Skip to content

akluth/agentguard

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AgentGuard

Your AI coding agent moves fast. AgentGuard checks the blast radius.

AgentGuard is a local CLI tool that scans Git diffs and produces a risk report for code changes, especially changes produced by AI coding agents such as Codex, Claude Code, Cursor, Devin, Aider, OpenHands, and similar tools.

It does not replace human review. It tells humans where to look first.

What AgentGuard does

AgentGuard reads your local Git diff, applies deterministic rules, and reports whether the change looks LOW, MEDIUM, or HIGH risk. It highlights risky files, triggered rules, affected areas, review checklist items, suggested tests, and whether CI should fail based on your chosen threshold.

It runs locally. It does not call an LLM API, require network access, or send code anywhere.

Why this exists

AI coding agents are getting very good at producing code quickly.

That also means they can quickly change authentication logic, database migrations, deployment files, payment flows, and secrets handling before a reviewer has fully understood the blast radius.

AgentGuard is a small local panic light for dangerous diffs.

Quick start

go run ./cmd/agentguard scan

Scan against a base branch:

agentguard scan --base main

Build a local binary:

make build
./bin/agentguard scan

Example output

# AgentGuard Report

**Version:** 0.1.0  
**Overall risk:** HIGH  
**Risk score:** 82  

## Summary

This change touches authentication and database migration files. Human review should focus on access control, rollback safety, and missing regression tests.

CLI usage

agentguard scan
agentguard scan --base main
agentguard scan --format markdown
agentguard scan --format json
agentguard scan --fail-on high
agentguard scan --fail-on medium
agentguard version
agentguard help

Default behavior:

agentguard scan

This scans the current working tree diff against HEAD.

--base main scans the diff between the current branch and main using git diff main...HEAD.

Exit codes:

  • 0: successful scan, no threshold failure
  • 1: successful scan, risk is equal to or higher than --fail-on
  • 2: execution error, invalid arguments, Git error, or internal error

Risk model

AgentGuard uses a deterministic score-based model:

  • LOW: 0 to 29
  • MEDIUM: 30 to 69
  • HIGH: 70 to 100

The engine considers changed file paths, diff content, changed file count, additions, deletions, tests, dependencies, CI, infrastructure, authentication, payments, migrations, secrets, and permissions.

What AgentGuard detects

  • Authentication and authorization changes
  • Payments and billing changes
  • Database migrations and schema changes
  • Secrets and credentials
  • Infrastructure and deployment changes
  • Dependency manifest and lockfile changes
  • Deleted tests
  • Risky changes without accompanying tests
  • Large diffs and many-file changes
  • Documentation-only changes

CI usage

For v0.1.0, run AgentGuard as a local Go command in CI:

- name: Run AgentGuard
  run: go run ./cmd/agentguard scan --fail-on high

To fail on medium or high risk:

- name: Run AgentGuard
  run: go run ./cmd/agentguard scan --fail-on medium

JSON output

agentguard scan --format json

JSON field names are stable for automation:

{
  "tool": "AgentGuard",
  "version": "0.1.0",
  "overall_risk": "HIGH",
  "risk_score": 85,
  "changed_files_count": 7,
  "additions": 220,
  "deletions": 54,
  "changed_files": ["internal/auth/session.go"],
  "affected_areas": ["Authentication / Authorization"],
  "triggered_rules": [
    {
      "id": "auth-change",
      "severity": "HIGH",
      "reason": "Changed files or diff content contain authentication-related terms."
    }
  ],
  "review_checklist": ["Verify that protected routes remain protected."],
  "suggested_tests": ["Add regression tests for unauthorized users."],
  "summary": "This change touches authentication / authorization. Human review should focus there first."
}

Versioning

The current version is 0.1.0.

AgentGuard keeps the project version fixed until it is intentionally changed. The CLI exposes the current version with:

agentguard version
agentguard --version
agentguard -v

What AgentGuard is not

AgentGuard is not a security scanner. AgentGuard is not a replacement for code review. AgentGuard is not an LLM wrapper. AgentGuard does not send your code anywhere. AgentGuard is not perfect.

It is a fast local signal that tells you when a diff deserves extra attention.

Roadmap

  • Config file support
  • GitHub PR comment mode
  • SARIF output
  • Custom rule packs
  • Language-specific analyzers
  • Optional LLM-assisted explanation mode
  • GitHub Action
  • Baseline support
  • Monorepo-aware scoring

Contributing

Issues and pull requests are welcome. Keep changes deterministic, local-first, and easy to review. New rules should include tests and stable rule IDs.

Run the full local check before submitting:

gofmt -w ./cmd ./internal
go test ./...
go vet ./...
go build ./cmd/agentguard

License

MIT License. See LICENSE.

About

AgentGuard is a local CLI tool that scans Git diffs and produces a risk report for code changes, especially changes produced by AI coding agents such as Codex, Claude Code, Cursor, Devin, Aider, OpenHands, and similar tools.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors