Lists (3)
Stars
A policy bot for enabling coding agents to make safe decisions on their own.
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
A community trust management system based on explicit vouches to participate.
Kernel-enforced agent sandbox. Capability-based isolation with secure key management, atomic rollback, cryptographic immutable audit chain of provenance. Run your agents in a zero-trust environment.
Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows
Generate and verify lockfiles for GitHub Actions dependencies.
Open Source Semantic Search for your AI Agent
image scaling attacks for multi-modal prompt injection
HTTPLeaks - All possible ways, a website can leak HTTP requests
Go lib (and CLI) for quick creation of TLS keys and certificates for use in tests
An AI-powered security review GitHub Action using Claude to analyze code changes for security vulnerabilities.
Buttercup finds and patches software vulnerabilities
Kumi is a declarative rules-and-calculation DSL for Ruby that staticaly analyzes and compiles your business logic.
Observes and records changes to public OIDC metadata and JWKS for services listed in the jwks-catalog.
This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like [Cursor](https://cursor.sh/) or AI agents to interact with CodeQL through structure…
mbake is a Makefile formatter and linter. It only took 50 years!
Containerization is a Swift package for running Linux containers on macOS.
weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interesting functionality in large codebases.
Red Kite, the Extensible Attack Surface Management tool.
A TypeScript implementation of the age file encryption format, available as an npm package or as a bundled .js file.