Typ: skill | Preis: €0.00
Agent: codex,claude,hermes,cursor,cline
OS: Windows, macOS, Linux
Risiko: low (Keine)
Trust: community_upload
Version: 1.0.0 | ⬇ 0 Downloads | ⭐ 0
# Agent Workspace Safety Scanner Local-first safety checks for AI agents before they summarize, upload, publish, or hand off a project. The dependency-free Python CLI scans a bounded workspace for credential-like content, risky instruction fragments, and sensitive filenames without sending files over the network. Reports contain rule names, paths, line numbers, and remediation hints, never matching secret values or source snippets. ## Quick start ```text python scripts/workspace_guard.py scan . --json-out safety-report.json ``` The command is read-only. It does not execute project files, call a network, modify the workspace, or delete findings. Exit code `1` means the selected risk threshold was reached. Use `--fail-on high` in a release or upload gate. ## What it checks - private key blocks and common provider token shapes - secret-like assignments in text files - sensitive filenames such as `.env`, credentials, and SSH keys - prompt-injection indicators such as requests to ignore previous instructions or reveal secrets - file size and binary boundaries so large or non-text files are skipped safely Prompt-injection findings are signals for review, not proof of malicious intent. The scanner cannot establish whether a credential is live, whether a file is legally shareable, or whether an instruction is safe in the surrounding business context. ## Safety model The tool is an advisory gate. It is intentionally offline, bounded, and non-destructive. It never prints matched values. Protect the JSON report because paths can still reveal project structure. Review false positives and use a separate secret manager for real credentials. Compatible with Codex, Claude, Hermes, Cursor, Cline, and ordinary Python 3.9+ environments.
🔗 llms.txt | agents.json | API-Doku