{"id":47234830,"url":"https://github.com/opena2a-org/opena2a","last_synced_at":"2026-04-29T22:04:19.202Z","repository":{"id":340827770,"uuid":"1167807763","full_name":"opena2a-org/opena2a","owner":"opena2a-org","description":"Open-source security tools for AI agents. Find vulnerabilities, fix root causes, prove compliance.","archived":false,"fork":false,"pushed_at":"2026-04-22T01:05:17.000Z","size":17034,"stargazers_count":14,"open_issues_count":1,"forks_count":5,"subscribers_count":2,"default_branch":"main","last_synced_at":"2026-04-22T01:19:53.498Z","etag":null,"topics":["agent-security","ai-agents","ai-security","claude-code","compliance","copilot","credential-protection","cursor","llm-security","mcp","open-source","security-tools","vulnerability-scanner"],"latest_commit_sha":null,"homepage":"https://opena2a.org","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/opena2a-org.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-26T17:51:29.000Z","updated_at":"2026-04-22T01:05:08.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/opena2a-org/opena2a","commit_stats":null,"previous_names":["opena2a-org/opena2a"],"tags_count":38,"template":false,"template_full_name":null,"purl":"pkg:github/opena2a-org/opena2a","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opena2a-org%2Fopena2a","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opena2a-org%2Fopena2a/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opena2a-org%2Fopena2a/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opena2a-org%2Fopena2a/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/opena2a-org","download_url":"https://codeload.github.com/opena2a-org/opena2a/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opena2a-org%2Fopena2a/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32119065,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-22T00:31:26.853Z","status":"online","status_checked_at":"2026-04-22T02:00:05.693Z","response_time":58,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent-security","ai-agents","ai-security","claude-code","compliance","copilot","credential-protection","cursor","llm-security","mcp","open-source","security-tools","vulnerability-scanner"],"created_at":"2026-03-13T22:03:48.826Z","updated_at":"2026-04-29T22:04:19.196Z","avatar_url":"https://github.com/opena2a-org.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003e **[OpenA2A](https://github.com/opena2a-org/opena2a)**: [CLI](https://github.com/opena2a-org/opena2a) · [HackMyAgent](https://github.com/opena2a-org/hackmyagent) · [Secretless](https://github.com/opena2a-org/secretless-ai) · [AIM](https://github.com/opena2a-org/agent-identity-management) · [Browser Guard](https://github.com/opena2a-org/AI-BrowserGuard) · [DVAA](https://github.com/opena2a-org/damn-vulnerable-ai-agent)\n# opena2a\n\nOpen-source security platform for AI agents. Installed as `opena2a-cli` on npm.\n\n```bash\nnpx opena2a-cli review\n```\n\n```\n  OpenA2A Security Review  v0.8.21\n\n  Findings\n  -----------------------------------------------\n  Credential scan        3 hardcoded keys\n  Shadow AI              2 agents, 4 MCP servers\n  Config integrity       unsigned\n  Governance             no SOUL.md\n  -----------------------------------------------\n  Security Score   30 / 100  -\u003e 85 by running opena2a protect\n\n  Run: opena2a protect    (fix all findings)\n```\n\n![opena2a review](docs/images/review-demo.gif)\n\n[All demos](https://opena2a.org/demos)\n\nInstall globally if you prefer:\n\n```bash\nnpm install -g opena2a-cli\nbrew tap opena2a-org/tap \u0026\u0026 brew install opena2a\n```\n\n## Built-in Help\n\nYou do not need this README. The CLI has built-in discovery:\n\n```bash\nopena2a ?                           # Contextual recommendations for your project\nopena2a ~shadow ai                  # Semantic search across all commands\nopena2a \"find leaked credentials\"   # Natural language command matching\nopena2a                             # Interactive guided wizard (no args)\n```\n\n## Commands\n\n| Command | What it does |\n|---------|-------------|\n| `opena2a review` | Full security dashboard — HTML report, 6-phase assessment |\n| `opena2a detect` | Find shadow AI agents, MCP servers, AI configs. Governance score. |\n| `opena2a protect` | Fix everything — credentials, .gitignore, config signing |\n| `opena2a init` | Read-only security assessment with trust score |\n| `opena2a identity create` | Cryptographic identity for your project |\n| `opena2a harden-soul` | Generate SOUL.md governance rules |\n| `opena2a scan` | 238 security checks via HackMyAgent |\n| `opena2a shield init` | Full security setup — all of the above, one command |\n\nFull command reference: [opena2a.org/docs](https://opena2a.org/docs)\n\n## Ecosystem\n\nEach command routes to a specialized tool, installed on first use:\n\n| Command | Tool | Description |\n|---------|------|-------------|\n| `detect` | Shadow AI | Discover AI agents, MCP servers, AI configs |\n| `identity` | [AIM](https://github.com/opena2a-org/agent-identity-management) | Cryptographic identity, audit logs, trust scoring |\n| `scan` | [HackMyAgent](https://github.com/opena2a-org/hackmyagent) | 238 security checks, 164 attack payloads, auto-fix |\n| `scan-soul` | SOUL Scanner | 72 governance controls, 9 domains, 6 profiles |\n| `harden-skill` | Skill Hardener | Frontmatter validation, permission scoping, integrity pinning |\n| `secrets` | [Secretless AI](https://github.com/opena2a-org/secretless-ai) | Credential management for AI coding tools |\n| `mcp` | MCP Security | Audit, sign, and verify MCP server configurations |\n| `benchmark` | [OASB](https://github.com/opena2a-org/open-agent-security-benchmark) | 222 attack scenarios, compliance scoring |\n| `train` | [DVAA](https://github.com/opena2a-org/damn-vulnerable-ai-agent) | Vulnerable AI agent for security training |\n| `create` | Skill Scaffolding | Secure skill templates with signing and heartbeat |\n| `guard harden` | [HackMyAgent](https://github.com/opena2a-org/hackmyagent) | Scan skills for hardening issues, auto-fix |\n\n## Use Cases\n\n- [Developer using AI coding tools](docs/use-cases/developer.md) — 5 minutes\n- [Security team assessing AI risk](docs/use-cases/security-team.md) — 10 minutes\n- [MCP server author](docs/use-cases/mcp-server-author.md) — 15 minutes\n- [CI/CD pipeline integration](docs/use-cases/ci-cd.md)\n\n## Docs\n\nFull command reference, Shield subcommands, scope drift detection, behavioral governance, credential patterns, and CI/CD examples: [opena2a.org/docs](https://opena2a.org/docs)\n\n## Requirements\n\n- Node.js \u003e= 18\n- Optional: Docker (for `opena2a train`)\n\n## License\n\nApache-2.0\n\n---\n\n[Website](https://opena2a.org) · [Docs](https://opena2a.org/docs) · [Discord](https://discord.gg/uRZa3KXgEn) · [GitHub](https://github.com/opena2a-org/opena2a)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopena2a-org%2Fopena2a","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopena2a-org%2Fopena2a","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopena2a-org%2Fopena2a/lists"}