<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: difcn@126.com</title>
    <description>The latest articles on DEV Community by difcn@126.com (@agentguardp).</description>
    <link>https://dev.to/agentguardp</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3998339%2F5b8fdc98-4e93-4542-9041-cee250f671fc.jpg</url>
      <title>DEV Community: difcn@126.com</title>
      <link>https://dev.to/agentguardp</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/agentguardp"/>
    <language>en</language>
    <item>
      <title>AgentGuard — The Python SAST That Actually Fixes Your Code (Now Powered by GLM-5.2)</title>
      <dc:creator>difcn@126.com</dc:creator>
      <pubDate>Tue, 23 Jun 2026 08:48:52 +0000</pubDate>
      <link>https://dev.to/agentguardp/agentguard-the-python-sast-that-actually-fixes-your-code-fah</link>
      <guid>https://dev.to/agentguardp/agentguard-the-python-sast-that-actually-fixes-your-code-fah</guid>
      <description>&lt;h1&gt;
  
  
  I scanned 15 popular Python projects for security bugs. The oldest one had the worst issue.
&lt;/h1&gt;

&lt;h2&gt;
  
  
  TL;DR
&lt;/h2&gt;

&lt;p&gt;463 findings. 120 critical. The worst offender wasn't some weekend hobby project — it was a library used by the Python Software Foundation. It had &lt;code&gt;eval()&lt;/code&gt; in production code. I fixed it.&lt;/p&gt;

&lt;p&gt;I ran AgentGuard (65 rules + GLM-5.2 verification) against 15 well-known Python projects. Here's what I found — and what I fixed.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Setup
&lt;/h2&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="nv"&gt;$ &lt;/span&gt;agentguard scan ./project &lt;span class="nt"&gt;--tier&lt;/span&gt; pro &lt;span class="nt"&gt;--format&lt;/span&gt; json
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;AgentGuard is an open-source scanner with a twist: GLM-5.2 reviews every finding to filter false positives, then auto-generates fixes. Think Bandit + AI review + auto-fix in one command. &lt;a href="https://github.com/difcn2026/agentguardp" rel="noopener noreferrer"&gt;GitHub&lt;/a&gt; | &lt;code&gt;pip install agentguardp&lt;/code&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The Results
&lt;/h2&gt;

