Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
190 commits
Select commit Hold shift + click to select a range
deb698b
add openai project header
smoy Jun 10, 2026
76eea23
fix(mcp): treat allowed-tools as a permission declaration for LP3
CharmingGroot Jun 12, 2026
0eeae6f
fix(llm): isolate batch failures in Stage 2 and keep unanalysed findings
nyxst4ck Jun 12, 2026
358cbb6
docs: correct stale analyzer status and dangling references
AbhiramDwivedi Jun 14, 2026
20a330d
ci: add GitHub Actions CI/CD workflow
AbhiramDwivedi Jun 14, 2026
c54d6e7
security(meta_analyzer): add severity-gated floor to apply_filter
AbhiramDwivedi Jun 14, 2026
4eee3c0
docs: document the integration contract and trust model
AbhiramDwivedi Jun 14, 2026
cd539bf
fix(meta-analyzer): keep LLM-confirmed findings when model returns en…
JiayingHuang Jun 15, 2026
7f4a695
Fix Windows path separators and console encoding
dc995 Jun 16, 2026
bc6c542
fix(build_context): use forward-slash component paths (cross-platform)
AbhiramDwivedi Jun 17, 2026
c4a92ff
feat(providers): local agent-CLI providers (claude/codex/gemini), no …
AbhiramDwivedi Jun 17, 2026
aaeff23
fix: use OpenAI default model for OpenAI fallback
sjh9714 Jun 14, 2026
63a074b
fix(meta_analyzer): parse stringified findings array from LLM
matt-appno Jun 18, 2026
e96d3c6
feat(analyzer): add agent snooping detector (AS1/AS2/AS3)
Shrotriya-lalit Jun 18, 2026
17a4a9d
fix(P2): add bidi control character detection (CVE-2021-42574 / Troja…
Shrotriya-lalit Jun 18, 2026
d3990fe
fix(schemas): normalize confidence from 0-100 scale before Pydantic v…
Shrotriya-lalit Jun 18, 2026
9b9d33f
fix(supply-chain): require relative edit distance for SC6 typosquat d…
yonatangross Jun 19, 2026
f6f816f
feat: implement MCP rug pull analyzer and unit tests
akshatmishra-data Jun 19, 2026
f38b975
fix(mcp): anchor TP3 loopback URL exemption to a host boundary
jichaowang02-lang Jun 20, 2026
5b6a8b9
fix(analyzers): resolve import aliases in AST and taint analyzers
zied-jlassi Jun 20, 2026
f4ffac5
fix: validate trusted source hosts for SC2
Bortlesboat Jun 20, 2026
d7e0a12
fix: restrict Python version to <3.14 due to jsonschema-rs/PyO3 incom…
tcconnally Jun 20, 2026
b72a5f0
fix(sc4): surface OSV.dev fallback warnings and add configurable timeout
tcconnally Jun 20, 2026
e103841
fix(sc4): pass version to OSV for all requirement operators, not just…
tcconnally Jun 20, 2026
ff128f4
feat: support uv tool install and document in README
tcconnally Jun 20, 2026
3b44bb7
chore: add perseus-ctx and mimir-mcp to popular PyPI packages
tcconnally Jun 20, 2026
c8e1626
feat(provider): add anthropic_proxy provider for Vertex-style raw-pre…
alenjosesr Jun 21, 2026
42e75fe
fix(providers): stabilize claude CLI output parsing; dedup agy parser
AbhiramDwivedi Jun 21, 2026
ad33dba
feat(report): surface silent LLM-stage degradation
AbhiramDwivedi Jun 21, 2026
127bc24
refactor(report): complete LLM-degradation coverage (TP4, SARIF, type…
AbhiramDwivedi Jun 21, 2026
2eb03c4
fix(meta_analyzer): construct chat model inside try so failure degrad…
AbhiramDwivedi Jun 21, 2026
ad3a717
fix(report): fail closed — a degraded deep scan can never report SAFE
AbhiramDwivedi Jun 21, 2026
84e69e4
fix(sc4): add global _last_query_ok declaration, validate env var, de…
tcconnally Jun 21, 2026
c184c2a
feat: drop ge/le schema bounds on LLM finding confidence and start_line
wernerkasselman-au Jun 21, 2026
d7fe42b
ci: fix DCO check bypass and harden the CI workflow
AbhiramDwivedi Jun 22, 2026
d4ea814
docs: sweep remaining internal design-doc (SADD) references; fix stal…
AbhiramDwivedi Jun 22, 2026
714e266
docs(providers): document codex read-only scope; make CLI chat-model …
