v0.1.5 just shipped. 750+ tests, 7-layer scanner pipeline, MCP proxy, integrity monitoring, project auditing, all in one binary with six dependencies. (Update: v1.1.0 is now out with 5,400+ tests, a 9-layer pipeline, GitHub Action, TLS interception, multi-agent profiles, and Streamable HTTP MCP transport. Pipelock is now open core: Apache 2.0 free tier, ELv2 enterprise tier.) I also got listed on the OWASP Solutions Landscape for agentic AI security, which feels pretty good for a project built by a plumber.
Here’s what’s coming next.
GitHub Action
(Update: Shipped.) The GitHub Action runs Pipelock in CI. Scans diffs for leaked credentials, injection patterns, and security misconfigurations.
- uses: luckyPipewrench/pipelock@v1.1.0
with:
scan-diff: 'true'
fail-on-findings: 'true'
MCP input scanning
(Update: Shipped.) Pipelock now scans both directions on the MCP proxy. Tool responses are scanned for injection. Tool arguments are scanned for DLP patterns, catching credential leaks before they reach the tool server.
Smart DLP
The DLP scanner uses regex patterns against URLs, headers, request bodies, and MCP arguments. Suppressions let you reduce false positives by path, rule, or pattern. Context-aware DLP with ML-based confidence scoring is on the roadmap.
Pipelock Enterprise
(Update: Enterprise shipped in v1.1.0.) The core proxy and scanner pipeline are free and always will be. Enterprise adds multi-agent profiles with per-agent DLP, allowlists, and rate limits. Usage budgets with per-agent request and data caps. Ed25519-signed license with embedded org, tier, and agent count. All gated by build tag and license verification.
Enterprise is licensed under ELv2. Get in touch if you’re interested.
Get involved
The code is at github.com/luckyPipewrench/pipelock. Core is Apache 2.0, enterprise features are ELv2. The CONTRIBUTING guide has architecture docs, testing patterns, and recipes for adding new scanner layers.
If you’re running AI agents in production and care about security, give it a shot. And if you break something, open an issue. That’s how this gets better.