Language: 日本語English

ai-plugins Plugin

Topics
Security, Auth & Compliance · Claude Code Customization & Workflow · AI Agents & AI App Development
First seen
2026-07-09
Last confirmed
2026-07-13
Explanation last updated
2026-07-12

The explanation below is AI-generated. Please verify it against the sources.

ai-plugins is Endor Labs' public distribution repository for Agent Kit packages that bring Endor Labs security scanning into AI coding tools such as Claude Code, Codex, Gemini CLI, Antigravity CLI, and Cursor IDE/SDK. The item description states it is used to set up endorctl and use Endor Labs to scan, prioritize, and fix security risks across the software supply chain. According to the README, the repo mirrors packages generated from a separate Agent Kit source repository and bundles a set of read-only and approval-gated agents for tasks like SAST triage, dependency risk review, vulnerability explanation, and remediation planning. Per the README's Safety Rules, the setup process only checks readiness and does not run scans or mutate repositories on its own.

Overview

According to the Endor Labs homepage, Endor Labs is an "Agentic Application Security Platform" (marketed under the name AURI) offering AI SAST, AI code review, secrets detection, open source SCA with reachability analysis, malicious package detection, container security, and SBOM/compliance features.

What you can do with ai-plugins

  • Install Endor Labs Agent Kit packages for Claude Code, Codex, Gemini CLI, Antigravity CLI, Cursor IDE, or Cursor SDK (README)
  • Run the endor-agent-kit-setup skill to check host, auth, namespace, endorctl, and gh readiness; setup does not run scans (README)
  • Use read-only agents including Findings Browser, Vulnerability Explainer, Package Risk Summary, Dependency Decision Helper, Upgrade Impact Analysis, CI/CD and Supply Chain Posture, Probe Droid, and Endor Troubleshooter (README)
  • Use approval-gated mutating agents such as AI SAST Triage and SCA Remediation, which require explicit approval before editing files, opening a PR/MR, or writing Endor policy (README)
  • Sync generated distribution files from the Endor Labs Agent Kit source repository via a provided sync script (README)

Sources

Original description (English)

Set up endorctl and use Endor Labs to scan, prioritize, and fix security risks across your software supply chain

History of ai-plugins

Back to list