AbhiramDwivedi Jun 22, 2026
bd2a276
Merge pull request #128 from alenjosesr/feat/anthropic-proxy-provider
rng1995 Jun 22, 2026
afb9449
Merge pull request #119 from tcconnally/fix/python-version-constraint
rng1995 Jun 22, 2026
bade36e
Merge pull request #118 from Bortlesboat/fix/trusted-source-url-host-…
rng1995 Jun 22, 2026
87ab526
Merge pull request #115 from zied-jlassi/fix/import-alias-evasion-ast…
rng1995 Jun 22, 2026
25eb3d7
Merge pull request #113 from jichaowang02-lang/fix/tp3-loopback-host-…
rng1995 Jun 22, 2026
1bd530c
Merge pull request #91 from matt-appno/fix/meta-analyzer-stringified-…
rng1995 Jun 22, 2026
d0c874f
Merge pull request #92 from Shrotriya-lalit/fix/issue-39-bidi-control…
rng1995 Jun 22, 2026
4734bb3
Merge pull request #96 from Shrotriya-lalit/fix/issue-75-agent-snoopi…
rng1995 Jun 22, 2026
7fbe306
Merge pull request #104 from yonatangross/fix/sc6-typosquat-relative-…
rng1995 Jun 22, 2026
01d77ac
Merge PR #120: fix SC4 OSV silent-fallback detection
rng1995 Jun 22, 2026
54d9074
Merge PR #87: use Path.as_posix() for build_context paths (#86)
rng1995 Jun 22, 2026
3df201b
Merge pull request #133 from wernerkasselman-au/fix/structured-output…
rng1995 Jun 22, 2026
8a97cce
fix(scoring): prevent risk score saturation via per-rule diminishing …
mimran-khan Jun 22, 2026
26d1a9a
feat(yara): add agent skill abuse signatures (#1)
debugactiveprocess Jun 22, 2026
16eb3cc
Merge branch 'main' into smoy/feat-support-openai-projectid
smoy Jun 22, 2026
2186e45
Merge pull request #139 from mimran-khan/fix/scoring-saturation-134
rng1995 Jun 22, 2026
6c05a29
Merge pull request #70 from JiayingHuang/fix/meta-analyzer-end-line-m…
rng1995 Jun 22, 2026
d56ef81
Merge pull request #23 from smoy/smoy/feat-support-openai-projectid
rng1995 Jun 22, 2026
a2009a6
fix(findings): deduplicate cross-analyzer findings before scoring
mimran-khan Jun 22, 2026
e6620ea
fix(dedup): apply deduplication to score computation only, preserve a…
mimran-khan Jun 22, 2026
51f1649
fix(static-patterns): filter false positives from documentation and c…
mimran-khan Jun 22, 2026
47e4942
fix(static-patterns): restrict code-example hard-drop to non-executab…
mimran-khan Jun 22, 2026
d1e0c6c
feat(cli): add --recursive flag for multi-skill directory scanning
mimran-khan Jun 22, 2026
484af22
fix(multi-skill): address review nits - typing, dead code, help text,…
mimran-khan Jun 22, 2026
2619f14
fix(meta-analyzer): add heuristic fallback filter for --no-llm mode
mimran-khan Jun 22, 2026
805009f
fix(meta-analyzer): add severity floor, downweight instead of drop, f…
mimran-khan Jun 22, 2026
e107cdb
Merge remote-tracking branch 'origin/main' into fix/windows-path-and-…
dc995 Jun 22, 2026
443799c
Sync OSS release snapshot
keshprad Jun 22, 2026
d8a68ee
Sync OSS release snapshot - Merge pull request #162 from NVIDIA/kesha…
keshprad Jun 22, 2026
dfdbf12
feat: add AWS Bedrock provider for Claude via SigV4
risawe Jun 23, 2026
9ba05b5
fix(supply-chain): exclude pyproject metadata keys from dependency ex…
CharmingGroot Jun 12, 2026
356d39c
feat(analyzer): detect skills snooping on the agent ecosystem
CharmingGroot Jun 15, 2026
5dcb392
fix(mcp): feed allowed-tools into LP1 under-declaration check
CharmingGroot Jun 23, 2026
50e2b70
Merge pull request #124 from tcconnally/feat/uv-tool-install-support
rng1995 Jun 23, 2026
6f649c3
Merge pull request #123 from tcconnally/fix/sc4-version-bound-operators
rng1995 Jun 23, 2026
7d6a74b
feat(pi): add SkillSpector scan tool
morus246 Jun 23, 2026
6949d39
fix(P2): detect Unicode Tag-block "ASCII smuggling" hidden instructions
Jun 23, 2026
cb5e8c8
fix(behavioral-ast): detect reflective exec via getattr() literal (AST9)
Jun 23, 2026
3c4a2de
