agent-shield 0.8.0

Security scanner for AI agent extensions — offline-first, multi-framework, SARIF output
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105

//! Supply chain analysis: lockfile presence, version pinning, typosquat detection.

use crate::ir::dependency_surface::{DependencyIssue, DependencyIssueType, DependencySurface};

/// Well-known Python package names for typosquat comparison.
const POPULAR_PYTHON_PACKAGES: &[&str] = &[
    "requests",
    "flask",
    "django",
    "numpy",
    "pandas",
    "scipy",
    "boto3",
    "fastapi",
    "uvicorn",
    "httpx",
    "aiohttp",
    "pillow",
    "pydantic",
    "sqlalchemy",
    "celery",
    "redis",
    "psycopg2",
    "pytest",
    "setuptools",
    "cryptography",
    "paramiko",
    "pyyaml",
    "jinja2",
    "beautifulsoup4",
    "selenium",
    "scrapy",
    "tensorflow",
    "pytorch",
    "transformers",
    "langchain",
    "openai",
    "anthropic",
];

/// Well-known npm package names for typosquat comparison.
const POPULAR_NPM_PACKAGES: &[&str] = &[
    "express",
    "react",
    "lodash",
    "axios",
    "chalk",
    "commander",
    "next",
    "typescript",
    "webpack",
    "eslint",
    "prettier",
    "jest",
    "mongoose",
    "sequelize",
    "prisma",
    "fastify",
    "socket.io",
    "dotenv",
    "cors",
    "jsonwebtoken",
    "bcrypt",
    "nodemailer",
    "openai",
    "langchain",
    "zod",
    "drizzle-orm",
];

/// Check dependencies for typosquat candidates.
///
/// Returns issues for any dependency whose name is within Levenshtein
/// distance 1-2 of a known popular package but is not an exact match.
pub fn check_typosquats(deps: &DependencySurface) -> Vec<DependencyIssue> {
    let mut issues = Vec::new();

    let all_popular: Vec<&str> = POPULAR_PYTHON_PACKAGES
        .iter()
        .chain(POPULAR_NPM_PACKAGES.iter())
        .copied()
        .collect();

    for dep in &deps.dependencies {
        let name = dep.name.to_lowercase();
        for &popular in &all_popular {
            if name == popular {
                continue;
            }
            let distance = levenshtein::levenshtein(&name, popular);
            if distance > 0 && distance <= 2 {
                issues.push(DependencyIssue {
                    issue_type: DependencyIssueType::PossibleTyposquat,
                    package_name: dep.name.clone(),
                    description: format!(
                        "Package '{}' is similar to popular package '{}' (edit distance {})",
                        dep.name, popular, distance
                    ),
                });
            }
        }
    }

    issues
}