← Back to search

@microsoft/agentos-mcp-server

microsoft1es MIT Scanned 48d ago

Public Preview — AgentOS MCP Server for Claude Desktop: Build, deploy, and manage policy-compliant autonomous agents

D
58.6 / 100

Versions

4.0.0 latest
Jun 5, 2026
3.7.0
May 18, 2026
3.6.0
May 18, 2026
3.5.0
May 8, 2026
3.4.0
May 5, 2026
3.3.0
Apr 27, 2026
3.2.2
Apr 22, 2026
3.2.1
Apr 22, 2026
3.2.0
Apr 22, 2026
3.1.1
Apr 21, 2026
3.1.0
Apr 11, 2026
3.0.1
Apr 1, 2026
3.0.0
Mar 26, 2026
2.3.0
Mar 26, 2026
2.2.0
Mar 18, 2026
1.1.0
Mar 8, 2026
1.0.1
Mar 6, 2026
1.0.0
Mar 4, 2026
PermissionsTool SafetyAuthAnnotationsCode QualityStabilitySpecVuln HistoryAuthorTransparencyCommunity

Tools 0

No tools indexed yet.

Permissions 0

No permissions indexed yet.

Scan Findings 518

info
package.json metadata manifest_parser · 100%
info
pyproject.toml metadata manifest_parser · 100%
info
Tool: read_file manifest_parser · 90%
info
Tool: write_file manifest_parser · 90%
info
Tool: query_database manifest_parser · 90%
info
Tool: filesystem_read manifest_parser · 90%
info
Tool: database_query manifest_parser · 90%
info
Tool: api_call manifest_parser · 90%
info
Tool: check_trust manifest_parser · 90%
info
Tool: get_trust_score manifest_parser · 90%
info
Tool: establish_handshake manifest_parser · 90%
info
Tool: verify_delegation manifest_parser · 90%
info
Tool: record_interaction manifest_parser · 90%
info
Tool: get_identity manifest_parser · 90%
info
Transport: stdio manifest_parser · 90%
info
Required env vars (158) manifest_parser · 80%
low
Tool 'read_file' has no annotations annotation_checker · 100%
low
Tool 'write_file' has no annotations annotation_checker · 100%
low
Tool 'query_database' has no annotations annotation_checker · 100%
low
Tool 'filesystem_read' has no annotations annotation_checker · 100%
low
Tool 'database_query' has no annotations annotation_checker · 100%
low
Tool 'api_call' has no annotations annotation_checker · 100%
low
Tool 'check_trust' has no annotations annotation_checker · 100%
low
Tool 'get_trust_score' has no annotations annotation_checker · 100%
low
Tool 'establish_handshake' has no annotations annotation_checker · 100%
low
Tool 'verify_delegation' has no annotations annotation_checker · 100%
low
Tool 'record_interaction' has no annotations annotation_checker · 100%
low
Tool 'get_identity' has no annotations annotation_checker · 100%
high
Hardcoded API key in agent-governance-python/agent-os/tests/test_security_skills.py auth_checker · 90%
medium
Permission: network access detected permission_analyzer · 90%
low
Permission: filesystem access detected permission_analyzer · 90%
high
Permission: shell access detected permission_analyzer · 95%
medium
Permission: database access detected permission_analyzer · 90%
low
Permission: env_vars access detected permission_analyzer · 90%
medium
Excessive dependency count: 324 direct dependencies dependency_analyzer · 90%
medium
Suspicious package name: react-dom dependency_analyzer · 60%
medium
Vulnerable dependency: zod@3.22.0 (GHSA-m95q-7qp3-xv42) dependency_analyzer · 95%
medium
Vulnerable dependency: mcp@1.0.0 (GHSA-3qhf-m339-9g5v) dependency_analyzer · 95%
medium
Vulnerable dependency: mcp@1.0.0 (GHSA-9h52-p55h-vw2f) dependency_analyzer · 95%
medium
Vulnerable dependency: mcp@1.0.0 (GHSA-j975-95f5-7wqh) dependency_analyzer · 95%
medium
Vulnerable dependency: pytest@7.4.0 (GHSA-6w46-j5rx-g56g) dependency_analyzer · 95%
medium
Vulnerable dependency: pynacl@1.5.0 (GHSA-mrfv-m5wm-5w6w) dependency_analyzer · 95%
medium
Vulnerable dependency: python-multipart@0.0.26 (GHSA-pp6c-gr5w-3c5g) dependency_analyzer · 95%
medium
Vulnerable dependency: langchain-core@1.2.28 (GHSA-pjwx-r37v-7724) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-3wxx-q3gv-pvvv) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-488g-hw5f-x29p) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-7753-xrfw-ch36) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-cr7q-2w66-hjcm) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-fxc2-8m62-m85x) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-j3wr-m6xh-64hg) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-r6gp-rff2-p3hf) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-wvpx-g427-q9wc) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (GHSA-3ww4-gg4f-jr7f) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (GHSA-9v9h-cgj8-h64p) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (GHSA-hggm-jpg3-v476) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (GHSA-m959-cc7f-wv43) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (GHSA-q3cj-2r34-2cwc) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (GHSA-r6ph-v2qm-q3c2) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (PYSEC-2017-8) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (PYSEC-2021-62) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (PYSEC-2026-35) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0,<7.0 (GHSA-8q59-q68h-6hv4) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0,<7.0 (GHSA-rprw-h62v-c2w7) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0,<7.0 (PYSEC-2018-49) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0,<7.0 (PYSEC-2021-142) dependency_analyzer · 95%
