AIToday

Diplomat-agent static scanner reveals 76% of tool calls in 16 open-source AI agent repos lack security guards

Hacker NewsApr 29, 20262 min read
Diplomat-agent static scanner reveals 76% of tool calls in 16 open-source AI agent repos lack security guards

Summaries like this, in your inbox every morning.

Sign up free →

3 Key Points

  1. A Python tool called diplomat-agent scans codebases for unguarded AI agent tool calls—functions that write to databases, send emails, charge cards, or delete data. A scan of 16 open-source agent repositories found 76% of tool calls had zero checks (input validation, rate limiting, auth checks, confirmation steps, idempotency keys, or retry bounds).

  2. The scanner runs in ~2 seconds on a 1,000-file repo using only Python's standard library AST module. It detects 40+ patterns across 8 categories (database writes/deletes, HTTP writes, payments, email/messaging, agent invocations, destructive commands, and publish/upload operations) and outputs results in Terminal, JSON, SARIF 2.1.0, CSAF 2.0, or Markdown formats.

  3. The tool integrates into CI pipelines (to block unguarded PRs), IDEs (Copilot Chat, Claude Code, Cursor), pre-commit hooks, and GitHub Code Scanning. It also generates a toolcalls.yaml behavioral SBOM that documents what an agent can do, comparable to a requirements.txt file.

Discussion

No comments yet. Be the first to share your thoughts!

Log in to join the discussion

Related Articles

Stay ahead with AI news

Get curated AI news from 200+ sources delivered daily to your inbox. Free to use.

Get Started Free

Free · takes 30 seconds · unsubscribe anytime

1 minute a day. The AI essentials.

200+ sources · Email / LINE / Slack

Get it free →