Skip to content

v0.5.7 - Cross-File Taint Analysis (Phase 2)

Choose a tag to compare

@dockfixlabs dockfixlabs released this 05 Jul 01:42

v0.5.7 - Cross-File Taint Analysis (Phase 2)

New: ASI01-CROSS-FILE rule

Tracks tainted data flowing through imported functions that call LLM APIs. Resolves from utils import call_llm patterns to find sinks in local modules.

Changes

  • New module: agentguard/rules/cross_file.py - Python import resolution
  • New rule: ASI01-CROSS-FILE (Cross-File Taint Flow)
  • 3 new tests (59 total, all pass)
  • 34/34 benchmark samples (100% detection, 0 FP)

Adversarial Review

  • 8/8 adversarial edge cases correctly handled
  • Tightened param-signature detection (TARGETED_PARAMS exact match)
  • Removed generic words from SOURCE_WORDS (eliminated FP noise)

Full Changelog: v0.5.6...v0.5.7