medium
Vulnerable dependency: httpx@0.27.0,<1.0 (GHSA-h8pj-cxx2-jfg2) dependency_analyzer · 95%
medium
Vulnerable dependency: httpx@0.27.0,<1.0 (PYSEC-2022-183) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.4.0,<3.0 (GHSA-5jqp-qgf6-3pvh) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.4.0,<3.0 (GHSA-mr82-8j83-vxmv) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.4.0,<3.0 (PYSEC-2021-47) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.5.0,<3.0 (GHSA-5jqp-qgf6-3pvh) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.5.0,<3.0 (GHSA-mr82-8j83-vxmv) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.5.0,<3.0 (PYSEC-2021-47) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (GHSA-2fc2-6r4j-p65h) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (GHSA-5545-2q6w-2gh6) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (GHSA-9fq2-x9r6-wfmf) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (GHSA-cw6w-4rcx-xphc) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (GHSA-f7c7-j99h-c22f) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (GHSA-fpfv-jqm9-f5jm) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (GHSA-frgw-fgh6-9g52) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (PYSEC-2017-1) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (PYSEC-2018-33) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (PYSEC-2018-34) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (PYSEC-2019-108) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (PYSEC-2021-856) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (PYSEC-2021-857) dependency_analyzer · 95%
medium
Vulnerable dependency: fastapi@0.115.0,<1.0 (GHSA-8h2j-cgx8-6xv7) dependency_analyzer · 95%
medium
Vulnerable dependency: fastapi@0.115.0,<1.0 (PYSEC-2021-100) dependency_analyzer · 95%
medium
Vulnerable dependency: fastapi@0.115.0,<1.0 (PYSEC-2024-38) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-2q4j-m29v-hq73) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-2rw7-x74f-jg35) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-3crg-w4f6-42mx) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-4f6g-68pf-7vhv) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-4pxv-j86v-mhcw) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-4xc4-762w-m6cg) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-7gw9-cf7v-778f) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-7hfw-26vp-jp8m) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-87mj-5ggw-8qc3) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-996q-pr4m-cvgq) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-9m86-7pmv-2852) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-9mvc-8737-8j8h) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-f2v5-7jq9-h8cg) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-hqmh-ppp3-xvm7) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-jfx9-29x2-rv3j) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-jj6c-8h6c-hppx) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-m449-cwjh-6pw7) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-qpxp-75px-xjcp) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-vr63-x8vc-m265) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-wgvp-vg3v-2xq3) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-x284-j5p8-9c5p) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-x7hp-r3qg-r3cj) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (GHSA-55x5-fj6c-h6m8) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (GHSA-57qw-cc2g-pv5p) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (GHSA-jq4v-f5q6-mjqq) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (GHSA-pgww-xf46-h92r) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (GHSA-vfmq-68hx-4jfw) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (GHSA-wrxv-2j5q-m38w) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (GHSA-xp26-p53h-6h2p) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (PYSEC-2014-9) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (PYSEC-2018-12) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (PYSEC-2021-19) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (PYSEC-2021-852) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (PYSEC-2022-230) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (PYSEC-2026-87) dependency_analyzer · 95%
medium
Vulnerable dependency: python-multipart@0.0.22,<1.0 (GHSA-2jv5-9r88-3w3p) dependency_analyzer · 95%
medium
Vulnerable dependency: python-multipart@0.0.22,<1.0 (GHSA-59g5-xgcq-4qw3) dependency_analyzer · 95%
medium
Vulnerable dependency: python-multipart@0.0.22,<1.0 (GHSA-mj87-hwqh-73pj) dependency_analyzer · 95%
medium
Vulnerable dependency: python-multipart@0.0.22,<1.0 (GHSA-pp6c-gr5w-3c5g) dependency_analyzer · 95%
medium