fix(schemas): resolve merge conflicts — combine start_line clamp with…
Shrotriya-lalit Jun 23, 2026
cd1c425
Merge pull request #143 from mimran-khan/fix/no-llm-heuristic-fallbac…
rng1995 Jun 23, 2026
1793429
Merge pull request #142 from mimran-khan/fix/cross-analyzer-deduplica…
rng1995 Jun 23, 2026
4935b6e
Merge pull request #141 from mimran-khan/feat/multi-skill-directory-136
rng1995 Jun 23, 2026
b1586b7
Merge pull request #140 from mimran-khan/fix/static-patterns-document…
rng1995 Jun 23, 2026
154c1e8
fix(scoring): document confidence scaling, sort by severity within ru…
mimran-khan Jun 22, 2026
4d50828
test(scoring): add regression test for input-order-dependent severity…
mimran-khan Jun 23, 2026
d705006
fix(patterns): anchor MP2 regex to prevent catastrophic backtracking
mimran-khan Jun 22, 2026
e4bda28
fix(patterns): skip single-char repetitions in MP2 to avoid separator…
mimran-khan Jun 22, 2026
c34f442
fix(patterns): fix lint and whitespace-bearing stuffing false negative
mimran-khan Jun 23, 2026
c4aab55
fix(input-handler): validate git/download URLs against SSRF and add z…
mimran-khan Jun 22, 2026
f5305b9
fix(input-handler): disable HTTP redirect following to close SSRF bypass
mimran-khan Jun 23, 2026
6bd9c2f
fix(yara): use content hash for rule cache invalidation
mimran-khan Jun 22, 2026
87e2326
fix(static-runner): skip binary/PDF files and filter PE3 .env doc ref…
mimran-khan Jun 22, 2026
dbbdb64
fix(report): filter empty LLM findings and add SARIF rules[] array
mimran-khan Jun 22, 2026
5f3e62b
feat(report): add analysis_completeness field to JSON output
mimran-khan Jun 22, 2026
1b776fe
fix(P2): narrow emoji tag carve-out to ISO-3166-2 codes (close smuggl…
Jun 23, 2026
bc03a21
fix(static-runner): exempt SKILL.md from PE3 .env doc filter
mimran-khan Jun 23, 2026
1c796a5
fix: address non-blocking reviewer nits from #140, #141, #143
mimran-khan Jun 23, 2026
5a70877
Merge pull request #160 from mimran-khan/feat/analysis-completeness-f…
rng1995 Jun 23, 2026
58066f6
Merge pull request #159 from mimran-khan/fix/input-handler-ssrf-valid…
rng1995 Jun 23, 2026
48fbbcd
Merge pull request #158 from mimran-khan/fix/sarif-compliance-and-emp…
rng1995 Jun 23, 2026
5fe9938
Merge pull request #166 from asadbekXodjayev/fix/ast9-reflective-geta…
rng1995 Jun 23, 2026
f62d7eb
Merge pull request #165 from morus246/pi-skillspector-extension
rng1995 Jun 23, 2026
cc7dd87
Merge pull request #93 from Shrotriya-lalit/fix/issue-89-confidence-n…
rng1995 Jun 23, 2026
3a6578f
Merge pull request #156 from mimran-khan/fix/yara-cache-content-hash
rng1995 Jun 23, 2026
4abdf65
Merge pull request #126 from tcconnally/chore/add-known-mcp-packages
rng1995 Jun 23, 2026
9d32136
Merge pull request #105 from Akshatmish/feat/mcp-rug-pull-analyzer
rng1995 Jun 23, 2026
626efaa
Merge pull request #77 from CharmingGroot/feat/agent-snooping-analyzer
rng1995 Jun 23, 2026
3fa300f
Merge pull request #28 from CharmingGroot/fix/pyproject-metadata-deps
rng1995 Jun 23, 2026
c2e5e96
Merge pull request #46 from sjh9714/fix-openai-fallback-model
rng1995 Jun 23, 2026
cb866fc
Merge pull request #51 from AbhiramDwivedi/pr/a2-integration-contract
rng1995 Jun 23, 2026
2d8d4c1
feat(analyzer): add anti-refusal statement detection (AR1-AR3)
ankushchadha Jun 15, 2026
b940fb1
feat: per-slot model env overrides and model validation
mimran-khan Jun 23, 2026
d1150cd
Merge upstream/main into stage2 batch isolation fix
nyxst4ck Jun 23, 2026
8bdc3bc
fix(behavioral): detect builtins.* and importlib.import_module sink e…
zied-jlassi Jun 23, 2026
235c2d0
fix(security)(skillspector): unsafe deserialization via yaml load
tuanaiseo Jun 23, 2026
344e77f
fix(security)(skillspector): potential information disclosure via err…
