Skip to content

v0.5.5 - Cross-Function Taint Analysis

Choose a tag to compare

@dockfixlabs dockfixlabs released this 05 Jul 01:29

v0.5.5 - Cross-Function Taint Analysis

New: Interprocedural Taint Tracking (ASI01-INTERPROCEDURAL)

Tracks tainted data across function boundaries - the first interprocedural analysis rule for AI agent code.

What it detects:

  • Tainted user input passed to wrapper functions that call LLM APIs
  • Multi-hop taint chains (input -> process -> call_llm -> sink)
  • Functions with taint-suggesting parameter names that contain LLM sinks

Why it matters: Simple single-function taint analysis misses the most common real-world pattern - wrapper functions around LLM calls. This rule closes that gap.

Changes

  • New rule: ASI01-INTERPROCEDURAL (Cross-Function Taint Flow)
  • New module: agentguard/rules/interprocedural.py
  • 6 new tests (56 total, all pass)

Benchmark

  • 32/32 samples detected (100%)
  • 0 false positives

Install

pip install dfx-agentguard==0.5.5

Full Changelog: v1...v0.5.5