rigscore v0.7.2
v0.7.2 hardens governance validation with negation-aware CRITICAL escalation, catches prompt injection split across lines, and detects settings that silently eliminate human oversight.
Read More →$ tools
rigscore
Hygiene score for AI dev environments. 11 checks, a score out of 100. Scans locally, no external calls.
View tool →$ journal
Your AI Agent Governance Is Just a Suggestion
Behavioral rules for AI agents are text in the context window. Under pressure â deep in a fix loop, resolving âŠ
Read post →Recent
rigscore v0.6.3
v0.6.3 adds 3 new checks (Claude settings, credential storage, unicode steganography), maps every finding to the OWASP Agentic Top 10, and adds CVE-specific detection patterns.
Read More →rigscore v0.5.0
v0.5.0 adds an 11th check â network exposure detection for AI services listening on all interfaces instead of localhost.
Read More →Your AI Agent Governance Is Just a Suggestion
Behavioral rules for AI agents are text in the context window. Under pressure â deep in a fix loop, resolving conflicting instructions, running low on context â the model rationalizes around them. This isn’t a hypothetical failure mode. It’s documented.
rigscore v0.4.0
v0.4.0 adds continuous monitoring via –watch, a 10th check for Windows/WSL attack surfaces, plugin extensibility, and pre-scan hooks.
Read More →rigscore v0.3.0
v0.3.0 reweights scoring so AI-specific checks carry 60% of the score. Adds SARIF output, CI mode, auto-fix, recursive scanning, and badge generation.
Read More →rigscore v0.2.0
v0.2.0 adds coherence checking (do your governance claims match your config?), deep secret scanning with 34 patterns, and MCP supply chain detection.
Read More →rigscore v0.1.0
Initial release. 8 checks covering MCP servers, governance files, secrets, Docker, git hooks, and permissions. One command, a score out of 100.
Read More →