docs: update framework star counts to current values

[imran-siddique]

Dify 65K→133K, AutoGen 42K→55K, CrewAI 28K→46K, Semantic Kernel 24K→27K, LangGraph 24K→27K, Haystack 22K→24K, Agent Framework 7.6K→8K. Added OpenAI Agents SDK (20K), Google ADK (18K). Sorted descending.

[github-actions]

🤖 AI Agent: breaking-change-detector

🔍 API Compatibility Report

Summary

This pull request primarily updates documentation and introduces changes to package naming conventions (e.g., agent-os renamed to agent-os-kernel). While these changes affect installation instructions and references across the repository, they do not introduce any breaking changes to the public API of the packages. No functions, classes, or methods were removed, renamed, or had their signatures altered. Additionally, no changes were made to exception types, default values, or return types.

Findings

Severity	Package	Change	Impact
✅	agent-os	Package renamed to agent-os-kernel	No API-level breaking changes; downstream users need to update installation commands
✅	agent-compliance	Documentation updates	No breaking changes
✅	agent-runtime	Documentation updates	No breaking changes

Migration Guide

• For users of agent-os: Update installation commands from pip install agent-os to pip install agent-os-kernel. This is a naming convention change and does not affect the functionality or API of the package.
• For users referencing documentation: Ensure that any references to agent-os in your own documentation or scripts are updated to agent-os-kernel.

Conclusion

✅ No breaking changes were found in the public API. Downstream users should update their installation commands to reflect the new package name (agent-os-kernel).

[github-actions]

🤖 AI Agent: test-generator

The provided pull request primarily involves documentation updates, configuration changes, and some minor code modifications. It does not directly modify the file packages/agent-os/src/agent_os/cli/__init__.py. Therefore, no test coverage analysis is required for this file in this context. If you have specific questions or need analysis for another file or aspect of the pull request, please let me know!

[github-actions]

🤖 AI Agent: code-reviewer

Pull Request Review: docs: update framework star counts to current values

Summary

This pull request primarily updates documentation to reflect current star counts for various frameworks and introduces changes to package naming conventions (e.g., agent-os → agent-os-kernel). Additionally, it includes new CI workflows for link checking and modifies the OpenSSF Scorecard workflow permissions. Below is a detailed review of the changes.

---

🔴 CRITICAL

1. Potential Sandbox Escape in MCPAdapter

The MCPAdapter.handle_message method processes incoming JSON-RPC messages and applies governance checks. However, the governance logic is not fully visible in the provided diff. If the governance checks are improperly implemented or bypassed, this could lead to a sandbox escape or unauthorized actions by agents.

Actionable Recommendation:

• Ensure that the governance checks in handle_message are robust and comprehensive. Specifically:
  • Validate all incoming method and params fields against a whitelist.
  • Ensure that unknown tools or resources are denied by default.
  • Implement strict type validation for params using Pydantic models.
  • Add unit tests to simulate edge cases, such as malformed JSON-RPC requests or attempts to bypass governance.

2. Insecure Defaults in MCPAdapter

The MCPAdapter class appears to allow optional callbacks (on_block) and custom mappings (tool_mapping). If these are not properly validated, they could introduce vulnerabilities, such as allowing unauthorized tools or operations.

Actionable Recommendation:

• Validate tool_mapping against a strict schema before merging it with DEFAULT_MCP_MAPPING.
• Ensure that the on_block callback cannot be exploited to leak sensitive information or bypass governance.

---

🟡 WARNING

1. Breaking Change: Package Renaming

The renaming of agent-os to agent-os-kernel is a breaking change for users who rely on the previous package name. This affects installation commands, documentation, and CI/CD workflows.

Actionable Recommendation:

• Provide clear migration instructions in the release notes.
• Consider aliasing the old package name (agent-os) to the new one (agent-os-kernel) for backward compatibility, if feasible.

2. Workflow Permissions Update

The OpenSSF Scorecard workflow changes permissions from specific write scopes (security-events, id-token, etc.) to read-all. While this aligns with best practices for workflow-level permissions, it may inadvertently restrict functionality if job-level permissions are not properly configured.

Actionable Recommendation:

• Verify that job-level permissions are correctly scoped to allow necessary write operations (e.g., security-events).

---

💡 SUGGESTIONS

1. Link Checker Configuration

The new link-check.yml workflow uses lychee to check Markdown links. While this is a useful addition, the configuration excludes several domains (e.g., pypi.org, npmjs.com) due to rate-limiting issues.

Actionable Recommendation:

• Consider implementing retries with exponential backoff for excluded domains instead of outright exclusion.
• Periodically review the exclusion list to ensure it remains relevant.

