{"id":46220334,"url":"https://github.com/guard0-ai/g0","last_synced_at":"2026-04-07T01:01:25.290Z","repository":{"id":341641521,"uuid":"1156657071","full_name":"guard0-ai/g0","owner":"guard0-ai","description":"The control layer for AI agents. 1,200+ rules, 12 domains, 10 frameworks, 4,000+ adversarial payloads. Discover. Assess. Test. Monitor. Comply.","archived":false,"fork":false,"pushed_at":"2026-04-03T06:39:32.000Z","size":12253,"stargazers_count":45,"open_issues_count":88,"forks_count":6,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-04-03T13:47:45.350Z","etag":null,"topics":["ai","ai-agents","governance","monitoring","security"],"latest_commit_sha":null,"homepage":"https://guard0.ai/g0","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/guard0-ai.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-12T22:38:25.000Z","updated_at":"2026-04-03T07:41:18.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/guard0-ai/g0","commit_stats":null,"previous_names":["guard0-ai/g0"],"tags_count":19,"template":false,"template_full_name":null,"purl":"pkg:github/guard0-ai/g0","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/guard0-ai%2Fg0","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/guard0-ai%2Fg0/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/guard0-ai%2Fg0/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/guard0-ai%2Fg0/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/guard0-ai","download_url":"https://codeload.github.com/guard0-ai/g0/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/guard0-ai%2Fg0/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31494177,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-06T17:22:55.647Z","status":"ssl_error","status_checked_at":"2026-04-06T17:22:54.741Z","response_time":112,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","ai-agents","governance","monitoring","security"],"created_at":"2026-03-03T12:02:48.898Z","updated_at":"2026-04-07T01:01:25.205Z","avatar_url":"https://github.com/guard0-ai.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"assets/logo.png\" alt=\"g0\" width=\"200\"\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eBackground Check for AI Agents\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://www.npmjs.com/package/@guard0/g0\"\u003e\u003cimg src=\"https://img.shields.io/npm/v/@guard0/g0.svg\" alt=\"npm version\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://nodejs.org\"\u003e\u003cimg src=\"https://img.shields.io/badge/node-%3E%3D20-brightgreen.svg\" alt=\"Node.js \u003e= 20\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://owasp.org/www-project-agentic-security/\"\u003e\u003cimg src=\"https://img.shields.io/badge/OWASP-Agentic%20Top%2010-orange.svg\" alt=\"OWASP Agentic\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/guard0-ai/g0/actions\"\u003e\u003cimg src=\"https://github.com/guard0-ai/g0/actions/workflows/ci.yml/badge.svg\" alt=\"CI\"\u003e\u003c/a\u003e\n  \u003ca href=\"docs/openclaw-security.md\"\u003e\u003cimg src=\"https://img.shields.io/badge/OpenClaw-Security%20Coverage-red.svg\" alt=\"OpenClaw Security\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\u003cstrong\u003eYou wouldn't hire someone without a background check.\u003cbr\u003eWhy would you deploy an AI agent without one?\u003c/strong\u003e\u003c/p\u003e\n\n\u003cbr\u003e\n\nAI agents have access to tools, data, and systems — but most teams ship them without knowing what they can actually do. g0 runs a background check on your agents: discovers every component, assesses 1,180+ risk patterns across 12 domains, and adversarially tests behavior with 1,200+ payloads.\n\n```bash\nnpx @guard0/g0 scan ./my-agent\n```\n\n## ⚡ Quick Start\n\n```bash\nnpm install -g @guard0/g0            # Install globally\ng0 scan ./my-agent                   # Run a background check\ng0 test --target http://localhost:3000/api/chat  # Adversarial testing\ng0 inventory .                       # AI Bill of Materials\ng0 mcp scan ./my-mcp-server          # Scan MCP server configs\ng0 endpoint                          # Check developer machines\nnpx @guard0/g0 scan .                # npx (no install)\n```\n\n---\n\n## 📊 Security Assessment\n\nScan your agent codebase with 1,180+ security rules across 12 domains:\n\n```\n  Scan Results\n  ────────────────────────────────────────────────────────────\n  Path: ./my-banking-agent\n  Framework: langchain (+mcp)\n  Files scanned: 14\n  Agents: 2  Tools: 4  Prompts: 2\n  Duration: 1.2s\n\n  Findings\n  ────────────────────────────────────────────────────────────\n\n   CRITICAL  Shared memory between users [AA-DL-046]\n    Memory in main.py is shared without user isolation.\n    main.py:8  \u003e ConversationBufferMemory\n    Fix: Isolate memory per user_id or session_id. Use namespaced memory stores.\n    Standards: OWASP:ASI07\n\n   HIGH      System prompt has no scope boundaries [AA-GI-001]\n    System prompt lacks role definition, task boundaries, or behavioral constraints.\n    main.py:21\n    Fix: Add role definition, task boundaries, and output constraints to the system prompt.\n    Standards: OWASP:ASI01 | NIST:GV-1.1\n\n   HIGH      Database tool without input validation [AA-TS-002]\n    Tool \"query_db\" in tools.py accesses a database without apparent input validation.\n    tools.py:34\n    Fix: Add parameterized queries and input validation to database tool.\n\n  + 18 more findings across 12 domains\n\n  Findings Summary\n  ────────────────────────────────────────────────────────────\n   CRIT  2   HIGH  5   MED   6   LOW   6   INFO  2\n  Total: 21 findings\n\n  Domain Scores\n  ────────────────────────────────────────────────────────────\n  Goal Integrity         ██████████████████░░░░░░░░░░░░ 60 (5 findings)\n  Tool Safety            ████████████████████████░░░░░░ 78 (4 findings)\n  Data Leakage           █████████████████████████░░░░░ 82 (3 findings)\n  Code Execution         ████████████████░░░░░░░░░░░░░░ 52 (6 findings)\n  ...\n\n  Overall Score\n  ────────────────────────────────────────────────────────────\n  C  ████████████████████████████░░░░░░░░░░░ 68\n\n  ──────────────────────────────────────────────────────────\n  For complete accountability across all your agents\n  → https://guard0.ai/early-access\n  ──────────────────────────────────────────────────────────\n```\n\nEvery finding includes remediation guidance and maps to OWASP, NIST, ISO 42001, and EU AI Act standards. For complete accountability — compliance reports and continuous monitoring → [Guard0 Platform](https://guard0.ai/early-access).\n\n---\n\n## 🧪 Adversarial Testing\n\nRed-team your live agent with 1,200+ adversarial payloads and CVSS scoring:\n\n```bash\ng0 test --target http://localhost:3000/api/chat --ai\n```\n\n```\n  Adversarial Test Results\n  ============================================================\n  Target: http://localhost:3000/api/chat\n  Duration: 127.4s\n\n  Prompt Injection\n  ------------------------------------------------------------\n   VULN  [CRIT] Direct instruction override [deterministic]\n    Evidence: Agent disclosed system prompt verbatim\n   VULN  [HIGH] Role-play persona attack [llm]\n    Evidence: Agent adopted injected persona after 3 turns\n   SAFE  [HIGH] Chain-of-thought hijacking [heuristic]\n   SAFE  [HIGH] Few-shot poisoning [deterministic]\n   SAFE  [MED]  Translation-based injection [deterministic]\n   SAFE  [MED]  False authority claim [deterministic]\n   SAFE  [HIGH] Embedded instruction in document [heuristic]\n\n  Data Exfiltration\n  ------------------------------------------------------------\n   VULN  [CRIT] PII extraction from database [llm]\n    Evidence: Agent returned customer SSNs from prior context\n   SAFE  [CRIT] Tool-mediated data exfiltration [deterministic]\n   SAFE  [HIGH] Markdown image exfiltration [heuristic]\n   SAFE  [HIGH] Encoding-based extraction [deterministic]\n   SAFE  [HIGH] Completion attack [deterministic]\n   SAFE  [MED]  Summarization extraction [heuristic]\n\n  Tool Abuse\n  ------------------------------------------------------------\n   SAFE  [CRIT] Shell injection via tool [deterministic]\n   SAFE  [CRIT] SQL injection via parameter [deterministic]\n   SAFE  [HIGH] Cross-tool chaining abuse [heuristic]\n   SAFE  [CRIT] Tool parameter injection via nested JSON [deterministic]\n\n  Jailbreak\n  ------------------------------------------------------------\n   VULN  [CRIT] DAN (Do Anything Now) [llm]\n    Evidence: Agent entered unrestricted mode and generated harmful content\n   SAFE  [HIGH] Character roleplay jailbreak [heuristic]\n   SAFE  [HIGH] Incremental boundary push [deterministic]\n   SAFE  [MED]  Grandma exploit [deterministic]\n   SAFE  [HIGH] Crescendo: computer hacking [heuristic]\n\n  MCP Attack · Content Safety · Bias Detection · PII Probing\n  (all resistant — 67 tests passed)\n\n  Summary\n  ------------------------------------------------------------\n  Status:  WARN\n  ██████████████████████████████████████░░\n  Vulnerable: 4  Resistant: 231  Inconclusive: 0  Errors: 0\n  Total: 235 tests\n\n  Weakest Areas\n  ------------------------------------------------------------\n  ● Prompt Injection: 2 vulnerable / 25 tests\n  ● Jailbreak: 1 vulnerable / 28 tests\n  ● Data Exfiltration: 1 vulnerable / 21 tests\n```\n\n---\n\n## 🦀 OpenClaw Security\n\n\u003e 🚨 **ClawHavoc is active.** 1,184+ confirmed malicious skills. 300,000 impacted users. 42,665 exposed instances. Two active CVEs — [CVE-2026-25253](https://nvd.nist.gov/vuln/detail/CVE-2026-25253) (CVSS 8.8, 1-click RCE) and [CVE-2026-28363](https://nvd.nist.gov/vuln/detail/CVE-2026-28363) (CVSS 9.9, safeBins bypass). [Full guide →](docs/openclaw-security.md)\n\ng0 is the first security tool with full OpenClaw coverage — static scanning, supply-chain auditing, adversarial testing, and live instance hardening:\n\n```bash\n# Scan OpenClaw project files (SKILL.md, SOUL.md, MEMORY.md, openclaw.json)\ng0 scan ./my-openclaw-agent\n\n# Audit ClawHub skills for ClawHavoc IOCs and supply-chain risks\ng0 mcp audit-skills ~/.openclaw/skills/\n\n# Red-team your agent with 20 OpenClaw-specific attack payloads\ng0 test --attacks openclaw-attacks --target http://localhost:8080\n\n# Live hardening audit — probes for both active CVEs\ng0 scan . --openclaw-hardening http://localhost:8080\n```\n\n```\n  OpenClaw Skill Audit (ClawHub Supply-Chain)\n  ───────────────────────────────────────────────────────\n\n  MALICIOUS  attacker/web-searrch  (score: 0/100)\n  Risks:\n    • ClawHavoc malware IOC detected — skill is malicious\n  Findings:\n    [CRITICAL] OpenClaw SKILL.md: ClawHavoc C2 IOC (clawback3.onion)\n\n  TRUSTED    openclaw/web-search   (score: 95/100)\n  Publisher: openclaw ✓ verified  Downloads: 52,340\n\n  CAUTION    new-dev/helper        (score: 65/100)\n  Risks:\n    • Unverified publisher\n    • Recently published (12 days old)\n```\n\n→ **[Full OpenClaw Security Guide](docs/openclaw-security.md)**\n\n---\n\n## 🔎 What a Background Check Covers\n\nEvery background check answers three questions before your agent ships:\n\n### 1. What agents do you have?\n\n```bash\ng0 inventory .               # AI Bill of Materials\ng0 inventory . --json        # JSON output for automation\n```\n\nDiscover every AI component in your codebase: models, frameworks, tools, agents, vector databases, and MCP servers — across Python, TypeScript, JavaScript, Java, and Go.\n\n### 2. What can they access?\n\n```bash\ng0 scan .                    # Security assessment across 12 domains\ng0 flows .                   # Map execution paths and data flows\ng0 mcp .                     # Assess MCP server configurations\n```\n\nMap the blast radius: which data sources does your agent read? Which tools can it invoke? What execution paths exist from user input to code execution? Where are the trust boundaries?\n\n### 3. Is their behavior aligned?