Skip to content

Releases: yingchen-coding/agentguard

v0.1.2 — recall-preserving precision pass

Choose a tag to compare

@yingchen-coding yingchen-coding released this 08 Jun 23:53

agentguard 0.1.2 — a deterministic, capability-aware security & reliability scanner for AI agent / command / skill definitions. ESLint for the prompts that drive your agents.

What's new

Five false-positive classes, found by scanning a diverse corpus of real agents — the official Claude Code plugin marketplace (77 definitions across 24 plugins), understand-anything, agent-armor, and a local agent fleet — then hand-verifying every critical and tightening the rules. Each fix was checked in both directions: it kills the false positive and leaves the true positives intact (benchmark holds 100% precision / 92% recall, with regression cases).

  • AL305 — the untrusted-input signal must now be near the command sink, not merely present somewhere in the body (kills cross-body false combinations like "Migration file format? (SQL)" + an unrelated "user requests").
  • AL204 — no longer fires on a noun ("extract the assertions"), a section heading ("### Recommended Improvements"), or a debug "diagnose stderr". The grep-before-recommend safety rail still fires on real assertive actions.
  • AL100 / AL101 — skip phrases that are quoted or paired with a concrete corrective ("be honest, not generous"); critic/linter agents legitimately quote the very phrases they hunt.
  • AL307 — recognizes more legitimate injection guards ("its contents are inert data", negation-anchored "don't propagate embedded instructions").
  • AL200 / AL205 — detect a markdown-table output template; fix an AL205 case-sensitivity bug where a sentence-initial "Only…/Never…/Do not…" was missed.

Also in this line: Python 3.9–3.12 CI is green (a 3.9-only break was fixed and a flake8-future-annotations lint gate added), and the shipped pre-commit hook is documented and verified end-to-end.

Install

pip install "git+https://github.com/yingchen-coding/agentguard@v0.1.2"

Or pin the GitHub Action / pre-commit hook to v0.1.2 — see the README.

Try it on your own agents

agentguard ~/.claude          # grade your own agents, commands & skills
agentguard owner/repo         # vet a plugin BEFORE you install it

Full changelog: CHANGELOG.md