Vulnerable dependency: python-multipart@0.0.22,<1.0 (GHSA-wp53-j4wj-2cfg) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (GHSA-2fc2-6r4j-p65h) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (GHSA-5545-2q6w-2gh6) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (GHSA-9fq2-x9r6-wfmf) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (GHSA-cw6w-4rcx-xphc) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (GHSA-f7c7-j99h-c22f) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (GHSA-fpfv-jqm9-f5jm) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (GHSA-frgw-fgh6-9g52) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (PYSEC-2017-1) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (PYSEC-2018-33) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (PYSEC-2018-34) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (PYSEC-2019-108) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (PYSEC-2021-856) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (PYSEC-2021-857) dependency_analyzer · 95%
medium
Vulnerable dependency: scikit-learn@1.6.1,<2.0 (GHSA-jjw5-xxj6-pcv5) dependency_analyzer · 95%
medium
Vulnerable dependency: scikit-learn@1.6.1,<2.0 (GHSA-jw8x-6495-233v) dependency_analyzer · 95%
medium
Vulnerable dependency: scikit-learn@1.6.1,<2.0 (PYSEC-2020-107) dependency_analyzer · 95%
medium
Vulnerable dependency: scikit-learn@1.6.1,<2.0 (PYSEC-2020-108) dependency_analyzer · 95%
medium
Vulnerable dependency: scikit-learn@1.6.1,<2.0 (PYSEC-2024-110) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0.0,<7.0 (GHSA-8q59-q68h-6hv4) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0.0,<7.0 (GHSA-rprw-h62v-c2w7) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0.0,<7.0 (PYSEC-2018-49) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0.0,<7.0 (PYSEC-2021-142) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-2vrm-gr82-f7m5) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-3wq7-rqq7-wx6j) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-45c4-8wx5-qw6w) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-54jq-c3m8-4m76) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-5m98-qgg9-wh84) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-63hf-3vf5-4wqf) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-69f9-5gxw-wvc2) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-6jhg-hg63-jvvf) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-6mq8-rvhq-8wgg) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-7gpw-8wmc-pm8g) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-8495-4g3g-x7pr) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-8qpw-xqxj-h4r2) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-9548-qrrj-x5pj) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-966j-vmvw-g2g9) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-c427-h43c-vf67) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-fh55-r93g-j68g) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-g84x-mcqj-x9qq) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-gfw2-4jvh-wgfg) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-hcc4-c3v8-rx92) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-jj3x-wxrx-4x23) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-m5qp-6w8w-w647) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-mqqc-3gqh-h2x8) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-mwh4-6h8g-pg8w) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-p998-jp59-783m) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-pjjw-qhg8-p2p9) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-q3qx-c6g2-7pw2) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-qvrw-v9rv-5rjx) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-v6wp-4m6f-gcjg) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-w2fm-2cpv-w7v5) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-xx9p-xxvh-7g8j) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (PYSEC-2021-76) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (PYSEC-2023-120) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (PYSEC-2023-246) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (PYSEC-2023-247) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (PYSEC-2023-250) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (PYSEC-2023-251) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (PYSEC-2024-26) dependency_analyzer · 95%
medium
Vulnerable dependency: mcp@1.0.0,<2.0 (GHSA-3qhf-m339-9g5v) dependency_analyzer · 95%
medium
Vulnerable dependency: mcp@1.0.0,<2.0 (GHSA-9h52-p55h-vw2f) dependency_analyzer · 95%
medium
Vulnerable dependency: mcp@1.0.0,<2.0 (GHSA-j975-95f5-7wqh) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.4.0,<3.0.0 (GHSA-5jqp-qgf6-3pvh) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.4.0,<3.0.0 (GHSA-mr82-8j83-vxmv) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.4.0,<3.0.0 (PYSEC-2021-47) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (GHSA-2fc2-6r4j-p65h) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (GHSA-5545-2q6w-2gh6) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (GHSA-9fq2-x9r6-wfmf) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (GHSA-cw6w-4rcx-xphc) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (GHSA-f7c7-j99h-c22f) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (GHSA-fpfv-jqm9-f5jm) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (GHSA-frgw-fgh6-9g52) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (PYSEC-2017-1) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (PYSEC-2018-33) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (PYSEC-2018-34) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (PYSEC-2019-108) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (PYSEC-2021-856) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (PYSEC-2021-857) dependency_analyzer · 95%
