Releases: Mughal-Baig/agentic-workflow-guard
Release list
v1.7.0
AWGuard v1.7.0
This release turns AWGuard from a scanner into a broader adoption-ready safety kit for agentic repositories.
Highlights:
- New commands:
doctor,explain,badges,demo,templates,policy-pack,policy-wizard, andbaseline-review. - New detection coverage:
AWG016,AWG017,AWG018, andAWG019for checkout credentials, unsafe writeback, MCP input injection, and MCP package reputation policy. - Better automation: opt-in
--fix, richer--fix-dry-run, GitHub job summaries, improved SARIF metadata, and JSON/SARIF remediation codes. - Wider integrations: GitHub Actions, code scanning, GitLab CI, pre-commit, VS Code task/extension POC, dashboard POC, Docker workflow, and trusted npm publishing workflow.
- Stronger evidence: schemas for config, reports, inventories, comparisons, baselines, and badges; report gallery; real-world risk corpus; and golden end-to-end tests.
Validation:
npm testpassed with 84 tests.git diff --checkpassed.- AWGuard self-scan passed with no findings.
npm pack --dry-runproducedawguard@1.7.0.- GitHub Actions
TestandCode Scanningpassed forca1210f.
awguard v1.6.0
Highlights
- Added
awguard initso new users can copy a ready GitHub Action, config, baseline command, report commands, and README badge snippet. - Added
--format inventory-jsonfor dashboards, audits, and integrations that need machine-readable agentic surface data. - Added
--compare previous.json current.jsonto show introduced and resolved findings between scans. - Added policy allowlists for approved files, MCP servers, MCP packages, and MCP commands, reported through new rule
AWG015. - Added adoption assets: Dockerfile, GitLab CI, pre-commit, VS Code task, GitHub Pages starter, marketplace copy, comparison doc, and unsafe/fixed demo lab.
Validation
npm testpassed with 42 tests.- GitHub Actions mode test passed with 42 tests.
npm pack --dry-runverified the package contents.- Demo scans verified unsafe findings, fixed clean state, inventory JSON, and compare reports.
GitHub Action users can pin Mughal-Baig/agentic-workflow-guard@v1.6.0 or the moving @v0 tag.
v1.5.0 - Agentic Surface Inventory
Widened AWGuard from finding unsafe workflows to mapping agentic repository surfaces.\n\nPublished:\n- GitHub release: v1.5.0\n- npm package: https://www.npmjs.com/package/awguard/v/1.5.0\n- Install: npx awguard@1.5.0 .\n\nHighlights:\n- New --format inventory report groups scanned files into GitHub Actions workflows, agent context files, and MCP configs.\n- Scans GitHub Copilot custom agents, reusable prompts, and repository skills under .github/agents, .github/prompts, and .github/skills.\n- Adds docs/roadmap.md with the next scope expansion plan: policy mode, setup generator, agent capability SBOM, trend reports, vulnerable lab, and GitHub App monitoring.\n- Updates README, launch plan, market analysis, action metadata, and tests.\n\nTry it from npm:\n\n npx awguard@1.5.0 . --format inventory\n\nTry it from the GitHub Action tag:\n\n uses: Mughal-Baig/agentic-workflow-guard@v0\n with:\n format: inventory
v1.4.0 - MCP Trust Boundary Guard
Adds zero-execution MCP config scanning to Agentic Workflow Guard.\n\nPublished:\n- GitHub release: v1.4.0\n- npm package: https://www.npmjs.com/package/awguard/v/1.4.0\n- Install: npx awguard@1.4.0 .\n\nHighlights:\n- New AWG013 rule flags project MCP configs that start mutable packages, @latest specs, unpinned containers, or shell wrappers.\n- New AWG014 rule flags committed MCP tokens, API keys, passwords, bearer headers, and other auth material.\n- Discovers .mcp.json, .vscode/mcp.json, .cursor/mcp.json, Windsurf, Cline, Roo, and related MCP config files.\n- Adds MCP-aware remediation, migration, score, SARIF, docs, and examples.\n\nWhy it matters: existing MCP scanners often execute configured servers to inspect tools. AWGuard gives maintainers a GitHub-native first check for repo-provided MCP tool wiring without starting untrusted MCP commands.
Agentic Workflow Guard v1.3.0
Adds Agent Context Guard with AWG012. AWGuard now scans persistent agent instruction files such as AGENTS.md, CLAUDE.md, CODEX.md, GEMINI.md, .github/copilot-instructions.md, .github/instructions/*.instructions.md, Cursor rules, and related files. It flags instructions that bypass approvals, treat untrusted GitHub text as commands, or expose secrets. Includes examples, remediation guidance, graph/migration support, docs, and tests.
Agentic Workflow Guard v1.2.0
Adds AWI score and badge outputs. New formats: --format score for a Markdown Agentic Workflow Injection scorecard, and --format badge for Shields.io endpoint JSON. The README now includes an AWI risk badge, npm badge, updated launch research, and examples for score/badge adoption.
Agentic Workflow Guard v1.1.1
Published awguard to npm. This release adds npm metadata for the public awguard package, keeps the registry binary path normalized, and includes the v1.1 migration-report feature for safe-output agent workflow adoption.
Agentic Workflow Guard v1.1.0
Adds safe-output migration reports with --format migration, updates the npm package target to awguard to avoid the taken agentic-workflow-guard npm name, and refreshes launch/research docs around the Agentic Workflow Injection migration angle.
Agentic Workflow Guard v1.0.0
Agentic Workflow Guard now focuses on Agentic Workflow Injection mapping for AI-agent GitHub Actions workflows.\n\nHighlights:\n- Added Mermaid attack graph output with --format graph.\n- Added standalone HTML reports with --format html --output awguard-report.html.\n- Added --fix-dry-run remediation guidance.\n- Added built-in presets: strict, claude-code, codex, aider, and triage-bot.\n- Polished README positioning with an AWI attack graph hook.\n\nTry it:\n\nnode ./bin/awguard.js examples/unsafe-agent.yml --format graph\nnode ./bin/awguard.js examples/unsafe-agent.yml --format html --output awguard-report.html\nnode ./bin/awguard.js examples/unsafe-agent.yml --fix-dry-run