Security audit
Canon Guardian
Security checks across malware telemetry and agentic risk
Overview
Canon Guardian mostly matches its stated purpose, but its configurable file-path handling may allow unintended local files outside the workspace to be injected into prompts.
Review this before installing. It appears purpose-aligned and has no hidden network endpoint or credential use in the provided code, but it will automatically inject configured workspace files into prompts. Prefer the default AGENTS.md/SOUL.md configuration, avoid ../ paths or symlinks in canonFiles, and keep injected canon files free of secrets.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Static analysis
No suspicious patterns detected.