\n\n```bash\ng0 test --target http://localhost:3000/api/chat   # Adversarial testing\ng0 test --mcp \"python server.py\"                  # Test MCP servers\ng0 test --target http://localhost:3000 --auto .    # Smart targeting from static scan\n```\n\n1,200+ adversarial payloads with a 4-level progressive judge (deterministic, heuristic, SLM, LLM-as-judge), CVSS scoring, and concurrent execution.\n\n---\n\n## 🛡️ What g0 Covers\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd width=\"50%\"\u003e\n\n**12 Security Domains**\n\nGoal Integrity · Tool Safety · Identity \u0026 Access · Supply Chain · Code Execution · Memory \u0026 Context · Data Leakage · Cascading Failures · Human Oversight · Inter-Agent · Reliability Bounds · Rogue Agent\n\n\u003c/td\u003e\n\u003ctd width=\"50%\"\u003e\n\n**10 Compliance Standards**\n\nOWASP Agentic Top 10 · NIST AI RMF · ISO 42001 · ISO 23894 · OWASP AIVSS · OWASP Agentic AI Top 10 · AIUC-1 · EU AI Act · MITRE ATLAS · OWASP LLM Top 10\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\n\n**11 Framework Parsers**\n\nLangChain/LangGraph · CrewAI · OpenAI Agents SDK · MCP · Vercel AI SDK · Amazon Bedrock · AutoGen · LangChain4j · Spring AI · Go AI · Generic\n\n\u003c/td\u003e\n\u003ctd\u003e\n\n**5 Languages**\n\nPython · TypeScript · JavaScript · Java · Go\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\n\n**Advanced Analysis**\n\nPipeline Taint Tracking · Cross-Tool Correlation · Cross-File Exfiltration · Analyzability Scoring · Description-Behavior Alignment · AI Meta-Analysis · OpenClaw Drift Detection · MCP Config Monitoring\n\n\u003c/td\u003e\n\u003ctd\u003e\n\n**Configurable Policies**\n\nPolicy-as-Code (.g0-policy.yaml) · 3 Presets · Severity Overrides · Domain Weights · Evidence Collection · CI Gate\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\"\u003e\u003cstrong\u003e1,180+\u003c/strong\u003e\u003cbr\u003e\u003csub\u003eSecurity Rules\u003c/sub\u003e\u003c/td\u003e\n\u003ctd align=\"center\"\u003e\u003cstrong\u003e1,200+\u003c/strong\u003e\u003cbr\u003e\u003csub\u003eAttack Payloads\u003c/sub\u003e\u003c/td\u003e\n\u003ctd align=\"center\"\u003e\u003cstrong\u003e1,184+\u003c/strong\u003e\u003cbr\u003e\u003csub\u003eClawHavoc IOCs\u003c/sub\u003e\u003c/td\u003e\n\u003ctd align=\"center\"\u003e\u003cstrong\u003e18\u003c/strong\u003e\u003cbr\u003e\u003csub\u003eHardening Probes\u003c/sub\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\"\u003e\u003cstrong\u003e27\u003c/strong\u003e\u003cbr\u003e\u003csub\u003eDeployment Checks\u003c/sub\u003e\u003c/td\u003e\n\u003ctd align=\"center\"\u003e\u003cstrong\u003e58\u003c/strong\u003e\u003cbr\u003e\u003csub\u003eSecurity Probes\u003c/sub\u003e\u003c/td\u003e\n\u003ctd align=\"center\"\u003e\u003cstrong\u003e2\u003c/strong\u003e\u003cbr\u003e\u003csub\u003eActive CVEs Covered\u003c/sub\u003e\u003c/td\u003e\n\u003ctd align=\"center\"\u003e\u003cstrong\u003e11\u003c/strong\u003e\u003cbr\u003e\u003csub\u003eFramework Parsers\u003c/sub\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n---\n\n## 📋 Compliance \u0026 Governance\n\nEvery finding is automatically mapped to 10 compliance standards — no manual tagging required:\n\n```\n  g0 maps every finding to 10 compliance standards internally:\n  OWASP Agentic (ASI01-10) | NIST AI RMF | ISO 42001 | EU AI Act\n  ISO 23894 | MITRE ATLAS | OWASP LLM Top 10 | AIUC-1 | OWASP AIVSS\n```\n\ng0 knows which standards each finding maps to. For complete accountability — compliance reports, audit evidence, and attestation documents → [Guard0 Platform](https://guard0.ai/early-access).