GitHub Release Tracker

06/03

7

duriantaco/Skylos v4.23.0

Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.

Python 448☆ 401d old #python #security #devsecops #code-quality #code-quality-analyzer

06/01

7

trufflesecurity/TruffleHog v3.95.4

Powerful tool for discovering, classifying, validating, and analyzing leaked credentials.

Go 26615☆ 3442d old #golang #security #go #secret #trufflehog

06/01

7

trufflesecurity/TruffleHog v3.95.5

Powerful tool for discovering, classifying, validating, and analyzing leaked credentials.

Go 26615☆ 3442d old #golang #security #go #secret #trufflehog

06/01

7

chainloop-dev/Chainloop v1.99.0

Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.

Go 551☆ 1185d old #golang #go #devsecops #compliance #cyclonedx

05/29

7

duriantaco/Skylos v4.22.0

Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.

Python 448☆ 401d old #python #security #devsecops #code-quality #code-quality-analyzer

05/29

7

duriantaco/Skylos v4.21.0

Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.

Python 448☆ 401d old #python #security #devsecops #code-quality #code-quality-analyzer

05/30

6

duriantaco/Skylos v4.22.1

Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.

Python 448☆ 401d old #python #security #devsecops #code-quality #code-quality-analyzer

05/30

6

safedep/vet v1.17.3

Enterprise-grade software supply chain security tool with real-time malicious package detection and policy as code support.

Go 1064☆ 1252d old #golang #security #go #devsecops #supply-chain-security

05/29

6

garagon/Aguara v0.22.0

Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.

Go 81☆ 106d old #golang #security #go #devsecops #mcp

05/29

6

garagon/Aguara v0.21.0

Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.

Go 81☆ 106d old #golang #security #go #devsecops #mcp

05/28

6

garagon/Aguara v0.20.0

Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.

Go 81☆ 106d old #golang #security #go #devsecops #mcp

05/28

6

safedep/Package Manager Guard (PMG) v0.17.2

Tool that blocks malicious packages during installation by wrapping existing package managers.

Go 390☆ 441d old #golang #npm #go #open-source #devsecops

06/03

5

garagon/Aguara v0.22.2

Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.

Go 81☆ 106d old #golang #security #go #devsecops #mcp

06/01

5

garagon/Aguara v0.22.1

Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis.

Go 81☆ 106d old #golang #security #go #devsecops #mcp

05/30

5

safedep/Package Manager Guard (PMG) v0.17.4

Tool that blocks malicious packages during installation by wrapping existing package managers.

Go 390☆ 441d old #golang #npm #go #open-source #devsecops

05/28

5

safedep/Package Manager Guard (PMG) v0.17.3

Tool that blocks malicious packages during installation by wrapping existing package managers.

Go 390☆ 441d old #golang #npm #go #open-source #devsecops

05/28

4

Pantheon-Security/MEDUSA v2026.5.11

AI-first security scanner providing 3,000+ detection patterns, 430 false-positive filters, and 133 CVE detections for AI/ML, agents, and LLM applications.

Python 588☆ 195d old #python #open-source #sast #devsecops #scanner

06/03	7	duriantaco/Skylos v4.23.0 Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities. Python 448☆ 401d old #python #security #devsecops #code-quality #code-quality-analyzer
06/01	7	trufflesecurity/TruffleHog v3.95.4 Powerful tool for discovering, classifying, validating, and analyzing leaked credentials. Go 26615☆ 3442d old #golang #security #go #secret #trufflehog
06/01	7	trufflesecurity/TruffleHog v3.95.5 Powerful tool for discovering, classifying, validating, and analyzing leaked credentials. Go 26615☆ 3442d old #golang #security #go #secret #trufflehog
06/01	7	chainloop-dev/Chainloop v1.99.0 Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports. Go 551☆ 1185d old #golang #go #devsecops #compliance #cyclonedx
05/29	7	duriantaco/Skylos v4.22.0 Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities. Python 448☆ 401d old #python #security #devsecops #code-quality #code-quality-analyzer
05/29	7	duriantaco/Skylos v4.21.0 Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities. Python 448☆ 401d old #python #security #devsecops #code-quality #code-quality-analyzer
05/30	6	duriantaco/Skylos v4.22.1 Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities. Python 448☆ 401d old #python #security #devsecops #code-quality #code-quality-analyzer
05/30	6	safedep/vet v1.17.3 Enterprise-grade software supply chain security tool with real-time malicious package detection and policy as code support. Go 1064☆ 1252d old #golang #security #go #devsecops #supply-chain-security
05/29	6	garagon/Aguara v0.22.0 Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis. Go 81☆ 106d old #golang #security #go #devsecops #mcp
05/29	6	garagon/Aguara v0.21.0 Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis. Go 81☆ 106d old #golang #security #go #devsecops #mcp
05/28	6	garagon/Aguara v0.20.0 Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis. Go 81☆ 106d old #golang #security #go #devsecops #mcp
05/28	6	safedep/Package Manager Guard (PMG) v0.17.2 Tool that blocks malicious packages during installation by wrapping existing package managers. Go 390☆ 441d old #golang #npm #go #open-source #devsecops
06/03	5	garagon/Aguara v0.22.2 Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis. Go 81☆ 106d old #golang #security #go #devsecops #mcp
06/01	5	garagon/Aguara v0.22.1 Security scanner for AI agent skills and MCP servers that detects prompt injection, data exfiltration, and supply-chain attacks via local static analysis. Go 81☆ 106d old #golang #security #go #devsecops #mcp
05/30	5	safedep/Package Manager Guard (PMG) v0.17.4 Tool that blocks malicious packages during installation by wrapping existing package managers. Go 390☆ 441d old #golang #npm #go #open-source #devsecops
05/28	5	safedep/Package Manager Guard (PMG) v0.17.3 Tool that blocks malicious packages during installation by wrapping existing package managers. Go 390☆ 441d old #golang #npm #go #open-source #devsecops
05/28	4	Pantheon-Security/MEDUSA v2026.5.11 AI-first security scanner providing 3,000+ detection patterns, 430 false-positive filters, and 133 CVE detections for AI/ML, agents, and LLM applications. Python 588☆ 195d old #python #open-source #sast #devsecops #scanner