tuanaiseo Jun 23, 2026
08009b8
Sync OSS release snapshot
keshprad Jun 23, 2026
8f37cfa
Sync OSS release snapshot to 2.3.5
keshprad Jun 23, 2026
1f21083
feat(report): add baseline / false-positive suppression
assinchu Jun 19, 2026
9d4094e
feat(mcp): expose SkillSpector as an MCP server with scan_skill tool
CharmingGroot Jun 13, 2026
f590fca
address review feedback on #106
assinchu Jun 24, 2026
eb0776f
feat(analyzer): detect SSRF (cloud metadata, internal-network, dynami…
CharmingGroot Jun 15, 2026
b6c9e14
Merge pull request #106 from assinchu/feature/baseline-suppression
rng1995 Jun 24, 2026
4195b7c
Merge pull request #65 from ankushchadha/feat/anti-refusal-analyzer
rng1995 Jun 24, 2026
38ea6f9
Merge pull request #54 from AbhiramDwivedi/pr/d-meta-analyzer-suppres…
rng1995 Jun 24, 2026
47c7522
Merge pull request #32 from nyxst4ck/fix/stage2-batch-isolation
rng1995 Jun 24, 2026
dded7d0
feat(analyzer): detect Docker socket access as PE4 privilege escalation
CharmingGroot Jun 24, 2026
a90826e
fix(supply_chain): scan [build-system].requires in pyproject.toml
Shrotriya-lalit Jun 24, 2026
6e84658
Merge upstream/main: add anti-refusal analyzer alongside SSRF
CharmingGroot Jun 24, 2026
6bdf960
test(meta_analyzer): add regression tests for static findings with en…
Shrotriya-lalit Jun 24, 2026
5c7611d
Merge upstream/main: add baseline command alongside mcp command
CharmingGroot Jun 24, 2026
eb65340
Merge pull request #95 from Shrotriya-lalit/fix/issue-2-pyproject-tom…
rng1995 Jun 24, 2026
36e8058
Merge pull request #94 from Shrotriya-lalit/fix/issue-67-apply-filter…
rng1995 Jun 24, 2026
b981592
Merge pull request #63 from CharmingGroot/feat/ssrf-analyzer
rng1995 Jun 24, 2026
a042383
Merge pull request #36 from CharmingGroot/feat/mcp-server
rng1995 Jun 24, 2026
8d47596
docs(mcp): document HTTP transport trust model
CharmingGroot Jun 24, 2026
b19872d
Merge upstream/main: add SSRF test class alongside PE4 test class
CharmingGroot Jun 24, 2026
34309b3
fix(analyzer): deduplicate PE4 findings per line to avoid double-repo…
CharmingGroot Jun 24, 2026
f0b3c89
fix(static-runner): remove .svg from binary extensions
mimran-khan Jun 24, 2026
17edeac
Merge pull request #189 from CharmingGroot/feat/pe4-docker-socket
rng1995 Jun 24, 2026
982afd0
Merge pull request #184 from tuanaiseo/contribai/fix/security/potenti…
rng1995 Jun 24, 2026
ba7c83f
Merge pull request #183 from tuanaiseo/contribai/fix/security/unsafe-…
rng1995 Jun 24, 2026
d9552c3
Merge pull request #157 from mimran-khan/fix/binary-pdf-and-pe3-false…
rng1995 Jun 24, 2026
4aba25a
Merge pull request #53 from AbhiramDwivedi/pr/c-ci-cd
rng1995 Jun 24, 2026
ac6b41b
Merge pull request #83 from dc995/fix/windows-path-and-console-encoding
rng1995 Jun 24, 2026
d59b1e6
Merge remote-tracking branch 'upstream/main' into pr/a1-docs-corrections
AbhiramDwivedi Jun 24, 2026
a1d8011
Merge upstream/main into pr/b-agent-cli-provider
AbhiramDwivedi Jun 24, 2026
23347bf
fix(report): strip ANSI/control bytes from report output
assinchu Jun 24, 2026
46aa15c
feat(analyzer): implement MCP rug-pull detection (RP1-RP3)
tcconnally Jun 20, 2026
1911d82
Merge pull request #154 from mimran-khan/fix/mp2-regex-backtracking
keshprad Jun 24, 2026
7bc9c0f
Merge pull request #153 from mimran-khan/fix/scoring-confidence-docs-…
keshprad Jun 24, 2026
69ac3ba
Sync OSS release snapshot
keshprad Jun 24, 2026
a88d793
Sync OSS release snapshot for 2.3.7
keshprad Jun 25, 2026
ab0431f
Sync OSS release snapshot 2.3.7 - Merge pull request #206 from NVIDIA…
keshprad Jun 25, 2026
a15d4c5
Support Python 3.14
caius72 Jun 25, 2026
d72d59a
feat(analyzer): detect privileged container execution and escape prim…
CharmingGroot Jun 26, 2026
