AWGuard v1.7.0
This release turns AWGuard from a scanner into a broader adoption-ready safety kit for agentic repositories.
Highlights:
- New commands:
doctor,explain,badges,demo,templates,policy-pack,policy-wizard, andbaseline-review. - New detection coverage:
AWG016,AWG017,AWG018, andAWG019for checkout credentials, unsafe writeback, MCP input injection, and MCP package reputation policy. - Better automation: opt-in
--fix, richer--fix-dry-run, GitHub job summaries, improved SARIF metadata, and JSON/SARIF remediation codes. - Wider integrations: GitHub Actions, code scanning, GitLab CI, pre-commit, VS Code task/extension POC, dashboard POC, Docker workflow, and trusted npm publishing workflow.
- Stronger evidence: schemas for config, reports, inventories, comparisons, baselines, and badges; report gallery; real-world risk corpus; and golden end-to-end tests.
Validation:
npm testpassed with 84 tests.git diff --checkpassed.- AWGuard self-scan passed with no findings.
npm pack --dry-runproducedawguard@1.7.0.- GitHub Actions
TestandCode Scanningpassed forca1210f.