Owasp Python Packages

cyclonedx-python-lib

Functionality and DataModels of OWASP CycloneDX for Python

cyclonedx-bom

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

cyclonedx-py

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

agent-governance-toolkit

AI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and reliability engineering for autonomous AI agents. Covers 10/10 OWASP Agentic Top 10.

agent-os-kernel

AI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and reliability engineering for autonomous AI agents. Covers 10/10 OWASP Agentic Top 10.

agentmesh-platform

AI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and reliability engineering for autonomous AI agents. Covers 10/10 OWASP Agentic Top 10.

agent-sre

AI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and reliability engineering for autonomous AI agents. Covers 10/10 OWASP Agentic Top 10.

agent-hypervisor

AI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and reliability engineering for autonomous AI agents. Covers 10/10 OWASP Agentic Top 10.

agentmesh-runtime

AI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and reliability engineering for autonomous AI agents. Covers 10/10 OWASP Agentic Top 10.

dependency-check

:closed_lock_with_key: Shim to easily install OWASP dependency-check-cli into Python projects

agentmesh-primitives

AI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and reliability engineering for autonomous AI agents. Covers 10/10 OWASP Agentic Top 10.

agent-bom

Open security scanner for AI supply chain and infrastructure: agents, MCP, containers, cloud, GPU, and runtime with blast-radius analysis.

navi-sanitize

Deterministic input sanitization for untrusted text — invisible characters, homoglyphs, and encoding tricks, handled before your code sees them. Zero dependencies, no ML. Python 3.12+.

fray

Open-source WAF Security Testing Platform — 7,200+ attack payloads, 98 WAF/CDN fingerprints, AI-powered bypass engine, recon pipeline, beautiful CLI output

pyaigis

Deterministic, zero-dependency Python firewall for AI agents — MCP rug-pull, memory poisoning, indirect injection, exfil channels. 44 compliance templates (US/CN/JP/EU).

compose-lint

Security-focused linter for Docker Compose files. Catches dangerous misconfigurations before they reach production. Grounded in OWASP and CIS Docker Benchmark.

agent-audit-kit

Static scanner for MCP-connected AI agent pipelines — 200 rules across 11 categories, 12 compliance frameworks, OWASP Agentic 10/10 + MCP 10/10, GitHub Action, SARIF, 48h CVE-to-rule SLA.

signet-sign

Capability-based safety gates for LLM agents. The model proposes; signet authorizes.

cloudcomponents-cdk-pull-request-approval-rule

A collection of higher-level reusable cdk constructs

cloudcomponents-cdk-pull-request-check

A collection of higher-level reusable cdk constructs

insa-its

Runtime Security for Multi-Agent AI — Website & Documentation

projectair

Project AIR: forensic reconstruction and incident response for AI agents. Signed AgDR decision records, OWASP ASI01-ASI10 detection, signed forensic evidence exports.

agentmesh-marketplace

AI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and reliability engineering for autonomous AI agents. Covers 10/10 OWASP Agentic Top 10.

zapcli

A simple tool for interacting with OWASP ZAP from the commandline.