[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"extension-cli-luckyPipewrench-pipelock-zh-CN":3,"guides-for-luckyPipewrench-pipelock":365,"similar-k170x6w0548s68g79ejga9a6a186mvtw-zh-CN":366},{"_creationTime":4,"_id":5,"children":6,"community":7,"display":9,"evaluation":15,"identity":247,"isFallback":242,"parentExtension":250,"providers":251,"relations":257,"repo":260,"tags":361,"workflow":362},1778692566881.227,"k170x6w0548s68g79ejga9a6a186mvtw",[],{"reviewCount":8},0,{"description":10,"installMethods":11,"name":13,"sourceUrl":14},"用于 MCP 安全的开源 AI 代理防火墙：代理出口控制、DLP、SSRF 和提示注入防护。",{"go":12},"github.com/luckyPipewrench/pipelock","pipelock","https://github.com/luckyPipewrench/pipelock",{"_creationTime":16,"_id":17,"extensionId":5,"locale":18,"result":19,"trustSignals":228,"workflow":245},1778692566881.2273,"kn71d48v1gxvn45aasmtf2myph86ns2j","zh-CN",{"checks":20,"evaluatedAt":194,"extensionSummary":195,"features":196,"nonGoals":202,"promptVersionExtension":206,"promptVersionScoring":207,"purpose":208,"rationale":209,"score":210,"summary":211,"tags":212,"tier":222,"useCases":223},[21,26,29,32,36,39,43,47,50,53,57,61,64,68,71,74,77,80,83,86,90,94,98,102,106,109,112,115,119,122,125,128,131,134,137,141,145,149,152,156,159,162,166,169,173,176,179,182,185,188,191],{"category":22,"check":23,"severity":24,"summary":25},"实际效用","问题相关性","pass","描述清楚地指出了保护 AI 代理出口和防御常见攻击（如提示注入和 SSRF）的问题。",{"category":22,"check":27,"severity":24,"summary":28},"独特的卖点","Pipelock 通过提供带有中介签名收据、进程隔离和 MCP 感知策略执行的防火墙，提供了超越简单提示的重要价值。",{"category":22,"check":30,"severity":24,"summary":31},"生产就绪性","该工具专为生产使用而设计，提供全面的安全功能、清晰的集成指南和强大的部署选项。",{"category":33,"check":34,"severity":24,"summary":35},"范围","单一职责原则","Pipelock 专注于 AI 代理出口安全和命令控制，其所有功能都一致地服务于此核心目的。",{"category":33,"check":37,"severity":24,"summary":38},"描述质量","显示的描述准确而简洁地反映了该工具作为 AI 代理安全防火墙的能力。",{"category":40,"check":41,"severity":24,"summary":42},"调用","范围限定的工具","CLI 使用分层命令结构和特定工具来执行诸如“check”、“sandbox”和“assess”之类的操作，避免使用通用的“execute”命令。",{"category":44,"check":45,"severity":24,"summary":46},"文档","配置和参数参考","文档提供了配置选项的全面参考，包括预设和功能的详细分类。",{"category":33,"check":48,"severity":24,"summary":49},"工具命名","工具名称具有描述性，并遵循清晰的动词-名词或名词-动词层次结构，例如“pipelock check”和“pipelock mcp proxy”。",{"category":33,"check":51,"severity":24,"summary":52},"最小 I/O 表面","输入通过标志和配置进行了明确定义，输出（尤其是 JSON 模式下）专注于所请求的数据，没有不必要的遥测。",{"category":54,"check":55,"severity":24,"summary":56},"许可证","许可证可用性","核心 Pipelock 采用宽松的开源许可证 Apache 2.0 许可，企业功能采用 ELv2 许可。两者都已明确注明。",{"category":58,"check":59,"severity":24,"summary":60},"维护","提交近期性","截至 2026 年 5 月，该存储库显示了最近的提交，表明正在积极维护。",{"category":58,"check":62,"severity":24,"summary":63},"依赖管理","go.mod 文件表明依赖项已固定到特定版本，并且该项目使用 Go 1.25+，这表明依赖项管理良好。",{"category":65,"check":66,"severity":24,"summary":67},"安全","秘密管理","Pipelock 设计用于安全地处理秘密，已提交的文件中没有硬编码的秘密，并且有通过环境变量或文件接受秘密的清晰机制。",{"category":65,"check":69,"severity":24,"summary":70},"注入","该工具明确扫描并防御提示注入和 URL 规避技术，其文档详细介绍了其绕过抵抗矩阵。",{"category":65,"check":72,"severity":24,"summary":73},"传递式供应链手榴弹","该项目通过 SLSA 来源、SBOM、签名发布和无运行时检索未经验证的代码来强调供应链安全。",{"category":65,"check":75,"severity":24,"summary":76},"沙箱隔离","Pipelock 使用 Landlock 和 seccomp 等原生操作系统原语实现进程隔离，并提供有关其沙箱功能的清晰文档。",{"category":65,"check":78,"severity":24,"summary":79},"沙箱逃逸原语","由于网络隔离和进程隔离，架构和实现似乎通过设计阻止了沙箱逃逸原语。",{"category":65,"check":81,"severity":24,"summary":82},"数据渗漏","该工具的主要目的是防止数据渗漏，通过多层扫描和阻止敏感信息。",{"category":65,"check":84,"severity":24,"summary":85},"隐藏文本技巧","该项目的文档和代码实践似乎没有隐藏文本技巧或恶意 Unicode 字符。",{"category":87,"check":88,"severity":24,"summary":89},"钩子","不透明代码执行","源代码是普通的 Go 代码，并且构建过程似乎不涉及混淆或运行时代码检索。",{"category":91,"check":92,"severity":24,"summary":93},"可移植性","结构化假设","CLI 设计为可移植，安装方法包括 Homebrew 和 Docker，并且似乎没有对用户项目结构做出硬性假设。",{"category":95,"check":96,"severity":24,"summary":97},"信任","问题关注度","该项目在 90 天内有 2 个打开和 30 个关闭的 issue，显示出积极的参与和高关闭率。",{"category":99,"check":100,"severity":24,"summary":101},"版本","发布管理","该项目使用 GitHub 发布并清晰地报告版本信息，并显示了最新的发布标签。",{"category":103,"check":104,"severity":24,"summary":105},"代码执行","验证","输入验证是 Pipelock 安全模型的核心组成部分，其广泛的扫描和策略执行功能证明了这一点。",{"category":65,"check":107,"severity":24,"summary":108},"无保护的破坏性操作","破坏性操作被阻止、记录或受到严格的策略执行和清晰的操作收据，没有证据表明存在无保护的破坏性原语。",{"category":103,"check":110,"severity":24,"summary":111},"错误处理","CLI 是用 Cobra 构建的，并利用结构化错误处理，提供用于验证和诊断的特定命令。",{"category":103,"check":113,"severity":24,"summary":114},"日志记录","该工具生成结构化的审计日志和 Prometheus 指标，并提供有关其格式和用途的清晰文档。",{"category":116,"check":117,"severity":24,"summary":118},"合规性","GDPR","Pipelock 专注于防止数据渗漏和扫描数据，这符合 GDPR 原则，因为它最大限度地减少了个人数据的暴露。",{"category":116,"check":120,"severity":24,"summary":121},"目标市场","该工具专为 AI 代理工作流的全球适用性而设计，没有任何区域或司法管辖区限制。",{"category":91,"check":123,"severity":24,"summary":124},"运行时稳定性","该工具是用 Go 构建的，并旨在实现跨平台兼容性，提供 Docker 和预构建二进制文件等安装方法。",{"category":44,"check":126,"severity":24,"summary":127},"README","README 内容全面、组织良好，并清楚地说明了扩展的目的和功能。",{"category":33,"check":129,"severity":24,"summary":130},"工具表面大小","CLI 在可管理的表面区域内公开了一组集中的命令（例如，init、check、mcp、sandbox、assess）。",{"category":40,"check":132,"severity":24,"summary":133},"重叠的近同义词工具","工具命令是不同的，并涵盖了特定的安全功能，避免了对类似操作使用近乎同义的命令。",{"category":44,"check":135,"severity":24,"summary":136},"幻影功能","所有文档记录的功能，如 DLP、SSRF 防护和 MCP 扫描，都已实现并提供相应的工具。",{"category":138,"check":139,"severity":24,"summary":140},"安装","安装说明","安装说明清晰，提供多种方法（Homebrew、Docker、源代码）和详细的设置指南。",{"category":142,"check":143,"severity":24,"summary":144},"错误","可操作的错误消息","CLI 提供带有退出代码和提示的清晰错误消息，便于故障排除和自动化。",{"category":146,"check":147,"severity":24,"summary":148},"执行","固定依赖项","依赖项通过 go.mod 管理并固定到特定版本，确保了可复现的构建。",{"category":33,"check":150,"severity":24,"summary":151},"试运行预览","虽然并非所有操作都明确提供 '--dry-run' 标志，但其面向安全的特性和审计日志提供了对预期操作的可见性。",{"category":153,"check":154,"severity":24,"summary":155},"协议","幂等重试和超时","该工具的设计强调调用之间的无状态性和强大的错误处理，表明其架构有利于在适用时进行重试和超时。",{"category":138,"check":157,"severity":24,"summary":158},"无不必要的全局安装","Homebrew、Docker 和 `go install` 等安装选项允许进行隔离或项目特定的设置，避免了强制的全局安装。",{"category":138,"check":160,"severity":24,"summary":161},"管道到 