Skip to content

PhishGuard AI v0.5.0

Marketplace
Marketplace

Choose a tag to compare

View all tags
@omobolajiadeyan omobolajiadeyan released this 12 Jun 13:23
· 7 commits to main since this release
v0.5.0
7bdb402
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's new in v0.5.0

URL Redirect Chain Tracing

--follow-redirects N follows shortened and redirect URLs N hops deep using only the Python standard library — no external services. Every hop in the chain is recorded and the final destination is scanned.

Typosquatting Detection

Pure-Python Levenshtein distance against 50 brand domains catches paypa1.com, g00gle.com, githab.com and similar look-alike domains with no external dependency.

.eml Email File Analysis

phishguard eml <file> parses RFC 5322 email files and scans every URL embedded in the message — extracted from both plain-text body and HTML href attributes.

Reusable GitHub Action

Any CI pipeline can now scan URLs and upload SARIF findings to GitHub Code Scanning with a single line:

- uses: omobolajiadeyan/phishguard-ai@v0.5.0
  with:
    urls-file: urls.txt
    sarif-output: phishguard.sarif

Security Hardening

  • All action inputs routed through environment variables — eliminates shell injection vectors
  • SARIF parse failures now exit with code 2, distinct from phishing-found (1) and clean (0)
  • Fork PR SARIF upload guard prevents untrusted forks from writing to Code Scanning
  • persist-credentials: false on all checkout steps

Zero new dependencies

Pure Python standard library throughout. 72 tests pass across Python 3.10 – 3.13.

Assets 2
Loading