&lt;p&gt;15 projects, 1K to 30K lines of Python each:&lt;/p&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Project&lt;/th&gt;
&lt;th&gt;Stars&lt;/th&gt;
&lt;th&gt;Findings&lt;/th&gt;
&lt;th&gt;Critical&lt;/th&gt;
&lt;th&gt;High&lt;/th&gt;
&lt;th&gt;Top Issue&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;paramiko&lt;/td&gt;
&lt;td&gt;3.5K&lt;/td&gt;
&lt;td&gt;185&lt;/td&gt;
&lt;td&gt;52&lt;/td&gt;
&lt;td&gt;4&lt;/td&gt;
&lt;td&gt;Hardcoded keys, path traversal&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;httpx&lt;/td&gt;
&lt;td&gt;13K&lt;/td&gt;
&lt;td&gt;55&lt;/td&gt;
&lt;td&gt;32&lt;/td&gt;
&lt;td&gt;4&lt;/td&gt;
&lt;td&gt;Hardcoded secrets, pickle&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;click&lt;/td&gt;
&lt;td&gt;16K&lt;/td&gt;
&lt;td&gt;41&lt;/td&gt;
&lt;td&gt;0&lt;/td&gt;
&lt;td&gt;5&lt;/td&gt;
&lt;td&gt;while-True loops, PY050&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;flask&lt;/td&gt;
&lt;td&gt;68K&lt;/td&gt;
&lt;td&gt;36&lt;/td&gt;
&lt;td&gt;3&lt;/td&gt;
&lt;td&gt;12&lt;/td&gt;
&lt;td&gt;eval/exec (by design), DEBUG=True&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;tqdm&lt;/td&gt;
&lt;td&gt;28K&lt;/td&gt;
&lt;td&gt;30&lt;/td&gt;
&lt;td&gt;0&lt;/td&gt;
&lt;td&gt;2&lt;/td&gt;
&lt;td&gt;SSRF in examples&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;python-jose&lt;/td&gt;
&lt;td&gt;1.7K&lt;/td&gt;
&lt;td&gt;27&lt;/td&gt;
&lt;td&gt;20&lt;/td&gt;
&lt;td&gt;0&lt;/td&gt;
&lt;td&gt;Private keys in test fixtures&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;rich&lt;/td&gt;
&lt;td&gt;50K&lt;/td&gt;
&lt;td&gt;25&lt;/td&gt;
&lt;td&gt;0&lt;/td&gt;
&lt;td&gt;0&lt;/td&gt;
&lt;td&gt;while-True, weak random&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;data-diff&lt;/td&gt;
&lt;td&gt;3K&lt;/td&gt;
&lt;td&gt;25&lt;/td&gt;
&lt;td&gt;2&lt;/td&gt;
&lt;td&gt;22&lt;/td&gt;
&lt;td&gt;MD5, SSRF&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;httpie&lt;/td&gt;
&lt;td&gt;34K&lt;/td&gt;
&lt;td&gt;14&lt;/td&gt;
&lt;td&gt;0&lt;/td&gt;
&lt;td&gt;6&lt;/td&gt;
&lt;td&gt;SSRF, SSL verify=False&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;pydantic&lt;/td&gt;
&lt;td&gt;20K&lt;/td&gt;
&lt;td&gt;10&lt;/td&gt;
&lt;td&gt;5&lt;/td&gt;
&lt;td&gt;2&lt;/td&gt;
&lt;td&gt;pickle, hardcoded secrets&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;requests-html&lt;/td&gt;
&lt;td&gt;13K&lt;/td&gt;
&lt;td&gt;7&lt;/td&gt;
&lt;td&gt;5&lt;/td&gt;
&lt;td&gt;0&lt;/td&gt;
&lt;td&gt;&lt;strong&gt;eval() in production&lt;/strong&gt;&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;arq&lt;/td&gt;
&lt;td&gt;2K&lt;/td&gt;
&lt;td&gt;5&lt;/td&gt;
&lt;td&gt;0&lt;/td&gt;
&lt;td&gt;0&lt;/td&gt;
&lt;td&gt;assert statements&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;tweets_analyzer&lt;/td&gt;
&lt;td&gt;3K&lt;/td&gt;
&lt;td&gt;2&lt;/td&gt;
&lt;td&gt;1&lt;/td&gt;
&lt;td&gt;0&lt;/td&gt;
&lt;td&gt;Hardcoded API keys (template)&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;wikipedia&lt;/td&gt;
&lt;td&gt;3K&lt;/td&gt;
&lt;td&gt;1&lt;/td&gt;
&lt;td&gt;0&lt;/td&gt;
&lt;td&gt;1&lt;/td&gt;
&lt;td&gt;SSRF&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;m2cgen&lt;/td&gt;
&lt;td&gt;3K&lt;/td&gt;
&lt;td&gt;0&lt;/td&gt;
&lt;td&gt;0&lt;/td&gt;
&lt;td&gt;0&lt;/td&gt;
&lt;td&gt;Clean!&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;&lt;strong&gt;Total: 463 findings / 120 critical / 58 high&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  The Best Find: eval() in a PSF Library
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;requests-html&lt;/strong&gt; (13K Stars, maintained by the Python Software Foundation) had this in its core:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight python"&gt;&lt;code&gt;&lt;span class="c1"&gt;# requests_html.py:570
&lt;/span&gt;&lt;span class="k"&gt;def&lt;/span&gt; &lt;span class="nf"&gt;__convert&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="n"&gt;cookiejar&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="n"&gt;key&lt;/span&gt;&lt;span class="p"&gt;):&lt;/span&gt;
    &lt;span class="k"&gt;try&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;
        &lt;span class="n"&gt;v&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="nf"&gt;eval&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="s"&gt;cookiejar.&lt;/span&gt;&lt;span class="sh"&gt;"&lt;/span&gt; &lt;span class="o"&gt;+&lt;/span&gt; &lt;span class="n"&gt;key&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt;  &lt;span class="c1"&gt;# &amp;lt;-- INJECTION RISK
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;AgentGuard's GLM-5.2 cloud fix suggested replacing it with &lt;code&gt;getattr()&lt;/code&gt;:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight python"&gt;&lt;code&gt;&lt;span class="c1"&gt;# After fix
&lt;/span&gt;&lt;span class="n"&gt;v&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="nf"&gt;getattr&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="n"&gt;cookiejar&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="n"&gt;key&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt; &lt;span class="bp"&gt;None&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;I submitted a PR:&lt;/strong&gt; &lt;a href="https://github.com/psf/requests-html/pull/610" rel="noopener noreferrer"&gt;psf/requests-html#610&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Top 5 Most Common Issues
&lt;/h2&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;assert for security checks&lt;/strong&gt; (107) — removed in &lt;code&gt;python -O&lt;/code&gt;, check silently disappears&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Path traversal&lt;/strong&gt; (82) — user-controlled paths without validation&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Hardcoded secrets&lt;/strong&gt; (67) — API keys, passwords in source code&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Unbounded loops&lt;/strong&gt; (42) — &lt;code&gt;while True:&lt;/code&gt; without timeout&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Weak random&lt;/strong&gt; (24) — &lt;code&gt;random&lt;/code&gt; instead of &lt;code&gt;secrets&lt;/code&gt;
&lt;/li&gt;
&lt;/ol&gt;