medium
Vulnerable dependency: uvicorn@0.27.0,<1.0 (GHSA-33c7-2mpw-hg34) dependency_analyzer · 95%
medium
Vulnerable dependency: uvicorn@0.27.0,<1.0 (GHSA-f97h-2pfx-f59f) dependency_analyzer · 95%
medium
Vulnerable dependency: uvicorn@0.27.0,<1.0 (PYSEC-2020-150) dependency_analyzer · 95%
medium
Vulnerable dependency: uvicorn@0.27.0,<1.0 (PYSEC-2020-151) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.5.3,<3.0 (GHSA-5jqp-qgf6-3pvh) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.5.3,<3.0 (GHSA-mr82-8j83-vxmv) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.5.3,<3.0 (PYSEC-2021-47) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (GHSA-3ww4-gg4f-jr7f) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (GHSA-9v9h-cgj8-h64p) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (GHSA-hggm-jpg3-v476) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (GHSA-m959-cc7f-wv43) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (GHSA-q3cj-2r34-2cwc) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (GHSA-r6ph-v2qm-q3c2) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (PYSEC-2017-8) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (PYSEC-2021-62) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (PYSEC-2026-35) dependency_analyzer · 95%
medium
Vulnerable dependency: pynacl@1.5.0,<2.0 (GHSA-mrfv-m5wm-5w6w) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.0,<3.0 (GHSA-5jqp-qgf6-3pvh) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.0,<3.0 (GHSA-mr82-8j83-vxmv) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.0,<3.0 (PYSEC-2021-47) dependency_analyzer · 95%
high
Generic API Key Assignment found in docs/security/scanning.md secret_scanner · 75%
high
Hardcoded Password found in examples/quickstart/autogen_governed.py secret_scanner · 65%
high
Generic API Key Assignment found in agent-governance-typescript/agent-os-vscode/src/extension.ts secret_scanner · 75%
high
Generic API Key Assignment found in agent-governance-typescript/agent-os-vscode/src/server/browserPolicyEditor.ts secret_scanner · 75%
high
Generic API Key Assignment found in agent-governance-typescript/agent-os-vscode/src/webviews/policyEditor/PolicyEditorPanel.ts secret_scanner · 75%
high
Hardcoded Password found in agent-governance-python/agent-os/docs/use-cases.md secret_scanner · 65%
high
Hardcoded Password found in agent-governance-python/agent-os/examples/self-evaluating/docs/UNIVERSAL_SIGNAL_BUS.md secret_scanner · 65%
high
Hardcoded Password found in agent-governance-python/agent-os/examples/self-evaluating/examples/sample_full_stack_agent.py secret_scanner · 65%
high
Hardcoded Password found in agent-governance-python/agent-os/examples/self-evaluating/examples/example_universal_signal_bus.py secret_scanner · 65%
high
Hardcoded Password found in agent-governance-python/agent-os/modules/observability/alertmanager/alertmanager.yml secret_scanner · 65%
high
Hardcoded Password found in agent-governance-python/agent-os/modules/scak/build_and_publish.ps1 secret_scanner · 65%
high
Hardcoded Password found in agent-governance-python/agent-os/modules/control-plane/benchmark/red_team_dataset.py secret_scanner · 65%
medium
Hex string literal (>50 chars) in agent-governance-golang/packages/agentmesh/audit_test.go:135 entropy_analyzer · 70%
medium
Hex string literal (>50 chars) in examples/reasoning-attestation-governed/getting_started.py:231 entropy_analyzer · 70%
medium
Buffer.from base64 in agent-governance-typescript/src/identity.ts:518 entropy_analyzer · 75%
medium
Buffer.from base64 in agent-governance-typescript/src/identity.ts:543 entropy_analyzer · 75%
medium
Buffer.from base64 in agent-governance-typescript/src/encryption/mesh-client.ts:991 entropy_analyzer · 75%
medium
Hex string literal (>50 chars) in agent-governance-python/agentmesh-integrations/mastra-agentmesh/src/audit.ts:13 entropy_analyzer · 70%
medium
Hex string literal (>50 chars) in agent-governance-python/agentmesh-integrations/mastra-agentmesh/src/audit.ts:135 entropy_analyzer · 70%
high
Long unicode escape chain in agent-governance-python/agent-os/examples/trading-governance/demo.py:781 entropy_analyzer · 80%
high
Long unicode escape chain in agent-governance-python/agent-os/examples/trading-governance/demo.py:783 entropy_analyzer · 80%
high
Long unicode escape chain in agent-governance-python/agent-os/examples/trading-governance/demo.py:788 entropy_analyzer · 80%
medium
Buffer.from base64 in agent-governance-python/agent-mesh/services/api/src/services/identity.ts:34 entropy_analyzer · 75%
medium
Buffer.from base64 in agent-governance-python/agent-mesh/services/api/src/services/identity.ts:50 entropy_analyzer · 75%
medium
Buffer.from base64 in agent-governance-python/agent-mesh/services/api/src/services/identity.ts:60 entropy_analyzer · 75%
info
SLSA Build Level 3 detected slsa_assessor · 85%
high
High-risk OAuth scope: admin oauth_scope_analyzer · 80%
info
Could not connect to MCP server for output poisoning scan output_poisoning · 100%
info
