Metadata-Version: 2.4
Name: lurkr
Version: 0.2.0
Summary: Lurkr — pre-deployment scanner for risky AI agent capabilities. Static. Offline. Redacted.
Author: AgentVeil Protocol contributors
License-Expression: MIT
Project-URL: Homepage, https://agentveil.dev
Project-URL: Repository, https://github.com/agentveil-protocol/lurkr
Project-URL: Issues, https://github.com/agentveil-protocol/lurkr/issues
Project-URL: Documentation, https://github.com/agentveil-protocol/lurkr#readme
Keywords: security,agent,mcp,ai-agents,github-actions,static-analysis,pre-deployment
Classifier: Development Status :: 3 - Alpha
Classifier: Environment :: Console
Classifier: Intended Audience :: Developers
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Programming Language :: Python :: 3.14
Classifier: Topic :: Security
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: PyYAML<7,>=6.0.1
Provides-Extra: test
Requires-Dist: jsonschema>=4.0; extra == "test"
Requires-Dist: pytest>=8; extra == "test"
Provides-Extra: validation
Requires-Dist: jsonschema>=4.0; extra == "validation"
Dynamic: license-file

# Lurkr

**Find what your agent can touch before you deploy it.**

Lurkr is a pre-deployment, static, local-only scanner that flags risky
AI-agent and GitHub-workflow capability issues. No telemetry, no network
calls, no project code execution. Reports are redacted by default.

## Quick Start

```bash
pip install lurkr
lurkr scan --path . --output report.json
cat report.json
```

To fail CI when findings meet a threshold:

```bash
lurkr scan --path . --output report.json --fail-on high
```

## Current Scope

v0.2 includes ten high-severity rules across GitHub workflows, agent manifests,
identity files, and bounded Python agent-source analysis.

Lurkr is read-only, offline, telemetry-free, and static-only. It does not
modify scanned files, execute project code, or send repository data over the
network.

## Links

- Repository: https://github.com/agentveil-protocol/lurkr
- Documentation: https://github.com/agentveil-protocol/lurkr#readme
- Issues: https://github.com/agentveil-protocol/lurkr/issues