a2b045e
fix(scoring): apply 1.3x multiplier only to findings from executable …
tcconnally Jun 20, 2026
b8240fa
docs(mcp): clarify setup before users choose stdio
rodboev Jun 27, 2026
170065b
feat(analyzer): detect cloud-storage exfiltration as E5
CharmingGroot Jun 27, 2026
c2522e3
feat(analyzer): detect privileged Kubernetes workload deployment as TM4
CharmingGroot Jun 27, 2026
d82ed7f
Merge pull request #187 from assinchu/feature/report-sanitizer
rng1995 Jun 27, 2026
a977ba7
Merge pull request #180 from zied-jlassi/fix/builtins-importlib-sink-…
rng1995 Jun 27, 2026
8cfe32e
Merge pull request #178 from mimran-khan/feat/per-slot-model-and-vali…
rng1995 Jun 27, 2026
e56f325
Merge pull request #172 from mimran-khan/fix/reviewer-nits-followup
rng1995 Jun 27, 2026
96d9198
Merge pull request #167 from asadbekXodjayev/fix/p2-unicode-tag-ascii…
rng1995 Jun 27, 2026
0c4b97d
Merge pull request #125 from tcconnally/feat/mcp-rug-pull-analyzer
rng1995 Jun 27, 2026
eff57b1
Merge pull request #122 from tcconnally/fix/risk-score-per-file-weight
rng1995 Jun 27, 2026
bedff7f
Merge pull request #84 from rcha0s/feat/bedrock-provider
rng1995 Jun 27, 2026
e40d202
fix: address non-blocking reviewer nits from #178 and #179
mimran-khan Jun 25, 2026
e75a115
style: format chat model provider warning
mohgupta-ship-it Jun 27, 2026
fcb3b92
style: fix merge-ref lint failures
mohgupta-ship-it Jun 27, 2026
ad55ceb
Merge pull request #194 from mimran-khan/fix/reviewer-nits-178-179-157
mohgupta-ship-it Jun 27, 2026
430964f
Merge pull request #218 from CharmingGroot/feat/e5-cloud-storage-exfi…
rng1995 Jun 28, 2026
4c3c93d
Merge pull request #216 from rodboev/pr/mcp-docs-install-scope
rng1995 Jun 28, 2026
8550d57
Merge pull request #214 from CharmingGroot/feat/pe5-container-escape
rng1995 Jun 28, 2026
78be329
Merge pull request #193 from CharmingGroot/fix/mcp-http-trust-model
rng1995 Jun 28, 2026
a4e04dc
Merge remote-tracking branch 'upstream/main' into pr/a1-docs-corrections
AbhiramDwivedi Jun 28, 2026
225109e
Merge remote-tracking branch 'upstream/main' into pr/b-agent-cli-prov…
AbhiramDwivedi Jun 28, 2026
e612852
feat(ossf-scorecard): add ossf-scorecard github action integration
smoy Jun 24, 2026
680cc0f
fix(input): support scp-style SSH Git URLs in host validation
rodboev Jun 25, 2026
18a216b
test(input): clarify scp_private_ip test covers allowlist gate
rodboev Jun 25, 2026
d1cb7d3
test(input): add SSRF gate coverage for scp-extracted hosts
rodboev Jun 25, 2026
feb1656
fix(cli): write concatenated multi-skill report to --output for non-J…
rodboev Jun 25, 2026
cc448ee
fix(cli): preserve empty string from _result_body when sarif_report a…
rodboev Jun 25, 2026
be503bb
Merge pull request #220 from CharmingGroot/feat/tm4-k8s-privileged-wo…
rng1995 Jun 30, 2026
db8235c
Merge pull request #210 from caius72/py314-support
rng1995 Jun 30, 2026
e7b7c38
Merge pull request #209 from rodboev/fix/recursive-multiskill-output-203
rng1995 Jun 30, 2026
feaec42
Merge pull request #208 from rodboev/fix/scp-ssh-git-url-202
rng1995 Jun 30, 2026
4b48476
Merge pull request #198 from smoy/feat-ossf-scorecard
rng1995 Jun 30, 2026
4676bfb
Merge pull request #27 from CharmingGroot/fix/lp3-allowed-tools-field
rng1995 Jun 30, 2026
7decce7
Merge pull request #52 from AbhiramDwivedi/pr/b-agent-cli-provider
rng1995 Jun 30, 2026
5df93c5
Merge pull request #50 from AbhiramDwivedi/pr/a1-docs-corrections
rng1995 Jun 30, 2026
d3fac00
Merge remote-tracking branch 'upstream/main' into sync-upstream-2026-…
will-exaforce Jun 30, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 8 additions & 1 deletion .env.example
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ ENV=dev # options: dev|s

# Active LLM provider. Selects which provider answers credentials,
# metadata, and default-model lookups. Leave unset to default to nv_build.
# Options: openai | anthropic | nv_build
# Options: openai | anthropic | anthropic_proxy | nv_build
SKILLSPECTOR_PROVIDER=

# Provider credentials — set the one matching SKILLSPECTOR_PROVIDER (or
Expand All @@ -21,6 +21,13 @@ OPENAI_BASE_URL=
# For SKILLSPECTOR_PROVIDER=anthropic.
ANTHROPIC_API_KEY=

# For SKILLSPECTOR_PROVIDER=anthropic_proxy (Vertex-style raw-predict proxy).
# Supports corporate API gateways, GCP Vertex AI, and self-hosted proxies.
ANTHROPIC_PROXY_ENDPOINT_URL=
ANTHROPIC_PROXY_API_KEY=
# ANTHROPIC_PROXY_API_VERSION=vertex-2023-10-16 # optional; defaults to vertex-2023-10-16
# SKILLSPECTOR_SSL_VERIFY=false # set to false for internal/self-signed CAs

# SkillSpector config
SKILLSPECTOR_MODEL= # leave empty to use the active provider's bundled default (see README); set to override (e.g. gpt-5.2)
# SKILLSPECTOR_MODEL_REGISTRY=./model_registry.yaml # optional override; defaults to each provider's bundled YAML in src/skillspector/providers/
Expand Down
96 changes: 96 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,96 @@
# SPDX-FileCopyrightText: Copyright (c) 2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
# SPDX-License-Identifier: Apache-2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

