4 个仓库
Verification processes for code produced by artificial intelligence.
Distinguishing note: Focuses on static analysis of AI output rather than model input security.
Explore 4 awesome GitHub repositories matching security & cryptography · AI-Generated Code Validation. Refine with filters or upvote what's useful.
The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral
Ensures code generated by artificial intelligence remains free of vulnerabilities and follows safe coding practices.
This project is an AI-powered IDE extension and LLM coding assistant that provides a conversational interface for generating, refactoring, and debugging code. It functions as an AI agent framework and a Model Context Protocol client, connecting AI models to external data sources and tools to automate complex development tasks. The system is distinguished by its use of autonomous AI agents capable of multi-step task execution, including the ability to read files, modify code, and run terminal commands iteratively. It supports recursive agent orchestration through subagent delegation and employ
Integrates with debuggers and test runners to dynamically verify the correctness of AI-generated code.
my-git 是一个用于 Git 版本控制管理、仓库治理和软件发布管理的综合框架和参考指南。它提供了一种结构化的方法来管理软件开发生命周期,从初始功能分支到最终生产部署。 该项目的独特之处在于一个专门的 AI 辅助开发框架。这包括通过自动 Diff 审查管理 AI 生成代码的工作流、基于意图的提交拆分,以及使用工作树 (worktrees) 进行多智能体协调和会话隔离的治理模型。 该代码库涵盖了广泛的工程实践,包括 CI/CD 流水线自动化、企业仓库治理以及用于恢复丢失提交或清除敏感数据的高级恢复程序。它进一步详细说明了协作模式,如主干开发、堆叠式 Pull Request 和分层审批系统。 该仓库作为实施标准化分支策略和仓库安全策略的技术参考和指导手册。
Validates AI-authored changes by requiring original intent documentation and manual verification of modified files.
Cartography 是一个基于图的架构可视化和安全分析框架。它从各种云、身份和软件即服务(SaaS)提供商处提取数据,在中央图数据库中建模资源、用户和安全发现之间的复杂关系。通过映射这些相互依赖关系,该平台使组织能够获得对其环境的可见性,并通过图遍历查询识别潜在的安全风险。 该平台以其基于本体的规范化和跨平台实体关联而著称,将来自多个来源的异构数据映射到一个统一、一致的模型中。它采用模块化摄取管道和基于模式的过滤来维护此图,通过对陈旧节点的自动状态修剪确保架构数据保持准确。这种方法允许发现跨越不同云、设备和身份管理系统的复杂攻击路径和安全配置错误。 除了核心建模外,该系统还为资产清单、身份治理和软件供应链分析提供了广泛的功能。它支持广泛的集成,包括云原生计算和网络资源、端点管理遥测以及开发生命周期元数据。用户可以通过定义自定义安全规则、添加专门的数据分析作业或通过其模块化框架集成新的情报来源来扩展平台的功能。 该项目使用 Python 实现,并提供了用于配置摄取模块和定义自定义图查询的文档。
Ingests reports to create a graph of scanned targets and their components anchored to container images.