Pipelock Agent Security Scan

April 7, 2026

Version updated for https://github.com/luckyPipewrench/pipelock to version v2.1.2.

This action is used across all versions by 0 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

Pipelock is an open-source “agent firewall” designed to secure AI agents by monitoring and controlling their interactions with the internet. It prevents data exfiltration, injection attacks, and unauthorized access by scanning inbound and outbound traffic, sandboxing agent processes, and enforcing tool usage policies. Additionally, it provides signed evidence of agent activity, ensuring robust runtime security for environments handling sensitive information.

What’s Changed

Changelog

38801766549e8f86ee8bf9dc99e976fc12ee2ccf ci: bump the ci-actions group with 2 updates (#358)
adf3e376d316887b3a2622584c4b1bb976c2cb11 deps: bump modernc.org/sqlite from 1.48.0 to 1.48.1 in the go-deps group (#357)
3870e103a842b29fd36efab23a2f9b9ea3553bc1 feat: add action receipts with Ed25519 signing and verify-receipt CLI (#351)
8c6adc6a9fb604baabd8dc723f7cfa4c898e5f8c feat: hash-chained receipts and transcript roots (#354)
8d8eefb0eaee2b6e0e4573f886f691779d177ed3 feat: immutable core scanner and bundle metadata v2 (#359)
44f11772be083a1d80b4bf6b3e69b4c82f65151a feat: onboarding stack (init CLI, README, Helm chart, FP guide) (#355)
f6f562dac6659885542407db03f2509ea24877b5 feat: runtime hardening (airlock, browser shield, posture capsule) (#356)
bdab6f70901b5acef240cafb564bf81c6e0d5f17 fix: receipt emission for TLS interception, field-level redaction, and hot-reload lifecycle (#362)
d37166f6fabc2866de838df908effb0b4190d480 fix: respect pipelock:ignore inline comments in scan-diff mode (#365)
4c47d1ee9a3e679afcede5c0333cf2414d54918b fix: runtime hardening follow-up — review findings and tracked issues (#371)
2e45ac464b7b63a8af4472133ad59a25c936db0a fix: scan all multipart part bodies, headers, and transfer encodings (#370)