Skip to content

opena2a-org/homebrew-tap

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

114 Commits
.hackmyagent-cache
.hackmyagent-cache
 
 
Formula
Formula
 
 
.pre-push-review-not-required
.pre-push-review-not-required
 
 
README.md
README.md
 
 

Repository files navigation

OpenA2A: CLI · HackMyAgent · Secretless AI · AIM · Browser Guard · DVAA · Homebrew Tap

OpenA2A Homebrew Tap

License: Apache-2.0 Formulae

Install the OpenA2A security tools with Homebrew. Four CLIs that protect AI agent ecosystems -- scan for vulnerabilities, keep secrets out of AI context, verify trust, and enforce behavioral governance.

Website | CLI Docs | OASB Standards | GitHub

Quick Start

brew tap opena2a-org/tap
brew install opena2a            # Full suite (includes HMA, Secretless, ai-trust)

Or install individual tools standalone:

brew install secretless-ai      # Secret protection only
brew install hackmyagent        # Security scanning only
brew install ai-trust           # Trust verification only

Note: opena2a bundles all three tools as dependencies. Install it for the full suite, or install individual formulas if you only need one capability.

Formulae

Formula Version Package
opena2a 0.10.2 opena2a-cli
secretless-ai 0.17.0 secretless-ai
hackmyagent 0.22.1 hackmyagent
ai-trust 0.7.0 ai-trust

opena2a

One CLI for all OpenA2A security tools. Scan, protect, benchmark, and monitor AI agents from a single command. Detect Shadow AI -- unmanaged agents and MCP servers running in your environment. Bundles HackMyAgent, Secretless AI, and ai-trust as integrated subcommands.

brew install opena2a

opena2a init                    # Initialize security config
opena2a protect                 # Protect MCP configs, skills, manifests
opena2a guard                   # Runtime guardrails for agent execution
opena2a scan-soul               # Behavioral governance (OASB-2)
opena2a scan <package>          # Scan a package (via HackMyAgent)
opena2a secrets                 # Manage secrets (via Secretless AI)
opena2a shield                  # Detect shadow AI in your environment

Full documentation: opena2a.org/cli

secretless-ai

AI coding tools can read your secrets. Secretless makes them invisible. Prevents API keys, tokens, and credentials from leaking into AI coding tool contexts. Works with Claude Code, Cursor, GitHub Copilot, Windsurf, Cline, and Aider.

brew install secretless-ai

secretless-ai init              # Set up protection for your project
secretless-ai secret set KEY    # Store a secret (encrypted locally)
secretless-ai run -- node app   # Run with secrets injected as env vars
secretless-ai verify            # Check for exposed secrets in transcripts
secretless-ai protect-mcp       # Protect MCP server credential configs
secretless-ai doctor            # System health check

Full documentation: opena2a.org/secretless

hackmyagent

Find what can go wrong before an attacker does. Security scanner for MCP servers, A2A agents, LangChain tools, CrewAI setups, and other AI agent frameworks. 204 checks, 115 adversarial payloads, auto-fix with rollback.

brew install hackmyagent

hackmyagent secure              # Full security scan
hackmyagent secure --deep       # LLM-powered semantic analysis
hackmyagent scan-soul           # 72 behavioral governance controls (OASB-2)
hackmyagent harden-soul         # Generate hardened config from results
hackmyagent trust <package>     # Check package trust before installing
hackmyagent secure --category credentials,injection,permissions

Full documentation: hackmyagent.com

ai-trust

Check the trust score of any AI package before you install it. Queries the OpenA2A trust graph for security scans, community consensus, dependency risk, and known advisories.

brew install ai-trust

ai-trust check server-filesystem  # MCP shorthand (resolves to @modelcontextprotocol/server-filesystem)
ai-trust audit package.json       # Audit all dependencies
ai-trust batch server-fetch express  # Batch lookup (MCP names auto-resolve)

Full documentation: github.com/opena2a-org/ai-trust

How They Work Together

secretless-ai init              # 1. Protect secrets from AI tools
opena2a init                    # 2. Set up security configuration
hackmyagent secure --deep       # 3. Scan for vulnerabilities
opena2a scan-soul               # 4. Verify behavioral governance

Secretless keeps credentials safe during development. HackMyAgent finds security issues in your agents. OpenA2A orchestrates the full security workflow. All three are bundled when you install opena2a, or install them individually for standalone use.

Upgrade

brew upgrade opena2a secretless-ai hackmyagent ai-trust

Alternative Installation

npm install -g opena2a-cli      # Full suite (auto-installs HMA, Secretless, ai-trust)
npm install -g secretless-ai    # Standalone
npm install -g hackmyagent      # Standalone
npm install -g ai-trust         # Standalone

License

Apache-2.0

About

Homebrew tap for OpenA2A CLI

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages