Metadata-Version: 2.4
Name: securityagent-core
Version: 4.18.0
Summary: Local-first DLP engine and security layer for AI coding agents. Secures Copilot, Claude Code, Cursor, Windsurf, and any MCP-compatible agent.
Author-email: SecureMind <founders@securemind.live>
License: Proprietary
Project-URL: Homepage, https://securemind.live
Project-URL: Documentation, https://secure-mind-live.github.io/agnostic-security-site/
Project-URL: Repository, https://github.com/secure-mind-live/securityagent-core
Project-URL: Issues, https://github.com/secure-mind-live/securityagent-core/issues
Keywords: security,dlp,ai-agents,llm,copilot,claude-code,cursor,mcp,pii,credentials
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Quality Assurance
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Requires-Python: >=3.11
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: watchdog
Requires-Dist: psutil
Requires-Dist: pydantic>=2.0
Requires-Dist: pypdf
Requires-Dist: openpyxl
Requires-Dist: python-docx
Requires-Dist: pyyaml
Provides-Extra: ml
Requires-Dist: sentence-transformers; extra == "ml"
Requires-Dist: scikit-learn; extra == "ml"
Requires-Dist: joblib; extra == "ml"
Requires-Dist: numpy; extra == "ml"
Provides-Extra: cloud
Requires-Dist: boto3; extra == "cloud"
Requires-Dist: PyJWT; extra == "cloud"
Requires-Dist: cryptography; extra == "cloud"
Provides-Extra: llm
Requires-Dist: ollama; extra == "llm"
Provides-Extra: ocr
Requires-Dist: PyMuPDF; extra == "ocr"
Requires-Dist: pytesseract; extra == "ocr"
Requires-Dist: Pillow; extra == "ocr"
Provides-Extra: dev
Requires-Dist: pytest; extra == "dev"
Requires-Dist: moto; extra == "dev"
Provides-Extra: all
Requires-Dist: securityagent-core[cloud,llm,ml,ocr]; extra == "all"
Dynamic: license-file

# securityagent-core

Shared DLP engine, security skills, and policy enforcement for AI coding agents. Used by [SecurityAgent](https://github.com/kaushikdharamshi/SecurityAgent) and [AgnosticSecurity](https://github.com/kaushikdharamshi/AgnosticSecurity).

## What's inside

| Package | What it does |
|---|---|
| `endpoint_agent/` | DLP engine — file blocking (60+ path patterns), confidence-scored content scanning (PII, credentials, semantic disclosure detection) with structural validators (Luhn, SSA rules, entropy) and context-aware scoring, **data flow taint tracking** (tags sensitive data at ingress, detects at egress via hash/n-gram/substring matching), **tool call argument scanning** (MCP/function call DLP + taint registry), behavioral monitoring (8-signal anomaly scoring), honeypot traps, credential scanning. LLM intent analysis with llama3.1:8b default + fallback chain. Notebook-aware `.ipynb` extraction. PDF extraction via 3-tier pipeline (PyMuPDF → Tesseract OCR → pypdf fallback) with encrypted PDF detection |
| `skills/` | Agent-agnostic MCP skills — `secure_read`, `secure_exec`, `analyze_prompt`, `scan_output`, `check_policy`, `get_session_policy`, `audit_log` |
| `policy/` | Policy engine — per-session least privilege, behavioral chain detection (11 attack patterns), audit trail with agent attribution. Obsidian vault integration via `memory_bridge.py` for cross-session policy context |
| `obsidianMemory/` | Obsidian vault — daily session logs, second-brain knowledge base, used by `memory_bridge.py` for persistent threat/policy tracking |
| `plugin.py` | Standalone CLI entry point + `validate_exec()`, `validate_prompt()`, `validate_output()` pure functions |

## Install

```bash
pip install git+https://github.com/kaushikdharamshi/securityagent-core.git

# With optional dependencies
pip install "securityagent-core[cloud] @ git+https://github.com/kaushikdharamshi/securityagent-core.git"
pip install "securityagent-core[llm] @ git+https://github.com/kaushikdharamshi/securityagent-core.git"
```

## Usage

### Python SDK

```python
from skills.adapters.python_sdk import SecurityAgentSDK

sdk = SecurityAgentSDK(agent_id="my-agent", agent_type="langchain")

# DLP-gated file read
result = sdk.secure_read("/path/to/file")

# Command validation
result = sdk.secure_exec("ls -la")

# Prompt intent analysis
result = sdk.analyze_prompt("Get me all customer SSNs")
```

### MCP Server

```bash
python -m skills.adapters.mcp_server  # after pip install
```

Any MCP-compatible client (Claude Code, Copilot, custom agents) can connect via stdio JSON-RPC.

### CLI

```bash
python -m plugin ~/.env                                    # File read gate
python -m plugin --exec "cat ~/.env"                       # Exec validation
python -m plugin --prompt "Get all passwords"              # Prompt analysis
python -m plugin --skill secure_read --params '{"path":"~/.env"}'  # Skills layer
python -m plugin --mcp-server                              # MCP server
```

### Claude Code Integration

See [`integrations/claude_code/`](integrations/claude_code/) for PreToolUse hook configuration.

## Tests

```bash
pip install -e ".[dev]"
pytest
```
