Pipelock Agent Security Scan

Version updated for https://github.com/luckyPipewrench/pipelock to version v1.4.0.

• This action is used across all versions by 0 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

Pipelock is an open-source agent firewall designed to protect AI agents by monitoring and filtering their network activity to prevent unauthorized access or data leaks, such as API key exposure. It automates the detection and blocking of sensitive data in HTTP requests using configurable rules, ensuring secure communication without requiring code changes. Key capabilities include forward proxy and fetch proxy modes, making it compatible with various AI frameworks and HTTP clients.

Release notes

Changelog

• 03a5eaa43fc7bbb45dd2f2607a4ca97761402a4a Merge pull request #242
• 41ee2bdd52dc24012ffd5e56896615f0fa782050 ci: bump docker/login-action from 3.7.0 to 4.0.0 (#241)
• 9da483fd1ab9e6c99877b784ed8976512834ece7 ci: bump sigstore/cosign-installer from 4.0.0 to 4.1.0 (#237)
• ce3e75478c9f81ab774cdb9628149f6addd223f8 feat: add DLP patterns for Groq, xAI, GitLab, New Relic, and Stripe webhooks (#246)
• 6dfdef9a7f7d96146785ef842486f27699a337f5 feat: add VS Code MCP proxy integration (vscode install/remove) (#248)
• f62ad5f87a8e0ba635aed29f70b461fcf31a106a feat: add address similarity tracker for blockchain address poisoning detection (#231)
• d9dadaca05df1cf440f53a87d1b672623580d13e feat: add crypto address poisoning detection (#233)
• 7a25a07c1c3fc3362dd60a06dc91f967219d5806 feat: add crypto secret DLP detection (BIP-39 seed phrases, WIF, xprv, ETH keys) (#249)
• eb0a59e24f1cab0f1b19771b008a8a3197f6645d feat: add response scanning pre-filter for keyword-gated regex (#230)
• 8d4c9c774b10b40561ee8b2d8d37796e5f466591 feat: community rule bundles — signed YAML detection patterns (#247)
• 22639c3f14033b82e1b750675923c531f23e7e1d feat: detect delimiter-separated hex encoding in DLP scanner (#243)
• 2f37db19b01e408023c0bbdd235aa311993bc01a feat: trial tier and one-time purchase support for license service (#232)
• f17a8d2920ec0cd4743e54bc77c86404102f2532 fix: k8s Secret volume compatibility for key and license file loading (#229)
• e92466c7146c24bad028d516f09e55045e44f3f6 fix: make rules lock cross-platform for Windows release builds (#252)
• 1d1ac985416f63ea1e2f996015d5bdb1d9bb3511 fix: skip general response scanning on empty tools/list responses (#250)
• 324a509b229c30957116e80cb9f0d5517d1c980f perf: extend response pre-filter to opt-space and vowel-fold passes (#245)

• luckyPipewrench
• GitHub Actions