NOX logo NOX
Star

Capabilities

One scanner, full coverage, standard outputs.

NOX avoids tool sprawl by unifying detection, policy enforcement, and extension under one operating model. Every capability is deterministic, offline-capable, and CI-safe by default.

Detection Engine

  • 717 security rules (568 core + 149 plugin) across 5 analyzer suites
  • Secrets, AI security, IaC, dependencies, and data sensitivity in one scan
  • Deterministic execution with offline-first defaults
  • Rule configuration and severity overrides through .nox.yaml

AI Security (first-class)

  • Prompt injection at the call site (AI-PI-*, OWASP LLM01)
  • Embedding leakage when secrets / PII reach vector stores (LLM06)
  • Agent over-privilege when file_read + http_request share a context (LLM07)
  • Cross-file AI taint — request.json → service hop → chat.completions.create
  • MCP server hardening misconfigs (MCP-001..008)
  • Polyglot AIBOM v2.0 — every model invocation, auth env, and endpoint

Cosign-signed Marketplace

  • Sigstore keyless OIDC signatures on every official plugin release
  • Default trust policy refuses unsigned drops (fails closed)
  • Trust chain: cosign(checksums.txt) ⇒ tarball SHA ⇒ registry digest
  • Verified plugins promote to TrustCommunity without operator-managed keys
  • Optional Ed25519 signer keyring for enterprise-restricted environments

Manifest-driven plugins (.nox.yaml)

  • Declare plugins.required like dependencies in package.json
  • nox install fetches the pinned set, signature-verified
  • nox scan auto-installs missing required plugins on first run
  • plugins.trust_policy: default | enterprise | permissive
  • Per-project registry overrides for private plugin distribution

Standard Outputs

  • SARIF 2.1.0 for GitHub Code Scanning integration
  • CycloneDX and SPDX SBOM generation
  • Standalone HTML dashboard with dark theme and filtering
  • AI inventory JSON with connection graph and tool matrix
  • OpenVEX waiver support — fingerprint-pinned and rule-ID-matching

Policy and Governance

  • Fail/warn thresholds for CI policy gates
  • Baseline management for known findings and controlled suppression
  • GRC compliance across 12 frameworks (SOC2, ISO 27001, GDPR, FedRAMP L/M/H, HIPAA, PCI-DSS, NIST 800-53, NIST CSF, CIS v8, CMMC) via plugin
  • Inline suppressions with audit trail and expiry

Plugin Ecosystem

  • 32 plugins across 9 tracks with gRPC-based SDK
  • 6 published in the official registry, all Cosign-verified
  • Track-based architecture with explicit risk classification
  • Plugin scaffolding via nox plugin init

Agent-native via MCP

  • 10 read-only tools for AI agent integration
  • 5 MCP resources for artifact serving
  • Workspace allowlisting and output size limits
  • Sandboxed execution with rate limiting
  • Drop-in for Claude Desktop, Cursor, Continue, any MCP host

Developer Experience

  • Watch mode for continuous scanning during development
  • Pre-commit hooks and shell completions
  • Incremental scan cache with content-addressed SHA-256
  • Differential scanning with --changed-since for fast CI
  • nox bench --autocorpus — reproducible fire-rate vs. real LLM SDK repos

Supply Chain Security

  • Cosign keyless signing on the nox CLI itself + every plugin
  • SLSA Level 3 provenance attestation
  • Multi-platform builds (linux/darwin/windows × amd64/arm64)
  • Dependency confusion detection and artifact integrity verification