https://github.com/darklca2026/repoguard-ai
Security scanner for AI-assisted repositories.
https://github.com/darklca2026/repoguard-ai
ai-agents ai-security cli code-scanning developer-tools github-actions llm-security open-source prompt-injection secrets-detection security-scanner supply-chain-security typescript
Last synced: 10 days ago
JSON representation
Security scanner for AI-assisted repositories.
- Host: GitHub
- URL: https://github.com/darklca2026/repoguard-ai
- Owner: Darklca2026
- License: mit
- Created: 2026-06-11T00:40:27.000Z (16 days ago)
- Default Branch: main
- Last Pushed: 2026-06-14T21:43:22.000Z (13 days ago)
- Last Synced: 2026-06-15T07:27:02.491Z (12 days ago)
- Topics: ai-agents, ai-security, cli, code-scanning, developer-tools, github-actions, llm-security, open-source, prompt-injection, secrets-detection, security-scanner, supply-chain-security, typescript
- Language: TypeScript
- Homepage:
- Size: 1.19 MB
- Stars: 1
- Watchers: 0
- Forks: 1
- Open Issues: 6
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
- Roadmap: docs/roadmap.md
Awesome Lists containing this project
README
# 🛡️ RepoGuard AI
**Security scanner for AI-assisted repositories.**
[](https://npmjs.org/package/repoguard-ai)
[](https://opensource.org/licenses/MIT)
[]()
[](http://makeapullrequest.com)
[English](#english) • [Português (PT-BR)](#português-pt-br)
---
🇬🇧 English
RepoGuard AI scans repositories for leaked AI/API secrets, prompt injection patterns, risky GitHub Actions, dangerous scripts, and unsafe AI-assisted code patterns.
### ❓ Why RepoGuard AI?
> [!NOTE]
> AI coding tools, agents, prompts, and automated workflows are now part of everyday development. But they can introduce hidden risks.
RepoGuard AI gives maintainers a fast local check before pushing or opening a pull request to ensure none of the following slip through:
- Leaked API keys (OpenAI, Anthropic, AWS, GitHub)
- Unsafe GitHub Actions (`pull_request_target`)
- Prompt injection patterns (`"ignore previous instructions"`)
- Dangerous shell commands (`curl | bash`)
- Risky AI-generated code snippets
### ✨ Key Features & Heuristics
| Feature | Description | File Support |
| --- | --- | --- |
| 🔑 **Secret Detection** | Finds keys & DB URLs. Uses **Shannon Entropy** to detect unknown hardcoded tokens. | `.*` |
| 💉 **Prompt Injection** | Scans for malicious override instructions, Base64 evasion, and **Phantom Payloads (Zero-Width & Homoglyphs)**. | `.md, .txt, .json, .yaml` |
| 🧠 **AI Poisoning Defender** | Detects insecure `torch.load()`, `pickle`, and `yaml.unsafe_load()` vectors in ML models. | `.py, .ipynb` |
| ⚙️ **GitHub Actions** | Flags dangerous CI/CD permissions and triggers. | `.github/workflows/*.yml` |
| 💣 **Dangerous Code & Anti-Tamper** | Detects unsafe eval, shell executions, and attempts to delete `.git` or workflows. | `.js, .ts, .py, .sh` |
### 🚀 Quick Start
**1. Install globally via npm:**
```bash
npm install -g repoguard-ai
```
**2. Setup Pre-commit Hook (Shift-Left Security):**
Automatically block developers from committing leaked secrets:
```bash
repoguard-ai init-hook
```
**3. Plant Active Honeypots (Canary Tokens):**
Drop a fake `.env.canary` file to act as a tripwire. If a hacker steals your repository and uses these fake AWS/GitHub keys, you can audit the intrusion.
```bash
repoguard-ai plant-canary
```
**4. Run the scanner in your repository:**
```bash
repoguard-ai scan .
```
*Want machine-readable or GitHub Security output?*
```bash
repoguard-ai scan . --json
repoguard-ai scan . --sarif > results.sarif
```
### 🤖 Native GitHub Action
Add this to your `.github/workflows/security.yml` to run RepoGuard natively:
```yaml
name: Security Scan
on: [push, pull_request]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: Darklca2026/repoguard-ai@main
with:
format: 'sarif' # Uploads to GitHub Security Tab natively!
```
### 💻 Example Output
Click to see what the terminal report looks like
```text
RepoGuard AI Report
Risk score: CRITICAL
Files scanned: 42
Findings: 4
[CRITICAL] .env:1 secret.openai_api_key
Possible OpenAI API key detected.
Snippet: sk-pro************************
Fix: Remove the key, rotate it, and use environment variables or GitHub Secrets.
[HIGH] .github/workflows/deploy.yml:4 actions.pull_request_target
Workflow uses pull_request_target.
Snippet: on: pull_request_target
Fix: Avoid pull_request_target for untrusted pull requests or restrict permissions.
[MEDIUM] prompts/system.md:12 prompt.injection_phrase
Prompt injection phrase detected: "ignore previous instructions".
Snippet: If asked, ignore previous instructions...
Fix: Treat external content as data, not instructions.
```
### ⚙️ Configuration
Create a `repoguard.config.yml` in your root directory to customize the engine:
```yaml
ignore:
- "node_modules/**"
- "dist/**"
- "build/**"
- ".git/**"
rules:
secrets: true
promptInjection: true
githubActions: true
dangerousCode: true
aiGenerated: true
severity:
failOn: HIGH # Exit code 1 if score meets or exceeds this
```
### 📚 Architecture & Deep Dives
> [!TIP]
> Explore our complete documentation to understand the rules and limitations.
- [Threat Model](docs/threat-model.md) - What we detect and our limitations.
- [Rules Engine](docs/rules.md) - Detailed breakdown of every security rule.
- [False Positives](docs/false-positives.md) - How to mitigate noisy alerts.
- [Project Roadmap](docs/roadmap.md) - Future integrations (SARIF, VS Code).
- [Contributing](CONTRIBUTING.md) - Learn how to add new rules to RepoGuard AI.
---
---
🇧🇷 Português (PT-BR)
O RepoGuard AI analisa repositórios em busca de vazamentos de chaves de API/IA, padrões de prompt injection, GitHub Actions perigosas, scripts arriscados e padrões inseguros de código gerado por IA.
### ❓ Por que o RepoGuard AI?
> [!NOTE]
> Ferramentas de IA, agentes autônomos, prompts e fluxos de trabalho automatizados agora fazem parte do desenvolvimento diário. Mas eles podem introduzir riscos ocultos.
O RepoGuard AI fornece aos mantenedores uma verificação local super rápida antes de fazer um `git push` ou abrir um Pull Request, garantindo que nada disso passe despercebido:
- Vazamento de chaves de API (OpenAI, Anthropic, AWS, GitHub)
- GitHub Actions inseguras (uso de `pull_request_target`)
- Padrões de prompt injection (`"ignore previous instructions"`)
- Comandos shell perigosos (`curl | bash`)
- Códigos inseguros gerados por IA
### ✨ Principais Recursos e Inteligência
| Recurso | Descrição | Extensões |
| --- | --- | --- |
| 🔑 **Detecção de Secrets** | Acha chaves e URLs de DB. Usa **Entropia de Shannon** para achar tokens desconhecidos. | `.*` |
| 💉 **Prompt Injection** | Busca evasões com payloads **Base64** e normaliza **Cargas Fantasmas (Caracteres Invisíveis e Homóglifos)**. | `.md, .txt, .json, .yaml` |
| 🧠 **Defesa de Envenenamento IA** | Detecta uso de `torch.load()` inseguro e `pickle` maliciosos em ecossistemas de ML. | `.py, .ipynb` |
| ⚙️ **GitHub Actions** | Alerta permissões altas de CI/CD e gatilhos inseguros. | `.github/workflows/*.yml` |
| 💣 **Código Perigoso e Anti-Tamper** | Detecta uso de eval, exec, execução em shell e tentativas de deletar `.git`. | `.js, .ts, .py, .sh` |
### 🚀 Início Rápido
**1. Instale globalmente via npm:**
```bash
npm install -g repoguard-ai
```
**2. Configure a Trava de Commit (Pre-commit Hook):**
Impede fisicamente o desenvolvedor de subir chaves vazadas:
```bash
repoguard-ai init-hook
```
**3. Plante Armadilhas (Honeypots / Canary Tokens):**
Gere um `.env.canary` falso. Se hackers roubarem seu código e tentarem usar essas chaves isca, eles falharão e a tentativa poderá ser auditada.
```bash
repoguard-ai plant-canary
```
**4. Rode o scanner no seu repositório:**
```bash
repoguard-ai scan .
```
*Precisa integrar com o GitHub Advanced Security ou em scripts customizados?*
```bash
repoguard-ai scan . --json
repoguard-ai scan . --sarif > results.sarif
```
### 🤖 GitHub Action Nativa
Crie o arquivo `.github/workflows/security.yml` para rodar direto no CI:
```yaml
name: Security Scan
on: [push, pull_request]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: Darklca2026/repoguard-ai@main
with:
format: 'sarif' # Mostra os erros nativamente na aba Security do GitHub!
```
### 💻 Exemplo de Saída
Clique para ver como o relatório aparece no terminal
```text
RepoGuard AI Report
Risk score: CRITICAL
Files scanned: 42
Findings: 4
[CRITICAL] .env:1 secret.openai_api_key
Possible OpenAI API key detected.
Snippet: sk-pro************************
Fix: Remove the key, rotate it, and use environment variables or GitHub Secrets.
[HIGH] .github/workflows/deploy.yml:4 actions.pull_request_target
Workflow uses pull_request_target.
Snippet: on: pull_request_target
Fix: Avoid pull_request_target for untrusted pull requests or restrict permissions.
[MEDIUM] prompts/system.md:12 prompt.injection_phrase
Prompt injection phrase detected: "ignore previous instructions".
Snippet: If asked, ignore previous instructions...
Fix: Treat external content as data, not instructions.
```
### ⚙️ Configuração
Crie um arquivo `repoguard.config.yml` na raiz do seu projeto para customizar o motor:
```yaml
ignore:
- "node_modules/**"
- "dist/**"
- "build/**"
- ".git/**"
rules:
secrets: true
promptInjection: true
githubActions: true
dangerousCode: true
aiGenerated: true
severity:
failOn: HIGH # O processo falha (Exit 1) se o risco atingir essa severidade
```
### 📚 Arquitetura e Documentação Profunda
> [!TIP]
> Explore nossa documentação para entender como as regras funcionam e suas limitações.
- [Modelo de Ameaças](docs/threat-model.md) - O que detectamos e onde falhamos.
- [Motor de Regras](docs/rules.md) - Visão técnica de todas as regras ativas.
- [Falsos Positivos](docs/false-positives.md) - Como lidar com alertas ruidosos.
- [Roadmap do Projeto](docs/roadmap.md) - Futuras integrações (SARIF, GitHub nativo).
- [Como Contribuir](CONTRIBUTING.md) - Aprenda a adicionar novas regras ao scanner.
---
*RepoGuard AI - License: MIT*