Could not connect to MCP server for behavioral verification behavioral_verifier · 100%
info
SBOM generated: 579 components sbom_generator · 100%
info
MITRE ATLAS technique coverage summary atlas_annotator · 100%
info
ATLAS: Adversarial ML Supply Chain (AML.T0043) atlas_annotator · 100%
info
ATLAS: Poison Training Data (AML.T0020) atlas_annotator · 100%
info
ATLAS: Poison Training Data (AML.T0020) atlas_annotator · 100%
info
package.json metadata manifest_parser · 100%
info
pyproject.toml metadata manifest_parser · 100%
info
Tool: read_file manifest_parser · 90%
info
Tool: write_file manifest_parser · 90%
info
Tool: query_database manifest_parser · 90%
info
Tool: filesystem_read manifest_parser · 90%
info
Tool: database_query manifest_parser · 90%
info
Tool: api_call manifest_parser · 90%
info
Tool: check_trust manifest_parser · 90%
info
Tool: get_trust_score manifest_parser · 90%
info
Tool: establish_handshake manifest_parser · 90%
info
Tool: verify_delegation manifest_parser · 90%
info
Tool: record_interaction manifest_parser · 90%
info
Tool: get_identity manifest_parser · 90%
info
Transport: stdio manifest_parser · 90%
info
Required env vars (153) manifest_parser · 80%
low
Tool 'read_file' has no annotations annotation_checker · 100%
low
Tool 'write_file' has no annotations annotation_checker · 100%
low
Tool 'query_database' has no annotations annotation_checker · 100%
low
Tool 'filesystem_read' has no annotations annotation_checker · 100%
low
Tool 'database_query' has no annotations annotation_checker · 100%
low
Tool 'api_call' has no annotations annotation_checker · 100%
low
Tool 'check_trust' has no annotations annotation_checker · 100%
low
Tool 'get_trust_score' has no annotations annotation_checker · 100%
low
Tool 'establish_handshake' has no annotations annotation_checker · 100%
low
Tool 'verify_delegation' has no annotations annotation_checker · 100%
low
Tool 'record_interaction' has no annotations annotation_checker · 100%
low
Tool 'get_identity' has no annotations annotation_checker · 100%
high
Hardcoded API key in agent-governance-python/agent-os/tests/test_security_skills.py auth_checker · 90%
medium
Permission: network access detected permission_analyzer · 90%
low
Permission: filesystem access detected permission_analyzer · 90%
high
Permission: shell access detected permission_analyzer · 95%
medium
Permission: database access detected permission_analyzer · 90%
low
Permission: env_vars access detected permission_analyzer · 90%
medium
Excessive dependency count: 326 direct dependencies dependency_analyzer · 90%
medium
Suspicious package name: react-dom dependency_analyzer · 60%
medium
Vulnerable dependency: zod@3.22.0 (GHSA-m95q-7qp3-xv42) dependency_analyzer · 95%
medium
Vulnerable dependency: mcp@1.0.0 (GHSA-3qhf-m339-9g5v) dependency_analyzer · 95%
medium
Vulnerable dependency: mcp@1.0.0 (GHSA-9h52-p55h-vw2f) dependency_analyzer · 95%
medium
Vulnerable dependency: mcp@1.0.0 (GHSA-j975-95f5-7wqh) dependency_analyzer · 95%
medium
Vulnerable dependency: pynacl@1.5.0 (GHSA-mrfv-m5wm-5w6w) dependency_analyzer · 95%
medium
Vulnerable dependency: pytest@7.4.0 (GHSA-6w46-j5rx-g56g) dependency_analyzer · 95%
medium
Vulnerable dependency: python-multipart@0.0.26 (GHSA-pp6c-gr5w-3c5g) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-3wxx-q3gv-pvvv) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-488g-hw5f-x29p) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-7753-xrfw-ch36) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-cr7q-2w66-hjcm) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-fxc2-8m62-m85x) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-j3wr-m6xh-64hg) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-r6gp-rff2-p3hf) dependency_analyzer · 95%
medium
Vulnerable dependency: llama-index-core@0.13.0,<0.15.0 (GHSA-wvpx-g427-q9wc) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (GHSA-3ww4-gg4f-jr7f) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (GHSA-9v9h-cgj8-h64p) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (PYSEC-2021-62) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0,<7.0 (GHSA-rprw-h62v-c2w7) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0,<7.0 (PYSEC-2018-49) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0,<7.0 (GHSA-8q59-q68h-6hv4) dependency_analyzer · 95%
medium
Vulnerable dependency: httpx@0.27.0,<1.0 (PYSEC-2022-183) dependency_analyzer · 95%
medium
Vulnerable dependency: langchain-core@1.2.28 (GHSA-pjwx-r37v-7724) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (GHSA-q3cj-2r34-2cwc) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (GHSA-r6ph-v2qm-q3c2) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.4.0,<3.0 (PYSEC-2021-47) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.4.0,<3.0 (GHSA-mr82-8j83-vxmv) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (GHSA-5545-2q6w-2gh6) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (GHSA-f7c7-j99h-c22f) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (PYSEC-2018-34) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (GHSA-cw6w-4rcx-xphc) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (PYSEC-2017-1) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (PYSEC-2021-857) dependency_analyzer · 95%
