.io/badge/TypeScript-3178C6?style=flat\u0026logo=typescript\u0026logoColor=white)\n  ![React](https://img.shields.io/badge/React_19-61DAFB?style=flat\u0026logo=react\u0026logoColor=black)\n  ![Tailwind](https://img.shields.io/badge/Tailwind_v4-38B2AC?style=flat\u0026logo=tailwindcss\u0026logoColor=white)\n  ![Node.js](https://img.shields.io/badge/Node.js-339933?style=flat\u0026logo=node.js\u0026logoColor=white)\n  ![Python](https://img.shields.io/badge/Python_3.12-3776AB?style=flat\u0026logo=python\u0026logoColor=white)\n  [![CI](https://github.com/edycutjong/vetoblast/actions/workflows/ci.yml/badge.svg)](https://github.com/edycutjong/vetoblast/actions/workflows/ci.yml)\n\n\u003c/div\u003e\n\n---\n\n## 💡 The Problem \u0026 Solution\n\nAI coding agents scan `.env` files, execute shell commands, and send prompts to external LLMs — **without security awareness**. An intern's agent accidentally pushed production AWS credentials to a public repo, costing **$85,000** before the alert fired.\n\n**VetoBlast** is a zero-trust terminal proxy that intercepts every AI agent command in real-time. It uses entropy analysis + a local DeBERTa-Sec classifier to distinguish real secrets from harmless hashes, redacts credentials in-flight, and vetoes destructive commands — all in **\u003c10ms** overhead.\n\n**Key Features:**\n- 🔒 **In-Flight Secret Redaction**: Detects and replaces API keys, tokens, and passwords before they reach external services\n- 🧠 **DeBERTa-Sec AI Classifier**: Local ONNX model distinguishes real secrets from commit hashes (2% false positive rate)\n- 🚫 **Command Veto Gate**: Blocks destructive patterns (`rm -rf`, `chmod 777`, `DROP TABLE`) instantly\n- 📊 **Cyberpunk SOC Dashboard**: Real-time terminal tracer, threat speedometer, and incident review console\n- 🏠 **100% Local**: No credentials ever leave the developer's machine\n\n## 📸 Screenshots\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eClick to expand all dashboard screenshots\u003c/strong\u003e\u003c/summary\u003e\n\n### Stripe API Key Exfiltration — BLOCKED\n\u003e Agent `copilot-agent-v1` attempted a git commit + push containing a Stripe live API key. VetoBlast detected the secret with 97% confidence and blocked execution.\n\n\u003cimg src=\"docs/screenshots/inc-001.png\" alt=\"Incident 001 — Stripe key exfiltration blocked\" width=\"100%\"\u003e\n\n---\n\n### AWS Secret Key Leak via curl — BLOCKED\n\u003e Agent `cursor-agent-v3` piped config JSON containing an AWS secret key to an external LLM API endpoint. Entropy analysis flagged it at 4.91.\n\n\u003cimg src=\"docs/screenshots/inc-002.png\" alt=\"Incident 002 — AWS secret key leak blocked\" width=\"100%\"\u003e\n\n---\n\n### Destructive Shell Command — VETOED\n\u003e Agent attempted `rm -rf /usr/local/bin \u0026\u0026 chmod 777 /etc/passwd`. Pattern-matched and vetoed before execution.\n\n\u003cimg src=\"docs/screenshots/inc-003.png\" alt=\"Incident 003 — Destructive command vetoed\" width=\"100%\"\u003e\n\n---\n\n### Safe Command — APPROVED\n\u003e `npm run build` passed all scans. No secrets detected, no destructive patterns.\n\n\u003cimg src=\"docs/screenshots/inc-004.png\" alt=\"Incident 004 — Safe command approved\" width=\"100%\"\u003e\n\n---\n\n### Deploy Script with GitHub PAT — BLOCKED\n\u003e `python deploy.sh` contained a GitHub Personal Access Token in plaintext. DeBERTa classified intent as exfiltration.\n\n\u003cimg src=\"docs/screenshots/inc-005.png\" alt=\"Incident 005 — GitHub PAT in deploy script\" width=\"100%\"\u003e\n\n---\n\n### Git Config Password Exposure — REDACTED\n\u003e Agent attempted `git config --global user.password` with a plaintext password. VetoBlast redacted to `[REDACTED_PWD]`.\n\n\u003cimg src=\"docs/screenshots/inc-006.png\" alt=\"Incident 006 — Git password redacted\" width=\"100%\"\u003e\n\n\u003c/details\u003e\n\n## 🏗️ Architecture \u0026 Tech Stack\n\n```mermaid\ngraph TD\n    Agent[Autonomous AI Agent] \u003c--\u003e|Terminal Commands / Stdin| Proxy[VetoBlast Proxy \u003cbr/\u003e Node.js / node-pty]\n    Proxy --\u003e|Raw Streams| ONNX[DeBERTa-Sec Classifier \u003cbr/\u003e Python FastAPI / ONNX-runtime]\n    Proxy \u003c--\u003e|WebSocket Stream| UI[Next.js 16 / React 19 Dashboard]\n    UI \u003c--\u003e|Approve/Reject Signals| Proxy\n    Proxy --\u003e|Log Actions| Supabase[Supabase Database]\n    Proxy \u003c--\u003e|Filter Output / Stdout| Agent\n```\n\n| Layer | Technology |\n|---|---|\n| **Dashboard** | Next.js 16 (App Router), React 19, Tailwind CSS v4 |\n| **Proxy Engine** | Node.js, node-pty (terminal stream interception) |\n| **AI Classifier** | Python 3.12, FastAPI, DeBERTa-Sec (ONNX-runtime) |\n| **Audit Log** | Supabase (PostgreSQL) |\n| **Communication** | WebSocket (real-time threat stream) |\n\n## 🗄️ Database Schema\n\nData is persisted in **Supabase (PostgreSQL)** with Row-Level Security enabled. All tables use the `vb_` prefix to namespace within the shared Supabase instance.