Spaces:
Paused
Paused
File size: 1,673 Bytes
7d4338a | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 | # Plugin Scanner
Run an LLM-guided security review of third-party Agent Zero plugins from a Git repository.
## What It Does
This plugin builds a structured scanning prompt from a selectable checklist, runs that prompt in a temporary agent context, and returns a markdown report describing the plugin's security posture.
## Main Behavior
- **Prompt-driven scan**
- Loads scan checks and a markdown prompt template from the plugin's `webui/` assets.
- **Temporary scan context**
- Creates a temporary chat context, logs the generated prompt into it, starts the agent immediately, and waits for the model result.
- **Parallel-friendly execution**
- Each scan runs in its own chat context; the plugin does not serialize scans behind a "wait for another scan" queue.
- **Selectable checks**
- Supports scanning all checks by default or only the subset selected by the caller.
- **UI integration**
- Includes API endpoints and web UI files for logging the prompt, starting the scan, and running scans synchronously.
## Key Files
- **Scan runner**
- `api/plugin_scan_run.py` performs a synchronous end-to-end scan and returns the report.
- **Prompt builder**
- `helpers/prompt.py` loads check definitions and renders the final scan prompt.
- **Additional APIs**
- `api/plugin_scan_queue.py` logs the prompt into the temporary chat.
- `api/plugin_scan_start.py` starts the agent in that chat.
## Configuration Scope
- **Settings sections**: none
- **Per-project config**: `false`
- **Per-agent config**: `false`
## Plugin Metadata
- **Name**: `_plugin_scan`
- **Title**: `Plugin Scanner`
- **Description**: Security scanner for third-party A0 plugins.
|