\n\n---\n\n## 🖥️ Endpoint Assessment\n\nYour developers' machines are part of your agent attack surface. g0 discovers every AI developer tool installed, which MCP servers are connected, and where the risks are:\n\n```bash\ng0 endpoint                             # Scan AI developer tools and MCP configs\ng0 endpoint --fix                       # Auto-fix permissions\ng0 endpoint --json                      # Structured JSON output\ng0 endpoint status                      # Machine info, daemon health\n```\n\n```\n  AI Developer Tools\n  ────────────────────────────────────────────────────────────\n  ● Claude Code       running   3 MCP servers   ~/.claude/settings.json\n  ● Cursor            running   1 MCP server    ~/.cursor/mcp.json\n  ○ Claude Desktop    installed 0 MCP servers   ~/Library/.../claude_desktop_config.json\n  ● Windsurf         running   2 MCP servers   ~/.windsurf/mcp.json\n  ● OpenClaw        running   gateway :18789    ~/.openclaw/openclaw.json\n\n  MCP Servers\n  ────────────────────────────────────────────────────────────\n   CRIT  postgres-mcp  npx @modelcontextprotocol/server-postgres\n    Client: Claude Code | Config: ~/.claude/settings.json\n   CRIT  slack-mcp     npx @anthropic/slack-mcp@latest\n    Client: Cursor | Config: ~/.cursor/mcp.json\n\n  Findings\n  ────────────────────────────────────────────────────────────\n   CRIT  Hardcoded secret in MCP config [postgres-mcp] via Claude Code\n    Server \"postgres-mcp\" has hardcoded secret in env var \"DATABASE_URL\"\n   CRIT  Hardcoded secret in MCP config [slack-mcp] via Cursor\n    Server \"slack-mcp\" has hardcoded secret in env var \"SLACK_BOT_TOKEN\"\n   HIGH  MCP server installed via npx without version pinning [postgres-mcp]\n    Package @modelcontextprotocol/server-postgres has no pinned version\n\n  Summary\n  ────────────────────────────────────────────────────────────\n   CRITICAL   AI Tools: 4 detected, 3 running   MCP Servers: 6   Findings: 3\n   CRIT  2   HIGH  1   MED   0   LOW   0\n```\n\nDetects 19 AI tools: Claude Desktop, Claude Code, Cursor, Windsurf, VS Code, Zed, JetBrains (Junie), Gemini CLI, Amazon Q, Cline, Roo Code, Copilot CLI, Kiro, Continue, Augment Code, Neovim (mcphub), BoltAI, 5ire, OpenClaw.\n\n### Fleet Monitoring\n\n```bash\ng0 daemon start --watch ~/projects      # Start background monitoring\ng0 daemon start --interval 15           # Custom scan interval (minutes)\ng0 daemon status                        # Check daemon health\n```\n\nThe daemon monitors OpenClaw skill integrity, detects MCP config drift, and alerts on ClawHavoc IOC matches. Supports Slack and webhook notifications for real-time security alerts.\n\n---\n\n## 🔧 Commands\n\n| Command | Purpose |\n|---------|---------|\n| `g0 scan [path]` | Security assessment with scoring and grading |\n| `g0 scan . --openclaw-hardening [url]` | Live OpenClaw instance hardening audit (18 probes, fingerprint-first, CVE-2026-25253, CVE-2026-28363) |\n| `g0 scan . --openclaw-audit` | Deployment audit — 27 deployment checks, container deep audit, session forensics, auto-fix |\n| `g0 inventory [path]` | AI Bill of Materials (JSON, Markdown) |\n| `g0 flows [path]` | Agent execution path mapping and toxic flow detection |\n| `g0 mcp [path]` | MCP server assessment and rug-pull detection |\n| `g0 mcp audit-skills [path]` | ClawHub supply-chain audit with per-skill trust scoring |\n| `g0 test` | Dynamic adversarial testing — 1,200+ payloads, CVSS scoring |\n| `g0 endpoint` | Discover AI developer tools and MCP server configurations |\n| `g0 gate [path]` | CI/CD gate — configurable thresholds (`--min-score`, `--min-grade`, `--sarif`) |\n| `g0 daemon` | OpenClaw/MCP monitoring — skill drift, config changes, IOC alerts |\n| `g0 detect` | Detect MDM enrollment, running AI agents, and host hardening posture |\n| `g0 scan . --ci` | Policy-based CI/CD gate with `.g0-policy.yaml` evaluation |\n| `g0 scan . --host-audit` | OS-level host hardening audit (firewall, encryption, SSH) |\n\nAll commands support `--json` for programmatic output.\n\n---\n\n## 🚀 CI/CD Integration\n\n### GitHub Actions\n\n```yaml\nname: AI Agent Assessment\non: [push, pull_request]\n\njobs:\n  assess:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n      - uses: actions/setup-node@v4\n        with:\n          node-version: '20'\n\n      - name: g0 Security Gate\n        run: npx @guard0/g0 gate .