medium
Vulnerable dependency: fastapi@0.115.0,<1.0 (PYSEC-2021-100) dependency_analyzer · 95%
medium
Vulnerable dependency: fastapi@0.115.0,<1.0 (PYSEC-2024-38) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.5.0,<3.0 (GHSA-mr82-8j83-vxmv) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-2q4j-m29v-hq73) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-2rw7-x74f-jg35) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-3crg-w4f6-42mx) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-4f6g-68pf-7vhv) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-4pxv-j86v-mhcw) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-4xc4-762w-m6cg) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-7gw9-cf7v-778f) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-7hfw-26vp-jp8m) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-87mj-5ggw-8qc3) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-996q-pr4m-cvgq) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-9m86-7pmv-2852) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-9mvc-8737-8j8h) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-f2v5-7jq9-h8cg) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-hqmh-ppp3-xvm7) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-jfx9-29x2-rv3j) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-jj6c-8h6c-hppx) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-m449-cwjh-6pw7) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-qpxp-75px-xjcp) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-vr63-x8vc-m265) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-wgvp-vg3v-2xq3) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-x284-j5p8-9c5p) dependency_analyzer · 95%
medium
Vulnerable dependency: pypdf@6.10.2,<7.0 (GHSA-x7hp-r3qg-r3cj) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (GHSA-55x5-fj6c-h6m8) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (GHSA-57qw-cc2g-pv5p) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (GHSA-jq4v-f5q6-mjqq) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (GHSA-pgww-xf46-h92r) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (GHSA-vfmq-68hx-4jfw) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (GHSA-wrxv-2j5q-m38w) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (GHSA-xp26-p53h-6h2p) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (PYSEC-2014-9) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (PYSEC-2018-12) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (PYSEC-2021-19) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (PYSEC-2021-852) dependency_analyzer · 95%
medium
Vulnerable dependency: lxml@4.9.3,<7.0 (PYSEC-2022-230) dependency_analyzer · 95%
medium
Vulnerable dependency: python-multipart@0.0.22,<1.0 (GHSA-2jv5-9r88-3w3p) dependency_analyzer · 95%
medium
Vulnerable dependency: python-multipart@0.0.22,<1.0 (GHSA-59g5-xgcq-4qw3) dependency_analyzer · 95%
medium
Vulnerable dependency: python-multipart@0.0.22,<1.0 (GHSA-mj87-hwqh-73pj) dependency_analyzer · 95%
medium
Vulnerable dependency: python-multipart@0.0.22,<1.0 (GHSA-pp6c-gr5w-3c5g) dependency_analyzer · 95%
medium
Vulnerable dependency: python-multipart@0.0.22,<1.0 (GHSA-wp53-j4wj-2cfg) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (GHSA-2fc2-6r4j-p65h) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (GHSA-5545-2q6w-2gh6) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (GHSA-9fq2-x9r6-wfmf) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (GHSA-cw6w-4rcx-xphc) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (GHSA-f7c7-j99h-c22f) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (GHSA-fpfv-jqm9-f5jm) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (GHSA-frgw-fgh6-9g52) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (PYSEC-2017-1) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (PYSEC-2018-33) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (PYSEC-2018-34) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (PYSEC-2019-108) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (PYSEC-2021-856) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.26.2,<2.0 (PYSEC-2021-857) dependency_analyzer · 95%
medium
Vulnerable dependency: scikit-learn@1.6.1,<2.0 (GHSA-jjw5-xxj6-pcv5) dependency_analyzer · 95%
medium
Vulnerable dependency: scikit-learn@1.6.1,<2.0 (GHSA-jw8x-6495-233v) dependency_analyzer · 95%
medium
Vulnerable dependency: scikit-learn@1.6.1,<2.0 (PYSEC-2020-107) dependency_analyzer · 95%
medium
Vulnerable dependency: scikit-learn@1.6.1,<2.0 (PYSEC-2020-108) dependency_analyzer · 95%
medium
