Metadata-Version: 2.4
Name: pyguard-ai
Version: 0.2.0
Summary: AI-powered PyPI supply chain security scanner
Author-email: Rajveer Rathod <rathodrajveer1311@gmail.com>
License: MIT
License-File: LICENSE
Keywords: cli,pypi,scanner,security,supply-chain
Classifier: Development Status :: 4 - Beta
Classifier: Environment :: Console
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Security
Requires-Python: >=3.11
Requires-Dist: anthropic>=0.51
Requires-Dist: docker>=7.1
Requires-Dist: httpx<0.29,>=0.28
Requires-Dist: packaging<25.0,>=24.0
Requires-Dist: pydantic<3.0,>=2.11
Requires-Dist: rich<15.0,>=14.0
Requires-Dist: typer<0.17,>=0.16
Provides-Extra: dev
Requires-Dist: black<26.0,>=25.1; extra == 'dev'
Requires-Dist: mypy<2.0,>=1.16; extra == 'dev'
Requires-Dist: pre-commit<5.0,>=4.2; extra == 'dev'
Requires-Dist: pytest-asyncio<2.0,>=1.0; extra == 'dev'
Requires-Dist: pytest-cov<7.0,>=6.1; extra == 'dev'
Requires-Dist: pytest<9.0,>=8.3; extra == 'dev'
Requires-Dist: ruff<0.12.0,>=0.11.0; extra == 'dev'
Description-Content-Type: text/markdown

# pyguard

`pyguard` is a PyPI supply chain scanner focused on malicious-package detection, not just known CVEs.

## Current scope

This repository now includes:

- A working `pyguard scan` CLI
- Core data models and scan orchestration
- Layer 1 static analysis baseline
- JSON and terminal reporting
- Project tooling, CI, and test scaffolding

## Quick start

```bash
python -m venv .venv
source .venv/bin/activate
pip install -e .[dev]
pyguard scan requests==2.31.0
pytest
```

## Roadmap

The implementation follows the multi-phase plan for:

- Layer 1 static analysis
- Layer 2 AI-assisted analysis
- Layer 3 sandbox runtime analysis
- CI/CD integrations and reporting outputs