&lt;h2&gt;
  
  
  Why GLM-5.2 Matters
&lt;/h2&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Model&lt;/th&gt;
&lt;th&gt;F1 Score (Vuln Detection)&lt;/th&gt;
&lt;th&gt;Cost per Finding&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;Claude Code&lt;/td&gt;
&lt;td&gt;32-37%&lt;/td&gt;
&lt;td&gt;~$1.02&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;GLM-5.2&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;&lt;strong&gt;39%&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;&lt;strong&gt;$0.17&lt;/strong&gt;&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;GLM-5.2 outperforms Claude Code in security detection at 1/6 the cost. AgentGuard is the first tool to productize this.&lt;/p&gt;

&lt;p&gt;Source: Semgrep security evaluation (&lt;a href="https://blog.cybernexora.com/glm-5-2-ai-2026/" rel="noopener noreferrer"&gt;cybernexora.com&lt;/a&gt;, &lt;a href="https://paddo.dev/blog/glm-5-2-receipts/" rel="noopener noreferrer"&gt;paddo.dev&lt;/a&gt;)&lt;/p&gt;

&lt;h2&gt;
  
  
  The Pipeline
&lt;/h2&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="nv"&gt;$ &lt;/span&gt;agentguard pipeline ./vulnerable.py &lt;span class="nt"&gt;--mode&lt;/span&gt; dry-run

&lt;span class="o"&gt;[&lt;/span&gt;1/4] Scanning... 6 findings
&lt;span class="o"&gt;[&lt;/span&gt;2/4] GLM-5.2 verifying... 6 confirmed, 0 rejected
&lt;span class="o"&gt;[&lt;/span&gt;3/4] Fixing... 4 auto-fixed, 2 need manual review
&lt;span class="o"&gt;[&lt;/span&gt;4/4] Validating... No new issues introduced
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Rules find suspects. GLM-5.2 confirms, fixes, and verifies.&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Try It
&lt;/h2&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;pip &lt;span class="nb"&gt;install &lt;/span&gt;agentguardp
agentguard scan ./your-project
agentguard pipeline ./src &lt;span class="nt"&gt;--mode&lt;/span&gt; dry-run
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;14-day Pro trial included. GLM-5.2 cloud fix activates automatically.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;GitHub:&lt;/strong&gt; &lt;a href="https://github.com/difcn2026/agentguardp" rel="noopener noreferrer"&gt;https://github.com/difcn2026/agentguardp&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;PyPI:&lt;/strong&gt; &lt;a href="https://pypi.org/project/agentguardp/" rel="noopener noreferrer"&gt;https://pypi.org/project/agentguardp/&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Website:&lt;/strong&gt; &lt;a href="https://agentguardp.com" rel="noopener noreferrer"&gt;https://agentguardp.com&lt;/a&gt;
&lt;/li&gt;
&lt;/ul&gt;




&lt;p&gt;&lt;em&gt;Scanned and auto-fixed by AgentGuard + GLM-5.2.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>python</category>
      <category>security</category>
      <category>ai</category>
      <category>glm</category>
    </item>
  </channel>
</rss>
