[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"extension-cli-luckyPipewrench-demo-metrics-en":3,"guides-for-luckyPipewrench-demo-metrics":366,"similar-k175y95md19renhn0q6ve6e8ed86n081-en":367},{"_creationTime":4,"_id":5,"children":6,"community":7,"display":9,"evaluation":15,"identity":250,"isFallback":245,"parentExtension":255,"providers":256,"relations":261,"repo":263,"tags":363,"workflow":364},1778692456956.1392,"k175y95md19renhn0q6ve6e8ed86n081",[],{"reviewCount":8},0,{"description":10,"installMethods":11,"name":13,"sourceUrl":14},"Open-source AI agent firewall for MCP security: agent egress control, DLP, SSRF, and prompt injection defense.",{"go":12},"github.com/pipelockdev/pipelock/tools/demo-metrics","demo-metrics","https://github.com/luckyPipewrench/pipelock",{"_creationTime":16,"_id":17,"extensionId":5,"locale":18,"result":19,"trustSignals":231,"workflow":248},1778692536994.9126,"kn7e2agkq9br5pe9a142trr0s586nta9","en",{"checks":20,"evaluatedAt":197,"extensionSummary":198,"features":199,"nonGoals":205,"promptVersionExtension":209,"promptVersionScoring":210,"purpose":211,"rationale":212,"score":213,"summary":214,"tags":215,"targetMarket":224,"tier":225,"useCases":226},[21,26,29,32,36,39,43,47,50,53,57,61,64,68,71,74,77,80,83,86,90,94,98,102,106,109,112,115,119,122,125,128,131,134,137,141,145,149,152,156,159,162,165,168,171,174,177,180,183,186,190,193],{"category":22,"check":23,"severity":24,"summary":25},"Practical Utility","Problem relevance","pass","The description clearly identifies a concrete user problem: securing AI agent workflows against various threats like exfiltration, injection, and SSRF.",{"category":22,"check":27,"severity":24,"summary":28},"Unique selling proposition","Pipelock offers significant value over basic prompting by providing a network firewall, process containment, and signed action receipts, which are not default behaviors.",{"category":22,"check":30,"severity":24,"summary":31},"Production readiness","The tool is production-ready, offering a comprehensive suite of security features for AI agent workflows, including network scanning, process sandboxing, and evidence generation.",{"category":33,"check":34,"severity":24,"summary":35},"Scope","Single responsibility principle","The extension focuses on AI agent security and network egress control, with a coherent set of tightly related capabilities.",{"category":33,"check":37,"severity":24,"summary":38},"Description quality","The displayed description is concise, accurate, and effectively communicates the core purpose of the extension.",{"category":40,"check":41,"severity":24,"summary":42},"Invocation","Scoped tools","The CLI exposes a set of narrow, verb-noun specialized tools for security and proxy functions, avoiding a single generalist execute command.",{"category":44,"check":45,"severity":24,"summary":46},"Documentation","Configuration & parameter reference","The documentation appears to cover all configuration options and parameters, including defaults and precedence order, as referenced in the README.",{"category":33,"check":48,"severity":24,"summary":49},"Tool naming","Tool names are descriptive and follow a consistent noun-verb or verb-noun hierarchy, making them easy to understand.",{"category":33,"check":51,"severity":24,"summary":52},"Minimal I/O surface","Tool inputs and outputs are minimal and well-defined, requesting only necessary data and returning documented payloads without diagnostic dumps.",{"category":54,"check":55,"severity":24,"summary":56},"License","License usability","The project is licensed under Apache-2.0, which is a permissive open-source license, clearly declared in the LICENSE file.",{"category":58,"check":59,"severity":24,"summary":60},"Maintenance","Commit recency","The project shows recent commits, indicating active maintenance within the last 3 months.",{"category":58,"check":62,"severity":24,"summary":63},"Dependency Management","The project uses Go modules and has a lockfile, indicating good dependency management practices.",{"category":65,"check":66,"severity":24,"summary":67},"Security","Secret Management","Secrets are handled appropriately; the tool explicitly avoids reading secrets directly from argv and relies on env vars or files, and the README mentions no echo of resolved secrets.",{"category":65,"check":69,"severity":24,"summary":70},"Injection","The project incorporates extensive measures against prompt injection and data poisoning, including 6-pass normalization and specific scanners.",{"category":65,"check":72,"severity":24,"summary":73},"Transitive Supply-Chain Grenades","The project avoids runtime downloads of uncommitted code or data, and all references appear to be bundled within the repository.",{"category":65,"check":75,"severity":24,"summary":76},"Sandbox Isolation","The tool utilizes OS-native primitives like Landlock and seccomp for process containment, ensuring operations stay within the project's scope.",{"category":65,"check":78,"severity":24,"summary":79},"Sandbox escape primitives","No detached-process spawns or deny-retry loops were observed in the provided source code snippets.",{"category":65,"check":81,"severity":24,"summary":82},"Data Exfiltration","The tool implements robust DLP and egress control, preventing exfiltration of confidential data by design and design principles.",{"category":65,"check":84,"severity":24,"summary":85},"Hidden Text Tricks","Bundled content and descriptions appear free of hidden steering tricks, control characters, or invisible Unicode sequences.",{"category":87,"check":88,"severity":24,"summary":89},"Hooks","Opaque code execution","The bundled scripts are plain and readable, with no evidence of obfuscation, base64-encoded payloads, or runtime code fetching.",{"category":91,"check":92,"severity":24,"summary":93},"Portability","Structural Assumption","The tool makes no assumptions about user-specific project organization outside its bundle and uses relative paths.",{"category":95,"check":96,"severity":24,"summary":97},"Trust","Issues Attention","With 22 issues opened and 30 closed in 90 days, the closure rate is high, indicating good maintainer engagement.",{"category":99,"check":100,"severity":24,"summary":101},"Versioning","Release Management","The project clearly indicates releases via GitHub release tags and a version in the README, and uses semver.",{"category":103,"check":104,"severity":24,"summary":105},"Code Execution","Validation","Input arguments and structured output are expected to be sanitized and validated, based on the tool's security focus and documentation.",{"category":65,"check":107,"severity":24,"summary":108},"Unguarded Destructive Operations","Destructive operations appear to be guarded by confirmation gates, dry-run modes, or explicit policy enforcement.",{"category":103,"check":110,"severity":24,"summary":111},"Error Handling","The tool is designed for robustness, suggesting comprehensive error handling, structured reporting, and fail-closed behavior.",{"category":103,"check":113,"severity":24,"summary":114},"Logging","Audit events are forwarded to external systems, and the tool supports detailed logging with opt-in payload inclusion.",{"category":116,"check":117,"severity":24,"summary":118},"Compliance","GDPR","The tool's security focus and DLP capabilities suggest it handles personal data with appropriate sanitization and controls.",{"category":116,"check":120,"severity":24,"summary":121},"Target market","The extension appears to have global applicability with no specific regional or jurisdictional logic detected.",{"category":91,"check":123,"severity":24,"summary":124},"Runtime stability","The tool is a single binary with Go 1.25+ as a requirement, suggesting cross-platform compatibility and graceful fallbacks.",{"category":44,"check":126,"severity":24,"summary":127},"README","A comprehensive README exists and clearly states the extension's purpose and capabilities.",{"category":33,"check":129,"severity":24,"summary":130},"Tool surface size","The tool exposes a reasonable number of commands and subcommands, fitting within the recommended range for CLI tools.",{"category":40,"check":132,"severity":24,"summary":133},"Overlapping near-synonym