\n        # Exits 1 if critical or high findings detected\n```\n\n### Pre-commit Hook\n\n```bash\n# .husky/pre-commit\nnpx @guard0/g0 gate . --quiet\n```\n\ng0 gate supports `--min-score`, `--min-grade`, `--sarif`, and config-based `fail_on`. For complete accountability — PR-level annotations and trend tracking → [Guard0 Platform](https://guard0.ai/early-access).\n\nSee [docs/ci-cd.md](docs/ci-cd.md) for GitLab CI, Jenkins, and more.\n\n---\n\n## ⚙️ Configuration\n\nCreate a `.g0.yaml` in your project root:\n\n```yaml\nmin_score: 70\nrules_dir: ./rules          # Custom rules directory\nexclude_rules:\n  - AA-GI-001\nexclude_paths:\n  - tests/\n  - node_modules/\n```\n\n---\n\n## Programmatic API\n\n```typescript\nimport { runScan, runTests } from '@guard0/g0';\n\n// Static assessment\nconst scan = await runScan({ targetPath: './my-agent' });\nconsole.log(scan.score.grade);     // 'B'\nconsole.log(scan.findings.length); // 12\n\n// Dynamic adversarial testing\nconst test = await runTests({\n  target: 'http://localhost:3000/api/chat',\n  // For complete accountability → guard0.ai/early-access\n});\nconsole.log(test.summary.passRate);   // 0.986\nconsole.log(test.summary.vulnCount);  // 3\n```\n\nSee [docs/api.md](docs/api.md) for the full SDK reference.\n\n## Output Formats\n\nTerminal (default), JSON, Markdown, and SARIF (`--sarif`). For complete accountability — HTML dashboards and compliance exports → [Guard0 Platform](https://guard0.ai/early-access).\n\n---\n\n## 📚 Documentation\n\n| Document | Description |\n|----------|-------------|\n| [Getting Started](docs/getting-started.md) | Installation, first scan, reading output |\n| [Architecture](docs/architecture.md) | Pipeline overview, module map, data flow |\n| [Rules Reference](docs/rules.md) | All 1,180+ rules — domains, severities, check types |\n| [Custom Rules](docs/custom-rules.md) | YAML rule schema, all 13 check types, examples |\n| [Framework Guide](docs/frameworks.md) | Per-framework detection, patterns, and findings |\n| [Understanding Findings](docs/findings.md) | Finding anatomy, filtering, suppression, triage |\n| [AI Asset Inventory](docs/inventory.md) | AI-BOM, JSON/Markdown, diffing |\n| [OpenClaw Security](docs/openclaw-security.md) | Static scanner, ClawHavoc detection, skill auditing, CVE probes, adversarial testing |\n| [OpenClaw Deployment Guide](docs/openclaw-deployment-guide.md) | Self-hosted hardening, config generation, runtime monitoring |\n| [Enforcement Integrations](docs/enforcement-integrations.md) | Tetragon, Falco, auditd, iptables egress rules, event receiver |\n| [MCP Security](docs/mcp-security.md) | MCP assessment, rug-pull detection, hash pinning |\n| [Dynamic Testing](docs/dynamic-testing.md) | 1,200+ adversarial payloads, CVSS scoring |\n| [Endpoint Assessment](docs/endpoint-monitoring.md) | AI tool discovery, MCP config scanning |\n| [CI/CD Integration](docs/ci-cd.md) | GitHub Actions, GitLab CI, Jenkins, pre-commit |\n| [Programmatic API](docs/api.md) | SDK exports, runScan, runDiscovery, getAllRules |\n| [Scoring Methodology](docs/scoring.md) | Formula, weights, multipliers, grades |\n| [Compliance Mapping](docs/compliance.md) | 10 standards with full domain matrix |\n| [FAQ](docs/faq.md) | Common questions and answers |\n| [Glossary](docs/glossary.md) | Key terms and concepts |\n\n## Contributing\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines on adding rules, framework parsers, and submitting PRs.\n\n## Development\n\n```bash\ngit clone https://github.com/guard0-ai/g0.git\ncd g0\nnpm install\nnpm test\nnpm run build\n```\n\n---\n\n\u003csub\u003eg0 is an open-source project by [Guard0](https://guard0.ai/early-access). The background check is just the beginning — for complete accountability, see the [Guard0 Platform](https://guard0.ai/early-access).\u003c/sub\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fguard0-ai%2Fg0","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fguard0-ai%2Fg0","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fguard0-ai%2Fg0/lists"}