v0.2.0: Bidirectional MCP Scanning, Project Audit, and 1,000+ Tests

[luckyPipewrench]

v0.2.0 is out. This is the biggest release since launch, so here's what changed and why.

The headline: MCP input scanning

Pipelock already scanned MCP server responses for prompt injection. Now it scans requests too. If an agent tries to sneak API keys, secrets, or injection payloads into tool arguments, pipelock catches it before the request reaches the MCP server.

This matters because the trust boundary isn't just "don't trust what comes back." A compromised or manipulated agent can exfiltrate data through tool calls. DLP patterns, split-key detection, and DNS subdomain exfil detection all run on the request path now.

Config is simple:

mcp_input_scanning:
  enabled: true
  action: block      # or warn
  on_parse_error: block

Auto-enabled when you use pipelock mcp proxy.

New commands

• pipelock audit ./project scans your project directory, detects what agent you're running, finds exposed secrets, and generates a tailored config with a security score. This is the "try it in 30 seconds" experience we were missing.
• pipelock demo runs 5 attack scenarios through the real scanner pipeline. No server, no network, just proof that the scanner does what it says.

Security hardening

We ran a deep security audit and fixed 26 findings across two releases (v0.1.6 and v0.1.8). The scanner pipeline got hardened against a bunch of evasion techniques: case variation, null byte injection, split-key concatenation, DNS subdomain exfiltration, double URL encoding, and more.

Pen testing surfaced real bypasses that are now fixed. Some encoding-based bypasses (homoglyphs, base64 in URL paths) are accepted risk since fixing them would cause too many false positives.

By the numbers

• 1,028 tests passing with -race
• 94%+ coverage across all packages
• 15 built-in DLP patterns (up from 8)
• 5 response scanning patterns
• ~3 microsecond scanner pipeline latency
• 100 GitHub stars

Full changelog: https://github.com/luckyPipewrench/pipelock/blob/main/CHANGELOG.md

Install or upgrade:

go install github.com/luckyPipewrench/pipelock/cmd/pipelock@v0.2.0
# or
brew upgrade pipelock