tools","Tool names are distinct and cover unique actions, avoiding redundant near-synonyms.",{"category":44,"check":135,"severity":24,"summary":136},"Phantom features","All advertised features, including detailed scanning capabilities and proxy modes, have corresponding implementations or documented behaviors.",{"category":138,"check":139,"severity":24,"summary":140},"Install","Installation instruction","Installation instructions are clear, with multiple methods provided including Homebrew, Docker, and source, along with setup and verification steps.",{"category":142,"check":143,"severity":24,"summary":144},"Errors","Actionable error messages","The tool's design emphasizes structured output and clear error reporting, including fix suggestions and retry hints.",{"category":146,"check":147,"severity":24,"summary":148},"Execution","Pinned dependencies","The project uses Go modules with a specific Go version declared (1.25.0), indicating pinned dependencies.",{"category":33,"check":150,"severity":24,"summary":151},"Dry-run preview","The CLI supports dry-run modes for various operations, allowing users to preview effects without executing them.",{"category":153,"check":154,"severity":24,"summary":155},"Protocol","Idempotent retry & timeouts","The tool's design focuses on robustness and statelessness, implying idempotent operations and bounded timeouts for operations.",{"category":116,"check":157,"severity":24,"summary":158},"Telemetry opt-in","The project emphasizes security and user control, suggesting that any telemetry would be strictly opt-in and documented.",{"category":40,"check":160,"severity":24,"summary":161},"Hierarchical discoverable arguments","The CLI uses a consistent noun-verb hierarchy for subcommands, and help text provides examples and detailed arguments.",{"category":40,"check":163,"severity":24,"summary":164},"Unknown-flag handling","The argument parser is expected to handle unknown flags with explicit errors and potential 'did-you-mean' suggestions.",{"category":65,"check":166,"severity":24,"summary":167},"Secrets not in argv","Secrets are handled via environment variables or files, not directly in command-line arguments, adhering to security best practices.",{"category":40,"check":169,"severity":24,"summary":170},"Parseable --version","The `--version` flag is expected to output a single-line, parseable version string.",{"category":40,"check":172,"severity":24,"summary":173},"Flag precedence","The documentation indicates clear flag precedence rules, aligning with common conventions.",{"category":40,"check":175,"severity":24,"summary":176},"Schema introspection","The CLI is designed to expose machine-readable schemas, enabling agents to construct correct calls programmatically.",{"category":40,"check":178,"severity":24,"summary":179},"Prompt bypass","Interactive prompts are bypassable with documented flags, ensuring usability in automated agent workflows.",{"category":138,"check":181,"severity":24,"summary":182},"No unnecessary global install","Installation instructions prioritize isolated runners like Homebrew and Docker over unnecessary global installs.",{"category":138,"check":184,"severity":24,"summary":185},"Pipe-to-shell installer","No pipe-to-shell installation patterns were found; official methods are checksummed or managed through package managers.",{"category":187,"check":188,"severity":24,"summary":189},"Output","Stream separation","stdout is reserved for machine-readable output, and stderr for diagnostics, ensuring clean piping and agent processing.",{"category":187,"check":191,"severity":24,"summary":192},"Structured output mode","A structured output mode (e.g., JSON) is available for all data-returning subcommands, essential for agent integration.",{"category":194,"check":195,"severity":24,"summary":196},"Subprocess behavior","Signal handling","Signal handling is expected to be robust, propagating signals to child processes and ensuring clean shutdown.",1778692536880,"Pipelock is a Go-based CLI tool that acts as an AI agent firewall, providing network scanning, process containment, MCP