io.github.mythos-agent/mythos-agent

MCPcommunity
v4.0.1io.github.mythos-agentUnknownUpdated 2mo agonpmGitHub

Open-source AI security agent: SAST, DAST, and policy-as-code over MCP.

开源。读你的代码、标记可能的安全问题、解释推理过程、给出修复建议。 mythos-agent 用一位专职安全审阅者的方式来审阅你的代码 —— 系统性地走过常见的问题模式、查找已知 CVE 的结构变体、按置信度排序发现、并给出可以直接采纳或拒绝的修复建议。灵感与 Anthropic 内部的 Mythos 安全代理同源,但本项目是独立实现、并非克隆、也无任何隶属关系。完整定位见 VISION.md。 给新贡献者:为期 6 个月的当前工作计划见置顶 Issue 。带 🙋 标记的条目是欢迎协作的部分。刚加入?参考 CONTRIBUTING.md 里的 指引。 给安全团队与 EU CRA 合规的下游制造商:漏洞披露 SLA 见 SECURITY.md,EU CRA 角色声明见 docs/security/cra-stance.md,公开威胁模型见…

Automatically indexed from public sources. Not yet verified by the developer on Forge.Claim this listing →
2mo agoLast update
Package
Authorio.github.mythos-agent
LicenseUnknown
Version4.0.1
Sourcemcp-registry
Trust Status
B
60/100Good
Listed in Forge index+10/10
Publisher identity verified+0/25
Publisher: run `forge publish` from the package repo to claim ownership
Ed25519 publish signature+0/10
Included automatically when the publisher runs `forge publish`
Domain verification+0/5
Publisher: host /.well-known/forge.json on the package homepage with { "publisher": "<github-login>" }
CVE scan · clean+30/30
Static analysis · clean+20/20
npm provenance (Sigstore)+0/5
Publish from GitHub Actions with the --provenance flag
Paste into Claude Code, Cursor, or any AI assistant to fix all gaps
StatusCommunity-indexed
PublisherUnverified
SignatureUnsigned
Domain
Provenance
Dependencies53 resolved+ · none vulnerable
Tool surface11 tools · none privileged
Security scan✓ Cleanv4.3.0 · 20d ago
EvalsNone
IndexedJun 13, 2026

Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.

About

开源。读你的代码、标记可能的安全问题、解释推理过程、给出修复建议。 mythos-agent 用一位专职安全审阅者的方式来审阅你的代码 —— 系统性地走过常见的问题模式、查找已知 CVE 的结构变体、按置信度排序发现、并给出可以直接采纳或拒绝的修复建议。灵感与 Anthropic 内部的 Mythos 安全代理同源,但本项目是独立实现、并非克隆、也无任何隶属关系。完整定位见 VISION.md。 给新贡献者:为期 6 个月的当前工作计划见置顶 Issue **。带 🙋 标记的条目是欢迎协作的部分。刚加入?参考 CONTRIBUTING.md 里的 指引。 给安全团队与 EU CRA 合规的下游制造商:漏洞披露 SLA 见 SECURITY.md,EU CRA 角色声明见 docs/security/cra-stance.md,公开威胁模型见 docs/security/threat-model.md,版本策略与 LTS/EOL 政策见 RELEASES.md。OpenSSF Best Practices Badge(Passing 层)申请目标为 2026 年 6 月;发布产物通过…

Keywords
mcp