PyRank

Supply Chain Security Python Packages

Python packages with the GitHub topic supply-chain-security. Sorted by relevance, with stars and monthly downloads.
msaad00
agent-bom

Open security scanner for AI supply chain and infrastructure: agents, MCP, containers, cloud, GPU, and runtime with blast-radius analysis.

20K 20 7
Project-Navi
navi-sanitize

Deterministic input sanitization for untrusted text — invisible characters, homoglyphs, and encoding tricks, handled before your code sees them. Zero dependencies, no ML. Python 3.12+.

18K 2 0
owasp-dep-scan
owasp-depscan

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

18K 1K 131
owasp-dep-scan
blint

blint is a Binary Linter that checks the security properties and capabilities of your executables. It can also generate a Software Bill-of-Materials (SBOM) for supported binaries.

16K 448 46
owasp-dep-scan
ds-analysis-lib

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

15K 1K 131
owasp-dep-scan
ds-xbom-lib

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

15K 1K 131
owasp-dep-scan
ds-reporting-lib

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

15K 1K 131
gautamvarmadatla
mcpsafetywarden

MCP servers expose tools with no information about what they actually do at runtime. mcpsafetywarden sits between your agent and any MCP server, profiling tool behavior, blocking destructive calls, and running active security audits before you trust them in a workflow.

12K 6 1
sunglasses-dev
sunglasses

Sunglasses for AI agents. Protection layer + neighborhood watch.

11K 1 1
shcherbak-ai
tethered

Runtime network egress control for Python

10K 8 0
nuclear-treestump
pydepgate

A zero dependency lightweight static analyzer that detects weird startup behaviors in python.

9K 0 0
sattyamjjain
agent-audit-kit

Static scanner for MCP-connected AI agent pipelines — 200 rules across 11 categories, 12 compliance frameworks, OWASP Agentic 10/10 + MCP 10/10, GitHub Action, SARIF, 48h CVE-to-rule SLA.

9K 5 0
Rul1an
assay-it

CI-native evidence compiler for agent systems: MCP policy enforcement, evidence receipts, Trust Basis claims, and reviewable artifacts.

8K 1 2
lucashgrifoni
oss-policy-kit

Policy-as-code starter kit for OSS repository governance and CI/CD hygiene across GitHub, Azure, and AWS.

7K 3 1
appthreat
appthreat-depscan

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

7K 1K 131
adudley78
mcp-audit-scanner

Security scanner for MCP (Model Context Protocol) server configurations. Detects prompt injection, credential exposure, supply chain risks, and more.

5K 2 0
Lab700xOrg
aisbom-cli

AI SBOM: AI Software Bill of Materials - The Supply Chain for Artificial Intelligence

4K 72 3
squid-protocol
gitgalaxy

An AST-free, LLM-free heuristic knowledge graph engine for deep repository intelligence. Map, secure, and modernize enterprise codebases across 50+ languages at extreme velocity

4K 27 0
Metbcy
securescan

Security scanning without the SaaS tax. Multi-scanner orchestration, baseline diffing, SBOM + SARIF, signed everything — runs in your terminal, your CI, or a dashboard you own.

4K 0 0
tankpkg
tank-core

Security-first package manager for AI agent skills

3K 28 4
GagancM
arcis

Inside-the-app security middleware for Node.js, Python, and Go. 20+ attack vectors. One install, three languages, MIT.

3K 5 1
invariant-systems-ai
aiir

AI Integrity Receipts — generate, verify, and attest cryptographic receipts for commits with declared AI involvement. Release verification with SLSA-compatible VSA. Zero dependencies. Apache 2.0.

3K 5 0
ArmorerLabs
armorer

Local control plane for running AI agents with sandboxes, approvals, guardrails, credentials, and runtime health.

2K 16 0
tankpkg
tank-sdk

Security-first package manager for AI agent skills

2K 28 4