Skip to content

README.md

Latest commit

 

History

History
61 lines (47 loc) · 1.62 KB

README.md

File metadata and controls

61 lines (47 loc) · 1.62 KB

Token Guardrail

Token Guardrail

CI License npm

Turn secret scanner findings into owner-assigned revoke/rotate actions.

Round 1 MVP

  • Secret finding ingestion (JSON/CSV)
  • Token type classification + blast radius estimation
  • Action queue: REVOKE_NOW / ROTATE_NOW / MONITOR
  • Slack digest and ticket payload generation
  • Audit logging

Quickstart

npm install
npm test
node src/cli.js --input examples/findings.json --top 10

API

GET /health

Returns service health.

POST /ingest

Body:

{"findings":[{"id":"f1","repo":"org/repo","secret":"ghp_xxx","path":".env"}]}

Ingests scanner findings.

POST /analyze

Builds prioritized action queue.

GET /queue

Returns queued remediation actions.

GET /tickets

Returns issue-tracker payloads derived from queue actions.

POST /notify/slack

Body:

{"webhook_url":"https://hooks.slack.com/services/..."}

Sends digest to Slack (or uses SLACK_WEBHOOK_URL).

GET /audit

Returns audit trail events.

Commercial License

This software is free for personal and non-commercial use.

For commercial/business use, open an issue with subject: [COMMERCIAL LICENSE INQUIRY]