name: CI

on:
pull_request:
branches: ["main"]
push:
branches: ["main"]

# Least privilege: these jobs only read the repo; no write scopes are needed.
permissions:
contents: read

# Cancel superseded runs when new commits are pushed to the same ref.
concurrency:
group: ci-${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

jobs:
lint-and-test:
name: Lint & Test (Python ${{ matrix.python-version }})
runs-on: ubuntu-latest
# Windows is excluded: the test suite has known path-separator failures
# in build_context that are out of scope for this workflow.
strategy:
fail-fast: false
matrix:
python-version: ["3.12", "3.13", "3.14"]

steps:
- uses: actions/checkout@v4

- name: Set up uv
# Pinned to a full commit SHA (third-party action); comment tracks the tag.
uses: astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86 # v5
with:
enable-cache: true
python-version: ${{ matrix.python-version }}

- name: Install dependencies
run: uv sync --all-extras

- name: Lint with ruff
run: uv run ruff check src/ tests/

- name: Check formatting with ruff
run: uv run ruff format --check src/ tests/

- name: Run unit tests with coverage
run: uv run pytest -m "not integration" --cov=src/skillspector --cov-report=term-missing

dco:
name: DCO Check
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Verify DCO sign-off on all commits
run: |
BASE=${{ github.event.pull_request.base.sha }}
HEAD=${{ github.event.pull_request.head.sha }}
# Iterate SHAs directly rather than piping `git log` into `while read`:
# `git log` does not print a trailing newline after the final record,
# so a read-loop silently skips the last commit — and for a one-commit
# PR (the common case) the body never runs at all, letting an unsigned
# commit pass. A for-loop over the SHA list checks every commit.
status=0
for sha in $(git log --format=%H "${BASE}..${HEAD}"); do
if ! git log -1 --format="%B" "$sha" | grep -q "^Signed-off-by:"; then
echo " missing Signed-off-by: $sha $(git log -1 --format=%s "$sha")"
status=1
fi
done
if [ "$status" -ne 0 ]; then
echo ""
echo "Please add a DCO sign-off (git commit -s) to all commits."
exit 1
fi
echo "All commits have DCO sign-off."
78 changes: 78 additions & 0 deletions .github/workflows/scorecard.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
# This workflow uses actions that are not certified by GitHub. They are provided
# by a third-party and are governed by separate terms of service, privacy
# policy, and support documentation.

