How do I install guardian-cli?

guardian-cli is a Skill hosted on GitHub at https://github.com/zakirkun/guardian-cli. Visit the ImAiFox page at https://imaifox.com/boosters/zakirkun-guardian-cli-guardian-cli for the AI-ready install prompt you can copy directly into Claude Code, Cursor, or Windsurf.

How popular is guardian-cli?

guardian-cli has 1,486 GitHub stars and 312 forks. It is actively maintained with recent commits.

Is guardian-cli free?

Yes — guardian-cli is open source and free to use. The source code is publicly available on GitHub at https://github.com/zakirkun/guardian-cli.

Skill

guardian-cli

Name: guardian-cli
Author: zakirkun

by zakirkun

AI Summary

Each agent inherits from and uses a shared object that stores: All providers implement the same interface, making them interchangeable at runtime: Switch provider via or CLI flag.

Install

Copy this and paste it into Claude Code, Cursor, or any AI assistant:

I want to install the "guardian-cli" skill in my project.

Please run this command in my terminal:
# Install skill into your project
mkdir -p .claude/skills/guardian-cli && curl --retry 3 --retry-delay 2 --retry-all-errors -o .claude/skills/guardian-cli/SKILL.md "https://raw.githubusercontent.com/zakirkun/guardian-cli/main/SKILL.md"

Then restart Claude Code (or reload the window in Cursor) so the skill is picked up.

automation gemini-ai generative-ai pentest-tool testing security automation ai claude agent

Description

An enterprise-grade, AI-powered penetration testing automation CLI tool. Orchestrates multiple specialized AI agents (Planner, ToolAgent, Analyst, Reporter) backed by 4 AI providers (OpenAI, Claude, Gemini, OpenRouter) and 19 integrated security tools through YAML-defined workflows. Produces professional Markdown, HTML, or JSON security reports with full evidence capture and traceability.

1. Project Overview

Guardian (v2.0) is a Python 3.11+ CLI application that automates penetration testing workflows using a multi-agent AI system. It is designed for authorized security assessments only. ` guardian-cli/ ├── ai/ # AI provider integrations & prompt templates │ ├── providers/ # base_provider, openai, claude, gemini, openrouter │ └── prompt_templates/ ├── cli/ # CLI entry-point (Typer) & commands │ └── commands/ # init, scan, recon, analyze, report, workflow, ai, models ├── core/ # Multi-agent orchestration engine │ ├── agent.py # BaseAgent │ ├── planner.py # PlannerAgent – decides next test step │ ├── tool_agent.py # ToolAgent – selects & executes tools │ ├── analyst_agent.py # AnalystAgent – interprets tool output │ ├── reporter_agent.py # ReporterAgent – generates final reports │ ├── memory.py # PentestMemory, ToolExecution, Finding dataclasses │ └── workflow.py # WorkflowEngine – top-level orchestrator ├── tools/ # 19 security-tool wrappers (one Python file each) ├── workflows/ # YAML workflow definitions (8 built-in) ├── utils/ # logger, scope_validator, helpers ├── config/ # guardian.yaml configuration file ├── reports/ # Output directory for generated reports & session state └── docs/ # Guides (WORKFLOW_GUIDE, TOOLS_DEVELOPMENT_GUIDE, …) ` ---

5. Integrated Security Tools (19)

| Category | Tools | |---|---| | Network | nmap, masscan | | Web Recon | httpx, whatweb, wafw00f | | Subdomain / DNS | subfinder, amass, dnsrecon | | Vulnerability | nuclei, nikto, sqlmap, wpscan | | SSL/TLS | testssl, sslyze | | Content Discovery | gobuster, ffuf, arjun | | Security Analysis | xsstrike, gitleaks, cmseek | Each tool has a self-contained Python wrapper in tools/<toolname>.py that: • Builds the shell command from parameters • Executes it asynchronously (asyncio subprocess) • Returns {"success": bool, "command": str, "raw_output": str, "exit_code": int, "duration": float} Guardian works with a subset of tools available; the AI adapts based on what is installed. ---

2.1 Agent Pipeline

` Target Input │ ▼ WorkflowEngine.run_workflow() ──or── WorkflowEngine.run_autonomous() │ ├──► PlannerAgent.decide_next_action() — Strategic AI reasoning │ ├──► ToolAgent.execute_tool() — Runs the chosen security tool │ ├──► AnalystAgent.interpret_output() — Parses & links findings to executions │ └──► ReporterAgent.execute() — Generates markdown / HTML / JSON report ` Each agent inherits from BaseAgent and uses a shared PentestMemory object that stores: | Store | Class | Purpose | |---|---|---| | findings | Finding | Vulnerabilities discovered | | tool_executions | ToolExecution | Full command + raw output | | completed_actions | list[str] | Phase progress tracker | | current_phase | str | reconnaissance → scanning → analysis → reporting |

2.2 AI Provider Abstraction

All providers implement the same BaseProvider interface, making them interchangeable at runtime: | Provider | Env Var | Default Model | |---|---|---| | openai | OPENAI_API_KEY | gpt-4o | | claude | ANTHROPIC_API_KEY | claude-3-5-sonnet-20241022 | | gemini | GOOGLE_API_KEY | gemini-2.5-pro | | openrouter | OPENROUTER_API_KEY | anthropic/claude-3.5-sonnet | Switch provider via config/guardian.yaml or --provider CLI flag. ---

Discussion

0/2000

Loading comments...

Health Signals

MaintenanceCommitted 22d ago

● Active

Adoption1K+ stars on GitHub

1.5k ★ · Popular

DocsREADME + description

Well-documented

GitHub Signals

Stars1.5k

Forks312

Issues3

Updated22d ago

View on GitHub

No License

My Fox Den

Community Rating

Works With

Claude Code

Related Skills

Openclaw MCP Server

MCP Server

using-superpowers

Skill

finishing-a-development-branch

Skill

test-driven-development

Skill

View all Skills →