Skip to content

razashariff/agentsign-action

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
README.md
README.md
 
 
action.yml
action.yml
 
 
index.js
index.js
 
 
package.json
package.json
 
 

Repository files navigation

AgentSign Security Scan

Scan your agent code against OWASP Agentic AI Top 10 (2025) rules using the AgentSign Registry.

AgentSign

Usage

name: AgentSign Security Scan
on: [push, pull_request]

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: razashariff/agentsign-action@v1
        with:
          path: '.'
          fail-on: 'FAIL'

Inputs

Input Description Default
path Path to scan (file or directory) .
extensions File extensions to scan (comma-separated) .py,.js,.ts,.mjs,.cjs
fail-on Fail the check on: FAIL, WARN, or never FAIL
registry-url AgentSign Registry URL https://registry.agentsign.dev
name Agent name for the scan report repo name

Outputs

Output Description
verdict Scan verdict (PASS / WARN / FAIL)
risk-score Risk score (0-100)
findings-count Number of findings
report Full JSON scan report

Badge

Add a security badge to your README:

![AgentSign](https://img.shields.io/endpoint?url=https://registry.agentsign.dev/api/badge/YOUR-AGENT)

What it checks

12 detection rules mapped to OWASP Agentic AI Top 10 (2025):

Rule OWASP Severity Description
AS-001 AA-03 CRITICAL Unsafe code execution (exec, eval, os.system)
AS-002 AA-05 HIGH Hardcoded secrets and API keys
AS-003 AA-04 MEDIUM Excessive permissions
AS-004 AA-02 HIGH Prompt injection via file input
AS-005 AA-02 CRITICAL Known injection patterns
AS-006 AA-09 HIGH Code execution without sandboxing
AS-007 AA-06 LOW Supply chain without integrity checks
AS-008 AA-01 HIGH Excessive agency / auto-approval
AS-009 AA-07 MEDIUM Unsafe output handling (XSS)
AS-010 AA-08 MEDIUM Insufficient logging
AS-011 AA-10 HIGH Data exfiltration patterns
AS-012 MCP-07 HIGH MCP server without authentication

Verdicts

  • PASS (green): No critical or high-severity findings
  • WARN (yellow): High-severity findings detected
  • FAIL (red): Critical findings detected

Example output

AgentSign Security Scan
Registry: https://registry.agentsign.dev
Path: .
Extensions: .py, .js, .ts
Fail on: FAIL

Found 12 files to scan
Scanning 24.3KB of code...

==================================================
VERDICT: FAIL
Risk Score: 40/100
Rules Version: 1.0.0
Total Checks: 12

Severity: CRITICAL=1 HIGH=1 MEDIUM=0 LOW=0

Findings:
  [!!!] CRITICAL (AA-03) Dangerous code patterns: exec()
  [!!]  HIGH (AA-09) Code execution without sandboxing
==================================================

Links

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

AgentSign Security Scan v1.0 Latest
Mar 12, 2026

Packages

 
 
 

Contributors

Languages