name: Scorecard supply-chain security
on:
# For Branch-Protection check. Only the default branch is supported. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
branch_protection_rule:
# To guarantee Maintained check is occasionally updated. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
schedule:
- cron: '40 17 * * 2'
push:
branches: [ "main" ]

# Declare default permissions as read only.
permissions: read-all

jobs:
analysis:
name: Scorecard analysis
runs-on: ubuntu-latest
# `publish_results: true` only works when run from the default branch. conditional can be removed if disabled.
if: github.event.repository.default_branch == github.ref_name || github.event_name == 'pull_request'
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
# Needed to publish results and get a badge (see publish_results below).
id-token: write
# Uncomment the permissions below if installing in a private repository.
# contents: read
# actions: read

steps:
- name: "Checkout code"
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
with:
results_file: results.sarif
results_format: sarif
# (Optional) "write" PAT token. Uncomment the `repo_token` line below if:
# - you want to enable the Branch-Protection check on a *public* repository, or
# - you are installing Scorecard on a *private* repository
# To create the PAT, follow the steps in https://github.com/ossf/scorecard-action?tab=readme-ov-file#authentication-with-fine-grained-pat-optional.
# repo_token: ${{ secrets.SCORECARD_TOKEN }}

# Public repositories:
# - Publish results to OpenSSF REST API for easy access by consumers
# - Allows the repository to include the Scorecard badge.
# - See https://github.com/ossf/scorecard-action#publishing-results.
# For private repositories:
# - `publish_results` will always be set to `false`, regardless
# of the value entered here.
publish_results: true

# (Optional) Uncomment file_mode if you have a .gitattributes with files marked export-ignore
# file_mode: git

# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard (optional).
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
# - name: "Upload to code-scanning"
# uses: github/codeql-action/upload-sarif@v3
# with:
# sarif_file: results.sarif
37 changes: 37 additions & 0 deletions .skillspector-baseline.example.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
# SkillSpector baseline (example)
#
# A baseline suppresses known/accepted findings so re-scans surface only NEW
# issues. Pass it with: skillspector scan <path> --baseline <this-file>
# Generate a fingerprint baseline automatically: skillspector baseline <path>
#
# See docs/SUPPRESSION.md for the full reference. All identifiers below are
# placeholders — replace them with your own rule ids, paths, and reasons.

version: 1

# Glob rules — human-authored, drift-tolerant (survive line/wording changes).
# A finding is suppressed when EVERY field a rule sets glob-matches it.
# Unspecified fields match anything. `reason` is required for auditability.
rules:
# Suppress an entire rule across all skills (global pattern suppression).
- id: "SQP-1"
reason: "Trigger-phrase breadth is a skill-description nit, not a vulnerability"

# Suppress a rule family with a glob, scoped by message substring.
- id: "SQP-*"
message: "*telemetry*"
reason: "First-party internal telemetry; reviewed and accepted"

# Skill/file-scoped suppression of a specific false positive.
- id: "SSD-2"
path: "example-skill/SKILL.md"
message: "*example false-positive phrase*"
reason: "False positive: phrase is a benign trigger, not an instruction"

# Fingerprints — exact, machine-generated suppressions (one per accepted
# finding). Regenerate with `skillspector baseline` when a skill changes.
fingerprints:
- hash: "sha256:0123456789abcdef"
rule_id: "SDI-2"
file: "example-skill/SKILL.md"
reason: "Accepted: reads its own environment ($EXAMPLE_TOKEN) for context"
1 change: 0 additions & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -152,4 +152,3 @@ docker-build:
# Build and smoke test the Docker image
docker-smoke: docker-build
tests/docker/smoke.sh

Loading
Loading