shell 安装程序","安装说明避免了不可信的管道到 shell 命令，倾向于 Homebrew 或已验证的二进制文件等安全方法。",{"category":163,"check":164,"severity":24,"summary":165},"输出","流分离","该工具支持 JSON 输出模式，确保数据与诊断和进度消息清晰分离。",{"category":163,"check":167,"severity":24,"summary":168},"结构化输出模式","Pipelock 为其所有子命令提供 `--json` 标志，从而实现机器可读的输出，以便与代理和脚本集成。",{"category":170,"check":171,"severity":24,"summary":172},"子进程行为","信号处理","CLI 是用 Go 和 Cobra 构建的，预计会正确处理信号，确保正常关闭和清理。",{"category":40,"check":174,"severity":24,"summary":175},"分层可发现参数","CLI 使用清晰的名词-动词分层结构（例如，“pipelock audit-packet PATH”），并提供帮助文本和可运行的示例。",{"category":40,"check":177,"severity":24,"summary":178},"未知标志处理","CLI 使用的 Cobra 参数解析会针对未知标志提供明确的错误，并且通常包含“您是否想说”的建议。",{"category":65,"check":180,"severity":24,"summary":181},"argv 中无秘密","秘密通过环境变量、文件或 stdin 处理，文档中未记录直接暴露在命令行参数中。",{"category":40,"check":183,"severity":24,"summary":184},"可解析的 --version","`--version` 标志以“名称 版本（提交）”的格式输出一个单行、可解析的字符串。",{"category":40,"check":186,"severity":24,"summary":187},"标志优先级","尽管 README 中没有明确说明，但 CLI 结构和 Cobra 的使用表明它遵循标准的标志优先级。",{"category":40,"check":189,"severity":24,"summary":190},"模式自省","验证器子命令及其 JSON 输出提供了用于输入和输出验证的机器可读模式。",{"category":40,"check":192,"severity":24,"summary":193},"提示绕过","作为一个专为自动化设计的 CLI 工具，Pipelock 避免使用交互式提示，而是选择标志和配置文件。",1778692493926,"Pipelock 是一个基于 Go 的 CLI 工具，充当 AI 代理防火墙，提供全面的安全功能，如出口控制、DLP、SSRF 防护、提示注入防护和可审计的操作收据。",[197,198,199,200,201],"带有中介签名收据的 AI 代理防火墙","通过原生操作系统原语进行进程隔离","MCP 安全、出口控制、DLP 和提示注入防护","11 层 URL 扫描仪，具有高级规避检测功能","审计日志记录和可验证证据的发出",[203,204,205],"替换基础操作系统安全控件。","提供代理端漏洞扫描。","充当不注重安全性的通用网络代理。","3.0.0","4.4.0","通过充当内联防火墙来保护 AI 代理工作流，防范数据渗漏、提示注入和其他威胁，同时提供对代理操作的可验证证明。","所有检查均以高度置信度通过，表明安全、文档和可用性俱佳。",100,"一个全面且高度安全的 AI 代理防火墙 CLI 工具。",[213,214,215,216,217,218,219,220,221],"security","firewall","agent","cli","mcp","dlp","ssrf","injection-defense","auditing","verified",[224,225,226,227],"保护环境中包含敏感凭据的 AI 代理。","在 LLM 交互中防止提示注入攻击。","审计和验证 AI 代理执行的操作。","将 AI 代理安全集成到 CI/CD 管道中。",{"codeQuality":229,"collectedAt":231,"documentation":232,"maintenance":235,"security":241,"testCoverage":244},{"hasLockfile":230},true,1778692476279,{"descriptionLength":233,"readmeSize":234},110,39848,{"closedIssues90d":236,"forks":237,"hasChangelog":230,"openIssues90d":238,"pushedAt":239,"stars":240},30,61,2,1778692154000,584,{"hasNpmPackage":242,"license":243,"smitheryVerified":242},false,"Apache-2.0",{"hasCi":230,"hasTests":230},{"updatedAt":246},1778692566881,{"basePath":248,"githubOwner":249,"githubRepo":13,"locale":18,"slug":13,"type":216},"","luckyPipewrench",null,{"evaluate":252,"extract":255},{"promptVersionExtension":206,"promptVersionScoring":207,"score":210,"tags":253,"targetMarket":254,"tier":222},[213,214,215,216,217,218,219,220,221],"global",{"commitSha":256},"HEAD",{"repoId":258,"translatedFrom":259},"kd728h5jcjjje6rbqwymfj9zph86m4jp","k17bc73bymk3wvfgy6mjgpjcps86ncc6",{"_creationTime":261,"_id":258,"identity":262,"providers":263,"workflow":357},1778692451503.9746,{"githubOwner":249,"githubRepo":13,"sourceUrl":14},{"classify":264,"discover":334,"github":337},{"commitSha":256,"extensions":265},[266,283,310,325],{"basePath":267,"description":268,"displayName":269,"installMethods":270,"rationale":271,"selectedPaths":272,"source":281,"sourceLanguage":282,"type":216},"sdk/verifiers/ts","TypeScript