Tag: #devsecops
9 packages • ⭐ 6,235 total stars
754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Cop
Open-source Python, TypeScript, and Go SAST with dead code detection. Finds secrets, exploitable flows, and AI regressions. VS Code extension, GitHub Action, and MCP server for AI agents.
AI-first security scanner with 76 analyzers, 9,600+ detection rules, and repo poisoning detection for AI/ML, LLM agents, and MCP servers. Scan any GitHub repo with: medusa scan --git user/repo
Security scanner for AI-generated ("vibe-coded") code. Runs SAST, DAST, and sandboxed exploit simulation across 15+ languages using 30+ tools. Catches what LLMs introduce before it ships — wit
Deterministic CI scanner and surface-risk scoring for MCP (Model Context Protocol) servers.
Security scanner for MCP server configurations. Detects secrets, CVEs, permission issues, and exfiltration vectors across 10 AI tool clients.
Security guardrails for Claude Code, MCP tools, and Claude cowork workflows. Local-first modular YARA-style guard packs for secrets, exfiltration, prompt injection, MCP abuse, and risky agent actions.
Control plane for governed AI coding: validate agent changes, enforce policy, track findings, and ship with proof.
Scan and fix vulnerabilities in Python, JavaScript, TypeScript, Go, and Java code using AI-powered analysis with 200 built-in security rules.