Riskscore
@ItIsCuthNotCup
Security awareness for AI agents — so your agent knows what's dangerous before it acts. Powered by CVE, NVD, CISA KEV, and OSV.dev vulnerability data with 196 credential detection rules, returning allow/warn/block decisions in real time. Stop your agent from running vulnerable de
Overview
What is Riskscore?
Riskscore provides security awareness for AI agents by checking actions against vulnerability data from CVE, NVD, CISA KEV, and OSV.dev, along with 196 credential detection rules. It returns allow, warn, or block decisions in real time, helping agents avoid running vulnerable dependencies, leaking secrets, or accidentally deleting files.
How to use Riskscore?
The README does not provide installation or configuration instructions. Invoke Riskscore to evaluate an agent’s intended action and receive an allow/warn/block decision based on current vulnerability and credential data.
Key features of Riskscore
- Real-time allow, warn, or block decisions.
- Powered by CVE, NVD, CISA KEV, and OSV.dev data.
- 196 credential detection rules for secret leakage.
- Focused on AI agent safety and proactive risk awareness.
Use cases of Riskscore
- Prevent an AI agent from executing a command that uses a known vulnerable dependency.
- Block an agent from accidentally committing or sending a detected credential or secret.
- Warn an agent before it attempts to delete critical filesystem paths.
- Scan agent actions against the latest CISA Known Exploited Vulnerabilities catalog.
FAQ from Riskscore
What vulnerability sources does Riskscore use?
Riskscore uses data from CVE, NVD, CISA KEV, and OSV.dev.
How does Riskscore protect against secrets?
It includes 196 credential detection rules to identify and block potential secret leakage.
What kind of decisions can Riskscore return?
Riskscore returns one of three decisions: allow, warn, or block.
Who is Riskscore designed for?
Riskscore is designed for AI agents and developers who want to embed security awareness directly into agent workflows.
Does Riskscore require any runtime dependencies?
The README does not list any specific runtime or dependency requirements.