reference verifier for Pipelock Audit Packet v0 receipts and chains.","@pipelock/verifier-ts",{"npm":269},"cli ecosystem detected at sdk/verifiers/ts",[273,276,278],{"path":274,"priority":275},"package.json","mandatory",{"path":277,"priority":275},"README.md",{"path":279,"priority":280},"src/cli.ts","low","rule","en",{"basePath":248,"installMethods":284,"rationale":285,"selectedPaths":286,"source":281,"sourceLanguage":282,"type":216},{"go":12},"cli ecosystem detected at /",[287,289,290,293,296,298,300,302,304,306,308],{"path":288,"priority":275},"go.mod",{"path":277,"priority":275},{"path":291,"priority":292},"LICENSE","high",{"path":294,"priority":295},"cmd/license-service/main.go","medium",{"path":297,"priority":295},"cmd/pipelock/main.go",{"path":299,"priority":295},"cmd/pipelock-verifier/main.go",{"path":301,"priority":280},"cmd/pipelock/enterprise.go",{"path":303,"priority":280},"cmd/pipelock-verifier/auditpacket.go",{"path":305,"priority":280},"cmd/pipelock-verifier/chain.go",{"path":307,"priority":280},"cmd/pipelock-verifier/output.go",{"path":309,"priority":280},"cmd/pipelock-verifier/receipt.go",{"basePath":311,"installMethods":312,"rationale":314,"selectedPaths":315,"source":281,"sourceLanguage":282,"type":216},"sdk/verifiers/rust",{"cargo":313},"pipelock-verifier-rs","cli ecosystem detected at sdk/verifiers/rust",[316,318,319,321,323],{"path":317,"priority":275},"Cargo.toml",{"path":277,"priority":275},{"path":320,"priority":295},"src/main.rs",{"path":322,"priority":280},"src/cli.rs",{"path":324,"priority":280},"src/lib.rs",{"basePath":326,"installMethods":327,"rationale":329,"selectedPaths":330,"source":281,"sourceLanguage":282,"type":216},"tools/demo-metrics",{"go":328},"github.com/pipelockdev/pipelock/tools/demo-metrics","cli ecosystem detected at tools/demo-metrics",[331,332],{"path":288,"priority":275},{"path":333,"priority":295},"main.go",{"sources":335},[336],"manual",{"closedIssues90d":236,"description":338,"forks":237,"homepage":339,"license":243,"openIssues90d":238,"pushedAt":239,"readmeSize":234,"stars":240,"topics":340},"Open-source AI agent firewall for MCP security: agent egress control, DLP, SSRF, and prompt injection defense.","https://pipelab.org",[341,342,218,343,344,345,213,346,347,348,217,349,350,351,352,353,354,355,356,219],"ai-agents","ai-security","fetch-proxy","golang","llm-security","ssrf-protection","egress-proxy","integrity-monitoring","github-action","security-scanning","agent-security","ai-agent-security","ai-firewall","mcp-security","prompt-injection","security-tools",{"classifiedAt":358,"discoverAt":359,"extractAt":360,"githubAt":360,"updatedAt":358},1778692456792,1778692451504,1778692455092,[215,221,216,218,214,220,217,213,219],{"evaluatedAt":363,"extractAt":364,"updatedAt":246},1778692494031,1778692456956,[],[367,396,416],{"_creationTime":368,"_id":369,"community":370,"display":371,"identity":377,"providers":380,"relations":388,"tags":391,"workflow":392},1778697166802.8904,"k17brwp2rz821bkz2zeazsv5td86mdep",{"reviewCount":8},{"description":372,"installMethods":373,"name":375,"sourceUrl":376},"AI约束引擎 — 强制执行 CLAUDE.md、.cursorrules、AGENTS.md 规则，如同法律一般。拥有 51 个 MCP 工具，991 个测试。官方 MCP 注册表。 npx speclock protect",{"pypi":374},"speclock_ros2","speclock-ros2","https://github.com/sgroy10/speclock",{"basePath":375,"githubOwner":378,"githubRepo":379,"locale":18,"slug":375,"type":216},"sgroy10","speclock",{"evaluate":381,"extract":387},{"promptVersionExtension":206,"promptVersionScoring":207,"score":210,"tags":382,"targetMarket":254,"tier":222},[383,384,385,216,213,217,386],"ai-constraints","code-enforcement","developer-tool","robotics",{"commitSha":256},{"repoId":389,"translatedFrom":390},"kd73m85wtkj05xmfff4vq695hn86mgg4","k177h2k24qprbp2pjjs5tsb9r586nywg",[383,216,384,385,217,386,213],{"evaluatedAt":393,"extractAt":394,"updatedAt":395},1778697123911,1778697107735,1778697166803,{"_creationTime":397,"_id":398,"community":399,"display":400,"identity":403,"providers":404,"relations":412,"tags":413,"workflow":414},1778692456956.1392,"k175y95md19renhn0q6ve6e8ed86n081",{"reviewCount":8},{"description":338,"installMethods":401,"name":402,"sourceUrl":14},{"go":328},"demo-metrics",{"basePath":326,"githubOwner":249,"githubRepo":13,"locale":282,"slug":402,"type":216},{"evaluate":405,"extract":411},{"promptVersionExtension":206,"promptVersionScoring":207,"score":406,"tags":407,"targetMarket":254,"tier":222},99,[213,214,408,409,217,218,220,410],"proxy","ai-agent","command-line",{"commitSha":256},{"repoId":258},[409,410,218,214,220,217,408,213],{"evaluatedAt":415,"extractAt":364,"updatedAt":415},1778692536994,{"_creationTime":417,"_id":418,"community":419,"display":420,"identity":425,"providers":429,"relations":438,"tags":440,"workflow":441},1778683644393.5793,"k171esc5b8pbh1r9s90d526z3586njrn",{"reviewCount":8},{"description":421,"installMethods":422,"name":423,"sourceUrl":424},"Local skill manager and installer for agent-playbook across Claude Code, Codex, and Gemini.",{"npm":423},"@codeharbor/agent-playbook","https://github.com/charon-fan/agent-playbook",{"basePath":426,"githubOwner":427,"githubRepo":428,"locale":282,"slug":428,"type":216},"packages/agent-playbook","charon-fan","agent-playbook",{"evaluate":430,"extract":436},{"promptVersionExtension":206,"promptVersionScoring":207,"score":210,"tags":431,"targetMarket":254,"tier":222},[216,215,432,433,434,435],"skills","management","automation","configuration",{"commitSha":256,"license":437},"MIT",{"repoId":439},"kd7cf5d43dzccs0fw9c2rp131n86mrv4",[215,434,216,435,433,432],{"evaluatedAt":442,"extractAt":443,"updatedAt":442},1778684270439,1778683644393]