2. Documentation Enhancements

The updated documentation includes regulatory alignment for the EU AI Act and Colorado AI Act. While this is valuable, it could benefit from additional details, such as links to official regulatory texts and examples of how the toolkit meets specific requirements.

Actionable Recommendation:

• Expand the "Regulatory Alignment" section with links to official documentation and practical examples.

3. Type Safety and Validation

The MCPAdapter class could benefit from stricter type safety and validation using Pydantic models for incoming JSON-RPC messages.

Actionable Recommendation:

• Define Pydantic models for MCP message types and validate incoming message objects against these models in handle_message.

4. Testing Coverage

The diff does not include updates to test cases for the renamed package (agent-os-kernel) or the MCP governance logic.

Actionable Recommendation:

• Add tests to ensure the renamed package is correctly referenced across all examples and CI/CD workflows.
• Simulate edge cases for MCP governance in unit tests.

5. Dependency Cleanup

The requirements.txt files contain references to non-existent or redundant packages (e.g., hashlib-compat).

Actionable Recommendation:

• Remove invalid dependencies and provide comments clarifying alternatives (e.g., hashlib is part of Python's standard library).

---

Final Assessment

Security

• 🔴 CRITICAL: Sandbox escape and insecure defaults in MCPAdapter.
• 🔴 CRITICAL: Governance logic in handle_message needs thorough review.

Breaking Changes

• 🟡 WARNING: Package renaming (agent-os → agent-os-kernel) impacts backward compatibility.

Improvements

• 💡 SUGGESTION: Enhance documentation, improve type safety, and update tests.

Recommendation

• Address critical security issues in MCPAdapter immediately.
• Provide migration guidance for the package rename.
• Expand testing coverage and documentation.

This pull request introduces valuable updates but requires further refinement to ensure security and backward compatibility.

[github-actions]

🤖 AI Agent: docs-sync-checker

📝 Documentation Sync Report

Issues Found

• ❌ MCPAdapter.handle_message(message: Dict[str, Any]) -> Dict[str, Any] in packages/agent-os/modules/control-plane/src/agent_control_plane/mcp_adapter.py — missing docstring for message parameter.
• ⚠️ packages/agent-os/README.md — The README file should be updated to reflect the renaming of agent-os to agent-os-kernel in the installation instructions.
• ⚠️ CHANGELOG.md — No entry for the renaming of agent-os to agent-os-kernel and the updated framework star counts in the README.
• ⚠️ packages/agent-os/examples/ — Several example files were updated to reflect the agent-os to agent-os-kernel renaming. Ensure all example documentation and code comments are consistent with this change.

Suggestions

• 💡 Add a detailed docstring for the message parameter in MCPAdapter.handle_message(message: Dict[str, Any]) -> Dict[str, Any). For example:

  Args:
      message (Dict[str, Any]): A dictionary representing the MCP JSON-RPC 2.0 message. It should contain the keys:
          - "jsonrpc" (str): The JSON-RPC version (e.g., "2.0").
          - "method" (str): The name of the method being invoked.
          - "params" (Dict[str, Any]): The parameters for the method.
          - "id" (str or int): The unique identifier for the request.

• 💡 Update the packages/agent-os/README.md file to replace all instances of pip install agent-os with pip install agent-os-kernel.
• 💡 Add an entry in CHANGELOG.md documenting the renaming of agent-os to agent-os-kernel and the updated framework star counts in the README.
• 💡 Review all example files in packages/agent-os/examples/ to ensure that any references to agent-os have been updated to agent-os-kernel and that the example code is consistent with the new package name.

Additional Notes

• The changes in this PR are primarily documentation updates and configuration changes, with some minor updates to code comments and examples. The renaming of agent-os to agent-os-kernel is a significant change and should be clearly documented in the CHANGELOG.md and all relevant documentation.
• The README.md has been updated with new framework star counts, but the addition of the "Regulatory Alignment" section should also be reviewed to ensure it aligns with the project's scope and goals.
• The MCPMessageType and MCPAdapter classes now have detailed docstrings, which is a positive improvement. However, the handle_message method's message parameter is missing a detailed explanation in its docstring.

Please address the identified issues and suggestions to ensure the documentation is fully in sync with the changes introduced in this PR. Let me know if you need further assistance!

[github-actions]

🤖 AI Agent: security-scanner

Security Analysis of the Pull Request

This pull request primarily involves documentation updates, dependency adjustments, and minor code refactoring. Below is the security analysis based on the specified criteria:

---

1. Prompt Injection Defense Bypass

Rating: 🔵 LOW

• Analysis: No changes in this PR directly affect prompt injection defenses. The changes are primarily related to documentation updates, dependency adjustments, and minor code refactoring.
• Recommendation: No action required.

---

2. Policy Engine Circumvention

Rating: 🔵 LOW

• Analysis: The changes do not introduce any new logic or modify existing policy enforcement mechanisms. The MCPAdapter class, which handles governance, has been updated with additional comments and documentation, but the core logic remains unchanged.
• Recommendation: No action required.

---

3. Trust Chain Weaknesses

Rating: 🔵 LOW

• Analysis: No changes in this PR affect SPIFFE/SVID validation, certificate pinning, or other trust chain mechanisms. The changes are limited to documentation and minor refactoring.
• Recommendation: No action required.

---

4. Credential Exposure

Rating: 🔵 LOW

• Analysis: No sensitive credentials or secrets are introduced or exposed in this PR. The changes are primarily related to documentation and dependency updates.
• Recommendation: No action required.

---

5. Sandbox Escape

Rating: 🔵 LOW

• Analysis: The changes do not introduce or modify any sandboxing mechanisms. The MCPAdapter class, which is responsible for governance, has not been altered in a way that would impact sandboxing.
• Recommendation: No action required.

---

6. Deserialization Attacks

Rating: 🔵 LOW

• Analysis: No changes in this PR involve deserialization or parsing of untrusted input. The MCPAdapter class handles JSON-RPC messages, but the logic for parsing and governance checks remains unchanged.
• Recommendation: No action required.

---

7. Race Conditions

Rating: 🔵 LOW

• Analysis: No changes in this PR introduce or modify concurrency mechanisms. The MCPAdapter class does not appear to have any new or modified code that could introduce time-of-check-to-time-of-use (TOCTOU) vulnerabilities.
• Recommendation: No action required.

---

8. Supply Chain

Rating: 🟠 HIGH

• Analysis: The PR includes changes to dependencies in requirements.txt files and updates to GitHub Actions workflows. Specifically:
  • zenpy is added as a replacement for zendesk-sdk. This change appears to be valid, as zendesk-sdk is not available on PyPI, and zenpy is the correct package for interacting with the Zendesk API.
  • freshdesk is added as a replacement for freshdesk-sdk. This change also appears valid, as freshdesk-sdk is not available on PyPI, and freshdesk is the correct package for interacting with the Freshdesk API.
  • hashlib-compat is removed from requirements.txt with a note that it is not a real package and that hashlib is part of Python's standard library. This is a positive change as it removes a potential dependency confusion risk.
  • The GitHub Actions workflows now pin specific commit SHAs for actions (actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 and lycheeverse/lychee-action@8646ba30535128ac92d33dfc9133794bfdd9b411). This is a best practice for supply chain security.
• Recommendation: While the changes appear to be improvements, it is recommended to verify the integrity and security of the newly added dependencies (zenpy and freshdesk) by:
  • Reviewing the source code of these packages for potential vulnerabilities.
  • Verifying the authenticity of the packages and their maintainers.
  • Monitoring for any known vulnerabilities in these packages.

---

Additional Observations

1. Documentation Updates:

   • The PR includes updates to documentation files to reflect changes in framework star counts and package names. These changes are non-functional and do not introduce security risks.

2. Renaming of agent-os to agent-os-kernel:

   • The package name agent-os has been renamed to agent-os-kernel across multiple files. This change appears to be a rebranding or restructuring effort and does not introduce any security risks.

3. MCPAdapter Class Documentation:

   • The MCPAdapter class has been updated with detailed docstrings and comments. This improves code readability and maintainability but does not impact the security posture.

---

Summary of Findings

Finding	Rating	Attack Vector	Recommendation
Prompt injection defense bypass	🔵 LOW	No changes related to prompt injection defenses.	No action required.
Policy engine circumvention	🔵 LOW	No changes to policy enforcement mechanisms.	No action required.
Trust chain weaknesses	🔵 LOW	No changes to SPIFFE/SVID validation or certificate pinning.	No action required.
Credential exposure	🔵 LOW	No credentials or secrets exposed.	No action required.
Sandbox escape	🔵 LOW	No changes to sandboxing mechanisms.	No action required.
Deserialization attacks	🔵 LOW	No changes involving deserialization of untrusted input.	No action required.
Race conditions	🔵 LOW	No changes to concurrency mechanisms.	No action required.
Supply chain	🟠 HIGH	New dependencies (zenpy, freshdesk) added; potential supply chain risk.	Verify the integrity and security of the new dependencies.

---

Final Recommendation

• Approve with Caution: While the changes in this PR are primarily documentation updates and dependency adjustments, the introduction of new dependencies (zenpy and freshdesk) warrants further scrutiny. Ensure these dependencies are from trusted sources and are free from known vulnerabilities before merging.