Aguara Security Scanner

Version updated for https://github.com/garagon/aguara to version v0.7.0.

• This action is used across all versions by 1 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

Aguara is a security scanner designed to analyze AI agent skills and MCP servers, detecting threats like prompt injection, data exfiltration, and supply-chain attacks before deployment. It automates static analysis using a multi-layer engine with 173 detection rules across 13 threat categories, providing confidence scoring, remediation guidance, and support for CI integration. The tool is deterministic, extensible, and works without the need for API keys, cloud infrastructure, or external language models.

Release notes

What’s Changed

• feat: add Homebrew tap distribution and inline ignore comments by @garagon in https://github.com/garagon/aguara/pull/13
• fix: add regex pattern length limit and improve community docs by @garagon in https://github.com/garagon/aguara/pull/14
• feat: Docker support, remediation field, benchmarks, and CLI test coverage by @garagon in https://github.com/garagon/aguara/pull/20
• docs: comprehensive README update with all product features by @garagon in https://github.com/garagon/aguara/pull/21
• feat: 173/173 rule remediation, disable_rules config, 80% test coverage by @garagon in https://github.com/garagon/aguara/pull/22
• release: prepare v0.7.0 — remediation on all 173 rules, Docker, Homebrew, inline ignore by @garagon in https://github.com/garagon/aguara/pull/23

Full Changelog: https://github.com/garagon/aguara/compare/v1...v0.7.0

• garagon
• GitHub Actions