| Quarantine pipeline |
tests/test_quarantine_pipeline.py |
Python |
15 |
7-stage scanning, pass/fail logic, malformed input handling, YARA rule behavior |
| PII stripping |
tests/test_search.py |
Python |
36 file total |
Email, phone, SSN, address redaction from search queries |
| Injection detection |
tests/test_search.py |
Python |
36 file total |
Prompt injection, command injection, query sanitization |
| Memory protection |
tests/test_memory_protection.py |
Python |
37 |
Swap encryption, zswap disabling, core dump prevention, mlock enforcement, TEE detection |
| Traffic analysis resistance |
tests/test_traffic_analysis.py |
Python |
41 |
Packet padding, timing jitter, dummy traffic, traffic shaping |
| Differential privacy |
tests/test_differential_privacy.py |
Python |
37 |
Noise injection, epsilon/delta budgets, query indistinguishability |
| Clipboard isolation |
tests/test_clipboard_isolation.py |
Python |
30 |
Clipboard access controls, paste sanitization, cross-context isolation |
| Canary/tripwire system |
tests/test_canary_tripwire.py |
Python |
49 |
Token placement, filesystem tripwires, tamper detection, alerting |
| Emergency wipe |
tests/test_emergency_wipe.py |
Python |
65 |
3-level panic escalation, secure deletion, vault destruction, recovery prevention |
| Update verification |
tests/test_update_rollback.py |
Python |
74 |
Signature verification, rollback triggers, version pinning, recovery |
| Vault auto-lock |
tests/test_vault_watchdog.py |
Python |
21 |
Idle detection, lock timer, UI lock/unlock controls |
| Web UI security |
tests/test_ui.py, tests/test_ui_cookies.py, tests/test_ui_file_handling.py |
Python |
82 total |
Route protection, input validation, CSP/cookie headers, setup completion, upload/path handling |
| Tool firewall |
services/tool-firewall/*_test.go |
Go |
15 |
Default-deny policy, rule evaluation, egress filtering |
| Airlock |
services/airlock/*_test.go |
Go |
11 |
Request sanitization, policy enforcement, disabled-by-default |
| Trusted registry |
services/registry/*_test.go |
Go |
22 |
Hash pinning, cosign verification, model fetch authorization |
| GPU integrity watch |
services/gpu-integrity-watch/*_test.go |
Go |
63 |
GPU probe scoring, baseline verification, degradation actions, daemon mode, driver fingerprint, device allowlist, attestor/incident integration |
| MCP firewall |
services/mcp-firewall/*_test.go |
Go |
71 |
MCP tool call policy, default-deny, input redaction, taint tracking, adversarial coverage |
| Policy engine |
services/policy-engine/*_test.go |
Go |
45 |
Unified decisions across 6 domains, evidence provenance, auth |
| Runtime attestor |
services/runtime-attestor/*_test.go |
Go |
55 |
TPM2 quote verification, HMAC bundles, state machine, startup gating, service digest verification |
| Integrity monitor |
services/integrity-monitor/*_test.go |
Go |
50 |
Baseline computation, continuous scanning, violation detection, state machine, model/binary/policy watching |
| Incident recorder |
services/incident-recorder/*_test.go |
Go |
97 |
Incident creation, auto-containment, lifecycle, severity ranking, policy loading, recovery and forensic export |
| Agent verified supervisor + HSM keys |
tests/test_agent.py |
Python |
172 |
HMAC-SHA256 token signing, nonce replay protection, expiry, tamper detection, two-phase approval, policy evidence, keystore abstraction (software/TPM2/PKCS#11), key rotation, key derivation |
| CI app-security lint |
.github/scripts/check-hadolint.sh, .github/scripts/run-semgrep.sh |
Shell / Semgrep |
CI gate |
Containerfile/Dockerfile linting and repo-owned Semgrep security rules |