Skip to content

Latest commit

 

History

History
42 lines (31 loc) · 1.81 KB

File metadata and controls

42 lines (31 loc) · 1.81 KB

v0.3.0 - Major Detection Improvements

Headline

100% detection rate, 0% false positives on the AgentGuard Benchmark Suite (28 samples across 5 OWASP ASI categories + clean code).

Fixed

  • Self-scan false positives: Scanner now skips its own rules/ directory and test files by default. Self-scan went from 94 findings (false positives) to 2 (acceptable setup.py patterns).
  • ASI01 Prompt Injection: Added detection for messages array injection ({"role": "user", "content": user_msg}) and template .format(q=q) patterns.
  • ASI10 Trust Boundary: Added detection for Docker volume mounts with host paths (/etc, /root, /proc) and sandbox disable patterns (sandbox = None, isolation = False).
  • ASI03 Data Exfiltration: Whitelisted known LLM API providers (OpenAI, Anthropic, Google, Groq, Together, Mistral, Cohere, DeepSeek, xAI) to eliminate false positives on standard API configuration.
  • Benchmark runner: Fixed subprocess.check_output failure by adding --no-exit-code flag.

Added

  • --include-tests CLI flag: Explicitly include test files and directories in scans. By default, test files are skipped to avoid false positives from intentional test vulnerabilities.

Benchmark Results

Category      Total   Detected     Rate    FP
---------------------------------------------
ASI01             6          6     100%     0
ASI02             5          5     100%     0
ASI03             4          4     100%     0
ASI07             6          6     100%     0
ASI10             5          5     100%     0
clean             2          0       -      0
---------------------------------------------
TOTAL            28         26    100%     0

Detection rate: 100.0%
False positives: 0

Install

pip install --upgrade dfx-agentguard
agentguard . --format text