Vulnerable dependency: scikit-learn@1.6.1,<2.0 (PYSEC-2024-110) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (GHSA-2fc2-6r4j-p65h) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (GHSA-9fq2-x9r6-wfmf) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (GHSA-fpfv-jqm9-f5jm) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (GHSA-frgw-fgh6-9g52) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (PYSEC-2018-33) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (PYSEC-2019-108) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.20.0,<2.0 (PYSEC-2021-856) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.4.0,<3.0 (GHSA-5jqp-qgf6-3pvh) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0.0,<7.0 (GHSA-8q59-q68h-6hv4) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0.0,<7.0 (GHSA-rprw-h62v-c2w7) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0.0,<7.0 (PYSEC-2018-49) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0.0,<7.0 (PYSEC-2021-142) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-3wq7-rqq7-wx6j) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-45c4-8wx5-qw6w) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-54jq-c3m8-4m76) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-5m98-qgg9-wh84) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-69f9-5gxw-wvc2) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-6jhg-hg63-jvvf) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-6mq8-rvhq-8wgg) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-7gpw-8wmc-pm8g) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-8495-4g3g-x7pr) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-966j-vmvw-g2g9) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-c427-h43c-vf67) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-fh55-r93g-j68g) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-g84x-mcqj-x9qq) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-hcc4-c3v8-rx92) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-mqqc-3gqh-h2x8) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-mwh4-6h8g-pg8w) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-pjjw-qhg8-p2p9) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-q3qx-c6g2-7pw2) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-xx9p-xxvh-7g8j) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (PYSEC-2021-76) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (PYSEC-2023-120) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (PYSEC-2023-251) dependency_analyzer · 95%
medium
Vulnerable dependency: mcp@1.0.0,<2.0 (GHSA-3qhf-m339-9g5v) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.4.0,<3.0.0 (GHSA-5jqp-qgf6-3pvh) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.4.0,<3.0.0 (GHSA-mr82-8j83-vxmv) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.4.0,<3.0.0 (PYSEC-2021-47) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (GHSA-2fc2-6r4j-p65h) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (GHSA-5545-2q6w-2gh6) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (GHSA-9fq2-x9r6-wfmf) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (GHSA-cw6w-4rcx-xphc) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (GHSA-f7c7-j99h-c22f) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (GHSA-fpfv-jqm9-f5jm) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (GHSA-frgw-fgh6-9g52) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (PYSEC-2017-1) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (PYSEC-2018-33) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (PYSEC-2018-34) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (PYSEC-2019-108) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (PYSEC-2021-856) dependency_analyzer · 95%
medium
Vulnerable dependency: numpy@1.24.0,<2.0 (PYSEC-2021-857) dependency_analyzer · 95%
medium
Vulnerable dependency: fastapi@0.115.0,<1.0 (GHSA-8h2j-cgx8-6xv7) dependency_analyzer · 95%
medium
Vulnerable dependency: uvicorn@0.27.0,<1.0 (GHSA-33c7-2mpw-hg34) dependency_analyzer · 95%
medium
Vulnerable dependency: uvicorn@0.27.0,<1.0 (GHSA-f97h-2pfx-f59f) dependency_analyzer · 95%
medium
Vulnerable dependency: uvicorn@0.27.0,<1.0 (PYSEC-2020-150) dependency_analyzer · 95%
medium
Vulnerable dependency: uvicorn@0.27.0,<1.0 (PYSEC-2020-151) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.5.3,<3.0 (GHSA-5jqp-qgf6-3pvh) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.5.3,<3.0 (GHSA-mr82-8j83-vxmv) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.5.3,<3.0 (PYSEC-2021-47) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (GHSA-3ww4-gg4f-jr7f) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (GHSA-9v9h-cgj8-h64p) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (GHSA-hggm-jpg3-v476) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (GHSA-m959-cc7f-wv43) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (GHSA-q3cj-2r34-2cwc) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (PYSEC-2017-8) dependency_analyzer · 95%
medium
Vulnerable dependency: pynacl@1.5.0,<2.0 (GHSA-mrfv-m5wm-5w6w) dependency_analyzer · 95%
medium
Vulnerable dependency: httpx@0.27.0,<1.0 (GHSA-h8pj-cxx2-jfg2) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-2vrm-gr82-f7m5) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-63hf-3vf5-4wqf) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-8qpw-xqxj-h4r2) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-9548-qrrj-x5pj) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-gfw2-4jvh-wgfg) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-jj3x-wxrx-4x23) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-m5qp-6w8w-w647) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-p998-jp59-783m) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-qvrw-v9rv-5rjx) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-v6wp-4m6f-gcjg) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (GHSA-w2fm-2cpv-w7v5) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (PYSEC-2023-246) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (PYSEC-2023-247) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (PYSEC-2023-250) dependency_analyzer · 95%