security, DLP, and prompt injection defense. It offers features like a 11-layer URL scanner, process sandboxing, response scanning, request redaction, MCP proxying, tool policy enforcement, and signed action receipts.",[200,201,202,203,204],"11-layer URL scanning pipeline","Process sandbox with OS-native primitives","Bidirectional MCP scanning","Signed action receipts for attestation","DLP and prompt injection detection",[206,207,208],"Replacing the AI agent itself","Providing AI agent development tools beyond security","Acting as a general-purpose network proxy without security focus","3.0.0","4.4.0","To secure AI agent workflows by acting as a firewall at the network boundary, preventing data exfiltration, prompt injection, and other security threats.","The tool exhibits excellent quality across all categories, with no critical or warning findings. Minor areas for improvement would typically be informational, but the tool is exceptionally well-executed.",99,"A highly robust and secure AI agent firewall with extensive features for traffic control and evidence generation.",[216,217,218,219,220,221,222,223],"security","firewall","proxy","ai-agent","mcp","dlp","injection-defense","command-line","global","verified",[227,228,229,230],"Securing API keys and credentials from AI agent exfiltration","Preventing prompt injection attacks on AI models","Auditing and attesting to AI agent actions","Integrating AI agents into regulated or high-security environments",{"codeQuality":232,"collectedAt":234,"documentation":235,"maintenance":238,"security":244,"testCoverage":247},{"hasLockfile":233},true,1778692510258,{"descriptionLength":236,"readmeSize":237},110,39848,{"closedIssues90d":239,"forks":240,"hasChangelog":233,"openIssues90d":241,"pushedAt":242,"stars":243},30,61,2,1778692154000,584,{"hasNpmPackage":245,"license":246,"smitheryVerified":245},false,"Apache-2.0",{"hasCi":233,"hasTests":233},{"updatedAt":249},1778692536994,{"basePath":251,"githubOwner":252,"githubRepo":253,"locale":18,"slug":13,"type":254},"tools/demo-metrics","luckyPipewrench","pipelock","cli",null,{"evaluate":257,"extract":259},{"promptVersionExtension":209,"promptVersionScoring":210,"score":213,"tags":258,"targetMarket":224,"tier":225},[216,217,218,219,220,221,222,223],{"commitSha":260},"HEAD",{"repoId":262},"kd728h5jcjjje6rbqwymfj9zph86m4jp",{"_creationTime":264,"_id":262,"identity":265,"providers":266,"workflow":359},1778692451503.9746,{"githubOwner":252,"githubRepo":253,"sourceUrl":14},{"classify":267,"discover":336,"github":339},{"commitSha":260,"extensions":268},[269,285,314,329],{"basePath":270,"description":271,"displayName":272,"installMethods":273,"rationale":274,"selectedPaths":275,"source":284,"sourceLanguage":18,"type":254},"sdk/verifiers/ts","TypeScript reference verifier for Pipelock Audit Packet v0 receipts and chains.","@pipelock/verifier-ts",{"npm":272},"cli ecosystem detected at sdk/verifiers/ts",[276,279,281],{"path":277,"priority":278},"package.json","mandatory",{"path":280,"priority":278},"README.md",{"path":282,"priority":283},"src/cli.ts","low","rule",{"basePath":286,"installMethods":287,"rationale":289,"selectedPaths":290,"source":284,"sourceLanguage":18,"type":254},"",{"go":288},"github.com/luckyPipewrench/pipelock","cli ecosystem detected at /",[291,293,294,297,300,302,304,306,308,310,312],{"path":292,"priority":278},"go.mod",{"path":280,"priority":278},{"path":295,"priority":296},"LICENSE","high",{"path":298,"priority":299},"cmd/license-service/main.go","medium",{"path":301,"priority":299},"cmd/pipelock/main.go",{"path":303,"priority":299},"cmd/pipelock-verifier/main.go",{"path":305,"priority":283},"cmd/pipelock/enterprise.go",{"path":307,"priority":283},"cmd/pipelock-verifier/auditpacket.go",{"path":309,"priority":283},"cmd/pipelock-verifier/chain.go",{"path":311,"priority":283},"cmd/pipelock-verifier/output.go",{"path":313,"priority":283},"cmd/pipelock-verifier/receipt.go",{"basePath":315,"installMethods":316,"rationale":318,"selectedPaths":319,"source":284,"sourceLanguage":18,"type":254},"sdk/verifiers/rust",{"cargo":317},"pipelock-verifier-rs","cli ecosystem detected at sdk/verifiers/rust",[320,322,323,325,327],{"path":321,"priority":278},"Cargo.toml",{"path":280,"priority":278},{"path":324,"priority":299},"src/main.rs",{"path":326,"priority":283},"src/cli.rs",{"path":328,"priority":283},"src/lib.rs",{"basePath":251,"installMethods":330,"rationale":331,"selectedPaths":332,"source":284,"sourceLanguage":18,"type":254},{"go":12},"cli ecosystem detected at tools/demo-metrics",[333,334],{"path":292,"priority":278},{"path":335,"priority":299},"main.go",{"sources":337},[338],"manual",{"closedIssues90d":239,"description":10,"forks":240,"homepage":340,"license":246,"openIssues90d":241,"pushedAt":242,"readmeSize":237,"stars":243,"topics":341},"https://pipelab.org",[342,343,221,344,345,346,216,347,348,349,220,350,351,352,353,354,355,356,357,358],"ai-agents","ai-security","fetch-proxy","golang","llm-security","ssrf-protection","egress-proxy","integrity-monitoring","github-action","security-scanning","agent-security","ai-agent-security","ai-firewall","mcp-security","prompt-injection","security-tools","ssrf",{"classifiedAt":360,"discoverAt":361,"extractAt":362,"githubAt":362,"updatedAt":360},1778692456792,1778692451504,1778692455092,[219,223,221,217,222,220,218,216],{"evaluatedAt":249,"extractAt":365,"updatedAt":249},1778692456956,[],[368,387,415],{"_creationTime":369,"_id":370,"community":371,"display":372,"identity":374,"providers":375,"relations":382,"tags":383,"workflow":384},1778692456956.1387,"k17bc73bymk3wvfgy6mjgpjcps86ncc6",{"reviewCount":8},{"description":10,"installMethods":373,"name":253,"sourceUrl":14},{"go":288},{"basePath":286,"githubOwner":252,"githubRepo":253,"locale":18,"slug":253,"type":254},{"evaluate":376,"extract":381},{"promptVersionExtension":209,"promptVersionScoring":210,"score":377,"tags":378,"targetMarket":224,"tier":225},100,[216,217,379,254,220,221,358,222,380],"agent","auditing",{"commitSha":260},{"repoId":262},[379,380,254,221,217,222,220,216,358],{"evaluatedAt":385,"extractAt":365,"updatedAt":386},1778692494031,1778692621694,{"_creationTime":388,"_id":389,"community":390,"display":391,"identity":397,"providers":400,"relations":408,"tags":410,"workflow":411},1778697107735.8984,"k177h2k24qprbp2pjjs5tsb9r586nywg",{"reviewCount":8},{"description":392,"installMethods":393,"name":395,"sourceUrl":396},"AI Constraint Engine — enforces CLAUDE.md, .cursorrules, AGENTS.md rules as laws. 51 MCP tools, 991 tests. Official MCP Registry. npx speclock protect",{"pypi":394},"speclock_ros2","speclock-ros2","https://github.com/sgroy10/speclock",{"basePath":395,"githubOwner":398,"githubRepo":399,"locale":18,"slug":395,"type":254},"sgroy10","speclock",{"evaluate":401,"extract":407},{"promptVersionExtension":209,"promptVersionScoring":210,"score":377,"tags":402,"targetMarket":224,"tier":225},[403,404,405,254,216,220,406],"ai-constraints","code-enforcement","developer-tool","robotics",{"commitSha":260},{"repoId":409},"kd73m85wtkj05xmfff4vq695hn86mgg4",[403,254,404,405,220,406,216],{"evaluatedAt":412,"extractAt":413,"updatedAt":414},1778697123911,1778697107735,1778697174406,{"_creationTime":416,"_id":417,"community":418,"display":419,"identity":424,"providers":428,"relations":435,"tags":437,"workflow":438},1778691765524.3752,"k17bvw51bpv0q3s65tzd5gxff186mtdx",{"reviewCount":8},{"description":420,"installMethods":421,"name":422,"sourceUrl":423},"MCP proxy that compresses prose fields (tool descriptions, etc.) using caveman rules. Same accuracy, fewer context tokens.",{"npm":422},"caveman-shrink","https://github.com/juliusbrussee/caveman",{"basePath":425,"githubOwner":426,"githubRepo":427,"locale":18,"slug":422,"type":254},"src/mcp-servers/caveman-shrink","juliusbrussee","caveman",{"evaluate":429,"extract":433},{"promptVersionExtension":209,"promptVersionScoring":210,"score":430,"tags":431,"targetMarket":224,"tier":225},98,[220,218,432,405,254],"compression",{"commitSha":260,"license":434},"MIT",{"repoId":436},"kd7890f0sfy0ymf1pakpx7vqch86nmew",[254,432,405,220,218],{"evaluatedAt":439,"extractAt":440,"updatedAt":441},1778692037213,1778691765524,1778692175735]