Scanning agent repos with EEG profiles
· 1 min read
eegsastci
EEG ships scan profiles from catalog.yaml. Pick the surface that matches what you're shipping.
Profiles at a glance
| Profile | Use when |
|---|---|
code |
Default CI — general code & gateway OSS surface |
agent |
MCP, memory, tool, and agent orchestration code |
full |
Broad pack; add `--cloud aws |
model |
Model artifacts |
dep |
Dependency / CVE-oriented paths |
Example CI scan
pip install eeg-security
eeg scan ./my-agent --profile agent --format sarif -o eeg-results.sarif --fail-on high
Exit code 1 means findings met your gate. Upload SARIF to GitHub code scanning when you want findings in PRs.
Fail-on strategy
Start with --fail-on high on main. Use medium for security-critical agent services. Reserve any for labs and red-team fixtures.
Want the enterprise view across many repos? Book an EEG Platform demo.