medium
Vulnerable dependency: aiohttp@3.13.4,<4.0 (PYSEC-2024-26) dependency_analyzer · 95%
medium
Vulnerable dependency: pyyaml@6.0,<7.0 (PYSEC-2021-142) dependency_analyzer · 95%
medium
Vulnerable dependency: mcp@1.0.0,<2.0 (GHSA-9h52-p55h-vw2f) dependency_analyzer · 95%
medium
Vulnerable dependency: mcp@1.0.0,<2.0 (GHSA-j975-95f5-7wqh) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.5.0,<3.0 (GHSA-5jqp-qgf6-3pvh) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.5.0,<3.0 (PYSEC-2021-47) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (GHSA-hggm-jpg3-v476) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (GHSA-m959-cc7f-wv43) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<47.0 (PYSEC-2017-8) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.0,<3.0 (GHSA-5jqp-qgf6-3pvh) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.0,<3.0 (GHSA-mr82-8j83-vxmv) dependency_analyzer · 95%
medium
Vulnerable dependency: pydantic@2.0,<3.0 (PYSEC-2021-47) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (GHSA-r6ph-v2qm-q3c2) dependency_analyzer · 95%
medium
Vulnerable dependency: cryptography@46.0.7,<49.0 (PYSEC-2021-62) dependency_analyzer · 95%
high
Generic API Key Assignment found in docs/security-scanning.md secret_scanner · 75%
high
Generic API Key Assignment found in docs/security/scanning.md secret_scanner · 75%
high
Hardcoded Password found in examples/quickstart/autogen_governed.py secret_scanner · 65%
high
Generic API Key Assignment found in agent-governance-typescript/agent-os-vscode/src/extension.ts secret_scanner · 75%
high
Generic API Key Assignment found in agent-governance-typescript/agent-os-vscode/src/server/browserPolicyEditor.ts secret_scanner · 75%
high
Generic API Key Assignment found in agent-governance-typescript/agent-os-vscode/src/webviews/policyEditor/PolicyEditorPanel.ts secret_scanner · 75%
high
Hardcoded Password found in agent-governance-python/agent-os/docs/use-cases.md secret_scanner · 65%
high
Hardcoded Password found in agent-governance-python/agent-os/examples/self-evaluating/docs/UNIVERSAL_SIGNAL_BUS.md secret_scanner · 65%
high
Hardcoded Password found in agent-governance-python/agent-os/examples/self-evaluating/examples/sample_full_stack_agent.py secret_scanner · 65%
high
Hardcoded Password found in agent-governance-python/agent-os/examples/self-evaluating/examples/example_universal_signal_bus.py secret_scanner · 65%
high
Hardcoded Password found in agent-governance-python/agent-os/modules/observability/alertmanager/alertmanager.yml secret_scanner · 65%
high
Hardcoded Password found in agent-governance-python/agent-os/modules/scak/build_and_publish.ps1 secret_scanner · 65%
high
Hardcoded Password found in agent-governance-python/agent-os/modules/control-plane/benchmark/red_team_dataset.py secret_scanner · 65%
medium
Hex string literal (>50 chars) in agent-governance-golang/packages/agentmesh/audit_test.go:135 entropy_analyzer · 70%
medium
Hex string literal (>50 chars) in examples/reasoning-attestation-governed/getting_started.py:231 entropy_analyzer · 70%
medium
Buffer.from base64 in agent-governance-typescript/src/identity.ts:518 entropy_analyzer · 75%
medium
Buffer.from base64 in agent-governance-typescript/src/identity.ts:543 entropy_analyzer · 75%
medium
Buffer.from base64 in agent-governance-typescript/src/encryption/mesh-client.ts:991 entropy_analyzer · 75%
medium
Hex string literal (>50 chars) in agent-governance-python/agentmesh-integrations/mastra-agentmesh/src/audit.ts:13 entropy_analyzer · 70%
medium
Hex string literal (>50 chars) in agent-governance-python/agentmesh-integrations/mastra-agentmesh/src/audit.ts:135 entropy_analyzer · 70%
high
Long unicode escape chain in agent-governance-python/agent-os/examples/trading-governance/demo.py:781 entropy_analyzer · 80%
high
Long unicode escape chain in agent-governance-python/agent-os/examples/trading-governance/demo.py:783 entropy_analyzer · 80%
high
Long unicode escape chain in agent-governance-python/agent-os/examples/trading-governance/demo.py:788 entropy_analyzer · 80%
medium
Buffer.from base64 in agent-governance-python/agent-mesh/services/api/src/services/identity.ts:34 entropy_analyzer · 75%
medium
Buffer.from base64 in agent-governance-python/agent-mesh/services/api/src/services/identity.ts:50 entropy_analyzer · 75%
medium
Buffer.from base64 in agent-governance-python/agent-mesh/services/api/src/services/identity.ts:60 entropy_analyzer · 75%
info
SLSA Build Level 3 detected slsa_assessor · 85%
high
High-risk OAuth scope: admin oauth_scope_analyzer · 80%
info
Could not connect to MCP server for output poisoning scan output_poisoning · 100%
info
Could not connect to MCP server for behavioral verification behavioral_verifier · 100%
info
SBOM generated: 571 components sbom_generator · 100%
info
MITRE ATLAS technique coverage summary atlas_annotator · 100%
info
ATLAS: Adversarial ML Supply Chain (AML.T0043) atlas_annotator · 100%