\n\n```mermaid\nerDiagram\n    vb_incidents {\n        text id PK\n        timestamptz timestamp\n        text agent_id\n        text command_attempted\n        varchar threat_category\n        varchar threat_level\n        text redacted_payload\n        jsonb detected_secrets\n        varchar status\n        timestamptz created_at\n    }\n    vb_metrics {\n        serial id PK\n        int total_scans\n        int total_blocked\n        int total_approved\n        numeric avg_scan_latency_ms\n        numeric false_positive_rate\n        int secrets_caught\n        text uptime\n    }\n    vb_terminal_feed {\n        serial id PK\n        text time\n        text type\n        text msg\n        timestamptz created_at\n    }\n```\n\n| Table | Purpose | Rows |\n|---|---|---|\n| `vb_incidents` | Intercepted agent commands — threat level, redacted payload, detected secrets (JSONB) | 6 |\n| `vb_metrics` | Aggregate scanner stats — total scans, blocked count, latency, false positive rate | 1 |\n| `vb_terminal_feed` | Live terminal proxy log — timestamped block/pass/scan events | 8 |\n\n\u003e **RLS Policy**: Anonymous read access enabled on all tables. Write operations require `service_role` key.\n\n## 🚀 Getting Started\n\n### Prerequisites\n- Node.js ≥ 20\n- npm\n\n### Installation\n```bash\ngit clone https://github.com/edycutjong/vetoblast.git\ncd vetoblast\nnpm install\ncp .env.example .env.local\nnpm run dev\n```\n\n## 🧪 Testing \u0026 CI\n\n**51 passing tests** across 4 test suites — covering mock data integrity, incident log consistency, entropy/confidence validation, threat level coverage, metrics cross-validation, terminal feed type validation, and all interactive dashboard state transitions.\n\n```bash\nnpm test              # Run all 51 tests\nnpm run test:coverage # Coverage report\nnpm run lint          # ESLint\nnpm run typecheck     # TypeScript check\nnpm run build         # Production build\nnpm run ci            # Full CI pipeline (lint + typecheck + test + build)\n```\n\nCI runs on Node.js 20, 22, and 24 via GitHub Actions on every push.\n\n## 📁 Project Structure\n```\nvetoblast/\n├── docs/              # README assets\n├── src/\n│   ├── app/           # Next.js pages + __tests__/\n│   └── lib/           # Mock data \u0026 utilities + __tests__/\n├── .github/           # CI workflows\n├── .env.example       # Environment template\n├── LICENSE            # MIT\n└── README.md          # You are here\n```\n\n## Acknowledged Limitation\n**Obfuscated Key Split**: If a secret key is split across multiple variables and concatenated during execution, raw stream evaluations may fail to identify the pattern, requiring supplementary environment inspection rules.\n\n## 🔨 Built With\n\n- [Next.js 16](https://nextjs.org/) — App Router, React Server Components\n- [React 19](https://react.dev/) — UI framework\n- [TypeScript](https://www.typescriptlang.org/) — Type-safe JavaScript\n- [Tailwind CSS v4](https://tailwindcss.com/) — Utility-first styling\n- [Node.js](https://nodejs.org/) + [node-pty](https://github.com/nickarora/node-pty) — Terminal stream interception\n- [Python 3.12](https://www.python.org/) — AI classifier backend\n- [FastAPI](https://fastapi.tiangolo.com/) — REST API server\n- [DeBERTa-Sec](https://huggingface.co/microsoft/deberta-v3-base) — Fine-tuned ONNX classifier for command intent\n- [ONNX Runtime](https://onnxruntime.ai/) — Local model inference\n- [Supabase](https://supabase.com/) — PostgreSQL audit log with RLS\n- [Jest](https://jestjs.io/) — Testing framework (51 passing tests)\n- [GitHub Actions](https://github.com/features/actions) — CI/CD pipeline\n- [Vercel](https://vercel.com/) — Frontend deployment\n\n## 📄 License\n[MIT](LICENSE) © 2026 Edy Cu\n\n## 🙏 Acknowledgments\nBuilt for **UOE Summer of Code 2026**. Thank you to the organizers and judges for the opportunity.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fedycutjong%2Fvetoblast","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fedycutjong%2Fvetoblast","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fedycutjong%2Fvetoblast/lists"}