Skip to content

feat: pi-security-scanner — automated security scanning for code changes and agent config #79

Open
Open
feat: pi-security-scanner — automated security scanning for code changes and agent config#79
Labels
extension-ideaNew extension package idea for the monorepoimpact: highHigh impact potential
@MattDevy

Description

@MattDevy
MattDevy
opened on Apr 10, 2026

Summary

A Pi extension that performs automated security scanning on code changes and audits agent configuration for misconfigurations. Inspired by ECC's security-review skill and security-scan (AgentShield), which are among its most differentiated features. No Pi extension currently provides this.

Motivation

Coding agents write code fast but can introduce security vulnerabilities just as fast. Hardcoded secrets, SQL injection, XSS, insecure deserialization, and misconfigured agent permissions are all risks that grow with agent autonomy. A dedicated security extension catches these at the point of creation rather than in code review days later.

Proposed Features

1. Code Change Scanning

  • Hook into tool_execution_end for file edit/write tools
  • Detect OWASP Top 10 patterns: hardcoded secrets, SQL injection, XSS, CSRF gaps, insecure deserialization
  • Regex + AST-level checks for common patterns (API keys, eval(), unsanitized HTML, raw SQL)
  • Language-aware: TypeScript, Python, Go at minimum
  • Surface findings as warnings injected into the agent's next turn context

2. Agent Config Audit (/security-scan)

  • Scan ~/.pi/ directory for overly permissive settings
  • Audit MCP server configurations for SSRF vectors
  • Check hook definitions for command injection risks
  • Validate that extensions don't request excessive permissions
  • Output a scored report (CRITICAL / HIGH / MEDIUM / LOW)

3. System Prompt Injection

  • When the agent is editing auth code, input validation, or API endpoints, inject security context into before_agent_start
  • Context-aware: only injects relevant security guidance, not a wall of text

4. Secret Detection

  • Pre-commit style scanning for API keys, tokens, passwords in code and config files
  • Regex patterns for AWS, GCP, GitHub, Stripe, and common token formats
  • Alert on .env files being edited or committed

Pi Extension API Integration

API Surface Usage
tool_execution_end hook Scan file contents after edit/write operations
before_agent_start hook Inject security context when editing sensitive code
pi.registerCommand() /security-scan for on-demand config audit
pi.registerTool() security_check tool the LLM can call to verify a code block
System prompt injection Conditional security guidance based on file paths being edited

Implementation Notes

  • Start with regex-based detection (low cost, no LLM calls for scanning)
  • Optional LLM pass for ambiguous findings (configurable, off by default)
  • Findings stored in ~/.pi/security-scanner/findings.jsonl for trend analysis
  • Integrate with pi-continuous-learning: security patterns become instincts over time

Prior Art

  • ECC security-review skill: framework-specific security checklists (Django, Laravel, Spring Boot)
  • ECC security-scan: AgentShield config audit
  • gitleaks, trufflehog: standalone secret scanners (not agent-integrated)
  • No existing Pi extension covers this space

Effort Estimate

Medium. Core regex scanning is straightforward. Language-aware AST analysis adds complexity but can be phased.

Metadata

Metadata

Assignees

No one assigned

    Labels

    extension-ideaNew extension package idea for the monorepoimpact: highHigh impact potential

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions