AST Interceptor — Gate 1: Supply Chain Watchdog

Mission: Blocks malicious AI commits before they ever reach version control.

Core Actions

  • scan_python_code — AST walk for eval/exec/credentials/packages
  • scan_javascript_code — Babel parser with regex fallback
  • auto_strip_credential — Detect hardcoded secrets
  • quarantine_eval — Block eval() / exec()
  • block_unverified_package — Reject non-allowlist imports

Demo Beat 4

Malicious code (MD5 + eval() + hardcoded key) submitted. Gate 1 fires:

BLOCKED — credential_detected line 4, eval_usage quarantined line 8
Reward: +200 | 1.5× multiplier ACTIVE | Pipeline Integrity: 1.0

Reward Breakdown

Event Reward
Catch at Gate 1 +100
Credential detected +50
Eval quarantined +50
1.5× multiplier active +150
False positive block −30
Missed + caught later +20

Failure Modes Guarded

  1. Allowlist too strict → curated safe-list prevents false positives
  2. Eval() in string literals → AST distinguishes Call nodes from strings
  3. Babel timeout → graceful regex fallback

Usage

from AST_Interceptor import Gate1Interceptor
interceptor = Gate1Interceptor()
result = interceptor.scan(code, language="python")

Files

  • AST_Interceptor.py — Core scanner module (500+ lines)
  • AST_Interceptor_test.py — Test suite (10/10 tests)
  • gate1_ast_interceptor.py — Alternate name (identical)
  • test_gate1.py — Alternate name (identical)
Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support